I want to add some configuration in my Apache Web server configuration file so, anyone would help me with a command in Linux/Ubunbtu.
First find your httpd processes:
ps -ef | grep httpd
root 14124 1096 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14125 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14126 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14127 14124 0 21:46 ? 00:00:00 /opt/apache/bin/httpd -k start
httpd 14240 6263 0 21:49 pts/0 00:00:00 grep --color=auto http
This will tell you:
the path to the httpd process. Here /opt/apache
Maybe the name and path of the configuration file, as an argument to the httpd process. The httpd process would then be started with the -f CONFIG-FILE argument.
In case 2., you are done!
In case 1, go to the directory the httpd process is from and run this:
cd /opt/apache/bin
./apachectl -V
Server version: Apache/2.4.37 (Unix)
Server built: Jun 21 2019 21:32:47
Server's Module Magic Number: 20120211:83
Server loaded: APR 1.6.5, APR-UTIL 1.6.1
Compiled using: APR 1.6.5, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/apache"
-D SUEXEC_BIN="/opt/apache/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
And there you have it! The last line: -D SERVER_CONFIG_FILE="conf/httpd.conf" tells you that the configuration file is httpd.conf in the conf directory. Since it is an absolute path, look at the value of HTTPD_ROOT to know where the root is for this Apache. Here it is -D HTTPD_ROOT="/opt/apache".
So the full path is: HTTPD_ROOT/SERVER_CONFIG_FILE. Here, /opt/apache/conf/httpd.conf.
Another method:
cd /opt/apache/bin
./httpd -S
Hope this helps!
I was mainly using XAMPP for my local development needs, but I felt it time to take the crutches off and work from the command line interface.
The issue I am running into is that my virtual hosts are directing to the ServerRoot, and not where the virtual host points. The ones I'm trying currently are laravel apps, so my file structure is
/usr/local/var/www/domain1/laravel
/usr/local/var/www/domain1/public_html
Here is my config files
# /etc/apache2/httpd.conf
ServerRoot "/usr/local/var/www"
ServerName 127.0.0.1
DocumentRoot "/usr/local/var/www"
# /etc/apache2/extra/httpd-vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/var/www/mydomain.com/public_html"
ServerName dev.mydomain
ServerAlias www.dev.mydomain
ErrorLog "/private/var/log/apache2/dev.mydomain/error_log"
CustomLog "/private/var/log/apache2/dev.mydomain/access_log" common
</VirtualHost>
# /ect/hosts
127.0.0.1 localhost
127.0.0.1 dev.mydomain
::1 localhost
::1 dev.mydomain
When I go to dev.mydomain in the browser, it takes me to /usr/local/var/www instead of /usr/local/var/www/mydomain/public_html
I've already restarted the server.
Edit 1:
When I traverse the file path, the php files are not parsing either and are opening as regular text files.
Edit 2:
I commented the httpd.conf DocumentRoot line out and restarted apache, but the issue persists. When I do a apachectl -t -D DUMP_VHOSTS the Virtual Configuration comes back blank. I have Include /private/etc/apache2/extra/httpd-vhosts.conf uncommented as well as the LoadModule vhost_alias_module.
I changed
Include /private/etc/apache2/extra/httpd-vhosts.conf
to
Include /etc/apache2/extra/httpd-vhosts.conf
but they both link to the same file.
Edit 3:
Doing apachectl -S returns back a different server root than what I established. `apachectl -t -D DUMP_VHOSTS also returns back empty. I think it's possible I might be running a different version of apache than what came default on OSX. I played with it a few years ago. Is there a way to tell where the current running Apache config path is at?
Edit 4:
I checked where the httpd was running and found I have a different apache running than what is default.
MacBook-Pro:extra Daniel$ whereis httpd
/usr/sbin/httpd
Daniels-MacBook-Pro:extra Daniel$ /usr/sbin/httpd -V
Server version: Apache/2.4.29 (Unix)
Server built: Jan 17 2018 18:20:31
Server's Module Magic Number: 20120211:68
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr"
-D SUEXEC_BIN="/usr/bin/suexec"
-D DEFAULT_PIDLOG="/private/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/private/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/private/etc/apache2/httpd.conf"
I uncommented the vhosts lines again in the other config but now I get an error on restart saying
httpd: Syntax error on line 69 of /usr/local/etc/httpd/httpd.conf: Cannot load lib/httpd/modules/mod_mpm_prefork.so into server: dlopen(/usr/local/var/www/lib/httpd/modules/mod_mpm_prefork.so, 10): image not found
Okay, the issue was that I installed apache a few years ago with Homebrew and forgot. I was configuring the OSX apache config files. To find out which config file is being used, use:
$ whereis httpd
/usr/sbin/httpd
$ /usr/sbin/httpd -V
Server version: Apache/2.4.29 (Unix)
Server built: Jan 17 2018 18:20:31
Server's Module Magic Number: 20120211:68
Server loaded: APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_FLOCK_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr"
-D SUEXEC_BIN="/usr/bin/suexec"
-D DEFAULT_PIDLOG="/private/var/run/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="/private/etc/apache2/mime.types"
-D SERVER_CONFIG_FILE="/private/etc/apache2/httpd.conf" <- where you config is, mine wasn't here
The reason the modules were not loading was because I changed the ServerRoot line a long time ago and didn't realize it. The default ServerRoot is /usr/local/opt/httpd, which contains the lib directory, which is where the modules are located and loaded from. Reseting the httpd.conf back to default and looking into that directory before I changed the path was what helped me catch it.
