We Keep Coding

Let's Encrypt SSL with NGINX + Apache Docker swarm NET::ERR_CERT_INVALID

I was wanting to setup Let's Encrypt on docker swarm with NGINX and Apache2... The stack was working before ssl. And the classic NOW ITS NOT WORKING! So I have listed my configs and what I'm seeing (Google chrome error: NET::ERR_CERT_INVALID). Let me know if you need any more info from me. Thanks a ton you guys are geniuses I hope that I will have the same knowledge one day :)
SSL labs result (image)
Google Chrome error (image)
nginx.conf:
worker_processes 1;
events { worker_connections 1024; }
http {
sendfile on;
upstream docker-nginx {
server 192.168.0.111:8080;
server 192.168.0.109:8080;
server 192.168.0.110:8080;
server 192.168.0.92:8080;
}
server {
listen 80;
server_name dotdotprint.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name dotdotprint.com;
ssl_certificate /home/pi/cert/letsencrypt/live/dotdotprint.com/fullchain.pem;
ssl_certificate_key /home/pi/cert/letsencrypt/live/dotdotprint.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location ^~ /.well-known/ {
# allow LE to validate the domain
root /home/pi/code;
allow all;
}
location / {
proxy_pass http://docker-nginx;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
add_header X-Upstream $upstream_addr;
}
}
}
apache2.conf:
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These should be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
# their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
#Mutex file:${APACHE_LOCK_DIR} default
#
# The directory where shm and other runtime files will be stored.
#
DefaultRuntimeDir ${APACHE_RUN_DIR}
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel error
# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
docker-compose.yml
version: "3.8"
services:
loadbalancer:
image: nginx
ports:
- "80:80"
- "443:443"
networks:
- frontend
- backend
deploy:
mode: global
volumes:
- ./config/nginx.conf:/etc/nginx/nginx.conf
- ./cert/letsencrypt:/home/pi/cert/letsencrypt
web:
image: php:8.0-rc-apache-buster
ports:
- "8080:80"
networks:
- backend
deploy:
mode: global
volumes:
- ./code:/var/www/html/
- ./config/php.ini:/usr/local/etc/php/conf.d/custom.ini
- ./config/apache2.conf:/etc/apache2/apache2.conf
mariadb:
image: linuxserver/mariadb:arm32v7-latest
ports:
- "8081:80"
networks:
- backend
volumes:
- ./data:/config/databases
deploy:
placement:
constraints:
- node.hostname==dot5
phpmyadmin:
image: phpmyadmin
ports:
- 8000:80
environment:
- PMA_ARBITRARY=1
- PMA_HOST=mariadb
depends_on:
- mariadb
deploy:
mode: global
networks:
- backend
- frontend
networks:
frontend:
backend:
Thanks for dealing with the newbie to docker-swarm/cluster-composing/NGINX/Let's Encrypt.

I found a solution. I am hosting my site behind my router at home. I have port forwarded port 80 to the server but not 443! So the solution was to forwarded external traffic from port 443 to 443 on the server! Thanks for looking at this question.

Perl CGI picture-of-the-day script not behaving as expected after migration to new server

