I run a apache-httpd based pod in our Rancher(Kubernetes). This httpd serves some static html+javascript+css files. Further I placed a .htaccess file in the htdocs folder. This file controls how caching should be done. My index.html file must not be cached at all. Browsers should load this file every time and should not cache it. But js files (that are referenced in the index.html file) must be cached. I can do this, because each file name of .js files contains a hash. If the content of the .js file is changed the file name changes through compiling it.
Content of the .htaccess file:
<FilesMatch "\.(html)$">
FileETag None
<IfModule mod_headers.c>
Header unset ETag
Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "Wed, 12 Jan 1980 05:00:00 GMT"
</IfModule>
</FilesMatch>
<FilesMatch "\.(js|css)$">
FileETag None
<IfModule mod_headers.c>
ExpiresActive On
ExpiresDefault "access plus 2 weeks"
</IfModule>
</FilesMatch>
Now I have an Ingress that is placed before the Deployment (and the respective service):
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: gateway-ui
namespace: ui
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
rules:
- http:
paths:
- path: /ui(/|$)(.*)
backend:
serviceName: ui
servicePort: 80
Problem. If I start my httpd-docker iamge on my laptop the caching works great. But if the pod is deployed in Kubernetes, it seams that cache configuration of my httpd is ignored. I supect that Ingress somehow breaks the caching.
Question: What needs to be done that my Ingress uses "the same" caching configuration as done in my httpd deployment?
Related
How we can edit Apache config file in a Kubernetes environment?
Usually I do edit some security in the .conf for all the headers.
Exemple:
Content-Security-Policy
X-Frame-Options
X-Content-Type-Options
Referrer-Policy
Permissions-Policy
Thank you
I have an elastic beanstalk server running an Apache proxy on Amazon Linux 2. I want to set the cache-control header on my index.html file to public, max-age=0.
In order to update my Apache config I understand I can add a config file to .platform/httpd/conf.d. In my first attempt I created this file:
<FilesMatch "index\.html">
Header set Cache-Control "public, max-age=0"
</FilesMatch>
This did not work. Looking around I think this is because the directives I have used are intended for Apache's htaccess file or within a <VirtualHost> section of the conf file.
Any ideas how I can get this working? Note I found this answer had some useful information.
EDIT: I also tried this in a conf file (it didn't set any cache-control headers).
<IfModule mod_expires.c>
# Turn on the module.
ExpiresActive on
# Set the default expiry times.
ExpiresDefault "access plus 2 days"
ExpiresByType text/html "access plus 600 seconds"
</IfModule>
EDIT: I also tried switching to nginx. I added a file .platform/nginx/conf.d/cache.conf, with the following contents
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 2d;
add_header Cache-Control "public, no-transform";
}
After deployment and a server restart, no cache-control headers were set on the files specified.
Do the cache control directives need to specify if a query string is present in the http request for proper matching?
Currently using query strings for static asset versioning, and disabled Etags for those - but the directives are not taking effect whatsoever. Looking at the headers, Etags are still used and there is no cache-control defined. Gmatrix and Lighthouse both state that static assets have no cache control set.
Example file requested: app.js?v=1.3.5
Here is the .htaccess file, followed by the troubleshooting steps
<IfModule mod_headers.c>
# One month for media files and icons
<FilesMatch "\.(ogg|mp3|ico|jpg|jpeg|png|svg|webp|webmanifest|xml)\?.*$">
Header set Cache-Control "max-age=2592000, public"
Header unset ETag
FileETag None
</FilesMatch>
# One week for CSS/JS files except service worker file
<FilesMatch "^(?!sw).+\.(css|json|js)\?.*$">
Header set Cache-Control "max-age=604800, public"
Header unset ETag
FileETag None
</FilesMatch>
# No cache for HTML files (checks with server for changes else serves cache)
<FilesMatch "\.(html)$">
Header set Cache-Control "no-cache, must-revalidate"
</FilesMatch>
<FilesMatch "^(sw\.js)$">
Header set Cache-Control "no-cache, no-store, must-revalidate"
</FilesMatch>
</IfModule>
Troubleshooting steps
Directives don't seem to affect html pages either so assuming this may be a config or syntax issue.
