So, I have my symfony 4 website, using multi domain.
It's not different websites, it's one website, with different languages, so I have example.com, en.example.com, ...
If we log on example.com, it works, but it doesn't make the user logged in on en.example.com.
I tried to set the config as I've seen in framework.yml:
framework:
session:
handler_id: ~
cookie_domain: '.localhost'
name: SFSESSION
But it simply breaks the login (there's no error but it 'triggers' a fail login, and no cookie is set.
If I set 'en.localhost' as a domain, it works for that subdomain, but no others obviously.
I made a test page with that code:
<?php
$currentCookieParams = session_get_cookie_params();
$rootDomain = '.localhost';
session_set_cookie_params(
$currentCookieParams["lifetime"],
$currentCookieParams["path"],
$rootDomain,
$currentCookieParams["secure"],
$currentCookieParams["httponly"]
);
session_start();
The result is that when I access localhost, I have a php cookie (on my symfony app, a similar config leads to no cookie), but if I go to test.localhost, I have nothing.
I tried to install the apache pack ( https://symfony.com/doc/current/setup/web_server_configuration.html )
And to set
php_value session.cookie_domain ".localhost"
In the .htaccess, and it doesn't work, I login on subdomain and nowhere else; it's like the htaccess is ignored.
What am I missing ?
Thank you
In the end, I used the apache configuration to achieve it (on production, not on my wamp).
<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
ServerAlias *
DocumentRoot /var/www/html/examplewebsite/public
DirectoryIndex /index.php
<Directory /var/www/html/examplewebsite/public>
AllowOverride None
Order Allow,Deny
Allow from All
php_value session.cookie_domain example.com
FallbackResource /index.php
</Directory>
# uncomment the following lines if you install assets as symlinks
# or run into problems when compiling LESS/Sass/CoffeeScript assets
# <Directory /var/www/project>
# Options FollowSymlinks
# </Directory>
# optionally disable the fallback resource for the asset directories
# which will allow Apache to return a 404 error when files are
# not found instead of passing the request to Symfony
<Directory /var/www/project/public/bundles>
FallbackResource disabled
</Directory>
ErrorLog /var/log/apache2/project_error.log
CustomLog /var/log/apache2/project_access.log combined
# optionally set the value of the environment variables used in the application
#SetEnv APP_ENV prod
#SetEnv APP_SECRET <app-secret-id>
#SetEnv DATABASE_URL "mysql://db_user:db_pass#host:3306/db_name"
</VirtualHost>
The line that matters is:
php_value session.cookie_domain example.com
Apparently:
If you don't set the cookie_domain : by default the cookie is specific to the subdomain (or without subdomain) that is in the url.
If you set : .example.com : every subdomain share the cookie, but not the domain without subdomain (example.com)
If you set example.com : the simple domain, and the subdomains all share the cookie.
I'm not 100% sure it doesn't work on my wamp, didn't try for now.
Related
My configuration:
LInux Ubuntu Server 18.04 LTS amd64
apache2 2.4.29-1ubuntu4.11
mysql-server 5.7.29-0ubuntu0.18.04.1
php 7.2+60ubuntu1
php7.2-common 7.2.24-0ubuntu0.18.04.2
wordpress 5.3.2–hr
Server almost default install, WP default install, wp-config.phph basic.
Set apache configuration of virtual host for http and https.
<VirtualHost *:80>
ServerAdmin webmaster#localhost
ServerName test.domain.com
DocumentRoot /var/www/test
<Directory /var/www/test>
Options -Indexes
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName test.domain.com
DocumentRoot /var/www/test
<Directory /var/www/test>
Options -Indexes
</Directory>
</VirtualHost>
.htaccess file empty
Right after installation when I access WP by https – https://test.domain.com I get frontend (default 2020 theme applied), login and admin area totally messed up, like no CSS exists.
I tried this solution for admin area:
define('FORCE_SSL_ADMIN', true);
// in some setups HTTP_X_FORWARDED_PROTO might contain
// a comma-separated list e.g. http,https
// so check for https existence
if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
$_SERVER['HTTPS']='on';
but results are same - seems there is no CSS.