I have a perl cgi script that has been working perfectly for me on a FreeBSD 5.4 Apache 1.3 webserver for many years without trouble. It's a picture of the day script that randomly selects a picture from a given directory for inclusion on an shtml page with the server side include
<!--#exec cgi="/cgi-bin/pod/pod.cgi"-->
I recently migrated to a new server on Google Cloud Platform - Debian 9 (Stretch), Apache 2.4. And the script broke. After setting the server configurations to execute cgi perl scripts correctly, and re-uploading the script in ASCII, the script began working again, but now with an anomalous behavior. Instead of displaying one image (the same image) all day long and then changing the image at midnight (the desired behavior) it is now changing the image every time the page is reloaded in a web browser.
The script uses a flat-file log that keeps track of which images have been used from the source directory, and doesn't repeat displaying of any images until all images from the target directory have been used (logged in pod.log). When working correctly, it will display a new image every day (changing at midnight), which will remain the same for all users, whether the page is reloaded or not, until the following midnight.
Permissions have all been set on the necessary files as specified in the comments of the script. The script has been uploaded to the server in ASCII format (will not work at all if uploaded in binary). The script is displaying an image from the correct directory. BUT..... every time the page is refreshed, a new images is loaded and logged to the pod.log file.
One thing that I thought might be affecting the script was where it was getting the time for the date/time function of the script. When I entered the "date" command from the debian command prompt the server returned the correct time that I had configured the server to - America/Los_Angeles. But I noticed that when files on my webserver were touched or changed, it was time-stamping them with UTC time, which is 8 hours later. Thinking that Apache might be causing the different time-stamp, I tried changing the time-zone in php.ini for apache2. This didn't seem to change anything (after apache2ctl restart), so I thought, maybe I'll change the server timezone to UTC. If you can't beat 'em, join 'em. Right? Well that made it so the "date" command from the debian command line returned the time in UTC. Also noted: files on the webserver were still time-stamping with UTC time zone. All was looking good! But then I checked the time that was being used by perl/cgi with this little gem, which returns the date and time in a human-readable format...
#!/usr/bin/perl
print "Content-type: text/html\n\n";
#months = qw(Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec);
#weekDays = qw(Sun Mon Tue Wed Thu Fri Sat Sun);
($second, $minute, $hour, $dayOfMonth, $month, $yearOffset, $dayOfWeek, $dayOfYear, $daylightSavings) = localtime();
$year = 1900 + $yearOffset;
$theTime = "$hour:$minute:$second, $weekDays[$dayOfWeek] $months[$month] $dayOfMonth, $year";
print $theTime;
...And this script was returning the time in the time zone America/Los_Angeles, rather than UTC. Now I don't know if this discrepancy could be the thing causing the bug in my pic of the day script. But my guess, with my very limited experience is telling me that it's at least possible. But I've taken this debugging/troubleshooting of the script about as far as my technical abilities will take me.
I need to know:
what is causing the script to return a new picture and update the log file on every reload, rather than remaining static for 1 day?
is it caused by an unintentional (fat finger) error in the script?
is it caused by some different way my new server and/or its configuration are handling the script?
is it caused by the time-stamp/time-zone issues I mentioned in the previous paragraph?
or is this a result of something I'm completely missing?
Next I'll provide the source code for the script and my apache configuration files. EXAMPLE.COM should be replaced by your domain name wherever it appears and paths to files should be adjusted to your locations.
#!/usr/bin/perl
##############################################################
# POD (Picture of the Day) Version 1.30
##############################################################
package VAR;
use strict;
##############################################################
# Installation
##############################################################
# 1. Edit path to Perl at top of script (pod.cgi) if it
# differs on your server. Usual and default path it
# [/usr/bin/perl]. However, on some servers it may be
# /usr/local/bin/perl. If in doubt, then refer to a script on
# your server that does work, or ask your web host. Edit
# variables below. Ensure you edit (and save) the script using
# an ASCII editor like Notepad.
#
# 2. Via FTP, create directory on server in CGI-BIN called
# pod. No need to CHMOD - you can leave set to server
# default directory permissions.
#
# 3. Via FTP, create subdirectory in 'pod' directory
# called data and CHMOD 777 (drwxrwxrwx).
#
# 4. FTP upload the pod.cgi script to the 'pod'
# directory in ASCII (text) and CHMOD 755 (rwxr-xr-x). You may
# need to rename the scripts with the .pl extension if your
# server uses the .pl extension for CGI-Perl scripts.
#
# images/ 755 (drwxr-xr-x)
# cgi-bin/pod/
# pod.cgi 755 (rwxr-xr-x)
# data/ 777 (drwxrwxrwx)
#
##############################################################
