Apache cert auth is not working - apache

I have set up a virtual host to serve as a Web API in my company and due to the use cases we have configured a Django app that makes basic auth in a URL path. It was required to use cert auth, so in apache's side we configured client cert verification on another URL but seems not to be working, apache is allowing all traffic to this URL location, the request headers remain the same as if no auth was requested by the server.
The conf file is like this:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
WSGIPassAuthorization on
WSGIScriptAlias / /srv/www/site/site/wsgi.py
Alias /favicon.ico /srv/www/site/static/img/favicon.ico
Alias /static/ /srv/www/site/static/
Header set Access-Control-Allow-Origin http://127.0.0.1:9000
SSLVerifyClient none
SSLCACertificateFile ssl.crt/ClientCheck_CA.crt
DocumentRoot /srv/www/site
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /srv/www/site>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Location /api-certauth/>
SSLVerifyClient require
SSLVerifyDepth 3
SSLOptions +ExportCertData
</Location>
<Directory /srv/www/site/static>
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
Basically, when I request http://server-name.com/api-certauth no auth was requested to my browser like any other URL in the server

Solved my problem, changed port 80 for 443

Related

Why did my reverse proxy configuration cause CacheDetailHeader to get ignored in Apache?

This is my set up, I have two different virtual host for two different "web apps." Underneath the two is another VirtualHost that I used to create a reverse proxy that caches these two html files the web apps have. Pretty simple, right? I'm utilizing http live plugin to give me some of the headers I need to understand what it is I'm doing with these and so far, it looks good until I use CacheDetailHeader. This is suppose to give me X-Cache-Detail: some info on what's happening. Thing is, it's not doing it's job. What exactly did I do wrong?
Down below is the set up I have right now. Let me know what stupid mistake I made and how I'm suppose to fix this.
<VirtualHost www.kennykenken101.com:80>
ServerName www.kennykenken101.com:80
DocumentRoot "/var/www/html"
<Directory "/var/www/html">
Options +FollowSymLinks
AllowOverride none
Require all granted
DirectoryIndex "this.html"
<Files "this.html">
Options FollowSymLinks
AllowOverride none
Require all granted
</Files>
</Directory>
CacheDetailHeader on
</VirtualHost>
<VirtualHost www.jimmyjames202.com:80>
ServerName www.jimmyjames202.com:80
DocumentRoot "/var/www/htmlthree"
<Directory "/var/www/htmlthree">
Options FollowSymLinks
AllowOverride none
Require all granted
DirectoryIndex "testtwo.html"
<Files "testtwo.html>
Options FollowSymLinks
AllowOverride none
Require all granted
</Files>
</Directory>
</VirtualHost>
<VirtualHost *:80>
<Proxy balancer://myset>
BalancerMember http://www.kennykenken101.com:80 loadfactor=10 smax=5 max=10 ttl=7
BalancerMember http://www.jimmyjames202.com:80 loadfactor=5 smax=2 max=5 ttl=4
ProxySet lbmethod=bytraffic
</Proxy>
ProxyPass / balancer://myset
ProxyPass / balancer://myset
CacheQuickHandler on
CacheRoot /var/cache/apache2
CacheEnable disk "/"
CacheDirLevels 6
CacheDirLength 3
Header set Cache-Control "max-age=40, public, proxy-revalidate"
ExpiresActive on
ExpiresDefault A100
ExpiresByType text/html A90
CacheDetailHeader on
</VirtualHost>
See that's all I'm doing but for some reason CacheDetailHeader isn't showing X-Cache-Detail as it should. What exactly did I do wrong?

Denied Access of Port 443 (https://) on another Computer on Network, using WampServer [duplicate]

This question already has answers here:
Project Links do not work on Wamp Server
(13 answers)
Closed 4 years ago.
Using Apache2.4.33, I was able to allow access to another computer on the network on port 80, however I can't seem to work out how to do the same with port 443 for a secure connection.
My httpd-vhosts.conf file: (if relevant)
# Virtual Hosts
#
<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot "${INSTALL_DIR}/www"
<Directory "${INSTALL_DIR}/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Allow from all
Require all granted
</Directory>
</VirtualHost>
Port 443 works perfectly on the computer I am hosting it on.
Worked Out the Issue by my self in the End:
Add these Lines of Code:
<Directory "c:/wamp64/www/">
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
<Directory "c:/wamp64/www/yoursite/">
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
Where I have added the # in "httpd-ssl.conf" which is stored in "\wamp64\bin\apache\apache2.x.xx\conf\extra\":
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/Apache24/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# <--This Hashtag!!!
This fixes the Port 443 Denied Issue.

