I am programming a REST API with Zend framework.
When calling the url several times (e.g. 1000 times with 1 request per second), in about 0.2 % of the cases instead of getting 200 OK as a response I get 302 Found - so a redirect to a different page.
Here is the entire server response:
302 Found Date: Mon, 04 Mar 2013 11:56:04 GMT
Server: Apache/2.2.17 (Ubuntu)
X-Powered-By: PHP/5.3.5-1ubuntu7.11
Set-Cookie: PHPSESSID=ui9r8jqa63dbom8osknso6eea5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /de/default/index/index/error/500
Vary: Accept-Encoding
Content-Length: 0
Content-Type: text/html; charset=utf-8
So Zend redirects to the error 500 (internal server error) page. The question is why - and I just can't figure it out...
The php page that is called inserts one row into a MySQL database and returns a JSON string - that's all.
Apache2 has about 20 concurrent connections open and the server load is <<1 so I really do not understand why the requests cause problems.
I know this is a really difficult problem to remote diagnose, but good guesses and recommendations how to solve this are more than welcome! Thanks.
This is the apache vhost config as requested by #chris:
<IfModule mod_ssl.c>
<VirtualHost mydomain.tld:443>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
ServerName www.mydomain.tld
ServerAlias mydomain.tld *.mydomain.tld
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
# RewriteLog "/var/log/htaccess.log"
# RewriteLogLevel 5
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /etc/apache2/ssl/cert_2013_2014.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.mydomain.tld.key
SSLCACertificateFile /etc/apache2/ssl/intermediate.crt
</VirtualHost>
</IfModule>
This looks pretty simple and straight forward to me. This is a 302 redirect and I can't think of anything in ZF that redirects by itself; especially not to a 500 error page. A 500 Error (internal server error) must always return a 500 error and should never ever be 302 redirect. So you are sort of lucky here because you must have some error handling in your RETS API that causes a redirect somewhere (instead of a regular error page).
Search your code for redirects. It could be done with the ZF redirector helper (inside a controller) or manually (anywhere) with header() and exit(). When you found the redirect either show (exit) with a debug_backtrace or dump that into a log file. And also fix the return code or the way the error is handled.
Note that when you specify an ErrorDocument that points to a remote URL (ie. anything with a method such as http in front of it), Apache will send a redirect to the client to tell it where to find the document, even if the document ends up being on the same server.
http://httpd.apache.org/docs/2.2/mod/core.html#errordocument
I assume your're using the ErrorDocument directive in your Apache HTTP server configuration that will then do as configured for 500 errors.
500 errors can be triggered by PHP itself. To find out what happens you need to take a look into both the server error log as well as into php error log (and naturally enable PHP error logging for that).
Or as I commonly write:
A 500 Internal Sever Error is always an invitation to look into the servers error log. It contains more information. As this is PHP, it's also highly likely that it is because of a Fatal Error in PHP, so ensuring that PHP error logging is enabled and looking into the PHP error log is very useful, too. More about the 500 Internal Server Error
Without more details about your application it's quite hard to guess. My guess is one of your services (most likely a database) slows down under increased traffic and I/O. As a result it might timeout for some PHP connections. That results in a application error and redirects to the error page.
Depends on how good is your application with logging internal problems look into logs/application.log but by default it's not very good with logging things.
Wow - that was a totally unexpected problem and really hard to figure out...
#AdrianWorld helped me get on the right track. In the Zend ErrorController I output the error message and found the following exception:
ps_files_cleanup_dir: opendir(/var/lib/php5) failed: Permission denied (13) Array
That apparently is a pretty common problem as described and solved here.
The variable session.gc_probability was set to 1 in the php.ini which means there is a 1% probability for the garbage collector to run and clean up the directory /var/lib/php5 where the php sessions are stored. Apparently this folder is not writable by www-data resulting in the mentioned error and throwing the Zend exception.
Since session.gc_probability sets only a probability the error occured randomly making debugging pretty difficult.
