I have configured an Ubuntu 16.04 Server with Apache and installed Trac 1.2.2 on it. I would like to access the Trac installation using SSL via https://subdomain.example.com
I have the following two .conf-files in /etc/apache2/sites-available/ right now:
ssl.conf:
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
DocumentRoot /var/www/html/
testinstallation.conf:
WSGIScriptAlias /trac/testinstallation /var/www/html/trac/testinstallation/cgi-bin/trac.wsgi
<Location /trac/testinstallation>
AuthType Digest
AuthName "testinstallation"
AuthUserFile /var/lib/trac/testinstallation/.htdigest
Require valid-user
</Location>
When I open https://subdomain.example.com/trac/testinstallation, everything works as it should - but I would like to access my Trac-environment via https://subdomain.example.com. When I change the DocumentRoot in ssl.conf to /var/www/html/trac/testinstallation, I only get to see two folders, but not the Trac-environment (I don't know how to implement the WSGIScriptAlias to the ssl.conf). Can anybody help me with this problem?
Another question: Can I run multiple installations of Trac on one server using SSL? If yes, I would probably need another VirtualHost-file - but what should be in there?
The first parameter of WSGIScriptAlias is the URL-path. So to access your Trac installation over just the subdomain, you can modify the WSGIScriptAlias directive to
WSGIScriptAlias / /var/www/html/trac/testinstallation/cgi-bin/trac.wsgi
There is no need of mentioning the DocumentRoot. The WSGIScriptAlias directive takes care of it. If you want to run multiple Trac installations over multiple subdomains, repeat the same process that you have followed. i.e.,
Deploy project directory
Create Trac users
Create vhost and enable site
Else you can run multiple Trac installation as multiple subdirectories under the same subdomain by defining multiple WSGIScriptAlias directives in the same vhost file.
Example of vhost file for multiple Trac installations (test1 and test2) over single subdomain:
trac.conf
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
</VirtualHost>
WSGIScriptAlias /test1 /var/www/html/trac/test1/cgi-bin/trac.wsgi
<Location /login>
AuthType Digest
AuthName "test1"
AuthUserFile /var/lib/trac/test1/.htdigest
Require valid-user
</Location>
WSGIScriptAlias /test2 /var/www/html/trac/test2/cgi-bin/trac.wsgi
<Location /login>
AuthType Digest
AuthName "test2"
AuthUserFile /var/lib/trac/test2/.htdigest
Require valid-user
</Location>
Related
I'm trying to configure a sub-domain for my subversion repository.
I have a VH example.fr pointing to my personal website, and I want another VH svn.example.fr to point to the repository.
However, when I try to connect to svn.example.fr, I get the front page of my website...
Here is my Apache configuration file:
<VirtualHost *:80>
DocumentRoot /srv/example.fr
ServerName example.fr
ServerAlias www.example.fr
<Directory /srv/example.fr>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName svn.example.fr
<Location />
DAV svn
SVNPath /srv/svn/repo
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /srv/svn/repo/conf/passwd
AuthzSVNAccessFile /srv/svn/repo/conf/authz
Require valid-user
</Location>
</VirtualHost>
I don't see any problem here, but I'm sure there is.
Thanks for your help !
EDIT : The configuration file is correct. I should precise that I'm running Apache inside a Docker container. Just after creating the conf file, I restarted Apache by restarting the container. This is not the right way to do it: restarting the container does not restart the server.
So Lazy Badger was right finally, thanks.
This is question for SU
After creating VirtualHost section you have to restart Apache
(Not related to network|Apache config, future trouble) Plain-text /srv/svn/repo/conf/passwd, used by svnserve, can't be used as Apache user-file, i.e. you have to have
...
AuthUserFile /path/to/htpasswd/file
...
DocumentRoot for VirtualHost must be defined, svn.example.fr miss it
I'm trying to make a directory for my website password protected and I so far I've followed apache instructions to do that: http://httpd.apache.org/docs/current/howto/auth.html
and
http://wiki.apache.org/httpd/PasswordBasicAuth
I then created a password file using htpasswd, and then I edited my httpd.conf with
<Directory /var/www/html/project/app.project.com/Admin/>
AuthType Basic
AuthName "Restricted Area"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "/var/www/html/admin/.password"
Require valid-user
Order allow,deny
Allow from all
</Directory>
But when I go to the website that supposed to ask me for the password it doesn't!
I'm just trying to figure out what I'm doing wrong.
Thanks!
The problem that I didn't think was related to this is that I was trying to access that protected directory using one of my vhosts in the configuration file so I just had to put this Directory directive inside of the correspondig vhost that was getting accessed, this is how I got my configuration at the end:
# Please note as well that I'm forcing connections from http to https:
<VirtualHost *:80>
ServerName app.project.com
ServerAlias project.com
DocumentRoot /var/www/html/project/app.project.com
Redirect permanent / https://app.project.com
ErrorLog /var/www/html/project/app.project.com/error.log
CustomLog /var/www/html/project/app.project.com/requests.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName app.project.com
DocumentRoot /var/www/html/project/app.project.com
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/40d5d69ae6a53.crt
SSLCertificateKeyFile /etc/httpd/ssl/project.key
SSLCertificateChainFile /etc/httpd/ssl/gd_bundle-g2-g1.crt
#Adding the Directory directive to request auth access with password to the Admin directory
<Directory /var/www/html/project/app.project.com/Admin/>
AuthType Basic
AuthName "Restricted Area"
# (Following line optional)
AuthBasicProvider file
AuthUserFile "/var/www/html/admin/.password"
Require valid-user
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
I installed a subversion on my server and it's working properly. All my repositories are located at /var/svn/repo1 /var/svn/repo2 etc... My /etc/apache2/sites-available/svn looks this:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName svn.myhostname.com
DocumentRoot /var/svn
<Directory /var/svn/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Location />
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion"
AuthUserFile /etc/subversion/svn-auth
Require valid-user
</Location>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/svn.error.log
CustomLog ${APACHE_LOG_DIR}/svn.access.log combined
</VirtualHost>
The problem is that when I open a browser and type my IP address or hostname they both point to SVN for some reason. For example, when I type only my IP the browser says "A username and password are being requested by MYIPADDRESS. The site says: "Subversion"". I think the only address that should be pointed to SVN would be svn.myipaddress.com, right??
