I was wondering what this error means? Is there something wrong with my env.php file? or maybe my httpd.conf file?
This is the error.log page:
[Mon Oct 25 10:53:57.980262 2021] [core:error] [pid 490426:tid 139830000264960] [client 45.146.164.110:39212] AH00126: Invalid URI in request POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1 [Mon Oct 25 11:39:24.325915 2021] [core:error] [pid 490642:tid 139830067406592] [client 45.146.164.110:51816] AH00126: Invalid URI in request POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1 [Mon Oct 25 14:21:14.958534 2021] [authz_core:error] [pid 490426:tid 139830067406592] [client 212.193.30.49:42726] AH01630: client denied by server configuration: /var/www/.../html/app/.env [Mon Oct 25 15:48:07.014630 2021] [proxy_fcgi:error] [pid 1176708:tid 140075209697024] [client 137.184.18.214:38938] AH01071: Got error 'Primary script unknown' [Mon Oct 25 15:48:08.163867 2021] [authz_core:error] [pid 1176710:tid 140074897360640] [client 137.184.18.214:39052] AH01630: client denied by server configuration: /var/www/.../html/app/.env
This is the httpd.conf page:
ServerRoot "/etc/httpd" #Listen 12.34.56.78:80 Listen 80 Include conf.modules.d/*.conf User apache Group apache ServerAdmin root@localhost <Directory /> AllowOverride none Require all denied </Directory> DocumentRoot "/var/www/html" # # Relax access to content within /var/www. # <Directory "/var/www"> AllowOverride None # Allow open access: Require all granted </Directory> # Further relax access to the default document root: <Directory "/var/www/html"> Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride None # # Controls who can get stuff from this server. # Require all granted </Directory> # # DirectoryIndex: sets the file that Apache will serve if a directory # is requested. # <IfModule dir_module> DirectoryIndex index.html index.php </IfModule> # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # <Files ".ht*"> Require all denied </Files> # # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> # container, error messages relating to that virtual host will be # logged here. If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # ErrorLog "logs/error_log" # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel warn <IfModule log_config_module> # # The following directives define some format nicknames for use with # a CustomLog directive (see below). # LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common <IfModule logio_module> # You need to enable mod_logio.c to use %I and %O LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio </IfModule> CustomLog "logs/access_log" combined </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" </IfModule> # # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. # <Directory "/var/www/cgi-bin"> AllowOverride None Options None Require all granted </Directory> <IfModule mime_module> TypesConfig /etc/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType text/html .shtml AddOutputFilter INCLUDES .shtml </IfModule> AddDefaultCharset UTF-8 <IfModule mime_magic_module> # # The mod_mime_magic module allows the server to use various hints from the # contents of the file itself to determine its type. The MIMEMagicFile # directive tells the module where the hint definitions are located. # MIMEMagicFile conf/magic </IfModule> #EnableMMAP off EnableSendfile on
I don't have a conf/extra/httpd-vhosts.conf file. I have an httpd.conf file located in /etc/httpd/conf/httpd.conf. Are those the same thing? Also I do not have "require local" mentioned in the httpd.conf file.