LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   client denied by server configuration (https://www.linuxquestions.org/questions/linux-security-4/client-denied-by-server-configuration-263570/)

mscomputers 12-07-2004 05:58 AM
client denied by server configuration
 
I have a cgi script which allows users to upload a file to "upload" directory. set permissions 777 etc. From within my internal network the script work perfect.

From outside my network (internet) the upload portion of the script won't work.
http errorlog - "client denied by server configuration: /var/www/errorHTTP_INTERNAL_SERVER_ERROR.html.var"

I have checked httpd.conf and commonhttpd.conf I have the directory configured

<Directory /home/user/httpd/graphics/upload>
Options MultiViews -Indexes IncludesNoExec FollowSymLinks
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>

</Directory>

Any help would be appriciated, thanks

Mandrake 10.0

Apache-AdvancedExtranetServer/2.0.48 (Mandrake Linux/5mdk) mod_perl/1.99_11 Perl/v5.8.3 mod_ssl/2.0.48 OpenSSL/0.9.7c PHP/4.3.4 Server

ToniT 12-07-2004 07:04 AM
It is probably not that access to that directory is forbidden, but that running cgi scripts outside localhost might be forbidden. See the error-log of your apache as well as suexec.log.

Also, what does the script look like?

mscomputers 12-07-2004 07:49 AM
I will just post this portion or the script. The apache errorlog only shows what I posted previously.





if ($match_found ne "on") {
unlink("$upload_file");
&upload_no_match_error;
exit;
}

if ($upload_file_filename =~ /.*\.gif/i) {
unlink("$temp_dir/$number.gif");
rename($upload_file, "$temp_dir/$number.gif");
&imagesize("$temp_dir/$number.gif");
if (($image_width == 0) && ($image_height == 0))
{
unlink("$temp_dir/$number.gif");
&upload_invalid_gif_error;
exit;
}
elsif (($image_width > $max_image_width) || ($image_height > $max_image_height))
{
unlink("$temp_dir/$number.gif");
&upload_invalid_size_error;
exit;
}
else
{
unlink("$upload_path/$number.gif");
unlink("$upload_path/$number.jpg");
rename("$temp_dir/$number.gif", "$upload_path/$number.gif");

if ($os eq "unix") { chmod 0666, "$upload_path/$number.gif"; }
}
}

elsif ($upload_file_filename =~ /.*\.jpg/i) {
unlink("$temp_dir/$number.jpg");
rename($upload_file, "$temp_dir/$number.jpg");
&imagesize("$temp_dir/$number.jpg");
if (($image_width == 0) && ($image_height == 0))
{
unlink("$temp_dir/$number.jpg");
&upload_invalid_jpg_error;
exit;
}
elsif (($image_width > $max_image_width) || ($image_height > $max_image_height))
{
unlink("$temp_dir/$number.jpg");
&upload_invalid_size_error;
exit;
}
else
{
unlink("$upload_path/$number.gif");
unlink("$upload_path/$number.jpg");
rename("$temp_dir/$number.jpg", "$upload_path/$number.jpg");

if ($os eq "unix") { chmod 0666, "$upload_path/$number.jpg"; }
}
}

else { unlink("$upload_file");
&upload_format_error;
exit;
}

&successful_upload_message;

}

I don't have the other logfile to look at (using webmin)


All times are GMT -5. The time now is 02:07 AM.