Cannot properly configure ddns -> Apache -> local website - wordpress

Good morning and thanks to all,
I need help with something which has been bothering me for more than one day of trying: I cannot visit my local website
(the website I am developing on localhost in my laptop) from an external ip.
I get "Error 500 - Connection refused" from any browser.
I have a XUbuntu 16.04 laptop and a wordpress website running fine from localhost, a class LAMP install.
I also have a dlink router with a free dlinkddns domain, which works fine: I tested portforwarding from my router to my NAS (which has a local static ip 192.168.1.8) through port 80 and I can properly access my NAS firmware webpage by using my ddns domain.
Now I gave my laptop a static local ip address (192.168.1.6), and I changed port 80 forwarding to the static ip address of my laptop (192.168.1.6). My purpose is to access my local wordpress website by using my ddns domain.
So far, so good, I have an Apache web server (Apache/2.4.18) running, which seems to be listening to port 80 locally and externally:
"dpg#dpg-laptop:~$ sudo netstat -tnlp | grep :80
[sudo] password di dpg:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5298/apache2"
These are Apache2 config files:
Apache.conf:
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# respectively.
#
# They are activated by symlinking available configuration files from their
# respective *-available/ counterparts. These shouGood morning and thanks to all,
I need help with something which has been bothering me for more than one day of trying: I cannot visit my local website
(the website I am developing on localhost in my laptop) from an external ip.
I get "Error 500 - Connection refused" from any browser.
I have a XUbuntu 16.04 laptop and a wordpress website running fine from localhost, a class LAMP install.
I also have a dlink router with a free dlinkddns domain, which works fine: I tested portforwarding from my router to my NAS (which has a local static ip 192.168.1.8) through port 80 and I can properly access my NAS firmware webpage by using my ddns domain.
Now I gave my laptop a static local ip address (192.168.1.6), and I changed port 80 forwarding to the static ip address of my laptop (192.168.1.6). My purpose is to access my local wordpress website by using my ddns domain.
So far, so good, I have an Apache web server (Apache/2.4.18) running, which seems to be listening to port 80 locally and externally:
"dpg#dpg-laptop:~$ sudo netstat -tnlp | grep :80
[sudo] password di dpg:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5298/apache2"
These are Apache2 config files:
Apache.conf:
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See http://httpd.apache.org/docs/2.4/ for detailed information about
# the directives and /usr/share/doc/apache2/README.Debian about Debian specific
# hints.
#
#
# Summary of how the Apache 2 configuration works in Debian:
# The Apache 2 web server configuration in Debian is quite different to
# upstream's suggested way to configure the web server. This is because Debian's
# default Apache2 installation attempts to make adding and removing modules,
# virtual hosts, and extra configuration directives as flexible as possible, in
# order to make automating the changes and administering the server as easy as
# possible.
# It is split into several files forming the configuration hierarchy outlined
# below, all located in the /etc/apache2/ directory:
#
# /etc/apache2/
# |-- apache2.conf
# | `-- ports.conf
# |-- mods-enabled
# | |-- *.load
# | `-- *.conf
# |-- conf-enabled
# | `-- *.conf
# `-- sites-enabled
# `-- *.conf
#
#
# * apache2.conf is the main configuration file (this file). It puts the pieces
# together by including all remaining configuration files when starting up the
# web server.
#
# * ports.conf is always included from the main configuration file. It is
# supposed to determine listening ports for incoming connections which can be
# customized anytime.
#
# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
# directories contain particular configuration snippets which manage modules,
# global configuration fragments, or virtual host configurations,
# rld be managed by using our
# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
# their respective man pages for detailed information.
#
# * The binary is called apache2. Due to the use of environment variables, in
# the default configuration, apache2 needs to be started/stopped with
# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
# work with the default configuration.
# Global configuration
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the Mutex documentation (available
# at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
Mutex file:${APACHE_LOCK_DIR} default
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the severity of messages logged to the error_log.
# Available values: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the log level for particular modules, e.g.
# "LogLevel info ssl:warn"
#
LogLevel warn
# Include module configuration:
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
# Include list of ports to listen on
Include ports.conf
# Sets the default security model of the Apache2 HTTPD server. It does
# not allow access to the root filesystem outside of /usr/share and /var/www.
# The former is used by web applications packaged in Debian,
# the latter may be used for local directories served by the web server. If
# your system is serving content from a sub-directory in /srv you must allow
# access here, or in any related virtual host.
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
#<Directory /srv/>
# Options Indexes FollowSymLinks
# AllowOverride None
# Require all granted
#</Directory>
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
IncludeOptional conf-enabled/*.conf
# Include the virtual host configurations:
IncludeOptional sites-enabled/*.conf
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Ports.conf:
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 0.0.0.0:80
<IfModule ssl_module>
Listen 0.0.0.0:443
</IfModule>
<IfModule mod_gnutls.c>
Listen 0.0.0.0:443
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
000-default.conf:
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster#localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
My ufw firewall is off:
"dpg#dpg-laptop:~$ sudo ufw status
Stato: inattivo"
and iptables are:
"dpg#dpg-laptop:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:http
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere"
I have never done this before, so I may have done something wrong, but I really have no clue... I have spent almost one day testing everything. Only thing I am convinced is that the problem does not seem to be on the router, since port 80 seems open on my laptop from any port checker test online.
Best regards and thanks for the help,
Giorgio Dalla Pozza