# Operation
##############################################################
#
# METHOD 1: SSI Method
# ====================
# Call the script via SSI (Server-Side Includes). The image
# is embedded in the page. Insert the following SSI tag in
# the desired page:
#
# <!--#exec cgi="/cgi-bin/pod/pod.cgi"-->
#
# In either case, ensure to replace the cgi-bin/pod/ portion
# of the SSI tag with your path to the script.
#
# If you get the [an error occurred while processing this
# directive] error message or no image / message displays,
# make sure (a) the path to Perl is correct, (b) the script
# was uploaded in ASCII, (c) the script is chmod 755
# (rwxr-xr-x) and (d) the path to the script in the SSI tag
# is correct - if in doubt, then ask your web host. If still
# problematic then try the following:
#
# 1. On most servers, the page with a SSI tag must be named
# with the SHTML extension in order for the server to parse
# and execute the SSI tag. Check the page source. If you
# still see the SSI tag, then it was not parsed. Try
# renaming the page with the SHTML extension. If the SSI tag
# is still not parsed (and still visible), then SSI may not
# be enabled on your server - ask your web host.
#
# 2. Try calling the script directly from the browser. If
# you get a server 500 error, then check your server error
# logs.
#
# 3. You can also try the following SSI tag:
#
# <!--#include virtual="/cgi-bin/pod/pod.cgi"-->
#
# METHOD 1: Non-SSI Method
# ====================
# You can also call the script directly from the browser:
#
# http://www.yourdomain.com/cgi-bin/pod/pod.cgi
#
# The image is NOT embedded, but is instead displayed in a
# script generated HTML page.
##############################################################
# Configuration
##############################################################
# Full (absolute) server directory path of directory holding
# image files for the POD script to draw from. Create this
# directory in advance and upload images (in Binary) to this
# directory. No need to chmod. NO trailing slash at end of
# path.
$VAR::image_dir = "/var/www/EXAMPLE.COM/httpdocs/pod";
# URL of directory holding image files for the POD script to
# draw from. NO trailing slash at end of URL.
$VAR::image_url = "http://www.EXAMPLE.COM/pod";
# Full (absolute) server directory path for script data files
# (pod.log, pod.err). Create this directory in advance and
# chmod (777 or drwxrwxrwx). NO trailing slash at end of path.
$VAR::data_dir = "/var/www/EXAMPLE.COM/httpdocs/pod/data";
# Output template - how POD image (or error message) is
# displayed. Feel free to change the HTML but (1) the MS link
# back MUST be retained and (2) the <%image%> tag MUST be
# retained as the tag is replaced with the image (or error
# message) HTML code.
$VAR::template = qq~
<center>
<table border="1">
<th>
<%image%>
</th>
</table>
</center>
~;
##########################################################################
# Do NOT change or alter the code below!
##########################################################################
eval {
($0 =~ m,(.*)/[^/]+,) && unshift (#INC, "$1");
require 5.004;
};
if ($#) {
print "Content-type: text/html\n\n";
print "Server Error Message: $#\n";
exit;
}
eval { &main; };
if ($#) { &error ("[Error 01]: $#"); }
exit;
###############################################
# Main
###############################################
sub main {
my ($time, $date) = &get_time_stamp();
my $num;
if (-e "$VAR::data_dir/pod.log") {
open (LOG, "$VAR::data_dir/pod.log") ||
&error ("Error [02]: Cannot open pod.log file - $!");
my #entries = <LOG>;
close (LOG);
chomp (#entries);
my #match = grep (/^$date/, #entries);
if (#match) {
foreach (#match) {
split (/\|/);
if ($_[0] eq $date) {
$num = $_[1];
last;
}
}
}
}
opendir (DIR, "$VAR::image_dir") || &error ("Error [03]: Cannot open $VAR::image - $!");
my #files = sort (grep { m/.*\.gif|.jpg/ } readdir (DIR));
closedir (DIR);
if ($num eq "") { $num = int (rand #files); }
my $image = #files[$num];
if (! -e "$VAR::image_dir/$image") { &error ("Error [04]: Cannot find image file [$image]"); }
my $tag = "<img src=\"$VAR::image_url/$image\">";
$VAR::template =~ s/<%image%>/$tag/gis;
print $VAR::template;
my ($found, $newfile);
if (-e "$VAR::data_dir/pod.log") {
open (LOG, "$VAR::data_dir/pod.log") ||
&error ("Error [05]: Cannot open pod.log file - $!");
my #entries = <LOG>;
close (LOG);
chomp (#entries);
foreach (#entries) {
split (/\|/);
if ($_[0] eq $date) {
$_[2]++;
$newfile .= "$date|$_[1]|$_[2]|$_[3]\n";
$found++;
}
else { $newfile .= "$_\n"; }
}
if (! $found) { $newfile .= "$date|$num|1|$image\n"; }
open (LOG, ">$VAR::data_dir/pod.log") ||
&error ("Error [06]: Cannot open pod.log file - $!");
flock (LOG, 2) || &error ("Error [07]: Cannot lock pod.log file - $!");
print LOG $newfile;
close (LOG);
}
else {
open (LOG, ">$VAR::data_dir/pod.log") ||
&error ("Error [08]: Cannot open pod.log file - $!");
