.htaccess not working with SSL config - apache

I followed this guide to get a free SSL certificate from StartSSL: https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-with-a-free-signed-ssl-certificate-on-a-vps
I followed it step by step but I don't actually understand it fully as I'm a newbie.
I have .htaccess which stopped working after I put the below code into my 000-default.conf file:
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /etc/apache2/ssl/ssl.crt
SSLCertificateKeyFile /etc/apache2/ssl/private.key
SSLCertificateChainFile /etc/apache2/ssl/sub.class1.server.ca.pem
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This is what's in my .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^([a-zA-Z0-9\-]+)$ $1.php
ErrorDocument 404 /404error
</IfModule>
^ It's basically to be able to access a page like this domain/page rather than like this: domain/page.php
So as soon as I add the above code from the 000-default.conf file, the rewrite rule works fine. If I add it in, however, I can no longer access files without the .php at the end. My 404 redirect is also not working.
What is it that's causing the problem?

Related

Sub-domain not working

I'm pretty new to apache, so probably the solution will be obvious to you... I'm running on Debian wheezy
Here are my two file in /etc/apache2/sites-availables:
amelineandraphael
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName amelineandraphael.raphaelnussbaumer.com
DocumentRoot /var/www/amelineandraphael
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/amelineandraphael>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
zoziology
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName zoziologie.raphaelnussbaumer.com
DocumentRoot /var/www/zoziologie
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/zoziologie>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
I have added a symbolic link to /etc/apache2/sites-enables
I've run sudo a2ensite amelineandraphael and sudo a2ensite zoziologie
and restart the apache server.
The sub-domain zoziologie.raphaelnussbaumer.com is working but amelineandraphael.raphaelnussbaumer.com redirect me to the default index.html at /var/www/.
Here are the .htaccess of /var/www/amelineandraphael:
SetEnv PHP_VER 5_4
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Any idea ?
I think I found the solution. Although I'm not sure that's the only part of the solution:
sudo a2dissite 000-default
Unfortunately I can't comment yet as I don't have the rep, so sorry about this being an "answer".
I'm wondering if you have a DNS "A" record for that subdomain? You may have a wildcard DNS record though, which would make this a moot point

ProxyPass not overriding .htaccess mod_rewrite

We have an angular app with an apache server which uses .htaccess to rewrite requests to /index.html using
RewriteRule . /index.html [L]
But for a few paths, we want to use /whatever to route to a different domain. However, adding
ProxyPass /whatever whatever.site.com
to sites-enabled doesn't seem to override the .htaccess.
That full file looks like
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
ProxyPass /whatever https://whatever.com
ProxyPassReverse /whatever https://whatever.com
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Any suggestions?
Also, I know for sure that the sites-enabled file above is being used because if I put garbage-text into it the site crashes ;)
Your quoted virtualhost is probably not used for your test request, because proxy would always bypass mod_rewrite rules specified in .htaccess.
Maybe apachectl -S would give you a hint about which vhosts are present / being used. I see this vhost has no ServerName, so unless it's the first or only *:80 it will probably never be used.

