I have tomcat running behind Apache. I also have Spring security to handle authorization and authrntication and Struts 2 as my web layer framewok.
Here is my requirement:
1) I want to have a home page which shows some data which is dynamic(like categories) which has to be fetched from database and rendered dynamically.
2) I want to display above page when I hit "mysite.com" in address bar without changing the URL ie. browser address bar must show "mysite.com only.
I could have easily kept this home page as index.html on my virtual host's documentroot location. However I cannot do this as some content is generated dynamically.
Another option is to keep this on tomcat and ask apache to forward the request to tomcat. however this changes the URL on my address bar.
How can I handle this? Can ForwardDirectories option in JK_MOD be used?
To serve dynamic content from Tomcat to a specific domain do the following:
Create a virtual host on your apache web server that handles "mysite.com".
Map the whole content of your virtual host to Tomcat through mod_jk:
JkMount / tomcatsJVMRouteName
JkMount /* tomcatsJVMRouteName
Create another host in your Tomcats server.xml that handles "mysite.com".
Deploy your application as default application (webapps/ROOT-directory).
Now Lets say I have a webapp "mysite" running on tomcat which is behind apache. This mysite webapp has a domain name "mysite.com".
When I hit "mysite.com" it must return a home page with dynamic content. So I add this as index.jsp in webapps/mysite/ directory.
Follwing is the virtual host I wrote for mysite app:
<VirtualHost *:86>
ServerAdmin webmaster#dummy-host.example.com
DocumentRoot "D:/var/www/html/mysite"
ServerName mysite.com
ServerAlias www.mysite.com
ErrorLog "logs/mysite-error.log"
CustomLog "logs/mysite-access.log" common
<Directory "D:/var/www/html/mysite">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI
#MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options -Indexes +FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Require all denied
Require local granted
</Directory>
JkMount /mysite/* localtomcat
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /mysite/ !
ProxyPass / http://localhost:8080/mysite/
ProxyPassReverse / http://localhost:8080/mysite/
</VirtualHost>
So, Here are my questions on above implementation :
1)What I have done is mixing the JKMount of mod_jk and proxypass of mod_proxy.Even though
this works how standard it is
2)Does it have any serious side effects?
3)What could be alternative solution?
Related
Everything was working fine, until I detected a bug,
My server cannot access his own services on 127.0.0.1.
I'm not sure if related but when I type 127.0.0.1 in Internet Explorer, it waits, then says www.127.0.0.1 is not reachable. I did add 'www.' forced recently, but now I changed this script to 'xxx.' instead of 'www.' and it still redirects me to www.127.0.0.1, the rest of my website gets redirected to 'xxx.'
This is httpd.conf:
# 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin#your-domain.com
#
ServerAdmin admin#your-domain.com
#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
#ServerName www.example.net
ServerName 127.0.0.1
#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
#DocumentRoot "c:/htdocs"
DocumentRoot "c:/htdocs"
#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride none
Order deny,allow
Deny from all
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "c:/htdocs">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
This is httpd-vhost.conf:
<VirtualHost 127.0.0.1:80>
DocumentRoot c:/htdocs
ServerName 127.0.0.1
ServerAlias www.127.0.0.1 localhost www.localhost
ErrorLog logs/example-intern-error.txt
CustomLog logs/example-intern-access.txt common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot c:/htdocs
ServerName sa-arp.net
ServerAlias www.example.net www.example.com example.com
ErrorLog logs/example-error.txt
CustomLog logs/example-access.txt common
RewriteEngine On
RewriteCond %{HTTP_HOST} !^xxx\. [NC]
RewriteRule ^(.*)$ http://xxx.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</VirtualHost>
I tried all combination possible, nothing seems to work.
Please help me I am out of resources and patiente!
Thank you,
rt-2
The answer was easy, the problem WAS Internet Explorer,
I used it because I was on the server itself testing the service and didn't want to install a new program.
Well Firefox did the job and worked, problem was the testing method.
rt-2
EDIT: The problem was not internet explorer, the problem was that I created a 301 redirection, which means the browser remembered the first thing I told him and then all my tests were futile for every domain I already tested once. (Yeah, that was frustrating). I updated this post just in case someone had a similar code and my issue.
I've enabled SSL for my sub domain and everything is working great. The problem I have is when you include https for the parent domain (which should not allow SSL connections) it redirects to the subdomain as the parent.
I'm assuming I have something in my virtualhosts entry that's incorrect.
Any thoughts?
Thanks
You're not providing many details, but here's start.
