Home › Forums › BulletProof Security Pro › Apache server-status reporting
Tagged: httpd.conf, mod_status, mod_status.so, server-status
- This topic has 11 replies, 3 voices, and was last updated 9 years, 4 months ago by AITpro Admin.
-
AuthorPosts
-
TimboParticipant
Hi there,
Just wondering if you would know how to enable access to “server-status” for localhost only? I am running some system monitoring software and it would like to scrape information from this page. More info: http://httpd.apache.org/docs/2.2/mod/mod_status.html
-TimboAITpro AdminKeymasterYou would first need to load the mod_status module and then add the directives below in your httpd.conf file.
LoadModule status_module modules/mod_status.so
<Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from .example.com </Location>
If you are trying to do this on XAMPP then here is a good tutorial
http://harinderseera.blogspot.com/2011/08/how-to-access-apache-server-counters.htmlTimboParticipantHi there,
Thanks for your response. But the problem is that the WordPress .htaccess file thinks the “/server-status” as a permalink, so it automatically directs to page not found. Further details: http://www.ducea.com/2009/03/01/wordpress-mod_rewrite-rules-taking-over-mod_status/ I’ve resolved this by adding a virtual host with the “ServerName” set to “localhost”, and the “DocumentRoot” set to an empty directory (thus no .htaccess file interfering with the httpd.conf settings). Thanks for your help, you always provide excellent support.
-TimboVilmondesParticipantHello,
Ressucting this topic. If I want to change this in the .htaccess file, would it be correct to add a custom code to the “CUSTOM CODE WP REWRITE LOOP START” section?
Something like this:
RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} !=/server-status RewriteRule ^index\.php$ - [L]
Thanks!
AITpro AdminKeymasterYes, that would be the correct BPS Custom Code text box.
VilmondesParticipantThanks for your response. I did that and I’m still getting the 404 error. It works if I rename my .htaccess file, therefore there must still be something in that file that’s redirecting my request to /server-status. Any suggestion?
AITpro AdminKeymasterDid you do all the Custom Code steps? You will find the Custom Code steps in the Custom Code Read Me help button. If that is not the problem then I would need to know all the spefic details of what you are doing in order to give you any kind of answer.
AITpro AdminKeymasterAnd personally I would create the rule and treat it like a 3rd party / external URI.
# WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] # RewriteRule for 3rd Party or Custom Apps outside of WP RewriteRule ^/server-status/ - [L]
VilmondesParticipantYes, I did all the steps. I checked my root .htaccess and now that section reads as follows:
# CUSTOM CODE WP REWRITE LOOP START # CUSTOM CODE WP REWRITE LOOP START # WP REWRITE LOOP START RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} !=/server-status RewriteRule ^index\.php$ - [L]
All I’m trying to do is access the page server-status which is server by Apache mod_status, but there’s a rule in the .htaccess that’s making I get a 404 error when trying to access domain.com/server-status
Let me know if you need more info.
AITpro AdminKeymasterWe were posting at the same time. See my reply above. I think a 3rd Party RewriteRule is what you are really looking for.
VilmondesParticipantIt worked when I changed it to this:
RewriteEngine On RewriteBase / #RewriteCond %{REQUEST_URI} !=/server-status RewriteRule ^server-status - [L] RewriteRule ^index\.php$ - [L]
It seems that the order is important there (I don’t have much experience with mod_rewrite rules).
Thanks for your help!
AITpro AdminKeymasterhmm interesting – server-status is virtual based on Location
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Require local ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>
-
AuthorPosts
- You must be logged in to reply to this topic.