I'm running websites on AWS Lightsail using Ubuntu 16.04.6 with Apache 2.4 AND a Tomcat 8.0.32.
The Apache2 site hosts the bulk of my websites as they use PHP and PostgreSQL. The Tomcat is easy for hosting Geoserver.
I have a DNS and loadbalancer on AWS LightSail. I'm trying to figure out how to make both sights seamless using virtualhost. The apache2 sites come out okay, but the tomcats sites do not. I get this error
You don't have permission to access this resource.
Apache/2.4.18 (Ubuntu) Server at tomcat.some-kind-of-site.org Port 80
I'm trying to follow this instructions, but there are some difference in the setup from what I have:
http://www.creang.com/howtoforge/howto_set_up_tomcat_8_with_apache_2_4_and_mod_jk_on_ubuntu/
I have my SSL info on the default-ssl-conf file
My tomcat8 server.xml contains:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Here's my sites-enabled config file:
<VirtualHost *:80>
ServerAdmin someone#gmail.com
ServerName www.some-kind-of-site.org
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://www.some-kind-of-site.org$1 [R=301,NE,L]
DocumentRoot /var/www/html/main-site/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName manage.some-kind-of-site.org
DocumentRoot /var/www/html/main-mgmt/
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://manage.some-kind-of-site.org$1 [R=301,NE,L]
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
Alias /main-mgmt /var/www/html/main-mgmt
Alias /main-site /var/www/html/main-site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin someone#gmail.com
ServerName tomcat.some-kind-of-site.org
DocumentRoot /var/lib/tomcat8/
Alias /multi-site /var/www/html
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://tomcat.some-kind-of-site.org$1 [R=301,NE,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName geoserver.some-kind-of-site.org
DocumentRoot /var/lib/tomcat8/webapps/geoserver/
Alias /multi-site /var/www/html
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://geoserver.some-kind-of-site.org$1 [R=301,NE,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin someone#gmail.com
ServerName www.some-kind-of-site.org
DocumentRoot /var/www/html/main-site/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin someone#gmail.com
ServerName manage.some-kind-of-site.org
DocumentRoot /var/www/html/main-mgmt/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
Alias /main-mgmt /var/www/html/main-mgmt
Alias /main-site /var/www/html/main-site
ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin someone#gmail.com
ServerName tomcat.some-kind-of-site.org
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
ProxyPreserveHost on
</VirtualHost>
<VirtualHost *:443>
ServerAdmin someone#gmail.com
ServerName geoserver.some-kind-of-site.org
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/webapps/geoserver/
ProxyPassReverse / ajp://localhost:8009/webapps/geoserver/
ProxyPreserveHost on
</VirtualHost>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</IfModule>
Can anyone help me with this?? PLEASE!
I figured it out... had to, no one answered. But it took LOTS of time and LOTS of trial and error.
Don't use the 443 port at all for tomcat proxy...
<VirtualHost *:80>
ServerAdmin someguy#gmail.com
ServerName www.greatexamples.org
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://www.greatexamples.org$1 [R=301,NE,L]
DocumentRoot /var/www/html/mainsite/
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName manage.greatexamples.org
DocumentRoot /var/www/html/management/
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://manage.greatexamples.org$1 [R=301,NE,L]
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
Alias /management /var/www/html/management
Alias /mainsite /var/www/html/mainsite
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin someguy#gmail.com
ServerName tomcat.greatexamples.org
DocumentRoot /opt/tomcat/
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
Order allow,deny
Allow from all
</Location>
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://tomcat.greatexamples.org:8080/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin someguy#gmail.com
ServerName www.greatexamples.org
DocumentRoot /var/www/html/mainsite/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/old_stuff
ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin someguy#gmail.com
ServerName manage.greatexamples.org
DocumentRoot /var/www/html/management/
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
Alias /management /var/www/html/old_stuff
Alias /mainsite /var/www/html/mainsite
ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
</VirtualHost>
</IfModule>
and change the connector in Tomcat's server.xml to:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
proxyName="tomcat.greatexamples.org"
proxyPort="80"
redirectPort="8443" />
Related
i'm currently trying to configure apache2.
