laravel apache setup rootdocument - laravel

I'm trying to setup my laravel application on different server centos 7 running httpd
my old configuration on other servers: i always setup document root to be in "laravelProjectDir/public"
however in this server i've tried the following:
here is my apache config file:
<IfModule mod_ssl.c>
<VirtualHost subdomain.domain.com:443>
ServerName subdomain.domain.com
ServerAdmin email#gmail.com
DocumentRoot /home/MyUser/public_html/subDomain/public2
<Directory /home/MyUser/public_html/subDomain/public2/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
LogLevel debug
ErrorLog /home/MyUser/log-subDomain.txt
CustomLog /home/MyUser/customlog-subDomain.txt combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.com/chain.pem
</VirtualHost>
</IfModule>
============================================================
Option 1
public2 which is Laravel root directory is the Apache RootDocument
accessing website from web browser with following link: https://subdomain.domain.com**/public** works good (all files in public are shown + routes work)
accessing website from web browser with following link: https://subdomain.domain.com/ routes works but all files inside public now doesn't show (ERROR 404)
==============================================================
Option 2
this is the option that always worked for me on my previous servers but not on this server.
public2/public <-- laravelRoot/public/ directory is the Apache RootDocument
/etc/httpd/sites-enabled < changed the following lines:
DocumentRoot /home/MyUser/public_html/subDomain/public2/public
<Directory /home/MyUser/public_html/subDomain/public2/public/>
result:
500 Internal Server Error
Apache Log:
[Sat Mar 06 11:32:42.550524 2021] [core:alert] [pid 6173] [client 109.161.x.x:8789] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here, referer: https://subdomain.domain.com/public/home
[Sat Mar 06 11:32:42.550695 2021] [ssl:debug] [pid 6173] ssl_engine_io.c(993): [client 109.161.x.x:8789] AH02001: Connection closed to child 1 with standard shutdown (server subdomain.domain.com:443)
[Sat Mar 06 11:32:44.626866 2021] [ssl:debug] [pid 6174] ssl_engine_kernel.c(225): [client 109.161.x.x:8790] AH02034: Initial (No.1) HTTPS request received for child 2 (server subdomain.domain.com:443)
[Sat Mar 06 11:32:44.627360 2021] [core:alert] [pid 6174] [client 109.161.x.x:8790] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here
[Sat Mar 06 11:32:44.627537 2021] [ssl:debug] [pid 6174] ssl_engine_io.c(993): [client 109.161.x.x:8790] AH02001: Connection closed to child 2 with standard shutdown (server subdomain.domain.com:443)
[Sat Mar 06 11:32:45.126934 2021] [ssl:debug] [pid 6176] ssl_engine_kernel.c(225): [client 109.161.x.x:8791] AH02034: Initial (No.1) HTTPS request received for child 4 (server subdomain.domain.com:443), referer: https://subdomain.domain.com/
[Sat Mar 06 11:32:45.127497 2021] [core:alert] [pid 6176] [client 109.161.x.x:8791] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here, referer: https://subdomain.domain.com/
[Sat Mar 06 11:32:45.127686 2021] [ssl:debug] [pid 6176] ssl_engine_io.c(993): [client 109.161.x.x:8791] AH02001: Connection closed to child 4 with standard shutdown (server subdomain.domain.com:443)
what is the issue here. why Apache cant allow options while I'm already setting it up with .htaccess and AllowOverride all ?

Related

client denied by server configuration: /web/.env

At my Laravel backend, i found that .env file was publicly accessible !
So i fixted it at htaccess like this:
Options -Indexes
<Files .env>
order allow,deny
Deny from all
</Files>
now i'm getting those errors at my log :
/var/log/ispconfig/httpd/mysite.com/error.log
[Sat Jul 24 02:30:02.012555 2021] [access_compat:error] [pid 12573] [client 34.68.38.253:57077] AH01797: client denied by server configuration: /var/www/clients/client0/web1/web/.env
[Sat Jul 24 02:41:45.397639 2021] [access_compat:error] [pid 12573] [client 77.247.127.218:51261] AH01797: client denied by server configuration: /var/www/clients/client0/web1/web/.env
[Sat Jul 24 04:01:06.465017 2021] [access_compat:error] [pid 10206] [client 162.55.61.168:35064] AH01797: client denied by server configuration: /var/www/clients/client0/web1/web/.env
[Sat Jul 24 05:13:38.355428 2021] [access_compat:error] [pid 32043] [client 27.255.90.119:16470] AH01797: client denied by server configuration: /var/www/clients/client0/web1/web/.env
[Sat Jul 24 10:56:19.576281 2021] [access_compat:error] [pid 15892] [client 45.87.61.234:50726] AH01797: client denied by server configuration: /var/www/clients/client0/web1/web/.env
What's the reason ? do i have to worry about ? how to fix it ?
Config: VPS Debian 9, apache 2.4.25, ispconfig, Laravel 5.3.31
Thank you in advance.
It is because by default apache will have this security feature turned on
Require all denied
You can disable that by adding this in the config file of apache:
Require all granted

