I have an apache2 server running on Ubuntu that I am toying with to step my sys admin skills up. I've been trying to set up a webserver with HTTPS throughout the entire site. Currently, If I go to https://mysite.com it works just fine. I've tried a few different redirect rules to make all connections to the site be forced to HTTPS, but I'm having no luck. Can anyone point out my mistake here?
httpd.conf:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName mysite.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/
SSLEngine on
SSLOptions +FakeBasicAuth -StrictRequire +ExportCertData
SSLCertificateKeyFile /etc/ssl/crt/myserver.key
SSLCertificateFile /etc/ssl/crt/mysite_com.crt
SSLCertificateChainFile /etc/ssl/crt/mysite.ca-bundle
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride AuthConfig Options FileInfo Limit
Order allow,deny
allow from all
</Directory>
</VirtualHost>
<IfModule !mod_rewrite.c>
LoadModule rewrite_module modules/mod_rewrite.so
</IfModule>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
ports.conf:
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Any help is greatly appreciated!
Finally figured it out... It wasn't my rewrite rule that wasn't working, but rather a conflict with the proxy I was using (cloudflare). For those in a similar situation, you have to create a "Page Rule" within the cloudflare dashboard, otherwise it will ignore you Apache rules.
Related
My setting is done and it works. Is it the correct way?
I have a Windows server and I installed XAMPP on it. Different domain would point to different IP address to the server. Also, every site runs https on this server. I go through a lot of tutorials and set up self-signed cert to each site.
Then, I configed the server with below setting.
These config works but I am not sure is it secure enough. I afraid that I missed something important.
I need the site to be reachable by below URL:
http://sitea.com (Will redirect to https://sitea.com)
http://www.sitea.com (Will also redirect to https://sitea.com)
https://sitea.com (This great)
https://www.sitea.com (Will force to use non-www version due to program needed- https://sitea.com)
My configuration is listed below. May I ask if it is good enough or if I missed something?
C:\xampp\apache\conf\extra\httpd-vhosts.conf:
<VirtualHost 192.168.242.121:80>
ServerName sitea.com
ServerAlias www.sitea.com
Redirect permanent / https://sitea.com/
</VirtualHost>
<VirtualHost 192.168.242.121:443>
DocumentRoot "S:/websites/sitea/"
ServerName sitea.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)(.*) [NC]
RewriteRule (.*) https://%2%{REQUEST_URI} [L,R=301]
SSLEngine on
SSLCertificateFile "ssl/sitea.com/server.crt"
SSLCertificateKeyFile "ssl/sitea.com/server.key"
AccessFileName .htaccess
ErrorLog "S:/websites/sitea/logs/error.log"
CustomLog "S:/websites/sitea/logs/access.log" common
<Directory S:/websites/sitea/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost 192.168.242.120:80>
ServerName siteb.com
ServerAlias www.siteb.com
Redirect permanent / https://siteb.com/
</VirtualHost>
<VirtualHost 192.168.242.120:443>
DocumentRoot "S:/websites/siteb/"
ServerName siteb.com
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www\.)(.*) [NC]
RewriteRule (.*) https://%2%{REQUEST_URI} [L,R=301]
SSLEngine on
SSLCertificateFile "ssl/siteb.com/server.crt"
SSLCertificateKeyFile "ssl/siteb.com/server.key"
AccessFileName .htaccess
ErrorLog "S:/websites/siteb/logs/error.log"
CustomLog "S:/websites/siteb/logs/access.log" common
<Directory S:/websites/siteb/>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
C:\Windows\System32\drivers\etc\hosts:
192.168.242.121 sitea.com www.sitea.com
192.168.242.120 siteb.com www.siteb.com
Thank you!
Enabling HTTPS on a website does not stop website vulnerabilities, it only secures data which is being transferred between the website server and client i.e. someone can not eaves drop on what the server and client are saying to each other. If a website has a vulnerability people will still be able to exploit it.
In your Apache configuration it looks like some of your apache configurations can be bypassed by accessing your website directly i.e. type it's IP address into a web browser. This would allow someone to bypass your mandated HTTPS for example. You should set up a redirect rule if you want to prevent against this.
I try to do my first deploy Laravel 7 + LAMP (Ubuntu).
I succeeded to install Laravel repo I can see my homepage (http://xx.xxx.xx.xxx/).
But when I try to navigate into the website I get this Error:
The requested URL was not found on this server.
I think that i've correctly installed LAMP and Laravel.
The DB is set, I've done the migration.
