Wrong website loaded when other requested

Discussion in 'Python' started by Îικόλαος ΚοÏÏας, Jun 12, 2013.

  1. ======================
    RewriteEngine Off
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^/?(.+\.html) /cgi-bin/metrites.py?file=%{REQUEST_FILENAME}
    [L,PT,QSA]
    ======================

    Code:
    file = form.getvalue('file')
    page = form.getvalue('page')
    
    if not page and os.path.exists( file ):
    # it is an html template
    page = file.replace( '/home/dauwin/public_html/', '' )
    elif page or form.getvalue('show'):
    # it is a python script
    page = page..replace( '/home/dauwin/public_html/cgi-bin/', '' )
    else:
    #when everything else fails fallback
    page = "index.html"
    
    .....
    .....
    
    if page.endswith('.html'):
    with open( '/home/dauwin/public_html/' + page, encoding='utf-8' ) as f:
    htmlpage = f.read()
    htmlpage = htmlpage % (quote, music)
    template = htmlpage + counter
    elif page.endswith('.py'):
    pypage = subprocess.check_output( '/home/dauwin/public_html/cgi-bin/'
    + page )
    pypage = pypage.decode('utf-8').replace( 'Content-type: text/html;
    charset=utf-8', '' )
    template = pypage + counter
    
    print( template )
    
    Everything as you see point to 'dauwin' username, yet the error still says:

    Code:
    [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]   File
    "/home/nikos/public_html/cgi-bin/metrites.py", line 219, in <module>,
    referer: http://superhost.gr/
    [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]     with open(
    '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:, referer:
    http://superhost.gr/
    [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    \\u03c5\\u03c0\\u03ac\\u03c1\\u03c7\\u03b5\\u03b9
    \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    '/home/nikos/public_html//home/dauwin/public_html/index.html', referer:
    http://superhost.gr/
    

    Why is pointing to /home/nikos isntead of /home/dauwin ?

    this is what a smash my head to the wall to understand.
     
    Îικόλαος ΚοÏÏας, Jun 12, 2013
    #1
    1. Advertising

  2. What i mean is the the python.cgi script supposed to be executed was

    "/home/dauwin/public_html/cgi-bin/metrites.py"

    but instead for this to load for some reason

    File "/home/nikos/public_html/cgi-bin/metrites.py"


    But this is crazy.
    I hit to the browser 'http://superhost.gr/~dauwin' and not
    'http://superhost.gr'

    dauwin and nikos are 2 different usernames belonging to 2 different
    cPanel accounts.
     
    Îικόλαος ΚοÏÏας, Jun 12, 2013
    #2
    1. Advertising

  3. On Thu, Jun 13, 2013 at 3:33 AM, Íéêüëáïò Êïýñáò <> wrote:
    > Why is pointing to /home/nikos isntead of /home/dauwin ?


    Why is question pointing to isntead [sic] of
    your home town and some paid support?

    ChrisA
     
    Chris Angelico, Jun 12, 2013
    #3
  4. On Wed, Jun 12, 2013 at 1:33 PM, Îικόλαος ΚοÏÏας <>wrote:

    > ======================
    > RewriteEngine Off
    > RewriteCond %{REQUEST_FILENAME} -f
    > RewriteRule ^/?(.+\.html) /cgi-bin/metrites.py?file=%{**REQUEST_FILENAME}
    > [L,PT,QSA]
    > ======================
    >
    >
    Code:
    > file = form.getvalue('file')
    > page = form.getvalue('page')
    >
    > if not page and os.path.exists( file ):
    >         # it is an html template
    >         page = file.replace( '/home/dauwin/public_html/', '' )
    > elif page or form.getvalue('show'):
    >         # it is a python script
    >         page = page..replace( '/home/dauwin/public_html/cgi-**bin/', '')
    > else:
    >         #when everything else fails fallback
    >         page = "index.html"
    >
    > ....
    > ....
    >
    >         if page.endswith('.html'):
    >                 with open( '/home/dauwin/public_html/' + page,
    > encoding='utf-8' ) as f:
    >                         htmlpage = f.read()
    >                 htmlpage = htmlpage % (quote, music)
    >                 template = htmlpage + counter
    >         elif page.endswith('.py'):
    >                 pypage = subprocess.check_output(
    > '/home/dauwin/public_html/cgi-**bin/' + page )
    >                 pypage = pypage.decode('utf-8').**replace( 'Content-type:
    > text/html; charset=utf-8', '' )
    >                 template = pypage + counter
    >
    >         print( template )
    > 
    >
    > Everything as you see point to 'dauwin' username, yet the error still says:
    >
    >
    Code:
    > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]   File
    > "/home/nikos/public_html/cgi-**bin/metrites.py", line 219, in <module>,
    > referer: http://superhost.gr/
    > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]     with open(
    > '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:, referer:
    > http://superhost.gr/
    > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    > \\u03c5\\u03c0\\u03ac\\u03c1\\**u03c7\\u03b5\\u03b9
    > \\u03c4\\u03ad\\u03c4\\u03bf\\**u03b9\\u03bf
    > \\u03b1\\u03c1\\u03c7\\u03b5\\**u03af\\u03bf \\u03ae
    > \\u03ba\\u03b1\\u03c4\\u03ac\\**u03bb\\u03bf\\u03b3\\u03bf\\**u03c2:
    > '/home/nikos/public_html//**home/dauwin/public_html/index.**html',
    > referer: http://superhost.gr/
    > 
    >
    >
    > Notice that you have the file path you want concatenated to your

