Please help with my httpd.config (cookie & mod_auth_mysql)

Hi guys, I really would appreciate some help from the experts here. My httpd.conf isn't working like it should do any more and the worst thing is - I can't find out what I've done wrong! Please help if you're knowledgeable, I've had a few hack attempts using my Apache recently, so I want to get this up as soon as poss!

What's Working:

Currently, all /var/www/downloads and subdirectories for users (/var/www/downloads/<username>) require a username and password using mod_auth_mysql. This works.

What's not working:

The problem is: I have settings which SHOULD require either a login using mod_auth_mysql (works), or a cookie (doesn't work). If the cookie is present, then it should automatically display the contents of the directory when a user goes to /var/www/downloads/<their_username>. But it doesn't, it asks for a username/password still.

I'm using SetEnvIf, but it might be being used incorrectly with "satisfy all" - my files are below.

I might have conflicts between httpd.conf and /sites-enabled/000-default. I'm not experienced with most of the stuff here, so any help would be massively appreciated!

Files:

sites-enabled/000-default: jsfiddle.net/Xcece/
httpd.conf here: jsfiddle.net/6ACnW/

I'm not using .htaccess files. This all seemed to work a few days ago, now it's not and I can't for the life of me figure out why!


Any help would be amazing right now after the previous hack attempt that grabbed all my bloody code!

Hello and welcome!

First off, you should check your Apache error log file. The location of it varies from distro to distro, e.g.:

Fedora/RedHat/etc.:

Code:

---

/var/log/httpd/error_log

---

Debian/Ubuntu/etc.:

Code:

---

/var/log/apache2/error.log

---

The best thing to do is start a tail of the log in one terminal window, then in another (or in a browser), load the page containing the problem code.

If you've defined VirtualHosts and have set the ErrorLog declarative to something, check those logs, too.

Hey, thanks for the reply.

The error log does not contain any relevant information unfortunately : my issue is that the directive in my httpd.conf should check for the following: (1) a cookie OR (2) a correct login. The correct login bit works, but the cookie checking doesn't. The directive used for the cookie check can be seen in my httpd.conf (it's not long and link is above).

So basically, the cookie checking isn't working, and I can't find out why.

Have you already confirmed that you can create and read cookies within your webpages?

hey ,you may uninstall and reinstall your httpd service ,it may helps you

Hey, yep I can set and retrieve cookies using a PHP script. The issue is definitely some sort of overwriting within my httpd.conf and/or other settings. This is posted on three forums now and I still can't fix it.

Hi,

I took a look at the link you posted in #1, but to be honest, the layout was so confusing that I gave up trying to figure out what was wrong rather quickly. My suggestion to you would be to start with a pristine httpd.conf file, a pristine php.ini, and put all your website customizations in a second http .conf file. Then add your customizations to the custom .conf file one-by-one, testing along the way, until you hit your issue.