I have 3 A records to my server:
domain.io
sub1.domain.io
sub2.domain.io
I have a apache config:
<VirtualHost *:80>
ServerName sub1.domain.io
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName sub1.domain.io
DocumentRoot "/var/www/sub1/public"
AllowEncodedSlashes On
php_value upload_max_filesize 100M
php_value post_max_size 100M
<Directory "/var/www/sub1/public">
Require all granted
AllowOverride all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/sub1.domain.io/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sub1.domain.io/privkey.pem
</VirtualHost>
Now i would expect apache to only show some content for sub1.domain.io, but apache shows content for every domain, alos domain.io and sub2.domain.io. Can somebody pleas help me?
I have two virtual hosts setup on my Ubuntu 20.04 Apache2 webserver.
example2.domain.com.conf
DocumentRoot /var/www/Dev
ServerName example2.domain.com
ServerAlias example2.domain.com
<Directory /var/www/Dev/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
example.domain.com.conf
<VirtualHost *:80>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://example.domain.com/
</VirtualHost>
and finally: example.domain.com-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
/etc/hosts
127.0.0.1 localhost
127.0.0.1 example2
Ok, so when I go to example2.domain.com it shows the example2 url but displays the files from example.domain.com. example.domain.com works just fine.
What gives?
I use apache2 on Ubuntu and acme with letsencrypt in order to secure my website.
I also want to redirect from http://mywebsite.com to https://mywebsite.com but this does not work with the following config:
File name-xy.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
File name-xy-ssl.conf looks like this:
<VirtualHost *:80>
ServerName mywebsite.com
RewriteEngine on
#RewriteCond %{SERVER_NAME} =www.mywebsite.com [OR]
RewriteCond %{HTTPS} =mywebsite.com
RewriteRule (.*) https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
# forward ORDS requests to tomcat
<VirtualHost *:443>
ServerName mywebsite.com
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
With this config I will navigate to the default apache2 homepage, https://mywebpage.com works fine.
What is wrong in this config in order to redirect from http://mywebsite.com to https://mywebsite.com automatically?
To handle this situation, I have my http vhost as follows. I don’t think it requires enabling any new modules either, just add the redirect statement like the last line :)
Since you are using Ubuntu with Apache. LetsEncrypt automatically installs and does the configuration for apache for SSL. If you want to do a manual configuration follow the below.
File name-xy.conf should look like this:
<VirtualHost *:80>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ProxyRequests off
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
#Add the below Lines
RewriteEngine on
RewriteCond %{SERVER_NAME} =mywebsite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]
</VirtualHost>
File name-xy-ssl.conf should look like this:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mywebsite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# SSL certificates settings
#Include /etc/apache2/conf-enabled/options-ssl-apache.conf
SSLCertificateFile /etc/apache2/ssl/mywebsite.com/fullchain.cer
SSLCertificateKeyFile /etc/apache2/ssl/mywebsite.com/mywebsite.com.key
SSLCertificateChainFile /etc/apache2/ssl/mywebsite.com/ca.cer
ProxyRequests on
ProxyPreserveHost On
<Location / >
ProxyPass "ajp://localhost:9090/"
ProxyPassReverse "ajp://localhost:9090/"
</Location>
</VirtualHost>
</IfModule>
Restart your apache server sudo service apache2 restart and clear your browser cache and history to take effect.
I'm stuck on a problem. After enabling SSL in DA for domain and add RewriteRule to htaccess, I have a redirect loop.
