Having this API (prova.py) running in local:
app = Flask(__name__)
api = Api(app, version='1', title='title1', description='decription1')
ExtractDataParser = reqparse.RequestParser()
ExtractDataParser.add_argument('preprocessing', help='Enable image preprocessing', type=inputs.boolean)
ExtractDataParser.add_argument('onlyTopResults', help='Top results only', type=inputs.boolean)
ExtractDataParser.add_argument('image', help='image (jpg, jpeg, png, tiff, pbm, webp)', location='files', type=FileStorage)
ns = api.namespace('v1',
description='description2')
#ns.route('/Extract')
class DataExtractor(Resource):
#api.doc(parser=ExtractDataParser)
def post(self):
try:
return "Im working", 200
except Exception as ex:
return str(ex), 500
if __name__ == '__main__':
#just in local
app.run(debug=True, port=70)
#for deployment
#app.run()
When I run from terminal curl -X GET "http://127.0.0.1:70/" I get the generated swagger HTML code. But, when I deploy it using WSGI, it always timeouts with the following output:
[Thu Jun 30 13:21:46.971820 2022] [wsgi:error] [pid 70987:tid 139869931951872] Improvements in the case of bugs are welcome, but is not on the NumPy roadmap, and full support may require significant effort to achieve.
[Thu Jun 30 13:21:46.971824 2022] [wsgi:error] [pid 70987:tid 139869931951872] from .cv2 import *
[Thu Jun 30 13:22:46.014752 2022] [wsgi:error] [pid 70990:tid 139869940868864] [client 127.0.0.1:44438] mod_wsgi (pid=70990): Request data write error when proxying data to daemon process: The timeout specified has expired.
[Thu Jun 30 13:23:46.067793 2022] [wsgi:error] [pid 70990:tid 139869940868864] [client 127.0.0.1:44438] mod_wsgi (pid=70990): Request data write error when proxying data to daemon process: The timeout specified has expired.
[Thu Jun 30 13:24:46.112848 2022] [wsgi:error] [pid 70990:tid 139869940868864] [client 127.0.0.1:44438] Timeout when reading response headers from daemon process 'myapp': /var/www/Ebisu/Standalone/app.wsgi
This is my app.wsgi
from prova import app as application
And this is my app.conf
Define PROJECT_PATH /var/www/Ebisu/Standalone/
Listen 5000
<virtualhost *:5000>
# # wsgi settings
WSGIDaemonProcess myapp python-path=${PROJECT_PATH}:/var/www/Ebisu/Standalone/invoicenet3.8/lib/python3.8/site-packages
WSGIProcessGroup myapp
WSGIScriptAlias / ${PROJECT_PATH}/app.wsgi
# # map server side static directory to {ip or domain_name}/static
Alias /static ${PROJECT_PATH}/static
#
# # allow all requests to access this project file
<Directory ${PROJECT_PATH}/app.wsgi/>
Require all granted
</Directory>
#
# set log saved path
ErrorLog /var/www/Ebisu/log/error.log
CustomLog /var/www/Ebisu/log/access.log combined
</virtualhost>
What am I missing?
Related
I have an application running on httpd server under Centos 8. The Apache server requires user to show vaild certificate and than the ssl variables like DN, CN and SERIAL are passed to the Flask application (than the access verification is run).
The app when not vaild cert is given e.g. user's cert is not in database, should show error page under url "/site/public/failed" with proper info.
Problem is that only my cert is passed by Apache and than page loads correctly (My cert is in db), but when my collages (same company, same CA) try to reach it they are flashed with ERR_BAD_SSL_CLIENT_AUTH_CERT and blank page. I assume that even if they will be in db, the Apache wouldn't let them to access app on it.