When I add lines:
define( 'WP_HOME', 'https://test.domain.com' );
define( 'WP_SITEURL', 'https://test.domain.com' );
to wp-config.php I get error message:
The page isn’t redirecting properly
I searched many sites and tried many solutions but I'm stuck now.
I would like to get working at least admin and login areas.
I am running Apache 2.4 on my development machine so I can test code locally. How do I tell Symfony 3.4 to use the 'dev' environment instead of the 'prod' environment?
I've tried browsing to http://localhost/app_dev.php but that just redirects to http://localhost/. It looks like the front controller is set in .htaccess but if I modify that file, then my production server will be using the wrong front controller.
I've read the docs on the following pages and it talks about how to create new environments but not how to set the default environment.
https://symfony.com/doc/3.4/configuration/environments.html
https://symfony.com/doc/3.4/setup/web_server_configuration.html
I'm running Apache 2.4 on Windows 10 and here is my vhost configuration
<VirtualHost *:80>
ServerName example.local
DocumentRoot "C:\Users\kento\PhpstormProjects\example\web"
<Directory "C:\Users\kento\PhpstormProjects\example\web">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
DirectoryIndex app_dev.php
</Directory>
ErrorLog "logs/example-error.log"
CustomLog "logs/example-access.log" common
</VirtualHost>
example.local points to 127.0.0.1 in my hosts file. I set DirectoryIndex to app_dev.php but that seems to be overridden by the .htaccess file.
You've already set the vhost to use app_dev.php, but then you allow a .htaccess to override with the AllowOverride All. Change that to AllowOverride None and the .htaccess will be ignored.
There may be some config from there you would be able to merge into the vhost.
I tend to prefer all the configuration in the virtual host, and not have any use of a .htaccess file, for a small speed boost - especially in production.
I have a main site http://www.example.com that's written in another language (Ruby/Rails). I want a wordpress blog installed in http://blog.example.com. I have control over the server and DNS.
I have created the necessary CNAME record for the 'blog' subdomain. But after setting up apache and restarting it, when I visit http://blog.example.com, for the final installation steps, I'm redirected to http://www.example.com/wp-admin/install.php.
Also now when I try to visit the main site http://www.example.com, I'm being redirected to the above wordpress install page.
How can I make it work like this: the blog should only reside in blog.example.com path, and the main site should be accessible via http://www.example.com.
Removing the www subdomain is not an option as it's been like that for awhile for the main site. It might be ok, if somehow a redirect can be setup from www to non-www url, though I'm not aware how to set it up.
Please suggest.
Here's the main site's apache conf:
<VirtualHost *:80>
ProxyPreserveHost On
ServerAdmin webmaster#localhost
ServerName http://www.example.com
ServerAlias example.com
DocumentRoot /home/apps/example/current/public
<Directory /home/apps/example/current/public>
AllowOverride all
Options -MultiViews
</Directory>
#RewriteEngine On
#Redirect / http://example.com/
</VirtualHost>
Here's the apache conf for the wordpress under 'blog' subdomain:
<VirtualHost *:80>
ServerName blog.example.com
ServerAlias blog.example.com
ServerAdmin webmaster#localhost
DocumentRoot /home/apps/example_blog/wordpress_blog
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /home/apps/example_blog/wordpress_blog>
AllowOverride All
</Directory>
</VirtualHost>
WordPress has domain references in the database and the code which will throw your permalinks off and cause bad redirects. These renegade URLs should appear as 404's on your root domain (example.com). If not I'd double check the root domain with the sub domain removed from the vhosts.
I don't see any issues with your current vhost configuration. I would also try testing the domains in isolation if you suspect its vhost related. I suspect its a WordPress site url issue.
Assuming the database records are incorrect.
Log into phpMyAdmin or other database manager.
Select your WP database.
Go into the wp_options table (wp_ prefix may be different).
Look for the record's with option name = "siteurl" & "home".
Edit these records to reflect your new domain name.
Here's the WordPress documentation on how to switch a sites urls schema.
Document
Your problem is likely deep in various DB references throughout your WP project. I've run into this problem deploying WP before. You'll need to edit the DB directly to fix the issues.
Export your WordPress DB with phpMyAdmin or SequelPro (something that gets you a clean .sql file)
Use a text editor like Sublime or Atom, search for "www.example.com" and replace all with "blog.example.com" then save.
