logo
IRC Archive / Freenode / #httpd / 2010 / February / 11 / 4
adaptr
that's so useless
froz
why?
adaptr
exactly
froz
no really, why would using htacces for making clean url's (or clean url's themself) be useless?
(anyway, putting an htaccess in templates with rewriteengine off did the trick, so thanks!)
dubey
i am using jk_mod in my apache config and now i am creating VirtualHost and getting :
(13)Permission denied: access to / denied
adaptr
mod_jk
dubey
my mod_jk works fine no problem with jk mount
but vhost problem
adaptr
what is apache doing in / ?
pog
(my rewrite condition work now). one question I have still:
inveratulo
Good morning folks
fajita
Don't forget the bots!
pog
RewriteCond %{SERVER_NAME} ^(www.)hamambasel.* -- how can I archieve, that with or without www. is true.
hejki
?
pog
my attempt above gave strange results.
k3asd`
(Action) hi
hejki
(www.)? should make it passive group
inveratulo
I'm having problems with mod_dav_svn, apache keeps prepending the DocumentRoot to my svn path. So, instead of like "/eng/us/svn/repo" its going "/var/www/localhost/svn/repo" which doesn't exist. ideas?
pog
ah with ? I didn't get it first... thans hejki
dubey
adaptr: show default centos page
adaptr
pog: also, escape the dot
dubey
adaptr: now it is giving me "You don't have permission to access / on this server."
when i desable all VirtualHost then it gives me the default Centos Page
ReJoiN
hello
fajita
privet
ReJoiN
bulgaria?
fajita
.BG
ReJoiN
da :D
Dibri
what can cause [Thu Feb 11 12:11:41 2010] [error] [client 10.2.2.110] client denied by server configuration: /usr/local/otrs/var/httpd/htdocs/ ?
Roobarb-Work
client denied by server configuration
dubey
any help
fajita
greatly appreciated, thanks
DrBacchus
dubey: So, when you disable all your virtual hosts, you don't get any of your virtual hosts any more.
And this surprises you because ... ?
I'm not clear what problem you're asking to have help with.
Can you elaborate?
dubey
yes
ReJoiN
any idea abeout the redirect?
about*
dubey
i have created a VirtualHost entry in my httpd.conf file, When i access it; gives me access denied error
DrBacchus
dubey: What, exactly, does the error log say?
dubey
i put the file in my /home/xyz/folder/index.html
DrBacchus: [Thu Feb 11 07:13:27 2010] [error] [client 117.195.104.68] (13)Permission denied: access to / denied
SuperFlo
hey, I added "AddType text/plain .c" in httpd.conf and reloaded apache, but firefox still wants to download .c files :/
DrBacchus
fajita: (13)
fajita
(13) indicates a file permissions problem. Make sure that Apache can read the file(s) and directories being accessed. See also http://wiki.apache.org/httpd/13PermissionDenied
DrBacchus
dubey: At the URL fajita just mentioned are all of the solutions to that problem.
Probably file permissions on /home/xyz are such that Apache can't get into it.
Dibri
fixed :0
SuperFlo
any hint about the AddType ? :/
I have it working on another server with .sh files :/
dubey
i tried all the ways, even i tried it by using 777 permission; still not working
ReJoiN
i got it working :)
dubey
Ah! i remove my asset from /home/xys/folder to /opt directory and it is working now
But i want to keep that files in /home/xyz/folder, I can't mv it
what would be the problem
pog
yep, this seem's to work correctly, thanks RewriteCond %{SERVER_NAME} ^(www\.)?hamambasel.*
ReJoiN
ok, it doesnt quite work..., can anybody help me?
i want to use this for redirecting http to https RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
adaptr
ReJoiN: don't do that. use a proper redirect
ReJoiN
but when i restart apache, firefox says it's going into a loop
adaptr, what should i do
adaptr
use a proper redirect
ReJoiN
i got this one from here http://joseph.randomnetworks.com/archives/2004/07/22/redirect-to-ssl-using-apaches-htaccess/
adaptr
yes, that's horrible and stupid
use a proper redirect
ReJoiN
i also tried Redirect permanent / https://127.0.0.1/ but it didnt work too
adaptr
also, do not put HTTP and HTTPS content in the same vhost
ReJoiN: configuring apache is not pin the tail on the donkey
Roobarb-Work
adaptr: olry?
adaptr
Roobarb-Work: shush
Supaplex
by desigh, my secure sites do not listen on port 80
adaptr
Supaplex: if they did, they would not be secure
Supaplex
I don't dual host secure and insecure on the same ip.
adaptr
that's not a problem
whatsoever
Supaplex
I have my reasons. feel free to do as you wish.
