Linux-Noob Forums - LAMP

apache/mod_ssl problem

Wed, 18 Jan 2012 11:16:58 +0100

I removed my ssl options in apache for one of my websites and I changed the port for virtualhost back to 80. I also remove the certificates for feedmebits.nl. I restarted apache but now my website one seem to come online anymore. My other website wors fine, when I try to go to feedmebits.nl via a proxy, I get the following error: Couldn't connect to feedmebits.nl:443: No route to host . Seems like somewhere it's still trying to connect to the ssl port. I've been search and looking over my apache config file. Can't find anything there and I there's nothing installed anymore that has to do with ssl. Any advice to help me in the right direction. My website access.log shows that I did try to connect via a proxy:

69.175.115.50 - - [18/Jan/2012:10:55:51 +0100] "GET / HTTP/1.0" 303 - "http://www.mywebtunnel.com/" "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"

but it won't display my site.

.htpasswd

Sat, 07 Jan 2012 21:50:10 +0100

is it possible to add another user/password to my already configured .htpasswd file ?

Working on Fail2ban

Sun, 06 Nov 2011 19:06:41 +0100

I got logwatch installed and working. I've also installed fail to ban and started the service. Still working on configuring it. I found out that I should be able to configure fail2ban to filter and ban per log. I found this in the fail2ban documention : at the bottom

Centos

Under CentOS / RedHat Enterprise Linux, httpd (Apache) is not compiled with tcpwrappers support. As a result the example in jail.conf called "apache-tcpwrapper" does not work since /etc/hosts.deny does not affect apache.

Mean that the filter [apache-tcpwrapper] won't work for me. So I did a bit of search and come across centos-fail2ban and seem they are using it there. So I'll just try to use it and configure it and see what the results are. But just strange two documentations saying two different things.

more apache/php

Tue, 06 Sep 2011 08:25:07 +0200

Been kind of busy this past week, and this week too. Going to continue with my webserver project en wil post and document here so others can use it and I'll post my questions here when I'm stuck on something and can't figure it out. I'm going to try install/configure suphp, mod_ssl, and maybe mod_security. And maybe others but just starting with these.

Apache/websites

Fri, 12 Aug 2011 07:48:16 +0200

I have LAMP server running and I've been using root account download files into

/var/www/html/websites/example.com. Right now all the folders/files are owned by root.

Is it better to make a normal user account and give that account r/w/x access to /var/www/html/websites

or /var/www/html/websites/example.com .So that I'm not doing everything with root user cuz I think that's

probably an unsafe practice?

And I have Joomla installed and my folders rights are set to 755 which but when I try to install a joomla

component or template I get the following error: Warning: Failed to move file! I know this has to do with

rights not being set right cuz I googled it.

But I don't quite get it cause as far as I can see all my folder permissions are set right, but when I check joomla system information->

Directory permissions they all say unwritable. Maybe it has to do with my first question? According to joomla-documentation

files should be set to 644 and folders to 755. And I'm not comfortable setting the folder permissions to 777.

[img]/monthly_08_2011/post-6026-0-25442600-1313128336.jpg[/img]

Unwritable-Folders.JPG (Size: 171.4 KB / Downloads: 0)

apache/virtualhosts/phpmyadmin

Tue, 09 Aug 2011 19:48:02 +0200

I have my apache and virtualhost setup same as in this post

After this I installed phpmyadmin, by downloaded it and untaring it and renaming the folder to phpmyadmin. And I restarted apache and testet it: http://myip/phpmyadmin.

phpmyadmin wasn't working. I then tried commented out my virtual host and I restarted apache and again I tested http://myip/phpmyadmin and it worked. So how come

phpmyadmin works when I'm not using my virtual domain and when I do it doesn't work?

Don't understand something about virtualhosts

Sun, 07 Aug 2011 18:12:40 +0200

I'm trying to get virtual hosts working on Apache.

