I've installed Apache 2.4.37 via ppa:ondrej/apache2 and can't make mod_deflate (gzip compression) works. I'm running on Ubuntu 18.04 server.
mod_deflate is enabled in Apache:
sudo apachectl -t -D DUMP_MODULES | grep deflate
deflate_module (shared)
I placed code into .htaccess:
AddOutputFilterByType DEFLATE text/css
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} !on
RewriteCond %{HTTP:X-Forwarded-Proto} !=https
RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,QSA,NE]
.htaccess is enabled by Apache config (and redirection works).
When I try: curl -I -H 'Accept-Encoding: gzip,deflate' http://myserver/pokus.css
is returned:
HTTP/1.1 302 Found
Date: Thu, 24 Jan 2019 12:20:00 GMT
Server: Apache/2.4.37 (Ubuntu)
Location: https://myserver/pokus.css
Content-Type: text/html; charset=iso-8859-1
So file is returned uncompressed.
I also tried to add deflate command directly into VirtualHost, different command like SetOutputFilter DEFLATE, but without success.
No error message in /var/log/apache2/error.log. Apache is restarted also without errors.
Any idea?
Related
I have installed TYPO3 version 11.2.0. Installation completed successfully. The front end is working, Install tool is working. But I can't Login to the Backend.
The Login page is there but when I click on the button, It will show the error:https://prnt.sc/1991vu7
This seems like something related to the sites configuration. But I have done that.
base: 'http://sample/t3v11/'
errorHandling: { }
languages:
-
title: English
enabled: true
languageId: 0
base: /
typo3Language: default
locale: en_US.UTF-8
iso-639-1: en
navigationTitle: English
hreflang: en-us
direction: ltr
flag: us
rootPageId: 1
routes: { }
My htaccess file:
#####
#
# Example .htaccess file for TYPO3 CMS - for use with Apache Webserver
#
# This file includes settings for the following configuration options:
#
# - Compression
# - Caching
# - MIME types
# - Cross Origin requests
# - Rewriting and Access
# - Miscellaneous
# - PHP optimisation
#
# If you want to use it, you have to copy it to the root folder of your TYPO3 installation (if its
# not there already) and rename it to '.htaccess'. To make .htaccess files work, you might need to
# adjust the 'AllowOverride' directive in your Apache configuration file.
#
# IMPORTANT: You may need to change this file depending on your TYPO3 installation!
# Consider adding this file's content to your webserver's configuration directly for speed improvement
#
# Lots of the options are taken from https://github.com/h5bp/html5-boilerplate/blob/master/dist/.htaccess
#
####
### Begin: Compression ###
# Compressing resource files will save bandwidth and so improve loading speed especially for users
# with slower internet connections. TYPO3 can compress the .js and .css files for you.
# *) Uncomment the following lines and
# *) Set $GLOBALS['TYPO3_CONF_VARS']['BE']['compressionLevel'] = 9 for the Backend
# *) Set $GLOBALS['TYPO3_CONF_VARS']['FE']['compressionLevel'] = 9 together with the TypoScript properties
# config.compressJs and config.compressCss for GZIP compression of Frontend JS and CSS files.
#<FilesMatch "\.js\.gzip$">
# AddType "text/javascript" .gzip
#</FilesMatch>
#<FilesMatch "\.css\.gzip$">
# AddType "text/css" .gzip
#</FilesMatch>
#AddEncoding gzip .gzip
<IfModule mod_deflate.c>
# Force compression for mangled `Accept-Encoding` request headers
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding
</IfModule>
</IfModule>
# Compress all output labeled with one of the following media types.
#
# (!) For Apache versions below version 2.3.7 you don't need to
# enable `mod_filter` and can remove the `<IfModule mod_filter.c>`
# and `</IfModule>` lines as `AddOutputFilterByType` is still in
# the core directives.
#
# https://httpd.apache.org/docs/current/mod/mod_filter.html#addoutputfilterbytype
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/ld+json \
application/manifest+json \
application/rdf+xml \
application/rss+xml \
application/schema+json \
application/vnd.geo+json \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/x-javascript \