    /home/nikos/... stuff in the line above. Look in your code to find out
    why. Fix that. Lather, rinse, repeat

    > Why is pointing to /home/nikos isntead of /home/dauwin ?
    >
    > this is what a smash my head to the wall to understand.
    > --
    > http://mail.python.org/**mailman/listinfo/python-list<http://mail.python.org/mailman/listinfo/python-list>
    >




    --
    Joel Goldstick
    http://joelgoldstick.com
     
    Joel Goldstick, Jun 12, 2013
    #4
  5. On 12/6/2013 11:35 μμ, Joel Goldstick wrote:
    >
    >
    >
    > On Wed, Jun 12, 2013 at 1:33 PM, Îικόλαος ΚοÏÏας <
    > <mailto:>> wrote:
    >
    > ======================
    > RewriteEngine On
    > RewriteCond %{REQUEST_FILENAME} -f
    > RewriteRule ^/?(.+\.html)
    > /cgi-bin/metrites.py?file=%{__REQUEST_FILENAME} [L,PT,QSA]
    > ======================
    >
    >
    Code:
    >     file = form.getvalue('file')
    >     page = form.getvalue('page')
    >
    >     if not page and os.path.exists( file ):
    >              # it is an html template
    >              page = file.replace( '/home/dauwin/public_html/', '' )
    >     elif page or form.getvalue('show'):
    >              # it is a python script
    >              page = page..replace(
    >     '/home/dauwin/public_html/cgi-__bin/', '' )
    >     else:
    >              #when everything else fails fallback
    >              page = "index.html"
    >
    >     ....
    >     ....
    >
    >              if page.endswith('.html'):
    >                      with open( '/home/dauwin/public_html/' + page,
    >     encoding='utf-8' ) as f:
    >                              htmlpage = f.read()
    >                      htmlpage = htmlpage % (quote, music)
    >                      template = htmlpage + counter
    >              elif page.endswith('.py'):
    >                      pypage = subprocess.check_output(
    >     '/home/dauwin/public_html/cgi-__bin/' + page )
    >                      pypage = pypage.decode('utf-8').__replace(
    >     'Content-type: text/html; charset=utf-8', '' )
    >                      template = pypage + counter
    >
    >              print( template )
    >     
    >
    > Everything as you see point to 'dauwin' username, yet the error
    > still says:
    >
    >
    Code:
    >     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]   File
    >     "/home/nikos/public_html/cgi-__bin/metrites.py", line 219, in
    >     <module>, referer: http://superhost.gr/
    >     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]     with
    >     open( '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:,
    >     referer: http://superhost.gr/
    >     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    >     FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    >     \\u03c5\\u03c0\\u03ac\\u03c1\\__u03c7\\u03b5\\u03b9
    >     \\u03c4\\u03ad\\u03c4\\u03bf\\__u03b9\\u03bf
    >     \\u03b1\\u03c1\\u03c7\\u03b5\\__u03af\\u03bf \\u03ae
    >     \\u03ba\\u03b1\\u03c4\\u03ac\\__u03bb\\u03bf\\u03b3\\u03bf\\__u03c2:
    >     '/home/nikos/public_html//__home/dauwin/public_html/index.__html',
    >     referer: http://superhost.gr/
    >     
    >
    >
    > Notice that you have the file path you want concatenated to your
    > /home/nikos/... stuff in the line above. Look in your code to find out
    > why. Fix that. Lather, rinse, repeat


    In my source code as seen above i mention nowhere for '/home/nikos/' but
    instead for '/home/dauwin/'

    That error message makes me come to conclusion that metrites.py script
    is running from user's nikos' cgi-bin:

    /home/nikos/public_html/cgi-bin/metrites.py

    instead of:

    /home/dauwin/public_html/cgi-bin/metrites.py

    I wonder why.
    I mean iam sayign it clearly

    with open( '/home/dauwin/public_html/' + page,

    and the error says:

    [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173] with
    > open( '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:,
    > referer: http://superhost.gr/


    What happens when i give http://superhost.gr/~dauwin

    Why home/nikos/public_html/cgi-bin/metrites.py seems to be the scritp
    that always run?

    That should have run when i browser: 'http://superhost.gr' and not when
    i browse 'http://superhost.gr/~dauwin'

    Please help. A client wanst to utilize my metrites.py script because he
    lieks the way that has a seperate counter for each html page and the way
    the log is presented in an html table like form.
    Of course i will give it it to him for free.
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #5
  6. On 12/06/2013 21:19, Chris Angelico wrote:
    > On Thu, Jun 13, 2013 at 3:33 AM, Íéêüëáïò Êïýñáò <> wrote:
    >> Why is pointing to /home/nikos isntead of /home/dauwin ?

