One of subdomain VirtualHost cannot access on apache2 - linux

Company purchased a new server device,
currently we need to migrate the old project to the new one,
while we adding virtual host into new apache,
one of the site cannot access, this just happen today.
the following site cannot access,
coltd.domain.mo
I am trying find out why and fix it.
Following status which checked earlier.
The 000-default.conf file:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port t>
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain.mo
DocumentRoot /var/www
</VirtualHost>
...
...
<VirtualHost *:80>
ServerName merch.domain.mo
DocumentRoot /var/www/merch
</VirtualHost>
<VirtualHost *:80>
ServerName coltd.domain.mo
DocumentRoot /var/www/co_ltd
</VirtualHost>
some checking method from google
apache2 -v
---
Server version: Apache/2.4.48 (Ubuntu)
Server built: 2022-06-14T12:33:28
apache2ctl -S
---
VirtualHost configuration:
*:80 is a NameVirtualHost
default server localhost (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost localhost (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost merch.domain.mo (/etc/apache2/sites-enabled/000-default.conf:70)
...
# All other sites working fine
# Only coltd.domain.mo cannot access
...
port 80 namevhost coltd.domain.mo (/etc/apache2/sites-enabled/000-default.conf:74)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33 not_used
Group: name="www-data" id=33 not_used
sudo systemctl status apache2
[sudo] password for webserver:
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2023-01-27 13:11:51 HKT; 36min ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 1095322 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 1095326 (apache2)
Tasks: 11 (limit: 11862)
Memory: 19.1M
CPU: 367ms
CGroup: /system.slice/apache2.service
├─1095326 /usr/sbin/apache2 -k start
├─1095327 /usr/sbin/apache2 -k start
├─1095328 /usr/sbin/apache2 -k start
├─1095329 /usr/sbin/apache2 -k start
├─1095330 /usr/sbin/apache2 -k start
├─1095331 /usr/sbin/apache2 -k start
├─1095400 /usr/sbin/apache2 -k start
├─1095406 /usr/sbin/apache2 -k start
├─1095407 /usr/sbin/apache2 -k start
├─1095408 /usr/sbin/apache2 -k start
└─1095409 /usr/sbin/apache2 -k start
Jan 27 13:11:50 webserver-27 systemd[1]: Starting The Apache HTTP Server...
Jan 27 13:11:51 webserver-27 systemd[1]: Started The Apache HTTP Server.
The *.domain.mo/coltd/ can be access, but not coltd.domain.mo,
Tried create new coltd.domain.mo.conf and test a2dissite 000-default.conf is working,
(assume nothing wrong with apache2)
Checked sudo apache2ctl configtest result syntax OK,
restarted sudo systemctl reload apache2 and restart apache2,
Hopefully found the reason,
we know should be separate all subdomain files, but we plan to do that on next step.
sadly currently small project still adding in 000-default.conf.
Thanks all kinds help.

Related

redirect Apache Server document root to SpringBoot app

I have modified the file:
/etc/apache2/sites-available/elcor.com.conf
adding:
<VirtualHost *:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin webmaster#elcor.com
ServerName elcor.com
ServerAlias www.elcor.com
ProxyPass / http://localhost:8080/home.html
ProxyPassReverse / http://localhost:8080/html
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /var/www/html/elcor.com/public_html
# Log file locations
LogLevel warn
ErrorLog /var/www/html/elcor.com/log/error.log
CustomLog /var/www/html/elcor.com/log/access.log combined
</VirtualHost>
in order to access a SpringBoot app I have in the same server, but when I acees the site, this is what I see:
When I start Apache I have this error:
-- The job identifier is 483.
Dec 01 14:16:08 localhost apachectl[1099]: AH00526: Syntax error on line 9 of /etc/apache2/sites-enabled/elcor.com.conf:
Dec 01 14:16:08 localhost apachectl[1099]: Invalid command 'ProxyPass', perhaps misspelled or defined by a module not included in the server configuration
Dec 01 14:16:08 localhost apachectl[1086]: Action 'start' failed.
Dec 01 14:16:08 localhost apachectl[1086]: The Apache error log may have more information.
Dec 01 14:16:08 localhost systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
could it be the case you did not enable mod_proxy on your system?
you can do that via "a2enmod proxy_http" on your ubuntu system

