[users@httpd] Strange Apache behavior
We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24
vhosts, mostly small sites but also one large site. Some sites are
Drupal, some are Wordpress and some are handcoded going back to 1995.
Our structure generally is:
/home
/home/mysite-1/public_html/index.html
/home/mysite-2/public_html/index.html
/home/mysite-3/public_html/index.html
and so on...
We prefer this structure rather than the Debian norm /var/www
Here's the problem(s):
On all of the sites calls to mysite-1.com/index.html works properly.
Things also work with the cname www as that is explicitly defined as
ServerAlias www.mysite-1.com in the vhost file under sites-available.
So calls to www.mysite-1.com/index.html also work.
But when someone mistypes the URL, things go wrong.
For example, typing ww1.mysite-1.com takes us to the /home directory, up
two levels and displays a directory listing of everything under /home.
I made a quick fix by adding a dummy file at /home/index.html
Without that plug, a directory of all sites under /home displays,
allowing access to files above the public_html directory on all our sites.
But even with the /home/index.html file, one can just type a URL such as:
http://ww1.mysite-1.com/mysite-2/ and view anything in mysite-2
above public_html.
I probably could restrict directory access using .htaccess, but I'd
prefer to find the cause of the issue.
I spent some time simplifying the files under sites-available to
remove anything that might cause these errors. (hence my questions
yesterday about /share/doc and cgi-bin).
I considered that the problem might have been something in the
apache2.conf file. But I looked closely there and found nothing.
I suspect the problem is in the sites-available/default vhost file and
the symlink /sites-enabled/000-default and might have to do with our
changing the /var/www entry to /home.
Is the default file and 000-default symlink needed? If so, why is that?
But I could use some guidance on all this.
Here's a typical vhost file:
VirtualHost *:80
ServerAdmin webmaster@localhost
ServerName mysite-1.com
ServerAlias www.mysite-1.com
DocumentRoot /home/mysite-1/public_html/
Directory /
Options FollowSymLinks
AllowOverride None
/Directory
Directory /home/mysite-1/
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
/Directory
ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
# Possible values include: debug, info, notice, warn, error,
crit, alert, emerg.
LogLevel warn
/VirtualHost
and here is the default file:
VirtualHost *:80
ServerAdmin webmaster@localhost
DocumentRoot /home/
Directory /
Options FollowSymLinks
AllowOverride None
/Directory
Directory /home/
Options Indexes FollowSymLinks MultiViews
Allowoverride Indexes
Order allow,deny
allow from all
/Directory
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Directory /usr/lib/cgi-bin
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
/Directory
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ /usr/share/doc/
Directory /usr/share/doc/
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
/Directory
/VirtualHost
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] php-fpm and proxy , httpd 2.4.12
Apologies for the missing info. It is https by the way. Please see below: On 21 July 2015 at 00:48, Yehuda Katz yeh...@ymkatz.net wrote: You haven't shown a need for any proxy configuration at all Yes. If I have a single box with low traffic, I don't need a proxy config at all, right? Is this related to 1. presence of php-fpm processes? If so, do I turn them off? 2. the IfModule mod_proxy.c ... ProxyRequests On .../IfModule setting. If so, do I comment it out? and you did not include nearly enough configuration, plus you didn't say what wiki package you are running. mediawiki 1.25.1 How about posting more of your config, including the vhost and actual fpm or mod_php config? Here is a flattened httpd.conf with all the other relevant conf files included: Listen 0.0.0.0:80 ServerName myserver:80 UseCanonicalName Off DocumentRoot /var/www/html Alias /wiki/skins /usr/share/mediawiki/skins Alias /wiki /var/www/wiki Files .user.ini Require all denied /Files AddType text/html .php DirectoryIndex index.php IfModule mod_php5.c FilesMatch \.php$ SetHandler application/x-httpd-php /FilesMatch php_value session.save_handler files php_value session.save_path/var/lib/php/session php_value soap.wsdl_cache_dir /var/lib/php/wsdlcache /IfModule IfModule !mod_php5.c FilesMatch \.php$ SetHandler proxy:unix:/run/php-fpm/www.sock|fgci://localhost /FilesMatch /IfModule Listen 0.0.0.0:443 https VirtualHost _default_:443 DocumentRoot /var/www/html ServerName publichostname:443 SSLEngine on SSLProtocol all -SSLv2 /VirtualHost VirtualHost _default_:443 DocumentRoot /var/www/html ServerName lanlocalhostname:443 SSLEngine on SSLProtocol all -SSLv2 /VirtualHost These modules are also loaded, after the ones above: LoadModule ssl_module modules/mod_ssl.so IfModule mpm_worker_module LoadModule cgid_module modules/mod_cgid.so /IfModule IfModule mpm_event_module LoadModule cgid_module modules/mod_cgid.so /IfModule IfModule mpm_prefork_module LoadModule cgi_module modules/mod_cgi.so /IfModule IfModule prefork.c LoadModule php5_module modules/libphp5.so /IfModule IfModule !prefork.c LoadModule php5_module modules/libphp5-zts.so /IfModule Please advise any other conf I could add. On Jul 20, 2015 1:25 PM, MM finjulh...@gmail.com wrote: I get this error when I try to access my wiki AH01144: No protocol handler was valid for the URL /wiki/index.php. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 1. For some reason, my linux distribution somehow enabled php-fpm by default. My site has very little traffic, and I don't have performance requirements. 2. I have the following setting IfModule mod_proxy.c ProxyRequests On Proxy * Order deny,allow Deny from all Allow from IP /Proxy /IfModule Do I need this setting? 3.All these modules are loaded LoadModule proxy_module modules/mod_proxy.so LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so LoadModule proxy_ajp_module modules/mod_proxy_ajp.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_express_module modules/mod_proxy_express.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_scgi_module modules/mod_proxy_scgi.so and LoadModule xml2enc_module modules/mod_xml2enc.so LoadModule proxy_html_module modules/mod_proxy_html.so Are there any more modules to load?
