After upgrading to http 2.0, I always get error 503. Can anyone help me solve the problem?
error.log:
[Mon Jul 19 11:03:26.351473 2021] [mpm_event:notice] [pid 9022:tid 140512076250176] AH00493: SIGUSR1 received. Doing graceful restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
[Mon Jul 19 11:03:26.407467 2021] [mpm_event:notice] [pid 9022:tid 140512076250176] AH00489: Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f configured -- resuming normal operations
[Mon Jul 19 11:03:26.407479 2021] [core:notice] [pid 9022:tid 140512076250176] AH00094: Command line: '/usr/sbin/apache2'
In /etc/apache2/mods-enabled I see http2.conf (if I'm right)
Virtual Host via mod_macro:
<Macro VHost $dir $domain>
<VirtualHost *:443>
Protocols h2 http/1.1
SSLEngine on
SSLCertificateFile /etc/ssl/certs/my.crt
SSLCertificateKeyFile /etc/ssl/private/my.key
AccessFileName .htaccess
DocumentRoot $dir/$domain/httpdocs/
ErrorLog $dir/$domain/error.log
ServerName $domain
ServerAlias www.$domain
<Directory />
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<Directory $dir/$domain>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
</VirtualHost>
</Macro>
Update: domain error.log
[Mon Jul 19 12:47:06.338104 2021] [proxy:error] [pid 18649:tid 140511882213120] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php8.0-fpm.sock (*) failed
[Mon Jul 19 12:47:06.338133 2021] [proxy_fcgi:error] [pid 18649:tid 140511882213120] [client 127.0.0.1:51542] AH01079: failed to make connection to backend: httpd-UDS
[Mon Jul 19 12:47:06.519092 2021] [proxy:error] [pid 18649:tid 140511882213120] (13)Permission denied: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php8.0-fpm.sock (*) failed
[Mon Jul 19 12:47:06.519108 2021] [proxy_fcgi:error] [pid 18649:tid 140511882213120] [client 127.0.0.1:51542] AH01079: failed to make connection to backend: httpd-UDS, referer: https://s2019/
[Mon Jul 19 12:47:12.305094 2021] [ssl:warn] [pid 9022:tid 140512076250176] AH01906: s2019:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Jul 19 12:47:12.305103 2021] [ssl:warn] [pid 9022:tid 140512076250176] AH01909: s2019:443:0 server certificate does NOT include an ID which matches the server name
Thank you for any help!
I hope it will be useful if you encounter the same situation. All I needed to do:
Open /etc/php/<version>/fpm/pool.d and replace values
listen.owner = www-data
listen.group = www-data
with data in /etc/apache2/envvars
export APACHE_RUN_USER=someuser
export APACHE_RUN_GROUP=someuser
And the result will be:
listen.owner = someuser
listen.group = someuser
At the end you need to restart fpm sudo service php<version>-fpm start
By the way, php-fpm version may differ from your php version. For example, entering php -v shows me 7.4. But
<?php phpinfo();
now shows me 8.0. So I had to choose this dir /etc/php/8.0/fpm/pool.d
Related
I have a AWS ec2 server, I'm running 2 websites there on 2 different domains (obviously) using Apache2. One is domain.com, another is docs.domain.com.
I'm running a wordpress website on domain.com. I'm running react/next js app on docs.domain.com using pm2 & yarn.
Vhost for domain.com
<VirtualHost *:443>
ServerName domain.com
DocumentRoot /var/www/html
ServerAlias domain.com
ErrorLog /var/www/error.log
CustomLog /var/www/requests.log combined
SSLEngine on
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com-0001/privkey.pem
</VirtualHost>
<VirtualHost *:80>
ServerName domain.com
DocumentRoot /var/www/html
ServerAlias bangdb.com
ErrorLog /var/www/error.log
CustomLog /var/www/requests.log combined
RewriteCond %{SERVER_NAME} =www.domain.com [OR]
RewriteCond %{SERVER_NAME} =domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Vhost for docs.domain.com
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName docs.domain.com
ProxyRequests Off
ProxyPreserveHost On
ProxyVia Full
ServerSignature Off
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://127.0.0.1:3000/
ProxyPassReverse / http://127.0.0.1:3000/
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com-0001/privkey.pem
</VirtualHost>
</IfModule>
Suddenly on 22 Jan 2023 around 07:39 (time in the logs) my server got shut down, both websites got down, and I was not able to login to my server via ssh also. I had to restart from AWS console to get it working again.
Here is the syslog when it got down
Jan 22 07:09:36 ip-172-30-0-37 systemd[1]: Starting Clean php session files...
Jan 22 07:09:36 ip-172-30-0-37 systemd[1]: Started Clean php session files.
