Before all, yes I have checked other posts like this, this or even this among others.
This being said, let me expose my case:
It works on the dev-env (localhost) completely fine (of course, it doesn't require any proxy)
I also use this curl command to confirm:
curl 'http://localhost:9021/ws' \
--http1.1 \
-H 'Pragma: no-cache' \
-H 'Sec-WebSocket-Key: W/ZEACBv+gi6xA1JeMaO/A==' \
-H 'Upgrade: websocket' \
-H 'Cache-Control: no-cache' \
-H 'Connection: Upgrade' \
-H 'Sec-WebSocket-Version: 13'
and it connects ok.
When I run it on the remote dev server, I have this Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName dev.remote.com
LogLevel warn
ErrorLog "| /usr/bin/rotatelogs -l /home/user/log/dev.remote.com/error.%Y-%m-%d 86400"
CustomLog "| /usr/bin/rotatelogs -l /home/user/log/dev.remote.com/access.%Y-%m-%d 86400" combined
ServerSignature Off
DocumentRoot /home/user/www/dev.remote.com
<Directory /home/user/www/dev.remote.com>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
<Location />
Options FollowSymLinks
</Location>
#
# Serve static files directly with Apache
#
ProxyPass /public !
Alias /public /home/user/www/dev.remote.com/public
<Directory /home/user/www/dev.remote.com/public>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
ProxyPass /assets !
Alias /assets /home/user/www/dev.remote.com/.next/static/assets
<Directory /home/user/www/dev.remote.com/.next/static/assets>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
#
# Serve the rest with NodeJS/express
#
RewriteEngine On
LogLevel alert rewrite:trace6
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /ws ws://localhost:9021/ws [P]
ProxyPreserveHost On
ProxyRequests off
# WebSocket server (express) is on port 9021
ProxyPass /ws ws://localhost:9021/ws
ProxyPassReverse /ws ws://localhost:9021/ws
# HTTP server (express) is on port 9020
ProxyPass / http://localhost:9020/
ProxyPassReverse / http://localhost:9020/
<Proxy *>
Require all granted
</Proxy>
SSLCertificateFile /etc/letsencrypt/live/dev.remote.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/dev.remote.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
So 2 points here:
1.
I'm sure the WebSocket server is working on the remote server by testing via ssh with the previous curl command. And it connects.
2.
When I try opening the connection from the browser
ws = new WebSocket('wss://dev.remote.com/ws');
the mod_rewrite rule seems ok because the trace is like this:
[Fri May 28 17:37:16.272448 2021] [rewrite:trace2] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] init rewrite engine with requested uri /ws
[Fri May 28 17:37:16.272475 2021] [rewrite:trace3] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] applying pattern '/ws' to uri '/ws'
[Fri May 28 17:37:16.272505 2021] [rewrite:trace4] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] RewriteCond: input='Upgrade' pattern='upgrade' [NC] => matched
[Fri May 28 17:37:16.272513 2021] [rewrite:trace2] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] rewrite '/ws' -> 'ws://localhost:9021/ws'
[Fri May 28 17:37:16.272521 2021] [rewrite:trace2] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] forcing proxy-throughput with ws://localhost:9021/ws
[Fri May 28 17:37:16.272529 2021] [rewrite:trace1] [pid 15772] mod_rewrite.c(477): [client a.b.c.d:63015] a.b.c.d - - [dev.remote.com/sid#6916462d1a20][rid#69164d3530a0/initial] go-ahead with proxy request proxy:ws://localhost:9021/ws [OK]
So I deduct the rules are working and it's actually making the request via proxy to :ws://localhost:9021/ws
But... there's no connection received in the WebSocket server.
Therefore, I get this on Chrome:
WebSocket connection to 'wss://dev.remote.com/ws' failed
The key was to have proxy_wstunnel mod active >_<
In case it helps anyone...
cd /etc/apache2/mods-enabled
sudo ln -s ../mods-available/proxy_wstunnel.load
stupid error, but I was too focused on the configuration, and it was about enabled mods
Related
I have a laptop running Ubuntu 22.04 with Apache2 on it.
