I have install the SSL certification on my bitnami google cloud hosting.
certificate has been property installed and even
I can access :
https://domain.com
but when I try to access
https://domain.com/xyz
its giving me 404 not found error
Below is my binami.conf file
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
DocumentRoot "/opt/bitnami/apache2/htdocs/domain/public/"
<Directory "/opt/bitnami/apache2/htdocs/htdocs/domain/public/">
Options FollowSymLinks MultiViews
AddLanguage en en
LanguagePriority en
ForceLanguagePriority Prefer Fallback
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>
# Error Documents
ErrorDocument 503 /503.html
# Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>
Can anyone please help me, what went wrong
For more information
Am using google cloud platform with Bitnami LAMP stack
In the <VirtualHost _default_ *:80>, you are setting:
DocumentRoot "/opt/bitnami/apache2/htdocs/domainDIR/public/"
However, in the <VirtualHost *:443>, you are setting:
DocumentRoot "/opt/bitnami/apache2/htdocs/domain/public/"
Where is your web application located? Both paths should be the same one.
#DusanBajic
<VirtualHost _default_ *:80>
DocumentRoot "/opt/bitnami/apache2/htdocs/domainDIR/public/"
<Directory "/opt/bitnami/apache2/htdocs/domainDIR/public/">
Options FollowSymLinks MultiViews
AddLanguage en en
LanguagePriority en
ForceLanguagePriority Prefer Fallback
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>
# Error Documents
ErrorDocument 503 /503.html
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>
Just guessing but I think that bitnami.conf should only have this for the ssl part.
# Default SSL Virtual Host configuration.
<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/bitnami/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/opt/bitnami/apache2/htdocs"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
<Directory "/opt/bitnami/apache2/htdocs">
Options FollowSymLinks MultiViews
AddLanguage en en
LanguagePriority en
ForceLanguagePriority Prefer Fallback
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>
# Error Documents
ErrorDocument 503 /503.html
# Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>
# Bitnami applications that uses virtual host configuration
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-vhosts.conf"
and you should put your <VirtualHost *:443> code from above (top) into the /extras/httpd-ssl.conf file.
Then restart apache via Putty (or whatever you use)
sudo /opt/bitnami/ctlscript.sh restart apache
I'll try to test it sometime this week and edit as necessary ( 8^{D=
Generally speaking, 404 NOT FOUND can be served from 1 of 2 places in this situation. The Apache server may be responding with 404 or the request received by Apache is routed to the application and the application serves the 404.
If the application were serving 404 NOT FOUND, as the application owner, one could presumably log every request to see this occur. As you've not mentioned the application much at all, we must assume this is not the source and investigate the Apache server.
The configurations you've provided for both HTTP (:80) and HTTPS (:443) serve static resources with <Directory "">. However, the paths to both directory and DocumentRoot are different between HTTP and HTTPS as mentioned by #Juan.
"/opt/bitnami/apache2/htdocs/domainDIR/public/" != "/opt/bitnami/apache2/htdocs/domain/public/"
If you do not have 2 different directories for serving static resources based on HTTP(S), then this is the most likely cause of the 404. Apache cannot find "/opt/bitnami/apache2/htdocs/domain/public/" when serving over HTTPS.
Note that at present, the Bitnami LAMP image on Google Cloud deploys with Apache 2.4.25 and thus shouldn't ever meet the <IfVersion < 2.3> criteria. It's safe to keep though if using the same configuration elsewhere.
Related
I inherited a php/Laravel app that was running on an Apache server that I don't have access to. My task is to get it running on another Apache server. I'm pretty good with php but relatively new to Laravel and very new to Apache configuration.
I have figured out how to get the Laravel app running on Apache that is running on an Ubuntu VM (VirtualBox.) I can access the Laravel app in a browser on the Ubuntu VM via http://localhost. I can also access the Laravel app in a browser from the Internet via http://appname.com/public. However, if I just use http://appname.com, then I just get a folder listing of /var/www/appname.