Related

Openstack All-In-One Single Machine Networking

I'm having a hard time configuring an Openstack environment based on the All-In-One Single Machine installer for bridged networking in my LAN.
My objective is to SSH into the instances created in Openstack from my LAN.
The server is an Ubuntu 16.04 LTS with minimal installation and OpenSSH. The network configuration of the server is:
auto enp3s0
iface enp3s0 inet static
address 10.4.4.1
netmask 255.255.255.0
gateway 10.4.4.254
broadcast 10.4.4.255
network 10.4.4.0
dns-nameservers 10.4.1.12 10.4.1.10
Basically my network details are the following:
LAN 10.4.4.0
MASK 255.255.255.0
Gateway/DHCP Server 10.4.4.254
The local.conf file I've used for deploying the devstack is the following:
# Sample ``local.conf`` for user-configurable variables in ``stack.sh``
# NOTE: Copy this file to the root DevStack directory for it to work properly.
# ``local.conf`` is a user-maintained settings file that is sourced from ``stackrc``.
# This gives it the ability to override any variables set in ``stackrc``.
# Also, most of the settings in ``stack.sh`` are written to only be set if no
# value has already been set; this lets ``local.conf`` effectively override the
# default values.
# This is a collection of some of the settings we have found to be useful
# in our DevStack development environments. Additional settings are described
# in https://docs.openstack.org/devstack/latest/configuration.html#local-conf
# These should be considered as samples and are unsupported DevStack code.
# The ``localrc`` section replaces the old ``localrc`` configuration file.
# Note that if ``localrc`` is present it will be used in favor of this section.
[[local|localrc]]
# Minimal Contents
# ----------------
# While ``stack.sh`` is happy to run without ``localrc``, devlife is better when
# there are a few minimal variables set:
# If the ``*_PASSWORD`` variables are not set here you will be prompted to enter
# values for them by ``stack.sh``and they will be added to ``local.conf``.
FLOATING_RANGE=10.4.4.192/27
FIXED_RANGE=192.168.0.0/24
FIXED_NETWORK_SIZE=256
FLAT_INTERFACE=enp3s0
ADMIN_PASSWORD=nomoresecret
DATABASE_PASSWORD=stackdb
RABBIT_PASSWORD=stackqueue
SERVICE_PASSWORD=$ADMIN_PASSWORD
# ``HOST_IP`` and ``HOST_IPV6`` should be set manually for best results if
# the NIC configuration of the host is unusual, i.e. ``eth1`` has the default
# route but ``eth0`` is the public interface. They are auto-detected in
# ``stack.sh`` but often is indeterminate on later runs due to the IP moving
# from an Ethernet interface to a bridge on the host. Setting it here also
# makes it available for ``openrc`` to include when setting ``OS_AUTH_URL``.
# Neither is set by default.
HOST_IP=10.4.4.1
#HOST_IPV6=2001:db8::7
# Logging
# -------
# By default ``stack.sh`` output only goes to the terminal where it runs. It can
# be configured to additionally log to a file by setting ``LOGFILE`` to the full
# path of the destination log file. A timestamp will be appended to the given name.
LOGFILE=$DEST/logs/stack.sh.log
# Old log files are automatically removed after 7 days to keep things neat. Change
# the number of days by setting ``LOGDAYS``.
LOGDAYS=2
# Nova logs will be colorized if ``SYSLOG`` is not set; turn this off by setting
# ``LOG_COLOR`` false.
#LOG_COLOR=False
# Using milestone-proposed branches
# ---------------------------------
# Uncomment these to grab the milestone-proposed branches from the
# repos:
#CINDER_BRANCH=milestone-proposed
#GLANCE_BRANCH=milestone-proposed
#HORIZON_BRANCH=milestone-proposed
#KEYSTONE_BRANCH=milestone-proposed
#KEYSTONECLIENT_BRANCH=milestone-proposed
#NOVA_BRANCH=milestone-proposed
#NOVACLIENT_BRANCH=milestone-proposed
#NEUTRON_BRANCH=milestone-proposed
#SWIFT_BRANCH=milestone-proposed
# Using git versions of clients
# -----------------------------
# By default clients are installed from pip. See LIBS_FROM_GIT in
# stackrc for details on getting clients from specific branches or
# revisions. e.g.
# LIBS_FROM_GIT="python-ironicclient"
# IRONICCLIENT_BRANCH=refs/changes/44/2.../1
# Swift
# -----
# Swift is now used as the back-end for the S3-like object store. Setting the
# hash value is required and you will be prompted for it if Swift is enabled
# so just set it to something already:
SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5
# For development purposes the default of 3 replicas is usually not required.
# Set this to 1 to save some resources:
SWIFT_REPLICAS=1
# The data for Swift is stored by default in (``$DEST/data/swift``),
# or (``$DATA_DIR/swift``) if ``DATA_DIR`` has been set, and can be
# moved by setting ``SWIFT_DATA_DIR``. The directory will be created
# if it does not exist.
SWIFT_DATA_DIR=$DEST/data
At the end of the deployment I'm able to ping from the instance to my LAN and do nslookup on google.com for example, but I can't do it backwards, ping/ssh/telnet the instance in Openstack.
The security group permits all traffic, all ICMP ingress/egress, SSH from everywhere.
I've tried to telnet on my local computer from the Openstack instance and it's showing the IP of the Openstack host, not the host. So I'm missing something in the network topology.
netstat -ant | grep 1716
tcp6 0 0 :::1716 :::* LISTEN
tcp6 0 0 10.4.3.34:1716 10.4.4.1:42992 ESTABLISHED
Is there any type of network deployment I'm missing?
Any advice would be much appreciated!
If you are trying to access your instances from the "outside", you will need to create a floating IP pool and assign a floating IP to one of your instances.