ReJoiN
adaptr, yes it isn't but i dont know what you mean
Roobarb-Work
a port 80 vhost, with a redirect to tht https vhost, is the best way to do this
adaptr
in my opinion, the only way - unless you don't have access to the config, in which case, get a better hoster
Supaplex: that's a very weird statement
unqualified, it says "I don't know how to secure my vhosts properly"
Supaplex
what if sensitive data is requested from port 80 because of a coding mistake?
adaptr
yeah, what if ?
Supaplex
then it's not secure, and it might go undetected
adaptr
it's not the same vhost. SSL content should not be in the same vhost as unsecured content. period.
ReJoiN
adaptr, what do you mean by "a proper redirect"
adaptr
redirect
adaptr
that ^^^
Supaplex
well yeah, but if the hostname resolves to an ip you're hosting other sites on, and it's listening on port 80, it might leak. people make mistakes. simple changes to site layout can cause it
ReJoiN
adaptr, thanks
adaptr
<virtualhost *:80> servername secure.domain.com \n redirect permanent / https://secure.domain.com/ \n </Virtualhost>
tulcod
i have a symbolic link to a directory in my http root (for example, link_dir), and i want to redirect a user to a subdirectory (for example, subdir) if it exists. my guess was something like this: RewriteCond /link_dir/%{REQUEST_FILENAME} -f \n RewriteRule ^.* /link_dir/$0 [L,PT].... but that doesn't seem to work. any ideas?
adaptr
Supaplex: I have no idea what you're all saying. if you configure your vhosts properly, what you seem to be suggesting, or implying, cannot happen
tulcod
oh, a subdirectory *in* that symbolically linked directory
adaptr
tulcod: that looks horrible. what problem are you trying to solve wrongly ?
tulcod
adaptr: i'm trying to host some git projects, but don't want to link to the actual repositories manually, so i created a link to the dir containing them
adaptr: but i do want both the gitweb app and the actual repos on the same domain and directory, you know?
adaptr
no, I don't know
tulcod
so / gives the gitweb app, and /test.git/ gives the repo
adaptr
alias
adaptr
give it a long hard look
tulcod
adaptr: the problem is, i don't have one alias. i have as many as i have git repos
and i don't want to change my htaccess each time i create a new one
ReJoiN
adaptr, it now works, thanks alot :)
Kunsi
tulcod: so typing "ln -s &" is les work than editing htaccess?
tulcod
Kunsi: no, i'm linking to one directory which contains all the separate repos
when i create a new repo, the linked directory contains it by definition
Kunsi
so use alias to linkt the directory whic contains repos
tulcod
so there's some dir i link as "link_dir", which contains test.git/, next_project.git/, windows.git/, etc
Kunsi
Alias /link_dir/ /home/git/repos/
:)
tulcod
Kunsi: i could do that, but that would mean i would have to put them in a subdirectory, since i really want / for the gitweb cgi app
Kunsi: but i want a "coniditional" alias, if that makes sense
ReJoiN
thank you Kunsi and adaptr for helping me set up this apache with ssl :)
lolmaus
I've got a paid ssl certificate. I used a password when creating my keyfile. Now Apache requires me enter this password on start. Is there a way to let Apache start without entering the password manually?
Kunsi
lolmaus: remove passphrase from key
lolmaus
Kunsi, do i have to reissue the certificate after i do?
Roobarb-Work
lolmaus: no
lolmaus
Okay, how do i remove the passphrase?
DrBacchus
remove passphrase
fajita
To remove a passphrase from a DSA key: openssl rsa -in example.tld.key -out example.tld.key - see also "add passphrase"
lolmaus
Thank you so much!
Roobarb-Work
DrBacchus: that faqtoid is wrong imho, since it overwrites the key
Nearsight
Hi everyone, quick question... I put a web dav in front of django's views which does work good for GET requests, but PUT suddenly returns 403s ... anyone had that problem before?