I have tried several modifications to the /etc/apache2/available-sites/appname.conf file but haven't quite got it right yet, apparently. I have also read a number of posts around the nets about making modifications to various other config files including php config files and Apache config files. It seems like these other mods (while they may be workable) shouldn't be necessary.
Here is my current /etc/apache2/available-sites/appname.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName appname.com
ServiceAlias www.appname.com
DocumentRoot /var/www/appname/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Any advise is appreciated.
Bob
You need to allow the mod_rewrite in the apache server and allowSymLinks.
Source
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName appname.com
ServiceAlias www.appname.com
DocumentRoot /var/www/appname/public
<Directory "/var/www/appname/public">
Options FollowSymLinks
ReWriteEngine On
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
in the DocumentRoot Directory i would also allow MultiViews
<Directory "/var/www/appname/public">
Options FollowSymLinks MultiViews
ReWriteEngine On
</Directory>
You may need to also do
sudo a2enmod rewrite
to enable module rewrite.
Edit 1:
In my .conf files i got them with the quotes and they are working.
Did you enable the modudle rewrite?
Besides some options i also have the "/" folder with the next config.
<Directory "/">
Options FollowSymLinks
AllowOverride All
ReWriteEngine On
</Directory>
and here i'll write my full code of public directory
<Directory "/var/www/appname/public">
Options FollowSymLinks MultiViews
Order Allow,Deny
Allow from all
ReWriteEngine On
</Directory>
Try it and see if it works, after delete the options that you don't like to use.
Follow the steps and all will be good and easy,
1). Type following command in terminal
cd /etc/apache2/sites-available
2). Make a new config file
sudo cp 000-default.conf appname.dev.conf
3. Open the new config file and paste the following code
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin yourmail#example.com
ServerAlias appname.dev
DocumentRoot /var/www/html/appname/public
<Directory /var/www/html/appname/public>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
<FilesMatch \.php$>
#Change this "proxy:unix:/path/to/fpm.socket"
#if using a Unix socket
#SetHandler "proxy:fcgi://127.0.0.1:9000"
</FilesMatch>
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
4). CTRL+x, then press y then press enter and run following command in terminal
sudo a2ensite appname.dev.conf
5). Type following command and edit the /etc/hosts file
sudo nano /etc/hosts
127.0.0.1 appname.dev
press CTRL x then press Enter and type following command
sudo service apache2 restart
6). Now your app will execute on appname.dev successfully.
I'm currently learning about the Slim framework over at TeamTreehouse.com, and ran into an issue that I haven't been able to resolve.
At this point in the project, we have installed Slim via Composer and setup .htaccess and index.php files in our document root (which on my computer is /home/daniel/src/public_html/treehouse/build_websites_php/).
In a templates folder we have index.html and contact.html. Here is the layout of the folders.
DocumentRoot (/home/daniel/src/public_html/treehouse/build_websites_php/)
index.php
.htaccess
composer.json
composer.lock
vendor/
templates/
index.html
contact.html
In index.php, I instantiate a new Slim object:
$app = new \Slim\Slim();
And then call the get() method and then call render() to render the index.html and contact.html pages when the url is localhost/treehouse/build_websites/ and localhost/treehouse/build_websites/contact, respectively.
$app->get('/', function () use($app) {
$app->render('index.html');
});
$app->get('/contact', function () use($app) {
$app->render('contact.html');
});
Then run the app:
$app->run();
My index.html page shows up fine, but I get a 404 error (not through Slim, just the server's default) when I try and visit the /contact url. Here are some specs from my system:
Ubuntu 16.04.1 LTS
Apache 2.4.18
Slim 2.6.2
PHP 7.0.8
Anything in my /home/daniel/src/public_html/ directory can be accessed by Apache, as I've run PHP scripts from in there for the past year.
I've tried the suggestions from here (and restarted the server after each update to conf.d or other files) and have had no luck.
Any help would be greatly appreciated, I've only been using PHP/Ubuntu/Apache for about a year, so I'm probably missing something obvious!
