From 33e3d6297a7702bcc2f43769ffe8022ad2c190be Mon Sep 17 00:00:00 2001 From: OnlineDynamic Date: Tue, 7 Jan 2025 23:29:33 +0000 Subject: [PATCH 1/5] add ico files to apache mime definitions --- etc/apache2.site | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/apache2.site b/etc/apache2.site index 1ac042a2f..be0456c7e 100644 --- a/etc/apache2.site +++ b/etc/apache2.site @@ -128,7 +128,7 @@ ServerTokens Prod # 2.2.x+ AddType image/svg+xml svgz svg - AddType image/x-icon cur + AddType image/x-icon cur ico # 2.4.x+ From ee0ec548b0b0f0d119cbd4b23706b002ad791a9d Mon Sep 17 00:00:00 2001 From: OnlineDynamic Date: Wed, 8 Jan 2025 11:04:20 +0000 Subject: [PATCH 2/5] add output of apache mod_status to troubleshooting page so config can be locked down to only run from localhost --- www/troubleshoot-commands.json | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/www/troubleshoot-commands.json b/www/troubleshoot-commands.json index b1fd82ef0..dd294db26 100644 --- a/www/troubleshoot-commands.json +++ b/www/troubleshoot-commands.json @@ -526,6 +526,23 @@ ] } } + }, + "Webserver": { + "grpDisplayTitle": "Webserver", + "grpDescription": "Information on the local web server", + "platforms": [ + "all" + ], + "commands": { + "Server-Status": { + "title": "Apache Server Status", + "description": "Results from Apache mod_status extension", + "cmd": "curl http://localhost/server-status", + "platforms": [ + "all" + ] + } + } } } -} +} \ No newline at end of file From e6389fc64bf74fa92be4d82c0851fd88f34dfae8 Mon Sep 17 00:00:00 2001 From: OnlineDynamic Date: Wed, 8 Jan 2025 14:04:53 +0000 Subject: [PATCH 3/5] create locally locked down phpinfo for troubleshooter --- www/localonly/.htaccess | 4 ++ www/localonly/cleanedphpinfo.php | 89 ++++++++++++++++++++++++++++++++ www/localonly/phpinfo.php | 1 + 3 files changed, 94 insertions(+) create mode 100644 www/localonly/.htaccess create mode 100644 www/localonly/cleanedphpinfo.php create mode 100644 www/localonly/phpinfo.php diff --git a/www/localonly/.htaccess b/www/localonly/.htaccess new file mode 100644 index 000000000..af3681716 --- /dev/null +++ b/www/localonly/.htaccess @@ -0,0 +1,4 @@ + order deny,allow + deny from all + Require local + allow from all \ No newline at end of file diff --git a/www/localonly/cleanedphpinfo.php b/www/localonly/cleanedphpinfo.php new file mode 100644 index 000000000..3969c41a6 --- /dev/null +++ b/www/localonly/cleanedphpinfo.php @@ -0,0 +1,89 @@ +createDocumentType( + 'html', + '-//W3C//DTD XHTML 1.0 Transitional//EN', + 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd' +); +$doc = $imp->createDocument( + 'http://www.w3.org/1999/xhtml', + 'html', + $dtd +); +$doc->encoding = 'utf-8'; + +$info_doc = new DOMDocument('1.0', 'utf-8'); +/* Parse phpinfo's output + * operator @ used to avoid messages about undefined entities + * or use loadHTML instead + */ +@$info_doc->loadXML($info); + +$doc->documentElement->appendChild( // Adding HEAD element to HTML + $doc->importNode( + $info_doc->getElementsByTagName('head')->item(0), + true // With all the subtree + ) +); +$doc->documentElement->appendChild( // Adding BODY element to HTML + $doc->importNode( + $info_doc->getElementsByTagName('body')->item(0), + true // With all the subtree + ) +); + +// Now you get a clean output and you are able to validate... +/* +echo ($doc->saveXML ()); +// OR +echo ($doc->saveHTML ()); + */ + +// By that way it's easy to add some style declaration : +$style = $doc->getElementsByTagName('style')->item(0); +$style->appendChild( + $doc->createTextNode( + '/* SOME NEW CSS RULES TO ADD TO THE FUNCTION OUTPUT */' + ) +); + +// to add some more informations to display : +$body = $doc->getElementsByTagName('body')->item(0); +$element = $doc->createElement('p'); +$element->appendChild( + $doc->createTextNode( + 'FPP cleaned version of phpinfo()' + ) +); +$body->appendChild($element); + +// to add a new header : +$head = $doc->getElementsByTagName('head')->item(0); +$meta = $doc->createElement('meta'); +$meta->setAttribute('name', 'author'); +$meta->setAttribute('content', 'arimbourg at ariworld dot eu'); +$head->appendChild($meta); + +// As you wish, take the rest of the output and add it for debugging +$out = ob_get_clean(); + +$pre = $doc->createElement('div'); // or pre +$pre->setAttribute('style', 'white-space: pre;'); // for a div element, useless with pre +$pre->appendChild($doc->createTextNode($out)); +$body->appendChild($pre); + +$doc->formatOutput = true; // For a nice indentation +//echo ($doc->saveXML()); +$exportbody = $doc->documentElement->lastChild; +echo ($doc->saveHTML($exportbody)); +?> \ No newline at end of file diff --git a/www/localonly/phpinfo.php b/www/localonly/phpinfo.php new file mode 100644 index 000000000..c9f5eeb12 --- /dev/null +++ b/www/localonly/phpinfo.php @@ -0,0 +1 @@ + \ No newline at end of file From 6d1a56de8ce072e6d8bc9f485d768deed43951d0 Mon Sep 17 00:00:00 2001 From: OnlineDynamic Date: Wed, 8 Jan 2025 14:05:30 +0000 Subject: [PATCH 4/5] add phpinfo to troubleshooter output --- www/troubleshoot-commands.json | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/www/troubleshoot-commands.json b/www/troubleshoot-commands.json index dd294db26..74c6527dc 100644 --- a/www/troubleshoot-commands.json +++ b/www/troubleshoot-commands.json @@ -537,7 +537,15 @@ "Server-Status": { "title": "Apache Server Status", "description": "Results from Apache mod_status extension", - "cmd": "curl http://localhost/server-status", + "cmd": "curl -s http://localhost/server-status", + "platforms": [ + "all" + ] + }, + "PHPInfo": { + "title": "PHP Info", + "description": "Results from php_info() function", + "cmd": "curl -s http://localhost/localonly/cleanedphpinfo.php", "platforms": [ "all" ] From 24ffce948f8d0eeb493c72fe5a2c5b10fce403c1 Mon Sep 17 00:00:00 2001 From: OnlineDynamic Date: Wed, 8 Jan 2025 14:12:20 +0000 Subject: [PATCH 5/5] add default config for apache2 mod_status to lockdown to only localhost access --- SD/FPP_Install.sh | 2 ++ etc/apache2.status | 25 +++++++++++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 etc/apache2.status diff --git a/SD/FPP_Install.sh b/SD/FPP_Install.sh index b8b204ee7..deb0c6482 100755 --- a/SD/FPP_Install.sh +++ b/SD/FPP_Install.sh @@ -1301,7 +1301,9 @@ sed -i -e "s/APACHE_RUN_GROUP=.*/APACHE_RUN_GROUP=${FPPUSER}/" /etc/apache2/envv sed -i -e "s#APACHE_LOG_DIR=.*#APACHE_LOG_DIR=${FPPHOME}/media/logs#" /etc/apache2/envvars sed -i -e "s/Listen 8080.*/Listen 80/" /etc/apache2/ports.conf +#Copy FPP Defined Apache configs cat /opt/fpp/etc/apache2.site > /etc/apache2/sites-enabled/000-default.conf +cat /opt/fpp/etc/apache2.status > /etc/apache2/mods-enabled/status.conf # Enable Apache modules a2dismod php${ACTUAL_PHPVER} diff --git a/etc/apache2.status b/etc/apache2.status new file mode 100644 index 000000000..b148aead1 --- /dev/null +++ b/etc/apache2.status @@ -0,0 +1,25 @@ +# Allow server status reports generated by mod_status, +# with the URL of http://servername/server-status +# Uncomment and change the "192.0.2.0/24" to allow access from other hosts. + + + SetHandler server-status + Order deny,allow + Deny from all + Allow from localhost ip6-localhost + + + +# Keep track of extended status information for each request +ExtendedStatus On + +# Determine if mod_status displays the first 63 characters of a request or +# the last 63, assuming the request itself is greater than 63 chars. +# Default: Off +#SeeRequestTail On + + + + # Show Proxy LoadBalancer status in mod_status + ProxyStatus On +