Incorrect SSL-configuration for BookStack - apache

after trying unsuccessfully to set up BookStack with nginx, I switched to Apache.
However, I have similar difficulties setting up the subfolder.
BookStack should be available at https://domain.name/bookstack.
The location of BookStack is /var/www/bookstack/... .
I have also added the domain in the .env.
I just figured out, that the configuration for HTTP works like expected.
<VirtualHost *:80>
ServerName domain.name
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# BookStack Configuration
Alias "/bookstack" "/var/www/bookstack/public"
<Directory "/var/www/bookstack/public">
Options FollowSymlinks
AllowOverride none
Require all granted
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</Directory>
<Directory "/var/www/bookstack">
AllowOverride None
Require all denied
</Directory>
# End BookStack Configuration
</VirtualHost>
But when I put in the config for HTTPS (I created a certificate with certbot/letsencrypt), I get the login page without styles. As I log in, it takes me to HTTP-domain with error 404 Not found.
Here's my current SSL config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName domainname
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# BookStack Configuration
Alias "/bookstack" "/var/www/bookstack/public"
<Directory "/var/www/bookstack/public">
Options FollowSymlinks
AllowOverride none
Require all granted
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</Directory>
<Directory "/var/www/bookstack">
AllowOverride None
Require all denied
</Directory>
# End BookStack Configuration
SSLEngine on
SSLCertificateFile /path/to/certificate/file
SSLCertificateKeyFile /path/to/certificate/key/file
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
I don't get the problem with this.

Related

Vuejs App still get 404 page after edit .htaccess

I have a Vuejs App deployed at apache2 server in digitalocean , when you hit the url it forwards you to login page which is working fine and then automatic navigate me to dashboard page that have cards when I click on one of cards I get 404 page even after I edit my .htaccess file in dist
NOTE the card route is domain.com/build
I tried .htaccess configuration from docs
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.html$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.html [L]
</IfModule>
and here is my virtual host configuration
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin email
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/domain.com/public_html/app/dist
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass /api/ http://localhost:8000/
ProxyPassReverse /api/ http://localhost:8000/
RewriteEngine on
# Some rewrite rules in this file were disabled on your HTTPS site,
# because they have the potential to create redirection loops.
#RewriteCond %{SERVER_NAME} =domain.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
SSLCertificateFile /etc/letsencrypt/live/domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Nothing wrong with virtual host file, the problem was in apache2.conf file in /etc/apache2. what I need is to change this part from
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
to :
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
you need to change the AllowOverride attribute.

How to domain redirect in apache?

I'm trying to redirect domain-a to domain-b. So when the user types in domain-a, it will lead them to domain-b. I tried using an HTACCESS file and I'm not having any luck. So here is what I put in the server config file.
<VirtualHost *:80>
ServerAdmin support#domain-b.com
ServerName domain-a.com
ServerAlias www.domain-a.com
DocumentRoot /var/www/domain-a.com/public_html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
# Testing the rewrite
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain-a\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domain-a\.com$
RewriteRule ^/?$ "http\:\/\/domain-b.com\.com\/" [R=301,L]
</VirtualHost>

How can i set htaccess file for virtual host?

I created a virtual host with this code :
<VirtualHost *:80>
ServerAdmin admin#127.0.0.1
ServerName site.ws
ServerAlias www.site.ws
DocumentRoot /home/me/Projects/website/build
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/me/Projects/website/build>
Allow from all
Satisfy any
</Directory>
</VirtualHost>
and I created a .htaccess file in my /build directory with this code :
RewriteEngine On
RewriteRule ^(.*)$ $1.html [R,NC]
Consider my mod_rewrite is active in apache2, but I can't open pages with /filename
e.g site.ws/about
It shows error :
The requested URL /about was not found on this server.
I try this with Apache2 2.4.27 in win:
First enable vhost in httpd.conf file.
vhost:
<VirtualHost *:80>
ServerName site.ws
DocumentRoot /home/me/Projects/website/build
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/me/Projects/website/build>
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
.htaccess:
###START MOD_REWRITE
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#REMOVE .html EXTENSION
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.html [NC,L]
</IfModule>
###END MOD_REWRITE
i solved this problem with :
RewriteEngine On
RewriteRule ^([a-zA-Z-]+)$ $1.html [L,NC]