Apache webserver for MaxRequestWorkers

I am using Apache web server and I am testing my application using Apache benchmark (a tool to hit the http request concurrently), When I use till 300 concurrent requests it is succeeding but when It crosses 300. few requests are failing with SSL handshake failed (5). I understand that Apache web server has 256 request limitation, So I increased the MaxRequestWorkers to 1000 still I get the SSL handshake failure error for few request.
Could someone please check this configuration and let me know the issue in my environment.
Configuration of Apache server:
1) httpd version,
# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Oct 19 2017 20:39:16
2) I checked the status using the following command,
# systemctl status httpd -l
httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2018-03-07 23:46:32 IST; 1min 55s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 4351 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Main PID: 4359 (httpd)
Status: "Total requests: 264; Current requests/sec: 0.1; Current traffic: 204 B/sec"
CGroup: /system.slice/httpd.service
├─4359 /usr/sbin/httpd -DFOREGROUND
├─4360 /usr/sbin/httpd -DFOREGROUND
├─4362 /usr/sbin/httpd -DFOREGROUND
├─5100 /usr/sbin/httpd -DFOREGROUND
├─5386 /usr/sbin/httpd -DFOREGROUND
├─5415 /usr/sbin/httpd -DFOREGROUND
└─5416 /usr/sbin/httpd -DFOREGROUND
3) Since the httpd is pointing to the path : /usr/lib/systemd/system/httpd.service
vi /usr/lib/systemd/system/httpd.service
[Unit]
Description=The Apache HTTP Server
After=network.target remote-fs.target nss-lookup.target
Documentation=man:httpd(8)
Documentation=man:apachectl(8)
[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
ExecStop=/bin/kill -WINCH ${MAINPID}
# We want systemd to give httpd some time to finish gracefully, but still want
# it to kill httpd after TimeoutStopSec if something went wrong during the
# graceful stop. Normally, Systemd sends SIGTERM signal right after the
# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
# httpd time to finish.
KillSignal=SIGCONT
PrivateTmp=true
[Install]
WantedBy=multi-user.target
4) As per the above command I found the env file is available '/etc/sysconfig/httpd'
vi /etc/sysconfig/httpd
#
# This file can be used to set additional environment variables for
# the httpd process, or pass additional options to the httpd
# executable.
#
# Note: With previous versions of httpd, the MPM could be changed by
# editing an "HTTPD" variable here. With the current version, that
# variable is now ignored. The MPM is a loadable module, and the
# choice of MPM can be changed by editing the configuration file
/etc/httpd/conf.modules.d/00-mpm.conf
#
#
# To pass additional options (for instance, -D definitions) to the
# httpd binary at startup, set OPTIONS here.
#
#OPTIONS=
#
# This setting ensures the httpd process is started in the "C" locale
# by default. (Some modules will not behave correctly if
# case-sensitive string comparisons are performed in a different
# locale.)
#
LANG=C
5) As per the above command, I found that the conf fileis available in the path : /etc/httpd/conf.modules.d/00-mpm.conf
vi /etc/httpd/conf.modules.d/00-mpm.conf
# Select the MPM module which should be used by uncommenting exactly
# one of the following LoadModule lines:
# prefork MPM: Implements a non-threaded, pre-forking web server
# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
# worker MPM: Multi-Processing Module implementing a hybrid
# multi-threaded multi-process web server
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
#
LoadModule mpm_worker_module modules/mod_mpm_worker.so
# event MPM: A variant of the worker MPM with the goal of consuming
# threads only for connections with active processing
# See: http://httpd.apache.org/docs/2.4/mod/event.html
#
#LoadModule mpm_event_module modules/mod_mpm_event.so
<IfModule mpm_worker_module>
ServerLimit 1000
MaxRequestWorkers 1000
</IfModule>
What is wrong with my Apache configuration? Why it is not serving 1000 concurrent request? How to achieve more concurrent request in Apache web server?

Configure Apache web server to perform SSL authentication

I'm trying to perform SSL authentication in apache web server, using XAMPP in Linux. After I configure httpd.conf like this, Apache server is failing to start. Can some one help me to fix this ? What is wrong with my configuration ?
Alias /bitnami/ "/opt/lampp/apache2/htdocs/"
Alias /bitnami "/opt/lampp/apache2/htdocs"
<Directory "/opt/lampp/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Listen 443
<VirtualHost 127.0.0.1:443>
DocumentRoot "/opt/lampp/htdocs"
ServerName localhost.localdomain
SSLEngine on
SSLCertificateFile "/home/lahiru/Desktop/ucsc/security/ssl/server.cer"
SSLCertificateKeyFile "/home/lahiru/Desktop/ucsc/security/ssl/server.key"
SSLVerifyClient require
SSLVerifyDepth 10
SSLCACertificateFile "/home/lahiru/Desktop/ucsc/security/ssl/ca.cer"
</VirtualHost>
And the Apache error log says,
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
[Sun Jun 21 07:42:47.000754 2015] [ssl:warn] [pid 1863] AH01909: localhost.localdomain:443:0 server certificate does NOT include an ID which matches the server name
[Sun Jun 21 07:42:47.001082 2015] [ssl:warn] [pid 1863] AH01906: www.example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun Jun 21 07:42:47.001101 2015] [ssl:warn] [pid 1863] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Sun Jun 21 07:42:47.001183 2015] [suexec:notice] [pid 1863] AH01232: suEXEC mechanism enabled (wrapper: /opt/lampp/bin/suexec)
Bitnami developer here,
In XAMPP the SSL configuration is located at /opt/lampp/etc/extras/httpd-ssl.conf file, where there is a default VirtualHost already configured in port 443, and you are trying to bind again the same port.
Please, try to modify this file instead. You can check if there is any other process using port 443 running command sudo netstat -vnpa | grep 443
What do you mean with "Apache server is failing to start"? Using the /opt/lampp/ctlscript.sh script to restart Apache server didn't produce any error message on my side but the error_log told me the same that you mentioned.
Regards,
Gonzalo

