apache virtualhost conf file and authorizations - apache

Here is my conf file:
<VirtualHost *:80>
ServerAdmin r0dy#r0dy.net
ServerName mtc.r0dy.net
ServerAlias www.mtc.r0dy.net
DocumentRoot /var/www/mtc
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/mtc>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc/bo>
AuthName "Restricted Area: BackOffice"
AuthType Basic
AuthUserFile /var/www/mtc/bo/.htpasswd
# AuthGroupFile /dev/null
require valid-user
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
When i comment out the <Directory /var/www/mtc/bo> part, it doesnt ask for credentials.
When i uncomment it, if i browse to this directory, it asks for credentials and it works fine.
My problem is that is asks for credentials even if i don't go to the /bo/ directory, i just browse to http://mtc.r0dy.net/ and i'm blocked.
Any idea on what i did wrong ?

In case anyone has the same problem, i solved it by adding Allow directives in my directories :
<Directory />
Options FollowSymLinks
#AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc>
Options Indexes FollowSymLinks MultiViews
#AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc/bo>
Order allow,deny
Allow from all
AuthName "Restricted Area: BackOffice"
AuthType Basic
AuthUserFile /var/www/mtc/bo/.htpasswd
# AuthGroupFile /dev/null
require valid-user
</Directory>
I don't understand why it works with the allow directives and behaves strangely without, but it works fine now. If anyone has the explaination you're welcome.

Related

Apache: Install Baikal besides Seafile

I need a hint in which direction I should look for an answer on this.
I have set up a Seafile server which is accessible under https://subdomain.no-ip.org, i now want baikal to be accessible under https://subdomain.no-ip.org/baikal
However, I can't get it running because i always get a message from Seafile that this directory does not exist. (I guess seafile thinks it should be a subdirectory)
my recent try to configure apache -
sites-enabled/default-ssl
<VirtualHost *:443>
ServerAdmin webmaster#localhost
Servername gasslnet.no-ip.org
DocumentRoot /var/www
Alias /media /home/andie/seafile-directory/seafile-server-latest/seahub$
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/baikal/html">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
My Seafile-Settings:
ccnet/ccnet.conf
SERVICE_URL = https://subdomain.no-ip.org
seahub_settings.py
FILE_SERVER_ROOT = 'http://subdomain.no-ip.org/seafhttp'
I think the issue is in the seafile configuration, if seafile would be accessible under url/seafile and not only the url the problem should be solved. I tried changing the SERVICE_URL, but no effect.
Do you have any ideas about this?
You have to set
SITE_ROOT = '/seafile'
in the seahub_settings.py to access Seafile under
http://subdomain.no-ip.org/seafile

Change AllowOverride None to AllowOverride All

These two file have the same code inside.
/etc/apache2/sites-enabled/000-default
/etc/apache2/sites-available/default
I would like to change AllowOverride None to AllowOverride All.
Which file should I change?
Is all the AllowOverride None change to AllowOverride All?
<VirtualHost *:80>
DocumentRoot /var/www/drupal
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/drupal>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
/etc/apache2/sites-enabled/000-default
/etc/apache2/sites-available/default
Actually these are not 2 files. One is a symlink of the other. So that is why they are exactly the same.
The sites-available just shows which sites you have on your system. But sites-enabled show which one's are in use.
So just change the original in sites-available because they are the same file. And yes use AllowOverride All to enable .htaccess use under <Directory /var/www/drupal> block.
You can use commands a2ensite and a2dissite to enable and disable sites if you add more later. The link below gives exact instructions if you ever need to do that, which you shouldn't since your site is live.
http://manpages.ubuntu.com/manpages/trusty/man8/a2ensite.8.html