Here is the index.php file:
<?php
require 'vendor/autoload.php';
$app = new \Slim\Slim();
$app->get('/', function () use($app) {
/* When using render(), the url localhost/treehouse/build_websites_php/ to
gets you the home page. */
$app->render('index.html');
});
/* This SHOULD bring up the contact page at url
localhost/treehouse/build_websites_php/contact, but it doesn't! */
$app->get('/contact', function () use($app) {
$app->render('contact.html');
});
$app->run();
?>
Here is the .htacess file:
RewriteEngine On
# Some hosts may require you to use the `RewriteBase` directive.
# If you need to use the `RewriteBase` directive, it should be the
# absolute physical path to the directory that contains this htaccess file.
#
# RewriteBase /home/daniel/src/public_html/treehouse/build_websites_php/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
And here are various conf.d files for Apache:
/etc/apache2/apache2.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /home/daniel/src/public_html>
Order allow,deny
Allow from all
Require all granted
</Directory>
I tried adding AllowOverride All as suggested here to the last directive and then I wasn't able to access PHP files from the server at all and got a 500 error instead of a 404 error.
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
/etc/apache2/sites-available/mysite.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /home/daniel/src/public_html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
OK wow I finally figured it out thanks to Mika pointing me in the right direction. It turns out, my /etc/apache2/sites-available/mysite.conf file needed the following directive:
<Directory /home/daniel/src/public_html >
AllowOverride All
</Directory>
I had tried adding that directive to /etc/apache2/apache2.conf in addition to the other directives like so:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /home/daniel/src/public_html>
Order allow,deny
Allow from all
Require all granted
AllowOverride All #THIS DIDN'T WORK
</Directory>
But the AllowOverride All from above through a 500 error from the server. Apparently, it had to be by itself in the /etc/apache2/sites-available/mysite.conf file, who knew!
I also ran sudo a2enmod rewrite && sudo /etc/init.d/apache2 restart to make sure the mod_rewrite was loaded after discovering this error message (thanks to Mika for pointing out to check the log files!):
[Sun Nov 13 10:37:51.054347 2016] [core:alert] [pid 10979] [client ::1:51900] /home/daniel/src/public_html /treehouse/build_websites_php/.htaccess: Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
I did that before adding the AllowOverride All directive, so I'm not sure if it played a part in solving the problem, but I figured I would document it for any interested.
These sites had valuable information on how to finally solve the issue:
1 - solved mod_rewrite issue
2 - solved where to place the AllowOverride All directive
3 - Slim troubleshooting for .htaccess
It looks like your Apache settings do not allow the .htaccess file to override any settings. Add something like the following to apache2.conf.
<Directory /home/daniel/src/public_html>
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
Context: production server with SSL installed. Running apache server. PHP.
Problem: for an specific url like (for example: www.domain.com/whatever/edit/*) I want to ask users to use their certificate in order to authenticate them for an specific task.
I have read that this way of authentication is called two-way authentication SSL. I don't know whether I am right or not.
What I have tried on server configuration is the following
<VirtualHost _default_:433>
ServerAdmin webmaster#localhost
DocumentRoot /Applications/MAMP/htdocs/smartdataprotection/web/
Options FollowSymLinks
Options Indexes FollowSymLinks MultiViews
LogLevel warn
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/ssl_access.log combined
SSLEngine on
SSLCertificateFile /Applications/MAMP/htdocs/certificates/server.cer
SSLCertificateKeyFile /Applications/MAMP/htdocs/certificates/server.key
SSLOptions +StdEnvVars
# Below for 2 way ssl
SSLVerifyClient require
SSLVerifyDepth 10
SSLCACertificateFile /Applications/MAMP/htdocs/certificates/ca.cer
What I would like to get is something similar to the following screen capture:
Thank you very much in advanced any help will be very welcome and highly appreciate.
Regards.
I think that you're missing SSLCipherSuite directive . In apache documentation:
This complex directive uses a colon-separated cipher-spec string
consisting of OpenSSL cipher specifications to configure the Cipher
Suite the client is permitted to negotiate in the SSL handshake phase.