application/x-web-app-manifest+json \
application/xhtml+xml \
application/xml \
font/eot \
font/opentype \
image/bmp \
image/svg+xml \
image/vnd.microsoft.icon \
image/x-icon \
text/cache-manifest \
text/css \
text/html \
text/javascript \
text/plain \
text/vcard \
text/vnd.rim.location.xloc \
text/vtt \
text/x-component \
text/x-cross-domain-policy \
text/xml
</IfModule>
<IfModule mod_mime.c>
AddEncoding gzip svgz
</IfModule>
</IfModule>
### End: Compression ###
### Begin: Browser caching of resource files ###
# This affects Frontend and Backend and increases performance.
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 month"
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"
ExpiresByType text/x-component "access plus 1 month"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
ExpiresByType application/manifest+json "access plus 1 week"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/bmp "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType font/eot "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType font/woff "access plus 1 month"
ExpiresByType application/font-woff2 "access plus 1 month"
ExpiresByType text/x-cross-domain-policy "access plus 1 week"
</IfModule>
### End: Browser caching of resource files ###
### Begin: MIME types ###
# Proper MIME types for all files
<IfModule mod_mime.c>
# Security configuration
RemoveType .html .htm
<FilesMatch ".+\.html?$">
AddType text/html .html .htm
</FilesMatch>
RemoveType .svg .svgz
<FilesMatch ".+\.svgz?$">
AddType image/svg+xml .svg .svgz
</FilesMatch>
# Data interchange
AddType application/atom+xml atom
AddType application/json json map topojson
AddType application/ld+json jsonld
AddType application/rss+xml rss
AddType application/vnd.geo+json geojson
AddType application/xml rdf xml
# JavaScript
AddType application/javascript js
# Manifest files
AddType application/manifest+json webmanifest
AddType application/x-web-app-manifest+json webapp
AddType text/cache-manifest appcache
# Media files
AddType audio/mp4 f4a f4b m4a
AddType audio/ogg oga ogg opus
AddType image/bmp bmp
AddType image/webp webp
AddType video/mp4 f4v f4p m4v mp4
AddType video/ogg ogv
AddType video/webm webm
AddType video/x-flv flv
AddType image/x-icon cur ico
# Web fonts
AddType font/woff woff
AddType font/woff2 woff2
AddType application/vnd.ms-fontobject eot
AddType font/ttf ttc ttf
AddType font/otf otf
# Other
AddType application/octet-stream safariextz
AddType application/x-bb-appworld bbaw
AddType application/x-chrome-extension crx
AddType application/x-opera-extension oex
AddType application/x-xpinstall xpi
AddType text/vcard vcard vcf
AddType text/vnd.rim.location.xloc xloc
AddType text/vtt vtt
AddType text/x-component htc
</IfModule>
# UTF-8 encoding
AddDefaultCharset utf-8
<IfModule mod_mime.c>
AddCharset utf-8 .atom .css .js .json .manifest .rdf .rss .vtt .webapp .webmanifest .xml
</IfModule>
### End: MIME types ###
### Begin: Cross Origin ###
# Send the CORS header for images when browsers request it.
<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
<FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
SetEnvIf Origin ":" IS_CORS
Header set Access-Control-Allow-Origin "*" env=IS_CORS
</FilesMatch>
</IfModule>
</IfModule>
# Allow cross-origin access to web fonts.
<IfModule mod_headers.c>
<FilesMatch "\.(eot|otf|tt[cf]|woff2?)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
### End: Cross Origin ###
### Begin: Rewriting and Access ###
# You need rewriting, if you use a URL-Rewriting extension (RealURL, CoolUri).
<IfModule mod_rewrite.c>
# Enable URL rewriting
RewriteEngine On
# Store the current location in an environment variable CWD to use
# mod_rewrite in .htaccess files without knowing the RewriteBase
RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
RewriteRule ^.*$ - [E=CWD:%2]
# Rules to set ApplicationContext based on hostname
#RewriteCond %{HTTP_HOST} ^dev\.example\.com$
#RewriteRule .? - [E=TYPO3_CONTEXT:Development]
#RewriteCond %{HTTP_HOST} ^staging\.example\.com$
#RewriteRule .? - [E=TYPO3_CONTEXT:Production/Staging]
#RewriteCond %{HTTP_HOST} ^www\.example\.com$
#RewriteRule .? - [E=TYPO3_CONTEXT:Production]