When I check the logs after them try to connect, it looks different than when I am connecting. One thing that I have spotted is their cert is checked only with depth 0 when my goes to depth 2.
config:
Listen ip:443
##SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
##SSLCipherSuite PROFILE=SYSTEM
##SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
##SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.3
SSLHonorCipherOrder on
SSLCompression off
WSGIPythonHome /home/path/to/venv
WSGIRestrictStdin Off
WSGIRestrictStdout Off
<VirtualHost ip:443>
ServerName app.com
ErrorLog /etc/httpd/logs/sshproxy-secure.error_log
CustomLog /etc/httpd/logs/sshproxy-secure.access_log ssl_combined
SSLEngine on
SSLCertificateFile /home/path/to/crt.crt
SSLCertificateKeyFile /home/path/to/some_key.key
SSLCACertificateFile /etc/pki/tls/main_ca.crt
SSLCACertificateFile /path/to/more/ca.crt
WSGIDaemonProcess sshproxy threads=20 processes=2 python-path=/home/path/to/venv/lib/python3.10/site-packages
#user=user1 group=group1 threads=5
#WSGIPythonPath /opt/sshproxy/lib/python2.7/site-packages
WSGIScriptAlias / /home/path/to/wsgi-script/sshproxy-webserver-wsgi.py
WSGIScriptReloading On
<Directory /home/path/to/app>
WSGIProcessGroup sshproxy
WSGIApplicationGroup %{GLOBAL}
Require all granted
</Directory>
#<Location />
# SSLRequireSSL
#Require ip 126.16.13.20 126.16.18.
#</Location>
SSLVerifyClient optional
SSLVerifyDepth 5
SSLOptions +StdEnvVars
</VirtualHost>
Error logs when I connect (I deleted some sensitive data, but I believe its not important part of logs):
[Mon Aug 29 08:36:54.406586 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(2330): [client 126.189.244.168:60496] AH02043: SSL virtual host for servername app.com found
[Mon Aug 29 08:36:54.406615 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(2330): [client 126.189.244.168:60496] AH02043: SSL virtual host for servername app.com found
[Mon Aug 29 08:36:54.406629 2022] [core:debug] [pid 17586:tid 140176105887488] protocol.c(2314): [client 126.189.244.168:60496] AH03155: select protocol from , choices=h2,http/1.1 for server app.com
[Mon Aug 29 08:36:59.631867 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(1751): [client 126.189.244.168:60496] AH02275: Certificate Verification, depth 2, CRL checking mode: none (0) [subject:
[Mon Aug 29 08:36:59.632161 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(1751): [client 126.189.244.168:60496] AH02275: Certificate Verification, depth 1, CRL checking mode: none (0) [subject:
[Mon Aug 29 08:36:59.632380 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(1751): [client 126.189.244.168:60496] AH02275: Certificate Verification, depth 0, CRL checking mode: none (0) [subject:
[Mon Aug 29 08:36:59.632679 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(2246): [client 126.189.244.168:60496] AH02041: Protocol: TLSv1.3, Cipher: TLS_AES_128_GCM_SHA256 (128/128 bits)
[Mon Aug 29 08:36:59.633566 2022] [ssl:debug] [pid 17586:tid 140176105887488] ssl_engine_kernel.c(383): [client 126.189.244.168:60496] AH02034: Initial (No.1) HTTPS request received for child 204 (server domain:443)
[Mon Aug 29 08:36:59.633893 2022] [authz_core:debug] [pid 17586:tid 140176105887488] mod_authz_core.c(820): [client 126.189.244.168:60496] AH01626: authorization result of Require all granted: granted
[Mon Aug 29 08:36:59.633925 2022] [authz_core:debug] [pid 17586:tid 140176105887488] mod_authz_core.c(820): [client 126.189.244.168:60496] AH01626: authorization result of <RequireAny>: granted
Error logs when they connect:
[Tue Aug 30 11:01:41.293387 2022] [ssl:debug] [pid 24609:tid 140421665646336] ssl_engine_kernel.c(2330): [client 126.189.44.235:57122] AH02043: SSL virtual host for app.com