In /etc/httpd/conf/http.conf it says that: DocumentRoot "/var/www/html". So I think that's the place where Apache will be looking for your website files.

I made a virtualhost:

NameVirtualHost ipadress:80

# Custom virtualhosts

ServerAlias www.feedmebits.nl

ServerAdmin maarten@feedmebits.nl

DocumentRoot feedmebits.nl

ServerName feedmebits.nl

ErrorLog logs/feedmebits.nl-error_log

#CustomLog logs/host.some_domain.com-access_log common

in /var/www/html/ I made two directories so it looks like this:

/var/www/html/websites/feedmebits.nl

When I restart Apached it restarts but gives me an error:

Starting httpd: Warning: DocumentRoot [/etc/httpd/feedmebits.nl] does not exist

When I try and make a directory in /etc/httpd/feedmebits.nl and restart apache I don't get the error message.

And when I try making putting feedmebits.nl in a sub directory: /etc/httpd/websites/feedmebits.nl I also get

an the same error message.

I don't quite understand this because isn't it supposed to go to DocumentRoot which is /var/www/html and if I added

directories in there and mentioned it in my virtual host, isn't it supposed to see it? Why am I getting an error?

Don't quite understand?

Another thing I noticed, is that when I have my virtualhost enabled, and try to go to my test.php which is in /var/www/html/test.php

It doesn't work anymore either. When I add it to /etc/httpd/feedmebits.nl, it works again.

Download of "pecl/json" succeeded, but it is not a valid package archive

Tue, 04 Jan 2011 08:47:22 +0100

I'm in the process of upgrading the webserver backup server (making it as up to date as the server in amsterdam) and got an error installng the json component,

Quote:[root@www ~]# pear install pecl/jsondownloading json-1.2.1.tgz ...

Starting to download json-1.2.1.tgz (-1 bytes)

....done: 3,585 bytes

Could not get contents of package "/tmp/tmp6dS4fR/json-1.2.1.tgz". Invalid tgz file.

Download of "pecl/json" succeeded, but it is not a valid package archive

Error: cannot download "pear/json"

reason why ?

because the http://pecl.php.net/ site is down...

Quote:ERROR:

* DB Error: connect failed

any workaround ? or must I wait until it's back up again ?

mirroring a webserver

Wed, 13 Oct 2010 19:36:04 +0200

hi guys, i'd like to (if possible) mirror my webserver setup (centos 5.5) so that it's running simultaneously on one server in Europe and one in the U.S. and any changes that happen on one will be mirrored on the other

the setup is all via rpm, and it's apache, mysql, php, there are two websites with databases to consider (this and another) and that's about it,

is it doable but more importantly is it hard to do ??? any tips/ideas/guides ?

Apache vhosts inGentoo

Thu, 13 May 2010 19:19:18 +0200

Im trying to set up 2 vhosts on gentoo. I got vhost1.nl and vhost2.nl. For some reason i when i visit vhost2.nl it redirects me to vhosts1.nl and i cannot figuere out why.

This is my setup:

Code:
# apache2 -V

Server version: Apache/2.2.15 (Unix)

Server built:   Mar 31 2010 09:16:29

Server's Module Magic Number: 20051115:24

Server loaded:  APR 1.3.9, APR-Util 1.3.9

Compiled using: APR 1.3.9, APR-Util 1.3.9

Architecture:   32-bit

Server MPM:     Prefork

 threaded:     no

   forked:     yes (variable process count)

Server compiled with....