Multiple Trac sites on one domain using Apache2

How do I get one domain to serve up multiple sites under Apache2. What I would like is something like this:
trac.mysite.net/project1
trac.mysite.net/project2
What I have working now, is this:
project1.mysite.net/
project2.mysite.net/
using two separate virtual hosts, which works great. However, every time I create a new project, I have to update the DNS.
What I would like is to have one virtual host configuration that points to a different directory for each project.
What I have tried is creating a 'trac' virtual host with different sections for each site. According to the error log, it tries to access the directory, but gets an access denied.
[Sun Sep 14 16:50:59.022354 2014] [autoindex:error] [pid 9811] [client 10.1.1.112:58207] AH01276: Cannot serve directory /usr/share/trac/projects/project1/htdocs/: No matching DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive
I tried removing indexes with Options -Indexes but that didn't get rid of the error above.
Here is my virtual host configuration:
<VirtualHost *:80>
ServerName trac.mysite.net
ServerAlias trac
ServerAdmin vv#mysite.net
# trac ####################################################################
DocumentRoot /usr/share/trac/htdocs
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /usr/share/trac/cgi-bin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
AuthType Digest
AuthName login
AuthUserFile /etc/apache2/loginpasswd
Require valid-user
Order allow,deny
allow from all
</Directory>
Alias /chrome/common /usr/share/trac/htdocs/common
Alias /chrome/site /usr/share/trac/htdocs/site
<Directory /usr/share/trac/htdocs/>
Order allow,deny
allow from all
</Directory>
WSGIScriptAlias / /usr/share/trac/cgi-bin/trac.wsgi
# project1 ###############################################################
Alias /project1 /usr/share/trac/projects/project1/htdocs
<Directory /usr/share/trac/projects/project1/htdocs/>
Order allow,deny
allow from all
</Directory>
<Directory /usr/share/trac/projects/project1/cgi-bin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
AuthType Digest
AuthName login
AuthUserFile /etc/apache2/loginpasswd
Require valid-user
Order allow,deny
allow from all
</Directory>
Alias /project1/chrome/common /usr/share/trac/projects/project1/htdocs/common
Alias /project1/chrome/site /usr/share/trac/projects/project1/htdocs/site
WSGIScriptAlias /project1 /usr/share/trac/projects/project1/cgi-bin/trac.wsgi
# project2 ################################################################
Alias /project2 /usr/share/trac/projects/project2/htdocs
<Directory /usr/share/trac/projects/project2/htdocs/>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /usr/share/trac/projects/project2/cgi-bin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
AuthType Digest
AuthName login
AuthUserFile /etc/apache2/loginpasswd
Require valid-user
Order allow,deny
Allow from all
</Directory>
Alias /project2/chrome/common /usr/share/trac/projects/project2/htdocs/common
Alias /project2/chrome/site /usr/share/trac/projects/project2/htdocs/site
WSGIScriptAlias /project2/ /usr/share/trac/projects/project2/cgi-bin/trac.wsgi
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/trac_error.log
CustomLog ${APACHE_LOG_DIR}/trac_access.log combined
</VirtualHost>
I know this is possible, I'm just not sure how. Any suggestions would be appreciated.
Ah. I figured out what I was doing wrong. I was using an Alias for each project directory. The Alias was overriding the WSGIScriptAlias. And it was this WSGIScriptAlias that was necessary for everything to work. It allows urls with /projectX/ in them to be an alias for the trac.wsgi script.
My new vhost config is given below. I cleaned it up a bit by removing the directives for the trac vhost and only left the DocumentRoot.
<VirtualHost *:80>
ServerName trac.mysite.net
ServerAlias trac
ServerAdmin vv#mysite.net
# trac ####################################################################
DocumentRoot /usr/share/trac/htdocs
# project1 ###############################################################
<Directory /usr/share/trac/projects/project1/htdocs/>
Order allow,deny
allow from all
</Directory>
<Directory /usr/share/trac/projects/project1/cgi-bin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
AuthType Digest
AuthName login
AuthUserFile /etc/apache2/loginpasswd
Require valid-user
Order allow,deny
allow from all
</Directory>
Alias /project1/chrome/common /usr/share/trac/projects/project1/htdocs/common
Alias /project1/chrome/site /usr/share/trac/projects/project1/htdocs/site
WSGIScriptAlias /project1 /usr/share/trac/projects/project1/cgi-bin/trac.wsgi
# project2 ################################################################
<Directory /usr/share/trac/projects/project2/htdocs/>
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /usr/share/trac/projects/project2/cgi-bin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
AuthType Digest
AuthName login
AuthUserFile /etc/apache2/loginpasswd
Require valid-user
Order allow,deny
Allow from all
</Directory>
Alias /project2/chrome/common /usr/share/trac/projects/project2/htdocs/common
Alias /project2/chrome/site /usr/share/trac/projects/project2/htdocs/site
WSGIScriptAlias /project2/ /usr/share/trac/projects/project2/cgi-bin/trac.wsgi
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/trac_error.log
CustomLog ${APACHE_LOG_DIR}/trac_access.log combined
</VirtualHost>
Thanks for listening.

Apache mod rewrite masking

I'm trying to mask/hide a the URL of our VPS, in which we have installed a wordpress blog under a subdirectory (/var/www/vhosts/vps.url.com/httdocs/blog.
We have a domain pointing to this site (vps.url/blog), so writing the domain URL on the browser redirect us to the VPS, but showing the URL vps.url/blog.
I've tried to mask it with apache2 virtual hosts this way:
<VirtualHost *:7080>
ServerAdmin webmaster#localhost
ServerName domain.es
ServerAlias www.domain.es
DocumentRoot /var/www/vhosts/vps.url.com/httpdocs/domain/
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This doesn't work as it still showing vps.url.com/domain when we want to show domain.es
Thanks before hand and excuse my bad english.

virtually hosted typo3 site returns a 503 after backend logout

I am trying to host multiple typo3 managed sites on my remote webserver but whenever I logout from a brand new install I get a 503 error and can't get past that. but I can re-install a typo3 site from the same link. but the default typo3 installed which can be referenced via <www.mydomain_name.com/typotest> works fine. below is my default site setup:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /srv/www/
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
############### All other demo sites ################
<VirtualHost *:80>
DocumentRoot /srv/www/site1/
ServerName www.site1.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/WFS>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site1/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site1/access.log combined
</VirtualHost>
######## Site2 ########
<VirtualHost *:80>
DocumentRoot /srv/www/site2/
ServerName www.site2.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/Monassier>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site2/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site2/access.log combined
</VirtualHost>
######## site 3 ########
<VirtualHost *:80>
DocumentRoot /srv/www/site3/
ServerName www.site3.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/HandP>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site3/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site3/access.log combined
</VirtualHost>
I will also say that I tried copying the .htaccess from the working site to the virtually hosted site but got no results. At this point I am at a loss as to what could be causing this.
Server OS is Debian Lenny and apache 2.2.16.
I would like to add that I have checked the error logs (php ones included) and all I see are access errors
As you are not getting a Apache error log entry, I presume you have got the maintanence mode enabled.
Check your localconf.php for the entry:
$GLOBALS['TYPO3_CONF_VARS'][BE][adminOnly] = 1;
and change it to
$GLOBALS['TYPO3_CONF_VARS'][BE][adminOnly] = 0;
Slight misunderstanding of the framework caused this. It turns out that I had installed a blank package instead of the introduction package. So I was getting the 503 due to there not being any frontend pages created in the blank, and I was trying to access the backend via the front end address.