Everything opens fine on my laptop (in my opinion, this means that there is nothing wrong with file permissions).
If I try to open my http://172.20.10.5/ address from another laptop in the local network, I get the error "Forbidden. You don't have permission to access this resource."
On the internet everyone says to add:
Require all granted
I have these 'Require all granted' on my entire computer.
This is my /etc/apache2/apache2.conf
DefaultRuntimeDir ${APACHE_RUN_DIR}
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /home/roma/www>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
Allow from all
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
In /etc/apache2/sites-enabled/localhost.conf:
<VirtualHost *:80>
ServerName localhost
ServerAlias 172.20.10.5 # the second laptop
ServerAdmin webmaster#localhost
DocumentRoot /home/roma/www
<Directory /home/roma/www>
Options FollowSymLinks
AllowOverride All
Require all granted
Order allow,deny
Allow from all
</Directory>
<Directory /home/roma/www/ioctopus.online>
Require all granted
</Directory>
ErrorLog /home/roma/.Logs/apache_error__000-default.log
LogLevel debug
php_admin_value open_basedir "/home/roma/.temp_php:/home/roma/www:/home/roma/Scripts:/home/roma/www/_.upiri:/media/roma/SD/:/media/roma/SD/Upiri/Рома/www/:/home/roma/Docs/Dropbox:/home/roma/www/ioctopus.online/_.design"
</VirtualHost>
The log file has this error:
[Wed Feb 08 01:31:26.665269 2023] [access_compat:error] [pid 1392785] [client 172.20.10.8:65461] AH01797: client denied by server configuration: /home/roma/www/ioctopus.online/
[Wed Feb 08 01:31:26.791822 2023] [access_compat:error] [pid 1392785] [client 172.20.10.8:65461] AH01797: client denied by server configuration: /home/roma/www/favicon.ico, referer: http://172.20.10.5/ioctopus.online/
[Wed Feb 08 01:32:06.340615 2023] [access_compat:error] [pid 1392786] [client 172.20.10.8:65462] AH01797: client denied by server configuration: /home/roma/www/test.txt
[Wed Feb 08 01:32:06.369395 2023] [access_compat:error] [pid 1392786] [client 172.20.10.8:65462] AH01797: client denied by server configuration: /home/roma/www/favicon.ico, referer: http://172.20.10.5/test.txt
[Wed Feb 08 01:32:08.270265 2023] [access_compat:error] [pid 1392786] [client 172.20.10.8:65462] AH01797: client denied by server configuration: /home/roma/www/ioctopus.online/
[Wed Feb 08 01:32:08.297455 2023] [access_compat:error] [pid 1392786] [client 172.20.10.8:65462] AH01797: client denied by server configuration: /home/roma/www/favicon.ico, referer: http://172.20.10.5/ioctopus.online/
[Wed Feb 08 01:32:57.950433 2023] [reqtimeout:info] [pid 1392787] [client 172.20.10.8:65463] AH01382: Request header read timeout
[Wed Feb 08 01:43:21.800123 2023] [access_compat:error] [pid 1392788] [client 172.20.10.8:65475] AH01797: client denied by server configuration: /home/roma/www/ioctopus.online/
What can I do to open the apache server from another computer?
I've just installed Magento on my VPS (Debian 11), I must say Magento it's a pain compared to PretaShop and Wordpress, but I really need it.
After a painful installation, I run the page and I get the following:
Internal Server Error The server encountered an internal error or
misconfiguration and was unable to complete your request.
Please contact the server administrator at info#magento.mywebsite.ie to
inform them of the time this error occurred, and the actions you
performed just before this error.
More information about this error may be available in the server error
log.
Additionally, a 500 Internal Server Error error was encountered while
trying to use an ErrorDocument to handle the request.
