httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "--[ UxBoD ]--" <ux...@splatnix.net>
Subject Re: [users@httpd] Chroot a virtual host
Date Wed, 20 Apr 2011 09:55:00 GMT
----- Original Message -----
> Hi,
> 
> I have noticed that when running Joomla, or in-fact any browsing
> capable PHP code, I am able to navigate above my virtual host
> document root and look at other virtual host files.
> 
> How would one stop this ? I have taken a look at mod_chroot but that
> does not seem to work as ChrootDir can only be used in the main
> configuration and not in the VirtualHost directive.
> 
> For reference I am running Apache 2.2.17.

I have tried to create a second instance of HTTP, running on port 8080, using the following
conf:

LoadModule chroot_module      modules/mod_chroot.so
LoadModule headers_module     modules/mod_headers.so
LoadModule rewrite_module     modules/mod_rewrite.so
LoadModule expires_module     modules/mod_expires.so
LoadModule auth_basic_module  modules/mod_auth_basic.so
LoadModule php5_module        modules/libphp5.so
LoadModule deflate_module     modules/mod_deflate.so

LoadFile /lib64/libnss_dns.so.2

AddHandler php5-script php

Listen 8080

ChrootDir    /www/somevhost.co.uk
ServerRoot   /
DocumentRoot /htdocs

RequestHeader Set Host www.somevhost.co.uk
PidFile /var/run/apache2.pid
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

User somevhost.co.uk
Group somevhost.co.uk

HostnameLookups Off
LogLevel warn

ErrorLog  /logs/error.log
CustomLog /logs/access.log combined

<IfModule dir_module>
    DirectoryIndex index.html index.php
</IfModule>

AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

<Directory /htdocs>
    Order deny,allow
    Allow from all
    AllowOverride All
</Directory>

Though when I run :-

/usr/local/apache/bin/httpd -f /www/somevhost.co.uk/conf/apache2.conf -k start

it complains that it cannot find the DocumentRoot directory which would suggest that the Chroot
is not taking place.  If I use absolute paths then HTTPD does indeed  start but a phpinfo()
returns the path as being /www/somevhost.co.uk/htdocs instead of /htdocs.

Any ideas what I could be doing wrong please ?
-- 
Thanks, Phil
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
    • Unnamed multipart/related (inline, None, 0 bytes)
View raw message