I am setting up my project on centos os, i have installed my ssl certificates and updated my ssl.conf. My project is accessible using http://test.com but when i try to access https://test.com, i can see the site is secure, but it displays the default apache in page. This is despite the fact that i have specified the directory and document root in my 443 virtualhost. Is there a step or error i have, any advise or useful links will be appreciated.
My code looks like this :
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
DocumentRoot "/var/www/html/strategy"
ServerName test.com/
ServerAlias www.test.com
<Directory "/var/www/html/strategy">
RewriteEngine on
# if (HTTP_ACCESS.contains('text/html') && file_not_exists(REQUEST_FILENAME))
RewriteCond %{HTTP_ACCEPT} text/html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.html [last]
# Any ressources loaded by index.html should behave correctly (i.e: Return 404 if missing)
RewriteRule ^ - [last]
Options Indexes FollowSymLinks
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerAdmin info#stratex.com
ServerName www.test.com
DocumentRoot "/var/www/html/strategy"
<Directory "/var/www/html/strategy">
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine On
SSLCertificateFile /home/mydir/certificates/public-cert.pem
SSLCertificateKeyFile /home/mydir/certificates/priv-key.pem
</VirtualHost>
Since i had a ssl.conf file, i removed the conf file for port 443 from the httpd.conf file and i updated the virtual host with port 443 in the ssl.conf file with these details and my app works well.
<VirtualHost *:443>
ServerAdmin info#stratex.com
ServerName www.test.com
DocumentRoot "/var/www/html/strategy"
<Directory "/var/www/html/strategy">
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine On
SSLCertificateFile /home/mydir/certificates/public-cert.pem
SSLCertificateKeyFile /home/mydir/certificates/priv-key.pem
</VirtualHost>
Related
I have Apache (CentOS) server. If I place some audio file in my directory and run them in my browser then getting 403 forbidden error. The whole scenario is:
I have created a player in Adobe Captivate and published that into HTML and integrated into my Spring Boot application. It is working fine on my local machine but after pushing it to server. I am getting Forbidden Error when my player gets loaded and unable to load audio files (mp3) format.
Below is my configuration file:
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/player
<Directory /var/www/html/player>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Redirect / https://www.example.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://www.example.com$1 [R,L]
ErrorLog /var/log/httpd/eldtplayer-error-log
CustomLog /var/log/httpd/eldtplayer-acces-log common
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
SSLEngine on
SSLCertificateFile /home/cert/ecdl/ssl.cer
SSLCertificateKeyFile /home/cert/ecdl/private.key
SSLCertificateChainFile /home/cert/ecdl/caclient.cer
DocumentRoot /var/www/html/player
<Directory /var/www/html/player>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
RequestHeader set X-Forwarded-Proto "https"
</VirtualHost>
screenshot of the issue:
i have virtual host defined:
<VirtualHost *:80>
ServerName backend.application.lan
ServerAlias *.backend.application.lan
ServerAdmin mail#mail.com
DocumentRoot "/Users/me/DevOps/application.lan/backend/public"
<Directory "/Users/me/DevOps/application.lan/backend/public">
Options Indexes FollowSymLinks Includes execCGI
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
I need to redirect to this vhost from another vhost, with wildcard preserved:
<VirtualHost *:80>
ServerName backend.anotherapp.lan
ServerAlias *.backend.anotherapp.lan
RewriteEngine on
# To rewrite rule comes only part after TLD e.g. "/api/login"
RewriteRule ^(.*)$ NEED_WILDCARD_VALUE_HERE.backend.application.lan$1
</VirtualHost>
Is it possible?
Currently my server has 1 website running on https/ssl. The thing is when i enable a second vhost, also with https/ssl, the first website I have running is now using the ssl cert of the new website.
I have tried putting the two websites in a single vhost file, didn't work so I made 2 seperate files instead.
Here are my vhost config files:
(Naming them websiteZ and website Y because of alfabetical order they are in)
vhost current running website .conf
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteZ.nl
DocumentRoot "/var/www/html/websites/websiteZ.nl/public"
<Directory "/var/www/html/websites/websiteZ.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteZ.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteZ.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteZ.nl/cabundle.crt
</VirtualHost>
</IfModule>
new website with ssl .conf
<VirtualHost *:80>
ServerName websiteY.nl
ServerAlias www.websiteY.nl
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
RewriteRule ^(/(.*))?$ https://%{HTTP_HOST}/$1 [R=301,L]
DocumentRoot "/var/www/html/websites/websiteY.nl/public/"
<Directory "/var/www/html/websites/websiteY.nl/public/">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.websiteY.nl
DocumentRoot "/var/www/html/websites/websiteY.nl/public"
<Directory "/var/www/html/websites/websiteY.nl/public">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
SSLStrictSNIVHostCheck on
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/websiteY.nl/certificate.crt
SSLCertificateKeyFile /etc/apache2/ssl/websiteY.nl/certificate.key
SSLCertificateChainFile /etc/apache2/ssl/websiteY.nl/cabundle.crt
</VirtualHost>
</IfModule>
ports.conf
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
I looked up the SNI thing, but I think i'm missing something. The way I understand it is that I have to use NameVirtualHost to make it work.
