Will this config error stop apache from restarting - sysadmin

I have a production website running apache on linux. There are all sorts of rules set up which I don't want to mess with.
I need to restart apache so I decided to do a configtest first to check that everything was ok.
My question is, will apache restart given this error?
>$ service httpd configtest
Syntax error on line 129 of /etc/httpd/conf.d/ssl.conf:
SSLCertificateFile: file '/etc/httpd/conf/ssl.crt/server.crt' does not exist or is empty
I didn't change the ssl.conf, I don't know who did, I don't know how to fix it. Apache is running fine now. Can I safely restart apache and expect it to come up? If there were more errors than this one would they show - or does configtest stop after the first error?

I think that Apache hangs on any error, specially syntax errors.

Related

Apache doesn't start on any port

I just installed apache 2.2 and it was working just fine after I restarted that this error appears when I'm trying to start that:
The requested operation has failed!
first I thought It's about the default 80 port that apache is using so I turned off IIL from windows features but that didn't help
so I change the port from Apache httpd.conf
but still this error prevents me from starting the server.
does anyone know how can I fix this?
any help will be much appreciated.
I just installed apache 2.2.9 instead of 2.2.11 and it's working fine

How can I disable the switch back to mpm_prefork by Apache Security update?

my Apache2 on Ubuntu 16.04 runs mpm_event, but on every Security Update Apache switch back to mpm_prefork. Why and how can I disable this, so mpm_event is still configured?
I found this: https://ubuntu101.co.za/apache-web-server/fix-apache-2-4-loading-wrong-mpm-worker-module/
But this don't work for me. After a security update I get the error message: "No MPM is configured". So my Apache don't run.
Did you have an idea?
Same problem. However, I found that if I commented out the lines as described in https://ubuntu101.co.za/apache-web-server/fix-apache-2-4-loading-wrong-mpm-worker-module/ but then also added the line below underneath the commented-out lines in each file, mpm_prefork was disabled when updating. This worked for me on both Ubuntu 16.04 and 18.04.
LoadModule mpm_event_module /usr/lib/apache2/modules/mod_mpm_event.so
Doing this generated warnings about php-fpm and proxy_fcgi not being enabled but checking showed that they were actually still enabled.

Apache Can't Start again after restart

I'm confused because of this error. Any help will be appreciated
use "top" command to see if any apache service works. If is, kill all and then do service apache2 reload, and service apache2 start. Paste your top results here.

Apache reload skipping vhost on error

I have several vhost configured with there own conf file under conf.d. This works fine, but ever so often i have to make changes to one of the files and the reload apache. Is there a way where apache would skip that file if there is an error so that the other sites still goes up on a reload?
This is a prod site (and yes i should test all first, but that is not always practical).
It would be nice if I could change the file for domain1.conf do a service httpd restart and then if there is an error in the file that today would cause apache not to start at all it would simply skip that conf file and load start with all the others.
Hope this would work
Regards
Tore
This did the trick
apachectl configtest
https://serverfault.com/questions/774719/make-apache-reload-skipping-vhost-on-error

Internal Error 500 Apache, but nothing in the logs?