-D APACHE_MPM_DIR="server/mpm/prefork"

-D APR_HAS_SENDFILE

-D APR_HAS_MMAP

-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)

-D APR_USE_SYSVSEM_SERIALIZE

-D APR_USE_PTHREAD_SERIALIZE

-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT

-D APR_HAS_OTHER_CHILD

-D AP_HAVE_RELIABLE_PIPED_LOGS

-D DYNAMIC_MODULE_LIMIT=128

-D HTTPD_ROOT="/usr"

-D SUEXEC_BIN="/usr/sbin/suexec"

-D DEFAULT_PIDLOG="/var/run/httpd.pid"

-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"

-D DEFAULT_LOCKFILE="/var/run/accept.lock"

-D DEFAULT_ERRORLOG="logs/error_log"

-D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"

-D SERVER_CONFIG_FILE="/etc/apache2/httpd.conf"

File: /etc/conf.d/apache2

Code:
# /etc/conf.d/apache2: config file for /etc/init.d/apache2

# When you install a module it is easy to activate or deactivate the modules

# and other features of apache using the APACHE2_OPTS line. Every module should

# install a configuration in /etc/apache2/modules.d. In that file will have an

#  directive where NNN is the option to enable that module.

#

# Here are the options available in the default configuration:

#

#  AUTH_DIGEST  Enables mod_auth_digest

#  AUTHNZ_LDAP  Enables authentication through mod_ldap (available if USE=ldap)

#  CACHE        Enables mod_cache

#  DAV          Enables mod_dav

#  ERRORDOCS    Enables default error documents for many languages.

#  INFO         Enables mod_info, a useful module for debugging

#  LANGUAGE     Enables content-negotiation based on language and charset.

#  LDAP         Enables mod_ldap (available if USE=ldap)

#  MANUAL       Enables /manual/ to be the apache manual (available if USE=docs)

#  MEM_CACHE    Enables default configuration mod_mem_cache

#  PROXY        Enables mod_proxy

#  SSL          Enables SSL (available if USE=ssl)

#  SUEXEC       Enables running CGI scripts (in USERDIR) through suexec.

#  USERDIR      Enables /~username mapping to /home/username/public_html

#

#

# The following two options provide the default virtual host for the HTTP and

# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache

# will not listen for incomming connections on the approriate port.

#

#  DEFAULT_VHOST      Enables name-based virtual hosts, with the default

#                     virtual host being in /var/www/localhost/htdocs

#  SSL_DEFAULT_VHOST  Enables default vhost for SSL (you should enable this

#                     when you enable SSL)

#

APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D PHP5 -D PROXY -D PROXY_HTML"

# Extended options for advanced uses of Apache ONLY

# You don't need to edit these unless you are doing crazy Apache stuff

# As not having them set correctly, or feeding in an incorrect configuration

# via them will result in Apache failing to start

# YOU HAVE BEEN WARNED.

# ServerRoot setting

#SERVERROOT=/usr/lib/apache2

# Configuration file location

# - If this does NOT start with a '/', then it is treated relative to

# $SERVERROOT by Apache

#CONFIGFILE=/etc/apache2/httpd.conf

# Location to log startup errors to

# They are normally dumped to your terminal.

#STARTUPERRORLOG="/var/log/apache2/startuperror.log"

# A command that outputs a formatted text version of the HTML at the URL

# of the command line. Designed for lynx, however other programs may work.

#LYNX="lynx -dump"

# The URL to your server's mod_status status page.

# Required for status and fullstatus

#STATUSURL="http://localhost/server-status"

# Method to use when reloading the server

# Valid options are 'restart' and 'graceful'

# See http://httpd.apache.org/docs/2.2/stopping.html for information on

# what they do and how they differ.

#RELOAD_TYPE="graceful"

http.conf:

Code:
# cat httpd.conf

# This is a modification of the default Apache 2.2 configuration file

# for Gentoo Linux.

#

# Support:

#   http://www.gentoo.org/main/en/lists.xml   [mailing lists]

#   http://forums.gentoo.org/                 [web forums]

#   irc://irc.freenode.net#gentoo-apache      [irc chat]

#

# Bug Reports:

#   http://bugs.gentoo.org                    [gentoo related bugs]

#   http://httpd.apache.org/bug_report.html   [apache httpd related bugs]

#

#

# This is the main Apache HTTP server configuration file.  It contains the

# configuration directives that give the server its instructions.

# See  for detailed information.

# In particular, see

# 

# for a discussion of each configuration directive.

#

# Do NOT simply read the instructions in here without understanding

# what they do.  They're here only as hints or reminders.  If you are unsure

# consult the online docs. You have been warned.

#

# Configuration and logfile names: If the filenames you specify for many

# of the server's control files begin with "/" (or "drive:/" for Win32), the

# server will use that explicit path.  If the filenames do *not* begin

# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"