Then I thought to check logs. So I opened the file magento.mywebsite.ie.error.log and there is a list of all the attempts, like the following:
[Sun Oct 23 17:04:41.916039 2022] [core:alert] [pid 886340:tid
139973219006208] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here [Sun Oct 23 17:04:42.225156 2022]
[core:alert] [pid 886340:tid 139973202220800] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here [Sun Oct 23 17:04:42.495916 2022]
[core:alert] [pid 886340:tid 139973185435392] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here [Sun Oct 23 17:04:42.705350 2022]
[core:alert] [pid 886340:tid 139973168649984] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here [Sun Oct 23 17:04:42.909888 2022]
[core:alert] [pid 886340:tid 139973311325952] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here [Sun Oct 23 17:05:22.958733 2022]
[core:alert] [pid 886660:tid 140355403986688] [client 51.37.89.15:0]
/home/elliot/web/magento.mywebsite.ie/public_html/magento2/.htaccess:
RewriteEngine not allowed here
The files .htaccess in my Magento new installation are exactly identical to the .htaccess that you would find here on GitHub:
Link: https://github.com/magento/magento2
You will find .htaccess in the parent folder magento2, another one in the Document Root "pub" inside magento2. My opinion is that the system is using the one in the parent directory, magento2, since if I delete that .htaccess, the webpage would show "This page isn’t working" instead of "Internal Server Error", so the error message would be different in this way.
And this is apache2.ssl.conf used as configuration file:
I removed the comments here
<VirtualHost 141.146.42.11:8443>
ServerName magento.mywebsite.ie
ServerAdmin info#magento.mywebsite.ie
DocumentRoot /home/elliot/web/magento.mywebsite.ie/public_html/magento2/pub
ScriptAlias /cgi-bin/ /home/elliot/web/magento.mywebsite.ie/cgi-bin/
Alias /vstats/ /home/elliot/web/magento.mywebsite.ie/stats/
Alias /error/ /home/elliot/web/magento.mywebsite.ie/document_errors/
#SuexecUserGroup elliot elliot
CustomLog /var/log/apache2/domains/magento.mywebsite.ie.bytes bytes
CustomLog /var/log/apache2/domains/magento.mywebsite.ie.log combined
ErrorLog /var/log/apache2/domains/magento.mywebsite.ie.error.log
<Directory /home/elliot/web/magento.mywebsite.ie/stats>
AllowOverride All
</Directory>
<Directory /home/elliot/web/magento.mywebsite.ie/public_html/magento2/pub>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI </Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/elliot/conf/web/magento.mywebsite.ie/ssl/magento.mywebsite.ie.crt
SSLCertificateKeyFile /home/elliot/conf/web/magento.mywebsite.ie/ssl/magento.mywebsite.ie.key
SSLCertificateChainFile /home/elliot/conf/web/magento.mywebsite.ie/ssl/magento.mywebsite.ie.ca
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php8.1-fpm-magento.mywebsite.ie.sock|fcgi://localhost"
</FilesMatch>
SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
IncludeOptional /home/elliot/conf/web/magento.mywebsite.ie/apache2.ssl.conf_*
IncludeOptional /etc/apache2/conf.d/*.inc
</VirtualHost>
Please could you be so kind to help me with this? I have no experience at all about Apache issues, then I didn't know what else info I could provide to you. Hope you can help.
I solved the problem by adding the following line with the Parent Root Directory to my apache2.ssl.conf:
<Directory /home/elliot/web/magento.mywebsite.ie/public_html/magento2>
AllowOverride All
</Directory>
In this way also the parent directory has AllowOverride All.
I have some issues with setting an clustered environment for weblogic and Apache. The structure is like this: 1 webserver that proxies requests to a clustered environment of 3 weblogic servers.
Everytime i send the request to the apache server , the request gets unhandled. I figured out a part of the problem , but that is something that is not intended in production. whenever i add DynamicServerList On the requests fail. When i switch it to off it works, but that means whenever a server fails , apache will still send requests to that server and user experience would be 0.