    >
    > Why is question pointing to isntead [sic] of
    > your home town and some paid support?
    >
    > ChrisA
    >


    Surely support at superhost dot greece should be able to sort all this out?

    --
    "Steve is going for the pink ball - and for those of you who are
    watching in black and white, the pink is next to the green." Snooker
    commentator 'Whispering' Ted Lowe.

    Mark Lawrence
     
    Mark Lawrence, Jun 13, 2013
    #6
  7. On 13/6/2013 9:41 πμ, Îικόλαος ΚοÏÏας wrote:
    > On 12/6/2013 11:35 μμ, Joel Goldstick wrote:
    >>
    >>
    >>
    >> On Wed, Jun 12, 2013 at 1:33 PM, Îικόλαος ΚοÏÏας <
    >> <mailto:>> wrote:
    >>
    >> ======================
    >> RewriteEngine On
    >> RewriteCond %{REQUEST_FILENAME} -f
    >> RewriteRule ^/?(.+\.html)
    >> /cgi-bin/metrites.py?file=%{__REQUEST_FILENAME} [L,PT,QSA]
    >> ======================
    >>
    >>
    Code:
    >>     file = form.getvalue('file')
    >>     page = form.getvalue('page')
    >>
    >>     if not page and os.path.exists( file ):
    >>              # it is an html template
    >>              page = file.replace( '/home/dauwin/public_html/', '' )
    >>     elif page or form.getvalue('show'):
    >>              # it is a python script
    >>              page = page..replace(
    >>     '/home/dauwin/public_html/cgi-__bin/', '' )
    >>     else:
    >>              #when everything else fails fallback
    >>              page = "index.html"
    >>
    >>     ....
    >>     ....
    >>
    >>              if page.endswith('.html'):
    >>                      with open( '/home/dauwin/public_html/' + page,
    >>     encoding='utf-8' ) as f:
    >>                              htmlpage = f.read()
    >>                      htmlpage = htmlpage % (quote, music)
    >>                      template = htmlpage + counter
    >>              elif page.endswith('.py'):
    >>                      pypage = subprocess.check_output(
    >>     '/home/dauwin/public_html/cgi-__bin/' + page )
    >>                      pypage = pypage.decode('utf-8').__replace(
    >>     'Content-type: text/html; charset=utf-8', '' )
    >>                      template = pypage + counter
    >>
    >>              print( template )
    >>     
    >>
    >> Everything as you see point to 'dauwin' username, yet the error
    >> still says:
    >>
    >>
    Code:
    >>     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]   File
    >>     "/home/nikos/public_html/cgi-__bin/metrites.py", line 219, in
    >>     <module>, referer: http://superhost.gr/
    >>     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]     with
    >>     open( '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:,
    >>     referer: http://superhost.gr/
    >>     [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    >>     FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    >>     \\u03c5\\u03c0\\u03ac\\u03c1\\__u03c7\\u03b5\\u03b9
    >>     \\u03c4\\u03ad\\u03c4\\u03bf\\__u03b9\\u03bf
    >>     \\u03b1\\u03c1\\u03c7\\u03b5\\__u03af\\u03bf \\u03ae
    >>     \\u03ba\\u03b1\\u03c4\\u03ac\\__u03bb\\u03bf\\u03b3\\u03bf\\__u03c2:
    >>     '/home/nikos/public_html//__home/dauwin/public_html/index.__html',
    >>     referer: http://superhost.gr/
    >>     
    >>
    >>
    >> Notice that you have the file path you want concatenated to your
    >> /home/nikos/... stuff in the line above. Look in your code to find out
    >> why. Fix that. Lather, rinse, repeat

    >
    > In my source code as seen above i mention nowhere for '/home/nikos/' but
    > instead for '/home/dauwin/'
    >
    > That error message makes me come to conclusion that metrites.py script
    > is running from user's nikos' cgi-bin:
    >
    > /home/nikos/public_html/cgi-bin/metrites.py
    >
    > instead of:
    >
    > /home/dauwin/public_html/cgi-bin/metrites.py
    >
    > I wonder why.
    > I mean iam sayign it clearly
    >
    > with open( '/home/dauwin/public_html/' + page,
    >
    > and the error says:
    >
    > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173] with
    > > open( '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:,
    > > referer: http://superhost.gr/

    >
    > What happens when i give http://superhost.gr/~dauwin
    >
    > Why home/nikos/public_html/cgi-bin/metrites.py seems to be the scritp
    > that always run?
    >
    > That should have run when i browser: 'http://superhost.gr' and not when
    > i browse 'http://superhost.gr/~dauwin'
    >
    > Please help. A client wanst to utilize my metrites.py script because he
    > lieks the way that has a seperate counter for each html page and the way
    > the log is presented in an html table like form.
    > Of course i will give it it to him for free.



    Please suggest something of why this happnes.
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #7
  8. On Fri, Jun 14, 2013 at 12:23 AM, Íéêüëáïò Êïýñáò <> wrote:
    > Please suggest something of why this happnes.