When you specify HTTPS://<hostname>, the TCP message is sent to <ip address>:443. Not <hostname>:443. Your browser does the hostname->IP address conversion prior to sending anything. Your browser ALSO sticks a header Host: <hostname> in with the (encrypted) message.
Only on unpacking the encrypted message does the webserver get the Host header and can then (possibly) route it to a different virtual host.
But at the time of decryption, it's "already" talking with a SSL virtual host (otherwise, apache can't decrypt the message). So at that point, it attempts to figure out what the "desired" host name was (via Hosts header) and then sees if you have a :443 virtual host with that name. If not, it hands it to the default :443 virtual host.
Assuming:
you are hosting the two domains on the same httpd instance
you have only one virtualhost definition for port 443
Im also assuming that when you say "redirects to the subdomain as the parent" that you mean that the content that should only appear at the HTTPS subdomain (ie https://sub.example.com) is appearing at the HTTPS parent domain (ie https://example.com looks exactly like https://sub.example.com) and that no real HTTP redirect is occuring
Then:
If you have two virtualhost entries like this:
<VirtualHost *:80>
# using parent content
DocumentRoot "/web/parent"
</VirtualHost>
<VirtualHost *:443>
#using subdomain content
DocumentRoot "/web/subdomain"
# All sorts of SSL config
....
</VirtualHost>
This has the consequence that no matter what hostname you use:
Any request to port 80 will always produce the parent content
Any request to port 443 will always produce the subdomain content
So:
Try adding "NameVirtualHost *:443" (if you dont already have it) and at least a third VirtualHost:
NameVirtualHost *:443
<VirtualHost *:80>
# the default virtualhost for port 80
# using parent content
DocumentRoot "/web/parent"
</VirtualHost>
<VirtualHost *:443>
# the default virtualhost for port 443
# using subdomain content
ServerName sub.example.com
DocumentRoot "/web/subdomain"
# All sorts of SSL config
....
</VirtualHost>
<VirtualHost *:443>
# another virtualhost for port 443
# only activated for example.com like https://example.com/something
# using parent content
ServerName example.com
DocumentRoot "/web/parent"
# All sorts of SSL config
....
</VirtualHost>
The order of evaluation is important, so the first virtualhost becomes the default for any request that doesnt match any other virtualhost.
The third virtualhost will need to be configured for whatever you expect to happen when someone request HTTPS on the parent domain: ie do you want to redirect back to the HTTP version, or just present different content?
The httpd command has a -S flag that will output the current ordered virtualhost config, then exit, which is useful for diagnosing what virutal hosts are defined on what ports and the names associated
-S
Show the settings as parsed from the config file (currently only shows the virtualhost settings).
Some config, version and platform would have been helpful on this question.
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
I use Ratchet websocket on my server. It is working well without SSL but i need to make it work with SSL.
I've read this stackoverflow post. Unfortunately the support of my PAAS don't use httpd.conf. They advised me to add the ProxyPass straight in the .htaccess.
Regarding adding the following line in httpd.conf file then here I
would like to inform that we are not using httpd on the server as
server is Debian based and we are using Apache web server. I believe
you can use the same line in htaccess file or it would be better if
you can consult with the developer regarding this.
# ProxyPass for Ratchet with SSL
ProxyPass /wss2/ ws://127.198.132.141:8000/
# Preventing the app from being indexed
Header set X-Robots-Tag "noindex, nofollow"
# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
DirectoryIndex app.php
# By default, Apache does not evaluate symbolic links if you did not enable this
# feature in your server configuration. Uncomment the following line if you
# install assets as symlinks or if you experience problems related to symlinks
# when compiling LESS/Sass/CoffeScript assets.
# Options FollowSymlinks
# Disabling MultiViews prevents unwanted negotiation, e.g. "/app" should not resolve
# to the front controller "/app.php" but be rewritten to "/app.php/app".
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
[...]
Unfortunately Adding ProxyPass /wss2/ ws://127.198.132.141:8000/ is crashing the server as if the .htaccess was incorrect.
Do you have any solutions or hints?
UPDATE :
From what i understand we can't use ProxyPass in .htaccess it should be only used in the server configuration or virtual host configuration.
I tried to explain it to the support but they do not seem to understand.
So apparently it is forbidden to use ProxyPass in .htaccess.
"ProxyPass and ProxyPassReverse are available only in the server
config and virtual host contexts."
Therefore if you can't add this line in the server config, could it be
added in the virtual host contexts?
Their answer :
As I have again reviewed all the settings on the server level which
includes the Apache modules and Firewall rules to make the Ratchet
websockets able to run on the server also the rules which we have
added in Firewall indicates that all the traffic from outside is
allowed on the port 8000 and I believe which should be sufficient to
allow outside connections for websocket.
