"Gelöst": Internal Server Error S9y 2.0 RC1

Hier können Probleme und alles andere in Deutscher Sprache gelöst werden.
Post Reply
robert
Regular
Posts: 1062
Joined: Mon May 09, 2005 9:17 pm
Location: Vienna, Austria
Contact:

"Gelöst": Internal Server Error S9y 2.0 RC1

Post by robert »

Hallo,

habe 2.0 RC1 installiert (Update). Am Server läuft PHP5.5

Update verlief zuerst klaglos. Aber jetzt sehe ich nur mehr

Code: Select all

Internal Server Error
	The server encountered an internal error or misconfiguration and was unable to complete your request. Your administrator may not have enabled CGI access for this directory.
Error Log zeigt dazu an

Code: Select all

-  /home/.sites/19/site2/web/blog/.htaccess: Options not allowed here, referer: http://www.robertlender.info/blog/serendipity_admin.php?serendipity[action]=upgrade
-  File does not exist: /home/.sites/19/site2/web/libImage, referer: http://www.robertlender.info/blog/
-  /home/.sites/19/site2/web/blog/.htaccess: Options not allowed here
Kann sich jemand einen Reim daraus machen?
robert
Regular
Posts: 1062
Joined: Mon May 09, 2005 9:17 pm
Location: Vienna, Austria
Contact:

Re: Internal Server Error S9y 2.0 RC1

Post by robert »

Ich bin jetzt mal in der Verwaltungsoberfläche - aber ohne grafische Oberfläche.

Mein Provider meint in der htaccess sei

options - multiview

nicht erlaubt. Was sagt man dazu?
robert
Regular
Posts: 1062
Joined: Mon May 09, 2005 9:17 pm
Location: Vienna, Austria
Contact:

Re: Internal Server Error S9y 2.0 RC1

Post by robert »

So. Frontend läuft. Backend wird nicht grafisch angezeigt. Habe alte .htaccess nunmehr wieder am Laufen.
Und die sieht so aus:

Code: Select all

AddDefaultCharset utf-8
AddCharset utf-8 .html .css .js .xml .json .rss

AddType video/ogg                       ogg ogv
AddType video/mp4                       mp4
AddType video/webm                      webm
AddType image/svg+xml                   svg svgz
AddEncoding gzip                        svgz
AddType application/vnd.ms-fontobject   eot
AddType font/truetype                   ttf
AddType font/opentype                   otf
AddType font/x-woff                     woff
AddType image/vnd.microsoft.icon        ico
AddType image/webp                      webp
AddType text/cache-manifest             manifest
AddType text/x-component                htc
AddType application/x-chrome-extension  crx

<IfModule mod_deflate.c>
    # html, txt, css, js, json, xml, htc:
    AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
    AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
    AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
    <FilesMatch "\.(ttf|otf|eot|svg)$" >
    SetOutputFilter DEFLATE
    </FilesMatch>
</IfModule>

<IfModule mod_expires.c>
    Header set Cache-Control "public"
    ExpiresActive on
    ExpiresDefault                          "access plus 1 month"
# cache.manifest needs re-reqeusts in FF 3.6 (thx Remy ~Introducing HTML5)
    ExpiresByType text/cache-manifest       "access plus 0 seconds"
# your document html
    ExpiresByType text/html                  "access"
# data
    ExpiresByType text/xml                  "access plus 0 seconds"
    ExpiresByType application/xml           "access plus 0 seconds"
    ExpiresByType application/json          "access plus 0 seconds"
# rss feed
    ExpiresByType application/rss+xml       "access plus 1 hour"
# favicon (cannot be renamed)
    ExpiresByType image/vnd.microsoft.icon  "access plus 1 week"
# media: images, video, audio
    ExpiresByType image/gif                 "access plus 1 month"
    ExpiresByType image/png                 "access plus 1 month"
    ExpiresByType image/jpg                 "access plus 1 month"
    ExpiresByType image/jpeg                "access plus 1 month"
    ExpiresByType video/ogg                 "access plus 1 month"
    ExpiresByType audio/ogg                 "access plus 1 month"
    ExpiresByType video/mp4                 "access plus 1 month"
    ExpiresByType video/webm                "access plus 1 month"
# webfonts -- TODO after production "access plus 1 month"
    ExpiresByType font/truetype             "access plus 0 seconds"
    ExpiresByType font/opentype             "access plus 0 seconds"
    ExpiresByType font/woff                 "access plus 0 seconds"
    ExpiresByType image/svg+xml             "access plus 0 seconds"
# css and javascript -- TODO after production "access plus 1 month"
    ExpiresByType text/css                  "access plus 0 seconds"
    ExpiresByType application/javascript    "access plus 0 seconds"
    ExpiresByType text/javascript           "access plus 0 seconds"
</IfModule>

