I have contacted my hosting provider.mjau-mjau wrote:(...)
Basically your mod_rewrite is not setup or working correctly, and this would explain previous issues also ...
Thanks Karl!
X3 Photo Gallery Support Forums
I have contacted my hosting provider.mjau-mjau wrote:(...)
Basically your mod_rewrite is not setup or working correctly, and this would explain previous issues also ...
I have changed all "FilesMatch" to "Files" in the .htaccess file, but the problem still exists."FilesMatch" directive is not supported by ideaWebServer. Please use "Files" instead.
Example, block access to all files, except jpg | gif | png:
<Files ~ "\.*">
Order allow,deny
Deny from all
</Files>
AllowOverride All
<Files ~ "\.(jpg|gif|png)">
Order allow,deny
Allow from all
</Files>
We did not find any problems with the the mod_rewrite module.
# Prevent access to various folders with exceptions
RewriteCond %{REQUEST_URI} !app/parsers/slir/ [NC]
RewriteRule (app|templates|extensions|scss|javascript-source) - [NC,F]
[Tue Nov 18 13:09:27 2014] [error] [client 37.60.208.56] SoftException in Application.cpp:249: File "/home/www/z101617/htdocs/app/parsers/slir/index.php" is writeable by group, referer: http://morgunov.ru/galleries/landscapes/
Try it?morgenius wrote:Karl. I've decided my problem by setting permissions of App folder to 755. It was 777
Everything is fine now.
Ok, but that is not related to any problems. The "filesmatch" rules in the htaccess are only used for minor fixes that only apply for very specific scenarios, and can be removed entirely if you want to. Furthermore, these rules are from the famous html5-boilerplate htaccess, and I never heard of a platform that doesn't support them.Artur wrote:They answer to me this:
"FilesMatch" directive is not supported by ideaWebServer. Please use "Files" instead.
The "FilesMatch" is not the problem.Artur wrote:I have changed all "FilesMatch" to "Files" in the .htaccess file, but the problem still exists.
Hmmm ... I would like to see that ... But try my suggestion above first!Artur wrote:All the images renders just fine if I remove these lines from .htaccess:Code# Prevent access to various folders with exceptions RewriteCond %{REQUEST_URI} !app/parsers/slir/ [NC] RewriteRule (app|templates|extensions|scss|javascript-source) - [NC,F]
Checked. No difference (I've checked different combinations of permissions)mjau-mjau wrote: Try it?
I thought so. But I just wanted to make sure of everythingmjau-mjau wrote: The "FilesMatch" is not the problem.
So, I just commented out these lines in .htaccess, you can check it now.mjau-mjau wrote: Hmmm ... I would like to see that ... But try my suggestion above first!
Yep, works flawlessly it seems. The lines you commented out are basically just added security precautions, and could remain commented out without any problems. I am not quite sure why it breaks specifically on your server, but if you don't mind, can you try a few things for me:Artur wrote:So, I just commented out these lines in .htaccess, you can check it now.
RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (app|templates|extensions) - [NC,F]
RewriteRule (templates|extensions) - [NC,F]
RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
# RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (app|templates|extensions) - [NC,F]
# RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (app|templates|extensions) - [NC,F]
# RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
# RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (templates|extensions) - [NC,F]
RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
# RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (app|templates|extensions) - [NC,F]
# RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
# RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (templates|extensions) - [NC,F]
# RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (app|templates|extensions) - [NC,F]
If that one above works, great! Keep that one then ... I will likely make it default. I was expecting only the one with BOTH top lines commented out to work, because it basically disables the feature. Strange how interchanging %{REQUEST_URI} with %{REQUEST_FILENAME} makes it work on your server!Artur wrote:...CodeRewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC] # RewriteCond %{REQUEST_URI} !app/parsers/slir [NC] RewriteRule (app|templates|extensions) - [NC,F]
These above works.
I am no expert with this stuff, and I wouldn't be able say anything negative about your server ... Could be these are smart and updated security implementations! What I don't like, is outdated servers running very old PHP versions, missing standard modules and deprecated safe_mode enabled.Artur wrote:Well... I've never had a single issue with that server (about 4 years), So it had to happen, a first issue.
Too hurrymjau-mjau wrote:Glad we solved it!
# RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
# RewriteCond %{REQUEST_URI} !app/parsers/slir [NC]
RewriteRule (templates|extensions) - [NC,F]
RewriteCond %{REQUEST_FILENAME} !app/parsers/slir [NC]
RewriteRule ^(app|templates|extensions)/ - [NC,F]
Notice: Undefined index: HTTP_MOD_DEFLATE in /usr/local/www/x3/check/index.php on line 915
Notice: Undefined index: HTTP_MOD_DEFLATE in /usr/local/www/x3/check/index.php on line 916