CentOS 6.4 + Nginx + uwsgi + (13: Permission denied) while connecting to upstream

As mentioned in the title, I'm experiencing a permission denied error in my nginx + uwsgi setup in my CentOS 6.4. I'm running uwsgi as root already. Below are my configuration files. Take note that I've already linked (ln -s) the mysite_nginx.conf to /etc/nginx/sites-enabled/. Also I've already changed the owner of /home/user1/location/mysite to nginx user.
mysite_uwsgi.ini
#mysite_uwsgi.ini file
[uwsgi]
# Django-related settings
# the base directory (full path)
chdir = /home/user1/location/mysite/myapp
# Django wsgi file
module = mysite.wsgi
# the virtualenv (full path)
home = /home/user1/location/mysite
# process-related settings
# master
master = true
# maximum number of worker processes
processes = 4
# the socket (use the full path to be safe
socket = /home/user1/location/mysite/myapp/myapp.sock
# ... with appropriate permissions - may be needed
chmod-socket = 666
chown-socket = nginx:nginx
# clear environment on exit
vacuum = true
# other config options
uid = nginx
gid = nginx
processes = 4
mysite_nginx.conf
# mysite_nginx.conf
# the upstream component nginx needs to connect to
upstream mysite {
server unix:///home/user1/location/mysite/myapp/myapp.sock; se this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8082;
# the domain name it will serve for
server_name 192.168.X.X; #
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /home/user1/location/mysite/media;
}
location /static {
alias /home/user1/location/mysite/static;
}
I already followed the answers related to the same issue here in stackoverflow but none of them help. What am I lacking? doing wrong?
Thanks in advance!
I had the same problem. the problem is because of selinux policies. you can find the solution in the following link, follow Option 2: Extend the httpd_t Domain Permissions instructions:
http://nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/