[Tue Aug 30 11:01:41.293496 2022] [ssl:debug] [pid 24609:tid 140421665646336] ssl_engine_kernel.c(2330): [client 126.189.44.235:57122] AH02043: SSL virtual host for app.com
[Tue Aug 30 11:01:41.293519 2022] [core:debug] [pid 24609:tid 140421665646336] protocol.c(2314): [client 126.189.44.235:57122] AH03155: select protocol from , choices=h2,http/1.1 for server
[Tue Aug 30 11:01:41.476727 2022] [ssl:debug] [pid 24609:tid 140421665646336] ssl_engine_kernel.c(1751): [client 126.189.44.235:57122] AH02275: Certificate Verification, depth 0, CRL checking m
[Tue Aug 30 11:01:41.476860 2022] [ssl:info] [pid 24609:tid 140421665646336] [client 126.189.44.235:57122] AH02276: Certificate Verification: Error (66): EE certificate key too weak [subject: e
[Tue Aug 30 11:01:41.476988 2022] [ssl:info] [pid 24609:tid 140421665646336] [client 126.189.44.235:57122] AH02008: SSL library error 1 in handshake (server domain:443)
[Tue Aug 30 11:01:41.477100 2022] [ssl:info] [pid 24609:tid 140421665646336] SSL Library Error: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
[Tue Aug 30 11:01:41.477120 2022] [ssl:info] [pid 24609:tid 140421665646336] [client 126.189.44.235:57122] AH01998: Connection closed to child 194 with abortive shutdown (server napupp19.corpne
[Tue Aug 30 11:01:44.545107 2022] [ssl:info] [pid 24609:tid 140421573326592] [client 126.189.44.235:57125] AH01964: Connection to child 205 established (server domain:443)
[Tue Aug 30 11:01:44.545572 2022] [socache_shmcb:debug] [pid 24609:tid 140421573326592] mod_socache_shmcb.c(532): AH00835: socache_shmcb_retrieve (0xea -> subcache 10)
[Tue Aug 30 11:01:44.545621 2022] [socache_shmcb:debug] [pid 24609:tid 140421573326592] mod_socache_shmcb.c(917): AH00851: shmcb_subcache_retrieve found no match
[Tue Aug 30 11:01:44.545634 2022] [socache_shmcb:debug] [pid 24609:tid 140421573326592] mod_socache_shmcb.c(542): AH00836: leaving socache_shmcb_retrieve successfully
I don't know what's the reason why their cert is checked starting at depth 0, while mine is from depth 2?
Changing cipher string = default#seclevel=2 to cipher string = default#seclevel=1 in openssl.cnf file has resolved problem. Nonetheless I don't know why my cert was passed while others didn't. We all have standardized token with cert, so they all should have similar sec level.
We are using a webserver with ElasticBeanstalk from 2019.,
the platform is
tomcat 8.5 with java8 running on 64 bit Amazon Linux. httpd as proxy
recently (from Jan 30th) we started getting Service Unavailable issues if go to the endpoint from time to time. and if we refresh 2-3 times it will get resolved on its own.
then I download full logs. under elasticbeanstalk-error_log I can see
[Mon Feb 28 10:00:58.338035 2022] [proxy:error] [pid 14882:tid 139757313533696] (13)Permission denied: AH02454: HTTP: attempt to connect to Unix domain socket /var/run/httpd/ (localhost) failed
[Mon Feb 28 10:00:58.338078 2022] [proxy_http:error] [pid 14882:tid 139757313533696] [client <private-ip-here>:12566] AH01114: HTTP: failed to make connection to backend: httpd-UDS, referer: http://<custom-end-point>/1/<name.jsp>?s=sec$$4P!&refresh=300
[Mon Feb 28 10:43:40.663468 2022] [proxy:error] [pid 14882:tid 139757120071424] (13)Permission denied: AH02454: HTTP: attempt to connect to Unix domain socket /var/run/httpd/ (localhost) failed
[Mon Feb 28 10:43:40.663518 2022] [proxy_http:error] [pid 14882:tid 139757120071424] [client <private-ip-here>:21136] AH01114: HTTP: failed to make connection to backend: httpd-UDS
repeated multiple times from Jan30th.
