I have an embedded page (yyy.subdomain.com) that i call and share session from my web with subdomain(xxx.subdomain.com), but i need that the embedded page can be only accessed by my app and not by the url in a browser. this is my conf in my vhost of apache.
<VirtualHost 127.0.0.1:443 _default_:443>
ServerAlias yyy.subdomain.com
SSLEngine on
SSLCertificateFile "/opt/user/apache/conf/certs/server.crt"
SSLCertificateKeyFile "/opt/user/apache/conf/certs/server.key"
DocumentRoot /opt/bitnami/apache/htdocs/yyy
<Directory "/opt/bitnami/apache/htdocs/yyy">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Also I try to remove "Require all granted" and write "Require all denied" and then use Require host / ip but it didn't work
I found the solution in other way, i put a script in the header of the embedded page to redirect if is not embedded.
Related
I am hosting website iplocation.io on a cloud server. I found a domain https://chrissloey.com/index.php which opens my website within it.
Now from what I understand, chrissloey.com has pointed it A record to my server ip and my apache2 server is not denying connection to it and allow's to open iplocation.io website content like its own.
I want apache2 to deny connections to any other domain and only allow my own domain to server content.
Attached is apache conf file for iplocation.io
<VirtualHost *:80>
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
ServerName iplocation.io
ServerAlias www.iplocation.io
ErrorLog ${APACHE_LOG_DIR}/apache-error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName iplocation.io
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
SSLEngine on
SSLCertificateFile /path-to-csr
SSLCertificateKeyFile /path-to-key
SSLCertificateChainFile /path-to-ca
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule
Looking at the two comments I think the combination makes most sense:
Configure httpd to respond with redirect (301) to all incoming requests. This could be done on the 'root' host.
Configure a virtualhost listening to your domain only, and this one would serve your real content only.
This will work unless the other site requests your content and then integrates it into their responses. But as you said someone else simply put up a DNS A record.
I have a php web app running on a AWS EC2 instance with ubuntu. It's domain name comes however from 1&1 and is pointing to the AWS EC2 public IP.
I have a SSL certificate from 1&1 on this same domain name.
When running the web page on my browser in http everything works fine. But as soon as I run it with https it's there is constant load and the page never renders.
I guess the issue is caused by my apache configuration, but I don't know what needs to be changed to make the https working fine.
Here is my mydomain.com.conf :
<VirtualHost *:80>
ServerName www.mydomain.com
ServerAlias mydomain.com
DocumentRoot "/var/www/html/mydomain/"
ErrorLog ${APACHE_LOG_DIR}/error_mydomain.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
By looking on internet, I found out that a ssl key has to be added into the conf file, but since I'm using an ssl certificate from 1&1 I have no key or whatsoever.
Is there anyone who knows more about it ?
Thanks
Ok, so I know not many people will run into this same issue, but we never know...
It is impossible to do this without the /ssl/cert files indeed.
Unfortunately, the 1 SSL Certificate offered by 1&1 on the ultimate packs are only made for websites hosted on 1&1. I called them, and they don't want to give me the cert files because my webpage is hosted at AWS.
Thus, there is no other option then getting an other SSL certificate. I'll probably use letsencrypt for that.
You must have been provided with a cert and cert bundle from your CA vendor, and I am hoping you have kept the private key intact when creating the CSR for the bundle, your vhost should look something like this:
<VirtualHost *:80>
ServerName <mywebsite>
ServerAlias www.<mywebsite>
DocumentRoot /var/www/html/<mywebsitedocroot>
DirectoryIndex index.php index.html
<Directory /var/www/html/<mywebsitedocroot>>
#Options Indexes FollowSymLinks MultiViews
Options -Indexes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/<mywebsitedocroot>
DirectoryIndex index.php index.html
ServerName <mywebsite>
ServerAlias www.<mywebsite>
SSLEngine On
#SSLCertificateFile /etc/ssl/certs/<mycert>.crt
#SSLCertificateKeyFile /etc/ssl/certs/<mycert>.key
SSLCertificateFile /etc/ssl/certs/<mycert>_com.crt
SSLCertificateKeyFile /etc/ssl/certs/<mycert>_com.key
SSLCertificateChainFile /etc/ssl/certs/<mycert>_com.ca-bundle
<Directory /var/www/html/<mywebsitedocroot>>
#Options Indexes FollowSymLinks MultiViews
Options -Indexes
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
What is essential to understand is HTTPS listens on port 443, not 80 (it is for HTTP) and the most important section (considering your situation) is:
SSLCertificateFile /etc/ssl/certs/<mycert>_com.crt
SSLCertificateKeyFile /etc/ssl/certs/<mycert>_com.key
SSLCertificateChainFile /etc/ssl/certs/<mycert>_com.ca-bundle
You can ignore all the Options I have set or set it as per your need. I just grabbed the info from my website conf. Hope this helps
I want to host multiple websites on my computer. I'm using Windows with WAMP server. I already have domains and know how to map them to ip.
I have already edited httpd.conf file to allow virtual hosts.
My httpd-vhosts file looks like this,
<VirtualHost *:80>
DocumentRoot "C:/wamp64/www"
ServerName localhost
ServerAlias localhost
<Directory "C:/wamp64/www">
AllowOverride All
Require local
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:/wamp64/www/testcase"
ServerName test.mydomain.com
<Directory "C:/wamp64/www/testcase">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:/wamp64/www/test2"
ServerName test2.mydomain.com
<Directory "C:/wamp64/www/test2">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
The problem is that both my domains open only the first site in this VirtualHost tag.