Anyways, I'm happy it is solved - thanks for all the hints and guesses :)
Related
I have implemented/tried to implement a websocket for communcation between users on an ec2 instance running linux with an apache webserver. I had it working when i first configured it where my ratchet websocket pointed to port 8081 without any TLS. With this configuration i was able to upgrade to a websocket and send/recieve data - through a non secure websocket. This was only possible through the ip address though and not through the actual url.
I am running the websocket at a subdomain.
<VirtualHost *:443>
DocumentRoot "/var/www/html/video"
ServerName video.domain.com
SSLEngine on
SSLCertificateFile ./certs/server.crt
SSLCertificateKeyFile ./certs/server.key
# ProxyPass /ratchet/ ws://video.domain.com:8081/
<Directory "/var/www/html/video">
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
The above solution works when i use the ip based websocket connection to connect to the websocket through the JS websocket API.
I have tried both WSS, WS, with and without ports etc for the websocket API but still the beneath written code is the only i can get to work.
let socket = new WebSocket("ws://server_ip:8081");
I have read a lot of stackoverflow questions regarding adding a proxypass to the VH but it doesn't upgrade the request. Furthermore, i have tried to create it's own virtualhost and that doesn't work either.
I think it's worth to mention i have a cloudflare CDN the requests are proxied through.
Hope to get some fresh eyes. Been stuck for a while.
I do not have enough rep for a comment, so answer it is.
It has been a while since I have dabbled into this stuff, and my first thought was that you indeed need a ProxyPass, but when I looked at my config this is not the case.
I'm going out on a limb and guess that your VH is the issue here, you are explicitly listening on port 443(https) but I believe wss has another port it listens on, so maybe you could try another port. Other than that you could also try to do new WebSocket('https://video.domain.com') and enable the proxy in the VH, this way the secure connection is handled by the http layer. But since the browser will then try to upgrade the request to a socket I doubt this will work.
I should mention that in my case I used websockets to open an mqtt connection, since browser don't implement mqtt this is done via wss.
If non of this works I could try to dive deeper into the inner workings of the mqtt lib I use in order to dissect how the connection is set up.
I hope any of this helps :D
edit
since there was not enough space in the comments I'll place it here:
not related to sockets but to apache and proxies: the ProxyPass directive has a counterpart ProxyPassReverse for that very goal.
<virtualhost IPv4:443 [IPv6]:443>
Servername knowledge.domain.com:443
ServerAlias knowledge.domain.com
ServerAdmin webmaster#domain.com
DocumentRoot /path/to/documentRoot
<Directory /path/to/documentRoot>
Options -Indexes -FollowSymLinks -SymLinksIfOwnerMatch
</Directory>
SSLEngine On
SSLCertificateFile /path/to/ssl.crt
SSLCertificateKeyFile /path/to/ssll.key
SSLCACertificateFile /path/to/ssll.cer
Header always set Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload"
Header always edit Set-Cookie (.*) "$1;HttpOnly;Secure"
ProxyRequests Off
ProxyPreserveHost On
ProxyVia Full
<Proxy *>
Require all granted
</Proxy>
<Location />
ProxyPass http://127.0.0.1:3000/
ProxyPassReverse http://127.0.0.1:3000/
</Location>
<Directory />
Options -FollowSymLinks -Indexes -SymLinksIfOwnerMatch
</Directory>
CustomLog "/path/to/logs/access.log" combined
ErrorLog "/path/to/logs/error.log"
LogLevel warn
</virtualhost>
this is an example of my proxy conf for a nodejs app
I am completely new to php and WordPress.
I tried to setup VirtualHosts since I'm working on multiple wp sites, but after doing so my sites aren't showing any CSS, I can't figure out how to navigate to the admin panel anymore and just general errors.
sshot: https://imgur.com/w6q6LLT, https://imgur.com/DQOcNVt
My guess is something to do with paths is screwed up, but I have no idea what to change.
