How to block Rails 4 Passenger requests from other virtual hosts? - ruby-on-rails-3

I just deployed to production a Rails 4 application using Passenger on Apache/2.4.7 (Ubuntu) and in 24 hours I found out some sites that are identical to my site.
They are using some kind of DNS forwarding because everything is working, including forms on the website.
This is my apache virtual host:
<VirtualHost mysite.com:80>
ServerName www.mysite.com
ServerAlias mysite.com
DocumentRoot /home/deploy/mysite/public
RailsEnv production
<Directory /home/deploy/mysite/public>
Allow from all
Options -MultiViews
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^(www)\.
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
I am not sure how to stop requests from the other domains, I have tried removing "Allow from all" and "Required all granted" but that would stop the website working even from the correct domain and these settings are required by Passenger to work.
I'm a bit stuck so if you have any suggestions I would be happy to try them.

Turns out all requests coming from non-existing virtual hosts are routed to your first available vhost.
In order to stop anyone for hijacking your website using DNS forward you need to have a default virtual host enabled that is loaded first (using the default name 000-default, would do the trick) and acts as a catch-all and pointed to a forbidden page or even better create a simple html page with some links to your site.

Related

Rewrite spare domains to main domains with .htaccess

We have a site with an English and Spanish version, each on a different domain. We also have a few spare domains for each language which we'd like to redirect to the language's main domain.
Specifically:
estadiosfutbol.net/..., estadiosfutbol.org/... and estadiosfutbol.info/... should all redirect to https://estadiosfutbol.com/...
worldfootballstadiums.com/..., worldfootballstadiums.info/..., worldfootballstadiums.org/... and worldfootballstadiums.net/... should all redirect to https://worldstadiums.football/...
I'm struggling with the rewrite rules so any help would be greatly appreciated.
There are two ways this can be done. The first is the simpliest, but is not always practical.
First Method
This method does not require HTACCESS files. In your Apache server configuration you just need to add ServerAliases for each of the domains that you want it to handle. (You must make sure all the domains are pointing at the same machine)
The Code
NameVirtualHost *:443
<VirtualHost *:443>
ServerName estadiosfutbol.com
ServerAlias estadiosfutbol.info estadiosfutbol.net estadiosfutbol.org
DocumentRoot /www/domain
</VirtualHost>
<VirtualHost *:443>
ServerName worldstadiums.football
ServerAlias worldfootballstadiums.com worldfootballstadiums.net worldfootballstadiums.info worldfootballstadiums.org
DocumentRoot /www/otherdomain
</VirtualHost>
Note: This will only redirect if the user tries to access the website using SSL. (eg ) If you want it to redirect all traffic from both port 80 and port 443 you would need to make separate virtual hosts and use the second method to achieve the redirection.
Second Method
The second way is a little more complicated, but works in almost all situations. There a two main steps that need to be carried out in order for this to work properly:
Make sure that whatever server software you are using is setup to be looking for all the domains. The server has to have a VirtualHost(Apache) that is listening for each domain in order for the next step to do anything.
Create a .HTACCESS file under each domains' root that looks similar to this:
The Code
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !estadiosfutbol.net$ [NC]
RewriteRule ^(.*)$ https://estadiosfutbol.com/$1 [L,R=301]
Note: You will need to change the third line on each domain to be the domain to rewrite from (eg estadiosfutbol.net/, estadiosfutbol.org/ and estadiosfutbol.info)
Note: Changing the forth line is all that is required for the separate domain.

Can I configure Apache on my laptop to forward to real site for all requests except one?

I want to run some local tests on a site I have. The site is accessible at www.mysite.com. I want one particular file to be fetched from my local machine. I thought I could maybe achieve this by
installing Apache locally
adding 'localhost www.mysite.com' to my hosts file
configure Apache to forward all requests to www.mysite.com except for requests for the particular file www.mysite.com/myapp/myfile.css, which should be served from the Apache web server running locally.
Firstly I am not sure whether that set-up would work - in the case where a file is requested that is not my special case, the request would be forwarded to www.mysite.com/... , but would that then (because of the entry in my hosts file) go back to my local Apache server and into some infinite loop?
Secondly (and only relevant if the above is not true), how would I configure Apache to do that? I guess I need a ProxyPass but I'm having trouble figuring out exactly what.
Thanks for any help.
Paul
I don't think you'll be able to do this the way you're suggesting as you'll never be able to perform a lookup to proxy to www.mysite.com if you've defined it as localhost.
You could create another domain in your hosts file, say local.mysite.com and host the desired website files there and proxy everything else to www.mysite.com:
<VirtualHost *:80>
ServerName local.mysite.com
DocumentRoot ...
<Directory ...>
...
</Directory>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/myapp/myfile.css
RewriteRule ^(.*)$ http://www.mysite.com/$1 [P]
</VirtualHost>
Or if www.mysite.com works directly using the IP (i.e. not via virtual hosting) you could point localhost to mysite.com and use the real IP in the rewrite proxy.
<VirtualHost *:80>
ServerName www.mysite.com
DocumentRoot ...
<Directory ...>
...
</Directory>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/myapp/myfile.css
RewriteRule ^(.*)$ http://1.2.3.4/$1 [P]
</VirtualHost>

