Security problem at apache

hanpedro

I installed xampp 1.7.7 for windows on windows 7 x64.
Apache 2.2.21 MySQL 5.5.16 PHP 5.3.8 (VC9 X86 32bit thread safe) + PEAR

The problem is this.

When I log in php program at internet explorer with id and password, I can see white screen without error message.

1. But this php program works fine when I upload to linux server.
2. There is no error message at PHP logs directory.
3. I can log in "http://localhost:8080/phpmyadmin" and "http://test.codisk.com:8080/phpmyadmin".
4. At apache logs, there is no error message, but only one message at access.

192.168.0.1 - - [13/Jan/2012:09:59:26 +0900] "POST /bbs/login_check.php HTTP/1.1" 200 - "http://test.codisk.com:8080/"

5. php.ini

error_reporting = E_ALL | E_STRICT
display_errors = On 

6. httpd.conf

ServerRoot "D:/xampp/apache"
Listen 8080

LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_lock_module modules/mod_dav_lock.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule include_module modules/mod_include.so
LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule status_module modules/mod_status.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User daemon
Group daemon

</IfModule>
</IfModule>

ServerAdmin postmaster@localhost
ServerName localhost:8080
DocumentRoot "I:/_web"
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>
<Directory "I:/_web">
    Options Indexes FollowSymLinks Includes ExecCGI
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

<IfModule dir_module>
    DirectoryIndex index.php index.pl index.cgi index.asp index.shtml index.html index.htm \
                   default.php default.pl default.cgi default.asp default.shtml default.html default.htm \
                   home.php home.pl home.cgi home.asp home.shtml home.html home.htm
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog "logs/error.log"
LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

<IfModule logio_module>
  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access.log" combined
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/xampp/cgi-bin/"

</IfModule>

<IfModule cgid_module>
</IfModule>

<Directory "/xampp/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

DefaultType text/plain

<IfModule mime_module>
    TypesConfig "conf/mime.types"
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddHandler cgi-script .cgi .pl .asp
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>

<IfModule mime_magic_module>
    MIMEMagicFile "conf/magic"
</IfModule>

Include "conf/extra/httpd-xampp.conf"
Include "conf/extra/httpd-perl.conf"
Include "conf/extra/httpd-mpm.conf"
Include "conf/extra/httpd-multilang-errordoc.conf"
Include "conf/extra/httpd-autoindex.conf"
Include "conf/extra/httpd-languages.conf"
Include "conf/extra/httpd-userdir.conf"
Include "conf/extra/httpd-info.conf"
Include "conf/extra/httpd-vhosts.conf"

Include "conf/extra/httpd-proxy.conf"
Include "conf/extra/httpd-default.conf"
Include "conf/extra/httpd-ssl.conf"
<IfModule ssl_module>
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLSessionCache "shmcb:logs/ssl.scache(512000)"
    SSLSessionCacheTimeout 300
</IfModule>

<IfModule mod_proxy.c>
<IfModule mod_proxy_ajp.c>
Include "conf/extra/httpd-ajp.conf"
</IfModule>
</IfModule>

7. httpd-xampp

<IfModule env_module>
    SetEnv MIBDIRS "D:/xampp/php/extras/mibs"
    SetEnv MYSQL_HOME "\\xampp\\mysql\\bin"
    SetEnv OPENSSL_CONF "D:/xampp/apache/bin/openssl.cnf"
    SetEnv PHP_PEAR_SYSCONF_DIR "\\xampp\\php"
    SetEnv PHPRC "\\xampp\\php"
    SetEnv TMP "\\xampp\\tmp"
</IfModule>

#
# PHP-Module setup
#
LoadFile "D:/xampp/php/php5ts.dll"
LoadModule php5_module "D:/xampp/php/php5apache2_2.dll"

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

#
# PHP-CGI setup
#
#<FilesMatch "\.php$">
#    SetHandler application/x-httpd-php-cgi
#</FilesMatch>
#<IfModule actions_module>
#    Action application/x-httpd-php-cgi "/php-cgi/php-cgi.exe"
#</IfModule>


