PDA

View Full Version : Apache: Allow connection to storage server?




xper
Aug 4, 2010, 05:00 PM
Hi!

I thought this would be a piece of cake actually but it seems i was wrong, i want to use my Mac Mini Server as a webserver (like i do now) but use a freeNAS server as my storage server for static file with my Mac Mini Server.

The problem is that Apache seems to block all connection to a server or storage for that matter, only folders on its on harddrive seems to be allowed.
If i choose to store documentroot on my other Mac Mini Server it instantly generates a Apache 403 error document.

What have i missed?



DoFoT9
Aug 4, 2010, 05:05 PM
you will most likely have to enable "Others" to have read and/or write permissions to your home drive - which is not recommended at all, i have no problems sharing files to friends via apache. i have created a folder and shared it.

if you are using client OSX, you generally only can share /Library/Web Documents/Documents/ - that is where the default mount point is for websites etc, if you have OSX Server you can manually specify (im sure you can change this using Terminal too).

xper
Aug 4, 2010, 05:22 PM
Maybe i missunderstood you now but it is the Webserver (Mac minis) that should connect to the storage server (freeNAS), not the other way around.

To clarify, i want the Mac Mini Server to act as the webserver, as it does now, and store all the files a user upload on my storage server.

belvdr
Aug 4, 2010, 08:17 PM
Whatever directory you mount the NAS under must have the correct permissions for Apache to access it. You can see what user and group Apache uses by examining the User and Group attributes in the httpd.conf file.

xper
Aug 4, 2010, 09:34 PM
Yes ofcourse, thank you ;)

Itīs always the small details that i always miss

Easiest way for me was to change user/group in the conf to admin/admin, any security risk to have it that simple? That pretty much auto permission to all folders on every computer i own, easy enough if its not a security issue

Edit:

I basically got it to work now but my php file upload script is pointing to /media/ but it still uploads the files to my document root, but when navigate to /media/ with the browser i end up on the freeNAS storage instead so the Alias is working but it doesnt upload the file to it. I have to manually move the uploaded files to my freeNAS folder and then the image works on the homepage

My virtual host looks like this:


Alias "/media/" "/Volumes/Storage-1/www/synix/"
ServerName www.synix.se:80
DocumentRoot "/Users/admin/Sites/Synix/sv"
<Directory "/Users/admin/Sites/Synix/sv">
Allow from all
<IfModule mod_dav.c>
DAV Off
</IfModule>
AllowOverride All
Options +FollowSymLinks +ExecCGI +Indexes +Includes
Order allow,deny
</Directory>
<Directory "/Volumes/Storage-1/www/synix/">
Allow from all
<IfModule mod_dav.c>
DAV Off
</IfModule>
AllowOverride All
Options +FollowSymLinks +ExecCGI +Indexes +Includes
Order allow,deny
</Directory>

belvdr
Aug 5, 2010, 07:18 AM
You don't want to set the user/group to admin:admin. Any visitor of your web site only has to make a small exploit and they could own the machine and all data. It's just not wise.

For the upload, your PHP script is the culprit. It has to upload the file to /media instead of /. You verified this by browsing to /media and seeing the files, so that proves the httpd.conf is correct. Additionally, the daemon doesn't control what the PHP script does in respect to where uploads are occurring. That's all done within the script itself.

Also, you should restrict the permissions on those Apache directories:

Options +FollowSymLinks +ExecCGI +Indexes +Includes

That's just asking for trouble.

xper
Aug 5, 2010, 07:40 AM
Ah ok thanks, i will fix those security issues as soon as possible, just want to make the uploads works properly first.

Well, i can navigate to the /media/ folder in the browser, no problem, and the PHP upload script is set to use the folder /media/ but instead of it following the alias and directory it creates a new /media/ folder in the root every time i make an upload, i am not good at Apache as you notice but shouldnt it use the new path for /media/ now?

belvdr
Aug 5, 2010, 08:03 AM
If the PHP script is using the directory path (not the URL path), then you'd need to specify the full filesystem path in your script:

/Volumes/Storage-1/www/synix/

xper
Aug 5, 2010, 08:33 AM
Forgive me, the symlink i made wasnt correct so obviously it didnt work, i could use the code you provided but this platform is made to work on various server setups so it would break on those system.

Also, the php script can fetch its own URL base so subdomains could be used, pretty great because the webserver is almost down at idle now, pretty nice performance boost.

Thanks for all your help ;)