We Keep Coding

apache virtualhost conf file and authorizations

Here is my conf file:
<VirtualHost *:80>
ServerAdmin r0dy#r0dy.net
ServerName mtc.r0dy.net
ServerAlias www.mtc.r0dy.net
DocumentRoot /var/www/mtc
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/mtc>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc/bo>
AuthName "Restricted Area: BackOffice"
AuthType Basic
AuthUserFile /var/www/mtc/bo/.htpasswd
# AuthGroupFile /dev/null
require valid-user
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
When i comment out the <Directory /var/www/mtc/bo> part, it doesnt ask for credentials.
When i uncomment it, if i browse to this directory, it asks for credentials and it works fine.
My problem is that is asks for credentials even if i don't go to the /bo/ directory, i just browse to http://mtc.r0dy.net/ and i'm blocked.
Any idea on what i did wrong ?

In case anyone has the same problem, i solved it by adding Allow directives in my directories :
<Directory />
Options FollowSymLinks
#AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc>
Options Indexes FollowSymLinks MultiViews
#AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/mtc/bo>
Order allow,deny
Allow from all
AuthName "Restricted Area: BackOffice"
AuthType Basic
AuthUserFile /var/www/mtc/bo/.htpasswd
# AuthGroupFile /dev/null
require valid-user
</Directory>
I don't understand why it works with the allow directives and behaves strangely without, but it works fine now. If anyone has the explaination you're welcome.

Apache mod rewrite masking

I'm trying to mask/hide a the URL of our VPS, in which we have installed a wordpress blog under a subdirectory (/var/www/vhosts/vps.url.com/httdocs/blog.
We have a domain pointing to this site (vps.url/blog), so writing the domain URL on the browser redirect us to the VPS, but showing the URL vps.url/blog.
I've tried to mask it with apache2 virtual hosts this way:
<VirtualHost *:7080>
ServerAdmin webmaster#localhost
ServerName domain.es
ServerAlias www.domain.es
DocumentRoot /var/www/vhosts/vps.url.com/httpdocs/domain/
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
This doesn't work as it still showing vps.url.com/domain when we want to show domain.es
Thanks before hand and excuse my bad english.

Unable to install self-signed SSL Cert. Apache Error

I am trying to install a self signed cert I generated using these instructions here:
http://www.akadia.com/services/ssh_test_certificate.html
I have the cert ready and have reread the instructions several times. However, the one difference is that I'm putting mine in /etc/apache2/conf.d/security/
I get the following error from apache.
Syntax error on line 1 of /etc/apache2/conf.d/security/server.crt:
Invalid command '-----BEGIN', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
Any clues? I'm in Ubuntu 11.04 running the latest lamp installation from tasksel. (vhosts in sites-available and such). I also have also made sure that ssl is enabled using a2enmod ssl. It said that it was already enabled.
------------VHOST---------------
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName www.cmp.me
SSLEngine on
SSLCertificateFile /etc/apache2/conf.d/security/server.crt
SSLCertificateKeyFile /etc/apach2/conf.d/security/server.key
DocumentRoot /var/www/sites/www.cmp.me
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/sites/www.cmp.me>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/www/errors/cmp-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>

Password protect directories when accessed from external IPs using Apache

Currently have password protection on my main and sub directories, however I'd like to make it only required when connecting from an outside IP address and password free when connecting from the local subnet.
Currently /etc/apache2/sites-available/default looks like this:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
<Location / >
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user1
SetEnv R_ENV "/var/www"
</Location>
<Location /dir1>
AuthType Digest
AuthName "dir"
AuthDigestDomain /var/www/dir1/ http://10.1.2.2/dir1
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user2
SetEnv R_ENV "/var/www/dir1"
</Location>
<Location /dir2>
AuthType Digest
AuthName "dir"
AuthDigestDomain /var/www/ http://10.1.2.2/dir2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user2
SetEnv R_ENV "/var/www/dir2"
</Location>
</VirtualHost>
I've had a loot at Apache's documentation on auth but can't make sense of how I'd then implement the password protection in with that.

A bit of searching brought this up http://www.askapache.com/htaccess/apache-authentication-in-htaccess.html
Basically changed this:
<Location / >
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require user user1
SetEnv R_ENV "/var/www"
</Location>
to this:
<Location />
Order deny,allow
Deny from all
AuthType Digest
AuthName "intranet"
AuthDigestDomain /var/www/ http://10.1.2.2
AuthDigestProvider file
AuthUserFile /etc/apache2/passwords
Require valid-user
SetEnv R_ENV "/var/www"
Allow from 10.1.2.0/24
Satisfy Any
</Location>
Tested and it's all running smoothly.

virtually hosted typo3 site returns a 503 after backend logout

I am trying to host multiple typo3 managed sites on my remote webserver but whenever I logout from a brand new install I get a 503 error and can't get past that. but I can re-install a typo3 site from the same link. but the default typo3 installed which can be referenced via <www.mydomain_name.com/typotest> works fine. below is my default site setup:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /srv/www/
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
############### All other demo sites ################
<VirtualHost *:80>
DocumentRoot /srv/www/site1/
ServerName www.site1.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/WFS>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site1/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site1/access.log combined
</VirtualHost>
######## Site2 ########
<VirtualHost *:80>
DocumentRoot /srv/www/site2/
ServerName www.site2.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/Monassier>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site2/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site2/access.log combined
</VirtualHost>
######## site 3 ########
<VirtualHost *:80>
DocumentRoot /srv/www/site3/
ServerName www.site3.typotest.net
<Directory />
Options FollowSymLinks
AllowOverride all
</Directory>
<Directory /srv/www/HandP>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
allow from all
</Directory>
#ErrorLog ${APACHE_VHOST_LOG_DIR}/site3/error.log
#Loglevel warn
#CustomLog ${APACHE_VHOST_LOG_DIR}/site3/access.log combined
</VirtualHost>
I will also say that I tried copying the .htaccess from the working site to the virtually hosted site but got no results. At this point I am at a loss as to what could be causing this.
Server OS is Debian Lenny and apache 2.2.16.
I would like to add that I have checked the error logs (php ones included) and all I see are access errors

As you are not getting a Apache error log entry, I presume you have got the maintanence mode enabled.
Check your localconf.php for the entry:
$GLOBALS['TYPO3_CONF_VARS'][BE][adminOnly] = 1;
and change it to
$GLOBALS['TYPO3_CONF_VARS'][BE][adminOnly] = 0;

Slight misunderstanding of the framework caused this. It turns out that I had installed a blank package instead of the introduction package. So I was getting the 503 due to there not being any frontend pages created in the blank, and I was trying to access the backend via the front end address.