为啥 apache2 试图执行我的 CSS 和图像文件?
Posted
技术标签:
【中文标题】为啥 apache2 试图执行我的 CSS 和图像文件?【英文标题】:Why is apache2 trying to execute my CSS and image files?为什么 apache2 试图执行我的 CSS 和图像文件? 【发布时间】:2021-09-27 01:11:53 【问题描述】:我为此苦苦挣扎了两天,在网上搜索线索和答案,发现适用于 Mac 和 CGI 脚本的内容很少。当我收到 500 错误时,可能有很多问题,但我认为它可能就像 apache2 试图执行我的非可执行文件一样简单,即 .css、.js、.png 等。我的配置文件(删除注释行)是这样的:
ServerRoot "/usr"
Listen 80
LoadModule authz_host_module libexec/apache2/mod_authz_host.so
LoadModule setenvif_module libexec/apache2/mod_setenvif.so
LoadModule mime_module libexec/apache2/mod_mime.so
LoadModule autoindex_module libexec/apache2/mod_autoindex.so
LoadModule cgi_module libexec/apache2/mod_cgi.so
LoadModule negotiation_module libexec/apache2/mod_negotiation.so
LoadModule userdir_module libexec/apache2/mod_userdir.so
LoadModule alias_module libexec/apache2/mod_alias.so
User _www
Group _www
ServerAdmin you@example.com
DocumentRoot "/var/www"
<Directory />
Options FollowSymLinks ExecCGI
AllowOverride None
</Directory>
<IfModule alias_module>
ScriptAlias /cgi/ "/var/www/mywebsite/cgi/"
AddHandler cgi-script .pl .cgi
SetHandler cgi-script
</IfModule>
<Directory /var/www/mywebsite/>
Options +Indexes +FollowSymLinks -MultiViews
AllowOverride None
Order allow,deny
AddHandler cgi-script .cgi .pl
allow from all
</Directory>
<Directory /var/www/mywebsite/*>
AllowOverride AuthConfig
</Directory>
<Directory "/var/www/mywebsite/cgi/">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
AddHandler cgi-script .cgi .pl
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html index.htm index.php
</IfModule>
ErrorLog "/private/var/log/apache2/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%Refereri\" \"%User-Agenti\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%Refereri\" \"%User-Agenti\" %I %O" combinedio
</IfModule>
CustomLog "/private/var/log/apache2/access_log" common
</IfModule>
DefaultType text/plain
<IfModule mime_module>
TypesConfig /private/etc/apache2/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
TraceEnable off
当我尝试加载我的页面时,Perl 脚本运行,但是嵌入到它提供给浏览器的 HTML 中的链接都出现 http 500 错误(或者如果我从基本目录中删除了“ExecCGI”,则会出现 403 错误选项)。
这是页面加载后日志文件显示的内容:
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (8)Exec format error: exec of '/var/www/css/MW.css' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW.css, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/new.gif' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: new.gif, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_LA.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW_lang_LA.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_US.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW_lang_US.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW.js' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW.js, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_TH.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW_lang_TH.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_VT.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW_lang_VT.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_SP.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:37:59 2021] [error] [client ::1] Premature end of script headers: MW_lang_SP.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (8)Exec format error: exec of '/var/www/css/MW.css' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW.css, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_US.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW_lang_US.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_TH.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW_lang_TH.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW.js' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW.js, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_LA.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW_lang_LA.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_SP.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW_lang_SP.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/MW_lang_VT.png' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: MW_lang_VT.png, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] (13)Permission denied: exec of '/var/www/css/new.gif' failed, referer: http://localhost/mywebsite/cgi/MW.pl
[Mon Jul 19 17:38:01 2021] [error] [client ::1] Premature end of script headers: new.gif, referer: http://localhost/mywebsite/cgi/MW.pl
如图所示,即使是图像文件也被视为需要执行的脚本!自然会遇到语法错误。
更多信息:
Mac OS X:10.8.3 Apache 服务器版本:Apache/2.2.22 (Unix) Apache 服务器构建时间:2012 年 12 月 9 日 18:57:18 火狐:48.0.2 image/css/js 文件的文件权限都设置为 chmod 644Apache 仅在本地托管网站——这不是互联网虚拟主机。这应该是供离线使用和开发目的。
为什么 apache2 会这样做?配置有什么问题?
【问题讨论】:
【参考方案1】:嗯,这看起来有点狡猾。
<Directory /> Options FollowSymLinks ExecCGI AllowOverride None </Directory>
首先,这会将您的整个文件系统(/ 下的所有内容)视为 Web 服务器的一部分。其次,您为 Apache 服务的每个文件都打开了 ExecCGI - 这会导致您的问题。
您还将实际的 CGI 目录 (/var/www/mywebsite/cgi/) 定义为 CGI 目录两次。
【讨论】:
感谢您的帮助。我现在已经完全删除了 /var/www/mywebsite/cgi 目录定义,只留下了对该 cgi 目录的 ScriptAlias 引用,并且我删除了四个“狡猾”的行,而且奇怪的是,结果根本看不到任何变化。还有什么我可以做的吗? 我现在实际上已经从配置中删除了“ExecCGI”的每个实例,只在 ScriptAlias 行下留下了“AddHandler cgi-script .pl .cgi”——这似乎足以保留perl 脚本正在运行。 终于发现了问题所在,把答案贴出来留给后人。谢谢你鼓励我多尝试一些东西——几乎放弃了。【参考方案2】:反复试验(猜测和检查)终于让我找到了答案。这是配置文件中有问题的一行。我现在没有删除该行,而是用一条注释对其进行了评论,以提醒我永远不要再使用该行!
AddHandler cgi-script .pl .cgi
# ENABLING THE FOLLOWING LINE WILL MAKE _EVERY_ FILE EXECUTE!!!
# SetHandler cgi-script
SetHandler cgi-script 纯属毒药。我永远不会猜到——它看起来如此无害和天真,甚至是必要的。
没有这条线,一切都会再次按预期工作。图像、css 和 js 文件的 http 响应 200 现在看起来非常漂亮!
【讨论】:
根据httpd.apache.org/docs/2.2/handler.html,SetHandler 通常应该设置在Directory 或Location 块内,但你的是/曾经是***的,所以也许这就是它应用的原因到所有文件?我没想到会有这种行为,所以很好地追踪它!以上是关于为啥 apache2 试图执行我的 CSS 和图像文件?的主要内容,如果未能解决你的问题,请参考以下文章
试图将我的 UIImage 裁剪为 1:1 的纵横比(正方形),但它不断放大图像,导致图像模糊。为啥?