Here is my vhost config file:
<VirtualHost 111.222.33.44:80 >
ServerName www.my-shop.net
ServerAlias www.my-shop.net my-shop.net
ServerAdmin webmaster#my-shop.net
DocumentRoot /home/admin/domains/my-shop.net/public_html/application/public
ScriptAlias /cgi-bin/ /home/admin/domains/my-shop.net/public_html/application/public/cgi-bin/
UseCanonicalName OFF
<IfModule !mod_ruid2.c>
SuexecUserGroup admin admin
</IfModule>
CustomLog /var/log/httpd/domains/my-shop.net.bytes bytes
CustomLog /var/log/httpd/domains/my-shop.net.log combined
ErrorLog /var/log/httpd/domains/my-shop.net.error.log
<Directory /home/admin/domains/my-shop.net/public_html/application/public>
php_admin_flag safe_mode OFF
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f admin#my-shop.net'
php_admin_value mail.log /home/admin/.php/php-mail.log
php_admin_value open_basedir /home/admin/:/tmp:/var/tmp:/usr/local/lib/php/
</Directory>
<VirtualHost 111.222.33.44:443 >
SSLEngine on
SSLCertificateFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.cert.combined
SSLCertificateKeyFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.key
SSLCACertificateFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.cacert
ServerName www.my-shop.net
ServerAlias www.my-shop.net my-shop.net
ServerAdmin webmaster#my-shop.net
DocumentRoot /home/admin/domains/my-shop.net/public_html/application/public
ScriptAlias /cgi-bin/ /home/admin/domains/my-shop.net/public_html/cgi-bin/
UseCanonicalName OFF
<IfModule !mod_ruid2.c>
SuexecUserGroup admin admin
</IfModule>
CustomLog /var/log/httpd/domains/my-shop.net.bytes bytes
CustomLog /var/log/httpd/domains/my-shop.net.log combined
ErrorLog /var/log/httpd/domains/my-shop.net.error.log
<Directory /home/admin/domains/my-shop.net/public_html/application/public>
php_admin_flag safe_mode OFF
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f admin#my-shop.net'
php_admin_value mail.log /home/admin/.php/php-mail.log
php_admin_value open_basedir /home/admin/:/tmp:/var/tmp:/usr/local/lib/php/
</Directory>
Custom code:
|*if !SUB|
|?DOCROOT=/home/admin/domains/my-shop.net/public_html/application/public|
|*endif|
What should be fixed in configuration? I feel more confident in the administration of nginx..
I try to make two websites on the same IP. I have understand on my research that it is possible if i use domain and subdomains.
Right now i made this in my default config file for apache2 on ubuntu:
NameVirtualHost prem2.trixia.dk:80
NameVirtualHost srv6.trixia.dk:80
<VirtualHost prem2.trixia.dk:80>
ServerName prem2.trixia.dk
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost srv6.trixia.dk:80>
ServerName srv6.trixia.dk
ServerAdmin webmaster#localhost
DocumentRoot /var/www/host523.trixia.dk
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
What i wonna do is, if you go to the website srv6.trixia.dk, it goes to the folder /var/www/host523.trixia.dk and if its prem2.trixia.dk, its just the default webpage.
Right now if i go to srv6.trixia.dk it goes to /var/www/html.
What have i done wrong?
I assume you use Apache 2.2 or lower, in 2.4 NameVirtualHost i deprecated.
It is recommended that you put an ip-address to NameVirtualHost with an optional port as argument, like this:
NameVirtualHost 123.123.123.123:80
On my server I have written it like this:
NameVirtualHost *:80
That says to Apache that it can have VirtualHosts on all of the servers ip-adresses. So replace your NameVirtualHost <servername>:80 with NameVirtualHost <ip-address>:80or NameVirtualHost *:80
Next I would rewrite your VirtualHost blocks to this:
<VirtualHost *>
ServerName prem2.trixia.dk
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *>
ServerName srv6.trixia.dk
ServerAdmin webmaster#localhost
DocumentRoot /var/www/host523.trixia.dk
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
that is, replace the <VirtuaHost>part of each of them.
I think the error you did was the two NameVirtualHostand that caused Apache to intepret your virtualhosts wrong.
This might be a good page for you to read also: http://httpd.apache.org/docs/2.2/vhosts/name-based.html