beporter

Thanks for the help! PHP highlighter implemented and deployed, as suggested. This is totally rhetorical, so hopefully this doesn't come across troll-ish, but as a (remember, rhetorical!) counter-question: "Why would anybody create a site with a million shared checkboxes?" It's the web! People doing that kind of weird stuff that not everybody 'gets' is a big part of why it exists in the first place. 🤷‍♂️

Sorry was that “why” directed at me? Happy to share my motivation for inquiring about the fgci handler name. I have three goals: Teaching moment. Seeing the configs (and finding them) is what got me the experience I have today. Radical transparency. The conventional wisdom is “you can’t share your .htaccess files! It’s a security risk!” But I challenge that as vestigial superstition. Simplicity. I listed a couple alternatives in my original post, but there’s lots of ways to accomplish the goal of “seeing the php source” (which has no security risks. There’s no database connection, no other files are accessed, etc.) All of which feel more unnecessary than (hopefully) a single .htaccess line.

Addition bookmarks so I can close the tabs: https://www.feistyduck.com/library/apache-security/online/apachesc-CHP-3.html https://serverfault.com/questions/1044315/syntax-of-apache-sethandler-directive-when-configuring-php-fpm

tldr; I'd like to add an `.htaccess` rule to rewrite `*.phps` URLs to their actual `.php` source document, but instruct FastCGI to syntax highlight and render the source file as HTML instead of interpreting it. Some due diligence: I searched the forums for: "phps" (Old thread from 2009 about bypassing apache/suPHP configs and highlighting via `RewriteRule /highlight.php?file=$1`.) "fastcgi" (Nothing obviously php/fastcgi/htaccess related.) "fcgi" (Nothing obviously php/fastcgi/htaccess related.) "handler" (There's an old thread about telling apache to process `.pro` files as PHP.) "htaccess" (Nothing obviously php/fastcgi/htaccess related.) etc. I searched the wiki. I've done loads of Google searches similar to the above, and read dozens of StackOverflow QAs. I've browsed the Plesk docs, but they don't get to the level of config file detail. I've tried adding a `SetHandler fcgid-script` (among many others) in my `.htaccess`. I've experimented with a bunch of stuff in my Heliohost Marty space. General info: Morty username: beporter Site: https://gravatar.redirect.channel PHP file URL: https://gravatar.redirect.channel/gravatarizer.php (On its own, configured to bounce invalid requests back to the homepage.) Desired .phps URL: https://gravatar.redirect.channel/gravatarizer.phps (should render html version of the source code for the `.php` version of the same filename.) I tried symlinking this in git, but: the Plesk logs say I can't use `<Directory>` which means I can't use `Options FollowSymlinks` either. According to the Plesk file browser, git doesn't push the symlink over SFTP, at least not with the Github Action I've been using. Example non-functional `.htaccess` rules: # Allow PHP source code to render as text for inspection AddType application/x-httpd-php-source .phps # RewriteRule ^(.+\.php)s$ $1 [H=application/x-httpd-php-source] # --or-- # RewriteRule ^(.+\.php)s$ $1 [H=php-script] # Allow examining .phps files. # <FilesMatch "\.phps$"> # SetHandler application/x-httpd-php-source # </FilesMatch> If this were `mod_php` in Apache, I suspect that first commented-out RewriteRule would have been sufficient. But since PHP files are passed through to FasgCGI, it seems like that Apache handler isn't recognized or responding. What I can't find is documentation on how Heliohost has named its PHP handlers. I found a support page about using the plesk cli tool, but obviously I can't run that myself. It's totally fine if this is outside the realm of possibility, but since this whole single-page-site is meant to be a learning experience, it'd be nice to get this working in the`.htaccess`, if possible. Thanks for your time!

Took me a bit to find the wiki post that explains how to do this. I actually ended up donating twice while experimenting. Morty account: beporter Paypal transactions: 1KA09153L5931683K ($50 usd) 6NC59405VV6590026 ($19 usd) If I did either of these wrong and they can’t be used for top up, that’s fine, y’all deserve the donations anyhow. Appreciate the service very much. Now I just need to get my scp issues finally sorted out on my end. 🤦‍♂️

Ugh! I've now tried multiple sftp clients (first was Panic's Transmit because it's just nice) and have very likely gotten blocked once again. 🤦‍♂️ I'm very sorry to keep popping up every couple weeks when I have time to test again. I can for sure log into my HelioHost account. I can for sure get into Plesk (when my IP isn't blocked). And I've for sure read the docs in an attempt to avoid bothering you fine folks. My plan for next time is: Follow the steps to reset the SFTP password: `Login > Continue to Plesk > Websites & Domains > [domain] > Connection Info > System user credentials > Click the 'edit icon' next to password` Attempt a command line connection: `sftp -i /dev/null sftp://beporter@morty.heliohost.org:1373/httpdocs` Go form there.

Is the failed connection attempt limit `3`, perhaps? I went back to my root heliohost username and sftp password, but my SFTP client (Panic's Transmit.app) kept trying to use an ssh key instead of the saved password. That required adding a block to my `~/.ssh/config`: Host morty.heliohost.org PasswordAuthentication yes PreferredAuthentications password IdentitiesOnly yes IdentityFile /dev/null But by the time I got that set, it was apparently too late again. 🤦‍♂️

Many thanks to both of you. 🙇‍♂️

Like others, I suspect my home (static) IP to be blocked from repeated attempts to figure out the correct SFTP connection details. Are additional plesk/domain user accounts with the "Upload/Manage Files" permission allowed to SFTP into the server? I'm trying to follow the principle of least privilege here and not use my root HelioHost account credentials in a GitHub Action to deploy the site.