Can't access my CKAN installation on Amazon EC2

I followed installation guide and deployment guide and I can access CKAN site but on port 5000, not on 8080.
What have I done wrong?
--edit1--
Error log.
/var/log/apache2/ckan_default.error.log is empty.
/var/log/apache2/error.log below:
[Wed Dec 16 03:56:05.341055 2015] [core:notice] [pid 31625] AH00094: Command line: '/usr/sbin/apache2'
[Wed Dec 16 05:25:00.457734 2015] [:error] [pid 32024] [client 188.68.224.62:59132] script '/var/www/html/wp/httptest.php' not found or unable to stat
[Wed Dec 16 06:46:59.218607 2015] [mpm_prefork:notice] [pid 31625] AH00171: Graceful restart requested, doing restart
[Wed Dec 16 06:46:59.367788 2015] [mpm_prefork:notice] [pid 31625] AH00163: Apache/2.4.7 (Ubuntu) mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Wed Dec 16 06:46:59.367809 2015] [core:notice] [pid 31625] AH00094: Command line: '/usr/sbin/apache2'
[Wed Dec 16 06:54:00.009154 2015] [:error] [pid 966] [client 188.68.224.62:40707] script '/var/www/html/wp/httptest.php' not found or unable to stat
[Wed Dec 16 13:07:30.925196 2015] [mpm_prefork:notice] [pid 31625] AH00171: Graceful restart requested, doing restart
--edit2--
Changed everything back to how the deployment guide says.
/etc/apache2/sites-available/ckan_default.conf below
<VirtualHost 127.0.0.1:8080>
ServerName ec2-xx-xx-xx-xx.ap-southeast-2.compute.amazonaws.com
ServerAlias www.ec2-xx-xx-xx-xx.ap-southeast-2.compute.amazonaws.com
WSGIScriptAlias / /etc/ckan/default/apache.wsgi
# Pass authorization info on (needed for rest api).
WSGIPassAuthorization On
# Deploy as a daemon (avoids conflicts between CKAN instances).
WSGIDaemonProcess ckan_default display-name=ckan_default processes=2 threads=15
WSGIProcessGroup ckan_default
ErrorLog /var/log/apache2/ckan_default.error.log
CustomLog /var/log/apache2/ckan_default.custom.log combined
LogLevel info
<IfModule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1
</IfModule>
<Directory />
Require all granted
</Directory>
</VirtualHost>
Also tried changing the 127.0.0.1:8080 to *:8080 and tried public IP address (Amazon Elastic IP) and DNS address. None of them work.
ports.conf has listen 8080 (taken out listen 80)
wsgi script and nginx config as described in guide also.
I see the "Problem loading page" on Firefox visiting the root url on port 80 but visiting 8080 just hangs and both don't have HTTP response. I can still access CKAN on port 5000.
Amazon EC2 doesn't allow connections to port 8080 by default, so could open the port if you really wanted to access it externally.
However accessing CKAN via 8080 is only for testing that the apache deployment is working, so it makes no sense to make it available externally - you can test apache is working by ssh-ing to the box and using curl.
The CKAN deployment instructions continue by telling you to install nginx as a reverse proxy, exposing CKAN on the normal port 80.