EDIT 1: I am using weblogic 12c and apache2.4 for Centos 7
EDIT 2: There is no firewall nor selinux active
Here is my config file for weblogic plugin:
<VirtualHost *:8080>
ServerAdmin postmaster#webserver2
ServerName webserver2
DocumentRoot /var/www/webserver2/htdocs
ErrorLog /var/log/httpd//webserver-error_log
CustomLog /var/log/httpd/webserver-access_log forwarded
<Directory />
AllowOverride all
Order allow,deny
Allow from all
</Directory>
DirectoryIndex index.html
<Location />
SetHandler weblogic-handler
</Location>
<IfModule mod_weblogic.c>
WeblogicCluster 192.168.166.70:8001,192.168.166.71:8001,192.168.166.69:8001
ConnectTimeoutSecs 15
ConnectRetrySecs 10
WLIOTimeoutSecs 600
DynamicServerList ON
Idempotent ON
FileCaching ON
KeepAliveSecs 60
KeepAliveEnabled ON
DebugConfigInfo ON
</IfModule>
</VirtualHost>
And the errors I get are the following:
[Mon Sep 14 09:54:58.480616 2015] [weblogic:error] [pid 15343:tid
140547949991680] [client 172.18.132.50:57991] <1534314422136982>
parseJVMID: could not resolve hostname '-1062689209'. Returning NULL
from parseJVMID
[Mon Sep 14 09:54:58.480681 2015] [weblogic:error]
[pid 15343:tid 140547949991680] [client 172.18.132.50:57991]
<1534314422136982> initJVMID: parseClusterServerList failure
[Mon Sep
14 09:55:28.481215 2015] [weblogic:error] [pid 15343:tid
140547949991680] [client 172.18.132.50:57991] <1534314422136982>
request [/clusterjsp/HaJsp.jsp] did NOT process
successfully..................
I'm trying to perform SSL authentication in apache web server, using XAMPP in Linux. After I configure httpd.conf like this, Apache server is failing to start. Can some one help me to fix this ? What is wrong with my configuration ?
Alias /bitnami/ "/opt/lampp/apache2/htdocs/"
Alias /bitnami "/opt/lampp/apache2/htdocs"
<Directory "/opt/lampp/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Listen 443
<VirtualHost 127.0.0.1:443>
DocumentRoot "/opt/lampp/htdocs"
ServerName localhost.localdomain
SSLEngine on
SSLCertificateFile "/home/lahiru/Desktop/ucsc/security/ssl/server.cer"
SSLCertificateKeyFile "/home/lahiru/Desktop/ucsc/security/ssl/server.key"
SSLVerifyClient require
SSLVerifyDepth 10
SSLCACertificateFile "/home/lahiru/Desktop/ucsc/security/ssl/ca.cer"
</VirtualHost>
And the Apache error log says,
(98)Address already in use: AH00072: make_sock: could not bind to address [::]:443
[Sun Jun 21 07:42:47.000754 2015] [ssl:warn] [pid 1863] AH01909: localhost.localdomain:443:0 server certificate does NOT include an ID which matches the server name
[Sun Jun 21 07:42:47.001082 2015] [ssl:warn] [pid 1863] AH01906: www.example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun Jun 21 07:42:47.001101 2015] [ssl:warn] [pid 1863] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Sun Jun 21 07:42:47.001183 2015] [suexec:notice] [pid 1863] AH01232: suEXEC mechanism enabled (wrapper: /opt/lampp/bin/suexec)
Bitnami developer here,
In XAMPP the SSL configuration is located at /opt/lampp/etc/extras/httpd-ssl.conf file, where there is a default VirtualHost already configured in port 443, and you are trying to bind again the same port.
Please, try to modify this file instead. You can check if there is any other process using port 443 running command sudo netstat -vnpa | grep 443
What do you mean with "Apache server is failing to start"? Using the /opt/lampp/ctlscript.sh script to restart Apache server didn't produce any error message on my side but the error_log told me the same that you mentioned.
Regards,
Gonzalo
I am using WampServer and I would like to debug my rewrite rules from .htaccess, since I still receive 404 errors.
I already enabled rewrite_module, log_debug_module, log_forensic_module and log_config_module, but in my error log I don't receive any information about .htaccess.