    You remind me of George.

    http://www.chroniclesofgeorge.com/

    ChrisA
     
    Chris Angelico, Jun 13, 2013
    #8
  9. Andreas Perstinger, Jun 13, 2013
    #9
  10. On Fri, Jun 14, 2013 at 12:54 AM, Andreas Perstinger
    <> wrote:
    > On 13.06.2013 16:23, Íéêüëáïò Êïýñáò wrote:
    >>
    >> Please suggest something of why this happnes.

    >
    >
    > That's not a Python problem.
    >
    > BTW both scripts at
    > http://superhost.gr/~dauwin/metrites.py
    > and at
    > http://superhost.gr/~dauwin/cgi-bin/metrites.py
    > show the world the passwords to your databases in plain text.


    See, that's the kind of thing that means you can't give out even
    read-only access to your server. Does this mean anything to you Nikos?

    ChrisA
     
    Chris Angelico, Jun 13, 2013
    #10
  11. So Nick, I am top posting because I don't think you read your replies. I
    replied yesterday.

    Read this line below. Read the line below. READ it. READ IT.. each
    letter. READ it:

    [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    \\u03c5\\u03c0\\u03ac\\u03c1\\
    >
    > u03c7\\u03b5\\u03b9 \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    > \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    > \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    > '/home/nikos/public_html//home/dauwin/public_html/index.html', referer:
    > http://superhost.gr/
    > [/code]
    >

    DO YOU SEE THIS PART:
    '/home/nikos/public_html//home/dauwin/public_html/index.html', referer:
    http://superhost.gr/

    Do you see that it prepends your nikos path the your dauwin path and file
    name. It isn't replacing one with the other. Somewhere in your SFBI mess
    of code you perhaps have set the nikos path as the start of a filename.
    Check that out


    DID YOU READ THIS? DID YOU THINK ABOUT IT. Also look up SFBI. It is a
    good name for you

    > [/code]
    >




    On Wed, Jun 12, 2013 at 4:35 PM, Joel Goldstick <>wrote:

    >
    >
    >
    > On Wed, Jun 12, 2013 at 1:33 PM, Îικόλαος ΚοÏÏας <>wrote:
    >
    >> ======================
    >> RewriteEngine Off
    >> RewriteCond %{REQUEST_FILENAME} -f
    >> RewriteRule ^/?(.+\.html) /cgi-bin/metrites.py?file=%{**REQUEST_FILENAME}
    >> [L,PT,QSA]
    >> ======================
    >>
    >>
    Code:
    >> file = form.getvalue('file')
    >> page = form.getvalue('page')
    >>
    >> if not page and os.path.exists( file ):
    >>         # it is an html template
    >>         page = file.replace( '/home/dauwin/public_html/', '' )
    >> elif page or form.getvalue('show'):
    >>         # it is a python script
    >>         page = page..replace( '/home/dauwin/public_html/cgi-**bin/', '' )
    >> else:
    >>         #when everything else fails fallback
    >>         page = "index.html"
    >>
    >> ....
    >> ....
    >>
    >>         if page.endswith('.html'):
    >>                 with open( '/home/dauwin/public_html/' + page,
    >> encoding='utf-8' ) as f:
    >>                         htmlpage = f.read()
    >>                 htmlpage = htmlpage % (quote, music)
    >>                 template = htmlpage + counter
    >>         elif page.endswith('.py'):
    >>                 pypage = subprocess.check_output(
    >> '/home/dauwin/public_html/cgi-**bin/' + page )
    >>                 pypage = pypage.decode('utf-8').**replace(
    >> 'Content-type: text/html; charset=utf-8', '' )
    >>                 template = pypage + counter
    >>
    >>         print( template )
    >> 
    >>
    >> Everything as you see point to 'dauwin' username, yet the error still
    >> says:
    >>
    >>
    Code:
    >> [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]   File
    >> "/home/nikos/public_html/cgi-**bin/metrites.py", line 219, in <module>,
    >> referer: http://superhost.gr/
    >> [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]     with open(
    >> '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:, referer:
    >> http://superhost.gr/
    >> [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    >> FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    >> \\u03c5\\u03c0\\u03ac\\u03c1\\**u03c7\\u03b5\\u03b9
    >> \\u03c4\\u03ad\\u03c4\\u03bf\\**u03b9\\u03bf
    >> \\u03b1\\u03c1\\u03c7\\u03b5\\**u03af\\u03bf \\u03ae
    >> \\u03ba\\u03b1\\u03c4\\u03ac\\**u03bb\\u03bf\\u03b3\\u03bf\\**u03c2:
    >> '/home/nikos/public_html//**home/dauwin/public_html/index.**html',
    >> referer: http://superhost.gr/
    >> 
    >>
    >>
    >> Notice that you have the file path you want concatenated to your

    > /home/nikos/... stuff in the line above. Look in your code to find out
    > why. Fix that. Lather, rinse, repeat
    >
    >> Why is pointing to /home/nikos isntead of /home/dauwin ?
    >>
    >> this is what a smash my head to the wall to understand.
    >> --
    >> http://mail.python.org/**mailman/listinfo/python-list<http://mail.python..org/mailman/listinfo/python-list>
    >>

    >
    >
    >
    > --
    > Joel Goldstick
    > http://joelgoldstick.com
    >




    --
    Joel Goldstick
    http://joelgoldstick.com
     
    Joel Goldstick, Jun 13, 2013
    #11
  12. On 13/6/2013 5:54 μμ, Andreas Perstinger wrote:
    >
    > That's not a Python problem.
    >
    > BTW both scripts at
    > http://superhost.gr/~dauwin/metrites.py
    > and at
    > http://superhost.gr/~dauwin/cgi-bin/metrites.py
    > show the world the passwords to your databases in plain text.