Unable to restart apache on centos

I have a centos VM and httpd -v gives me following output
Server version: Apache/2.2.15 (Unix)
Server built: Oct 16 2014 14:48:21
I shut down the server by using command:
sudo /etc/init.d/httpd stop
Now when I try to start the server, I get following error:
Starting httpd: httpd: apr_sockaddr_info_get() failed for bslm-022.corp.day.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
no listening sockets available, shutting down
Unable to open logs
[FAILED]
What I have read online here is that I should add ServerName localhost in /etc/apache2/httpd.conf file. But there is no directory named /etc/apache2 on my VM.
The content of /etc/hosts file are:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
The result of $hostname command is:
bslm-022.corp.day.com
I want the apache server to run on localhost for me.
Make sure in your httpd.conf has "Listen 80" or in any of your conf files in /etc/httpd/conf.d/*
If it does then look at netstat to see what's listening
netstat -tunlp

wsgi startup - why two identical processes?

I have the following config:
virtualhost:
<VirtualHost *:80>
ServerAdmin rok#localhost
ServerName lh.test.com
WSGIScriptAlias / /home/user/myapp/src/wsgi.py application-group='%{GLOBAL}' process-group='%{GLOBAL}'
WSGIDaemonProcess lh.test.com processes=1 threads=1 display-name=%{GROUP}
<Directory /home/user/myapp/src>
<Files wsgi.py>
Order deny,allow
Require all granted
</Files>
Options All
AllowOverride All
Require all granted
</Directory>
Alias /static /home/user/myapp/src/static
ErrorLog /var/log/apache2/lh.test.com-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
CustomLog /var/log/apache2/lh.test.com-access.log combined
</VirtualHost>
wsgi.py:
from __future__ import unicode_literals
import os, signal, sys
sys.path.append('/home/user/apps/django-trunk')
sys.path.insert(0, '/home/user/myapp/src')
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "test.settings")
print 'starting up wsgi application...'
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
When I start apache, it always starts two identical wsgi processes for some reason:
apache log:
Mon Jan 06 21:17:02.895219 2014] [mpm_event:notice] [pid 27628:tid 140594224048000] AH00489: Apache/2.4.6 (Ubuntu) mod_wsgi/3.4 Python/2.7.5+ configured -- resuming normal operations
[Mon Jan 06 21:17:02.895287 2014] [core:notice] [pid 27628:tid 140594224048000] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jan 06 21:17:02.905771 2014] [:error] [pid 27632:tid 140594224048000] starting up wsgi application...
[Mon Jan 06 21:17:02.909542 2014] [:error] [pid 27633:tid 140594224048000] starting up wsgi application...
and ps aux:
root 27628 0.0 0.0 84196 3100 ? Ss 21:17 0:00 /usr/sbin/apache2 -k start
www-data 27632 0.1 0.3 470984 24648 ? Sl 21:17 0:00 /usr/sbin/apache2 -k start
www-data 27633 0.1 0.3 470984 24648 ? Sl 21:17 0:00 /usr/sbin/apache2 -k start
any idea why that is so?
You have the WSGIScriptAlias directive wrong:
WSGIScriptAlias / /home/user/myapp/src/wsgi.py application-group='%{GLOBAL}' process-group='%{GLOBAL}'
It should be:
WSGIScriptAlias / /home/user/myapp/src/wsgi.py application-group='%{GLOBAL}' process-group='lh.test.com'
The result is that your application isn't running in daemon mode but embedded mode, and so is running in the Apache child worker processes. As such how many processes you see is going to be up to the Apache MPM settings.
Change that directive and also set:
WSGIRestrictEmebedded On
This will turn off the ability for stuff to run in the Apache child worker process and cause an error if you stuff up your configuration and don't delegate an application to run in the daemon process group properly.
Also go read:
http://blog.dscpl.com.au/2012/10/why-are-you-using-embedded-mode-of.html

Resources