I looked everywhere to change DocumentRoot on Apache to no avail

I don't know what I am doing wrong but I can't change the directory of my localhost files with Apache. I tried all kinds of things with httpd.conf, including changing "Order allow,deny" to "Require all granted". It still doesn't work.
I'm running Windows 7 64-bit and I'm trying to get Apache to work but all solutions so far have not helped me change DocumentRoot due to error 403.
Here is the httpd.conf
Here is my error log since the latest service restart
The Apache2.4 service is restarting. The Apache2.4 service has restarted. m_winnt:notice [pid5304:tid 468] AH00424: Parent: Received restart signal -- Restarting the server.
[Mon Sep 22 22:37:25.315061 2014] [ssl:warn] [pid 5304:tid 468] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Sep 22 22:37:25.315061 2014] [mpm_winnt:notice] [pid 5304:tid 468] AH00455: Apache/2.4.10 (Win32) OpenSSL/1.0.1h configured -- resuming normal operations
[Mon Sep 22 22:37:25.315061 2014] [mpm_winnt:notice] [pid 5304:tid 468] AH00456: Apache Haus VC9 Server built: Jul 15 2014 20:34:18
[Mon Sep 22 22:37:25.315061 2014] [core:notice] [pid 5304:tid 468] AH00094: Command line: 'C:\\Apache24\\bin\\httpd.exe -d C:/Apache24'
[Mon Sep 22 22:37:25.317061 2014] [mpm_winnt:notice] [pid 5304:tid 468] AH00418: Parent: Created child process 3648
[Mon Sep 22 22:37:26.075104 2014] [ssl:warn] [pid 3648:tid 344] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Sep 22 22:37:26.265115 2014] [mpm_winnt:notice] [pid 6612:tid 348] AH00364: Child: All worker threads have exited.
[Mon Sep 22 22:37:26.372121 2014] [ssl:warn] [pid 3648:tid 344] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
[Mon Sep 22 22:37:26.375121 2014] [mpm_winnt:notice] [pid 3648:tid 344] AH00354: Child: Starting 64 worker threads.
[Mon Sep 22 22:43:06.157556 2014] [autoindex:error] [pid 3648:tid 1052] [client ::1:53336] AH01276: Cannot serve directory C:/Apache24/htdocs/: No matching DirectoryIndex (index.html) found, and server-generated directory index forbidden by Options directive
A configuration like this should work:
DocumentRoot "C:/www"
<Directory "C:/www">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Don't forget to restart the server after you have made any changes to your httpd.conf file. I would also try to temporary remove any existing .htaccess file located in the C:/www folder.
To check that the syntax of your configuration file is correct use the -t option:
httpd -t
You can also check the logs/error.log to get a better description of what went wrong.
References
Installing Apache 2.2 on Microsoft Windows
Firstly change the httpd.conf file
DocumentRoot "c:/www"
<Directory "c:/www">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
then open the "\conf\extra\httpd-vhosts.conf" file.
<VirtualHost *:80>
DocumentRoot "c:/Apache24/docs/dummy-host.example.com"
</VirtualHost>
To
<VirtualHost *:80>
DocumentRoot "C:\www"
</VirtualHost>
Finally restart your apache web server and you are good to go..

Local environment, User Level Root setup

I'm setting up this OSX Mavericks following this guide but I cannot get http://localhost/~giulio to work ('giulio' is this mac username).
Looks like it doesn't find the /users/giulio.conf
This is what's inside the /private/var/log/apache2/error_log
[Thu Feb 27 13:54:41 2014] [notice] caught SIGTERM, shutting down
[Thu Feb 27 13:54:48 2014] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
httpd: Could not reliably determine the server's fully qualified domain name, using iMac-di-Giulio.local for ServerName
[Thu Feb 27 13:54:48 2014] [notice] Digest: generating secret for digest authentication ...
[Thu Feb 27 13:54:48 2014] [notice] Digest: done
[Thu Feb 27 13:54:48 2014] [notice] Apache/2.2.24 (Unix) DAV/2 PHP/5.4.17 mod_ssl/2.2.24 OpenSSL/0.9.8y configured -- resuming normal operations
[Thu Feb 27 13:54:55 2014] [error] [client ::1] File does not exist: /Library/WebServer/Documents/index-maintenance.html
Solved redoing the whole process and adding Servername Localhost
and adding the follwing code into giulio.conf file into users folder.
<Directory "/Users/giulio/Sites/">
Options FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
</Directory>

Gitlab unicorn webserver either does not listen or reply on 8080

GitLab can be started and shows as running. When running curl git.myserver.com, this fails with HTTP 503. No interesting entries in the unicorn.stderr.log or unicorn.stdout.log.
Versions:
GitLab 6.5.1
Apache 2.4.6
Ubuntu 13.10
sites-available/git.myserver.com:
<VirtualHost *:80>
ServerName git.myserver.com
DocumentRoot /home/git/gitlab/public
<Directory /home/git/gitlab/public>
AllowOverride All
Options -MultiViews
</Directory>
ProxyPass /uploads !
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ProxyPreserveHost on
</VirtualHost>
config/unicorn.rb:
worker_processes 2
listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 64
listen "127.0.0.1:8080", :tcp_nopush => true
timeout 900
config/gitlab.yml:
gitlab:
## Web server settings
host: git.myserver.com
port: 80
https: false
Apache access log file:
SOMEIPADDRESS - - [17/Feb/2014:20:25:20 +0000] "GET / HTTP/1.1" 503 566 "-" "curl/7.32.0"
Apache error log file:
[Mon Feb 17 20:25:08.919614 2014] [proxy_http:error] [pid 1321:tid 139972136904448] [client SOMEIPADDRESS:48578] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
[Mon Feb 17 20:25:20.114281 2014] [proxy:error] [pid 2092:tid 140263968208640] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8080 (127.0.0.1) failed
[Mon Feb 17 20:25:20.114353 2014] [proxy:error] [pid 2092:tid 140263968208640] AH00959: ap_proxy_connect_backend disabling worker for (127.0.0.1) for 60s
[Mon Feb 17 20:25:20.114364 2014] [proxy_http:error] [pid 2092:tid 140263968208640] [client SOMEIPADDRESS:48580] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
Solved. I had used Ruby 2.1.0 while the install guide tells to use Ruby 2.0.0. Closely re-installed and restored the backup, which now works perfectly.

Resources