I am relatively new to Apache and am having a problem where all virutal servers are being stopped when one of them has a problem. We had a problem which brought down our backend service (testing.my-domain-name.ch) for testing and caused a 502 error, and apache delivered that same error for our production facility (www.my-domain-name.ch), even though it was still running (verified by using a wget).
My httpd.conf file looks like:
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15
Listen 0.0.0.0:80
Include conf.modules.d/*.conf # Everything in conf.d is at default values
User apache
Group apache
ServerAdmin root#localhost
ServerName test.my-domain-name.ch:80
UseCanonicalName Off
#
<Directory />
Options FollowSymLinks
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
#
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf # Everything in conf.d is at default values
<VirtualHost *:80>
ServerName my-domain-name.ch
Redirect permanent / https://www.my-domain-name.ch/
</VirtualHost>
<VirtualHost *:80>
ServerName production.my-domain-name.ch
ServerAlias www.my-domain-name.ch
DocumentRoot /var/www/node/prod/production
SSLProxyEngine on
ProxyPass /account/ https://www.account-server.com/account/ retry=1
ProxyPassReverse /account/ https://www.account-server.com/account/
ProxyPass /oauth2/ https://www.account-server.com/oauth2/ retry=1
ProxyPassReverse /oauth2/ https://www.account-server.com/oauth2/
ProxyPass / http://localhost:3001/ retry=1 Keepalive=on
ProxyPassReverse / http://localhost:3001/
CustomLog logs/access_log_production "%v %h %l %u %t \"%r\" %>s %b production"
<Directory /var/www/node/prod/production>
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName test.my-domain-name.ch
DocumentRoot /var/www/node/test/testing
SSLProxyEngine on
ProxyPass /account/ https://www.account-server.com/account/ retry=1
ProxyPassReverse /account/ https://www.account-server.com/account/
ProxyPass /oauth2/ https://www.account-server.com/oauth2/ retry=1
ProxyPassReverse /oauth2/ https://www.account-server.com/oauth2/
ProxyPass / http://localhost:3000/ retry=1 Keepalive=on
ProxyPassReverse / http://localhost:3000/
CustomLog logs/access_log_staging "%v %h %l %u %t \"%r\" %>s %b staging"
<Directory /var/www/node/test/testing>
AllowOverride All
</Directory>
</VirtualHost>
The error message that I am getting is:
[Mon Sep 07 11:47:35.784583 2020] [proxy_http:error] [pid 46205] [client 10.19.65.68:44942] AH01114: HTTP: failed to make connection to backend: localhost
[Mon Sep 07 11:47:46.049988 2020] [proxy:error] [pid 46206] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:3000 (localhost) failed
Can anybod help me understand how to configure things where when one virtual host goes down, it doesn't bring down the others?
Many thanks in advance.
Nic3500 - thank you for your answer:
You cannot, as long as you have all the configuration in the same files, running under the same process. If you want to have a test setup, it should be under a separate Apache configuration. You can run two instances with different configurations on the same machine, as long as you do not use the same port for both. Or setup a VM into which you can put your test configuration (or docker, or ...). You could run apache -t to check your configuration before restarting it.
Related
My subdomain return me to https when I logout from my drupal website
I have tried to disable ssl and restart apache2 but not working
I have tried also to modify .htaccess file but always KO
and this only happened with this subdomain , All others domains works fine
my subdomain conf file
<VirtualHost sub.domain.fr:80>
ServerAdmin webmaster#mydomain.fr
DocumentRoot /home/ubuntu/mydomain/public_html/app2.mydomain.fr
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory "/home/ubuntu/mydomain/public_html/app2.mydomain.fr">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
apache2.conf file
DefaultRuntimeDir ${APACHE_RUN_DIR}
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order deny,allow
Require all granted
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
Include sites-enabled/
ports.conf file
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 80
Listen 8080
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
First of all, change your vhost config to:
<VirtualHost *:80>
ServerName sub.domain.fr
then make sure the redirect doesn't happen just because of your browser cache: always use and anonymous window or, even better, simulate the navigation using curl so you don't use any kind of cached response.
I have two virtual hosts on a VPS running Ubuntu 18.04 and Apache 2.4.29.
I'll refer to them as "project" and "project2"
I installed an SSL certificate for "project" with LetsEncrypt.
After doing so, I've found that it ignores all RewriteRules for that domain. I entered a very simple RewriteRule (without a condition) to just redirect to example.com:
RewriteEngine on
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
I've tried entering it into the host configuration file for "project", as well as into the .htaccess file. In both cases, it has no effect.
I've confirmed that the .htaccess file is being read, because if I deliberately put some garbage into it, I get a 500 error.
phpinfo() confirms that mod_rewrite is loaded, and if I run a2enmod rewrite, it returns a message that "Module rewrite already enabled."
I've confirmed that the behavior is confined only to the virtual host for the "project" domain. I have the exact same RewriteRule in the .htaccess file for the "project2" domain, and this RewriteRule is executed. The only difference seems to be that I have not installed an SSL certificate for the "project2" domain.
I've checked the Apache error logs and I can't find anything that shines any light on this.
One other unexpected behavior that I think may be related is that I cannot navigate to http://project.com. It always forces me to https://project.com. I can't find where this originates.
