i have apache2 (Server version: Apache/2.4.7 (Ubuntu) Server built: Mar 10 2015 13:05:59), mysql and phpmyadmin.
While accessing php file by http://localhost/ or http://ipaddress
It shows up source code instead of executing.
Ubuntu 14.04 LTS
Apache2lamplocalhost
i have apache2 (Server version: Apache/2.4.7 (Ubuntu) Server built: Mar 10 2015 13:05:59), mysql and phpmyadmin.
While accessing php file by http://localhost/ or http://ipaddress
It shows up source code instead of executing.
Ubuntu 14.04 LTS
Create a link in /var/www
like this:
sudo ln -s /usr/share/phpmyadmin /var/www/
Note: since 14.04 you may want to use /var/www/html/
instead of /var/www/
If that's not working for you, you need to include PHPMyAdmin inside apache configuration.
Open apache.conf
using your favorite editor, mine is vim
:)
sudo vim /etc/apache2/apache2.conf
Then add the following line:
Include /etc/phpmyadmin/apache.conf
For Ubuntu 15.04 and 16.04
sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-available/phpmyadmin.conf
sudo a2enconf phpmyadmin.conf
sudo service apache2 reload
127.0.0.1 localhost
127.0.0.1 test-site
127.0.1.1 my-hostname
# The following lines are desirable for IPv6 capable hosts. etc...
Where test-site
is the second "localhost". And my-hostname
is the "System hostname" defined in /etc/hostname
.
There is a default HTTP VH. It's placed in /etc/apache2/sites-available/
. The filename is 000-default.conf
. You have to edit it (you can rename it, if you want, or make some other .conf files, based on it) and after that you have to enable it.
You can enable it manually through creation of "soft, symbolic link":
sudo ln -s /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-enabled/
Or you can use Apache2 tool called a2ensite, which make the same:
sudo a2ensite 000-default.conf
Let's assume there has 3 Virtual Hosts, enabled SSL, and registered private domain (SOS.info for an example):
/etc/apache2/sites-available/http.SOS.info.conf
/etc/apache2/sites-available/https.SOS.info.conf
And one which is created for the purposes of this topic:
/etc/apache2/sites-available/http.test-site.conf
The content of First 2 VHs is:
$ cat /etc/apache2/sites-available/
http.SOS.info.conf
<VirtualHost *:80>
ServerName SOS.info
ServerAlias www.SOS.info
ServerAdmin admin@SOS.info
# Redirect Requests to SSL
Redirect permanent "/" "https://SOS.info/"
ErrorLog ${APACHE_LOG_DIR}/http.SOS.info.error.log
CustomLog ${APACHE_LOG_DIR}/http.SOS.info.access.log combined
</VirtualHost>
This one redirects all HTTP requests to HTTPS.
$ cat /etc/apache2/sites-available/
https.SOS.info.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName SOS.info
ServerAlias www.SOS.info
ServerAdmin admin@SOS.info
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/ssl/certs/SOS.info.crt
SSLCertificateKeyFile /etc/ssl/private/SOS.info.key
SSLCertificateChainFile /etc/ssl/certs/SOS.info.root-bundle.crt
#etc..
</VirtualHost>
</IfModule>
This is the HTTPS VH.
The content of these two files can be posted in one file, but in this case their management (a2ensite
/a2dissite
)will be more difficult.
The third Virtual Host is that, which is created for our purposes:
$ cat /etc/apache2/sites-available/
http.test-site.conf
<VirtualHost *:80>
ServerName test-site
ServerAlias test-site.SOS.info
DocumentRoot /var/www/test-site
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/test-site.error.log
CustomLog ${APACHE_LOG_DIR}/test-site.access.log combined
<Directory /var/www/test-site>
# Allow .htaccess
AllowOverride All
Allow from All
</Directory>
</VirtualHost>
http://localhost # pointed to the directory of the mine Domain
https://localhost # iin our case: /var/www/html (SOS.info), but you should get an error, because the SSL certificate
http://SOS.info # which redirects to https://SOS.info
https://SOS.info # you should have valid SSL certificate
http://www.SOS.info # which is allied to http://SOS.info and redirects to https://SOS.info
https://www.SOS.info # which is allied to https://SOS.info
On the main example you should access and:
http://test-site # pointed to the directory /var/www/test-site
http://test-site.SOS.info # which is allied to http://test-site
Try to open the site in the web browser or just try (in the terminal) with next commands:
$ curl -L http://test-site/index.html
$ curl -L http://test-site.SOS.info/index.html
Of course, you need to have some index.html
pages in their DocumentRoot :)
I will leave next notes by reason of pedantry :)
Ii is good idea to spend some time to improve your server's security. These manuals are about the security configuration: 1st and 2nd. Here you can get free SSL certificate. These sites will help you to check your progress: 1st and 2nd.
According to above security manuals /etc/apache2/apache2.conf
file must looks like:
Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
Timeout 60
#KeepAlive Off
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options None FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/>
Options None FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
# Hide Server type in the http error-pages
ServerSignature Off
ServerTokens Prod
# Etag allows remote attackers to obtain sensitive information
FileETag None
# Disable Trace HTTP Request
TraceEnable off
# Set cookie with HttpOnly and Secure flag.
# a2enmod headers
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
# Clickjacking Attack
Header always append X-Frame-Options SAMEORIGIN
# CX-XSS Protection
Header set X-XSS-Protection "1; mode=block"
# Disable HTTP 1.0 Protocol
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1.1$
RewriteRule .* - [F]
# Change the server banner @ ModSecurity
# Send full server signature so ModSecurity can alter it
ServerTokens Full
# Alter the web server signature sent by Apache
<IfModule security2_module>
SecServerSignature "Apache 1.3.26"
</IfModule>
Header set Server "Apache 1.3.26"
Header unset X-Powered-By
# Hde TCP Timestamp
# gksu gedit /etc/sysctl.conf
# >> net.ipv4.tcp_timestamps = 0
# Test: sudo hping3 SOS.info -p 443 -S --tcp-timestamp -c 1
# Disable -SSLv2 -SSLv3 and weak Ciphers
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
To allow/deny external access to your web server you can use UFW (Uncomplicated Firewall):
sudo ufw allow http
sudo ufw allow https
To allow only tcp
protocol use:
sudo ufw allow http/tcp
sudo ufw allow https/tcp
You can use and the port number directly:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
Just in case you can reload the "rules table":
sudo ufw reload
You can use and UFW's GUI interface, called gufw.
sudo apt update
sudo apt install gufw
gufw &
Choice the Office
profile. It will set: Status:ON
, Incoming:Deny
and Outgoing:Allow
and add your rules.
If you have a router and you want your web server to be accessible from Internet, don’t forget to add some port forwarding. Something like this.
Best Answer
I can think of 3 possibilities:
You don't have PHP installed. In that case run:
You have PHP installed but not enabled. You can try running:
You have PHP installed and enabled but you haven't restarted apache.