Here is my httpd.vhosts:
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ##ServerName or ##ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
ServerName wp.market-test.com
DocumentRoot "C:/xampp/htdocs/wp-vs-481"
<Directory "C:/xampp/htdocs/wp-vs-481">
Options Includes FollowSymLinks
AllowOverride All
Allow from 127.0.0.1
</Directory>
</VirtualHost>
Any help would be great
Edit: Removed outdated directives, issue persists.
I had to change the siteurl/home page in the phpadmin config. My problems were mostly caused by using a outdated guide. Make sure to use a recent guide!
Order, allow,deny not working?
Let's fix it
Possible Cause:
Using deprecated syntax
Moved content to new server
"The Allow, Deny, and Order directives, provided by mod_access_compat, are deprecated. You should avoid using them, and avoid outdated tutorials recommending their use."
STEP 1
Check your apache web server version with apache2 -v
OUTPUT should look similar to:
Server version: Apache/2.4.7 (Ubuntu)
Server built: Jul 27 2017 15:20:24
STEP 2
Because Order deny,allow are deprecated, updated syntax as of this date are as follows:
Require host 1.2.3.4
Require not host 10.0.1.11
Require ip ip-address
Require not host gov
You can create Access Control to fit security policy as deemed necessary.
It' was working just after an update it stopped?
NOTE: A simple update may upgrade from 2.4.x to latest which will render old syntax useless
To learn more about this, visit Apache Documentation
Hope this helps.
Please check once by changing the "home" and "siteurl" at wp_option table. Hope it will work if you change it to wp.market-test.com from 127.0.0.1/wp-vs-481
I have a strange problem. I have a website, running on an Ubuntu 16.04 server, with Apache 2.4.18. In the beginning of the developer, I can only access the site in the Local Network, from my computer. I edit my hosts file to access:
< Local Server Ip > < Website Url >
For example:
192.168.1.30 test.website.com
And I could access the site without problem. But now, the site needs to be visible from outside our LAN, in other words, from internet. So, the guys from Networks add our public IP and the Domain DNS and the subdomain of the site. This is where the problem is.
Sometimes, when I try to access the site from outside, from my cellphone or in my house, the site is displayed correctly, without problem (with some styles problem, but that is other theme). But, sometimes, I think 7 of 10 times, the site is not displayed, and shows me the Apache "It Works!" page instead. Local, I still see the site correctly, but from external, the problem persists.
I tested in the server, checking the access_log of the site. I see that when the site is displayed correctly, in the log is printed the http request:
"GET / HTTP/1.1" 200
But, when it throws at me the "It Works!" page, the log does not show me anything.
So, I have two theories:
1) Sometimes, the requests is sent to other server.
2) Sometimes, the requests reach my server, but with other request different to my site (for example, other url), If it is possible in any way.
Does someone know how can I verify and fix this? Some recommendations or guide for what could be happening?
Thanks.
EDIT 1:
From your comments:
#alanlittle: I don´t have a general access log, how can I enable it? (To be honest, I did not know that I could). About mod_rewrite, well, it is displayed in the Loaded Modules entries of phpinfo(), Is it could be cause of something?
#Ray O'Donnell: Here is my virtualhost example of the cofiguration:
<VirtualHost *:80>
DocumentRoot /var/inetpub/test.website.com
ServerName test.website.com
ServerAdmin eliacim.davila#xxxxxxx.xxx
ErrorLog "${APACHE_LOG_DIR}/test-error.log"
CustomLog "${APACHE_LOG_DIR}/test-access.log" common
</VirtualHost>
<Directory /var/inetpub/test.website.com>
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
# Require all granted
</Directory>
#Jeff Puckett II: We don´t have a load balancer (As Far As I Know). I run the nslookup command, and it show me this:
Server: b.resolvers.Level13.net
Address: 4.2.2.2
Non-authoritative answer:
Name: test.website.com
Address: 189.219.xx.xxx (NOTE: Our Public IP)
I have a server which is serving up a web page for a project.
