DIrectadmin after enable SSL too many redirects - loops

I'm stuck on a problem. After enabling SSL in DA for domain and add RewriteRule to htaccess, I have a redirect loop.
Here is my vhost config file:
<VirtualHost 111.222.33.44:80 >
ServerName www.my-shop.net
ServerAlias www.my-shop.net my-shop.net
ServerAdmin webmaster#my-shop.net
DocumentRoot /home/admin/domains/my-shop.net/public_html/application/public
ScriptAlias /cgi-bin/ /home/admin/domains/my-shop.net/public_html/application/public/cgi-bin/
UseCanonicalName OFF
<IfModule !mod_ruid2.c>
SuexecUserGroup admin admin
</IfModule>
CustomLog /var/log/httpd/domains/my-shop.net.bytes bytes
CustomLog /var/log/httpd/domains/my-shop.net.log combined
ErrorLog /var/log/httpd/domains/my-shop.net.error.log
<Directory /home/admin/domains/my-shop.net/public_html/application/public>
php_admin_flag safe_mode OFF
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f admin#my-shop.net'
php_admin_value mail.log /home/admin/.php/php-mail.log
php_admin_value open_basedir /home/admin/:/tmp:/var/tmp:/usr/local/lib/php/
</Directory>
<VirtualHost 111.222.33.44:443 >
SSLEngine on
SSLCertificateFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.cert.combined
SSLCertificateKeyFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.key
SSLCACertificateFile /usr/local/directadmin/data/users/admin/domains/my-shop.net.cacert
ServerName www.my-shop.net
ServerAlias www.my-shop.net my-shop.net
ServerAdmin webmaster#my-shop.net
DocumentRoot /home/admin/domains/my-shop.net/public_html/application/public
ScriptAlias /cgi-bin/ /home/admin/domains/my-shop.net/public_html/cgi-bin/
UseCanonicalName OFF
<IfModule !mod_ruid2.c>
SuexecUserGroup admin admin
</IfModule>
CustomLog /var/log/httpd/domains/my-shop.net.bytes bytes
CustomLog /var/log/httpd/domains/my-shop.net.log combined
ErrorLog /var/log/httpd/domains/my-shop.net.error.log
<Directory /home/admin/domains/my-shop.net/public_html/application/public>
php_admin_flag safe_mode OFF
php_admin_flag engine ON
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f admin#my-shop.net'
php_admin_value mail.log /home/admin/.php/php-mail.log
php_admin_value open_basedir /home/admin/:/tmp:/var/tmp:/usr/local/lib/php/
</Directory>
Custom code:
|*if !SUB|
|?DOCROOT=/home/admin/domains/my-shop.net/public_html/application/public|
|*endif|
What should be fixed in configuration? I feel more confident in the administration of nginx..

Related

Weard apache subdomains

i'm currently trying to configure apache2.
I have 3 A records to my server:
domain.io
sub1.domain.io
sub2.domain.io
I have a apache config:
<VirtualHost *:80>
ServerName sub1.domain.io
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<VirtualHost *:443>
ServerName sub1.domain.io
DocumentRoot "/var/www/sub1/public"
AllowEncodedSlashes On
php_value upload_max_filesize 100M
php_value post_max_size 100M
<Directory "/var/www/sub1/public">
Require all granted
AllowOverride all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/sub1.domain.io/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/sub1.domain.io/privkey.pem
</VirtualHost>
Now i would expect apache to only show some content for sub1.domain.io, but apache shows content for every domain, alos domain.io and sub2.domain.io. Can somebody pleas help me?

Why are my two apache2 virtualhosts pointing to the same directory?

I have two virtual hosts setup on my Ubuntu 20.04 Apache2 webserver.
example2.domain.com.conf
DocumentRoot /var/www/Dev
ServerName example2.domain.com
ServerAlias example2.domain.com
<Directory /var/www/Dev/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
example.domain.com.conf
<VirtualHost *:80>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect permanent / https://example.domain.com/
</VirtualHost>
and finally: example.domain.com-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot /var/www/example
ServerName example.domain.com
ServerAlias example.domain.com
<Directory /var/www/example/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/example.domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
/etc/hosts
127.0.0.1 localhost
127.0.0.1 example2
Ok, so when I go to example2.domain.com it shows the example2 url but displays the files from example.domain.com. example.domain.com works just fine.
What gives?