    Oh my God, i'll find an httpd.conf directive ot .htaccess directive that
    prohibits display of source code of cgi scripts

    please tell me if you know of such a directive.
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #12
  13. On 13/6/2013 6:11 μμ, Chris Angelico wrote:
    > On Fri, Jun 14, 2013 at 12:54 AM, Andreas Perstinger
    > <> wrote:
    >> On 13.06.2013 16:23, �������� ������ wrote:
    >>>
    >>> Please suggest something of why this happnes.

    >>
    >>
    >> That's not a Python problem.
    >>
    >> BTW both scripts at
    >> http://superhost.gr/~dauwin/metrites.py
    >> and at
    >> http://superhost.gr/~dauwin/cgi-bin/metrites.py
    >> show the world the passwords to your databases in plain text.

    >
    > See, that's the kind of thing that means you can't give out even
    > read-only access to your server. Does this mean anything to you Nikos?
    >
    > ChrisA
    >

    Yes it does iam researchign a solution to this as we speak.
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #13
  14. On Fri, Jun 14, 2013 at 2:23 AM, Íéêüëáïò Êïýñáò <> wrote:
    > Oh my God, i'll find an httpd.conf directive ot .htaccess directive that
    > prohibits display of source code of cgi scripts
    >
    > please tell me if you know of such a directive.


    Yes. This will majorly improve your security. It goes in your
    httpd.conf or equivalent.

    Listen 127.0.0.1:80

    ChrisA
     
    Chris Angelico, Jun 13, 2013
    #14
  15. Îικόλαος ΚοÏÏας

    rusi Guest

    On Jun 13, 7:28 pm, Chris Angelico <> wrote:
    > On Fri, Jun 14, 2013 at 12:23 AM, Íéêüëáïò Êïýñáò <> wrote:
    > > Please suggest something of why this happnes.

    >
    > You remind me of George.
    >
    > http://www.chroniclesofgeorge.com/
    >
    > ChrisA


    HA!
    You are evil -- Chris!
     
    rusi, Jun 13, 2013
    #15
  16. On 13/6/2013 6:35 μμ, Joel Goldstick wrote:
    > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]
    > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    > \\u03c5\\u03c0\\u03ac\\u03c1\\
    >
    > u03c7\\u03b5\\u03b9 \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    > \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    > \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    > '/home/nikos/public_html//home/dauwin/public_html/index.html',
    > referer: http://superhost.gr/
    > [/code]
    >
    > DO YOU SEE THIS PART:
    > '/home/nikos/public_html//home/dauwin/public_html/index.html',
    > referer: http://superhost.gr/
    >
    > Do you see that it prepends your nikos path the your dauwin path and
    > file name. It isn't replacing one with the other. Somewhere in your
    > SFBI mess of code you perhaps have set the nikos path as the start of a
    > filename. Check that out


    yes i saw your post Joel,

    After research i am under the impression that i'am in need for UserDir
    directive as it essentially allows you to use User Home directories as
    web directories...

    So after reading this:
    http://centosforge.com/node/how-get-userdir-user-specific-publichtml-working-apache-centos-6
    i did this:


    <IfModule !mod_ruid2.c>
    UserDir public_html
    </IfModule>
    <IfModule mod_ruid2.c>
    #UserDir disabled
    UserDir "enabled *"
    UserDir "disabled root"
    </IfModule>



    root@nikos [~]# chmod 711 /home
    root@nikos [~]# chmod 711 /home/nikos
    root@nikos [~]# chmod 755 /home/nikos/public_html/
    root@nikos [~]# chmod o+r /home/nikos/public_html/index.html
    root@nikos [~]# chmod 711 /home/dauwin
    root@nikos [~]# chmod 755 /home/dauwin/public_html/
    root@nikos [~]# chmod o+r /home/dauwin/public_html/index.html
    root@nikos [~]#

    setsebool -P httpd_enable_homedirs true
    chcon -R -t httpd_sys_content_t /home/testuser/public_html
    (the last one one failed though)

    the i restarted Apache but the problem is still there.