DrBacchus
Hmm. That's what I always do.
Roobarb-Work
DrBacchus: personally I don't create ssl certs with keys
tulcod
for what it's worth, i think i found a solution here... http://stackoverflow.com/questions/1275308/redirect-if-file-exists-in-subdirectory
Roobarb-Work
DrBacchus: uh, "keys with passphrases"
inveratulo
Hi All I'm doing a apache configtest and getting: "Invalid command 'DAV', perhaps misspelled or defined by a module not included in the server configuration" despite the fact that I have the LoadModule for mod_dav and mod_dav_svn lines uncommented (and in order).
adaptr
mod_dav
inveratulo
Yes, I already read all the documentation,
adaptr
inveratulo: it's not loaded.
inveratulo
You mean, its not compiled into the apache binary? I suspected that.
adaptr
no, it's not loaded
inveratulo
odd. all the shared object files are in place... the loadmodule statements seem correct.
adaptr
"seem"
inveratulo: reload apache and see what the log says
inveratulo
Well it spits out the original error I posted below, gentoo won't reload a daemon on a bad config
err above
my IfDefine DAV statement: http://apache.pastebin.ca/1793823
adaptr
inveratulo: ignore gentoo. use apachectl graceful or httpd -K stop / httpd -K start
"ifdefine"
dump that first thing, it's pointless and confusing
inveratulo
no love, same error
adaptr
yes, of course, it's merely annoying, not wrong
since this is gentoo, any kind of support is limited to "check your flags"
inveratulo
I am not even sure to which "first thing" are you referring to specifically
adaptr
pastebin the entire config relating to this
dubey
If i have enable VirutalHost my Jk_mod is not working, and if i disable it jk_mod works
what would be the problem
inveratulo
from httpd.conf: http://pastebin.com/m64cb7825 further down httpd.conf: http://pastebin.com/m12efe017 then from ./modules.d/mod_dav_svn.conf: http://pastebin.com/m23cc7518
lamp
dubey: define your mod_jk configs inside the Virtualhost
dubey: I suppose your Virtualhost catches all the request and therefore mod_jk configs in main server configuration don't get applied
tulcod
Kunsi, adaptr: i got it to work. the webhoster was fiddling around with DOCUMENT_ROOT, setting it to an incorrect value. i'm happy now
inveratulo
adaptr: found the problem. from /etc/conf.d/apache2 there was no flag for DAV on APACHE2_OPTS="..."
lolmaus^_^
I've got [error] Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
But the SSLCertificateFile exists and is correct!
thumbs
fajita: SSLCertificateFile
thumbs
lolmaus^_^: show httpd -S
lolmaus^_^
thumbs, no such command
(Ubuntu server)
thumbs
lolmaus^_^: apache2ctl -S
fajita: debian--
fajita
debian++
thumbs
fajita: ubuntu--
lolmaus^_^
thumbs, gives the list of vhosts and says Syntax OK
fajita
ubuntu++
thumbs
lolmaus^_^: show the output in a pastebin
lolmaus^_^
Oh, i got it!
thumbs, thank you :)
DataGhostT
Does anyone know why apache redirects https://vhost.domain/path (no trailing slash) to http://domain/path/? I have usecanonicalname set to off and the vhost is declared only on port 443
'of course' it redirects to http://vhost.domain/path/
forgot to add that in the second url
Covener
fajita: directoryslash?
lunaphyte_
DirectorySlash
lunaphyte_
oops.
fajita
i know a lobotomist..
Covener
this channel is all reruns!
DataGhostT
yes I saw that one but why does apache then redirect my client from https to http?
I haven't defined that vhost on http so it'll fall back to my default vhost and attempt to serve a directory which doesn't exist
Covener
DataGhostT: does it still do it with directoryslash off, I'm wondering if it's actually some errant rewrite?
DataGhostT
oh ok I'll try that.
doesn't rewrite and it gives me a 403
Covener
can you pastebin your ssl vhost?
DataGhostT
oh wait the directory is gone now
inveratulo
that seems problematic
DataGhostT
oh no wait it isn't gone, I tabbed too early (misnamed directory which I haven't removed yet)