Upload DB to prod location and you should see these errors go away.
This should not happen if your virtual host is configured correctly
but still as your tables are not created so you can only do one try with this step :
you can add in your wp-config.php file the following parameter
define('wp_site_domain', 'blog.example.com');
This will force the wordpress to follow blog.example.com
I need some help with this simple directory access rules - sorry I just started playing with Apache 2.4 and not done this before.
I have configured Apache 2.4 to a stage where I can see a login for for protected resources and once I enter the user/pass I get access to the protected resourced.
Now I want to do the following which I am not sure how I can get this done.
Web root is set to /var/www
/var/www/login - anyone can access, no auth required as this folder contains login.html and logout.html. ( I got this working)
/var/www - all other contents in the root of my app can only be accessed after authentication. This is the part I don't know how to setup.
My vhost conf looks like this.
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster#dummy-host2.example.com
DocumentRoot "/var/www"
ServerName auth-test.ml.com
ErrorLog "logs/test-error_log"
CustomLog "logs/test-access_log" common
<Directory "/var/www">
AuthFormProvider file
AuthType form
AuthName "Reserved Area"
Session On
SessionCookieName session path=/
require valid-user
# This is the login page
ErrorDocument 401 /login/index.html
# This is the file containing users login data
AuthUserFile /usr/local/apache2/auth/.htpasswd
</Directory>
<Directory /var/www/login>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>
AT the moment when I access the app like http://example.com I expect to see the login.html page returned but I get the following error message:
Unauthorized
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Additionally, a 401 Unauthorized error was encountered while trying to use an ErrorDocument to handle the request.
How can I make this work?
Figured it out. It was as simple as using Directory to first deny access to all to the root document and only allow valid users.
Using another Directory to open access to all to the auth folder.
This was working for years until I did something that has now jacked this up....
Searching on this topic landed me in several places that basically said: You need to check the Wordpress URL and the site URL in the general settings in Wordpress. I have done so and they are both: http://www.petesworkshop.com/blog_wp . Yet, when I hit that URL I am redirected to my internal IP and get a error http://10.0.10.206/blog_wp (yep, that would be wrong!
Interestingly enough, I can get to the admin page just fine and it is just a subfolder of blog_wp. So, somehow things directed to /blog_wp return the IP but everything else is OK. Wierd.
Wordpress sits behind an Apache proxy which has this directive for the virtual host:
<VirtualHost *:80>
ServerName www.petesworkshop.com
ServerAlias petesworkshop.com
ProxyPass / http://10.0.10.206:5080/
ProxyPassReverse / http://10.0.10.206:5080/
</VirtualHost>
The server running the website behind the proxy has this:
DocumentRoot "/www/petes/htdocs/petesworkshop/"
ServerName www.petesworkshop.com
ServerAlias petesworkshop.com
DirectoryIndex index.html index.php index.htm
ErrorLog logs/petesworkshop.log
Options FollowSymLinks
Alias /blog_wp /www/petes/htdocs/petesworkshop/blog_wp
<Directory /www/petes/htdocs/petesworkshop/blog_wp >
Order Allow,Deny
Allow From all
</Directory>
<Directory /www/petes/htdocs/petesworkshop >
Order Allow,Deny
Allow From all
</Directory>
I am not sure how I jacked this up...it is probably something that I did to the Apache configuration but I can't be sure since everything else behind the proxy works fine. I even tried adding specific ProxyPass entries for /blog_wp but that didn't make any difference.
Stumped...
Check your wp-config.php for correct urls
like below
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
This one turned out to be an Apache proxy issue. What I needed was to add 'ProxyPreserveHost On' to the configuration, which I thought I had in there originally but I either removed it in an edit or had it placed in the wrong virtual host. In any case, adding the ProxyPreserveHost On flag, took care of the issue. Not sure why other entries in the same virtual host DID work without it but I am not going to worry about it.
I had a similar problem some time ago, whenever I wrote my domain in the browser it was solved correctly but my domain name was changed by the IP, after much research it turned out that the problem was in the hosting, not in the server, so which only change the configuration of my domain in GoDaddy since I was only doing a redirection but the correct thing was to create an A record that points to # (which represents your domain name) and everything started to work correctly. I hope it's help