I'm using Apache 2.4 with mod_macro. According to the documentation, it is possible to instantiate several macro, in order to not to rewrite the same block of configuration. Example from the documentation:
<Macro VHost $name $domain>
<VirtualHost *:80>
ServerName $domain
ServerAlias www.$domain
DocumentRoot "/var/www/vhosts/$name"
ErrorLog "/var/log/httpd/$name.error_log"
CustomLog "/var/log/httpd/$name.access_log" combined
</VirtualHost>
</Macro>
Use VHost example example.com
Use VHost myhost hostname.org
Use VHost apache apache.org
I did the same for my server, with the following VirtualHost configuration file
<Macro VHost $request_uri>
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DBDriver mysql
DBDParams "host=localhost port=3306 user=myself pass=myselfpass dbname=apacheauth"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 300
<Location $request_uri>
AuthName $request_uri
AuthType Digest
AuthDigestAlgorithm MD5
AuthDigestDomain /
AuthDigestProvider dbd
AuthDBDUserRealmQuery "SELECT MD5(password) FROM password WHERE username = %s AND realm = %s"
Require valid-user
</Location>
</VirtualHost>
</Macro>
Use VHost /test
Use VHost /anothertest
The prolem is that the configuration work when I try to access www.mysite.com/test, asking me for the credential, and does not work when I try to access www.mysite.com/anothertest, showing me the current page without asking the credential. It seems like the server instantiates a VirtualHost only for the first Use directive, skipping all the following.
This is not a problem with mod_macro, but with the vhosts themselves. If you expand them out by hand, you get this config:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DBDriver mysql
DBDParams "host=localhost port=3306 user=myself pass=myselfpass dbname=apacheauth"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 300
<Location /test>
AuthName /test
AuthType Digest
AuthDigestAlgorithm MD5
AuthDigestDomain /
AuthDigestProvider dbd
AuthDBDUserRealmQuery "SELECT MD5(password) FROM password WHERE username = %s AND realm = %s"
Require valid-user
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DBDriver mysql
DBDParams "host=localhost port=3306 user=myself pass=myselfpass dbname=apacheauth"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 300
<Location /anothertest>
AuthName /anothertest
AuthType Digest
AuthDigestAlgorithm MD5
AuthDigestDomain /
AuthDigestProvider dbd
AuthDBDUserRealmQuery "SELECT MD5(password) FROM password WHERE username = %s AND realm = %s"
Require valid-user
</Location>
</VirtualHost>
You have two vhosts listening on the same IP address (*) and port (:80) and no ServerName or ServerAlias to distinguish requests. When a request comes in, Apache will load the first matching vhost, so the second vhost is never run.
The use of <VirtualHost> inside the macro is just an example, you can generate whatever block you want. It looks like what you actually wanted was a macro for defining the restricted directories:
<Macro ProtectDirectory $request_uri>
<Location $request_uri>
AuthName $request_uri
AuthType Digest
AuthDigestAlgorithm MD5
AuthDigestDomain /
AuthDigestProvider dbd
AuthDBDUserRealmQuery "SELECT MD5(password) FROM password WHERE username = %s AND realm = %s"
Require valid-user
</Location>
</Macro>
You would then have a single vhost with this macro expanded twice inside it:
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DBDriver mysql
DBDParams "host=localhost port=3306 user=myself pass=myselfpass dbname=apacheauth"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 300
Use ProtectDirectory /test
Use ProtectDirectory /anothertest
</VirtualHost>
Related
I have upgraded my cloud service (owncloud -> nexcloud) and now need to get rid of the string "/apps/gallery" from any link that uses it.
What I currently have in /etc/apache2/sites-enabled/000-default.conf:
Listen 80
Listen 443
<VirtualHost *:80>
ServerName ***
DocumentRoot ***
RewriteEngine on
RewriteRule ^/apps/gallery/s/.*$ /s/ [L]
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName ***
DocumentRoot ***
RewriteEngine on
RewriteRule ^/apps/gallery/s.*$ /s [L]
SSLEngine on
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/***/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/***/privkey.pem
</VirtualHost>
Rewrite rule does not work and I can't get anything from logs (error and access log)...
