We are running 4 Wordpress network installations on a Windows Server 2008 R2 VPS, with Apache 2.2.17 and PHP 5.3.10 and for some reason we are regularly getting this (sample) error:
Error log
[Thu Feb 16 15:01:59 2012] [error] [client x.x.x.x] Directory index forbidden by Options directive: C:/_webserver/_www/wp/www/
Access log
host x.x.x.x - - [17/Feb/2012:12:59:23 +0200] "GET / HTTP/1.1" 403 306 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; GTB7.2; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; MATM)"
The error "Directory index forbidden" usually means that a directory is trying to be accessed, but there is no file (according to the options directive) to be displayed and directory listing is forbidden. This however is not the case here. The error refers to the folder C:/_webserver/_www/wp/www/, which is the webroot for the project, and has always had an index.php. Also, httpd.conf is set-up with: DirectoryIndex index.html index.php
Seeing as how the error occurs in Apache, I think it's highly unlikely that this can be caused by either PHP or Wordpress.
The tough thing is that we don't know how to reproduce the error, so it is hard for us to test this.
What can we do to find out what the issue could be? Can it have anything to do with the set-up of Apache (seems like a redundant question). Can it have anything to do with the file already being read by Apache? Is there some way we can get more info about this issue?
I would welcome any help to help me solve this nasty case.
UPDATE
These are the modules that I currently have in use
LoadModule deflate_module modules/mod_deflate.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule cache_module modules/mod_cache.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule alias_module modules/mod_alias.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule php5_module "c:/_webserver/_server/php-5.3.10-Win32-VC9-x86/php5apache2_2.dll"
Options directives:
<Directory />
Options FollowSymLinks ExecCGI
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<Directory "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
httpd-vhosts.conf looks like this:
NameVirtualHost *:80
<VirtualHost *:80>
<Directory "C:/_webserver/_www/sites/www">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Include "C:/_webserver/_www/sites/htaccess.conf"
DocumentRoot "C:/_webserver/_www/sites/www"
ServerName xxx
ServerAlias xxx
CustomLog logs/sites.access.log mycombined
ErrorLog logs/sites.error.log
</VirtualHost>
I have 5 virtual hosts set-up like this, with each their own error and access log. The projects don't use a .htaccess, but this is set-up statically via the conf for performance.
The server runs on windows, so the MPM set-up is a little limited
# WinNT MPM
# ThreadsPerChild: constant number of worker threads in the server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_winnt_module>
ThreadsPerChild 1750
MaxRequestsPerChild 0
</IfModule>
Final update
Well, I decided to turn off Apache caching completely, and since then, had no more errors. Unfortunately I haven't had too much time this week to do proper testing, but at least I know where the issue lies. And with a not so busy server, no caching is alright for now. I might be back in a while :-)
This is certainly something hard to debug, occasional bugs are the worst ones :-)
My first thoughts were "internal dumy connections" related issues, but that would not show you an IE8-beta signature in access.log.
So I found three links that you may investigate:
A serverFault intermittent 403 problem, related to mod_negotiation and SSI
Another serverFault intermittent 403, related to MaxClients reached, check that you do not reach MaxClients when that error appears.
A deep analysis of intermittent 403 related to mod_cache
From that I think this kind of problem is a little like drug interactions. So the first thing to do is:
Check the modules loaded in your apache configuration and remove (comment Load lines) the ones you do not need at all (and you will have a faster Apache if you never did it before!).
Build a test environment, for modules that you are still using in production (where removing it would make your application crash). You'll need to be able to reproduce the bug with wget or ab or any other massive HTTP requests tool.
try to inactive modules, one by one, until the problem disappears.