As of now, it seems like you are trying to make the connection using
the different port (in case of https). As we have reviewed the server
settings and configurations and all seems to be good.
It would be highly appreciated if you can involves the developer in
this process so he can guide you better as he know the code level
things much better.
Right now attempting to connect with wss will throw :
WebSocket connection to 'wss://127.198.132.141/wss2/' failed:
WebSocket opening handshake was canceled
While using http with ws is working well.
In your virtual host add :
ProxyPass /wss2/ ws://yourdomain.xxx:8888/
(try with port 8888)
do not forget to restart apache service
virtual host example:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
SSLCertificateFile /etc/letsencrypt/live/yourdomain.xxx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.xxx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName yourdomain.xxx
ProxyPass /wss2/ ws://yourdomain.xxx:8888/
</VirtualHost>
</IfModule>
Here you can find a full working example
https://github.com/ratchetphp/Ratchet/issues/100
So I have Ubuntu 16 installed with LAMP and couple of other things on it (like FTP server...).
IP of my VPS is 1.2.3.4.
I have 2 domains, example.com and mydomain.com - both of these domains have their A record pointed at 1.2.3.4
If I access 1.2.3.4 and example.com and mydomain.com in my browser, all those three are showing the SAME data, specifically the contents of /var/www/html - if I change content of this directory it affects example.com and mydomain.com and the 1.2.3.4.
Now how can I set additional folders for domains to read from? I want different data on example.com and on mydomain.com - I want to make them read from different folder on server. How can i setup this please?
What you want to achieve is technically defined as setting virtual hosts which could be set using the following steps:
Under your Apache configurations directory, usually at /etc/apache2/, you will find a directory named sites-enabled.
For each of your domains, you will need to configure a special configuration file in order to point them to the right direction. The name of the file is typically your-domain.conf.
Here's an example of the file:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port
# that the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName your_domain
ServerAlias www.your_domain
ServerAdmin webmaster#your_domain
DocumentRoot website_directory
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
<Directory website_directory>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
After saving the file you will need to restart the Apache server
/etc/init.d/apache2 restart
Repeat the above steps for each of your domains.
If everything goes right, your site will show when you access your domain.
What I am trying to do : To add a site (example.com) to apache2/sites-available (I have specified its document root) and then enable it and after that access it on my local machine (as example.com in browser). I have some following queries :
Is it possible to create a website and give a specific domain (example.com) to it?
What are the steps I need to follow in order to create a site, give a domain and access it on my local machine ONLY?
NOTE: I have the content of site. I want to create a new site and I do not want to change the default site(i.e. apache2/sites-available/default) of Apache.
UPDATE:
I faced a error while restarting Apache (I have added a VirtualHost as described)
ERROR
CustomLog takes two or three arguments, a file name, a custom log format string or format name, and an optional "env=" clause (see docs)
Action 'configtest' failed.
The Apache error log may have more information.
...fail!
My site's file
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName dev.subhransu.com
ScriptAlias /private /home/hg/repositories/private/hgweb.cgi
<Directory /home/hg/repositories/private/>
Options ExecCGI FollowSymlinks
AddHandler cgi-script .cgi
DirectoryIndex hgweb.cgi
AuthType Basic
AuthName "Mercurial repositories"
AuthUserFile /home/hg/tools/hgusers
Require valid-user
</Directory>
ErrorLog ${APACHE_LOG_DIR}/dev.subhransu.com_error.log
# Possible values include: debug, info, notice, warn, error, cr$
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/dev.subhransu.com_ssl_access.lo$
SSLEngine on
SSLCertificateFile "/etc/apache2/ssl/dev.subhransu.com.crt"
SSLCertificateKeyFile "/etc/apache2/ssl/dev.subhransu.com.k$
</VirtualHost>
httpd.conf file
<VirtualHost *:80>
ServerName dev.subhransu.com
ServerAlias www.dev.subhransu.com
</VirtualHost>
I think the feature you may be looking for is vhosts. With vhosts you can create any number of sites, each setup independently of the other. For each vhost you can specify the 'ServerName' directive which is your domain, which can be anything you want it to be. And then in your computers hosts file you can route all your calls for that domain to localhost.
If you only have one site that you need to setup, just edit the default apache configuration, leaving vhosts alone, and then update the hosts file on your machine as I mentioned earlier.
References:
vhost examples
How to edit your hosts file
In httpd.conf (or vhosts), the ServerName and ServerAlias settings are what domain names Apache will respond to
ServerName example.com
ServerAlias www.example.com
then just edit your hosts file to point example.com to 127.0.0.1