Laravel in subfolder

I am trying to run laravel from a subfolder but my routes are incorrect.
My main page is loading correctly at mysite.co.uk/folder & the login auth works but it redirects me to mysite.co.uk. If I manually navigate to mysite.com/folder it is logged in correctly but all of the routes are messed up.
mysite.com/page is working but mysite.co.uk/folder/page gives me a 500 internal server error.
.htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ folder/index.php [L]
</IfModule>
apache.conf
ServerName dev.mysite.co.uk
ServerAlias www.dev.mysite.co.uk
ServerAdmin info#dev.mysite.co.uk
DocumentRoot /home/admin/web/dev.mysite.co.uk/public_html
ScriptAlias /cgi-bin/ /home/admin/web/dev.mysite.co.uk/cgi-bin/
Alias /vstats/ /home/admin/web/dev.mysite.co.uk/stats/
Alias /error/ /home/admin/web/dev.mysite.co.uk/document_errors/
#SuexecUserGroup admin admin
CustomLog /var/log/apache2/domains/dev.mysite.co.uk.bytes bytes
CustomLog /var/log/apache2/domains/dev.mysite.co.uk.log combined
ErrorLog /var/log/apache2/domains/dev.mysite.co.uk.error.log
<Directory /home/admin/web/dev.mysite.co.uk/public_html>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir /home/admin/web/dev.mysite.co.uk:/home/admin/tmp
php_admin_value upload_tmp_dir /home/admin/tmp
php_admin_value session.save_path /home/admin/tmp
</Directory>
<Directory /home/admin/web/dev.mysite.co.uk/stats>
AllowOverride All
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/admin/conf/web/ssl.dev.mysite.co.uk.crt
SSLCertificateKeyFile /home/admin/conf/web/ssl.dev.mysite.co.uk.key
SSLCertificateChainFile /home/admin/conf/web/ssl.dev.mysite.co.uk.ca
<IfModule mod_ruid2.c>
RMode config
RUidGid admin admin
RGroups www-data
</IfModule>
<IfModule itk.c>
AssignUserID admin admin
</IfModule>
IncludeOptional /home/admin/conf/web/sapache2.dev.mysite.co.uk.conf*
You can simple change, inside the apache.conf, the
DocumentRoot
to:
/home/admin/web/dev.mysite.co.uk/public_html/folder
So you simple set the Root-Directory to the main site and don't need any further modifications.

apache redrict 301 from https://www.domain.com to https://domain.com

im trying for hours to redrict https:// www. domain .com to https:// domain .com with 301.
I have a certificate for domain .com but no wildcard for www. domain .com.
I tried the following:
RewriteEngine On
RewriteCond %{HTTPS} =on
RewriteCond %{HTTP_HOST} ^www\.meinedomain\.de$ [NC]
RewriteRule ^(.*) https://meinedomain.de/$1 [L,R=301]
and
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
and
Redirect 301 / https://mineyourmind.de/
None of this works. Any ideas what could be wrong? I have added this directly to the apache settings and it is working great for http:// www. domain .com and http:// domain .com to https:// domain .com but not for https:// www. domain .com.
At the moment I use the following config. Every redrict works fine, instead of the https://www.mineyourmind.de to https://mineyourmind.de
How should such a file look like ?
<VirtualHost *:80>
ServerName mineyourmind.de
ServerAlias www.mineyourmind.de
Redirect 301 / https://mineyourmind.de/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin **
DocumentRoot /var/www/mineyourmind
ServerName mineyourmind.de
ServerAlias www.mineyourmind.de
SSLEngine on
SSLCertificateFile /etc/**
SSLCertificateKeyFile /etc/**
SSLCertificateChainFile /etc/**
SSLCACertificateFile /etc/**
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
deny from all
</Directory>
<Directory /var/www/mineyourmind/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Second Edit:
<VirtualHost *:80>
ServerName mineyourmind.de
ServerAlias www.mineyourmind.de
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.mineyourmind\.de$ [NC]
RewriteRule (.*) https://mineyourmind.de%{REQUEST_URI} [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin **
DocumentRoot /var/www/mineyourmind
ServerName mineyourmind.de
ServerAlias www.mineyourmind.de
SSLEngine on
SSLCertificateFile /etc/apache2/**
SSLCertificateKeyFile /etc/apache2/ssl/**
SSLCertificateChainFile /etc/apache2/ssl/**
SSLCACertificateFile /etc/apache2/ssl/**
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.mineyourmind\.de$ [NC]
RewriteRule (.*) https://mineyourmind.de%{REQUEST_URI} [R=301,L]
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
deny from all
</Directory>
<Directory /var/www/mineyourmind/>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
If you request https://www.meinedomain.de/ and your cert isn't authorized for www.meinedomain.de, then you'll get a security warning regardless of how you redirect. The redirect can only happen after they accept the security exception.
Make sure you've put those rules in the SSL vhost's config, not the non-SSL one. Apache usually has them separate. If that still doesn't work, you can try just putting this in an htaccess file in your document root:
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.meinedomain\.de$ [NC]
RewriteRule (.*) https://meinedomain.de%{REQUEST_URI} [R=301,L]