I am using apache 2.2.22 with debian stable as the server.
I have created a virtual host for a webdav share. I can access all of the symbolic links contained in /webdav via a web browser, just not from a webdav client. If i put documents or proper folders within /webdav i can see them in a client.
Here is my config for the share:
<VirtualHost *:80>
ServerAdmin webmaster#mydomain.com
ServerName mydomain.com
ServerAlias *.mydoman.com
DirectoryIndex index.html
Options Indexes FollowSymLinks
DocumentRoot /var/www/html/www.mydomain.com/htdocs/
ScriptAlias /cgi-bin/ /var/www/html/www.mydomain.com/cgi-bin/
<Location /cgi-bin>
Options +ExecCGI
</Location>
ErrorLog /var/www/html/www.mydomain.com/logs/error.log
CustomLog /var/www/html/www.mydomain.com/logs/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin webmaster#mydomain.com
ServerName mydomain.com
ServerAlias *.mydomain.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/mykey.crt
SSLCertificateKeyFile /etc/apache2/ssl/mykey.key
DirectoryIndex index.html
Options Indexes FollowSymLinks
DocumentRoot /var/www/html/www.mydomain.com/htdocs/
ScriptAlias /cgi-bin/ /var/www/html/www.mydomain.com/cgi-bin/
<Location /cgi-bin>
Options +ExecCGI
</Location>
ErrorLog /var/www/html/www.mydomain.com/logs/error.log
CustomLog /var/www/html/www.mydomain.com/logs/access.log combined
Alias /webdav /var/www/html/mydomain/htdocs
<Location /webdav-public>
Options Indexes FollowSymLinks
#AllowOverride None
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /etc/apache2/webdav.password
Require valid-user
</Location>
</VirtualHost>
Permissions for root and webdav folder:
Owner: root, create/delete; Group www-data, access; Other, none
Permissions for the public folder which the symlinks point to:
Owner: myusername, create/delete; Group: www-data, access; Other, Access
Any ideas? Obviously i am trying to learn my way around apache so there is probably a few errors in the above, i welcome any off topic criticism.
So, it turns out:
<Location /webdav-public>
A location as above can be a symbolic link. However, symbolic links within the share location are not supported for whatever reason (at least for apache 2.2.22 in the debian stable repo). They do show when accessed by firefox or chrome for me, but not from a webdav client or while mapped in windows explorer (while on the home network, not tested elsewhere).
I had to rearrange my files to suit webdav, which sucks.
Related
I am hosting website iplocation.io on a cloud server. I found a domain https://chrissloey.com/index.php which opens my website within it.
Now from what I understand, chrissloey.com has pointed it A record to my server ip and my apache2 server is not denying connection to it and allow's to open iplocation.io website content like its own.
I want apache2 to deny connections to any other domain and only allow my own domain to server content.
Attached is apache conf file for iplocation.io
<VirtualHost *:80>
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
ServerName iplocation.io
ServerAlias www.iplocation.io
ErrorLog ${APACHE_LOG_DIR}/apache-error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName iplocation.io
ServerAdmin email#email.com
DocumentRoot /var/www/public_html
SSLEngine on
SSLCertificateFile /path-to-csr
SSLCertificateKeyFile /path-to-key
SSLCertificateChainFile /path-to-ca
<Directory /var/www/public_html>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule
Looking at the two comments I think the combination makes most sense:
Configure httpd to respond with redirect (301) to all incoming requests. This could be done on the 'root' host.
Configure a virtualhost listening to your domain only, and this one would serve your real content only.
This will work unless the other site requests your content and then integrates it into their responses. But as you said someone else simply put up a DNS A record.
I followed this guide step by step to set up SSL connection for my web portal. Earlier I was able to access it using http:// but now I have to specify port 80 i.e. I have to use https://:80 to access the portal. If I access https:// it shows me the default Apache test page, which says -
Testing 123..This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page it means that this site is working properly. This server is powered by CentOS.
