mod_wsgi and WSGIScript directive - mod-wsgi

On my virtual server configuration I have this:
DocumentRoot /var/www/project/app/
and also I have this directive:
WSGIScriptAlias / /var/www/project/app/wsgi.py
from mod_wsgi documentation: "avoid placing WSGI scripts under the DocumentRoot in order to avoid accidentally revealing their source code if the configuration is ever changed"
It's clear to me that I must delete the DocumentRoot directive here! I just want to know how it is possible to reveal the code of my wsgi.py file. What kind of request could have a response with that file ?

Change:
WSGIScriptAlias / /var/www/project/app/wsgi.py
to:
WSGIScriptAlias /suburl /var/www/project/app/wsgi.py
Restart Apache and then visit /wsgi.py. It will download and show you your source code.
There is usually no reason to set DocumentRoot to be the directory your WSGI script file is in when using WSGIScriptAlias. By doing it when you don't need to, you are one step away from making your code available if you decided to change your configuration to mount the application at a sub URL and didn't understand the implications of it.
Since it isn't necessary, just don't expose yourself to the extra risk.

Related

Deploying a Grails app with Tomcat on an existing site

I am trying to deploy a grails app on an existing site (mysite.org) using Tomcat with a virtual host, and I've been told I also need to use a ProxyPass and a ProxyPathReverse to the chosen port. I've successfully set up Tomcat, added the WAR file to the tomcat/default-root folder, and edited the server.xml file to include this, an exclusion for serving content to the app.
<VirtualHost *:*>
ProxyPreserveHost On
ProxyTimeout 3600
Timeout 3600
ProxyPass /interventions !
ProxyPass / http://00.00.000.000:8080/
ProxyPassReverse / http://00.00.000.000:8080/
ServerName interventions.mysite.org
</VirtualHost>
I'm not really sure where to go from here, what I want to happen is to be able to go to interventions.mysite.org and use this app. I know I need to properly configure the virtual host but I've gotten lost in guides that seem to focus on setting it up from the start rather than integrating with an existing site, which had me worried about making any changes without realising (given my lack of knowledge right now).
What should my next step be, and are there any resources I should seek out (or search terms I should use, as I'm totally overwhelmed after my attempts)?
**Edit: Is my wishing to use interventions.mysite.org rather than, say, mysite.org/interventions complicating the issue?
create a site in apache called interventions.mysite.org.conf
To create the site you can just copy the already existing site file found in the sites-available folder in your apache installation and just make edits where necessary.
You file should look like the one i have pasted below, i believe the code i have pasted below should work fine for you, just make edits to the ProxyPass and ProxyPassReverse fields to match your app installation.
Remember to enable the site by using the command below;
sudo a2ensite interventions.mysite.org.conf
and also ensure that you have i think mod_proxy enabled.
it can config just like the one below;
<VirtualHost *:80>
ServerName interventions.mysite.org
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyRequests Off
ProxyPreserveHost On
ProxyErrorOverride On
ProxyPass / http://localhost:port/my-app/
ProxyPassReverse / http://localhost:port/my-app/
</VirtualHost>
You can also read the apache docs if you don't understand some of the config parameters. Hope that helps.
Cheers!

Apache upgrade 2.2 -> 2.4 issue

I have got a problem with an update of Apache (from 2.2 to 2.4). I keep getting the same message while trying to access 'localhost'
.htaccess: RewriteEngine not allowed here
Also the result that I get from browser is 500 Internal Server Error.
I have completely change old authorization tags from Allow from all to Require all granted, still the same. Tried to load mod_access_compat - still the same.
Any ideas? My httpd.conf is almost a default one at the moment, the only changes are DocumentRoot and Directory.
I got confused while editing my old httpd.conf - it had configured DocumentRoot as follows:
DocumentRoot "web/"
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "web/">
...
With this configuration, new Apache would not like to work. I changed Directory to "/" and it worked.
It is also neccessary to load mod_rewrite module and setup AllowOverride to All (or FileInfo).