Jan 22 07:17:00 ip-172-30-0-37 snapd[15896]: autorefresh.go:540: Cannot prepare auto-refresh change due to a permanent network error: persistent network error: Post https://api.snapcraft.io/v2/snaps/refresh: dial tcp: lookup api.snapcraft.io: Temporary failure in name resolution
Jan 22 07:17:00 ip-172-30-0-37 snapd[15896]: stateengine.go:149: state ensure error: persistent network error: Post https://api.snapcraft.io/v2/snaps/refresh: dial tcp: lookup api.snapcraft.io: Temporary failure in name resolution
Jan 22 07:17:01 ip-172-30-0-37 CRON[30597]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)
Jan 22 07:20:01 ip-172-30-0-37 CRON[30603]: (smmsp) CMD (test -x /etc/init.d/sendmail && test -x /usr/share/sendmail/sendmail && test -x /usr/lib/sm.bin/sendmail && /usr/share/sendmail/sendmail cron-msp)
Jan 22 07:20:01 ip-172-30-0-37 sm-msp-queue[30622]: My unqualified host name (ip-172-30-0-37) unknown; sleeping for retry
Jan 22 07:21:01 ip-172-30-0-37 sm-msp-queue[30622]: unable to qualify my own domain name (ip-172-30-0-37) -- using short name
Jan 22 07:39:01 ip-172-30-0-37 CRON[30649]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi)
Jan 22 07:39:36 ip-172-30-0-37 systemd[1]: Starting Clean php session files...
Jan 22 07:39:36 ip-172-30-0-37 systemd[1]: Started Clean php session files.
Jan 22 07:39:47 ip-172-30-0-37 systemd[1]: Received SIGINT.
Jan 22 07:39:47 ip-172-30-0-37 systemd[1]: Stopped target Cloud-init target.
Jan 22 07:39:47 ip-172-30-0-37 systemd[1]: Stopping Authorization Manager...
Jan 22 07:39:47 ip-172-30-0-37 systemd[1]: Stopping User Manager for UID 1000...
Jan 22 07:39:47 ip-172-30-0-37 systemd[1]: Stopped target Timers.
Jan 22 07:39:47 ip-172-30-0-37 systemd[18626]: Stopped target Default.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Mounted POSIX Message Queue File System.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Started Set the console keyboard layout.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Mounted Huge Pages File System.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Started Create list of required static device nodes for the current kernel.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Mounted Kernel Debug File System.
Jan 22 07:40:41 ip-172-30-0-37 systemd[1]: Started Remount Root and Kernel File Systems.
Apache logs for the same time
[Sat Jan 21 06:25:02.412725 2023] [ssl:warn] [pid 31096] AH01909: ip-172-30-0-37.ec2.internal:443:0 server certificate does NOT include an ID which matches the server name
[Sat Jan 21 06:25:02.413374 2023] [mpm_prefork:notice] [pid 31096] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Sat Jan 21 06:25:02.413383 2023] [core:notice] [pid 31096] AH00094: Command line: '/usr/sbin/apache2'
[Sat Jan 21 17:07:54.107574 2023] [mpm_prefork:error] [pid 31096] AH00161: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting
[Sun Jan 22 06:25:01.992892 2023] [mpm_prefork:notice] [pid 31096] AH00171: Graceful restart requested, doing restart
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using fe80::8b1:5dff:fe04:4731. Set the 'ServerName' directive globally to suppress this message
[Sun Jan 22 06:25:02.073408 2023] [ssl:warn] [pid 31096] AH01909: fe80::8b1:5dff:fe04:4731:443:0 server certificate does NOT include an ID which matches the server name
[Sun Jan 22 06:25:02.074116 2023] [mpm_prefork:notice] [pid 31096] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1 configured -- resuming normal operations
[Sun Jan 22 06:25:02.074125 2023] [core:notice] [pid 31096] AH00094: Command line: '/usr/sbin/apache2'
[Sun Jan 22 07:39:47.609420 2023] [mpm_prefork:notice] [pid 31096] AH00169: caught SIGTERM, shutting down
I'm not able to figure out whats the issue, it has happened before on 17th Dec 2022, so it's the second time it has happened.
OS Details :- Ubuntu 18.04.6 LTS
I use this configuration below in order to make my application available via SSL.
My question now would be how it is possible to set a timeout at **.
Is there a way of doing it and how would be the syntax?