print LOG "$date|$num|1|$image\n";
close (LOG);
chmod (0666, "$VAR::data_dir/pod.log") ||
&error ("Error [09]: Cannot chmod pod.log file - $!");
}
}
###############################################
# Get Time Stamp
###############################################
sub get_time_stamp {
my (#tb) = localtime (time);
my ($ap) = "am";
$tb[4]++;
for (0..4) { $tb[$_] = sprintf ("%02d", $tb[$_]); }
$tb[5] += 1900;
$ap = "pm" if ($tb[2] >= 12);
$tb[2] -= 12 if ($tb[2] > 12);
my $date = "$tb[4]/$tb[3]/$tb[5]";
return ("$tb[2]:$tb[1]:$tb[0]$ap $date", $date);
}
###############################################
# Error Handler
###############################################
sub error {
my $error = shift;
my ($time, $date) = &get_time_stamp();
my $tag = "Cannot display image";
$VAR::template =~ s/<%image%>/$tag/gis;
print $VAR::template;
open (ERR, ">>$VAR::data_dir/pod.err");
print ERR "$time | $ENV{'REMOTE_ADDR'} | $error\n";
close (ERR);
chmod (0666, "$VAR::data_dir/pod.err");
exit;
}
########################################
#end of Picture of the Day script
########################################
This is my apache2.conf (again, I've changed my domain name to EXAMPLE.COM wherever my domain name appears...
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These should be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
# their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
# Set timezone for apache
SetEnv TZ America/Los_Angeles
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
Mutex file:${APACHE_LOCK_DIR} default
#
# The directory where shm and other runtime files will be stored.
#
DefaultRuntimeDir ${APACHE_RUN_DIR}
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 500
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel warn
# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
And this is the conf for my virtual host...
<VirtualHost *:80>
ServerName EXAMPLE.com
ServerAlias www.EXAMPLE.com
UseCanonicalName Off
ServerAlias EXAMPLE1.com
ServerAlias www.EXAMPLE1.com
ServerAlias EXAMPLE2.com
ServerAlias www.EXAMPLE2.com
ServerAlias EXAMPLE.co.uk
ServerAlias www.EXAMPLE.co.uk
ServerAlias EXAMPLE.net
ServerAlias www.EXAMPLE.net
ServerAlias EXAMPLE3.com
ServerAlias www.EXAMPLE3.com
ServerAdmin EXAMPLEd#gmail.com
DocumentRoot /var/www/EXAMPLE.com/httpdocs
<Directory /var/www/EXAMPLE.com/httpdocs>
Options -Indexes +FollowSymLinks
AllowOverride All
</Directory>
ScriptAlias "/cgi-bin/" "/var/www/EXAMPLE.com/cgi-bin/"
#<Directory "/var/www/EXAMPLE.com/cgi-bin/">
# Options +ExecCGI
# AddHandler cgi-script .cgi
# AllowOverride All
#</Directory>
#<Directory "/var/www/EXAMPLE.com/httpdocs/members/cgi-bin">
# Options +ExecCGI
# AddHandler cgi-script .cgi
# AllowOverride All
#</Directory>
#<Directory "/var/www/EXAMPLE.com/httpdocs/pod">
# Options +ExecCGI
# AddHandler cgi-script .cgi
# AllowOverride All
#</Directory>
Alias "/passwd/" "/var/www/EXAMPLE.com/passwd/"
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory /var/www/EXAMPLE.com>
Options +ExecCGI +FollowSymLinks +Includes
AddHandler cgi-script .cgi
AllowOverride All
</Directory>
<Directory /var/www/EXAMPLE.com>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_flag safe_mode on
php_admin_value open_basedir "/var/www/EXAMPLE.com/httpdocs:/tmp"
</IfModule>
<IfModule mod_php5.c>
php_admin_flag engine on
php_admin_flag safe_mode on
php_admin_value open_basedir "/var/www/EXAMPLE.com/httpdocs:/tmp"
</IfModule>
</Directory>
<Directory /var/www/EXAMPLE.com>
RewriteEngine on
# the following section prevents outside sites from hot-linking photos
# leave this next line in allow empty referrers, remove to disallow empty referrers
RewriteCond %{HTTP_REFERER} !^$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*XX\.XXX\.XXX\.XXX(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*EXAMPLE\.com(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*EXAMPLE\.org(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*EXAMPLE\.net(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*EXAMPLE\.co.uk(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?([a-z0-9-]+\.)*EXAMPLE\.de(:[0-9]+)?(/.*)?$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(.*#)?1\.2\.3\.4(:[0-9]+)?(/.*)?$
RewriteRule .*\.(gif|jpeg|jpg)$ - [NC,F,L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/EXAMPLE.com-error.log
CustomLog ${APACHE_LOG_DIR}/EXAMPLE.com-access.log combined
# sends 404-not-found errors to error page
ErrorDocument 404 /404-error-page.html
# makes server side includes work on all html pages
AddType text/html .shtml .html .htm
AddHandler server-parsed .shtml .html .htm
RewriteEngine On
# If the hostname is NOT www.domain.com
# RewriteCond %{HTTP_HOST} !^www\.EXAMPLE\.com$
# 301 redirect to the same resource on www.EXAMPLE.com
# RewriteRule (.*) http://www.EXAMPLE.com$1 [L,R=301]
# sets the web surfer's browser to cache images, style sheets, and JavaScript for a week
<IfModule mod_headers.c>
# WEEK
<FilesMatch "\.(jpg|jpeg|png|gif|swf|js|css)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
</IfModule>
</VirtualHost>
Any help anyone can give me will be greatly appreciated! It's amazing what you all do to help other fledgling programmers like myself. Thank you, thank you, thank you.