Below are the pertinent files for "project" with commented stuff removed for easier reading.
project.conf (/etc/apache2/sites-available/project.conf)
<VirtualHost *:80>
ServerAdmin webmaster#project.com
ServerName project.com
ServerAlias www.project.com
DocumentRoot /var/www/html/project/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<Directory /var/www/html/project/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
project-le-ssl.conf (/etc/apache2/sites-available/project-le-ssl.conf)
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#project.com
ServerName project.com
ServerAlias www.project.com
DocumentRoot /var/www/html/project/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/project.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/project.com/privkey.pem
</VirtualHost>
</IfModule>
apache2.conf (/etc/apache2/apache2.conf)
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
Include /etc/phpmyadmin/apache.conf
.htaccess (/var/www/html/project/.htaccess) (the identical .htaccess file for "project2" is at /var/www/html/project2/.htaccess)
RewriteEngine on
RewriteRule ^(.*)$ http://example.com/$1 [L,R=301]
Header set X-Robots-Tag "noindex, nofollow"
options-ssl-apache.conf (/etc/letsencrypt/options-ssl-apache.conf)
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECD$
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
ErrorLog /var/log/apache2/error.log
Those are the only files I'm aware of that bear on the subject, though I imagine there are other that I'm not aware of.
Does anyone have any ideas as to what is causing the RewriteRule for "project" to be ignored? And of secondary importance, does anyone know where the instructions are that won't allow me to navigate http://project.com after installing the SSL certificate?
I have an Apache httpd server (2.4.6) running on Centos, serving several Name-based virtual hosts. The fqdn / hostname of the server should be serving no content, but it redirects to one of the Name-based virtual hosts and I don't understand why, or how to stop it.
In the configs below, a request to http://host.mydomain.org/ is redirected to http://www.customer.co.uk/.
Any ideas as to why, and the right way to stop it appretiated.
My httpd.conf is:
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root#xxx.org
ServerName host.mydomain.org:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all denied
</Directory>
<Directory "/var/www/html">
Options None
AllowOverride None
Require all denied
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all denied
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset ISO-8859-1
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
TraceEnable Off
ServerTokens Prod
IncludeOptional conf.d/*.conf
An example virtual host is:
<VirtualHost *:80>
DocumentRoot /home/xxx/customer/docs
ServerName www.customer.co.uk
ErrorLog /home/xxx/customer/logs/error_log
CustomLog /home/xxx/customer/logs/access_log combined
<Directory /home/xxx/customer/docs>
AllowOverride None
Options None
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName customer.co.uk
Redirect permanent / http://www.customer.co.uk/
</VirtualHost>
<VirtualHost *:80>
ServerName www.customer.mydomain.org
Redirect permanent / http://www.customer.co.uk/
</VirtualHost>
Thanks very much
Kevin
The first VirtualHost in the configuration file has the highest priority and can be seen as the default or primary server. That means that if a request is received that does not match one of the specified ServerName or ServerAlias directives, it will be served by this first <VirtualHost>.
You can prevent this by adding this (for example) as the first VirtualHost:
<VirtualHost *:80>
ServerName default
RewriteEngine On
RewriteRule ^ - [F]
</VirtualHost>
I'm using the following configuration of httpd.conf in my CentOs 7 Apache server to run "site1":
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root#localhost
ServerName locahost:80
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html/site1"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<Directory "/var/www/html/site1">
Options FollowSymLinks
AllowOverride all
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
When I access "http://localhost", site1 and its subpages/subfolders work correctly.
I want now to be able to display a second website: when accessing "http://localhost/site2", I want to display the content of a file "test.html" saved under "/test"; how should I edit the httpd.conf to make it work?
that's not a different site, it is a different directory. A different site would involve a different hostname.
Since you already have DocumentRoot "/var/www/html/site1 and you don't seem to want to create a new virtualhost you can point to a new/different directory with Alias
Also you just want site2 to load test.html under /test/ If I understood correctly when visited, just add the proper DirectoryIndex directive to it.
Here it is:
Alias /site2 /var/www/html/site2
<Directory /var/www/html/site2>
DirectoryIndex /test/test.html
</Directory>
For this to work you need these two modules:
mod_alias
mod_dir (but you may already have this one as you are already using DirectoryIndex directive)
You could also mkdir site2 under site1 but, this may look cleaner.
I am trying to configure multiple virtual hosts on a new Ubuntu 13.10 installation as a development server. It only needs to serve to itself.
Apache Server version: Apache/2.4.6 (Ubuntu)
I've read http://httpd.apache.org/docs/2.4/vhosts/name-based.html
https://help.ubuntu.com/13.04/serverguide/httpd.html and many other sites trying to figure this out.
http://localhost is working but http://ncacaa.local is NOT FOUND. What am I missing???
ping http://nacaa.local returns ping: unknown host http://ncacaa.local
Here is the content of the /etc/apache2/sites-available/ncacaa.conf
<VirtualHost *:80>
DocumentRoot "/var/www/vhosts/htdocs-ncacaa"
ServerName ncacaa.local
ErrorLog "/var/log/apache2/ncacaa.localhost-error.log"
<Directory "/var/www/vhosts/htdocs-ncacaa">
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
There is a symbolic link to it in the sites-enabled directory created by a2ensite
Here is what is not commented out in the 000-default.conf file:
<VirtualHost *:80>
ServerAdmin john#***.com
DocumentRoot /var/www
<Directory "/var/www">
AllowOverride FileInfo
Options Indexes FollowSymLinks
Order allow,deny
Allow from all
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Here is what is not commented out in the apache.conf file:
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
LogLevel warn
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*
ServerName localhost:80
Thanks in advance!
There will also need to be a line in the config to turn on virtual hosting:
NameVirtualHost *:80
Though the error "ping http://nacaa.local returns ping: unknown host http://ncacaa.local" means your dns is not resolving. You need to add to /etc/hosts or set up dns.