and when I look at access.log
I can see 503 error log exactly at the same time when permission denied error logs in elasticbeanstalk-error_log
And I looked at the running process using ps -aux | grep HTTPd and ps -aux | grep tomcat
both are running from 2019 and have no restarts.
what more I can do to troubleshoot these issuesWe are running a web application written in Java(tomcat8) hosted in AWS ElastcBeanStalk
Some weeks back we started getting 503 error randomly
When we checked the elasticbeanstalk-erorr_logs
[Thu Mar 03 13:22:12.906144 2022] [proxy:error] [pid 14882:tid 139757338711808] (13)Permission denied: AH02454: HTTP: attempt to connect to Unix domain socket /var/run/httpd/ (localhost) failed
[Thu Mar 03 13:22:12.906202 2022] [proxy_http:error] [pid 14882:tid 139757338711808] [client 172.31.17.0:61382] AH01114: HTTP: failed to make connection to backend: httpd-UDS, referer: http://our-domain.com/1/callBackLog.jsp
The error logs are suggesting connection error with backend unix socket
When we checked in /var/run/httpd/ folder, there were no unix sockets(.sock files)
But in apache httpd config
<VirtualHost *:80>
<Proxy *>
Require all granted
ProxyPass / http://localhost:8080/ retry=0
ProxyPassReverse / http://localhost:8080/
ProxyPreserveHost on
ErrorLog /var/log/httpd/elasticbeanstalk-error_log
the proxy backend is ip address not unix socket
As per the config httpd should connect to backend ip address(localhost:8080) but why is it complaining about unix socket
Have anyone faced similar issues?
============= UPDATE
The error logs are suggesting connection error with backend unix socket
When we checked in /var/run/httpd/ folder, there were no unix sockets(.sock files)
But in apache httpd config
<VirtualHost *:80>
<Proxy *>
Require all granted
ProxyPass / http://localhost:8080/ retry=0
ProxyPassReverse / http://localhost:8080/
ProxyPreserveHost on
ErrorLog /var/log/httpd/elasticbeanstalk-error_log
the proxy backend is ip address not unix socket
As per the config httpd should connect to backend ip address(localhost:8080) but why is it complaining about unix socket
Have anyone faced similar issues?
I have a flask application that runs on an apache web server, and recently i added a feature using the p4python module. But every time the site calls this package, i get a 500 Internal Server Error. When i check the error log i get the error saying "Truncated or oversized response headers received from daemon process ".
Configuration
Ubuntu 14.04.6
Apache 2.4.7
Python 3.4.3
mod-wsgi 4.6.8
openssl 1.0.1f
Notable python packages are
Flask 1.0.4
psycopg2 2.8.3
p4python 2019.1.1858212
I have tried every solution suggested on the other threads here, and i have tried the debugging suggestions from https://modwsgi.readthedocs.io/en/develop/user-guides/debugging-techniques.html#tracking-request-and-response.
This includes setting WSGIApplicationGroup %{GLOBAL}, increasing the header size and updating mod-wsgi to the newest version using pip.
Unfortunately none of this has worked, and when i call a function using the p4python api the site shows an error.