I have RHEL7.2 with Apache 2.4.6 (From the RHEL repository) using the event-mpm. When I do a graceful restart using the following command, active connections are terminated.
/usr/sbin/httpd -f /path/to/httpd.conf -k graceful
Everything I have read suggests that this should not be the case. Any worker processes/threads should complete their active connections before being terminated and replaced by a new worker with the new config.
I tested this by using JMeter and by using ab on some 'large' files (~15Mb). I was seeing the problem on small 1Kb files also, but I was only able to reliably reproduce the problem on JMeter and not from ab. Using the larger file highlights the problem more reliably as there is a higher chance of the reload happening during an active connection.
For more background, I was originally thinking that the behaviour I was seeing from JMeter (but not from ab) was new connections failing during the brief time that the master listening process was reloading and refusing new connections. This did not make sense as the OS is meant to queue the new connections. This is when I investigated the possibility that it was killing existing connections and tried with the larger files.
Any thoughts on what may be going on here, how I can test further and possibly how to resolve?
Here is the Apache info, if it helps:
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: Jul 12 2016 05:02:54
Server's Module Magic Number: 20120211:24
Server loaded: APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
I am trying to run Apache with SSL for my website. But when I start the Apache it throws the error saying:
httpd: Syntax error on line 127 of /usr/local/custom/apache/conf/httpd.conf:
Cannot load modules/mod_ssl.so into server: /usr/local/custom/apache/modules/mod_ssl.so:
undefined symbol: apr_global_mutex_lockfile
I also encountered the same issue.
The root cause of the issue is a version mismatch in the apr version
In order to fix it, download the following: apr-util-1.5.4.tar.gz and apr-1.5.1.tar.gz.
These can be downloaded at : https://apr.apache.org/download.cgi
Assuming that you have http src untarred in /src/httpd, you untar the apr-1.5.1 and apr-util in the opt/src/httpd/srclib
So the unzipped structure would be opt/src/httpd/srclib/apr and opt/src/httpd/srclib/apr-util
After this is done, you can run the configure with the following command
./configure --prefix=/opt/httpd-2.4.10 --with-included-apr
make
make install
This will install httpd in
/opt/httpd-2.4.10
You can check if the correct version of APR is referenced using the following command
/opt/httpd-2.4.10/bin/httpd -V
You should see output as below.
Server version: Apache/2.4.10 (Unix)
Server built: Dec 16 2014 11:46:58
Server's Module Magic Number: 20120211:36
Server loaded: APR 1.5.1, APR-UTIL 1.5.4
Compiled using: APR 1.5.1, APR-UTIL 1.5.4
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/httpd-2.4.10"
-D SUEXEC_BIN="/opt/httpd-2.4.10/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
Does anyone know the command to determine if OpenSSL and mod_ssl are installed on Apache2?
If you have PHP installed on your server, you can create a php file, let's called it phpinfo.php and add this <?php echo phpinfo();?>, and open the file in your browser, this shows information about your system environment, to quickly find info about your Apache loaded modules, locate 'Loaded Modules' on the resulting page.
If you have PHP installed on your server, you can chek it in runtime using "extension_loaded" funciontion. Just like this:
<?php
if (!extension_loaded('openssl')) {
// no openssl extension loaded.
}
?>
Usually, when you compile your apache2 server (or install it by packages facility stuff), you can check any directive that're available to be used by tapping this command:
~# $(which httpd) -L | grep SSL # on RHEL/CentOS/Fedora
~# $(which apache2) -L | grep SSL # on Ubuntu/Debian
~# $(which httpd2) -L | grep SSL # on SUSE
If you don't see any SSL* directive, it means that you don't have apache2 with mod_ssl compiled.
The default Apache install is configured to send this information on the Server header line. You can view this for any server using the curl command.
$ curl --head http://localhost/
HTTP/1.1 200 OK
Date: Fri, 04 Sep 2009 08:14:03 GMT
Server: Apache/2.2.8 (Unix) mod_ssl/2.2.8 OpenSSL/0.9.8a DAV/2 PHP/5.2.6 SVN/1.5.4 proxy_html/3.0.0
Use the following commands.
$ openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013 (or similar output)
For RHEL/CentOS/Fedora:
$ httpd -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For Ubuntu/Debian
$ apache2 -t -D DUMP_MODULES | grep ssl
ssl_module (shared)
For SUSE
$ httpd2 -t -D DUMP_MODULES 2>&1 | grep ssl
ssl_module (shared)
Using Apache 2, you can see what modules are currently loaded by the HTTP daemon by running the following command:
apache2ctl -M
The -M option is really just a parameter passed to httpd.
apache2ctl is a front end to the Apache HyperText Transfer Protocol
(HTTP) server. It is
designed to help the administrator control the functioning of the Apache apache2 daemon.
NOTE: The default Debian configuration requires the environment variables APACHE_RUN_USER,
APACHE_RUN_GROUP, and APACHE_PID_FILE to be set in /etc/apache2/envvars.
The apache2ctl script returns a 0 exit value on success, and >0 if an error occurs. For
more details, view the comments in the script.
Fortunately, Most flavors of Linux have OpenSSL "out of the box".
To verify installation:
openssl version
Response:
OpenSSL 1.0.1t 3 May 2016
Note: version OpenSSL 1.0.1 through 1.0.1f (inclusive)
are vulnerable to the OpenSSL Heartbleed Bug.
Versions 1.0.1g and greater are fixed.
For additional install info:
Ubuntu/Debian
dpkg -l | grep -i openssl
Response:
ii libcrypt-openssl-random-perl 0.04-2+b1 amd64 module to access the OpenSSL pseudo-random number generator
ii libcurl3:amd64 7.38.0-4+deb8u5 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
ii libgnutls-openssl27:amd64 3.3.8-6+deb8u4 amd64 GNU TLS library - OpenSSL wrapper
ii openssl 1.0.1t-1+deb8u6 amd64 Secure Sockets Layer toolkit - cryptographic utility
ii python-ndg-httpsclient 0.3.2-1 all enhanced HTTPS support for httplib and urllib2 using PyOpenSSL
ii python-openssl 0.14-1 all Python 2 wrapper around the OpenSSL library
ii ssl-cert 1.0.35 all simple debconf wrapper for OpenSSL
Yea, OpenSSL is installed!
To install OpenSSL if you don't have it, try:
Debian/Ubuntu:
sudo apt-get install openssl
RedHat/CentOS:
yum install openssl
To determine openssl & ssl_module
# rpm -qa | grep openssl
openssl-libs-1.0.1e-42.el7.9.x86_64
openssl-1.0.1e-42.el7.9.x86_64
openssl098e-0.9.8e-29.el7.centos.2.x86_64
openssl-devel-1.0.1e-42.el7.9.x86_64
mod_ssl
# httpd -M | grep ssl
or
# rpm -qa | grep ssl
You should install this Apache mod, http://httpd.apache.org/docs/2.0/mod/mod_info.html, it basically gives you a run down of the mods you're using and the Apache settings.
I have this enabled on my Apache and it gives me this info for my website,
Server Version: Apache/2.2.3 (Debian) mod_jk/1.2.18 PHP/5.2.0-8+etch13 mod_ssl/2.2.3 OpenSSL/0.9.8c mod_perl/2.0.2 Perl/v5.8.8
If you just run openssl in your terminal it should present the openSSL shell. My first clue to knowing that I didn't have mode_ssl was when I got the following error after adding SSLEngine on in my virtualhost file:
Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
In centos I just had to install it via yum install mod_ssl
Just look in the ssl_engine.log in your Apache log directory where you should find something like:
[ssl:info] [pid 5963:tid 139718276048640] AH01876: mod_ssl/2.4.9 compiled against Server: Apache/2.4.9, Library: OpenSSL/1.0.1h
Create a test.php file with the following code in a www folder:
<?php echo phpinfo();?>
When you navigate to that page/URL in the browser. You will see something similar if you have openssl enabled:
Enable mod_ssl in httpd.conf and restart the apache. You will see the openssl information in error.log as below
[Fri Mar 23 15:13:38.448268 2018] [mpm_worker:notice] [pid 8891:tid 1] AH00292: Apache/2.4.29 (Unix) OpenSSL/1.0.2n configured -- resuming normal operations
[Fri Mar 23 15:13:38.448502 2018] [core:notice] [pid 8891:tid 1] AH00094: Command line: '/opt/apps/apache64/2.4.29/bin/httpd'
to verify in php command lie
$php -i | grep openssl
In my case this is how I got the information:
find where apache logs are located, and go there, in my case:
cd /var/log/apache2
find in which log openssl information can be found:
grep -i apache.*openssl *_log
e.g. error_log ...
to get fresh information, restart apache, e.g.
rcapache2 restart # or service apache2 restart
check for last entries in the log, e.g.
/var/log/apache2 # tail error_log
[Thu Jun 09 07:42:24 2016] [notice] Apache/... (Linux/...) mod_ssl/2.2.22 OpenSSL/1.0.1t ...
To find the ssl version
Go to Apache bin folder in command prompt
Enter these commands "openssl version"