When I type svn.myipaddress/repo1 it shows the repository normally though.
This causes me hard times as I cannot access my IP and open html/php-files there because it asks for SVN password every time.
Any thoughts on this?
Your initial <VirtualHost *:80> is redirecting all requests on port 80 (the standard http port) to the subversion directories. If you change that to something like <VirtualHost *:3690> then standard web requests should work as normal, though you'll need to add the port when accessing the repositories from the client, i.e. svn co http://repository.url:3690/repo1 in order for subversion commands to work.
I have a problem with a password protected vhost on apache2 and debian (7).
It's a server which hosts several vhost. They are all online for now. I need to restrict access only for one of them. (www.acticia.net)
I do not want to use .htaccess while it is not the correct way for apache.
Here is my vhost conf in site-available :
<VirtualHost *:80>
ServerAdmin admin#acticia.net
ServerName acticia.net
ServerAlias www.acticia.net
DocumentRoot /var/www/acticia.net/
<Directory /var/www/acticia.net/>
AuthType Basic
AuthName "Authentication required"
AuthUserfile "/etc/htpasswd/.htpasswd"
Require valide-user
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/acticia.net-error_log
TransferLog /var/log/apache2/acticia.net-access_log
/etc/htpasswd/.htpasswd has been generated by htpasswd (from apache2)
The site claims that "Authentication required", ask for a login and a password then, ask it again, and again and again ...
Tested under chorimum and iceweasel (up to date for a deb7).
I read apache2 wiki, apache2 docs and a certain part of the www for this subject, didn't understood my mistake !
Thanks for the helps guys !
Require valide-user should be Require valid-user
I need to hook up my Mercurial server cgi script through an Apache VirtualHost subdomain along with authorization.
My apache is running on 80 and 91.
Apache is serving Mercurial through
C:\wamp\bin\apache\Apache2.2.21\cgi-bin\hgweb.cgi
and is accessable through
http://my.com/cgi-bin/hgweb.cgi
and
http://localhost/cgi-bin/hgweb.cgi
All well and good, it serves perfectly there. My target is to subdomain it as:
http://hg.my.com/
with no trailing cgi-bin/hgweb.cgi
I have gotten the following URL to work with the config given below:
http://hg.my.com/cgi-bin/hgweb.cgi
... but it doesn't access the css and images properly (unlike above perfect service)
My config so far:
ScriptAlias /hg "/cgi-bin/hgweb.cgi"
<VirtualHost *:80>
ServerName hg.my.com
ServerAlias hg.my.com
#ScriptAlias / "/cgi-bin/hgweb.cgi"
# <Directory />
# Order Deny,Allow
# Allow from all
# </Directory>
# ProxyPass /stylesheets !
# ProxyPass /javascripts !
# ProxyPass /images !
ProxyPassMatch ^.*/static(/.*\.css)$ http://localhost:91/cgi-bin/hgweb.cgi/static/$1
ProxyPassMatch ^.*/static(/.*\.js)$ http://localhost:91/cgi-bin/hgweb.cgi/static/$1
ProxyPassMatch ^.*/static(/.*\.png)$ http://localhost:91/cgi-bin/hgweb.cgi/static/$1
ProxyPassMatch ^.*/static(/.*\.gif)$ http://localhost:91/cgi-bin/hgweb.cgi/static/$1
ProxyPreserveHost On
ProxyPass / http://localhost:91/cgi-bin/hgweb.cgi
ProxyPassReverse / http://localhost:91/cgi-bin/hgweb.cgi
<Proxy *>
#DirectoryIndex hgweb.cgi
#ScriptAlias / /hgweb.cgi
# # Order Allow,Deny
# # Allow from all
Order Deny,Allow
Allow from 127.0.0.1
AuthUserFile C:\wamp\.htpasswd
AuthName "Please Log In"
AuthType Basic
require user admin
require user dev
</Proxy>
</VirtualHost>
Obviously I am using the time honored google-trial-and-error approach and am out of my depth here.
Thus, my energetic egos mindless determinination for self-reliance, which otherwise seems to serve so well, now exhausted and filled with animosity toward the problem at hand -- brings me here, hat in hand, to ask:
"Brother, can you spare a dime?"
Why run apache on both 80 and 91? Is 91 just to serve up the static content? Unless I'm missing one of your requirements you shoudl be able to do whatever you need with something like this:
<VirtualHost *:80>
ServerName hg.my.com
ScriptAlias / "/cgi-bin/hgweb.cgi"
<Location />
Order Deny,Allow
AuthUserFile C:\wamp\.htpasswd
AuthName "Please Log In"
AuthType Basic
require user admin
require user dev
</Location>
</VirtualHost>
You shouldn't need a proxy, or separate rules for static (Mercurial will serve them up just fine).
Just put a slash after the script:
ScriptAlias /hg "/cgi-bin/hgweb.cgi/"