Webmin login keeps looping to session_login.cgi

I've had a working webmin setup on a VPS, however after trying to force it to connect via HTTPS I've done goof somewhere and now whenever I try to login the login page doesn't display correctly (no blue rectange background) and trying to login via https://server1.domain.me:10000 keeps redirecting me to https://server1.domain.me:10000/webmin/session_login.cgi, which is again a login page.
Before it began malfunctioning, I had the following file in /etc/apache2/sites-available
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
</VirtualHost>
When I tried to force webmin (and owncloud if that matters) to use HTTPS I created a new Virtualhost for port 443 using my SSL keys and updated Virtualhost for port 80 to proxy all http://domain.me/webmin to https://server1.domain.me:10000 (I kept commented-out configs for you to see what I've tried):
<VirtualHost *:443>
ServerAdmin webmaster#domain.me
ServerName server1.domain.me
alias /owncloud /var/www/domain.me/owncloud
DocumentRoot /var/www/domain.me/
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/ssl/ssl.crt/server1_domain_me.crt
SSLCertificateKeyFile /etc/ssl/ssl.crt/server1.key
SSLCACertificateFile /etc/ssl/ssl.crt/COMODORSADomainValidationSecureServerCA.crt
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# <Location /webmin>
# RewriteEngine On
# #RewriteRule (.*) https://server1.domain.me:10000/$1 [R,L]
# ProxyPass https://server1.domain.me:10000/
# ProxyPassReverse https://server1.domain.me:10000/
# </Location>
<Directory /var/www/domain.me/owncloud>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
Satisfy Any
<IfModule mod_rewrite.c>
RewriteEngine on
<IfModule mod_ssl.c>
RewriteEngine On
RewriteRule ^/?(.*)$ https://%{HTTP_HOST}/owncloud$
</IfModule>
</IfModule>
</Directory>
# ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
# <Directory "/usr/lib/cgi-bin">
# AllowOverride None
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# Order allow,deny
# Allow from all
# </Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
</VirtualHost>
and updated my domain.me virtualhost file to:
<VirtualHost *:80>
ServerAdmin webmaster#domain.me
ServerName domain.me
ServerAlias www.domain.me
#SSLEngine On
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
DocumentRoot /var/www/domain.me/
<Directory />
RedirectMatch temp ^/$ /public_html
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/domain.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/www/domain.me/redmine>
AllowOverride None
order allow,deny
allow from all
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
</Directory>
<Location /owncloud>
ProxyPass https://server1.domain.me/owncloud/
</Location>
<Location /server1>
ProxyPass https://server1.domain.me/webmin/
</Location>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerSignature On
RailsEnv production
RailsBaseURI /redmine
#ProxyPassReverse /owncloud https://server1.domain.me/owncloud/
#ProxyPassReverse /webmin https://server1.domain.me:10000/
</VirtualHost>
I also added the lines webprefix=/webmin, webprefixnoredir=1 and referer=domain.me to /etc/webmin/config
However, something is clearly wrong here because I cannot login to webmin at all. I've been searching the web for an answer for the past 5 hours, tried a lot of thing and still no luck.
Any ideas?
There are 4 critical (and undocumented!) keys to get this to work, as I found through much aggravation!
1) When you edit /etc/webmin/config, make sure there is NO WHITE SPACE at the end of the webprefix=/webmin line. That will fix the problem where the login screen formatting is funky.
2) You need to be extremely precise in your use of slashes in your ProxyPass (and they don't match the official documentation!)
ProxyPass /webmin/ http://localhost:10000/
ProxyPassReverse /webmin/ http://localhost:10000/
3) You need to include cookie ProxyPass lines (again not in the documentation!).
ProxyPassReverseCookieDomain /webmin/ http://localhost:10000/
ProxyPassReverseCookiePath /webmin/ http://localhost:10000/
4) When you browse to Webmin, you MUST INCLUDE a trailing slash!
http://your.domain.name/webmin/
* UPDATE *
Pertaining to point 4:
To make sure the trailing slash is always present when you browse to Webmin, add these lines (prior to your proxy pass, if it matters?). With this added, if you forget to add the slash, Apache will simply do it for you:
RewriteEngine On
RewriteRule ^/webmin$ /webmin/ [R]
I had the same problem. I installed webmin set up apache with it, and after login screen, no redirection happened.But #MUHAHA was right. I set up my webmin with no /webmin directory, no nuthin!
I wrote a CNAME redirection rule in my domain provider. CNAME webmin.example.com to my raspberry pi's dynamic-dns service name.
my webmin.conf file in /etc/apache2/sites-enabled/ directory:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName webmin.example.com
ServerAlias webmin.example.com
ProxyPass / http://localhost:10000/
ProxyPassReverse / http://localhost:10000/
ProxyPassReverseCookieDomain / http://localhost:10000/
ProxyPassReverseCookiePath / http://localhost:10000/
</VirtualHost>
after that i installed webmin... you know! :)
an then thanks to #MUHAHA, i changed that line 4043 in /usr/share/webmin/miniserv.pl file
change
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
and everythings peachy! Login redirects to the main page with ease!
#Buvinj
Im afraid, that this isnt enough..
To use proper SSL on Proxy, is needed to disable miniservers SSL
/etc/webmin/miniserv.conf
ssl=0
ssl_redirect=1
cookiepath=/webmin
/etc/webmin/config
webprefix=/webmin
webprefixnoredir=1
There are still problems with redirect after login, so this should help:
on webmin host edit file /usr/share/webmin/miniserv.pl
and on line 4043 replace
&write_data("Location: $prot://$hostport$in{'page'}\r\n");
to
&write_data("Location: $prot://$host$in{'page'}\r\n");
Source:
https://sourceforge.net/p/webadmin/discussion/600155/thread/6eb89f60/
But it doesnt work for me, i am redirected to root context (/) after login, not to /webmin context
EDIT:
$prot is always evaluated as http, even if you have ssl_redirect=1 in miniserv.conf
/usr/share/webmin/miniserv.pl
&write_data("Location: https://$hostport$config{'cookiepath'}$in{'page'}\r\n");
Rewrite rule for Location: in headers should also fix this problem.
EDIT2:
https://github.com/webmin/webmin/issues/350
https://github.com/webmin/webmin/issues/351

Apache mod rewrite masking

I'm trying to mask/hide a the URL of our VPS, in which we have installed a wordpress blog under a subdirectory (/var/www/vhosts/vps.url.com/httdocs/blog.
We have a domain pointing to this site (vps.url/blog), so writing the domain URL on the browser redirect us to the VPS, but showing the URL vps.url/blog.
I've tried to mask it with apache2 virtual hosts this way:
<VirtualHost *:7080>
ServerAdmin webmaster#localhost
ServerName domain.es
ServerAlias www.domain.es
DocumentRoot /var/www/vhosts/vps.url.com/httpdocs/domain/
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This doesn't work as it still showing vps.url.com/domain when we want to show domain.es
Thanks before hand and excuse my bad english.

Properly configure .htaccess

On localhost I have a file filename.html and an .htaccess in the same folder.
I need to figure out why my .htaccess is not working:
redirect 301 /filename.html http://www.google.com
I am on linux, I have configured the server:
sudo nano /etc/apache2/sites-available/default
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride All
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
sudo service apache2 restart
I found:
RewriteEngine On
Options +FollowSymLinks
RewriteRule ^test\.html http://www.google.com/? [R=301,L]
my RewriteEngine is working.