.conf file
Listen 31415
<VirtualHost *:31415>
ServerName dev-collab
SSLEngine on
SSLCertificateFile /etc/ssl/private/********.cer
SSLCertificateKeyFile /etc/ssl/private/*********.key
WSGIDaemonProcess applicationDash user=www-data group=www-data threads=6 python-home=/var/www/applicationDash/venv
WSGIScriptAlias / /var/www/applicationDash/api.wsgi
ErrorLog "/var/log/apache2/applicationDash_error.log"
CustomLog "/var/log/apache2/applicationDash_access.log" common
LogLevel info
DocumentRoot "/var/www/applicationDash"
<Directory "/var/www/applicationDash">
WSGIProcessGroup applicationDash
WSGIScriptReloading On
WSGIApplicationGroup %{GLOBAL}
</Directory>
Alias /static /var/www/applicationDash/static
<Directory "/var/www/applicationDash/static">
Require all granted
</Directory>
</VirtualHost>
Response header
[wsgi:error] [pid 42349] [remote 10.4.24.191:52037] ('RESPONSE',
[wsgi:error] [pid 42349] [remote 10.4.24.191:52037] '200 OK',
[wsgi:error] [pid 42349] [remote 10.4.24.191:52037] [('Content-Type', 'text/html; charset=utf-8'), ('Content-Length', '5598')])
The actual error
[wsgi:info] [pid 42371] mod_wsgi (pid=42371): Attach interpreter ''.
[wsgi:info] [pid 42371] mod_wsgi (pid=42371): Imported 'mod_wsgi'.
[ssl:info] [pid 41529] [client 10.4.32.52:53304] AH01964: Connection to child 2 established (server dev-collab:443)
[ssl:info] [pid 41529] (70014)End of file found: [client 10.4.32.52:53304] AH01991: SSL input filter read failed.
[ssl:info] [pid 41530] [client 10.4.24.191:58651] AH01964: Connection to child 3 established (server dev-collab:443)
[wsgi:info] [pid 42371] [remote 10.4.24.191:58651] mod_wsgi (pid=42371, process='applicationDash', application=''): Loading Python script file '/var/www/applicationDash/api.wsgi'.
[wsgi:error] [pid 41530] [client 10.4.24.191:58651] Truncated or oversized response headers received from daemon process 'applicationDash': /var/www/applicationDash/api.wsgi, referer: https://dev-collab:31415/branch/3/AccessControl
This is all with LogLevel info.
Does anyone have an idea where my mistake lies?
I have developed web application using codeigniter on xampp server.
and want to deploy it on LAMP server. I have migrated database and app successfully but facing some problem.
When request web page using browser its not show anything not even error.
I have enabled selinux,
have root account and testing using root account
virtual host file config in /etc/httpd/conf.modules.d/hotelking.conf
<VirtualHost *:80>
ServerName www.hotelking.com
ServerAlias hotelking.com
DocumentRoot /var/www/hotelking/app/
Customlog "logs/www.hotelking.com.log" combined
ErrorLog "log/www.hotelking.com.error_log"
<Directory /var/www/hotelking/app/>
Require all granted
</Directory>
And error log have following error
[Wed Jan 06 03:20:14.515526 2016] [:error] [pid 6912] [client 127.0.0.1:40964] PHP Fatal error: Class 'MY_controller' not found in /var/www/hotelking/app/application/controllers/master.php on line 5
[Wed Jan 06 03:20:21.773841 2016] [:error] [pid 6908] [client 127.0.0.1:40965] PHP Fatal error: Class 'MY_controller' not found in /var/www/hotelking/app/application/controllers/master.php on line 5
I CHECKED IT HAS MY_controller at give location
I'm new in PHP and I'm facing some problems.
I'm using EasyPHP (DevServer 14.1 -> PHP 5.5.8 and Apache 2.4.7) and CakePHP (2.5.1).
Well, if I put the CakePHP files at "C:\Program Files\EasyPHP\data\localweb\" (then it would be "C:\Program Files\EasyPHP\data\localweb\cake_2_0..." for example), it works fine, as it should.
The problem is: I would like to use alias on EasyPHP, for I don't want to develop at "C:\Program Files...". But when I put the CakePHP files on my application root ("C:\myapps\myproject..." for example, with an alias set on EasyPHP), then I get a "Error 404". Now, I found that if I remove the .htaccess file from root, it works. But I'm sure this file is there for some reason, so I don't feel right just removing it - it might give me more problems later.