# with ServerRoot set to "/usr" will be interpreted by the

# server as "/usr/var/log/apache2/foo.log".

# ServerRoot: The top of the directory tree under which the server's

# configuration, error, and log files are kept.

#

# Do not add a slash at the end of the directory path.  If you point

# ServerRoot at a non-local disk, be sure to point the LockFile directive

# at a local disk.  If you wish to share the same ServerRoot for multiple

# httpd daemons, you will need to change at least LockFile and PidFile.

ServerRoot "/usr/lib/apache2"

# Dynamic Shared Object (DSO) Support

#

# To be able to use the functionality of a module which was built as a DSO you

# have to place corresponding `LoadModule' lines at this location so the

# directives contained in it are actually available _before_ they are used.

# Statically compiled modules (those listed by `httpd -l') do not need

# to be loaded here.

#

# Example:

# LoadModule foo_module modules/mod_foo.so

#

# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.

#         Do not change manually, it will be overwritten on upgrade.

#

# The following modules are considered as the default configuration.

# If you wish to disable one of them, you may have to alter other

# configuration directives.

#

# Change these at your own risk!

LoadModule actions_module modules/mod_actions.so

LoadModule alias_module modules/mod_alias.so

LoadModule auth_basic_module modules/mod_auth_basic.so

LoadModule authn_alias_module modules/mod_authn_alias.so

LoadModule authn_anon_module modules/mod_authn_anon.so

LoadModule authn_dbm_module modules/mod_authn_dbm.so

LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authn_file_module modules/mod_authn_file.so

LoadModule authz_dbm_module modules/mod_authz_dbm.so

LoadModule authz_default_module modules/mod_authz_default.so

LoadModule authz_groupfile_module modules/mod_authz_groupfile.so

LoadModule authz_host_module modules/mod_authz_host.so

LoadModule authz_owner_module modules/mod_authz_owner.so

LoadModule authz_user_module modules/mod_authz_user.so

LoadModule autoindex_module modules/mod_autoindex.so

LoadModule cache_module modules/mod_cache.so

LoadModule cgi_module modules/mod_cgi.so

LoadModule dav_module modules/mod_dav.so

LoadModule dav_fs_module modules/mod_dav_fs.so

LoadModule dav_lock_module modules/mod_dav_lock.so

LoadModule deflate_module modules/mod_deflate.so

LoadModule dir_module modules/mod_dir.so

LoadModule disk_cache_module modules/mod_disk_cache.so

LoadModule env_module modules/mod_env.so

LoadModule expires_module modules/mod_expires.so

LoadModule ext_filter_module modules/mod_ext_filter.so

LoadModule file_cache_module modules/mod_file_cache.so

LoadModule filter_module modules/mod_filter.so

LoadModule headers_module modules/mod_headers.so

LoadModule include_module modules/mod_include.so

LoadModule info_module modules/mod_info.so

LoadModule log_config_module modules/mod_log_config.so

LoadModule logio_module modules/mod_logio.so

LoadModule mem_cache_module modules/mod_mem_cache.so

LoadModule mime_module modules/mod_mime.so

LoadModule mime_magic_module modules/mod_mime_magic.so

LoadModule negotiation_module modules/mod_negotiation.so

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_http_module modules/mod_proxy_http.so