Re: [users@httpd] Strange Apache behavior
Hello John,
The directory listing display is due to the Options Indexes directive.
- http://httpd.apache.org/docs/2.2/mod/core.html#options |
Indexes|
If a URL which maps to a directory is requested and there is no
|DirectoryIndex
http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex|
(/e.g./, |index.html|) in that directory, then |mod_autoindex
http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html| will
return a formatted listing of the directory.
Thanks,
Mike
On 7/21/2015 11:12 AM, John Fisher GM wrote:
We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24
vhosts, mostly small sites but also one large site. Some sites are
Drupal, some are Wordpress and some are handcoded going back to 1995.
Our structure generally is:
/home
/home/mysite-1/public_html/index.html
/home/mysite-2/public_html/index.html
/home/mysite-3/public_html/index.html
and so on...
We prefer this structure rather than the Debian norm /var/www
Here's the problem(s):
On all of the sites calls to mysite-1.com/index.html works properly.
Things also work with the cname www as that is explicitly defined as
ServerAlias www.mysite-1.com in the vhost file under
sites-available. So calls to www.mysite-1.com/index.html also work.
But when someone mistypes the URL, things go wrong.
For example, typing ww1.mysite-1.com takes us to the /home directory,
up two levels and displays a directory listing of everything under /home.
I made a quick fix by adding a dummy file at /home/index.html
Without that plug, a directory of all sites under /home displays,
allowing access to files above the public_html directory on all our
sites.
But even with the /home/index.html file, one can just type a URL such as:
http://ww1.mysite-1.com/mysite-2/ and view anything in
mysite-2 above public_html.
I probably could restrict directory access using .htaccess, but I'd
prefer to find the cause of the issue.
I spent some time simplifying the files under sites-available to
remove anything that might cause these errors. (hence my questions
yesterday about /share/doc and cgi-bin).
I considered that the problem might have been something in the
apache2.conf file. But I looked closely there and found nothing.
I suspect the problem is in the sites-available/default vhost file
and the symlink /sites-enabled/000-default and might have to do with
our changing the /var/www entry to /home.
Is the default file and 000-default symlink needed? If so, why is that?
But I could use some guidance on all this.
Here's a typical vhost file:
VirtualHost *:80
ServerAdmin webmaster@localhost
ServerName mysite-1.com
ServerAlias www.mysite-1.com
DocumentRoot /home/mysite-1/public_html/
Directory /
Options FollowSymLinks
AllowOverride None
/Directory
Directory /home/mysite-1/
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
/Directory
ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
# Possible values include: debug, info, notice, warn, error,
crit, alert, emerg.
LogLevel warn
/VirtualHost
and here is the default file:
VirtualHost *:80
ServerAdmin webmaster@localhost
DocumentRoot /home/
Directory /
Options FollowSymLinks
AllowOverride None
/Directory
Directory /home/
Options Indexes FollowSymLinks MultiViews
Allowoverride Indexes
Order allow,deny
allow from all
/Directory
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Directory /usr/lib/cgi-bin
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
/Directory
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error,
crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ /usr/share/doc/
Directory /usr/share/doc/
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
/Directory
/VirtualHost
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Re: Problem in chunked response
Maybe I was not clear in my question, so updating We have response which is routed via apache proxy. Our client needs complete chunk in response but extension(which begins with ;) in the response is chopped off by proxy. Is there any configuration available in apache which can be applied to send the chunk as it is to client. Thanks -- View this message in context: http://apache-http-server.18135.x6.nabble.com/Problem-in-chunked-response-tp5022879p5022898.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: Problem in chunked response
On Tue, Jul 21, 2015 at 10:31 AM, shailender shailender.khugs...@gmail.com wrote: Is there any configuration available in apache which can be applied to send the chunk as it is to client. mod_proxy won't forward chunk-extensions, and it is not required to (see [1]) since they are hop-by-hop specifications (per connection): [1] https://tools.ietf.org/html/rfc7230#section-4.1.1 : The chunked encoding is specific to each connection and is likely to be removed or recoded by each recipient (including intermediaries) before any higher-level application would have a chance to inspect the extensions. Hence, use of chunk extensions is generally limited to specialized HTTP services such as long polling (where client and server can have shared expectations regarding the use of chunk extensions) or for padding within an end-to-end secured connection. Regards, Yann. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