# Rule for versioned static files, configured through:
# - $GLOBALS['TYPO3_CONF_VARS']['BE']['versionNumberInFilename']
# - $GLOBALS['TYPO3_CONF_VARS']['FE']['versionNumberInFilename']
# IMPORTANT: This rule has to be the very first RewriteCond in order to work!
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)\.(\d+)\.(php|js|css|png|jpg|gif|gzip)$ %{ENV:CWD}$1.$3 [L]
# Access block for folders
RewriteRule _(?:recycler|temp)_/ - [F]
RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
RewriteRule ^(?:vendor|typo3_src|typo3temp/var) - [F]
RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
# Block access to all hidden files and directories with the exception of
# the visible content from within the `/.well-known/` hidden directory (RFC 5785).
RewriteCond %{REQUEST_URI} "!(^|/)\.well-known/([^./]+./?)+$" [NC]
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule (?:^|/)\. - [F]
# Stop rewrite processing, if we are in any other known directory
# NOTE: Add your additional local storages here
RewriteRule ^(?:fileadmin/|typo3conf/|typo3temp/|uploads/) - [L]
# If the file/symlink/directory does not exist but is below /typo3/, redirect to the TYPO3 Backend entry point.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_URI} ^/typo3/.*$
RewriteRule ^typo3/(.*)$ %{ENV:CWD}typo3/index.php [QSA,L]
# If the file/symlink/directory does not exist => Redirect to index.php.
# For httpd.conf, you need to prefix each '%{REQUEST_FILENAME}' with '%{DOCUMENT_ROOT}'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule ^.*$ %{ENV:CWD}index.php [QSA,L]
</IfModule>
# Access block for files
# Apache < 2.3
<IfModule !mod_authz_core.c>
<FilesMatch "(?i:^\.|^#.*#|^(?:ChangeLog|ToDo|Readme|License)(?:\.md|\.txt)?|^composer\.(?:json|lock)|^ext_conf_template\.txt|^ext_typoscript_constants\.txt|^ext_typoscript_setup\.txt|flexform[^.]*\.xml|locallang[^.]*\.(?:xml|xlf)|\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql(?:\..*)?|sqlite(?:\..*)?|sw[op]|git.*|rc)|.*~)$">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
</IfModule>
# Apache ≥ 2.3
<IfModule mod_authz_core.c>
<If "%{REQUEST_URI} =~ m#(?i:/\.|/\x23.*\x23|/(?:ChangeLog|ToDo|Readme|License)(?:\.md|\.txt)?|/composer\.(?:json|lock)|/ext_conf_template\.txt|/ext_typoscript_constants\.txt|/ext_typoscript_setup\.txt|flexform[^.]*\.xml|locallang[^.]*\.(?:xml|xlf)|\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql(?:\..*)?|sqlite(?:\..*)?|sw[op]|git.*|rc)|.*~)$#">
Require all denied
</If>
</IfModule>
# Block access to vcs directories
<IfModule mod_alias.c>
RedirectMatch 404 /\.(?:git|svn|hg)/
</IfModule>
### End: Rewriting and Access ###
### Begin: Miscellaneous ###
# 404 error prevention for non-existing redirected folders
Options -MultiViews
# Make sure that directory listings are disabled.
<IfModule mod_autoindex.c>
Options -Indexes
</IfModule>
<IfModule mod_headers.c>
# Force IE to render pages in the highest available mode
Header set X-UA-Compatible "IE=edge"
<FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svgz?|ttf|vcf|webapp|webm|webp|woff2?|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
# Reducing MIME type security risks
Header set X-Content-Type-Options "nosniff"
</IfModule>
# ETag removal
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
FileETag None
### End: Miscellaneous ###
# Add your own rules here.
Anyone, please help me to find out the issue?
Thanks!
When looking at my web server's access & error logs I notice quite a few instances where attackers seem to be fishing for the existence of certain *.php files and I don't actually want to help them with a 404 status message! Rather I'd like to return some happy 200 status and some dummy content for whatever non existing *.php file some idiot hacker tries to call on my site.
Also I don't care to have my error log spammed with respective non-existing php access attempts, e.g.:
[Thu Apr 16 11:42:42.700317 2020] [proxy_fcgi:error] [pid 3318670] [client x.x.x.x:54236] AH01071: Got error 'Primary script unknown\n', i.e. I'd like to redirect before the server feels inclined to report that issue.
What I am looking for is some web server internal redirect for all non-existing *.php files that will respond as if there actually was a respective (dummy) file. My web server access is limited to Plesk and .htaccess so ideally I am looking for something that I can configure via .htaccess
Any suggestions?
seems that adding the below in .htaccess pretty much does what I am looking for by redirecting any non-existing *.php files to _404.php:
# use dummy file for all non-existing .php files
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} \.(php)$ [NC]
RewriteRule ^(.*)$ /_404.php [QSA,L]
</IfModule>
I am trying to install vBulletin5 on my pc. I am uisng Laragon. I got 500 Internal Server Error. When I remove .htaccess everything works fine till installation done.