Does anyone know anything about it? Can I use alias on EasyPHP if I want to use CakePHP?
Thanks in advance.
Edited
This is my apache_alias.conf (C:\Program Files\EasyPHP-DevServer-14.1VC11\data\conf):
Alias "/cakeblogtutorial" "C:/Programacao/PHP/workspace/CakeBlogTutorial"
<Directory "C:/Programacao/PHP/workspace/CakeBlogTutorial">
Options FollowSymLinks Indexes
AllowOverride All
Order deny,allow
Allow from 127.0.0.1
Deny from all
Require all granted
</Directory>
This is my .htaccess (C:\Programacao\PHP\workspace\CakeBlogTutorial):
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^$ app/webroot/ [L]
RewriteRule (.*) app/webroot/$1 [L]
</IfModule>
On my httpd.conf (C:\Program Files\EasyPHP-DevServer-14.1VC11\binaries\conf_files), regarding to mod_rewrite (in other words, uncommented):
LoadModule rewrite_module modules/mod_rewrite.so
Last lines on error.log (C:\Program Files\EasyPHP-DevServer-14.1VC11\binaries\apache\logs):
[Mon Jun 02 14:27:48.093057 2014] [:error] [pid 4284:tid 848] [client 127.0.0.1:62831] script 'C:/Program Files/EasyPHP-DevServer-14.1VC11/data/localweb/index.php' not found or unable to stat
[Mon Jun 02 14:34:59.319532 2014] [mpm_winnt:notice] [pid 1992:tid 312] AH00424: Parent: Received restart signal -- Restarting the server.
[Mon Jun 02 14:34:59.982390 2014] [mpm_winnt:notice] [pid 1992:tid 312] AH00455: Apache/2.4.7 (Win32) PHP/5.5.8 configured -- resuming normal operations
[Mon Jun 02 14:34:59.982390 2014] [mpm_winnt:notice] [pid 1992:tid 312] AH00456: Apache Lounge VC11 Server built: Nov 21 2013 20:13:01
[Mon Jun 02 14:34:59.982390 2014] [core:notice] [pid 1992:tid 312] AH00094: Command line: 'C:\\PROGRA~1\\EASYPH~1.1VC\\binaries\\apache\\bin\\eds-httpd.exe -d C:/Program Files/EasyPHP-DevServer-14.1VC11/binaries/apache'
[Mon Jun 02 14:34:59.988391 2014] [mpm_winnt:notice] [pid 1992:tid 312] AH00418: Parent: Created child process 6588
[Mon Jun 02 14:35:01.279844 2014] [mpm_winnt:notice] [pid 6588:tid 364] AH00354: Child: Starting 64 worker threads.
[Mon Jun 02 14:35:01.523147 2014] [mpm_winnt:notice] [pid 4284:tid 364] AH00364: Child: All worker threads have exited.
Last lines on access.log (C:\Program Files\EasyPHP-DevServer-14.1VC11\binaries\apache\logs):
127.0.0.1 - - [02/Jun/2014:15:09:50 -0300] "GET /cakeblogtutorial HTTP/1.1" 301 242
127.0.0.1 - - [02/Jun/2014:15:09:50 -0300] "GET /cakeblogtutorial/ HTTP/1.1" 404 1156
I guess I found the answer - and if so, the RewriteBase is the correct thing to do. From the CakePHP WebSite (http://book.cakephp.org/2.0/en/installation/url-rewriting.html):
For many hosting services (GoDaddy, 1and1), your web server is actually being served from a user directory that already uses mod_rewrite. If you are installing CakePHP into a user directory (http://example.com/~username/cakephp/), or any other URL structure that already utilizes mod_rewrite, you’ll need to add RewriteBase statements to the .htaccess files CakePHP uses (/.htaccess, /app/.htaccess, /app/webroot/.htaccess).