I'm setting up a new example and putting it on a virtual host Apache server (Ubuntu 18.04). I'm having some issues with the Apache configuration because I'm not too familiar with them.
http://example.com, http://www.example.com, https://www.example.com all serve the correct website in its document root.
However, https://example.com serves the document root from main-example.org.
I have also installed an SSL certificate recently and been told to use port 443? It still comes up as "Connection not sure" so I was wondering if this were the case?
Here is the config file in apache2/sites-available:
<VirtualHost *:80>
ServerName main-example.org
ServerAlias www.main-example.org
ServerAdmin it#main-example.org
DocumentRoot /var/www/main-example/build
ErrorLog /var/www/main-example/error_test.log
CustomLog /var/www/main-example/access_test.log combined
<Directory "/var/www/main-example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin it#example.com
DocumentRoot /var/www/example
ErrorLog ${APACHE_LOG_DIR}/error_test.log
CustomLog ${APACHE_LOG_DIR}/access_test.log combined
<Directory "/var/www/example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =main-example.org [OR]
RewriteCond %{SERVER_NAME} =www.main-example.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Thanks for your help!
http:// has a default port 80
https:// has a default port 443
Since https uses encryption, if you just put the encryption on 80, all the clients that cannot talk securely will be unable to access yous site (and you'd have to write https://www.example.com:80)
So you have to do something like this:
<VirtualHost *:80>
ServerName main-example.org
ServerAlias www.main-example.org
ServerAdmin it#main-example.org
DocumentRoot /var/www/main-example/build
ErrorLog /var/www/main-example/error_test.log
CustomLog /var/www/main-example/access_test.log combined
<Directory "/var/www/main-example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAdmin it#example.com
DocumentRoot /var/www/example
ErrorLog ${APACHE_LOG_DIR}/error_test.log
CustomLog ${APACHE_LOG_DIR}/access_test.log combined
<Directory "/var/www/example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =main-example.org [OR]
RewriteCond %{SERVER_NAME} =www.main-example.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerName main-example.org
ServerAlias www.main-example.org
ServerAdmin it#main-example.org
DocumentRoot /var/www/main-example/build
ErrorLog /var/www/main-example/error_test.log
CustomLog /var/www/main-example/access_test.log combined
<Directory "/var/www/main-example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
#SSLCipherSuite HIGH
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLProtocol all -SSLv2
SSLCertificateFile "/path/to/ssl.crt"
SSLCertificateKeyFile "/path/to/ssl.k
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin it#example.com
DocumentRoot /var/www/example
ErrorLog ${APACHE_LOG_DIR}/error_test.log
CustomLog ${APACHE_LOG_DIR}/access_test.log combined
<Directory "/var/www/example">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
#SSLCipherSuite HIGH
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLProtocol all -SSLv2
SSLCertificateFile "/path/to/ssl.crt"
SSLCertificateKeyFile "/path/to/ssl.key"
</VirtualHost>
essentially this means that you are serving he same folder twice. there may be some optimizations to be found.
For more protocols and their standard port numbers see https://opensource.com/article/18/10/common-network-ports or https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Related
i have virtual host defined:
<VirtualHost *:80>
ServerName backend.application.lan
ServerAlias *.backend.application.lan
ServerAdmin mail#mail.com
DocumentRoot "/Users/me/DevOps/application.lan/backend/public"
<Directory "/Users/me/DevOps/application.lan/backend/public">
Options Indexes FollowSymLinks Includes execCGI
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
I need to redirect to this vhost from another vhost, with wildcard preserved:
<VirtualHost *:80>
ServerName backend.anotherapp.lan
ServerAlias *.backend.anotherapp.lan
RewriteEngine on
# To rewrite rule comes only part after TLD e.g. "/api/login"
RewriteRule ^(.*)$ NEED_WILDCARD_VALUE_HERE.backend.application.lan$1
</VirtualHost>
Is it possible?
I am setting up my project on centos os, i have installed my ssl certificates and updated my ssl.conf. My project is accessible using http://test.com but when i try to access https://test.com, i can see the site is secure, but it displays the default apache in page. This is despite the fact that i have specified the directory and document root in my 443 virtualhost. Is there a step or error i have, any advise or useful links will be appreciated.