Using Apache2 AND Tomcat8 on AWS Lightsail with Loadbalancer / OpenSSL

I'm running websites on AWS Lightsail using Ubuntu 16.04.6 with Apache 2.4 AND a Tomcat 8.0.32.
The Apache2 site hosts the bulk of my websites as they use PHP and PostgreSQL. The Tomcat is easy for hosting Geoserver.
I have a DNS and loadbalancer on AWS LightSail. I'm trying to figure out how to make both sights seamless using virtualhost. The apache2 sites come out okay, but the tomcats sites do not. I get this error
You don't have permission to access this resource.
Apache/2.4.18 (Ubuntu) Server at tomcat.some-kind-of-site.org Port 80
I'm trying to follow this instructions, but there are some difference in the setup from what I have:
http://www.creang.com/howtoforge/howto_set_up_tomcat_8_with_apache_2_4_and_mod_jk_on_ubuntu/
I have my SSL info on the default-ssl-conf file
My tomcat8 server.xml contains:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
Here's my sites-enabled config file:
<VirtualHost *:80>
ServerAdmin someone#gmail.com
ServerName www.some-kind-of-site.org
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://www.some-kind-of-site.org$1 [R=301,NE,L]
DocumentRoot /var/www/html/main-site/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName manage.some-kind-of-site.org
DocumentRoot /var/www/html/main-mgmt/
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://manage.some-kind-of-site.org$1 [R=301,NE,L]
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
Alias /main-mgmt /var/www/html/main-mgmt
Alias /main-site /var/www/html/main-site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin someone#gmail.com
ServerName tomcat.some-kind-of-site.org
DocumentRoot /var/lib/tomcat8/
Alias /multi-site /var/www/html
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://tomcat.some-kind-of-site.org$1 [R=301,NE,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName geoserver.some-kind-of-site.org
DocumentRoot /var/lib/tomcat8/webapps/geoserver/
Alias /multi-site /var/www/html
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://geoserver.some-kind-of-site.org$1 [R=301,NE,L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin someone#gmail.com
ServerName www.some-kind-of-site.org
DocumentRoot /var/www/html/main-site/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin someone#gmail.com
ServerName manage.some-kind-of-site.org
DocumentRoot /var/www/html/main-mgmt/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/file-folder
Alias /main-mgmt /var/www/html/main-mgmt
Alias /main-site /var/www/html/main-site
ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerAdmin someone#gmail.com
ServerName tomcat.some-kind-of-site.org
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
ProxyPreserveHost on
</VirtualHost>
<VirtualHost *:443>
ServerAdmin someone#gmail.com
ServerName geoserver.some-kind-of-site.org
<Proxy *>
AddDefaultCharset Off
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://localhost:8009/webapps/geoserver/
ProxyPassReverse / ajp://localhost:8009/webapps/geoserver/
ProxyPreserveHost on
</VirtualHost>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</IfModule>
Can anyone help me with this?? PLEASE!

I figured it out... had to, no one answered. But it took LOTS of time and LOTS of trial and error.
Don't use the 443 port at all for tomcat proxy...
<VirtualHost *:80>
ServerAdmin someguy#gmail.com
ServerName www.greatexamples.org
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://www.greatexamples.org$1 [R=301,NE,L]
DocumentRoot /var/www/html/mainsite/
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName manage.greatexamples.org
DocumentRoot /var/www/html/management/
RewriteEngine On
RewriteCond %{HTTP:X-FORWARDED-PORT} !=443
RewriteRule ^(.*)$ https://manage.greatexamples.org$1 [R=301,NE,L]
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
Alias /management /var/www/html/management
Alias /mainsite /var/www/html/mainsite
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin someguy#gmail.com
ServerName tomcat.greatexamples.org
DocumentRoot /opt/tomcat/
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
Order allow,deny
Allow from all
</Location>
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://tomcat.greatexamples.org:8080/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin someguy#gmail.com
ServerName www.greatexamples.org
DocumentRoot /var/www/html/mainsite/
Alias /multi-site /var/www/html/multi-site
Alias /file-folder /var/www/html/old_stuff
ErrorLog ${APACHE_LOG_DIR}/main-site_error.log
CustomLog ${APACHE_LOG_DIR}/main-site_access.log combined
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin someguy#gmail.com
ServerName manage.greatexamples.org
DocumentRoot /var/www/html/management/
Alias /multi-site /var/www/html/multi-site
Alias /old_stuff /var/www/html/old_stuff
Alias /management /var/www/html/old_stuff
Alias /mainsite /var/www/html/mainsite
ErrorLog ${APACHE_LOG_DIR}/main-mgmt_error.log
CustomLog ${APACHE_LOG_DIR}/main-mgmt_access.log combined
</VirtualHost>
</IfModule>
and change the connector in Tomcat's server.xml to:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
proxyName="tomcat.greatexamples.org"
proxyPort="80"
redirectPort="8443" />

Apache2: 2 virtual hosts (domain & subdomain) / 1 IP - not working

I have this conf-file set-up:
Listen 80
<VirtualHost 0.0.0.0:80>
ServerAdmin webmaster#localhost
ServerName test.example.com
WSGIScriptAlias / /var/django/test/test/wsgi.py
#WSGIPythonPath /var/django/test
<Directory /var/django/test/test>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost 0.0.0.0:80>
ServerAdmin webmaster#localhost
ServerName www.example.com
ServerAlias *.example.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Whenever I open www.example.com, test.example.com or example.com I always receive the standard apache website.
If I delete the second VirtualHost I get an access denied (since the permissions for the wsgi-file are note properly set).
But why can't I run 2 (or more) different VirtualHost of differnt subdomains?
Thanks!
Kev
PS.: I try to run a Django-Site on the subdomain test.example.com

I found the error.
In the second there was a "." instead of a "80".

How do I set up LAMP without the forbidden message when viewing my site?

I use a Linux Mint 16 + newest LAMP + Laravel.
I'm getting this error when I try viewing my website either via "localhost" or "127.0.0.1".
Forbidden
You don't have permission to access / on this server.
------------------------------------------------------
Apache/2.4.6 (Ubuntu) Server at 127.0.0.1 Port 80
My setting are as follows:
on /etc/hostname
NameServer ynwlocalwebserver
on /etc/hosts
127.0.0.1 localhost
127.0.1.1 ynwlocalwebserver
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
I only have one site-enable named "ynwlocalwebserver.conf" it's current contents for the meantime are:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName localhost
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
The folder ynw in "/home/ynwmint/ynw/public" is the Laravel project.
I put the chmod of the public folder to 777 (for the meantime) and chown it under www-data:www-data
What am I doing wrong, or what else do I need to check?
Thanks.

Apache 2.4 has some minor changes with regards to config.
This:
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Should be changed to this:
<VirtualHost *:80>
ServerName ynwlocalwebserver
DocumentRoot /home/ynwmint/ynw/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/ynwmint/ynw/public>
Options +Indexes +FollowSymlinks + MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Also for added security you may want to this directory rule:
<Directory />
Options FollowSymlinks
AllowOverride None
</Directory>
Source: http://httpd.apache.org/docs/2.4/upgrading.html

Resources