Setup Certbot on xampp Apache Ubuntu - apache

I tried to setup a SSL certificate with: https://certbot.eff.org/lets-encrypt/ubuntuxenial-apache documentation.
It worked, the only problem was that it's on the wrong Apache server. I got 2 Apache server's on my Ubuntu 16.04 System. 1 is linking to /var/www/html and the other one (this one is of my XWAMPP server) is linking to /opt/lampp/htdocs
The Apache server that links to /var/www/html on this one the SSL is activated. With the command: sudo certbot --apache
I want it to be activated on the Apache server of the XAMPP. How can I edit this command so it calls the other Apache server?

I solved this with next steps:
(*) First of all, you should be avaible certbot command and your virtualhost should be configured for the domain that you need https. f.e. mydomain.com. verify the domain is avaible in your browser.
sudo yum install certbot python2-certbot-apache
certbot --apache-ctl /opt/lampp/bin/apachectl
This, create the cert, in /etc/letsencrypt/live/mydomain.com/.
Also, step 2 create a new vhost file in /opt/lampp/etc/extra/. please review.
then, add this new file in your vhost zone (/opt/lampp/etc/httpd.conf).
restart your xampp apache.

It will work but for this you need and static ip and portforward 80 and 443 to your system ip and link with domain you can try no-ip they will give you free domain after that you need to visit https://www.sslforfree.com/
after this follow the step they say. After verifying you can download the ssl file. you need to put extract file in C:\xampp\apache\conf
after this goto C:\xampp\apache\conf\extra
and edit httpd-vhosts.conf and following thing you can change according to your domain or root directory
<VirtualHost *:80>
ServerAdmin webmaster#dummy-host2.example.com
DocumentRoot "C:/xampp/htdocs/dummy-host2.example.com"
ServerName dummy-host2.example.com
ErrorLog "logs/dummy-host2.example.com-error.log"
CustomLog "logs/dummy-host2.example.com-access.log" common
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#osticket.dev
DocumentRoot "C:/xampp/htdocs/upload"
ServerName osticketamcat.ddns.net
ServerAlias osticketamcat.ddns.net
SSLEngine on
SSLCACertificateFile "C:\xampp\apache\conf\ssl\ca_bundle.crt"
SSLCertificateFile "C:\xampp\apache\conf\ssl.crt\server.crt"
SSLCertificateKeyFile "C:\xampp\apache\conf\ssl.key\server.key"
ErrorLog "logs/dummy-host.example.com-error.log"
CustomLog "logs/dummy-host.example.com-access.log" common
<Directory "C:/xampp/htdocs/upload">
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order Deny,Allow
Allow from all
Require all granted
</Directory>

I solved this issue.
sudo certbot --apache-ctl /opt/lampp/bin/apachectl
sudo nano /opt/lampp/etc/httpd.conf
------------
# Virtual hosts
Include etc/extra/httpd-vhosts.conf
Include etc/extra/httpd-vhosts-le-ssl.conf #Add it here

Related

Issues with Apache and Virtual Hosts

I'm, trying to run both MediaWiki and Wordpress on an Apache server. I've got the MediaWiki site set up with a couple of sub-domain Virtual Hosts, so everything is fine there. This is installed at /var/www/html/mediawiki.
I'm trying to install Wordpress on it's own directory, /var/www/wordpress.
In my config file for Wordpress' virtual host, I've got:
<VirtualHost *:80>
ServerName domain.com
ServerAdmin admin#domain.com
DocumentRoot /var/www/wordpress
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<Directory /var/www/wordpress/> AllowOverride All</Directory>
Obviously domain.com is not the domain.
Whenever I visit domain.com, however, it seems to be loading the MediaWiki install from /var/www/html/mediawiki, which is obviously not what I want.
Anyone got any ideas what I'm doing wrong here?
Run apachectl to see all the servers/vhosts running on your server both port 80 and 443
apachectl -S
Also I believe that:
<Directory /var/www/wordpress/> AllowOverride All</Directory>
should be inside of your virtual host block

How to fix 'No secure protocols supported'?