# force HTTPS
<VirtualHost *:80>
ServerName app.xy.at
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.xy.at
Redirect permanent "/" https://app.xy.at
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# forward ORDS requests to tomcat
<VirtualHost *:443>
ServerName app.xy.at
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/app.xy.at/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/app.xy.at/app.xy.at.key
SSLCertificateChainFile /etc/apache2/ssl/app.xy.at/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
I will set a timeout because I get the following errors:
[Thu Mar 26 00:10:52.731383 2020] [proxy_ajp:error] [pid 16266:tid
139926293157632] [client
xxx.xxx.3.59:60869] AH00893: dialog to 127.0.0.1:9090 (localhost)
failed, referer:
https domain
[Thu Mar 26 00:10:57.802571 2020] [proxy_ajp:error] [pid 16266:tid
139926720988928]
(70014)End of file found: AH01030: ajp_ilink_receive() can't receive
header
[Thu Mar 26 00:10:57.802597 2020] [proxy_ajp:error] [pid 16266:tid
139926720988928] [client
xxx.xxx.3.59:60875] AH00992: ajp_read_header: ajp_ilink_receive
failed, referer:
https domain
[Thu Mar 26 00:10:57.802628 2020] [proxy_ajp:error] [pid 16266:tid
139926720988928]
(120006)APR does not understand this error code: [client
xxxx.xxxx.3.59:60875] AH00878: read
response failed from 127.0.0.1:9090 (localhost), referer: https domain
and I dont know why.
According to the documentation, You can pass different parameters along with the URL, in the format of key value pairs
ProxyPass "protocol://domain.com" key1=value1 key2=value2 ...
for your case,
ProxyPass "ajp://localhost:9090/" connectiontimeout=10 timeout=50
connectiontimeout : Connect timeout in seconds. The number of seconds
Apache httpd waits for the creation of a connection to the backend to
complete. By adding a postfix of ms, the timeout can be also set in
milliseconds.
timeout : Connection timeout in seconds. The number of seconds Apache
httpd waits for data sent by / to the backend.
I am trying to deploy Dancer2 app using Plack on Apache2. But after changing all the configurations on port 80 - it shows me directory listing instead of the application itself
Here is my running application on local:
root#dancer-cmuscheduler:/home/ADI/dancer_scheduler# plackup
bin/app.psgi HTTP::Server::PSGI: Accepting connections at
http://0:5000/
This runs just fine on port 5000.
However, I would like to deploy on apache2. Here is my configruations:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /data
SetEnv DANCER_ENVIRONMENT "production"
<Directory /var/www/cmuscheduler>
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Location />
SetHandler perl-script
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /var/www/cmuscheduler/bin/app.psgi
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
</VirtualHost>
I have been trying to debug for 4 hours now. The funny thing is there is no helpful logs in the log file associated that would nudge me in the right direction
[Thu Jul 14 02:23:14.424149 2016] [mpm_event:notice] [pid 7468:tid
140401436669824] AH00489: Apache/2.4.7 (Ubuntu) configured -- resuming
normal operations [Thu Jul 14 02:23:14.424306 2016] [core:notice] [pid
7468:tid 140401436669824] AH00094: Command line: '/usr/sbin/apache2'
Please advice
Have configured vagrant Ubuntu 14.04 machine with virtual box.
I get the error (in browser)
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
And get the error (/var/log/apache2/error.log):
[Wed Apr 01 20:58:34.609309 2015] [fastcgi:error] [pid 24066:tid 3046103872] (104)Connection reset by peer: [client 192.168.33.1:59777] FastCGI: comm with server "/var/www/html/circulocolaborativo.com.br/php5.fcgi" aborted: read failed
[Wed Apr 01 20:58:34.614694 2015] [fastcgi:error] [pid 24066:tid 3046103872] [client 192.168.33.1:59777] FastCGI: incomplete headers (0 bytes) received from server "/var/www/html/circulocolaborativo.com.br/php5.fcgi"
My virtual host is configured with
<VirtualHost *:80>
Servername circulocolaborativo.local
DocumentRoot /var/www/html/circulocolaborativo.com.br
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# ErrorLog "/home/vagrant/logs/error_log"
<Directory /var/www/html/circulocolaborativo.com.br>
Options FollowSymLinks
DirectoryIndex index.php
Allowoverride all
Require all granted
</Directory>
Alias /php5.fcgi /var/www/html/circulocolaborativo.com.br/php5.fcgi
FastCGIExternalServer /var/www/html/circulocolaborativo.com.br/php5.fcgi -flush -host 127.0.0.1:5200 -idle-timeout 900
AddType application/x-httpd-fastphp5 .php
Action application/x-httpd-fastphp5 /php5.fcgi
<Location /var/www/html/circulocolaborativo.com.br/libraries/Sciere/ws/sptl >
AuthType Digest
AuthName "WebService SPTL"
AuthDigestDomain /libraries/Sciere/ws/sptl/
AuthDigestProvider file
AuthUserFile /var/www/html/.digest_pw_sptl
Require valid-user
</Location>
</VirtualHost>
Could someone help me to solve this issue? I can't figure out what is going on. I'm using php-fpm with fastcgi module.