In httpd.conf I changed LogLevelto: LogLevel warn mod_rewrite.c:trace8. I also tried the following options: rewrite_module, mod_rewrite.so, rewrite, mod_rewrite.
Then when I restart the server I only get this log, but I don't receive anything about web requests when I try to go to localhost/mysite.
[Sat Oct 12 17:33:07.063441 2013] [mpm_winnt:notice] [pid 8884:tid 412] AH00422: Parent: Received shutdown signal -- Shutting down the server.
[Sat Oct 12 17:33:09.063556 2013] [mpm_winnt:notice] [pid 1632:tid 288] AH00364: Child: All worker threads have exited.
[Sat Oct 12 17:33:09.078557 2013] [mpm_winnt:notice] [pid 8884:tid 412] AH00430: Parent: Child process 1632 exited successfully.
[Sat Oct 12 17:33:48.859832 2013] [mpm_winnt:notice] [pid 8252:tid 412] AH00455: Apache/2.4.4 (Win64) PHP/5.4.12 configured -- resuming normal operations
[Sat Oct 12 17:33:48.859832 2013] [mpm_winnt:notice] [pid 8252:tid 412] AH00456: Server built: Feb 22 2013 22:08:37
[Sat Oct 12 17:33:48.859832 2013] [core:notice] [pid 8252:tid 412] AH00094: Command line: 'c:\\wamp\\bin\\apache\\apache2.4.4\\bin\\httpd.exe -d C:/wamp/bin/apache/Apache2.4.4'
[Sat Oct 12 17:33:48.867833 2013] [mpm_winnt:notice] [pid 8252:tid 412] AH00418: Parent: Created child process 6216
[Sat Oct 12 17:33:49.145848 2013] [mpm_winnt:notice] [pid 6216:tid 288] AH00354: Child: Starting 150 worker threads.
UPDATE
Here is some more information about my folder structure. I have put my DirectoryRoot to D:/www and my .htaccess file is in D:/www/mysite.
Some parts from httpd.conf:
<Directory />
AllowOverride none
Require all granted
</Directory>
DocumentRoot "D:/www"
<Directory "D:/wamp/www">
Options Indexes FollowSymLinks
AllowOverride All
# Require all granted
# onlineoffline tag - don't remove
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
</Directory>
#ErrorLog "logs/error.log"
ErrorLog "c:/wamp/logs/apache_error.log"
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn rewrite:trace3
Disabling the rewritemodule gives errors on RewriteEngine so I suppose that it does find my .htaccess file.
This is my .htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*?)/?$ index.php/$1
Could it be that you are using Apache 2.4.x, if so they have made major changes in the area of logging.
Try
LogLevel alert rewrite:trace3
Also another change is that logged info gets written to the normal error_log file.
Documentation
ADDED After Additional Info added
You have some fairly obvious errors in your httpd.conf file.
Can I suggest you review this document on the WAMPServer forum Wampserver 2.4 What to do after Installing
I just changed my WAMPServer Apache conf as so:
LogLevel warn rewrite:trace8
And got lots of extra lines in my apache_error.log from the rewrite module.
Make sure you are actually running something on the server that will exercise mod_rewrite and the RewriteRule you have in your .htaccess
ERRORS:
#WRONG Allows access to the root of your D: drive and all subfolders, great for hackers
<Directory />
AllowOverride none
Require all granted
</Directory>
#CORRECTED
<Directory />
AllowOverride none
Require all denied
</Directory>
.
#WRONG
DocumentRoot "D:/www"
#CORRECTED
DocumentRoot "d:/wamp/www"
.
#WRONG
<Directory "D:/wamp/www">
Options Indexes FollowSymLinks
AllowOverride All
# Require all granted
# onlineoffline tag - don't remove
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
Allow from ::1
Allow from localhost
</Directory>
#CORRECTED
<Directory "D:/wamp/www">
Options Indexes FollowSymLinks
AllowOverride All
# onlineoffline tag - don't remove
Require local
</Directory>
After editting yor 'httpd.conf' log to
LogLevel alert rewrite:trace3
You should restart apache server to apply changes.