I'm restarting apache with sudo service apache2 restart - is it enough to load new config?
Any help would be much appreciated!
------ EDIT
Following mode_rewrite manual, I have changed rewrite part to this, but still the problem exist
RewriteEngine on
RewriteRule ^/apps/gallery(.*)$ $1 [NC,R=301]
I am getting this error when I try executing a basic Perl script on my Apache server. In my browser, I type in localhost/cgi-bin/first.pl, and I receive this error:
(13)Permission denied: exec of '/usr/lib/cgi-bin/first.pl' failed
This is my perl script:
#!/usr/lib/cgi-bin
print "Content-type: text/html\n\n";
print "Hello, World.";
And this is my default file in the sites-available folder. As you can see, every file in /usr/lib/cgi-bin should be recognized as a CGI file. And, /usr/lib/cgi-bin is exactly where first.pl is located.
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /home/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AddHandler cgi-script .cgi .py
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
ALSO, I did do chmod a+x first.pl.
You are getting this error because the shebang line (the first line of the script, starting with #!) specifies the interpreter that is launched to execute the script. What failed was therefore launching /usr/lib/cgi-bin as an executable.
Replace
#!/usr/lib/cgi-bin
with
#!/usr/bin/perl
If that still doesn't work, one possibility is that perl is in an ununsual location, and you could try
#!/usr/bin/env perl
One suggestion, if you can use a shell on the machine where your script lives, would be to try executing it directly. Had you done this, you would have seen a slightly more explanatory message "bad interpreter: Permission denied".
Check your permission/owner information on the directory as well.
Looking at the apache conf you posted, you will need to change the script to have a .cgi extension or add the perl extension to the AddHandler. What you have provided only lists the python extension.
I had this problem with the http/cgi wrapper for git.
For me the issue was mod_cgid and the permissions on /var/run preventing cgid from attaching to the socket used for the cgi script.
The rather cryptic clue was
[Fri Nov 27 14:39:02.506675 2020] [cgid:error] [pid 589971:tid 140310986311424] (13)Permission denied: [client 172.16.90.189:50018] AH01257: unable to connect to cgi daemon after multiple tries: /usr/lib/git-core/git-http-backend
Yet www-data can run the git-http-backend cgi executable
I resolved this by creating folder /apache_run with permissions www_data:www_data 770
and adding the following to apache2.conf
ScriptSock /apache2_run/cgid.sock
I am testing to deploy the tester example of Dancer using fcgi. But it just didn't work.
I keep getting the error message:
File does not exist: /home/tester/MyApp/public/dispatch.fcgi/
However, this app can run successfully with cgi. And I have made the changes to http.conf according to dancer's deployment manual.
Can someone pointing me to some solutions or possible reasons for this error?
below is the http.conf:
<VirtualHost *:80>
ServerName localhost
# /srv/www.example.com is the root of your
# dancer application
DocumentRoot /home/tester/MyApp/public
ServerAdmin you#example.com
<Directory "/home/tester/MyApp/public">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AddHandler fastcgi-script .fcgi
</Directory>
ScriptAlias / /home/tester/MyApp/public/dispatch.fcgi/
ErrorLog /var/log/apache2/MyApp-error.log
CustomLog /var/log/apache2/MyApp-access_log common
</VirtualHost>
Thank you
I don't think that ScriptAlias is what you want to be using. From the documentation...
The ScriptAlias directive has the same behavior as the Alias
directive, except that in addition it marks the target directory as
containing CGI scripts that will be processed by mod_cgi's cgi-script
handler.
Basically Apache looks for a directory called '/home/tester/MyApp/public/dispatch.fcgi/' and every file in this dir is processed through mod_cgi. In this case it can't be found since it's a regular file.