I have configured tomcat to run on port 80 with apache2 and mod_jk and this work well. If i reboot the system then the site will be the standart site from apache2. If i restart apache2 (/etc/init.d/apache2 restart) the site will come from tomcat. But why first after restart of apache2?
Anyone an idea?
Log after reboot the system (in /var/log/apache2/):
> mod_jk.log <
[Mon Sep 22 16:24:40.296 2014] [2256:3075069696] [info] init_jk::mod_jk.c (3365): mod_jk/1.2.37 initialized
[Mon Sep 22 16:24:40.296 2014] [2256:3075069696] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-manager' in uri map post processing.
[Mon Sep 22 16:24:40.296 2014] [2256:3075069696] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-status' in uri map post processing.
[Mon Sep 22 16:24:40.298 2014] [2257:3075069696] [info] init_jk::mod_jk.c (3365): mod_jk/1.2.37 initialized
[Mon Sep 22 16:24:40.298 2014] [2257:3075069696] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-manager' in uri map post processing.
[Mon Sep 22 16:24:40.298 2014] [2257:3075069696] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-status' in uri map post processing.
> error.log <
[Mon Sep 22 16:24:40 2014] [notice] Apache/2.2.22 (Debian) mod_jk/1.2.37 configured -- resuming normal operations
[Mon Sep 22 16:26:50 2014] [notice] caught SIGTERM, shutting down
Log after restart apache (in /var/log/apache2/):
> mod_jk.log <
[Mon Sep 22 16:29:10.042 2014] [3599:3074443008] [info] init_jk::mod_jk.c (3365): mod_jk/1.2.37 initialized
[Mon Sep 22 16:29:10.042 2014] [3599:3074443008] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-manager' in uri map post processing.
[Mon Sep 22 16:29:10.042 2014] [3599:3074443008] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-status' in uri map post processing.
[Mon Sep 22 16:29:10.052 2014] [3600:3074443008] [info] init_jk::mod_jk.c (3365): mod_jk/1.2.37 initialized
[Mon Sep 22 16:29:10.052 2014] [3600:3074443008] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-manager' in uri map post processing.
[Mon Sep 22 16:29:10.052 2014] [3600:3074443008] [error] extension_fix::jk_uri_worker_map.c (564): Could not find worker with name 'jk-status' in uri map post processing.
> error.log <
[Mon Sep 22 16:29:10 2014] [notice] Apache/2.2.22 (Debian) mod_jk/1.2.37 configured -- resuming normal operations
EDIT 1:
Ok, i have tested this several times and find out that the apache2 / tomcat7 / mod_jk behavior is more crazy xD
I will show you my configurations:
> local: hosts <
192.168.84.129 migor
192.168.84.129 test.migor
> in tomcat server.xml <
<Host name="test.migor" appBase="myapps/test" unpackWARs="true" autoDeploy="true" />
> worker.properties <
workers.tomcat_home=/var/lib/tomcat7
workers.java_home=/usr/lib/jvm/java-7
ps=/
worker.list=ajp13_worker
worker.ajp13_worker.port=8009
worker.ajp13_worker.host=localhost
worker.ajp13_worker.type=ajp13
worker.ajp13_worker.lbfactor=1
> sitea-available/test.migor <
<Virtualhost test.migor>
JkMount /* ajp13_worker
ServerName test.migor
DocumentRoot /var/lib/tomcat7/myapps/test
ErrorLog /var/lib/tomcat7/logs/error.log
CustomLog /var/lib/tomcat7/logs/access.log common
<Directory /var/lib/tomcat7/myapps/test>
Options -Indexes
</Directory>
</Virtualhost>
Now the behavior:
After reboot under url: "test.migor/", "migor/" and my server ip 192.168.84.129 i will get the site from apache2
After restarting apache2 i will get on migor/ and 192.168.84.129 the tomcat page from webapps and on test.migor/ the page from myapps/test. Here the problem, i expected on 192.168.84.129 the page from apache2.
Any an idea?
EDIT 2:
Ok, i have forget to add "NameVirtualHost test.migor" to "sitea-available/test.migor" and my config have completly overwrite default settiong of apache. Now is the behavior ok for me. With url "migor/" i can call default apache site and with url "test.migor/" i can call the tomcat homepage which is in tomcat7/myapps/test.
But this behavior will be activated only after restart of apache2 (if i have rebooted my system before). I will show for the solution and post it here. Maybe in "EDIT 3" xD
The error clearly says that jk-manager and jk-status is not accurately defined in workers.property file.
Please check your workers.properties file and make following changes:
worker.list=jk-manager
worker.jk-manager.type=status
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
Cheers!!