Before Perl 5.12, split stored its result in #_ when called in void context. That's a horrible practice, so that "functionality" was removed in 5.12, and a warning was added (Useless use of split in void context).
I suspect you are using a newer version of Perl than you previously used, one in which split doesn't behave specially in void context. If that's the case, you should have received a warning. Always use use strict; use warnings qw( all );!
To fix the problem, replace
split (/\|/);
with
#_ = split (/\|/);
(You should use a different array than #_, but the above is the minimal change.)
You seem to have spent a lot of time on this, but without actually spending any time trying to debug the problem! The first thing you have done is added the missing use warnings qw( all );, which would have identified the problem immediately. Even without that, minimal work should have narrowed down the problem to the split.
You should have found that $num eq "" is always true.
This would have led you to find that $_[0] eq $date is always false.
This would have led you to find that $_[0] is never set.

To add some data to ikegami's excellent answer.
FreeBSD 5.4 seems to have shipped with two versions of Perl during its lifetime - 5.6.2 and 5.8.6.
Debian 9 ships with Perl 5.24.1.
The release notes for Perl 5.14 say this:
split() no longer modifies #_ when called in scalar or void context. In void context it now produces a "Useless use of split" warning. This was also a perl 5.12.0 change that missed the perldelta.
I'm sure you've learned a valuable lesson here :-) When moving code from one version of Perl to another, you should always at least scan the release notes for the intervening versions so you know what problems you might encounter.
I'll also reiterate the simbabque's comment. This approach seems rather weird. For every request to your web page, you are checking to see if you have already allocated a picture of the day (which happens on the first request of the day) and then serving the chosen picture. It would be far more efficient to use a cronjob to create a symlink to an image once a day and just include the URL of that image in your web page.

