Apache: <Directory> directive with no path specified - apache

I have a local server environment running on my OS X machine using MAMP, and I am currently setting up a few virtual hosts. I found that, in order for one of my virtual hosts to recognize my site's .htaccess file, I needed to add a <Directory> directive within the <VirtualHost> directive.
Here is an example of what I am using to configure one of my virtual hosts:
<VirtualHost *>
DocumentRoot "/path/to/mysite"
ServerName mysite.local
<Directory "/path/to/mysite">
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
Now, I would like to avoid redundancy by removing the path from that <Directory> directive. I tried doing so and it seems to work, although I am not familiar with Apache enough to know the potential consequences of doing this. Furthermore, I could not find an explanation of this case in the Apache Documentation.
This is what I would like to do:
<VirtualHost *>
DocumentRoot "/path/to/mysite"
ServerName mysite.local
<Directory>
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
Therefore, my question is this: what happens when I omit the path from the <Directory> directive (in this case)?

Directory is a directive targeting a file system directory, and should always have a path (waildcards allowed).
Using some instructions targetd to no directory may be discarded silently, or maybe with an error (you could test it), but is would certainly be useless.
Why would you write some configuration instructions targeted to no directory at all?
But there's maybe more things in your question.
Ususally a Virtualhost should contains at least one Directory instruction, the DocumentRoot directory, and usually we also add one targeting the root of the filesystem, this way:
<Directory />
(instructions to deny access and avoid .htaccess reads)
</Directory>
<Directory /my/document/root/>
(instructions to allow access and still avoid .htaccess reads or to allow them if you are lazy and feel over confident that .htaccess are useful in any way and you do not need speed)
</Directory>
And you could add more, especially to avoid usage of .htaccess files as such file stored in /path/to/somewhere is the same thing as a <Directory /path/to/somewhere> section, but slower.
Now you do not like to repeat yourself in your VH configuration, so you coud maybe use .htaccess files or global level instructions for things that are usually set there. And you could also use another magical keyword, which is Location.
You can use a lot of Apache instruction in a <Location /foo> directive. Locations works on url, not on filesystem paths.
So <Location /> is your documentRoot, and <Location /foo> is maybe the subdirectory 'foo' under you DocumentRoot. This could help you write things in your VH without reusing the documentroot prefix everywhere. But be careful, urls are not file-system paths. Any protection applied on the url level may be weaker or stronger compared to a protection applied on a directory level. It depends on your alias, the way you use urls, etc.
Update:
If you use the new Apache 2.4 version you can now use mod_macro or even easier, built-in variables support:
Define docroot "/path/to/mysite"
DocumentRoot ${docroot}
<Directory ${docroot}>
(...)

Related

Apache showing empty "index of /", after dist upgrade

I'm working on a Debian 7 server which I did a dist upgrade on so it is Debian 8 now.
The only thing I am having trouble with is the apache2 which got updated from 2.2 to 2.4. the problem that is that now it shows me an empty "Index of /" although there are a lot of files in the specified folders.
vHost Conf:
<VirtualHost *:80>
ServerAdmin some#email
ServerName some.server
ServerAlias some.server
DocumentRoot "/data/apt/public_html"
<Directory "/data/apt/public_html">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Require all granted
</Directory>
</VirtualHost>
How can I get it working again?
mixing 2.2 and 2.4 access directives is not recommended. Look at http://httpd.apache.org/docs/current/upgrading.html. You will see that they never mix Order allow,deny with Require all granted. So remove your Order line.
Mixing old and new directives
Mixing old directives like Order, Allow or Deny with new ones like
Require is technically possible but discouraged. mod_access_compat was
created to support configurations containing only old directives to
facilitate the 2.4 upgrade. Please check the examples below to get a
better idea about issues that might arise.
Also, you do not specify a DocumentIndex file so Apache does not know which file it should return a client when he asks for http://some.server/.
Let's assume the default page is index.html, add this in your VirtualHost:
DocumentIndex index.html
Note 1: ServerAlias has the same value as ServerName, and is therefore not required.
Note 2: you should setup access and error log files for this VirtualHost. It might not be useful if you have only 1 VirtualHost, but you will thank me if you have a large site (with multiple VH later).