I'm getting 500 Internal Server errors when I try to make an HTTP POST to a specific address in my app. I've looked into the server logs in the custom log directory specified in the virtual hosts file, but the error doesn't show up there so debugging this has been a pain in the ass.
How do I cause Apache to log Internal 500 errors into the error log?
This is an Ancient answer from 2013, back when PHP was new and security wasn't an issue:
Here in the future it's a security risk to dump errors to screen like this. You better not be doing this in any production setting.
Why are the 500 Internal Server Errors not being logged into your apache error logs?
The errors that cause your 500 Internal Server Error are coming from a PHP module. By default, PHP does NOT log these errors. Reason being you want web requests go as fast as physically possible and it's a security hazard to log errors to screen where attackers can observe them.
These instructions to enable Internal Server Error Logging are for Ubuntu 12.10 with PHP 5.3.10 and Apache/2.2.22.
Make sure PHP logging is turned on:
Locate your php.ini file:
el#apollo:~$ locate php.ini
/etc/php5/apache2/php.ini
Edit that file as root:
sudo vi /etc/php5/apache2/php.ini
Find this line in php.ini:
display_errors = Off
Change the above line to this:
display_errors = On
Lower down in the file you'll see this:
;display_startup_errors
; Default Value: Off
; Development Value: On
; Production Value: Off
;error_reporting
; Default Value: E_ALL & ~E_NOTICE
; Development Value: E_ALL | E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED
The semicolons are comments, that means the lines don't take effect. Change those lines so they look like this:
display_startup_errors = On
; Default Value: Off
; Development Value: On
; Production Value: Off
error_reporting = E_ALL
; Default Value: E_ALL & ~E_NOTICE
; Development Value: E_ALL | E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED
What this communicates to PHP is that we want to log all these errors. Warning, there will be a large performance hit, so you don't want this enabled on production because logging takes work and work takes time, time costs money.
Restarting PHP and Apache should apply the change.
Do what you did to cause the 500 Internal Server error again, and check the log:
tail -f /var/log/apache2/error.log
You should see the 500 error at the end, something like this:
[Wed Dec 11 01:00:40 2013] [error] [client 192.168.11.11] PHP Fatal error:
Call to undefined function Foobar\\byob\\penguin\\alert() in /yourproject/
your_src/symfony/Controller/MessedUpController.php on line 249
I just ran into this and it was due to a mod_authnz_ldap misconfiguration in my .htaccess file. Absolutely nothing was being logged, but I kept getting a 500 error.
If you run into this particular issue, you can change the log level of mod_authnz_ldap like so:
LogLevel warn authnz_ldap_module:debug
That will use a log level of debug for mod_authnz_ldap but warn for everything else (https://httpd.apache.org/docs/2.4/en/mod/core.html#loglevel).
Check your php error log which might be a separate file from your apache error log.
Find it by going to phpinfo() and check for error_log attribute.
If it is not set. Set it: https://stackoverflow.com/a/12835262/445131
Maybe your post_max_size is too small for what you're trying to post, or one of the other max memory settings is too low.
If your Internal Server Error information doesn't show up in log files, you probably need to restart the Apache service.
I've found that Apache 2.4 (at least on Windows platform) tends to stubbornly refuse to flush log files—instead, logged data remains in memory for quite a while. It's a good idea from the performance point of view but it can be confusing when developing.
Please Note: The original poster was not specifically asking about PHP. All the php centric answers make large assumptions not relevant to the actual question.
The default error log as opposed to the scripts error logs usually has the (more) specific error. often it will be permissions denied or even an interpreter that can't be found.
This means the fault almost always lies with your script. e.g you uploaded a perl script but didnt give it execute permissions? or perhaps it was corrupted in a linux environment if you write the script in windows and then upload it to the server without the line endings being converted you will get this error.
in perl if you forget
print "content-type: text/html\r\n\r\n";
you will get this error
There are many reasons for it. so please first check your error log and then provide some more information.
The default error log is often in /var/log/httpd/error_log or /var/log/apache2/error.log.
The reason you look at the default error logs (as indicated above) is because errors don't always get posted into the custom error log as defined in the virtual host.
Assumes linux and not necessarily perl
The answers by #eric-leschinski is correct.
But there is another case if your Server API is FPM/FastCGI (Default on Centos 8 or you can check use phpinfo() function)
In this case:
Run phpinfo() in a php file;
Looking for Loaded Configuration File param to see where is config file for your PHP.
Edit config file like #eric-leschinski 's answer.
Check Server API param.
If your server only use apache handle API -> restart apache.
If your server use php-fpm you must restart php-fpm service
systemctl restart php-fpm
Check the log file in php-fpm log folder. eg /var/log/php-fpm/www-error.log
Please check if you are disable error reporting somewhere in your code.
There was a place in my code where I have disabled it, so I added the debug code after it:
require_once("inc/req.php"); <-- Error reporting is disabled here
// overwrite it
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
Add HttpProtocolOptions Unsafe to your apache config file and restart the apache server. It shows the error details.
In my case it was the ErrorLog directive in httpd.conf. Just accidently noticed it already after I gave up. Decided to share the discovery )
Now I know where to find the 500-errors.
Check that the version of php you're running matches your codebase. For example, your local environment may be running php 5.4 (and things run fine) and maybe you're testing your code on a new machine that has php 5.3 installed. If you are using 5.4 syntax such as [] for array() then you'll get the situation you described above.
Try accessing a static file. If this is not working either then
go to all directories from the root "/" or "c:\" to the directory of your file and check if they contain ".htaccess" files.
I once left a file in "c:\" and it had the most strange results.