I have a personal website which I'm trying to set up to use HTTPS.
I'm using an Amazon Lightsail instance with Ubuntu 18.04 and Apache/2.4.29 on it. Opened port 443 using both AWS dashboard and ufw. I also made sure openssl version is up-to-date. I have used certbot, installation completes fine, I restarted webserver but when I go to ssllabs.com to test, I get:
Assessment failed: No secure protocols supported
Now, I have 3 websites served by the webserver, DocumentRoot is set to default /var/www/html and I created a conf file for each site in /etc/apache/sites-available as example.com.conf, with a VirtualHost listening to *:80 only. All sites are tested and works fine with the .conf files.
When I ran certbot, I got a file in /etc/apache/sites-available called example.com-le-ssl.conf with this in it:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/html/example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
At this point, I expected it to work since the guide on https://certbot.eff.org/lets-encrypt/ubuntubionic-apache.html says nothing else needs to be done.
What am I missing?
Thanks in advance!

Hosting another website on linux AMAZON EC2 intance running bitnami wordpress

I have an EC2 instance created with Bitnami wordpress, I am trying to host my other website on the same instance website.tld
I followed the steps on this guide
https://docs.bitnami.com/aws/components/apache/#how-to-create-a-virtual-host
Then I went to "/opt/bitnami/apps/wordpress/conf/httpd-vhosts.conf" and changed it to
<VirtualHost *:80>
ServerName mywordpress.com
ServerAlias mywordpress.com
DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
</VirtualHost>
<VirtualHost *:80>
ServerName website.tld
ServerAlias www.website.tld
DocumentRoot "/opt/bitnami/apps/website/htdocs"
ErrorLog "logs/website-error_log"
CustomLog "logs/website-access_log" common
</VirtualHost>
<VirtualHost *:443>
ServerName mywordpress.com
ServerAlias www.mywordpress.com
DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apps/wordpress/conf/certs/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apps/wordpress/conf/certs/server.key"
Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
</VirtualHost>
I created the empty folders "/opt/bitnami/apps/website/htdocs" for my new website then added an index.html inside htdocs
Then I restarted the apache server
sudo /opt/bitnami/ctlscript.sh restart apache
mywordpress.com works fine as before, but when i try to open website.tld I get this error
Forbidden
You don't have permission to access / on this server.
Am i doing it wrong? is there any other configurations i missed?
What is more confusing is there are httpd-vhosts.conf files inside the apache2 server and inside each folder in the apps/ folder, I am not sure which of all I should be adding my new domain tag into? Following the bitnami docs I edited the one inside apps/wordrpess/config
I am not a server side guy, is there a UI for the apache server that can help me setup the virtual host?
Thank you in advance.
You have to set the permissions for this directory in apache2.conf/ httpd.conf.
<Directory [your path]>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
And set the permissions with chmod 755