Override single setting in default Apache <VirtualHost> block

In debian's default apache2 configuration, /etc/apache2/sites-enabled/000-default contains a lot of settings for the default VirtualHost:
<VirtualHost *:80>
# Many good settings here, among them:
CustomLog ${APACHE_LOG_DIR}/access.log combined
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
</VirtualHost>
In another configuration file, I'd like to override a single one of them, the CustomLog setting, so that logs go somewhere else. I don't want to copy or mess with all the other settings, e.g. ScriptAlias. But I still want it to apply to <VirtualHost *:80>.
Is that possible?
What I tried
I tried putting this in
/etc/apache2/sites-enabled/001-mylog:
<VirtualHost *:80>
CustomLog ${APACHE_LOG_DIR}/my.log combined
</VirtualHost>
That has no effect, presumably because apache only looks at the first <VirtualHost> section, and /etc/apache2/sites-enabled/000-default gets loaded before /etc/apache2/sites-enabled/001-mylog.
Instead I tried putting the same snippet in /etc/apache2/conf.d/mylog, that gets loaded before /etc/apache2/sites-enabled/000-default because /etc/apache2/apache2.conf has an Include conf.d/ before Include sites-enabled/. That does override the CustomLog value as I wanted. But now the ScriptAlias from /etc/apache2/sites-enabled/000-default doesn't take effect.
I'd like to avoid duplicating everything from /etc/apache2/sites-enabled/000-default effectively creating a fork of the default debian apache configuration file.
Documentation
Apache HTTP Server - core documentation has this rather vague:
When a request is received, the server first maps it to the best matching
based on the local IP address and port combination only.
Non-wildcards have a higher precedence. If no match based on IP and port occurs
at all, the "main" server configuration is used.
If multiple virtual hosts contain the best matching IP address and port, the
server selects from these virtual hosts the best match based on the requested
hostname. If no matching name-based virtual host is found, then the first
listed virtual host that matched the IP address will be used. As a consequence,
the first listed virtual host for a given IP address and port combination is
default virtual host for that IP and port combination.
<VirtualHost> doesn't behave like <Directory>
Very confusingly, it looks to me as if for <VirtualHost> directives, only a single matching instance is considered. But for e.g. <Directory> directives, they are added/combined, so that:
<Directory "/some/dir">
Options Indexes MultiViews FollowSymLinks
</Directory>
<Directory "/some/dir">
AllowOverride None
Order deny,allow
Allow from all
</Directory>
is equivalent to:
<Directory "/some/dir">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>
But that this mechanism doesn't work for <VirtualHost> :-(
Edit: This is not the same as Sharing configuration between several VHosts, because debian's default VirtualHost doesn't use any of those solutions. But perhaps others can find inspiration in that answer.
I get the same puzzle for the multiple vhosts'(virtual hosts') definition. Do they override(redefine), overlap? Or there are other veiled details inside?
I find some links for this puzzle as following:
https://www.thegeekstuff.com/2011/07/apache-virtual-host/
https://httpd.apache.org/docs/2.4/vhosts/examples.html
With cautions to these examples inside, I could say the vhosts' definitions are not the same (even they look like the same). The difference mainly lays on the SeverName inside definition. Apache httpd server distinguishes the different vhost definitions based on ServerName inside(each vhost definition), not the IP Address or Port Number as listed in the <VirtualHost> header.
This puzzle keeps coming and going since there lacks explicit explanation for this topic(in the web). I hope this post can help to relieve this mindboggler in a way.