2 domains pointing to 1 server (2 different subfolders)

OK, so, I think the title is rather self-explanatory.
I've set up my own Apache server (on Debian) and hosting 2 different sites (let's say mysite1.com at /home/www/mysite1, and mysite2.com at /home/www/mysite2).
In my domain name registrar setup page (Dynadot actually), I created A records (still not sure what this is exactly...) for both of them, pointing to my server's ip...
Now, on the server's side, here'e what my .conf file looks like (/etc/apache2/sites-enabled/mysite actually)
<VirtualHost *:80>
DocumentRoot /home/www/mysite1.com
ServerName www.mysite1.com
ServerAdmin drkameleon#gmail.com
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /home/www/mysite1.com>
Options Indexes FollowSymLinks Multiviews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin
<Directory "/home/www/mysite1.com/cgi-bin">
AllowOverride All
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot /home/www/phpmyadmin
ServerName www.mysite1.com
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/www/mysite2.com
ServerName www.mysite2.com
ServerAdmin drkameleon#gmail.com
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /home/www/mysite2.com>
Options Indexes FollowSymLinks Multiviews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Now, the thing is. Now matter which site I visit (1 or 2), I always get mysite1's contents.
What am I doing wrong? Any ideas?
There are multiple possibilities of what could go wrong.
Do you have
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
somewhere in the config? (http://httpd.apache.org/docs/2.2/mod/core.html#namevirtualhost)
Without that config entry Apache is not sensitive to domain names in dispatching requests to virtual hosts.
It's just a guess.
Make sure Apache has been reloaded after any changes to the config!

Apache Config for PHP and Web2Py

I'm setting up a server for home to run all sorts of things. I'll save you the whole story, but I'm trying to get it to run Web2Py through WSGI, but also need to serve PHP files for other web apps I have. I tried the install script for Web2Py, but that "hijacked" the entire Apache system to run the Web2Py system.
The setup currently works for PHP and SSL pages, but I cannot get it to also process requests for the Web2Py site. For the Web2Py url (http://jupiter/web2py), I get an Apache directory listing. Please help.
The directory structure is this:
/var/www --> Apache DocumentRoot
/var/www/scripts --> various PHP scripts
/var/www/web2py --> Web2Py
The /etc/apache2/sites-available/default file is setup as this:
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin me#yahoo.com
ServerName jupiter.myhome.com
WSGIDaemonProcess web2py user=www-data group=www-data display-name=%{GROUP}
WSGIProcessGroup web2py
WSGIScriptAlias /web2py /var/www/web2py/wsgihandler.py
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow, deny
allow from all
</Directory>
<Directory /var/www/web2py>
AllowOverride None
Order Allow,Deny
Deny from all
<Files wsgihandler.py>
Allow from all
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(.*) /var/www/web2py/applications/$1/static/$2
<Directory /var/www/web2py/applications/*/static/>
Order Allow,Deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
#comment
#comment
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
I successfully configured a Joomla (PHP) application + Web2py. Your apache config seems ok. Just make sure you configure your /web2py/routes.py with the correct path_prefix (as per your example it should be 'web2py'):
routers = dict(
BASE = dict(
default_application='<your_default_app>',
path_prefix='web2py',
)
)

AllowOverride for .htaccess on local machine giving 403 Forbidden

I have a mod_rewrite I'd like to use locally on my mac but when I change my configuration to in my directory tag I get a 403 Forbidden error. I've tried all the other solutions around but no luck.
Maybe somebody will see something I am not...
Here is the code:
httpd.conf
<Directory />
Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all
</Directory>
<Directory "/Library/WebServer/Documents/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Which is overridden by myusername.conf
<Directory /Users/adrianmaurer/Sites/www>
Options Indexes MultiViews FollowSymLinks ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Virtual host file httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot /Library/WebServer/Documents
ServerName localhost
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /Users/adrianmaurer/Sites/www
ServerName myserver.dev
</VirtualHost>
I was able to get it fixed by setting my /etc/apache2/users/username.conf file like so (Note you have to change the Options line too, not just the AllowOverride):
<Directory "/Users/tlhunter/Sites/">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>