XAMPP server document root for specific website

I just installed XAMPP, and I've found how to change the document root in the Apache config file, but I only want to change it for a specific site. The reason I need this is because all of my links are absolute links (i.e. /url not just url).
I tried changing it with .htaccess, but that gave me errors saying the limited recursion had been exceeded. So I went and changed that to 200, and it too a really long time, and then said that the recursion had been exceeded.
I would use aliases, but that would mean saying that any request to / goes somewhere else.
So is there anyway for me to specify that files inside of directory dir should have their document root as dir?
Thanks.
I found the solution, but it's a bit involved. You have to change the Apace config file, and the hosts file.
In the Apache config file, I added this:
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot "/absolute path/from/C/drive"
ServerName site.local
</VirtualHost>
Then I had to add this in the hosts file:
127.0.0.1 site.local
You can read up more on the virtual host here: http://httpd.apache.org/docs/2.2/vhosts/examples.html

How to run PrimeFaces behind reverse proxy in a subdomain?

I have build an application with PrimeFaces and want to run that behind an apache reverse proxy.
My target url looks like this http://myserverurl.org:8080/myapplication/.
I want to access the application via subdomain like this http://myapplication.myserverurl.org.
I have configured a VirtualHost in apache:
<VirtualHost *:80>
ServerName myapplication.myserverurl.org
ProxyPass / http://myserverurl.org:8080/myapplication/
ProxyPassReverse / http://myserverurl.org:8080/myapplication/
</VirtualHost>
That works not so well. I can see the JSF page, but there is no CSS applied etc. I can see that the first request is redirected correctly, but the following requests (to load jQuery, CSS, etc.) are not.
They try to access an url like http://myapplication.myserverurl.org/myapplication/faces/javax.faces.resource/primefaces.js?ln=primefaces which is obviously wrong. They must not include the /myapplication/ path again, since the proxy redirects already to that path.
How can I solve this issue? Is this a PrimeFaces problem or a problem with my reverse proxy configuration?
Using (or not using) AJP has no bearing on resolving this specific issue.
Primefaces internally uses context path variable to include CSS and Javascript resources. Even using AJP you will end up with:
/unwantedAppContext/javax.faces.resource/jquery/jquery.js.jsf?ln=primefaces
What you could do to resolve this add another proxy pass to handle the unwanted context. This may not be the best solution, but it works.
<VirtualHost *:80>
ServerName myapplication.myserverurl.org
ProxyPass /myapplication/ http://myserverurl.org:8080/myapplication/
ProxyPassReverse /myapplication/ http://myserverurl.org:8080/myapplication/
ProxyPass / http://myserverurl.org:8080/myapplication/
ProxyPassReverse / http://myserverurl.org:8080/myapplication/
</VirtualHost>
The order of the pass matters.
This issue was also reported in the icefaces forum
http://www.icesoft.org/JForum/posts/list/4433.page#sthash.h1qSqiYg.dpbs
It may be different depending on the application server but, as a main rule, you should use AJP for the proxying.
First step is to enable ajp modules depending on OS. Ubuntu looks like this.
sudo a2enmod proxy proxy_ajp
Step 2, change the proxy definition in the apache conf to something like:
ProxyPass / ajp://localhost:8009/myapplication
ProxyPassReverse / ajp://localhost:8009/myapplication
Step 3 is to enable it on the application server. Again, it varies depending of the one you use. Tomcat has a commented out section in the server.xml. Glassfish has a check-box in the admin console and an asadmin command (but I can't remember it)
Consider using ProxyHTMLURLMap directive from mod_proxy_html module. This module manipulates output HTML links to be pointed to the right location. In your case all the links that tell http://myapplication.myserverurl.org/ need to be changed back to /, i.e.
ProxyHTMLURLMap http://myapplication.myserverurl.org/ /
This way you can modify any call-back links that are pointing to wrong location.
Answer of jjhavokk works but
for Graphics you need to reference them via request.contextPath
<img src="#{request.contextPath}/resources/yourfolder/yourpng.png" />
Place it in webapp/resources/yourfolder/yourpng.png
With my .css file this was not needed
h:outputStylesheet name="css/screen.css"
in webapp/resources/css

Magento not accessible since tried to move to multi website setup. Apache issue?