Modules that usually make strange behaviors are:
mod_negotiation (with the related Option Multiviews). Apache is then trying to serve alternate files, after a negociation with the browsers headers. That may break your RewriteRules or interact badly with other modules. That usually lead to some unattented responses to malformed queries, I always remove that module.
mod_include : Server Side Includes (with related option Includes), also known as SSI. Who really needs that?
mod_cache & mod_disk_cache , really, that's a very old school things, you'd better try using Varnish or any other reverse proxy caches
mod_rewrite: the swiss knife, but are you sure you didn't wrote a very strange Rule somewhere?
mod_dir : check you do not have DirectorySlash Off, that may interact badly with some other module doing strange things
mod_isapi : reading the doc may lead you to some hints. For me I have the feeling this is an experimental support, on heavy load I'm quite sure strange things could happen.
mod_proxy : remove it if you do not need it
UPDATE: (after configuration details)
Reading your configuration I saw several little mistakes (unrelated):
<Directory /> I don't think this will work on Windows, as your root is c: not /. But I'm maybe wrong. At least you do not need an allow from all here, quite unsecure.
If you do not use .htaccess files set the AllowOverride None everywhere, especially in a <Directory "C:">, to avoid seeking for theses files from the root directory.
Now for your problem. I do not see any mod_cache related option in your configuration (but maybe you have some included files in subdirectories of apache configuration that use mod_cache directives. If you do not use any of the mod_cache directives you can suspend that module without any risk.
If it's intermittent, it's fair to guess that someone is intermittently deleting and replacing index.php.
Re comments -- this does not require 'sabotage'. If you simply redeploy some style of applications with a running webserver, or restore a backup, there is a window of time when Apache might see a this directory but no file.
Related
This is the first time I have to do something like this. I'm developing a front end application with some stuff I cannot change - it requests some specific address for the serverside data.
I need to redirect all those requests to say:
https://192.168.1.1:8443/server
to a different address, say
https://192.168.100.100:8443/server
I figured this is a job for Reverse Proxy and google brought me to httpd.
Now I work on Windows 7 machine, I've managed to get Apache24 binaries and started it on default 80 port, 127.0.0.1 says "It works!".
I tried to configure a virtual host but no matter what I do, I cannot get it to redirect.
I'm just trying to test the basic stuff first.
I've enabled required mods:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
I've uncommented following include:
Include conf/extra/httpd-vhosts.conf
And inside that file I got this:
<VirtualHost *:80>
ServerName mytest.com
ProxyPass /proxy/ http://myip:tomcatport/myapp/
ProxyPassReverse /proxy/ http://myip:tomcatport/myapp/
</VirtualHost>
I've looked through quite a few of tutorials on how to configure it and tried half a dozen different combinations of the same basic things, configured in this VirtualHost, but no matter what I do, I cannot get it to work.
From what I gathered, this configuration should redirect my browser from mytest.com to http://myip:tomcatport/myapp/, what am I doing wrong here?
I installed last night wamp on my win 7 laptop and started creating a small framework for my projects,
But when I firstly added the RewriteEngine on,it just wasn't working. So I checked to see if the module was on, After I edited the conf file and restarted the server and also checked on apache mods under wamp menu, i confirmed that it was on. So i try to check the page again and I still get an internal server error. So i check the conf file again to check directories permission settup and it seems fine.
So then I go go the error logs and I find Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration. I checked if the .so file actually exist. I dont know what else to try, please help me before i go nuts.
<Directory >
AllowOverride none
Require all denied
</Directory>
<Directory "c:/wamp/www/">
AllowOverride All
Allow From All
Require all granted
</Directory>
#LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule rewrite_module modules/mod_rewrite.so
Since it didn't make sense to me why the RewriteEngine wasn't working (code wise). I suspect there was something wrong with my Wamp installation (it would work in the background even after I close it) even though it was a fresh installation. So I decided to re-install the Wamp server, change the Apache conf file and everything is working fine now.
I copied the relevant lines over from another installation but it doesn't work here. I get a 404 generated by the word press that's installed on the server.
<Location /server-status>
SetHandler server-status
Order Allow,Deny
Allow from [my ip]
</Location>
I used to visit http://[old server ip]/server-status and it worked fine. Now I just get a 404 coming out of the wordpress that's installed on the new server.
Is this what happens if the proper mods are not installed in this installation? How can I tell? How can I trouble shoot this? Thanks.
You're probably missing the LoadModule for mod_status. On debian/ubuntu, use a2enmod. If you manage your config directly, just add the LoadModule for mod_status.
