Re: Apache POST method not allowed

Rob Daniels · ‎02-23-2006

Hi,

I am very new to apache but it looks like I got it working on our HP-UX HP9000 B.11.11

I also created a very simple program accepting and displaying info in a html file.

I opened the html file, enter data and when I submit it, Apache tells me that the POST method is not allowed. In the html file I try to execute a script in which I run a program to accept and display info of the screen file.

Can anyone tell me how I can set the POST method to be allowed? Or, can anyone tell me where I can find the documentation for POST settings?

Thank you in advance.
Regards
Rob Daniels

Tomek Gryszkiewicz · ‎02-23-2006

Where are you posting you data? In other words: what is your ACTION in

Ralph Grothe · ‎02-23-2006

Hi Rob,

have a look at your
SERVER_ROOT/logs/error_log

What does it read.
You can also elevate the log level in httpd.conf to LogLevel debug and send the master httpd a SIGUSR1 (or better "apachectl graceful")

Do you happen to have a container in your httpd.conf file somewhere?

Or are you using mod_security together with a SecFilter or SecSelectiveFilter which prevents POSTs?

Madness, thy name is system administration

Ralph Grothe · ‎02-23-2006

As for the docs,
if you installed an HP-UX Apache depot your webserver already serves the full docs,
even with correct browser locale negotiation
because they defined a neat MatchAlias in the shipped httpd.conf

# grep '^AliasMatch ^/manual' httpd.conf
AliasMatch ^/manual(/ansicc)(/.*)?$ "htdocs/sw/manual$1$2"
AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|ru))?(/.*)?$ "/opt/hpws/apache/manual$1"

So all you need is to target your browser at
http://localhost/manual/

If you don't already have this comfort there is ample documentation for every nut and bolt under
http://httpd.apache.org/docs-project/

Madness, thy name is system administration

Rob Daniels · ‎02-23-2006

Thank you all.

Hi Tomik,
The script is at /samba_homes/www/pol/x0101
Because the default directory is /samba_homes/www I only defined the /pol/x0101 subdirectory/script.

Hi Ralph,

I can not find a SERVER_ROOT/logs/error_log file.

I have a limit POST in the httpd.conf but it is all comments:
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
#
# Order allow,deny
# Allow from all
#
#
# Order deny,allow
# Deny from all
#
#

I can not find any mod_security, SecFilter or SecSelectiveFilter in the httpd.conf

Thank you for pointing out where to find the documentation (and yes I knowâ ¦ I should read the manual firstâ ¦ bad habit, sorry).

Ralph Grothe · ‎02-23-2006

No, there is no SERVER_ROOT.
It just was meant as a generic placeholder for your real ServerRoot (viz. where your Apache installation resides, e.g. /opt/hpws/apache)

It has been a while since I last wrote CGIs but if I remember correctly shouldn't the Action attribute's value be a valid path to an executable?
From what you posted it looks as if you only point to the dirname but not the full path.
But I may be wrong.

Madness, thy name is system administration

Ralph Grothe · ‎02-23-2006

Silly question,
does your script at all reside in a directory that is either marked as your ScriptAlias or in a Directory container that has the ExecCGI option set within your httpd.conf?

Madness, thy name is system administration

Rob Daniels · ‎02-24-2006

Hi Ralph,

I have to get back to you next week because somehow I messed up things.

I changed the ScriptAlias and now I do not have any access to the apache server at all. I better get things back to get apache working again. I really have no idea what I did wrong.

I have version 1.3.19 and maybe I should get the latest version. Is it free to download?

Kind regards
Rob

Ralph Grothe · ‎02-24-2006

Apache is OpenSource, and thus the HP-UX port is freely available.
(if you have a general software support contract HP even offers support for their releases, I think)

I would strongly encourage you to download an Apache version from the HP software download sites if you plan to run it on an HP-UX box.
This is because they really did a good job packaging and adapting the Apache so that it fits in nicely with their OS and comes with almost everything you need to run an enterprise website.

Building an Apache suite with all the modules (e.g. mod_php, mod_ssl, mod_perl etc) and features that are state of the art today (or what your customers or web developers expect) from the sources is possible though but it can get quite involved.

With the HP depots you merely need to swinstall and mess a little about with the httpd.conf.
You even need not worry for a backup copy because the HP depots usually include a newconfig subdir tree that includes the officially delivered config files ;-)

You could try maybe this link for download
(but it doesn't look to me to be a valid URI but rather some loadballanced redirection, or session state)

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=OSRA-WS

Better go to http://software.hp.com/
(which will rewrite or map the URI) and search for apache.

Madness, thy name is system administration

Rob Daniels · ‎02-27-2006

Hi Ralph,

Thank you for your info.

I restore a previous version of the apache httpd.conf file and apache is up and running again. I have copied my script and program to the /opt/apache/cgi-bin/ directory and I do not get the method-not-allowed error. Looks good (I think).