Have you tried using mod_rewrite? My httpd config for Dancer is pretty much the same as yours except I'm using mod_rewrite
DocumentRoot /home/user/src/MyApp/public
<Directory "/home/user/src/MyApp/public">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
AddHandler fcgid-script .fcgi #using fcgid instead of fastcgi
</Directory>
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ /dispatch.fcgi$1 [QSA,L]
I am trying to configure apache2 running on ubunutu 12.04 to run perl script. But the script is not running when i submit the get request from the client.
Below is the default config i have made (after reading in internet):
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /home/Suresh/myFiles
<Directory /home/Suresh/myFiles>
Options Indexes FollowSymLinks MultiViews +ExecCGI
AddHandler cgi-script .pl
AllowOverride ALL
Order allow,deny
allow from all
ExpiresActive On
ExpiresDefault "access plus 6 hours"
<FilesMatch "\.(nff)">
Header set Cache-control "max-age=0, no-cache, proxy-revalidate"
Header set Content-Type "application/octet-stream"
Header set Pragma "no-cache"
Header unset Vary
Header set Connection "Keep-Alive"
</FilesMatch>
</Directory>
I have a perl script saved in the /home/Suresh/myFiles with chmod 777 permissions.
Below is the perl code:
#!/usr/bin/perl
use strict;
use CGI;
#require LWP::UserAgent;
my $q = new CGI;
my #rawCookies = split /~/, $ENV{'HTTP_COOKIE'};
my $extfile = '/home/suresh/Cookies.txt';
open(FH, ">>$extfile") or die "Cannot open file";
print FH "STB Cookies: ", $ENV{'HTTP_COOKIE'}, "\n";
close FH;
The perl works perfectly fine when run with perl command.
The script is not getting executed in default config file.
Can anyone suggest me what else needs to be done ?
You should use this conf:
<VirtualHost *:80>
Alias /perl/ /home/Suresh/myFiles
<Location /perl/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Then you must make your script executable % chmod a+rx /home/Suresh/myFiles/script.pl
Make restart apacher server and go to http://localhost/perl/script.pl
That's all.
P.S. More info you may find there http://perl.apache.org/sitemap.html
I have been tearing my hair out trying to get this working but no matter what I do I can't get .pl files to execute in the cgi-bin of my virtual directory. I have been searching for solutions for the past 4 hours and have tried everything I have come across, and nothing works for me. Perl files are executing perfectly for my default site, just not for my virtual host. The only mopdified file in my Apache2 configuration is the /etc/apache2/sites-available/default file, and currently it is as follows (except for the sitename):
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /var/www/cgi-bin>
Options +ExecCGI
AllowOverride All
AddHandler cgi-script cgi pl
Order allow,deny
allow from all
</Directory>
# ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
# <Directory "/usr/lib/cgi-bin">
# AllowOverride All
# Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
# Order allow,deny
# Allow from all
# </Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAlias subdom.mysite.com
DocumentRoot /var/www/subdom
<Directory /var/www/subdom/cgi-bin>
Options +ExecCGI
AllowOverride All
AddHandler cgi-script cgi pl
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Any and all help is very much appreciated.
I think it is a typo: You need a period before pl.
AddHandler cgi-script .cgi .pl
Also check this: How do I configure Apache 2 to run Perl CGI scripts?
This sounds and looks familiar:
In my case, I made a mistake with my ScriptAlias directive. I uncommented the original one, but forgot to configure a new one.
As soon as I correctly changed and saved my sites-available/default config file from this:
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
.. to this:
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
<Directory "/var/www/cgi-bin">
.. and reloaded apache2, it just worked: it stopped displaying my scripts as text, and started running them as a script. Also, it no longer displayed /var/www/cgi-bin as a directory in the browser, but now correctly displays the error:
Forbidden
You don't have permission to access /cgi-bin/ on this server.