I need to access the portal using https:// without port. Any help is appreciated.
httpd.conf
<VirtualHost *:80>
WSGIScriptAlias / /var/www/html/portals/portals/wsgi.py
DocumentRoot /var/www/html/portals/portals
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/mysite.crt
SSLCertificateKeyFile /etc/pki/tls/private/mysite.key
SSLCertificateChainFile /etc/pki/tls/certs/mysite.crt
<Location "/mysite/authenticate">
AuthType Basic
AuthName "wsgi protected"
Require valid-user
AuthBasicProvider wsgi
WSGIAuthGroupScript /var/www/html/portals/portals/wsgi.py
WSGIAuthUserScript /var/www/html/portals/portals/wsgi.py
</Location>
<Directory /var/www/html/portals/portals>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
Alias /media/ /var/www/html/portals/media/
Alias /static/ /var/www/html/portals/static/
<Directory /var/www/html/portals/static>
Require all granted
</Directory>
<Directory /var/www/html/portals/media>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
WSGIScriptAlias / /var/www/html/portals/portals/wsgi.py
DocumentRoot /var/www/html/portals/portals
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/mysite.crt
SSLCertificateKeyFile /etc/pki/tls/private/mysite.key
SSLCertificateChainFile /etc/pki/tls/certs/mysite.crt
<Location "/mysite/authenticate">
AuthType Basic
AuthName "wsgi protected"
Require valid-user
AuthBasicProvider wsgi
WSGIAuthGroupScript /var/www/html/portals/portals/wsgi.py
WSGIAuthUserScript /var/www/html/portals/portals/wsgi.py
</Location>
<Directory /var/www/html/portals/portals>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
Alias /media/ /var/www/html/portals/media/
Alias /static/ /var/www/html/portals/static/
<Directory /var/www/html/portals/static>
Require all granted
</Directory>
<Directory /var/www/html/portals/media>
Require all granted
</Directory>
</VirtualHost>
I don't think you have followed the instructions correctly. The instructions say that the <VirtualHost *:80> element should be something like this:
<VirtualHost *:80>
<Directory /var/www/vhosts/yoursite.com/httpdocs>
AllowOverride All
</Directory>
DocumentRoot /var/www/vhosts/yoursite.com/httpdocs
ServerName yoursite.com
</VirtualHost>
and there should be a "mirror" configuration port 443.
But you seem to have added in the stuff to enable the SSL engine, etcetera to the <VirtualHost *:80> element ... which is going to make Apache configure port 80 to expect / require "https:" connections.
Review your configurations and compare them with what the instructions actually tell you to do.
Can I also recommend reading the Apache documentation for the directives that you are using in your configs. That way you can start to understand what the configs are actually saying. That will give you a better chance of diagnosing problems if the "potted" instructions are not followed correctly.
everybody.
I have a Cent OS 6.6 server with Apache + mod_php site (site1.local). I need to configure second site (site2.local) with php_cgi. So, I created a user, gave him permissions on www-folder, configured site1 as mod_php, created a phpinfo.php. Also, I installed php-cgi,and try to configure virtual hosts, works only first site, on the second site is error:
the requested url /cgi-bin/phpinfo.php was not found onthis server.
That's my configs:
cat /etc/httpd/conf/httpd.conf
<VirtualHost *:80>
ServerAdmin webmaster#site1.local
DocumentRoot /var/www/wwwmaster/site1.local
ServerName site1.local
ServerAlias www.site1.local
ErrorLog logs/site1.local-error_log
CustomLog logs/site1.local-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster#site2.local
DocumentRoot /var/www/wwwmaster/site2.local
ServerName site2.local
ServerAlias www.site2.local
ScriptAlias /cgi_bin/ /usr/bin/php-cgi/
Action php-cgi /cgi-bin
AddHandler php-cgi php
<Directory /usr/bin/php-cgi>
Allow from all
</Directory>
<Directory "/var/www/wwwmaster/site2.local/">
<FilesMatch "\.php">
SetHandler php-cgi
</FilesMatch>
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order Deny,Allow
Allow from all
</Directory>
ErrorLog logs/site2.local-error_log
CustomLog logs/site2.local-access_log common
</VirtualHost>
What I've done wrong and how can I fix that?
You only have to uncomment the line that says NameVirtualServer *:80 in your apache config file.