Change path chiliproject

I want to use a subdirectory for a chiliproject instance. Using apache passenger, I was thinking of using rewrites + alias, but then it gives me a 404. Adding a RailsBaseURI i get connection reset.
Is it routes.rb I should adapt or am I looking at the wrong place? It is working right now on https://mydomain.com but I'd like to have it on https://mydomain.com/tracker
You can use passenger directly without having to use an alias or redirection. However, Passenger requires some special configuration for that. Please see one of our guides for a complete installation example.
Generally you need to configure similar to this (cited from the linked guide):
At first, we assume you have installed ChiliProject to /srv/www/chiliproject. This is not your DocumentRoot.
You need to hint Passenger a bit here so that it correctly finds your ChiliProject. So we create a symlink from the existing DocumentRoot directory to out ChiliProject installation.
ln -s /srv/www/chiliproject/public DOCUMENTROOT/chiliproject
Now add the following directives into your existing virtual host:
# TODO: Remember to replace DOCUMENTROOT with your actual path
<Directory DOCUMENTROOT>
Options +SymLinksIfOwnerMatch
</Directory>
RailsBaseURI /chiliproject
# TODO: Remember to replace DOCUMENTROOT with your actual path
<Directory DOCUMENTROOT/chiliproject>
Options -MultiViews
Order deny,allow
Allow from all
</Directory>

Setup Dynamic Virtual Host (Apache2 on Ubuntu)

I want to set up a single virtual host that can dynamically handle all requests based on the hostname used to access it. If %{HTTP_HOST} could be used in a DocumentRoot, this is probably exactly what I want:
<VirtualHost *:80>
ServerAdmin me#example.com
DocumentRoot /var/www/live/%{HTTP_HOST}/public
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/live/%{HTTP_HOST}/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
LogLevel warn
ErrorLog /var/www/live/%{HTTP_HOST}/logs/error.log
CustomLog /var/www/live/%{HTTP_HOST}/logs/access.log combined
</VirtualHost>
...unfortunately, %{HTTP_HOST} is not allowed in the DocumentRoot (Warning: DocumentRoot [/var/www/live/%{HTTP_HOST}/public] does not exist). How else can I achieve my goal?
Update: I thought of pointing a catch-all vhost to a single directory and having a .htaccess use mod_rewrite to dynamically select the path but (honestly) I'm exhausted. I'll try at it again in the morning, but in the meantime, if anyone has good ideas, I'd love to hear them! Thank you!
Maybe you can try the following solution from this article: Apache: Dynamic Virtual Hosts
A few months back I looked for a solution to overcome the problem of
creating individual Virtual Hosts in Apache every time I wanted to
configure a new site on a development machine (something that is a big
issue in work where we have a lot of websites). Apache is able to
support this functionality relatively easy using a module and a few
lines in the configuration file. I set this up on Fedora 14, so
results may be slightly different for other OS's (different paths,
configuration file setup, etc)
Open up the main Apache conf (/etc/httpd/conf/httpd.conf), and ensure
the module mod_vhost_alias is enabled. There should be a line in the
configuration like
LoadModule vhost_alias_module modules/mod_vhost_alias.so
Next, add the
following lines to the bottom of this file. You'll need to edit the
file with sudo privileges.
NameVirtualHost *:80
UseCanonicalName Off
<VirtualHost *:80>
VirtualDocumentRoot /var/www/html/domains/%0
</VirtualHost>
This sets up a catch all for any domain coming in over port 80 (the
default port for http traffic, if your using https you will need to
use 443 - alternatively you could remove the port restriction). The
important line here is the VirtualDocumentRoot. The tells Apache where
your files will reside on disk. The %0 part takes the whole domain
name and inserts it into the path. To illustrate this if we went to a
domain testing.com.dev the VirtualDocumentRoot would be:
/var/www/html/domains/testing.com.dev
This type of configuration might
be suitable for most situations, however I didn't want to have the
.dev part of the domain in my folders on disk. I was able to achieve
this by setting the VirtualDocumentRoot to:
VirtualDocumentRoot /var/www/html/domains/%-2+
The above example of testing.com.dev would now point to:
/var/www/html/domains/testing.com
Remember to add the domain to your
hosts file (/etc/hosts)
For a full list of options see the mod_vhost_alias documentation.
Additional documentation can be found here.
The official methods for achieving dynamic virtual hosts are explained in the Apache documentation:
http://httpd.apache.org/docs/2.0/vhosts/mass.html