<IfModule php5_module>
    PHPINIDir "D:/xampp/php"
</IfModule>

<IfModule mime_module>
    AddType text/html .php .phps
</IfModule>

ScriptAlias /php-cgi/ "D:/xampp/php/"
<Directory "D:/xampp/php">
    AllowOverride None
    Options None
    Order deny,allow
    Deny from all
    <Files "php-cgi.exe">
        Allow from all
    </Files>
</Directory>

<Directory "D:/xampp/cgi-bin">
    <FilesMatch "\.php$">
        SetHandler cgi-script
    </FilesMatch>
    <FilesMatch "\.phps$">
        SetHandler None
    </FilesMatch>
</Directory>

<Directory "D:/xampp/htdocs/xampp">
    <IfModule php5_module>
    	<Files "status.php">
    		php_admin_flag safe_mode off
    	</Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

<IfModule alias_module>

Alias /xampp "i:/_web/xampp/"
<Directory "i:/_web/xampp/">
    <IfModule php5_module>
    	<Files "status.php">
    		php_admin_flag safe_mode off
    	</Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>

Alias /security "D:/xampp/security/htdocs/"
<Directory "D:/xampp/security/htdocs">
    <IfModule php5_module>
		<Files "xamppsecurity.php">
			php_admin_flag safe_mode off
		</Files>
    </IfModule>
    AllowOverride AuthConfig
   </Directory>

Alias /licenses "D:/xampp/licenses/"
<Directory "D:/xampp/licenses">
    Options +Indexes
    <IfModule autoindex_color_module>
        DirectoryIndexTextColor  "#000000"
        DirectoryIndexBGColor "#f8e8a0"
        DirectoryIndexLinkColor "#bb3902"
        DirectoryIndexVLinkColor "#bb3902"
        DirectoryIndexALinkColor "#bb3902"
    </IfModule>
   </Directory>

Alias /phpmyadmin "D:/xampp/phpMyAdmin/"
<Directory "D:/xampp/phpMyAdmin">
    AllowOverride AuthConfig
</Directory>

Alias /webalizer "D:/xampp/webalizer/"
<Directory "D:/xampp/webalizer">
    <IfModule php5_module>
		<Files "webalizer.php">
			php_admin_flag safe_mode off
		</Files>
    </IfModule>
    AllowOverride AuthConfig
</Directory>
</IfModule>

#
# New XAMPP security concept
#

# Close XAMPP security section here 
<LocationMatch "^/(?i:(?:security))">
    Order deny,allow
    Deny from all
    Allow from ::1 127.0.0.0/8 
    ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

# Close XAMPP sites here
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info|cgi-bin))">
    Order deny,allow
    Deny from all
        Allow from ::1 127.0.0.0/8 \
                fc00::/7 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
                fe80::/10 169.254.0.0/16

ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>

8. httpd-vhosts.conf

<VirtualHost *:8080>
ServerName  mytest.codisk.com
DocumentRoot I:/_web/mytest
ServerAlias www.mytest.codisk.com
ServerAlias m.mytest.codisk.com
ServerAdmin mytest@gmail.com
ErrorLog D:/xampp/Apache/logs/mytest.codisk.com_error.log
CustomLog D:/xampp/Apache/logs/mytest.codisk.com-access.log combined
</VirtualHost>

9. .htaccess at root directory

<IfModule mod_rewrite.c>
RewriteEngine On

RewriteCond %{REQUEST_URI}    !^/adm/?$ 
RewriteCond %{REQUEST_URI}    !^/login/?$
RewriteCond %{REQUEST_URI}    !^/m/?$

RewriteRule ^([a-zA-Z0-9_]+)$                   ./bbs_shorten.php?bo_table=$1
RewriteRule ^([a-zA-Z0-9_]+)/([0-9]+)$          ./bbs_shorten.php?bo_table=$1&wr_id=$2
RewriteRule ^([a-zA-Z0-9_]+)/([0-9]+)/([0-9]+)$ ./bbs_shorten.php?bo_table=$1&wr_id=$2&c=$3
</IfModule>

Please let me know how to resolve this problem.

Thanks in advance.