Here is .htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
#In some cases where you have other mod_rewrite rules, you may need to comment out the following line
#and change it to match your folder name. This resets the other mod_rewrite rules for just this directory
#If your site was www.example.com/forum, the setting would be /forum/
#RewriteBase /
# Send css calls directly to the correct file VBV-7807
RewriteRule ^css.php$ core/css.php [NC,L]
# Redirect old install path to core.
RewriteRule ^install/ core/install/ [NC,L]
# Main Redirect
RewriteCond %{REQUEST_URI} !\.(gif|jpg|jpeg|png|css)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?routestring=$1 [L,QSA]
# Because admincp is an actual directory.
RewriteRule ^(admincp/)$ index.php?routestring=$1 [L,QSA]
</IfModule>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/atom+xml \
text/javascript \
application/x-javascript \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType application/x-javascript A1209600
ExpiresByType text/javascript A1209600
ExpiresByType application/javascript A1209600
ExpiresByType text/css A31536000
ExpiresByType image/x-icon A2592000
ExpiresByType image/icon A2592000
ExpiresByType application/x-ico A2592000
ExpiresByType application/ico A2592000
ExpiresByType image/gif A2592000
ExpiresByType image/jpeg A1209600
ExpiresByType image/jpg A1209600
ExpiresByType image/png A1209600
ExpiresByType application/x-shockwave-flash A1209600
ExpiresByType font/ttf A2592000
ExpiresByType font/otf A2592000
ExpiresByType font/x-woff A2592000
ExpiresByType image/svg+xml A2592000
ExpiresByType font/truetype A2592000
ExpiresByType font/opentype A2592000
ExpiresByType application/x-font-woff A2592000
ExpiresByType application/vnd.ms-fontobject A2592000
</IfModule>
<IfModule mod_headers.c>
Header set Connection keep-alive
<filesmatch "\.(ico|flv|gif|swf|eot|woff|otf|ttf|svg)$">
Header set Cache-Control "max-age=2592000, public"
</filesmatch>
<filesmatch "\.(jpg|jpeg|png)$">
Header set Cache-Control "max-age=1209600, public"
</filesmatch>
<filesmatch "\.(eot|woff|otf|ttf|svg)$">
Header set Cache-Control "max-age=2592000, public"
</filesmatch>
# css and js should use private for proxy caching https://developers.google.com/speed/docs/best-practices/caching#LeverageProxyCaching
<filesmatch "\.(css)$">
Header set Cache-Control "max-age=31536000, private"
</filesmatch>
<filesmatch "\.(js)$">
Header set Cache-Control "max-age=1209600, private"
</filesmatch>
</IfModule>
Apache error.log
[Sun Jan 31 16:59:14.077148 2016] [core:alert] [pid 6492:tid 916] [client 127.0.0.1:63045] D:/lamp/www/forum/.htaccess: Invalid command 'AddOutputFilterByType', perhaps misspelled or defined by a module not included in the server configuration, referer: http://forum.dev/core/install/install.php
[Sun Jan 31 17:17:38.028320 2016] [core:alert] [pid 6492:tid 916] [client 127.0.0.1:63417] D:/lamp/www/forum/.htaccess: Invalid command 'AddOutputFilterByType', perhaps misspelled or defined by a module not included in the server configuration
[Sun Jan 31 17:17:38.191406 2016] [core:alert] [pid 6492:tid 916] [client 127.0.0.1:63418] D:/lamp/www/forum/.htaccess: Invalid command 'AddOutputFilterByType', perhaps misspelled or defined by a module not included in the server configuration, referer: http://forum.dev/core/install/install.php
Could anybody help?