Enabling SSL with XAMPP

I've been following this guide as much as I could
http://robsnotebook.com/xampp-ssl-encrypt-passwords .
However whenever I browse to a page starting with https the apache server replies 404 Object Not Found.
What setting I am missing? Thanks for any help.
Found the answer. In the file xampp\apache\conf\extra\httpd-ssl.conf, under the comment SSL Virtual Host Context pages on port 443 meaning https is looked up under different document root.
Simply change the document root to the same one and problem is fixed.
You can also configure your SSL in xampp/apache/conf/extra/httpd-vhost.conf like this:
<VirtualHost *:443>
DocumentRoot C:/xampp/htdocs/yourProject
ServerName yourProject.whatever
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
</VirtualHost>
I guess, it's better not change it in the httpd-ssl.conf if you have more than one project and you need SSL on more than one of them
For XAMPP, do the following steps:
G:\xampp\apache\conf\extra\httpd-ssl.conf"
Search 'DocumentRoot' text.
Change DocumentRoot DocumentRoot "G:/xampp/htdocs" to DocumentRoot "G:/xampp/htdocs/project name".
configure SSL in xampp/apache/conf/extra/httpd-vhost.conf
http
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs/myproject/web"
ServerName www.myurl.com
<Directory "C:/xampp/htdocs/myproject/web">
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
https
<VirtualHost *:443>
DocumentRoot "C:/xampp/htdocs/myproject/web"
ServerName www.myurl.com
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
<Directory "C:/xampp/htdocs/myproject/web">
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
make sure server.crt & server.key path given properly otherwise this will not work.
don't forget to enable vhost in httpd.conf
# Virtual hosts
Include etc/extra/httpd-vhosts.conf
There is a better guide here for Windows:
https://shellcreeper.com/how-to-create-valid-ssl-in-localhost-for-xampp/
Basic steps:
Create an SSL certificate for your local domain using this: See more details in the link above
https://gist.github.com/turtlepod/3b8d8d0eef29de019951aa9d9dcba546
https://gist.github.com/turtlepod/e94928cddbfc46cfbaf8c3e5856577d0
Install this cert in Windows (Trusted Root Certification Authorities) See more details in the link above
Add the site in Windows hosts (C:\Windows\System32\drivers\etc\hosts)
E.g.: 127.0.0.1 site.test
Add the site in XAMPP conf (C:\xampp\apache\conf\extra\httpd-vhosts.conf)
E.g.:
<VirtualHost *:80>
DocumentRoot "C:/xampp/htdocs"
ServerName site.test
ServerAlias *.site.test
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "C:/xampp/htdocs"
ServerName site.test
ServerAlias *.site.test
SSLEngine on
SSLCertificateFile "crt/site.test/server.crt"
SSLCertificateKeyFile "crt/site.test/server.key"
</VirtualHost>
Restart Apache and your browser and it's done!
I finally got this to work on my own hosted xampp windows 10 server web site. I.e. padlocks came up as ssl. I am using xampp version from November 2020.
Went to certbot.eff.org. Selected from their home page software [apache] and system [windows]. Then downloaded and installed certbot software found at the next page into my C drive.
Then from command line [cmd in Windows Start and then before you open cmd right click to run cmd as admin] I enhtered the command from Certbot page above. I.e. navigated to system32-- C:\WINDOWS\system32> certbot certonly --standalone
Then followed the prompts and enteredmy domain name. This created certs as cert1.pem and key1.pem in C:\Certbot yourwebsitedomain folder. the cmd windows tells you where these are.
Then took these and changed their names from cert1.pem to my domainname or shorter+cert.pem and same for domainname or shorter+key.key. Copied these into C:\xampp\apache\ssl.crt and ssl.key folders respectively.
Then for G:\xampp\apache\conf\extra\httpd-vhosts entered the following:
<VirtualHost *:443>
DocumentRoot "G:/xampp/htdocs/yourwebsitedomainname.hopto.org/public/" ###NB My document root is public. Yours may not be. Or could have an index.php page before /public###
ServerName yourwebsitedomainnamee.hopto.org
<Directory G:/xampp/htdocs/yourwebsitedomainname.hopto.org>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
ErrorLog "G:/xampp/apache/logs/error.log"
CustomLog "G:/xampp/apache/logs/access.log" common
SSLEngine on
SSLCertificateFile "G:\xampp\apache\conf\ssl.crt\abscert.pem"
SSLCertificateKeyFile "G:\xampp\apache\conf\ssl.key\abskey.pem"
</VirtualHost>
Then navigated to G:\xampp\apache\conf\extra\httpd-ssl.conf and did as was advised above. I missed this important step for days until I read this post. Thank you!
I.e. entered
<VirtualHost _default_:443>
DocumentRoot "G:/xampp/htdocs/yourwebsitedomainnamee.hopto.org/public/"
###NB My document root is public. Yours may not be. Or could have an index.php page before /public###
SSLEngine on
SSLCertificateFile "conf/ssl.crt/abscert.pem"
SSLCertificateKeyFile "conf/ssl.key/abskey.pem"
CustomLog "G:/xampp/apache/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Note1. I used www.noip.com to register the domain name.
Note2. Rather then try to get them to give me a ssl certificate, as I could not get it to work, the above worked instead.
Note3 I use the noip DUC software to keep my personally hosted web site in sync with noip.
Note4. Very important to stop and start xampp server after each change you make in xampp. If xampp fails for some reason instead of starting the xampp consol try the start xampp as this will give you problems you can bug fix. Copy these quickly and paste into note.txt.
In case you are on Mac OS (catalina or mojave) and wants to enable HTTPS/SSL on XAMPP for Mac, you need to enable the virtual host and use the default certificates included in XAMPP.
On your httpd-vhosts.conf file add a new vhost:
<VirtualHost *:443>
ServerAdmin webmaster#localhost.com
DocumentRoot "/Users/your-user/your-site"
ServerName your-site.local
SSLEngine on
SSLCertificateFile "etc/ssl.crt/server.crt"
SSLCertificateKeyFile "etc/ssl.key/server.key"
<Directory "/Users/your-user/your-site">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