# BEGIN s9y
ErrorDocument 404 /blog/index.php
DirectoryIndex /blog/index.php

RewriteEngine On
RewriteBase /blog/
RewriteRule ^serendipity_admin.php serendipity_admin.php [NC,L,QSA]
RewriteRule ^((archives/([0-9]+)-[0-9a-z\.\_!;,\+\-\%]+)/?) index.php?/$1 [NC,L,QSA]
RewriteRule ^(authors/([0-9]+)-[0-9a-z\.\_!;,\+\-\%]+) index.php?/$1 [NC,L,QSA]
RewriteRule ^(feeds/categories/([0-9;]+)-[0-9a-z\.\_!;,\+\-\%]+\.rss) index.php?/$1 [NC,L,QSA]
RewriteRule ^(feeds/authors/([0-9]+)-[0-9a-z\.\_!;,\+\-\%]+\.rss) index.php?/$1 [NC,L,QSA]
RewriteRule ^(categories/([0-9;]+)-[0-9a-z\.\_!;,\+\-\%]+) index.php?/$1 [NC,L,QSA]
RewriteRule ^archives([/A-Za-z0-9]+)\.html index.php?url=/archives/$1.html [NC,L,QSA]
RewriteRule ^([0-9]+)[_\-][0-9a-z_\-]*\.html index.php?url=$1-article.html [L,NC,QSA]
RewriteRule ^feeds/(.*) index.php?url=/feeds/$1 [L,QSA]
RewriteRule ^unsubscribe/(.*)/([0-9]+) index.php?url=/unsubscribe/$1/$2 [L,QSA]
RewriteRule ^approve/(.*)/(.*)/([0-9]+) index.php?url=approve/$1/$2/$3 [L,QSA]
RewriteRule ^delete/(.*)/(.*)/([0-9]+) index.php?url=delete/$1/$2/$3 [L,QSA]
RewriteRule ^(admin|entries)(/.+)? index.php?url=admin/ [L,QSA]
RewriteRule ^archive/? index.php?url=/archive [L,QSA]
RewriteRule ^(index|atom[0-9]*|rss|b2rss|b2rdf).(rss|rdf|rss2|xml) rss.php?file=$1&ext=$2
RewriteRule ^(plugin|plugin)/(.*) index.php?url=$1/$2 [L,QSA]
RewriteRule ^search/(.*) index.php?url=/search/$1 [L,QSA]
RewriteRule ^comments/(.*) index.php?url=/comments/$1 [L,QSA]
RewriteRule ^(serendipity\.css|serendipity_admin\.css) index.php?url=/$1 [L,QSA]
RewriteRule ^index\.(html?|php.+) index.php?url=index.html [L,QSA]
RewriteRule ^htmlarea/(.*) htmlarea/$1 [L,QSA]
#RewriteCond %{REQUEST_URI} !-U
RewriteRule (.*\.html?) index.php?url=/$1 [L,QSA]

<Files *.tpl.php>
    deny from all
</Files>

<Files *.tpl>
    deny from all
</Files>

<Files *.sql>
    deny from all
</Files>

<Files *.inc.php>
    deny from all
</Files>

<Files *.db>
    deny from all
</Files>

# END s9y


# BEGIN ANTI SPAM
<Files comment.php>
 # knappe 403 Error-Message
 ErrorDocument 403 "403 Forbidden

 # Bots, deren Namen mit TrackBack beginnen, markieren
 BrowserMatch ^TrackBack is_trackback_spammer
 BrowserMatch "^USERAGENT$" is_trackback_spammer
 # Bots, die keinen Namen angeben, markieren
 BrowserMatch ^$ is_trackback_spammer

 # Aussperren
 Order Allow,Deny
 Allow from all
 deny from env=is_trackback_spammer
</Files>
# END ANTI SPAM


MarioH
Regular
Posts: 238
Joined: Mon Jul 20, 2009 10:53 pm
Contact:

Re: Internal Server Error S9y 2.0 RC1

Post by MarioH »

Hallo Robert,

bei mir steht

Code: Select all

Options -Multiviews
in der htaccess drin und macht keine Probleme.

Gruß
Mario
yellowled
Regular
Posts: 7111
Joined: Fri Jan 13, 2006 11:46 am
Location: Eutin, Germany
Contact:

Re: Internal Server Error S9y 2.0 RC1

Post by yellowled »

MarioH wrote:bei mir steht

Code: Select all

Options -Multiviews
in der htaccess drin und macht keine Probleme.
Ich habe da – leider – nur gepflegtes Halbwissen, aber es scheint durchaus Server-Setups (seitens des Webhosters, insofern kann man da als Shared-Hosting-Kunde nicht viel dran machen) zu geben, in denen -Multiviews nicht erlaubt ist.

YL
robert
Regular
Posts: 1062
Joined: Mon May 09, 2005 9:17 pm
Location: Vienna, Austria
Contact:

Re: "Gelöst": Internal Server Error S9y 2.0 RC1

Post by robert »

Mein Provider erlaubt nichts mit "options" in der htaccess.

Warum auch immer. 24 Stunden später geht alles - auch das Backend. Mit der .htaccess von 1.7.

Danke für die Hinweise. Liebe Grüsse Robert
garvinhicking
Core Developer
Posts: 30022
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: "Gelöst": Internal Server Error S9y 2.0 RC1

Post by garvinhicking »

Hi!

Die "-MultiViews" Option ist dafür relevant, damit potentiell "böse" Angreifer nicht z.b. über die Mediendatenbank Dateien wie "test.php.txt" hochladen, die dann später als PHP interpretiert werden könnten. Die Option wird also eigentlich für Serendipity selbst nicht benötigt.
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
robert
Regular
Posts: 1062
Joined: Mon May 09, 2005 9:17 pm
Location: Vienna, Austria
Contact:

Re: "Gelöst": Internal Server Error S9y 2.0 RC1

Post by robert »

Danke für die Aufklärung.

Werde mal nachfragen, was mein Provider zu dem "Sicherheitsproblem" sagt.

Liebe Grüße
Robert
Post Reply