Question

I was wondering if it was at all possible to install twiki in a separate directory rather then in default apache directory? If it is possible does anyone know the necessary steps to configure apache on the latest version of Red Hat so that the cgi scripts will work?

Environment

-- JoshHoy - 29 Sep 2008

Answer

If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

Yes:

• Unzip the twiki installation into your favorite folder (/home/twiki seems to be a popular choice). Make sure that the apache user has the right permissions on this folder (read/write).
• Use the ApacheConfigGenerator to generate the snippet to configure your apache server. Just follow the instructions there.
• Restart apache, and point your browser to http://yourserver/twiki/bin/configure to finish your configuration.

-- RafaelAlvarez - 29 Sep 2008

Appreciate the answer RafaelAlvarez. However, when I follow that and try and run the rest of the configuration by entering in http://server/twiki/bin/configure I get a 500 Internal Server Error. I checked to make sure my bin file has read write privileges for apache and they do not sure how to fix this problem.

-- JoshHoy - 30 Sep 2008

Any messages in your Apache error log?

-- MartinKaufmann - 30 Sep 2008

Yes i says Premature end of script headers: configure. I thought this might mean that I did not have perl install correctly or the paths are messed up but when I set everything up to be run from /var/www/html it works fine. Only when i configure it to work from /home/twiki fails to execute the configure script.

-- JoshHoy - 30 Sep 2008

Just a few random thoughts:

• Did you adjust the path information in LocalSite.cfg?
• Are all the permissions in bin/ correct?
• Are all the permissions of your twiki/ directory correct?
• Could you post/attach your Apache conf file and your LocalSite.cfg?

-- MartinKaufmann - 30 Sep 2008

The permissions on bin is set for drwxr-xr-x apache apache and configure is set to -r-xr-xr-x 1 apache apache.

LocalSite.cfg Show... Hide

# TWiki Enterprise Collaboration Platform, http://TWiki.org/
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version. For
# more details read LICENSE in the root of this distribution.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# LocalLib.cfg: local path settings for TWiki

use vars qw( $twikiLibPath $CPANBASE );

#development and debugging settings
#$ENV{TWIKI_ASSERTS} = 1;
#$ENV{TWIKI_MONITOR} = 1;

# -------------- Path to lib directory containing TWiki.pm.
#
# REQUIRED
# The absolute path to the 'lib' directory in your installation..

$twikiLibPath = "/home/twiki/lib";


# -------------- Extra path components to include in @INC
# OPTIONAL
# If you need to use perl modules that are not installed in the standard
# directories (e.g. you have downloaded extra modules for use with plugins)
# then you can add the absolute paths to those modules below. You can list
# as many directories as you want, separated by commas.

# @localPerlLibPath = ( '/path/to/dir' );

# http://www.perl.com/pub/a/2002/04/10/mod_perl.html?page=3 has good advice
# on installing CPAN modules without superuser privileges.


1; # Required for successful module loading

twiki.conf Show... Hide

# Autogenerated httpd.conf file for TWiki.
# Generated at http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator
# For TWiki version 4.2.X

# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
# including its own topics as URLs and also prevents other TWikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying the impossible task of mirroring a twiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess

BrowserMatchNoCase ^Accoona blockAccess
BrowserMatchNoCase ^ActiveAgent blockAccess
BrowserMatchNoCase ^Attache blockAccess
BrowserMatchNoCase BecomeBot blockAccess
BrowserMatchNoCase ^bot blockAccess
BrowserMatchNoCase Charlotte/ blockAccess
BrowserMatchNoCase ^ConveraCrawler blockAccess
BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess
BrowserMatchNoCase ^EmailCollector blockAccess
BrowserMatchNoCase ^EmailSiphon blockAccess
BrowserMatchNoCase ^e-SocietyRobot blockAccess
BrowserMatchNoCase ^Exabot blockAccess
BrowserMatchNoCase ^FAST blockAccess
BrowserMatchNoCase ^FDM blockAccess
BrowserMatchNoCase ^GetRight/6.0a blockAccess
BrowserMatchNoCase ^GetWebPics blockAccess
BrowserMatchNoCase ^Gigabot blockAccess
BrowserMatchNoCase ^gonzo1 blockAccess
BrowserMatchNoCase ^Google\sSpider blockAccess
BrowserMatchNoCase ^ichiro blockAccess
BrowserMatchNoCase ^ie_crawler blockAccess
BrowserMatchNoCase ^iGetter blockAccess
BrowserMatchNoCase ^IRLbot blockAccess
BrowserMatchNoCase Jakarta blockAccess
BrowserMatchNoCase ^Java blockAccess
BrowserMatchNoCase ^KrakSpider blockAccess
BrowserMatchNoCase ^larbin blockAccess
BrowserMatchNoCase ^LeechGet blockAccess
BrowserMatchNoCase ^LinkWalker blockAccess
BrowserMatchNoCase ^Lsearch blockAccess
BrowserMatchNoCase ^Microsoft blockAccess
BrowserMatchNoCase ^MJ12bot blockAccess
BrowserMatchNoCase MSIECrawler blockAccess
BrowserMatchNoCase ^MSRBOT blockAccess
BrowserMatchNoCase ^noxtrumbot blockAccess
BrowserMatchNoCase ^NutchCVS blockAccess
BrowserMatchNoCase ^RealDownload blockAccess
BrowserMatchNoCase ^Rome blockAccess
BrowserMatchNoCase ^Roverbot blockAccess
BrowserMatchNoCase ^schibstedsokbot blockAccess
BrowserMatchNoCase ^Seekbot blockAccess
BrowserMatchNoCase ^SiteSnagger blockAccess
BrowserMatchNoCase ^SiteSucker blockAccess
BrowserMatchNoCase ^Snapbot blockAccess
BrowserMatchNoCase ^sogou blockAccess
BrowserMatchNoCase ^SpiderKU blockAccess
BrowserMatchNoCase ^SpiderMan blockAccess
BrowserMatchNoCase ^Squid blockAccess
BrowserMatchNoCase ^Teleport blockAccess
BrowserMatchNoCase ^User-Agent\: blockAccess
BrowserMatchNoCase VoilaBot blockAccess
BrowserMatchNoCase ^voyager blockAccess
BrowserMatchNoCase ^W3C blockAccess
BrowserMatchNoCase ^w3search blockAccess
BrowserMatchNoCase ^Web\sDownloader blockAccess
BrowserMatchNoCase ^WebCopier blockAccess
BrowserMatchNoCase ^WebDevil blockAccess
BrowserMatchNoCase ^WebSec blockAccess
BrowserMatchNoCase ^WebVac blockAccess
BrowserMatchNoCase ^Webwhacker blockAccess
BrowserMatchNoCase ^Webzip blockAccess
BrowserMatchNoCase ^Wells blockAccess
BrowserMatchNoCase ^WhoWhere blockAccess
BrowserMatchNoCase www\.netforex\.org blockAccess
BrowserMatchNoCase ^WX_mail blockAccess
BrowserMatchNoCase ^yacybot blockAccess
BrowserMatchNoCase ^ZIBB blockAccess
BrowserMatchNoCase ^$ blockAccess


# The ScriptAlias defines the bin directory as a directory where CGI
# scripts are allowed.
# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/twiki/bin/view/...
# The second parameter must point to the physical path on your disc.
ScriptAlias /twiki/bin "/homel/twiki/bin"

# The Alias defines a url that points to the root of the twiki installation.
# It is used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.
Alias /twiki "/home/twiki"

# This specifies the options on the TWiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
<Directory "/home/twiki/bin">
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess

    Options ExecCGI FollowSymLinks
    SetHandler cgi-script

    # Password file for TWiki users
    AuthUserFile /home/twiki/data/.htpasswd
    AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
    AuthType Basic

    # File to return on access control error (e.g. wrong password)
    ErrorDocument 401 /twiki/bin/view/TWiki/TWikiRegistration

# Limit access to configure to specific IP addresses and or users.
# Make sure configure is not open to the general public.
# It exposes system details that can help attackers.
<FilesMatch "^(configure)$">
    SetHandler cgi-script
    Order Deny,Allow
    Allow from all
</FilesMatch>

</Directory>

# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by TWiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the  ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
<Directory "/home/twiki/pub">
    Options None
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess

    # Disable execusion of PHP scripts
    php_admin_flag engine off

    # This line will redefine the mime type for the most common types of scripts
    AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
#
#add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
# reducing the load on the server significantly
#IF you can, you should enable this - it _will_ improve your twiki experience, even if you set it to under one day.
# you may need to enable expires_module in your main apache config
#LoadModule expires_module libexec/httpd/mod_expires.so
#AddModule mod_expires.c
#<ifmodule mod_expires.c>
#  <filesmatch "\.(jpg|gif|png|css|js)$">
#       ExpiresActive on
#       ExpiresDefault "access plus 11 days"
#   </filesmatch>
#</ifmodule>
#

</Directory>

# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.
<Directory "/home/twiki/data">
    deny from all
</Directory>

<Directory "/home/twiki/templates">
    deny from all
</Directory>

<Directory "/home/twiki/lib">
    deny from all
</Directory>

<Directory "/home/twiki/locale">
    deny from all
</Directory>

<Directory "/home/twiki/tools">
    deny from all
</Directory>

<Directory "/home/twiki/working">
    deny from all
</Directory>

And thanks for the help Martin you can not believe how much I appreciate it!

-- JoshHoy - 30 Sep 2008

gosh sorry forgot about the tags my bad!

Show... Hide

Directory "/home/twiki/bin"
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess

    Options ExecCGI FollowSymLinks
    SetHandler cgi-script

    # Password file for TWiki users
    AuthUserFile /gece/publichtml/twiki/data/.htpasswd
    AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
    AuthType Basic

    # File to return on access control error (e.g. wrong password)
    ErrorDocument 401 /twiki/bin/view/TWiki/TWikiRegistration

# Limit access to configure to specific IP addresses and or users.
# Make sure configure is not open to the general public.
# It exposes system details that can help attackers.
FilesMatch "^(configure)$"
    SetHandler cgi-script
    Order Deny,Allow
    Allow from all
/FilesMatch

/Directory

# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by TWiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
Directory "/home/twiki/pub"
    Options None
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess

    # Disable execusion of PHP scripts
    php_admin_flag engine off

    # This line will redefine the mime type for the most common types of scripts
    AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
/Directory

# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.
Directory "/home/twiki/data"
    deny from all
/Directory

Directory "/home/twiki/templates"
    deny from all
/Directory

Directory "/home/twiki/lib"
    deny from all
/Directory

Directory "/home/twiki/locale"
    deny from all
/Directory

Directory "/home/twiki/tools"
    deny from all
/Directory

Directory "/home/twiki/working"
    deny from all
/Directory

-- JoshHoy - 30 Sep 2008

There is a typo in your twiki.conf file:

ScriptAlias /twiki/bin "/homel/twiki/bin"

-- MartinKaufmann - 30 Sep 2008

Oops that was a typo from copying it over sorry. Its actually /home/twiki/bin sorry about that.

-- JoshHoy - 30 Sep 2008

I can't see anything (obviously) wrong with your twiki.conf.

Could you also post lib/LocalSite.cfg? The first file you posted was actually bin/LocalLib.cfg.

-- MartinKaufmann - 30 Sep 2008

It seems that I can not find that file. Could that be something that is created when the configure script is ran or am I mistaken and if it is I do not have it then because I can not run the configure script.

-- JoshHoy - 30 Sep 2008

Right, sorry, of course this file is only created after the first configure run. My bad.

I'm running out of ideas right now. Hopefully, someone with more Apache know-how is going to pick it up soon.

-- MartinKaufmann - 30 Sep 2008

No worries and thank you greatly for your help. Its such an odd ball problem.

-- JoshHoy - 30 Sep 2008

Check out if CGI::Carp is installed. The configure script dies on any error during the initialization phase, and trusts CGI::Carp to capture that error and show it to the user.

You can also uncomment ]the following line in configure:

#$SIG{__DIE__} = sub { Carp::confess( $_[0] || '' ) };

-- RafaelAlvarez - 30 Sep 2008

Seems to be answered, closing this after more than 30 days of inactivity. Please feel free to re-open if needed.

-- PeterThoeny - 07 Nov 2008