Example: In this case, both my domains will open the WAMP server configuration page. If I were to move the "testcase" tag above the other, both my domains will open the "testcase" page.
Update:
My subdomains show corresponding pages successfully when I open them on the server. But when I open subdomains on another machine, they open the first entry in the VH.
Update 2: Okay, so this is just out of my understanding now. I thought may be WAMP is not my cup of tea. So I installed XAMPP and made changes to the VH configuration and still ended up with same problem. So I then got rid of XAMPP too and installed WAMPDeveloper Pro. What could go wrong when the software sets up all the configuration files for you, right? But to my surprise, I still have the same problem. The websites work fine when I open them (using actual domain name) on the server itself, but when I open them on machine outside network the first VH entry open for all the domains I open.
Can anyone please help me with this?
Thanks!
Using both Apache2.2 and Apache2.4 syntax gets Apache a litle confused.
So as I assume you are running Apache 2.4 change the VH defs to this
<VirtualHost *:80>
DocumentRoot "C:/wamp64/www/testcase"
ServerName test.mydomain.com
<Directory "C:/wamp64/www/testcase">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "C:/wamp64/www/test2"
ServerName test2.mydomain.com
<Directory "C:/wamp64/www/test2">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Why Apache opens the first site i.e. localhost in this case.
If Apache cannot make sense of a VH def, it ignores it and default to loading the first Virtual Host that was correctly defined in the httpd-vhosts.conf file.
Of course you will also need to amend your c:\windows\system32\driverrs\etc\hosts file to include these domain names
127.0.0.1 localhost
127.0.0.1 test.mydomain.com
127.0.0.1 test2.mydomain.com
::1 localhost
::1 test.mydomain.com
::1 test2.mydomain.com
I have a Windows XP system running XAMPP/Apache. I already have files on an external hard drive that I would like to serve up without moving them to the same drive as the Apache installation.
Here is what I've tried so far:
In the main HTTPD.conf file:
Alias /client_files D:/clients/files
<Directory D:/clients/files>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Allow,Deny
Allow from all
</Directory>
But the only result I got was :
Access forbidden!
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster.
Error 403
localhost
Apache/2.4.7 (Win32) OpenSSL/1.0.1e PHP/5.5.6
I also tried adding to the HTTPD-VHOSTS.conf file:
ServerName client_files
ServerAlias client_files
DocumentRoot "D:/clients/files"
And also:
<VirtualHost *:80>
ServerAdmin webmaster#dummy-host.example.com
DocumentRoot "D:/clients/files"
ServerName client_files
ServerAlias client_files
ErrorLog "logs/dummy-host.example.com-error.log"
CustomLog "logs/dummy-host.example.com-access.log" common
</VirtualHost>
But neither of these worked either. How in the world can I add another directory to an Apache installation and have it accesible via something like "localhost/client_files"?
Any suggestions?
UPDATE: [SOLVED]
As per #Pedro Nunes's answer below, I now have my httpd.conf file with this section at the end of the file and which includes the line "Require all granted" which Pedro answered with and which now solves the issue:
Alias /client_files D:/clients/files
<Directory D:/clients/files>
Require all granted
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Allow,Deny
Allow from all
</Directory>
Have you tried Require all granted inside the directory section?
This will grant access to all requests.
This guide explains exactly how I have it setup on my windows xampp machine. http://www.delanomaloney.com/2013/07/10/how-to-set-up-virtual-hosts-using-xampp/
remember to give an absolute documentroot path as well as adding the 127.0.0.1 servername line to hosts in C:/Windows/System32/drivers/etc/hosts
If on the server, we already setup/configured the SSL certificate, how could I make my websites using secure page? Just make the linke to https://example.com/etc.php?
Thanks!
Two things have to be in place.
You'll need to setup the ssl cert properly, which it sounds like you have
As the other commentator said, this will depend upon which webserver you're using. More likely than not, apache:
Apache:
You'll need to modify the apache settings to support the https version of your site. If you're using a modern installation of Apache2 with virtual hosts, usually there will be a "sites-available" directory where individual config files exists for each domain. For a domain that will have both http and https (80 and 443), you would do something like this, assuming apache is listening on 127.0.0.1 (this would not be the case for most apache installations, so be sure to change the ip). It also goes without saying that you need to change the paths and domain name in the following:
<VirtualHost 127.0.0.1:80>
ServerAdmin somebody#domain.com
ServerName somebody.com
ServerAlias www.somebody.com
DocumentRoot /home/somebody/www
<Directory "/home/somebody/www">
Options FollowSymLinks
AllowOverride All
Options -Indexes
</Directory>
ErrorLog /home/logs/somebody.error.log
CustomLog /home/logs/somebody.access.log combined
</VirtualHost>
<VirtualHost 127.0.0.1:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/something.crt
SSLCertificateKeyFile /etc/apache2/ssl/something.key
SSLCertificateChainFile /etc/apache2/ssl/gd_bundle.crt
ServerAdmin somebody#something.com
ServerName somebody.com
ServerAlias www.somebody.com
DocumentRoot /home/somebody/www
<Directory "/home/somebody/www">
Options FollowSymLinks
AllowOverride All
Options -Indexes
</Directory>
ErrorLog /home/logs/somebody.ssl.error.log
CustomLog /home/logs/somebody.ssl.access.log combined
</VirtualHost>
If you are using nginx, there is a similar dual block you'll need to have for :80 and :443. Look at the block you already have for 80 and consult their documentation:
http://nginx.org/en/docs/http/configuring_https_servers.html
You may also be using iis, in which case, here are the instructions for version 7:
How do I configure a site in IIS 7 for SSL?