    ===================
    [~]# [Thu Jun 13 19:50:57 2013] [error] [client
    79.103.41.173] Error in sys.excepthook:
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] ValueError:
    underlying buffer has been detached
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Original
    exception was:
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Traceback
    (most recent call last):
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] File
    "/home/nikos/public_html/cgi-bin/metrites.py", line 213, in <module>
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] with open(
    '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:
    [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    \\u03c5\\u03c0\\u03ac\\u03c1\\u03c7\\u03b5\\u03b9
    \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    '/home/nikos/public_html//home/dauwin/public_html/index.html'
    ========================
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #16
  17. On 13/6/2013 7:28 μμ, Chris Angelico wrote:
    > On Fri, Jun 14, 2013 at 2:23 AM, �������� ������ <> wrote:
    >> Oh my God, i'll find an httpd.conf directive ot .htaccess directive that
    >> prohibits display of source code of cgi scripts
    >>
    >> please tell me if you know of such a directive.

    >
    > Yes. This will majorly improve your security. It goes in your
    > httpd.conf or equivalent.
    >
    > Listen 127.0.0.1:80
    >
    > ChrisA
    >

    liek iam gonna fall for that!!!

    127.0.0.1 is listening only to itself :)
     
    Îικόλαος ΚοÏÏας, Jun 13, 2013
    #17
  18. Ôç ÐÝìðôç, 13 Éïõíßïõ 2013 7:52:27 ì.ì. UTC+3, ï ÷ñÞóôçò Íéêüëáïò ÊïýñáòÝãñáøå:
    > On 13/6/2013 6:35 ìì, Joel Goldstick wrote:
    >
    > > [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]

    >
    > > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd

    >
    > > \\u03c5\\u03c0\\u03ac\\u03c1\\

    >
    > >

    >
    > > u03c7\\u03b5\\u03b9 \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf

    >
    > > \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae

    >
    > > \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:

    >
    > > '/home/nikos/public_html//home/dauwin/public_html/index.html',

    >
    > > referer: http://superhost.gr/

    >
    > > [/code]

    >
    > >

    >
    > > DO YOU SEE THIS PART:

    >
    > > '/home/nikos/public_html//home/dauwin/public_html/index.html',

    >
    > > referer: http://superhost.gr/

    >
    > >

    >
    > > Do you see that it prepends your nikos path the your dauwin path and

    >
    > > file name. It isn't replacing one with the other. Somewhere in your

    >
    > > SFBI mess of code you perhaps have set the nikos path as the start of a

    >
    > > filename. Check that out

    >
    >
    >
    > yes i saw your post Joel,
    >
    >
    >
    > After research i am under the impression that i'am in need for UserDir
    >
    > directive as it essentially allows you to use User Home directories as
    >
    > web directories...
    >
    >
    >
    > So after reading this:
    >
    > http://centosforge.com/node/how-get-userdir-user-specific-publichtml-working-apache-centos-6
    >
    > i did this:
    >
    >
    >
    >
    >
    > <IfModule !mod_ruid2.c>
    >
    > UserDir public_html
    >
    > </IfModule>
    >
    > <IfModule mod_ruid2.c>
    >
    > #UserDir disabled
    >
    > UserDir "enabled *"
    >
    > UserDir "disabled root"
    >
    > </IfModule>
    >
    >
    >
    >
    >
    >
    >
    > root@nikos [~]# chmod 711 /home
    >
    > root@nikos [~]# chmod 711 /home/nikos
    >
    > root@nikos [~]# chmod 755 /home/nikos/public_html/
    >
    > root@nikos [~]# chmod o+r /home/nikos/public_html/index.html
    >
    > root@nikos [~]# chmod 711 /home/dauwin
    >
    > root@nikos [~]# chmod 755 /home/dauwin/public_html/
    >
    > root@nikos [~]# chmod o+r /home/dauwin/public_html/index.html
    >
    > root@nikos [~]#
    >
    >
    >
    > setsebool -P httpd_enable_homedirs true
    >
    > chcon -R -t httpd_sys_content_t /home/testuser/public_html
    >
    > (the last one one failed though)
    >
    >
    >
    > the i restarted Apache but the problem is still there.
    >
    >
    >
    > ===================
    >
    > [~]# [Thu Jun 13 19:50:57 2013] [error] [client
    >
    > 79.103.41.173] Error in sys.excepthook:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] ValueError:
    >
    > underlying buffer has been detached
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Original
    >
    > exception was:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Traceback
    >
    > (most recent call last):
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] File
    >
    > "/home/nikos/public_html/cgi-bin/metrites.py", line 213, in <module>
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] with open(
    >
    > '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    >
    > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    >
    > \\u03c5\\u03c0\\u03ac\\u03c1\\u03c7\\u03b5\\u03b9
    >
    > \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    >
    > \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    >
    > \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    >
    > '/home/nikos/public_html//home/dauwin/public_html/index.html'
    >
    > ========================


    please take an overall look at my httpd.conf at http://pastebin.com/Pb3VbNC9 in case you want to examine somehting else.

    Thank you very much.
     