However, I get an internal server error and the log file tells me:
[Mon Feb 27 14:02:10 2006] [error] (8)Exec format error: exec of /opt/apache/cgi-bin/x0101 failed
[Mon Feb 27 14:02:10 2006] [error] [client 192.168.45.4] Premature end of script headers: /opt/apache/cgi-bin/x0101

the x0101 script looks like:
export COBDIR=/opt/microfocus/cobol
export COBPATH=/opt/apache/cgi-bin
export PATH=$COBDIR/bin:$PATH
export LIBPATH=$COBDIR/lib:$LIBPATH
export PATH=.:$PATH
export EQ_DBSERVER=:eloqpol
/opt/apache/cgi-bin/cobrun/root/ppol0101

How can I debug what is wrong with my script?
Any idea what I do wrong?

Kind regards
Rob

Rob Daniels · ‎02-28-2006

Hi Ralph,

I started from scratch with the original installed apache version 1.3.19 on our hp9000. I copied a working demo Microfocus cobol program, compiled it and copied it (with the form) to the directories: /opt/apache/www/cgi-bin and /opt/apache/www/html

The default directory setting in the httpd.conf is /opt/apache/www

I do not have and limit POST settings and there are no mod_security, SecFilter and SecSelectiveFilter setting in the httpd.conf.

I restarded apache and selected the form /opt/apache/www/html/cgiform1.htm and it displays in my browser. When I submit the form, the program /opt/apache/www/cgi-bin/cgiprg1 (see POST ACTION in the form cgiform1.htm) should be executed. Then I get the message: Method Not Allowed, The request method POST is not allowed for the URL /www/cgi-bin/cgiprg1.

Would you please (!) be so kind to have a look at the httpd.conf file because right now I lost all tracks (concerning this issueâ ¦ lol).

The error_log file do not give any errors!?

I attached the formfile and the httpd.conf.

Thank you very much (!) if you could help me.

Kind regards
Rob

Rob Daniels · ‎03-01-2006

Hi Ralph,
I found the problem. I tried to excute a script without an extendion and there was no AddHandler setting. I changed the name of the script xprg1 to xprg1.cgi and added the AddHandler cgi. The script will execute!!

Now I get another error concerning setting the path in the script because I have to tell the program where to find specific libraries. For testing I tried to do an echo command but it results in ana exec format error or permission denied.

In the first xprg1.cgi example it tries to run a program cgiprg1 and tells me it can not find a shared library. This is a correct error. So I tried export or setting the library path in example 2 and then I get permission denied.

xprg1
#!/opt/apache/www/cgi-bin/cgiprg1

/opt/apache/logs/error_log
/usr/lib/dld.sl: Can't find path for shared library: libcobscreen.sl.2
/usr/lib/dld.sl: No such file or directory

xprg1
#!/opt/microfocus/cobol/lib
#!/opt/apache/www/cgi-bin/cgiprg1

/opt/apache/logs/error_log
[Thu Mar 2 11:57:02 2006] [error] (13)Permission denied: exec of /opt/apache/www/cgi-bin/xprg1.cgi failed
[Thu Mar 2 11:57:02 2006] [error] [client 192.168.45.4] Premature end of script headers: /opt/apache/www/cgi-bin/xprg1.cgi

How do I set my path variables? Where can I find examples? When I search the internet it is very hard to find anything about this.

I hope you can help me.

Kind regards
Rob

Ralph Grothe · ‎03-06-2006

As far as I remember you don't necessarily need to define an AddHandler.
There are several ways in Apache to enable the executaion of CGIs.
The most straight-forward whithout much ado is to declare a directory as ScriptAlias.
Then anything within this directory would be considered as CGI executable.
Another way of CGI enabling would be to add an ExecCGI Option within a Directory container.
Then you either have to SetHandler cgi-script
or AddHandler along with file extensions.
The Sethandler would function like the ScriptAlias within that directory whereas the AddHandler would work like a file match on extensions.
From a security point of view I would consider the ExecCGI and SetHandler to offer a finer grained control.

There's no need to search the Internet because the Apache docs are explicit enough, and it is all much better put there than I could repeat here.

http://httpd.apache.org/docs/2.0/en/howto/cgi.html

As for your problems with shared libs I would want to ask you if you are operating your webserver in a chroot jail?
Chrooting, especially with dynamic content can be quite tricky but there are plenty docs describing the necessary steps.
e.g.
http://penguin.triumf.ca/chroot.html

However, if you merely were serving static contents probably the easiest was to install mod_security and use its chroot facility

http://www.modsecurity.org/documentation/modsecurity-apache/stable/06-special_features.html#N108BE

Madness, thy name is system administration

Rob Daniels · ‎03-06-2006

Hi Ralph, Thank you very much for all your info. I will experiment with the ExecCGI and SetHandler in a later time because I want to see my test program running in the most simple way (with using additional libraries).

Executing a script directly on my server works fine but all exports and comments does not work when I try to execute thru apache. Somehow I need to tell apache or the script where to find the additional libraries.

I also created a test script which contains unix commands like ll , echo and comments and tried to excute this thru apache, but that does not work either.

I will get into the Chroot and mod_security information because this is very unknown for me.

I will let you know how I am doing.

Kind regards
Rob

Rob Daniels · ‎03-10-2006

Hi Ralph,

I used the passenv and now it works fine. I close this thread and thank you very (!) much for your help.

Kind regards
Rob

P.s. I opened a new thread, concerning visual hosts.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Apache POST method not allowed

Apache POST method not allowed