Check syntax with validator: https://www.lyxx.com/freestuff/002.html
Ensure AllowOverride is set to All in /etc/apache2/sites-available/mysite.conf
Try setting AllowOverride to All in /etc/apache2/apache2.conf for /var/www/
Try adding the directives directly in /etc/apache2/sites-available/mysite.conf
Restart apache after changes: service apache2 restart
The mod_headers module was not activated!
Use apachectl -M to check for active modules (Debian/Ubuntu).
If headers module not listed:
Use a2enmod headers to activate the headers module.
Restart apache2 with service apache2 restart to implement changes.
At this point was able to test whether the query string needs to be added in the FilesMatch expression.
Turns out the query string needs to be omitted from the expression.
Use: \.(js)$
Don't use: \.(js)\?.*$
I'm using apacher web server to stre the static content (like images, css etc.) with my website. Below is my apache configurations set as below :
<IfModule mod_expires.c>
ExpiresActive on
<FilesMatch "\.(ico|jpg|jpeg|png|gif|js|css|swf|html)$">
ExpiresActive On
ExpiresDefault "access plus 30 minutes"
</FilesMatch>
</IfModule>
<IfModule mod_headers.c>
<FilesMatch ".+\.(ico|jpg|jpeg|png|gif|js|css|swf|html|woff)$">
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff
</FilesMatch>
</IfModule>
Please note that the same apache configuration is working in test region, but not working in prod region for same jpeg images.
The cache works well for woff,css, js,png files, but doesnt work for my few jpeg images which are loaded from specific folder for one of the website screen. Any idea why?
Thanks in advance.
In our application we have both gif and jpg images for the same set of images. I've both gif and jpg images in my local server. Hence I opened all the below gif images in MSPaint and stored it as .jpg.
Next_disabled.jpg
Next.jpg
Prev_disabled.jpg
Prev.jpg
Then I've deployed these images to apache where static content is present, followed by apache restart. Then the issue was resolved and the images are showing properly.
We have been having the problem where we get errors of the format.
Font from origin 'https://example.com' has been blocked from loading by
Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin'
header is present on the requested resource. Origin
'https://www.example.com' is therefore not allowed access.
We also get a "Redirect at origin" error.
We are using Drupal 7 and Cloudflare.
we have attempted to edit .htaccess to include
Header set Access-Control-Allow-Origin "https://example.com"
Header set Access-Control-Allow-Origin "https://www.example.com"
Tried quite a lot;
have purged cloudflare
restarted apache
tried wildcard "*"
Drupal CORS module
So far no joy.
As this approach is not working, I am wondering if something is being missed or if there is an alternate approach, such as why we are getting origin 'https://example.com' being in the request via Drupal and not 'https://www.example.com'.
Last note it that when I review some resources I see two distinct patterns.
If a resource has status of "301 Moved Permanently" in the request headers there is
Host www.example.com
Referer https://example.com/
Where the status is "304 Not Modified"
Host example.com
Referer https://example.com/
It's odd that there is any www at all; htaccess should be redirecting and it is absent from base_url.
I have experienced a very similar issue.
Be ensured that module headers is enabled
1 - To enable mod headers on Apache2 (httpd) you need to run this command:
sudo a2enmod headers
Then restart Apache
sudo service apache2 restart
2 - To allow Access-Control-Allow-Origin (CORS) authorization for specific origin domains for all files, add this in your .htaccess
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin https://example.org
Header set Access-Control-Allow-Origin https://example.com
Header set Access-Control-Allow-Origin https://example.eu
## SECURITY WARNING : never add following line when site is in production
## Header set Access-Control-Allow-Origin "*"
</IfModule>
2 - To allow Access-Control-Allow-Origin (CORS) authorization for specific origin domains and for fonts only in our example, use FilesMatch like in the following section in your .htaccess
<FilesMatch "\.(ttf|otf|eot|woff|woff2)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin https://example.org
Header set Access-Control-Allow-Origin https://example.com
Header set Access-Control-Allow-Origin https://example.eu
</IfModule>
</FilesMatch>
After making changes in .htaccess file, no need to restart your apache webserver