just remove:
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE application/atom+xml \
text/javascript \
application/x-javascript \
application/javascript \
application/json \
application/rss+xml \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/xhtml+xml \
application/xml \
font/opentype \
image/svg+xml \
image/x-icon \
text/css \
text/html \
text/plain \
text/x-component \
text/xml
</IfModule>
There are incompatibilities with mod_deflate and mod_filter between Apache versions 2.2 and 2.4
You need three modules for mod_deflate to work in apache 2.4
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule filter_module modules/mod_filter.so
So either remove that block, or load mod_filter
That is from the apache error_log:
[Mon Oct 17 17:55:42 2011] [error] [client 127.0.0.1] (13)Permission denied: access to /index.html denied
In /etc/apache2/vhosts.d I've created this file:
<VirtualHost 127.0.0.1:3000>
DocumentRoot "/home/mm/lib/vokabeltrainer"
ServerName localhost:3000
<Directory "/home/mm/lib/vokabeltrainer">
Options FollowSymLinks ExecCGI
AddHandler cgi-script .pl
IndexIgnore *
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/public/%{REQUEST_URI} -f
RewriteRule ^(.*) public/$1 [L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f
RewriteRule ^(.*) vokabeltrainer.pl [L]
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
The /etc/apache2/listen.conf looks like this:
Listen 127.0.0.1:3000
NameVirtualHost 127.0.0.1:3000
For testing, I've modified the folder like chmod -R 0777 /home/mm/lib/vokabeltrainer
When I run the vokabeltrainer.pl (Mojolicious::Lite script) with morbo development server it works.
Has somebody a clue where I should look?
As Ikegami pointed out, my first problem was that I didn't consider the /home/mm/lib part of the path: the lib-directory didn't have enough rights so I had to ad the needed rights.
Then I changed the path in the shebang form /usr/local/bin/perl to /usr/bin/perl and installed Mojolicious::Lite for the /usr/bin/perl.
The last thing I had to do, was writing the url like this http://localhost:3000/vokabeltrainer.pl/random instead of http://localhost:3000/random.
(In the Pretty "Web 2.0" URLs at mojo/wiki/Apache-deployment is shown a way to keep the short url)
I am building an app in Zend Framework at the moment and testing it all locally. I have Mamp Pro as my web server and I have a self-signed SSL which all seems to work. My problem comes when I try to do mod_rewrite - I just get 404 pages.
The way I have things set up (which may not be the best way...)
In Mamp I have 2 virtualhosts set up both pointing to the same web directory (webroot/public/):
secure.myapp.com
myapp.com
In my public directory is my index.php file and my .htaccess file. The contents of the .htaccess file are:
SetEnv APPLICATION_ENV development
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
When I visit http://myapp.com everything routes as it should using the mod_rewrite. But when I go to https://secure.myapp.com the index page is fine, but URL routing stops working and it appears to be that the .htaccess file is being ignored.
In my ssl.conf I have the following:
<IfModule mod_ssl.c>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/Applications/MAMP/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/Applications/MAMP/logs/ssl_mutex
<VirtualHost _default_:443>
SSLEngine on
DocumentRoot "/webroot/public"
ServerName secure.myapp.com
ServerAdmin you#example.com
ErrorLog /Applications/MAMP/logs/ssl_error_log
TransferLog /Applications/MAMP/logs/ssl_access_log
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /Applications/MAMP/conf/apache/ssl_cert/server.crt
SSLCertificateKeyFile /Applications/MAMP/conf/apache/ssl_key/server.key
CustomLog /Applications/MAMP/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfModule>
Does anybody have any ideas on this? I'll be sooooo appreciative of the help as it's seriously hindering my development!
Well I'm pretty sure that I have got this working. Basically, a big problem I had is that Mamp does not store vhosts.conf as an accessible file. Instead this is an aliased application file.
I think what happens is that the virtualhosts are all dynamically created all on the standard http port, in my case 80. However I needed to be able to access the port 433 vhost config to enable FileInfo. So my workaround is to ditch my .htaccess file and stick the following ALL into my ssl.conf file.
<IfModule mod_ssl.c>
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/Applications/MAMP/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/Applications/MAMP/logs/ssl_mutex
<VirtualHost mysite.com:443>
SSLEngine on
DocumentRoot /webroot/secure
ServerName mysite.com
ServerAdmin you#example.com
ErrorLog /Applications/MAMP/logs/ssl_error_log
TransferLog /Applications/MAMP/logs/ssl_access_log
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /Applications/MAMP/conf/apache/ssl_cert/server.crt
SSLCertificateKeyFile /Applications/MAMP/conf/apache/ssl_key/server.key
CustomLog /Applications/MAMP/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} -s [OR]
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} -l [OR]
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ /index.php [NC,L]
RewriteLog /Applications/MAMP/logs/ssl_rewrite_log
RewriteLogLevel 3
</IfModule>
</VirtualHost>
</IfModule>
I had to add DOCUMENT_ROOT in front of my file and directory checks, and a forward slash in front of index.php. If I could have put this into a "Directory" then I think I could have avoided these changes, but Apache won't restart when I add this parameter.
The only thing I didn't try was adding the info to MAMP's httpd.conf, but I have a feeling the same restrictions may be in place.