LoadModule rewrite_module modules/mod_rewrite.so

LoadModule setenvif_module modules/mod_setenvif.so

LoadModule speling_module modules/mod_speling.so

# 

# LoadModule ssl_module modules/mod_ssl.so

# 

LoadModule status_module modules/mod_status.so

LoadModule unique_id_module modules/mod_unique_id.so

LoadModule userdir_module modules/mod_userdir.so

LoadModule usertrack_module modules/mod_usertrack.so

LoadModule vhost_alias_module modules/mod_vhost_alias.so

# If you wish httpd to run as a different user or group, you must run

# httpd as root initially and it will switch.

#

# User/Group: The name (or #number) of the user/group to run httpd as.

# It is usually good practice to create a dedicated user and group for

# running httpd, as with most system services.

User apache

Group apache

# Supplemental configuration

#

# Most of the configuration files in the /etc/apache2/modules.d/ directory can

# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features

# or to modify the default configuration of the server.

#

# To know which flag to add to APACHE2_OPTS, look at the first line of the

# the file, which will usually be an  where OPTION is the

# flag to use.

Include /etc/apache2/modules.d/*.conf

# Virtual-host support

#

# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we

# include a default vhost (enabled by adding -D DEFAULT_VHOST to

# APACHE2_OPTS in /etc/conf.d/apache2).

Include /etc/apache2/vhosts.d/*.conf

# vim: ts=4 filetype=apache

Then my conf in /etc/apache2/vhosts.d/*.conf

Code:
# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# 

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the 

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80

# Use name-based virtual hosting.

NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default

# httpd.conf configuration will go away. We redefine it here so that it is

# still available.

#

# If you disable this vhost by removing -D DEFAULT_VHOST from

# /etc/conf.d/apache2, the first defined virtual host elsewhere will be

# the default.

       ServerName vhost1.nl

       ServerAdmin root@vhost1

       DocumentRoot "/var/www/vhost1.nl/htdocs"

       Options Indexes FollowSymLinks

       AllowOverride All

       Allow from all

               ServerEnvironment apache apache

       ServerName vhost2.nl

       ServerAdmin root@vhost2.nl

       DocumentRoot "/var/www/vhost2.nl/htdocs"

               Options Indexes FollowSymLinks

               AllowOverride All

               Allow from all

               ServerEnvironment apache apache

# vim: ts=4 filetype=apache

Also, what might be something to worth mentioning, is that on vhost1.nl runs a opensource CMS called drupal. I want vhost1.nl redirected to WWW.vhost1.nl. On vhost2.nl is running a plain simple website that i also want to redirect to www. That's why i made the following .htaccess files:

vhost1.nl:

Code:
# cat .htaccess 

RewriteEngine on

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_URI} !=/favicon.ico

RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

RewriteCond %{HTTP_HOST} ^vhost1\.nl$ [NC]

RewriteRule ^(.*)$ http://www.vhost1.nl/$1 [L,R=301]

vhost2.nl

Code:
RewriteEngine on

RewriteCond %{HTTP_HOST} ^vhost2\.nl$ [NC]

RewriteRule ^(.*)$ http://www.vhost2.nl/$1 [L,R=301]

You guys see antything unusual? Thanks in Advance

Grtz EzMe

Railo Installation and Setup (CentOS, cPanel and Resin)

Fri, 02 Apr 2010 09:05:57 +0200

Primarily this post was originally going to be for my own use, but i think that the community at large will be able to benefit from it.

There will be an update to this at some point in time as the installation that i have here is far from perfect but it will give you a good starting block on how to get Railo up and running quickly and efficiently.

Step 1: – Gather all the required elements to make this work.