If you want virtual server for more than one port, simply put as many NameVirtualServer *:[port number] in the apache config file as you need.
I'm running a http server on Debian (Apache 2) with one IP address. I have few domains and SVN running on the server as well. At the moment I have configuration that points my domains to the correct folders on my server with VirtualHosts.
I have done all my VirtualHosts configurations only in the file called "/etc/apache2/sites-available/default". Is this the correct way to do it, or should I make a new file for every website I'm running on my server?
At this moment, my VirtuaHosts file (/etc/apache2/sites-available/default) looks like this:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.domain1.com
ServerAlias domain1.com
DocumentRoot /var/www/domain1
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain2.com
ServerAlias domain2.com
DocumentRoot /var/www/domain2
</VirtualHost>
<VirtualHost *:80>
ServerName svn.myhostname.com
DocumentRoot /var/svn
<Directory /var/svn/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Location />
DAV svn
SVNParentPath /var/svn
AuthType Basic
AuthName "Subversion"
AuthUserFile /etc/subversion/svn-auth
Require valid-user
</Location>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/svn.error.log
CustomLog ${APACHE_LOG_DIR}/svn.access.log combined
</VirtualHost>
There is no 'correct' way. You could also make an extra file for every Vhost. I for example have all my VHosts in /etc/apache2/httpd.conf and included it via Include httpd.conf in /etc/apache2/apache2.conf.
But if you want it to be a bit structured you CAN use the Apache2 built in VHosts System in /etc/apache/sites-availible/ with multiple files for every site (VHost).
If you want you could use nano /etc/apache2/sites-availible/mypage1 and then activate or deactivete it via the a2ensite command. Like a2ensite mypage1.
I am trying to host subversion and wiki on the same site.
I have created two files in /etc/apache2/sites-available
in "subversion"
I have
<VirtualHost -myserverIP-:80>
ServerAdmin webmaster#localhost
ServerName svn.example.com
DocumentRoot /var/svn/repos
<Location /svn/repos>
DAV svn
SVNPath /var/svn/repos
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/passwords
Require valid-user
</Location>
</VirtualHost>
and in "wiki" I have
<VirtualHost -myserverIP-:80>
ServerAdmin webmaster#localhost
ServerName wiki
ServerAlias -myserverIP-
DocumentRoot /home/www/wiki/html
<Directory /home/www/wiki/html>
AllowOverride None
Options -Indexes -MultiViews -SymLinksIfOwnerMatch +FollowSymLinks
Order allow,deny
allow from all
</Directory>
<Location /wiki>
</Location>
<DirectoryMatch "^/home/www/wiki/html/(data|conf|bin|inc)/">
Order allow,deny
Deny from all
Satisfy All
</DirectoryMatch>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
ErrorLog /home/www/wiki/logs/error.log
CustomLog /home/www/wiki/logs/access.log combined
</VirtualHost>
However now, when I browse to the IP address of the server, I get the contents of the /var/svn/repos directory, wheras when I just had the wiki page, I got the wiki index page. I can actually go to -IPaddress-/svn/repos and see the SVN repository, but -IPaddress-/wiki does not work.
Thanks for the tips
Both your virtual hosts are on port 80 on the same machine. Apache can only guess which one you want to use. It is guessing the subversion one and browsing to the DocumentRoot specified.
You need to differentiate the virtual hosts, or browse to the server using the server name rather than IP.
Instead you could setup the SVN location inside your other virtual host.
Also consider using /etc/apache2/mods-available/dav_svn.conf depending on your Operating System.
However now, when I browse to the IP address of the server, I get the contents of the /var/svn/repos directory, wheras when I just had the wiki page, I got the wiki index page. I can actually go to -IPaddress-/svn/repos and see the SVN repository, but -IPaddress-/wiki does not work.
When you make a request to apache and the hostname you are using isn't defined by any ServerName or ServerAlias in any of the vhosts, apache returns the default vhost, which is always the first vhost in the file (or in the file with the name that's the smallest lexiconical order, e.g. 00-default_vhosts.conf). In your case, your SVN vhost is first so it is the "default" vhost. If you swap the 2 around the other one would be the "default" vhost.