The server is running on AWS ece2 with Ubuntu 16.04.2
The problem occors when i type in terminal:
a2ensite websiteY.conf
When I do that websiteZ will lose it's https cert and will show a big red cross wich says: NOT SECURE! When you click to proceed it links to websiteY
I am a little bit out of options, can someone help me out? Thanks!
When you enter www.websiteZ.nl without https, the request will first be caught by
<VirtualHost *:80>
ServerAlias *.websiteZ.nl
Redirect 301 / https://websiteZ.nl
</VirtualHost>
and therefore redirected to https://websiteZ.nl
Since none of your :443 Virtual Hosts has neither ServerName or ServerAlias configured with websiteZ.nl, then the one from alphabetically first .conf file will be used, which is in this case the one with websiteY cert.
In cakephp, I want to redirect localhost to app2 and client1.localhost to app1.
Instead both are redirecting to app1.
my httpd-vhost is defined as:
NameVirtualHost 127.0.0.1
<VirtualHost 127.0.0.1>
DocumentRoot "D:\wamp\www\cakephp\app2\webroot\
ServerName localhost
</VirtualHost>
<VirtualHost www.myhost>
DocumentRoot "D:\wamp\app1\webroot"
ServerName client1.localhost
ServerAlias client1.localhost
<Directory "D:\wamp\app1\webroot">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
At first glance there are a few weird things with your vhost config:
The first document root has no closing "
the virtualhost names should both be the same
your referring to the webroot, instead of the approot (there's also a .htacces in your approot)
I use CakePHP 2.x with wamp server with a configuration like this:
make sure the vhost file is uncommented in your apache configuration:
wamp/bin/apache/Apache[version]/conf/httpd.conf (or left click wamp->apache->httpd.conf)
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
Try this in wamp/bin/apache/Apache[version]/conf/extra/httpd-vhosts.conf
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
ServerName client1.localhost
DocumentRoot "D:\wamp\app1"
<Directory "D:\wamp\app1">
Options FollowSymLinks
AllowOverride All
Allow from all
</Directory>
DirectoryIndex index.html index.php
</VirtualHost>
<VirtualHost *:80>
ServerName dev.localhost
DocumentRoot "D:\wamp\www\cakephp\app2"
<Directory "D:\wamp\www\cakephp\app2">
Options FollowSymLinks
AllowOverride All
Allow from all
</Directory>
DirectoryIndex index.html index.php
</VirtualHost>
and put this in your hosts file (C:\windows\system32\drivers\etc)
127.0.0.1 localhost
127.0.0.1 dev.localhost
127.0.0.1 client1.localhost
Do a wamp restart all services.
App2 will be available on both localhost and dev.localhost
I have the following virtual hosts config:
listen 80
listen 443
servername "example.com"
serveradmin "email#example.com"
namevirtualhost *:80
namevirtualhost *:443
directoryindex index.html index.php
options -indexes -multiviews +followsymlinks
<directory /Volumes/dev1/http>
allowoverride all
</directory>
<virtualhost *:80 *:443>
servername example.com
serveralias www.example.com
documentroot "/Volumes/dev1/http/example"
rewriteengine on
SSLCertificateFile "/Volumes/dev1/ssl/_ssl-cert.crt"
SSLCertificateKeyFile "/Volumes/dev1/ssl/_ssl-privatekey.crt"
SSLCertificateChainFile "/Volumes/dev1/ssl/_ssl-csr.crt"
</virtualhost>
Of course example.com is just an ... example.
All is well if I access http://example.com, but if I try to access the HTTPS version I get
Safari can’t open the page “https://example.com/” because Safari
can’t establish a secure connection to the server “example.com”.
The _ssl* files are all in place and running httpd -t from Terminal returns Syntax OK.
What am I doing wrong? Thanks!
This what I'm using (only the vhosts section), omitting the FCGID, suexec and PHP specific parts:
<VirtualHost *:80>
ServerName example.com
DocumentRoot "/var/www/example.com/htdocs"
<Directory "/var/www/example.com/htdocs/">
Options -Indexes
AllowOverride All
Order allow,deny
Allow from All
</Directory>
ErrorLog "/var/www/example.com/error.log"
CustomLog "/var/www/example.com/access.log" combined
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
DocumentRoot "/var/www/example.com/htdocs"
<Directory "/var/www/example.com/htdocs/">
Options -Indexes
AllowOverride All
Order allow,deny
Allow from All
</Directory>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache/ssl/example.com.crt
SSLCertificateKeyFile /etc/apache/ssl/example.key
SSLCertificateChainFile /etc/apache/ssl/gd_bundle.crt
ErrorLog "/var/www/example.com/error.log"
CustomLog "/var/www/example.com/access.log" combined
</VirtualHost>