    Íéêüëáïò Êïýñáò, Jun 13, 2013
    #18
  19. Τη Πέμπτη, 13 Ιουνίου 2013 7:52:27 μ.μ. UTC+3, ο χÏήστης Îικόλαος ΚοÏÏας
    έγÏαψε:
    > On 13/6/2013 6:35 μμ, Joel Goldstick wrote:
    >
    >> [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]

    >
    >> FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd

    >
    >> \\u03c5\\u03c0\\u03ac\\u03c1\\

    >
    >>

    >
    >> u03c7\\u03b5\\u03b9 \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf

    >
    >> \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae

    >
    >> \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:

    >
    >> '/home/nikos/public_html//home/dauwin/public_html/index.html',

    >
    >> referer: http://superhost.gr/

    >
    >> [/code]

    >
    >>

    >
    >> DO YOU SEE THIS PART:

    >
    >> '/home/nikos/public_html//home/dauwin/public_html/index.html',

    >
    >> referer: http://superhost.gr/

    >
    >>

    >
    >> Do you see that it prepends your nikos path the your dauwin path and

    >
    >> file name. It isn't replacing one with the other. Somewhere in your

    >
    >> SFBI mess of code you perhaps have set the nikos path as the start of a

    >
    >> filename. Check that out

    >
    >
    >
    > yes i saw your post Joel,
    >
    >
    >
    > After research i am under the impression that i'am in need for UserDir
    >
    > directive as it essentially allows you to use User Home directories as
    >
    > web directories...
    >
    >
    >
    > So after reading this:
    >
    >

    http://centosforge.com/node/how-get-userdir-user-specific-publichtml-working-apache-centos-6
    >
    > i did this:
    >
    >
    >
    >
    >
    > <IfModule !mod_ruid2.c>
    >
    > UserDir public_html
    >
    > </IfModule>
    >
    > <IfModule mod_ruid2.c>
    >
    > #UserDir disabled
    >
    > UserDir "enabled *"
    >
    > UserDir "disabled root"
    >
    > </IfModule>
    >
    >
    >
    >
    >
    >
    >
    > root@nikos [~]# chmod 711 /home
    >
    > root@nikos [~]# chmod 711 /home/nikos
    >
    > root@nikos [~]# chmod 755 /home/nikos/public_html/
    >
    > root@nikos [~]# chmod o+r /home/nikos/public_html/index.html
    >
    > root@nikos [~]# chmod 711 /home/dauwin
    >
    > root@nikos [~]# chmod 755 /home/dauwin/public_html/
    >
    > root@nikos [~]# chmod o+r /home/dauwin/public_html/index.html
    >
    > root@nikos [~]#
    >
    >
    >
    > setsebool -P httpd_enable_homedirs true
    >
    > chcon -R -t httpd_sys_content_t /home/testuser/public_html
    >
    > (the last one one failed though)
    >
    >
    >
    > the i restarted Apache but the problem is still there.
    >
    >
    >
    > ===================
    >
    > [~]# [Thu Jun 13 19:50:57 2013] [error] [client
    >
    > 79.103.41.173] Error in sys.excepthook:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] ValueError:
    >
    > underlying buffer has been detached
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Original
    >
    > exception was:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Traceback
    >
    > (most recent call last):
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] File
    >
    > "/home/nikos/public_html/cgi-bin/metrites.py", line 213, in <module>
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] with open(
    >
    > '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:
    >
    > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    >
    > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    >
    > \\u03c5\\u03c0\\u03ac\\u03c1\\u03c7\\u03b5\\u03b9
    >
    > \\u03c4\\u03ad\\u03c4\\u03bf\\u03b9\\u03bf
    >
    > \\u03b1\\u03c1\\u03c7\\u03b5\\u03af\\u03bf \\u03ae
    >
    > \\u03ba\\u03b1\\u03c4\\u03ac\\u03bb\\u03bf\\u03b3\\u03bf\\u03c2:
    >
    > '/home/nikos/public_html//home/dauwin/public_html/index.html'
    >
    > ========================


    please take an overall look at my httpd.conf at
    http://pastebin.com/Pb3VbNC9 in case you want to examine somehting else.

    Thank you very much.


    --
    What is now proved was at first only imagined!
     
    Nick the Gr33k, Jun 13, 2013
    #19
  20. On Thu, Jun 13, 2013 at 2:10 PM, Nick the Gr33k <>wrote:

    >
    >
    > Τη Πέμπτη, 13 Ιουνίου 2013 7:52:27 μ.μ. UTC+3, ο χÏήστης Îικόλαος ΚοÏÏας
    > έγÏαψε:
    > > On 13/6/2013 6:35 μμ, Joel Goldstick wrote:
    > >
    > >> [Tue Jun 11 21:59:31 2013] [error] [client 79.103.41.173]

    > >
    > >> FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd

    > >
    > >> \\u03c5\\u03c0\\u03ac\\u03c1\\

    > >
    > >>

    > >
    > >> u03c7\\u03b5\\u03b9 \\u03c4\\u03ad\\u03c4\\u03bf\\**u03b9\\u03bf

    > >
    > >> \\u03b1\\u03c1\\u03c7\\u03b5\\**u03af\\u03bf \\u03ae

    > >
    > >> \\u03ba\\u03b1\\u03c4\\u03ac\\**u03bb\\u03bf\\u03b3\\u03bf\\**

    > u03c2:
    > >
    > >> '/home/nikos/public_html//**home/dauwin/public_html/index.**html',

