Tag Archives: Apache

Turn Your Box into a Dev Web Server

Posted by JustChecking on

To turn your box into a dev web server is pretty simple, yet I’ve seen people struggling with this over and over again, so here’s a simple TODO list.

I won’t go over the likes of Apache installation, VirtualHost setup, .htaccess settings, etc. as you can find these online very easily, and might be specific to the needs of your project.

Most of the time I see people using localhost:8080 and a myriad of other ports to work on several sites locally; but you might as well work on http://www.myproject.com locally in just 2 simple steps:

  • Create a VirtualHost in Apache which goes by “the name” http://www.myproject.com, by including the following within the definition: 
    <VirtualHost *:80>
    ServerName www.myproject.com
    DocumentRoot /var/www/myproject/
    # all the other options and definitions ...
</VirtualHost>
  • “Register” the domain name locally – simply add the following line to your /etc/hosts file (on Windows, this file is typically located under [Windows]/System32/Drivers/etc): 
    127.0.0.1    www.myproject.com

Now enable the VHost in Apache, restart Apache, and open http://www.myproject.com in the browser, and you’re ready to code off!

Note: The VHost name need not be a valid domain name – feel free to use myproject as ServerName and in /etc/hosts; just beware that some browsers will try to search for “myproject” instead of opening the local site. In such case, type in the whole http://myproject.

File and folder access management in Apache

Posted by JustChecking on

Restricting to localhost Access Only

To restrict access globally, all you have to do is to restrict access in httpd.conf in Apache’s conf directory.

First, locate the Directory settings for your htdocs directory (under Windows it’s e.g. C:/Apache2/htdocs, C:/Program Files/xampp/htdocs, etc., under Linux it’s e.g. /usr/htdocs, /usr/local/htdocs, /usr/local/www/htdocs, /usr/share/htdocs, etc.).

Then, you have to edit the Order subsection as follows (comments left out for readability):

<Directory "htdocs_path">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All</directory>

Order deny,allow
Deny from all
Allow from localhost
</Directory>

Note: Order of the Deny and Allow lines is important! – just guessing, but I think that Apache simply applies the rules one after another, and the output of last rule that applies to the IP is used.

It can be also sometimes useful to disallow overrides of settings; if needed, simply change AllowOverride All to AllowOverride None, to disallow override of settings using .htaccess files.

See Apache documentation for complete list of options; just like with Options, it’s recommended to list the settings explicitely in AllowOverride to know what exactly is allowed.

Restricting Access to Certain Files

Great example of how to do this is contained in the httpd.conf itself, but many people seem to somehow miss it there, so here it is:

# The following lines prevent .htaccess and .htpasswd files
# from being viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
</FilesMatch>

Of course, don’t forget to restart Apache after each edit of httpd.conf file, so it reloads the settings. Good luck!