I wish I had never seen this article:
http://www.magentocommerce.com/knowledge-base/entry/tutorial-multi-site-multi-domain-setup
I have Apache 2.2 installed on my XP machine and until a while ago I had a Magento site that I could test the development of a custom module on. I decided that I wanted to have multiple websites and multiple stores so that I could test that my modules configuration variables set at the different scopes (global, website, and store) were working as expected.
So I followed the instructions in the above Magento article. I created a website and gave it a name of “paulsplace.com”. I created a couple of Stores under that website. I then went to System/Configuration/General/Web and, with the scope set to paulsplace.com, I set the unsecured and secured URLs to http://paulsplace.com/ and https://paulsplace.com/ and hit Save Config - what a mistake!!
I got a 404 error. And now I can’t get to my magento front end or back end.
I tried a couple of things:
I added these lines to my hosts lookup file:
127.0.0.1 paulsplace.com
127.0.0.1 www.paulsplace.com
I then uncommented this line in my httpd,conf file:
Include conf/extra/httpd-hosts.conf
and added the following to the conf/extra/httpd-hosts.conf file:
<VirtualHost *:80>
ServerAdmin me#myemail.com
DocumentRoot "C:/Applications/Apache Software Foundation/Apache2.2/htdocs"
ServerName paulsplace.com
ErrorLog "logs/paulsplace.com-error.log"
CustomLog "logs/paulsplace.com-access.log" common
</VirtualHost>
and restarted Apache.
If I browse to “http://www.paulsplace.com” I now get a page that just says “It works!”. Same for “http://paulsplace.com” and “http://www.paulsplace.com/magento/index.php”.
I tried a few more things - I added this line to httpd.conf:
AccessFileName htaccess
(I did this because Windows Explorer didn’t let me create a file starting with a dot; I could do it from the command prompt, but I believe what I have done should be ok).
I changed AllowOverride to All from None:
<Directory />
Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all
</Directory>
<Directory "C:/Applications/Apache Software Foundation/Apache2.2/htdocs">
AllowOverride All
</Directory>
and in C:\Applications\Apache Software Foundation\Apache2.2\htdocs\htaccess (a file that I created), I entered:
SetEnvIf Host www\.paulsplace\.com MAGE_RUN_CODE=pws1
SetEnvIf Host www\.paulsplace\.com MAGE_RUN_TYPE=website
SetEnvIf Host ^paulsplace\.com MAGE_RUN_CODE=pws1
SetEnvIf Host ^paulsplace\.com MAGE_RUN_TYPE=website
(pws was the value I used for the “Code” when creating my store).
Please tell me how I can put this right. I feel like I’m taking one step forward and three backward at the moment.
Any help really would be greatly appreciated.
<VirtualHost *:80>
ServerAdmin me#myemail.com
DocumentRoot "Change this to point at your magento install"
ServerName paulsplace.com
ErrorLog "logs/paulsplace.com-error.log"
CustomLog "logs/paulsplace.com-access.log" common
SetEnv MAGE_RUN_TYPE website
SetEnv MAGE_RUN_CODE pws1
</VirtualHost>
If changing anything in System Configuration borks your system, you can always clear out the bad values in the database directly, and clear your Magento cache. Do a
select * from core_config_data where value LIKE '%paulsplace.com%'
This will give you the two rows that were added when you clicked save. Remove the rows. Next, clear out all the files in
var/cache/*
to clear your cache. Then restore your Apache config to what it was before you started monkeying around. This should restore your site back to its previous state, and you can continue to experiment with things.