Also normally you want to login in a site with certificate in specific location not directly in www.yourdomain.com, for example in a button link with goes to wwww.yourdomain.com/yourApp/loginCert so you have to configure <Location> inside the <VirtualHost>.
Finally check the file indicated in the SSLCACertificateFile directive, this file is a concatenation of CA certificates in a PEM format, which issues the certificates allowed to login in your site, if your certificate is not issued by one of the CAs inside this file they will be not showed up in the browser popup.
The configuration could looks like:
<VirtualHost _default_:433>
...
<Location /yourApp/loginCert>
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCACertificateFile conf/trustedCA.cer
SSLVerifyClient required
SSLVerifyDepth 10
SSLOptions +StdEnvVars +ExportCertData +OptRenegotiate
</Location>
Hope this helps,
I have recently upgraded the Ubuntu OS (10.04 -> 12.04) in my development workstation, and know I'm getting trouble in running the project I'm working on. I think it's some permission related problem. The fact is that I already have it running with no problems in a production server.
Is there any tool I can check project's folder permissions for errors, more or less like "symfony project:permissions" in Symfony 1 ?
I'm getting a css troubled first page in my dev frontend and a JS alert that reads:
An error occurred while loading the web debug toolbar (404: Not Found). Do you want to open the profiler?
The web folder .htacess is the same from the working production environment and I have an apache configuration equal to production only with ssl disabled.
Edit:
Virtual Host configuration:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
#<Directory />
# Options FollowSymLinks
# AllowOverride None
#</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
AcceptPathInfo On
Order allow,deny
allow from all
</Directory>
Alias /myproject /home/nelson/des/php/myproject/Symfony/web
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel debug
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
The "AcceptPathInfo On" was included in an attempt to solve. I already tried with and without it.
Any help apreciated
It seems that you haven't published your assets (css, js, images...)
Try the following from command line in the root folder of Symfony :
php app/console assets:install web/ --symlink
Also, check that the rewrite mod is enabled : a2enmod rewrite
EDIT: Given your VirtualHost config file, it seems that you gave the wrong folder to Apache. You configuration must point to the web folder of Symfony2. For example :
<VirtualHost *:80>
DocumentRoot /home/myuser/www/Symfony/web
<Directory /home/myuser/www/Symfony/web>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
#......
</VirtualHost>
OK I am new to ASKING questions on stackoverflow, but I need to get this figured out. I have a VPS with Apache installed Running Ubuntu 12.04 LTS. I downloaded a php script which required php 5.4+ but I had 5.3 installed. Then I followed the instructions located at this link.
While doing the upgrade, the installer told me that my php.ini file was manually changed. I believe I did this in order to view the errors on screen with the "display_errors=on" variable a long time ago. I therefore selected the option to KEEP and USE the old version of php.ini. Once the installation was done and the apache server restarted. I went to my chrome browser and pressed "refresh" and to my dismay, "403 Forbidden".
Here is the conf file for the virtual server:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /home/{usr}/Public/
# Indexes + Directory Root.
DirectoryIndex index.html index.shtml index.php
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /home/{usr}/Public/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /home/{usr}/Public/log/{server}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /home/{usr}/Public/log/{server}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
I obscured the username to {usr} and the folder to {server} to keep anonymity. This file was created BY ME, by putting it together with some other example file. I'm not sure if this is correct, all I know is that before this upgrade, everything was working fine!
I also "LL"'d the "Public" folder and here's what I found:
drwxrwxrwx 28 {usr} {usr} 4096 Sep 4 01:09 Public/
It seems that all the folders under it have the same permission. Please help and if there are any questions, feel free to ask. I've been doing this for many years but by no means would I call myself an "expert".
Thanks in advance.
Did you also upgrade Apache 2 ?
Apache 2.4 has a new user rights policy system : http://httpd.apache.org/docs/2.4/upgrading.html#run-time