    > >
    > >> referer: http://superhost.gr/

    > >
    > >> [/code]

    > >
    > >>

    > >
    > >> DO YOU SEE THIS PART:

    > >
    > >> '/home/nikos/public_html//**home/dauwin/public_html/index.**html',

    > >
    > >> referer: http://superhost.gr/

    > >
    > >>

    > >
    > >> Do you see that it prepends your nikos path the your dauwin path and

    > >
    > >> file name. It isn't replacing one with the other. Somewhere in your

    > >
    > >> SFBI mess of code you perhaps have set the nikos path as the start of a

    > >
    > >> filename. Check that out

    > >
    > >
    > >
    > > yes i saw your post Joel,
    > >
    > >
    > >
    > > After research i am under the impression that i'am in need for UserDir
    > >
    > > directive as it essentially allows you to use User Home directories as
    > >
    > > web directories...
    > >
    > >
    > >
    > > So after reading this:
    > >
    > > http://centosforge.com/node/**how-get-userdir-user-specific-**

    > publichtml-working-apache-**centos-6<http://centosforge.com/node/how-get-userdir-user-specific-publichtml-working-apache-centos-6>
    > >
    > > i did this:
    > >
    > >
    > >
    > >
    > >
    > > <IfModule !mod_ruid2.c>
    > >
    > > UserDir public_html
    > >
    > > </IfModule>
    > >
    > > <IfModule mod_ruid2.c>
    > >
    > > #UserDir disabled
    > >
    > > UserDir "enabled *"
    > >
    > > UserDir "disabled root"
    > >
    > > </IfModule>
    > >
    > >
    > >
    > >
    > >
    > >
    > >
    > > root@nikos [~]# chmod 711 /home
    > >
    > > root@nikos [~]# chmod 711 /home/nikos
    > >
    > > root@nikos [~]# chmod 755 /home/nikos/public_html/
    > >
    > > root@nikos [~]# chmod o+r /home/nikos/public_html/index.**html
    > >
    > > root@nikos [~]# chmod 711 /home/dauwin
    > >
    > > root@nikos [~]# chmod 755 /home/dauwin/public_html/
    > >
    > > root@nikos [~]# chmod o+r /home/dauwin/public_html/**index.html
    > >
    > > root@nikos [~]#
    > >
    > >
    > >
    > > setsebool -P httpd_enable_homedirs true
    > >
    > > chcon -R -t httpd_sys_content_t /home/testuser/public_html
    > >
    > > (the last one one failed though)
    > >
    > >
    > >
    > > the i restarted Apache but the problem is still there.
    > >
    > >
    > >
    > > ===================
    > >
    > > [~]# [Thu Jun 13 19:50:57 2013] [error] [client
    > >
    > > 79.103.41.173] Error in sys.excepthook:
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] ValueError:
    > >
    > > underlying buffer has been detached
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Original
    > >
    > > exception was:
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] Traceback
    > >
    > > (most recent call last):
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] File

    >
    > >
    > > "/home/nikos/public_html/cgi-**bin/metrites.py", line 213, in <module>
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173] with open(

    >
    > >
    > > '/home/nikos/public_html/' + page, encoding='utf-8' ) as f:
    > >
    > > [Thu Jun 13 19:50:57 2013] [error] [client 79.103.41.173]

    >
    > >
    > > FileNotFoundError: [Errno 2] \\u0394\\u03b5\\u03bd
    > >
    > > \\u03c5\\u03c0\\u03ac\\u03c1\\**u03c7\\u03b5\\u03b9
    > >
    > > \\u03c4\\u03ad\\u03c4\\u03bf\\**u03b9\\u03bf
    > >
    > > \\u03b1\\u03c1\\u03c7\\u03b5\\**u03af\\u03bf \\u03ae
    > >
    > > \\u03ba\\u03b1\\u03c4\\u03ac\\**u03bb\\u03bf\\u03b3\\u03bf\\**u03c2:
    > >
    > > '/home/nikos/public_html//**home/dauwin/public_html/index.**html'

    >


    SECOND TIME:

    I'm not an apache wizard, and I'm too self important to really look through
    all of your code. i don't getting germs. But, once again:

    your code is not finding a file named this:
    '/home/nikos/public_html//home/dauwin/public_html/index.html'

    The first part of this file path is:'/home/nikos/public_html

    After that are TWO forward slashes which remind me of http:// and following
    that is the path you want. so, you need to put new batteries in your
    brain, look through your mess and figure out what creates the wrong file
    name for you

    > >
    > > ========================

    >
    > please take an overall look at my httpd.conf at
    > http://pastebin.com/Pb3VbNC9 in case you want to examine somehting else.
    >
    > Thank you very much.
    >
    >
    > --
    > What is now proved was at first only imagined!
    > --
    > http://mail.python.org/**mailman/listinfo/python-list<http://mail.python.org/mailman/listinfo/python-list>
    >




    --
    Joel Goldstick
    http://joelgoldstick.com
     
    Joel Goldstick, Jun 13, 2013
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page