The problem is probably with the .htaccess, I set my in the repo folder (domain.it/repo):
IfModule mod_rewrite.c>
# That was ONLY to protect you from 500 errors
# if your server did not have mod_rewrite enabled
RewriteEngine On
# RewriteBase /
# NOT needed unless you're using mod_alias to redirect
RewriteCond %{REQUEST_URI} !/public
RewriteRule ^(.*)$ public/$1 [L]
# Direct all requests to /public folder
</IfModule>
And that's my apache2 conf:
<VirtualHost *:80>
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ServerAdmin social.legambientecapannori#gmail.com
ServerName legambientecapannoriepianalucchese.it
ServerAlias www.legambientecapannoriepianalucchese.it
DocumentRoot /var/www/legambientecapannoriepianalucchese.it/legambiente/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Ah, i've
Thanks in advance
Solved :)
I write the solution for those who will have the same problem
There was an error on the virtual host conf file:
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
I successfully deployed a Laravel application on Apache Ubuntu 20.04 in Digital Ocean, everything was fine until I installed CertBot software to configure HTTPS on my Apache server. After installing and setting up certbot, when i visit the homepage via HTTPS:// link, it works fine but when I tried to visit other pages via HTTPS:// link, i get the error below:
Not Found
The requested URL was not found on this server. Apache/2.4.41 (Ubuntu) Server at mysite.com Port 443
I followed the guide in this link: https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04
Below is my Apache Config files
mysite.com.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /var/www/mysite.com/mysite-web-app/public
<Directory /var/www/mysite.com/mysite-web-app/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.mysite.com [OR]
RewriteCond %{SERVER_NAME} =mysite.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
mysite.com-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /var/www/mysite.com/mysite-web-app/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mysite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mysite.com/privkey.pem
</VirtualHost>
</IfModule>
You must include this in the ssl conf as well:
<Directory /var/www/mysite.com/mysite-web-app/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
Or the .htaccess won't work for https connections.
I have a problem, let me explain.
Rewrite_module is enabled on WAMP
My host is mapped:
127.0.0.1 localhost
127.0.0.1 mydomain.com
My vhost declared on WAMP:
<VirtualHost *: 80>
ServerAdmin contact#mydomain.com
DocumentRoot "E:/wamp/www/subfolder/"
ServerName mydomain.com
ErrorLog "logs/mydomain.com.log"
CustomLog "logs/mydomain.com.log" common
<Directory "E:/wamp/www/subfolder /">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow, deny
Allow from all
</ Directory>
</ VirtualHost>
For now, no problem, mydomain.com arrives on E:/wamp/www/subfolder/
My projects are in sub folders such as E:/wamp/www/subfolder/my-project/
I have a htaccess with:
<Mod_rewrite.c IfModule>
RewriteEngine On
RewriteBase /my-project/
RewriteRule ^index\php$ - [L]
RewriteRule ^assets/css/(.*) /my-project/content/themes/assets/css/ $ 1 [QSA, L] [QSA, L]
RewriteCond% {REQUEST_FILENAME}! F
RewriteCond% {REQUEST_FILENAME}! -d
RewriteRule. /my-project/index.php [L]
</ IfModule>
My problem comes here. If I go on mydomain.com/my-project/ it comes to the site with no problem, but the css (for example) are not loaded, because the link is:
mydomain.com/content/themes/assets/css/
It should have:
mydomain.com/my-project/content/themes/assets/css/
I think the RewriteBase not working and I do not know why.
Thank you very much and sorry for my english.
I think you misunderstood the point of a Virtual Host.
You should create a Virtual Host for EACH of your projects so something like this
<VirtualHost *: 80>
ServerAdmin contact#mydomain.com
DocumentRoot "E:/wamp/www/subfolder/project1"
ServerName mydomain1.com
ErrorLog "logs/mydomain.com.log"
CustomLog "logs/mydomain.com.log" common
<Directory "E:/wamp/www/subfolder/project1">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow, deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *: 80>
ServerAdmin contact#mydomain.com
DocumentRoot "E:/wamp/www/subfolder/project2"
ServerName mydomain2.com
ErrorLog "logs/mydomain.com.log"
CustomLog "logs/mydomain.com.log" common
<Directory "E:/wamp/www/subfolder/project2">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow, deny
Allow from all
</Directory>
</VirtualHost>
This makes each project look and react like it was a single website on its own unique Apache instance and makes moving your projects to live servers more reliable.
You also do not need a .htaccess now unless this one project actually requires it.
localhost/mysite/public - working
localhost/mysite/public/index.php/tasks - working
localhost/mysite/public/tasks - NOT WORKING ERROR 404
I tried almost everything and still have problem.
I have got mod rewrite on - i used : sudo a2enmod vhost_alias rewrite
and restarted the server
my .htaccess file:
<IfModule mod_rewrite.c>
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>
my etc/apache2/sites-avaliable/default its like:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
when I change AllowOverride to All - only "localhost/" is working but i cant run any sites like "localhost/mysite" .
I have tried to add to default file a next virtual host like:
<VirtualHost *:80>
DocumentRoot /var/www/mysite/public/
<Directory /var/www/mysite/public/>
AllowOverride All
</Directory>
</VirtualHost>
but it is not working at all.
First, if you are using Laravel 3 make sure that you have updated /application/config/application.php and made the "application index" var to a null value, like "". https://github.com/laravel/laravel/blob/master/application/config/application.php#L42
If you've already done that, try setting up a vhost. It sounds like you are using Apache 2.
First create an additional vhosts file, for example /etc/apache2/sites-available/laravel
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName laravel.dev
ServerAlias *.laravel.dev
DocumentRoot /home/kriss/projects/laravel/public
</VirtualHost>
Then update your /etc/hosts file and add
127.0.0.1 laravel.dev
Then (and this may be the step you missed before)
sudo a2ensite laravel
This will make a sim link in /etc/apache2/sites-enabled to your vhost config file.
Finally restart your server:
sudo service apache2 restart
You should be able to connect with the url http://laravel.dev, and your rewrites should be working.
Run the following command in Terminal to enable mod_rewrite.
sudo a2enmod rewrite
Now restart Apache.
sudo service apache2 restart