Xampp Access Forbidden! (Help Needed)

O

overlord20

Gawd
Joined
Feb 5, 2010
Messages
623
Access forbidden!

New XAMPP security concept:

Access to the requested directory is only available from the local network.

This setting can be configured in the file "httpd-xampp.conf".

If you think this is a server error, please contact the webmaster.
Error 403
192.168.xxx.xxx
10/10/11 21:00:16
Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
Click to expand...

I get this error when attempting to access my site which is on a server in my home network. I have tried the many fixes found from googling and don't really have any idea how to access it. My last apache install bricked so I though I would try this and I can't seem to get it working.

httpd-xampp.conf Contents:

Code: 
# XAMPP settings
#

<IfModule env_module>
    SetEnv MIBDIRS "J:/Web/xampp/php/extras/mibs"
    SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
    SetEnv OPENSSL_CONF "J:/Web/xampp/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
    SetEnv PHPRC "\\xampp\\php"
    SetEnv TMP "\\xampp\\tmp"
</IfModule>

#
# PHP-Module setup
#
LoadFile "J:/Web/xampp/php/php5ts.dll"
LoadModule php5_module "J:/Web/xampp/php/php5apache2_2.dll"

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
#    SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
#    Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>


<IfModule php5_module>
    PHPINIDir "J:/Web/xampp/php"
</IfModule>

<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "J:/Web/xampp/php/"
<Directory "J:/Web/xampp/php">
    AllowOverride None
    Options None
    Order deny,allow
    Deny from all
    <Files "php-cgi.exe">
        Allow from all
    </Files>
</Directory>

<Directory "J:/Web/xampp/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "J:/Web/xampp/htdocs/xampp">
    <IfModule php5_module>
    	<Files "status.php">
    		php_admin_flag safe_mode off
    	</Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>
    Alias /security "J:/Web/xampp/security/htdocs/"
    <Directory "J:/Web/xampp/security/htdocs">
        <IfModule php5_module>
    		<Files "xamppsecurity.php">
    			php_admin_flag safe_mode off
    		</Files>
        </IfModule>
        AllowOverride AuthConfig
   </Directory>

    Alias /licenses "J:/Web/xampp/licenses/"
    <Directory "J:/Web/xampp/licenses">
        Options +Indexes
        <IfModule autoindex_color_module>
            DirectoryIndexTextColor  "#000000"
            DirectoryIndexBGColor "#f8e8a0"
            DirectoryIndexLinkColor "#bb3902"
            DirectoryIndexVLinkColor "#bb3902"
            DirectoryIndexALinkColor "#bb3902"
        </IfModule>
   </Directory>

    Alias /phpmyadmin "J:/Web/xampp/phpMyAdmin/"
    <Directory "J:/Web/xampp/phpMyAdmin">
        AllowOverride AuthConfig
    </Directory>

    Alias /webalizer "J:/Web/xampp/webalizer/"
    <Directory "J:/Web/xampp/webalizer">
        <IfModule php5_module>
    		<Files "webalizer.php">
    			php_admin_flag safe_mode off
    		</Files>
        </IfModule>
        AllowOverride AuthConfig
    </Directory>
</IfModule>

#
# New XAMPP security concept
#

# Close XAMPP security section here 
<LocationMatch "^/(?i:(?:security))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

# Close XAMPP sites here
<LocationMatch "^/(?i:(?:xampp|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
 
You need to change this section
Code: 
# Close XAMPP security section here 
<LocationMatch "^/(?i:(?:security))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

# Close XAMPP sites here
<LocationMatch "^/(?i:(?:xampp|licenses|phpmyadmin|webalizer|server-status|server-info))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
You are only allowing access from the machine it's installed on. You can either get rid of the section, or you can add more allow from lines. These sections are only protecting the main admin stuff though. You can add other pages and those should be accessible already, just not the built in admin stuff. Be sure you want them accessible from other machines before modifying these sections.
 
I tried this, but maybe I did it wrong.. Where do I add the ip's I want to have access?

I did it wrong.. I figured it out, thanks!
 
Just add another allow from line below the one there in each section
"Allow from 192.168.x.x" or whatever your IP happens to be.

You most likely either need to restart the service or do a reload after making the changes to the conf file.
 
I have another issue.. Can't access phpmyadmin haven't ran into this before either..

Access forbidden!

You don't have permission to access the requested directory. There is either no index document or the directory is read-protected.

If you think this is a server error, please contact the webmaster.
Error 403
192.168.xxx.xxx
10/10/11 21:25:18
Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8 mod_perl/2.0.4 Perl/v5.10.1
Click to expand...

Google sucks for this LOL.

Seems like XAMPP is setup to be on the developer machine apposed to a network server?
 
Last edited:
You must log in or register to reply here.
Back
Top