Apache: Virtual Host configuration

As i tried to configure my virtual host in apache. I put something like this,
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /xampp/htdocs/gift
ServerName gift.loc
</VirtualHost>
And in my hosts file i put something like this,
127.0.0.1 localhost
127.0.0.1 gift.loc
And i run it on the browser,
http://gift.loc - is fine
But when i tried using this,
http://localhost/othersite - can't found
Do i missed somehting to configure? ANy ideas...
Thanks in advance,
You need a VirtualHost entry for every host you want apache to handle. The first one in the config file will be used as the default if no other VirtualHosts match the request.
For example if we have:
<VirtualHost *:80>
DocumentRoot /xampp/htdocs/gift
ServerName gift.loc
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /example/htdocs/gift
ServerName example.com
</VirtualHost>
A request for foobar.org will get handled by the gift.loc virtual host.
you need to put localhost in the vhosts.conf
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /xampp/htdocs/
ServerName localhost
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /xampp/htdocs/gift
ServerName gift.loc
</VirtualHost>
This works fine (Make sure you restart apache). If you need to check your configuration you can (on linux at least) run httpd -S.
There are few steps you need to follow to setup the virtual host on ubuntu:
Let say that your project folder name is myProject
Step 1:Place your folder inside /var/www/html
sudo mv ~/myProject /var/www/html/
Step 2: Give ownership of project folder to www-data
sudo chown -R www-data:www-data /var/www/html/myProject
Step 3:Create new site inside Sites available:
cd /etc/apache2/sites-available/
ls
Here you will see existing 000-default.conf and default-ssl.conf .Copy the content of both file into one file and replace your folder name or copy this one into new file named myProject.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/myProject/
ServerName project.com
ServerAlias www.project.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html/myProject/
ServerName project.com
ServerAlias www.project.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/mobidev_cert.pem
SSLCertificateKeyFile /etc/ssl/certs/mobidev_key.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
Include the path of self signed certificate also in this as shown ssl key and ssl certificate that can be downloaded easily.
Step 4:Add your project into apache configuration file.
sudo vi /etc/apache2/apache2.conf
put this lines in the file:
DocumentRoot "/var/www/html/myProject"
<Directory /var/www/html/myProject/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
Step 5:Add your virtual server name (specified in myProject.conf) into host file.add that line:
sudo gedit /etc/hosts
127.0.1.1 project.com
Step 6:Now all set ,enable site,restart apache
sudo a2ensite /etc/apache2/sites-availabl/myProject.conf
sudo systemctl reload apache2
sudo update-rc.d apache2 defaults
sudo update-rc.d mysql defaults
sudo a2enmod ssl
sudo a2ensite default-ssl
Just hit project.com in your browser.
From the docs, it looks like we need to create a block for each different host that you would like to serve.
Further in the same doc, If you are adding virtual hosts to an existing web server, you must also create a block for the existing host.