1. This blog post for instructions (Duh!)

2. You will need Java JDK (Java development toolkit) ( will be refered to simply as JDK ) – The JRE Installation on its own is unfortunately not sufficiant enough to beable to run railo. – The latest version available will be suitable to run Resin and Railo ( At the time of writing the latest version was 1.6.0 U19 )

3. You will need a copy of Caucho Resin ( http://www.caucho.com/download/resin-3.1.10.tar.gz ) – For this installation i selected Resin 3.1.10 ( latest )

4. You will need a copy of Railo ( http://www.getrailo.org/down.cfm?item=/r...ars.tar.gz ) – The version that has been selected for this installation is Railo 3.1.2 ( latest )

The above components are listed as they are what i have used on my installation.

read the rest @ > http://harrassed.net/2010/04/railo-insta...and-resin/

I am the biggest idiot alive

Sat, 09 Jan 2010 21:26:34 +0100

So, I'm working on our webhost via SSH (it's a dedicated virtual server) with root credentials ... and I type a command that may have just ruined my life.

Code:
rm -d -f -r /

I was in the process of cleaning out some directories with svn repos buried and getting ready to deploy a new repo. Now I don't know what I've deleted, but I've obviously screwed things up in a major way.

Here's what came up right afterward:

Code:
rm: cannot remove directory `//tmp': Device or resource busy

rm: cannot remove `//dev/pts/0': Operation not permitted

At that point I realized what I'd done and hit Ctrl+C. But I'm afraid the damage is done. The only command I could execute from cl after that was "cd," commands like "ls" won't work. FTP, SSH don't work, and the currently live websites are acting funky. Did I completely hose myself?

external access to my web server

Wed, 02 Dec 2009 14:44:28 +0100

Hi,

I've followed a "how to set up a LAMP server" tutorial and got everything installed and working. If I access the machine's local ip I can see it from any computer in the house. Am I correct in thinking that means everything is configured and working properly on the server's end of things? It's running the most recent Debian distro, by the way. So what's left to do is forward port 80 to that computer's ip?

Right so I've done that too, my router (BeBox) calls it Application & Game Sharing.

But now if I try to navigate to http://my.ip.here.ok I end up coming to the router's config page.

Any suggestions? Is there something else I've got to do I don't know about?? Or is this just an issue with the router in which case I can ship myself over to my ISP's support forum...

Thanks in advance

Sam

Annoying 403 Error

Tue, 22 Sep 2009 00:13:17 +0200

I have just moved from another LAMP server that wasn't running any Control Panel. I move my files there from a cPanel server without any problem. Now, I want to move them to another server that is closer to me. Upon trying to to move my files via a TAR archive, I am recieving a 403 error. I have tried every single possible combination for permissions both on the folder itself and the files within and I still recieve a 403. (I have tried the one at https://www.linux-noob.com/forums/index.php?/topic/1144-set-correct-permissions-on-your-apache-files/). Does anybody have any ideas? Thank you in advance!

Open Source web/ajax console for Postfix !

Mon, 17 Aug 2009 12:58:14 +0200

Since 3 years i develop an Open Source end-user front-end for Postfix, Spamassassin and others filters in order to help newbies to fight spams and to manage correctly eMail server on Linux.

During this work,i had improve this product by manage mailboxes, file server, OpenVPN,SQUID and others.

Anyway, my subject is SPAM today...

In several cases, Linux products are table, powerfull,have better performances, free of charge... more and more...

But installing, managing and maintaining these products require some linux knowledge...

People who start Linux do not have necessarily time and knowledge to quickly provide a complete security mail server for their company.

Artica For Postfix is an Open Source product designed to reduce the cost in order to create and manage a full linux server.

Especially the free existing Web consoles for postfix did not provide all the available features in a "sexy way".

It is designed to administrate trough a web console all security plugins available and tested in large environments.

You will find :

milter-greylist

amavis + spamassassin and Clamav + dspam

All products features are switched to interface.

The interface is coded in PHP+AJAX and is designed for multi-administrators and multi-domains.

There are many statistics, graphs and charts helping tuning the mail process.

A quarantine management is designed in order to help administrators and end-users to retrieve their quarantined mails.

Without any others words, i invite you to see screenshots ( http://www.artica.fr/index.php/messaging) and visit the project website :

www.artica.fr

You can download it trough sourceforge too...

Any comments are welcome here...