The project is stored in a user directory on the server. (/home/user/theproject/webstuff).
Originally, I was using the userdir module to make this accessible via http://theserver/user and a symbolic link from /home/user/public_html to /home/user/theproject/webstuff to indicate the location of the files.
But, ultimately, it would be better to serve the files from http://theserver without having to indicate the user (since there really is only one user).
And then I had a truly brilliant idea.
Instead, I would rewrite my /etc/apache2/sites-enabled/000-default.conf file to read:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /home/user/theproject/webstuff
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Now everything is lovely and good... except that PHP doesn't run any more.
Instead, the following error is raised:
AH01630: client denied by server configuration: /home/user/theproject/webstuff/script.php
To the client, this appears as a 403 Forbidden error.
So this is something of a dual question:
Is there a better way to achieve my goal?
How can I enable PHP in this situation?
You can find a well written description of this error with several possible solutions here:
http://wiki.apache.org/httpd/ClientDeniedByServerConfiguration
As it turns out, I had to edit /etc/apache2/apache2.conf.
On Line 164 there is a block which I had to modify as follows:
#<Directory /var/www>
<Directory /home/user/theproject/webstuff>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
I am installing CakePHP for the first time, I am running LAMP on Ubuntu 10.04LTS. Not only am I a CakePHP rookie, I am a Linux rookie as well. I found installation instructions online and I thought i had everything setup correctly. When i go to localhost i get the default CakePHP page and everything is green.
The problem is when i created a generic page called andy.ctp in the /var/www/app/views/pages folder, when i try to go to localhost/pages/andy I get a 404 NOT FOUND page that says "The requested URL /pages/andy was not found on this server."
I am sure i missed something on the initial setup, i just cant find out what. I have Googled the error and have yet to find anything to get me along. Below is my default file. Please let me know if there is anything else you need to see. Thanks for the help in advance!
is there something in the .htaccess file that might need to be changed?
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/app/webroot
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
Let's try a few things first:
Do you have the whole CakePHP package installed under one same directory. I say so because I saw you have /var/www/app, and the cake directory must also be within /var/www/. Even when you have these directories allright, I recommend that you set the whole CakePHP package into another subdirectory, like /var/www/your_project/app. This will enable you to add more projects easily as time go. Also, you might want to set the Document Root to a home-level directory (i.e. /home/your_name/www/your_project so that you can handle file permissions more easy.
Do you have mod_rewrite enabled? It is required by Cake. Do a Google search; there are plenty of tutorials.
Let me know if any of these work.
Followup:
Hello again.
If you are seeing the default CakePHP start page with all green notices (see this old screenshot), then it means that you dont have anything wrong with mod_rewrite or htaccess. However, I reproduced the steps you took along with your virtualhost configuration file and found two issues:
1) You are pointing the DocumentRoot to /var/www/app/webroot when it should point to the top-level directory, in this case /var/www/ (i.e. the directory where CakePHP's topmost index.php is). Also, be sure to have this directive: DirectoryIndex index.php
2) You are not closing the <VirtualHost> tag; though this can actually be a wrong copy+paste here in S.O.
Overall, try to 'debug' your VirtualHost file by starting with just a few lines so that you have to worry less about misconfigurations. I use these few for any project in my local machine, and I've had multiple CakePHP Projects all running under Apache for Ubuntu.
<VirtualHost dummysite.com:80>
ServerName dummysite.com
ServerAdmin myemail#gmail.com
DocumentRoot "/home/yamir/Programming/Projects/dummysite"
DirectoryIndex index.php
LogLevel warn
ErrorLog "/home/yamir/Programming/Projects/dummysite/logs/error.log"
CustomLog "/home/yamir/Programming/Projects/dummysite/logs/access.log" combined
</VirtualHost>
Have you definitely turned on mod_rewrite?