The problem was that this config had to go in /etc/apache2/mods-enabled/status.conf
From what I read it seemed to me like it could also go in apache2.conf or the individual site config file but those didn't work for me for some reason.
Battling second day against problems with using mod_rewrite.
System OS: Windows XP
HTTP server: Apache 2.2 httpd
couple related lines from httpd.conf
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
DocumentRoot "N:/Web-dev/www"
<Directory "/">
Options Indexes +FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory "N:/Web-dev/www">
Options Indexes +FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>
.htaccess contains:
RewriteEngine on
RewriteRule ^alice.html$ bob.html
php info says
Loaded Modules core mod_win32 mpm_winnt http_core mod_so mod_actions mod_alias mod_asis mod_auth_basic mod_authn_default mod_authn_file mod_authz_default mod_authz_groupfile mod_authz_host mod_authz_user mod_autoindex mod_cgi mod_dir mod_env mod_include mod_isapi mod_log_config mod_mime mod_negotiation mod_setenvif mod_rewrite mod_proxy mod_php5
Both files are existing, loading alice.html, it still loads it, in rewrite.log, it shows:
127.0.0.1 - - [25/Apr/2011:11:01:27 +0300] [localhost/sid#7b5148][rid#2bc70b0/initial] (1) [perdir N:/Web-dev/www/] pass through N:/Web-dev/www/alice.html
I eaven tried to test, if it is reading .htaccess file, by adding some jibberish to rewrite engine command, and it proved:
[Mon Apr 25 10:47:04 2011] [alert] [client 127.0.0.1] N:/Web-dev/www/.htaccess: Invalid command 'ReDELETEMEwriteEngine', perhaps misspelled or defined by a module not included in the server configuration
But making same, to RewriteRule, changes nothing, like if it ignores those. I'm out of options, what to do!?
Making more tests, I get to strange results - added some DELETEME before RewriteEngine command - it fails with error, if I add anything afterwards, it ignores it, like if there would be no errrs!
Then I recall my experience with regex and text analysis, I wondered, if tampering with CRLF would do any good, and uncovering, what is current file new line symbols, uncovered that they where CR's. As I know, Apache is unix based software, I thought, it could misunderstood those, so I converted them to LF's and that was it, everything worked afterwards!
Note to future - make sure, with your editor (EditPlus, Notepad++, etc), that your .htaccess new line symbols are multiplatform compatible (CRLF), or at least unix compatible (LF), if working with apache!
Mac OS X ships with apache pre-installed, but the files are in non-standard locations. This question is a place to collect information about where configuration files live, and how to tweak the apache installation to do things like serve php pages.
Apache Config file is: /private/etc/apache2/httpd.conf
Default DocumentRoot is: /Library/Webserver/Documents/
To enable PHP, at around line 114 (maybe) in the /private/etc/apache2/httpd.conf file is the following line:
#LoadModule php5_module libexec/apache2/libphp5.so
Remove the pound sign to uncomment the line so now it looks like this:
LoadModule php5_module libexec/apache2/libphp5.so
Restart Apache: System Preferences -> Sharing -> Un-check "Web Sharing" and re-check it.
OR
$ sudo apachectl restart
Running
$ httpd -V
will show you lots of useful server information, including where the httpd.conf file can be found.
To get SSI/includes (mod_include) to work I found I had to edit /private/etc/apache2/users/myusername.conf and change AllowOverride None to AllowOverride All.
Then add the following in a .htaccess file in the root of your site:
Options +Includes
AddType text/html .html
AddOutputFilter INCLUDES .html
httpd.conf is in /private/etc/apache2
Enable PHP by uncommenting line:
LoadModule php5_module libexec/apache2/libphp5.so
/etc/httpd/users contains user-specific configuration files which can be used to override the global configuration. For example, adding "AddHandler server-parsed html" to the <Directory> block in the /etc/httpd/users/*.conf file that corresponds to one user will enable mod_include parsing of HTML files for that particular user's $HOME/Sites directory, but nowhere else.