Redirecting New Domain Name to Server

I recently purchased a new domain name from 1and1.com and used their HTTP redirect option to point to the address of my server. Let's say, for example, the fresh domain is new.com and the established server is old.com.
I have it redirecting to old.com/new via 1and1's configuration page, which works, save for the fact that when I visit new.com, it changes the browser's URL to old.com/new. This is obviously not what I want to happen.
I've set up htaccess rules:
# BEGIN New.com
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^new.com
RewriteRule ^(.*) http://old.com/new [P]
</IfModule>
# END New.com
Likewise, I've done the Apache configuration of Virtual Hosts:
<VirtualHost *:80>
ServerName www.new.com
DocumentRoot /www/old/html/new/
</VirtualHost>
I then proceeded to flush my local DNS cache. Yet still, it persists in changing the address bar in my browser to old.com/new. What am I missing? Does it just need time to propagate or have I misconfigured / failed to properly set something up?
You need to change the 1and1's "new.com" DNS entry to point to the same IP that "old.com" is using. While the htaccess rule (which I assume is at the new.com document root) kind of does what you want, it requires the mod_proxy be loaded, which is something I doubt 1and1 hosting allows.
What you need to do is set it up such that when you go to a site like this and do a DNS lookup for new.com, you get the same IP as when you lookup "old.com".
On old.com's server, you have the vhost setup:
<VirtualHost *:80>
ServerName www.new.com
DocumentRoot /www/old/html/new/
</VirtualHost>
which should be all you need to at least access the contents in /www/old/html/new/.

Redirect subdomain to subdirectory

i've already read all topics here and on google about redirection but i'm a programmer and i cant get it going.
I have Apache 2.2 installed. The web root is C:\Apache\htdocs. My network admin set me up a local domain that points to the server with Apache. The domain is myPhpApp.ourcompany.local. And this subdomain works, it shows the Apache "It works" page.
Now i have a website in C:\Apache\htdocs\myPhpApp and i want Apache to redirect the myPhpApp.ourcompany.local to this directory. The URLs should stay while browsing the website always as myPhpApp.ourcompany.local for example: myPhpApp.ourcompany.local/index.php, myPhpApp.ourcompany.local/data.php and so on.
I dont know how to achieve this? Mod-rewrite, virtual hosts, combination of both?
i have got this and this does not work:
<VirtualHost myphpapp.ourcompany.local>
DocumentRoot /myphpapp/
ServerName www.example1.com
RewriteEngine on
RewriteRule ^/$ /myphpapp/ [R]
</VirtualHost>
In effect i get:
Forbidden
You don't have permission to access
/myphpapp/ on this server.
Can anyone help?
EDIT
Maybe i forgot to mention: i dont put this into the www root which is C:/Apache/htdocs becuase i have more apps in there.
i have 3 directories in thdocs: myphpapp, myoldapp, mytestapp. As a target i want to have 3 subdomains that point to each directory.
I think it will be a combination of Nikola's and cromestant's answers:
<VirtualHost *:80>
DocumentRoot "C:/Apache/htdocs/myPhpApp"
ServerName myPhpApp.ourcompany.local
</VirtualHost>
First of all, you don't need a rewrite rule for simple thing as this.
I assume you need following VirtualHost definition
<VirtualHost *>
DocumentRoot /myphpapp/
ServerName myphpapp.ourcompany.local
</VirtualHost>
"VirtualHost *" part tells Apache on which interface and optionally port to listen to.
ServerName tells which domain name will be used to identify this virtual host.
Document root in your apache config should point to your directory where you have the app, in what you stated in your question it should be
DocumentRoot C:\Apache\htdocs\myPhpApp
and that is all.
restart or reload your apache, and test.