Apache2 multiple Instances on Ubuntu (port 80 working, port 81 not working)

I have two instances installed on my Ubuntu server.
I've configured the default instance to Listen on port 80 and the second instance on Port 81.
When I try to access the site from Internet to the default instance (port 80) it's OK, but when I try to access to the port 81 I can't.
If I run the command "lynx localhost:80" and "lynx localhost:81" works great.
The result for a "netstat -a -n" I think that is OK:
sudo netstat -a -n
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN
My second instance ports.conf:
Listen 81
NameVirtualHost *:81
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 4443
</IfModule>
<IfModule mod_gnutls.c>
Listen 4443
</IfModule>
The sites-enabled/default:
<VirtualHost *:81>
ServerAdmin webmaster#localhost
DocumentRoot /var/www-81
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www-81/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
And the apache2.conf is:
#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "foo.log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include all the user configurations:
Include httpd.conf
# Include ports listing
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host configurations:
Include sites-enabled/
The envvars file is the default:
# envvars - default environment variables for apache2ctl
# this won't be correct after changing uid
unset HOME
# for supporting multiple apache2 instances
if [ "${APACHE_CONFDIR##/etc/apache2-}" != "${APACHE_CONFDIR}" ] ; then
SUFFIX="-${APACHE_CONFDIR##/etc/apache2-}"
else
SUFFIX=
fi
# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2$SUFFIX.pid
export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
# Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
## The locale used by some modules like mod_dav
export LANG=C
## Uncomment the following line to use the system default locale instead:
#. /etc/default/locale
export LANG
## The command to get the status for 'apache2ctl status'.
## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
#export APACHE_LYNX='www-browser -dump'
## If you need a higher file descriptor limit, uncomment and adjust the
## following line (default is 8192):
#APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'
I don't know what to do. What I'm doing wrong?
Thanks.

Apache 403 error: Forbidden to access

I have a problem with my VPS. I restarted it and now I have 403 errors in all directories expect:
/downloads/root
I checked the permissions and it has 777 so it's not a problem. I guess it's related to .htaccess but I'm not sure!!
The main direcotry I want people to access the files is /krteam/etc..but I'm getting this error (It has 777 as permission).
Forbidden
You don't have permission to access /krteam/*****/***/2003/****.avi on this server.
Apache/2.2.22 (Debian) Server at ****** Port 80
my httpd.conf file is as follow:
<Directory /var/www/krteam>
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/tflux>
Options FollowSymLinks
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
<Directory /var/www/torrentflux>
Options FollowSymLinks
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
<Directory /var/www/downloads/root>
Options Indexes FollowSymLinks
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
<Directory /var/www/downloads/sl_user>
Options FollowSymLinks
AllowOverride All
Order Deny,Allow
Deny from all
</Directory>
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
My apache2.conf file
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives and /usr/share/doc/apache2-common/README.Debian.gz about
# Debian specific hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf.d
# | `-- *
# `-- sites-enabled
# `-- *
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# In order to avoid conflicts with backup files, the Include directive is
# adapted to ignore files that:
# - do not begin with a letter or number
# - contain a character that is neither letter nor number nor _-:.
# - contain .dpkg
#
# Yet we strongly suggest that all configuration files either end with a
# .conf or .load suffix in the file name. The next Debian release will
# ignore files not ending with .conf (or .load for mods-enabled).
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections, and which
# of these ports are used for name based virtual hosts.
#
# * Configuration files in the mods-enabled/ and sites-enabled/ directories
# contain particular configuration snippets which manage modules or virtual
# host configurations, respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These should be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite. See
# their respective man pages for detailed information.
#
# * Configuration files in the conf.d directory are either provided by other
# packages or may be added by the local administrator. Local additions
# should start with local- or end with .local.conf to avoid name clashes. All
# files in conf.d are considered (excluding the exceptions noted above) by
# the Apache 2 web server.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include list of ports to listen on and which to use for name based vhosts
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see the comments above for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host
configurations:
Include sites-enabled/

Apache errors on RoR app installation to a remote server

I have ruby 1.9.3, passenger, apache2 installed on the remote server. The server is giving me forbidden response. When I start apache server, I get the below errors
apache2: Syntax error on line 210 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/passenger.load: Cannot load /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.11/ext/apache2/mod_passenger.so into server: /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.11/ext/apache2/mod_passenger.so: cannot open shared object file: No such file or directory
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
Here's the apache.conf file
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.2/ for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "foo.log"
# with ServerRoot set to "/etc/apache2" will be interpreted by the
# server as "/etc/apache2/foo.log".
#
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include all the user configurations:
Include httpd.conf
# Include ports listing
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host configurations:
Include sites-enabled/
# Apache Configuration edits for passenger
LoadModule passenger_module /var/lib/gems/1.8/gems/passenger-4.0.2/libout/apache2/mod_passenger.so
PassengerRoot /var/lib/gems/1.8/gems/passenger-4.0.2
PassengerDefaultRuby /usr/bin/ruby1.8
This is my first time installing apache2 for a rails app. Any help will be appreciated. Thanks