My code looks like this :
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
DocumentRoot "/var/www/html/strategy"
ServerName test.com/
ServerAlias www.test.com
<Directory "/var/www/html/strategy">
RewriteEngine on
# if (HTTP_ACCESS.contains('text/html') && file_not_exists(REQUEST_FILENAME))
RewriteCond %{HTTP_ACCEPT} text/html
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.html [last]
# Any ressources loaded by index.html should behave correctly (i.e: Return 404 if missing)
RewriteRule ^ - [last]
Options Indexes FollowSymLinks
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerAdmin info#stratex.com
ServerName www.test.com
DocumentRoot "/var/www/html/strategy"
<Directory "/var/www/html/strategy">
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine On
SSLCertificateFile /home/mydir/certificates/public-cert.pem
SSLCertificateKeyFile /home/mydir/certificates/priv-key.pem
</VirtualHost>
Since i had a ssl.conf file, i removed the conf file for port 443 from the httpd.conf file and i updated the virtual host with port 443 in the ssl.conf file with these details and my app works well.
<VirtualHost *:443>
ServerAdmin info#stratex.com
ServerName www.test.com
DocumentRoot "/var/www/html/strategy"
<Directory "/var/www/html/strategy">
DirectoryIndex index.html
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
SSLEngine On
SSLCertificateFile /home/mydir/certificates/public-cert.pem
SSLCertificateKeyFile /home/mydir/certificates/priv-key.pem
</VirtualHost>
Following this answer I used the following conf in my virtual host for certbot to install certificate as WSGIProcessGroup duplicate error showed. But after certbot successful installation, my directory was open to browsing with the index of at the top.
What is wrong with the conf?
WSGIApplicationGroup %{GLOBAL}
<VirtualHost *:80>
ServerAdmin name#example.com
ServerName myproject.example.com
DocumentRoot /var/www/myproject.example.com/myproject/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/myproject.example.com/myproject/myproject>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
Alias /static /var/www/myproject.example.com/myproject/static
<Directory /var/www/myproject.example.com/myproject/static>
Require all granted
</Directory>
WSGIDaemonProcess myproject python-home=/var/www/myproject.example.com/venv python-path=/var/www/myproject.example.com/myproject
WSGIProcessGroup myproject
WSGIScriptAlias / /var/www/myproject.example.com/myproject/myproject/wsgi.py
RewriteEngine on
RewriteCond %{SERVER_NAME} =myproject.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin name#example.com
ServerName myproject.example.com
DocumentRoot /var/www/myproject.example.com/myproject/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/myproject.example.com/myproject/myproject>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
Alias /static /var/www/myproject.example.com/myproject/static
<Directory /var/www/myproject.example.com/myproject/static>
Require all granted
</Directory>
WSGIProcessGroup myproject
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/myproject.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/myproject.example.com/privkey.pem
</VirtualHost>
I have a beta wordpress site (beta.domain.co.uk) I would like to redirect to (domain.co.uk).
I have a .conf file for each site pointing to its folder with the wordpress files.
I have tried just renaming the folders but I get a 404 error.
How can I point the beta site to my main site?
main site conf :
<VirtualHost *:80>
ServerName www.domain.co.uk
DocumentRoot /var/www/domain.co.uk
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.co.uk/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName domain.co.uk
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.co.uk
RewriteRule ^/(.*)$ http://www.domain.co.uk/$1 [L,R=301]
</VirtualHost>
beta site conf:
<VirtualHost *:80>
ServerName beta.domain.co.uk
DocumentRoot /var/www/beta.domain.co.uk
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/beta.domain.co.uk/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
Use the following rewrite rules, make sure you put it inside the beta site conf, inside virtualhost.
RewriteEngine On
RewriteCond %{HTTP_HOST} ^beta\.domain\.co\.uk$
RewriteRule ^(.*)$ http://domain.co.uk/$1 [R=301,L]
I have 2 domains which I have separately configured in 2 vhosts files. I need one of this domains to permanently redirect to the second one. Before reloading apache, I've run 'configtest' and I got "Syntax Ok". However apparently I got a redirect loop. Btw, the website is a drupal installation, not sure how much does this count.
Here's my 2 conf files.
[root#prod ~]# cat meh-1_com.conf
<VirtualHost *:80>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName meh-1.com
ServerAlias www.meh-1.com
DocumentRoot /var/www/html/meh1/
<Directory /var/www/html/meh1/>
Options +FollowSymLinks Indexes
AllowOverride All
order allow,deny
allow from all
</Directory>
RewriteEngine On
RewriteOptions inherit
CustomLog /var/log/httpd/meh1.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl/meh1_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/meh1_com.key
SSLCertificateChainFile /etc/httpd/ssl/meh1_com.ca-bundle.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>
[root#prod ~]# cat meh-2_com.conf
<VirtualHost *:80>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / http://meh-1.com
</VirtualHost>
<VirtualHost *:443>
ServerName meh-2.com
ServerAlias www.meh-2.com
Redirect permanent / https://meh-1.com
</VirtualHost>