Running magento on other port than default 80

I have configured Apache virtual hosting on port 8080 to point to my magento website.
Listen 8080
<VirtualHost 6x.2x.6x.1x:8080>
ServerAdmin webmaster#localhost
ServerName domainname.com
ServerAlias *.domainname.com
DocumentRoot /var/www/sites/domain/
<Directory />
Options FollowSymLinks
AllowOverride all
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
ServerSignature On
<LocationMatch ".*\svn.*">
Order allow,deny
Deny from all
</LocationMatch>
</VirtualHost>
When i go to the website www.domain.com:8080 the js, css, img and other things are not loaded because the port is not attached to the links
Here is a rewrite rule in magento .htaccess that does not seem to work:
<IfModule mod_rewrite.c>
############################################
## enable rewrites
Options +FollowSymLinks
RewriteEngine on
############################################
## you can put here your magento root folder
## path relative to web root
#RewriteBase /magento/
############################################
## workaround for HTTP authorization
## in CGI environment
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
############################################
## always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
############################################
## rewrite everything else to index.php
RewriteCond %{SERVER_PORT} !^8080$
RewriteRule .* http://6x.2x.6x.1x:8080/index.php [L]
</IfModule>
Is Rewrite-mod the right solution to run magento site on different port? If yes, where is my mistake in the current Rewrite rule?
thank you,
Margots
I manage a magento site where a live shop is running on one server on port 80 and a dev site is running on another server on port 3000. When copying the site from live to dev all I need to do is change two rows in the core_config_data table, having:
path="web/unsecure/base_url"
path="web/secure/base_url"
You need to add your port number at the end of the url and that is all. In my case those two rows look like this:
(config_id, scope, scope_id, path,
value)
(default, 0, web/unsecure/base_url,
,http://www.dev-server.com:3000/)
(default, 0, web/secure/base_url,
,http://www.dev-server.com:3000/)
Note that I don't have a certificate on my dev server so I am not using https as the secure base_url. If you wish to use https this setting should be changed to https and you should omitt the custom port at the end.
Modification of the standard .htaccess file is not needed, and should probably be avoided.
EDIT
If you don't have access to the DB you can try creating a php file which will modify the database using magento:
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
require_once ( "app/Mage.php" );
Mage::app('default');
$db = Mage::getSingleton('core/resource')->getConnection('core_write');
$db->query("UPDATE `core_config_data` SET `value` = 'http://dev-server.com:3000/' WHERE `path` = 'web/secure/base_url';");
$db->query("UPDATE `core_config_data` SET `value` = 'http://dev-server.com:3000/' WHERE `path` = 'web/unsecure/base_url';");
?>
You need to put this file in the root magento folder or change the path to Mage.php if you put it somewhere else.
I have not tried it (becaus I don't want to kill my Shop), but I think you can just change the Port in the Magento Admin.
In System / Configuration / Web / Base URL. Just try to add the Port to the URL there. Does that work?
You cannnot rewrite a URL that Magento writes in it's HTML Output using mod_rewrite. The Request to the wrong URL (without the :8080 Port) won't even reach your server.
UPDATE:
Look at the Source of the HTML output (i.E. go to your Shop with your Webbrowser and press CTRL-U or whatever). Do tags like the following have the correct URL, including the port?
<script type="text/javascript" src="http://yourstore.com:8080/js/prototype/prototype.js"></script>
All the methods shown seem to use a very complex process to do this.
It is very simple, change the URL to include the port in Admin > System > Configuration > Web > Urls
There you can define base URL, skin and media URLs.
You are missing this:
NameVirtualHost 6x.2x.6x.1x:8080
Perhaps you just didn't copy here since your site is working?
If Magento is loading pictures from the wrong site, there's nothing you can do in your Magento's .htaccess file: picture request will never get there. They will go to whatever other web server you have running on port 80.
You can only have this problem if Magento is building absolute links that include protocol and host (a terribly pointless bandwidth waste IMHO). My advice is that you look at the application settings and see if there's a place to specify the site base URL (since the app doesn't seem to be able to find it by itself).
(I tried to access Magento's demo site but it requires registering.)
I had the same problem because i was trying to use nginx with apache togather and i changed the apache port to a different than port 80 so i can use nginx as proxy, i changed the configuration file on apache httpd.conf but seemed that my site was not working, but I cleared the dns catch of my mac, and also used another browser to open my site and it worked.