Apache local configuration to resolve files correctly

I have just configured Apache and PHP to work on my local Mac OS X computer. Now PHP works fine, except when I try to load the files for my live sites. The live sites have separate directories and are sorted by client name etc.
I've created symlinks in the default root for the local web server documents. My issue is that Apache doesn't seem to want to load any of the relative paths that are found in the HTML pages. For example, I have src="/css/main.css" but Apache doesn't load the file, similarly for images, it just resolves as a file not found 404 error. I then thought it might be the symlinks so I copied the full directory into the Apache document root, and still had the same result.
I would really love to setup my local development environment to run Apache, PHP, MySQL to develop locally then publish when ready. I also tried the MAMP installation, and had the same issues.
First you might want to try using src="./css/main.css".
When dealing with multiple live sites I like to setup a single configuration file for each site with apache and then load them all together in the httpd.conf file.
for my setup it looks like this:
in
/etc/apache2/httpd.conf
I have:
# Begin virtual host directives.
Include conf/bortreb.conf
Include conf/rlmcintyre.conf
Include conf/laserkard.conf
Include conf/judyates.conf
and then in
/etc/apache2/conf/judyates.conf
I have:
<VirtualHost *:80>
#localhost site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName localhost
ServerAlias judyates.localhost
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
#live site
ServerAdmin email#example.com
DocumentRoot "/home/r/Desktop/web/judyates"
ServerName judyates.com
ServerAlias *.judyates.com
ErrorLog "/home/r/Desktop/web/judyates/log/error_log.log"
ScriptAlias /cgi-bin/ "/home/r/Desktop/web/judyates/cgi-bin/"
<Directory "/home/r/Desktop/web/judyates">
Options Indexes FollowSymLinks
Options +ExecCGI
AddHandler cgi-script cgi pl py
AllowOverride Options
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
This way works really well, because you can set the subdomain yoursite.localhost
to loop back to your home ip address.
With this setup, when I work on judyates.com on my computer and want to test anythig, I just go to judyates.localhost in my web browser.
I have about 5 other sites all set up this way in their own *.conf file, so they can each live in their own directories on my computer that exactly match the directories they'll be in on the server.
The key is to use virtual hosts to go to different sites based on the subdomain.
You can learn how to configure subdomains that point to yourself here:
http://digitalpbk.blogspot.com/2007/01/making-subdomains-on-localhost.html
My setup goes even one step further because I setup the server too. Whenever I want to update I load both the webfiles AND the apache config files, and that way the server exactly mirrors my local setup. The only difference is that the real judyates.com points to the server and not my home computer, so when people try to visit the site they get everything from the server.
Have you tried src="css/main.css"? That is, without the leading slash? If you have a leading slash there your files would have to be in a directory named css that was in the root directory of the webserver, and if I understand you correctly that's not the case.
EDIT: OK, from reading your comments it seems like you are not quite clear on how relative urls work. "/css/main.css" is not relative to the page's location in the directory tree. It means a file named "main.css" in a directory named "css" in the root directory of the webserver. When you put your files on the deployment server your css directory is at the webserver's root directory. But it sounds like you are currently putting the css directory in a subdirectory named for the client... so your css file is now living at "/clientname/css/main.css".
If I understand you correctly, you can do what you want by using relative urls. If your html file is in the same directory as the css directory you would need "css/main.css". If it's in a subdirectory of the directory that contains the css directory you would need "../css/main.css"- the ".." means the parent directory of the current directory. If you use relative urls they will continue to work as long as the relationship between the files doesn't change.
Here's a page on the subject that explains it adequately, I think: http://www.webreference.com/html/tutorial2/3.html. Was pretty much the first thing I found in Google though, so there are likely better explanations out there.
There are a number of Apache directives that you could use to do this, but if using relative urls would work for you (and if I understand you correctly it would) then that's likely to be a lot simpler and less likely to cause you further trouble.