Basic Auth on Nginx server on Elastic Beanstalk

I am trying to set up basic auth on my elastic beanstalk instance running nodejs, however, I cannot seem to get this working. I have followed this guide Nginx Server on Amazon EC2, but http traffic is still getting through the nginx instance. I think its because the nginx server on the ec2 instance is not the one I need to be altering the virtual.conf file for. I think the nginx server is on another instance entirely, but I cant seem to find it. I think this because when I ping the Domain name for my site its IP is that of the nginx server and not my Elastic IP. Any ideas on how to configure nginx to restrict http and https traffic to my site on Elastic beanstalk?
Although this isn't a direct answer to your question, I had a lot of trouble finding resources for HTTP Basic Authentication for AWS.
I ended up switching from Nginx to Apache and used this configuration in PROJECT_ROOT/.ebextensions/apache.conf:
files:
"/etc/httpd/conf.d/allow_override.conf":
mode: "000644"
owner: ec2-user
group: ec2-user
encoding: plain
content: |
<Directory /var/app/current/>
AllowOverride AuthConfig
</Directory>
"/etc/httpd/conf.d/auth.conf":
mode: "000644"
owner: ec2-user
group: ec2-user
encoding: plain
content: |
<Directory /var/app/current/>
AuthType Basic
AuthName "Myproject Prototype"
AuthUserFile /etc/httpd/.htpasswd
Require valid-user
</Directory>
"/etc/httpd/.htpasswd":
mode: "000644"
owner: ec2-user
group: ec2-user
encoding: plain
content: |
myusername:mypassword-generated-by-htpasswd
Note, this is not ideal as you end up having password protection in the source code of the repo... But, I couldn't find a better way documented anywhere. I'm currently exploring baking the HTTP Auth into the ec2 instance, saving the instance as an AMI, and using that AMI for the instances that are auto-generated in my beanstalk.
Don't even get me started on HTTP Auth in front of s3 buckets, which is not supported by AWS and requires you point your DNS at a third-party service!
The key factor of managing Elastic Beanstalk's nginx Basic auth is to recognize the conf file is managed by beanstalk, so when you modify it, you need to edit the file in /tmp/deployment/config. All the files in there will be copied to destination, and the destination is calculated by replacing the filename's # character to /. And since the /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf file is not created on the commands step, you need to modify it on the container_commands step.
For me, following worked.
files:
/etc/nginx/.htpasswd:
mode: "000755"
owner: root
group: root
# the content of htpasswd.
# Obtain it by `htpasswd -nb USER PASSWORD`
content: "USER_NAME:HASHED_PASS"
container_commands:
add-basic:
command: |
set -ex
EB_CONFIG_STAGING_DIR=$(/opt/elasticbeanstalk/bin/get-config container -k config_staging_dir)
file_name="${EB_CONFIG_STAGING_DIR}/$(echo /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf | sed -e 's|/|#|g')"
sed -i -e '
/location \// {
s|$|\nauth_basic "Restricted Area";\nauth_basic_user_file /etc/nginx/.htpasswd;|
:loop
n
b loop
}' "$file_name"

Unable to see LDAP references after adding them but still able to ldapsearch them

I have set up two OpenLDAP servers on my network and am trying to enable authentication through LDAP. I am able to login to my servers if users are authenticated on the local LDAP server. However, after I add a reference object to the other server I can't see the object through phpldapadmin. Here's what I am adding with ldapadd.
dn: uid=server2,ou=People,dc=example,dc=com
objectClass: referral
objectClass: extensibleObject
cn: server2
ref: ldap://192.168.4.105/ou=People,dc=server2,dc=example,dc=com
It successfully adds but I am unable to see it through phpldapadmin. I can view it through ldapsearch this is what I get.
$ ldapsearch -h 192.168.4.106 -x -b "uid=server2,ou=People,dc=example,dc=com"
# extended LDIF
#
# LDAPv3
# base <uid=server2,ou=People,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 10 Referral
matchedDN: uid=server2,ou=People,dc=example,dc=com
ref: ldap://192.168.4.106/ou=People,dc=server2,dc=example,dc=com??sub
The fact that I can't see the objects and that they don't give me access to the other server is driving me nuts. I have nss_ldap and pam_ldap installed as well as the phpldapadmin module. I am running Ubuntu 13.04 on both servers. This is my slapd.conf for my client.
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /usr/share/slapd/etc/openldap/schema/core.schema
include /usr/share/slapd/etc/openldap/schema/cosine.schema
include /usr/share/slapd/etc/openldap/schema/nis.schema
include /usr/share/slapd/etc/openldap/schema/corba.schema
include /usr/share/slapd/etc/openldap/schema/misc.schema
include /usr/share/slapd/etc/openldap/schema/inetorgperson.schema
allow bind_v2
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
referral ldap://server2.example.com:389
pidfile /usr/share/slapd/var/run/slapd.pid
argsfile /usr/share/slapd/var/run/slapd.args
# Load dynamic backend modules:
# modulepath /usr/local/libexec/openldap
moduleload back_bdb.la
# moduleload back_hdb.la
moduleload back_ldap.la
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
overlay chain
chain-max-depth 1 #allows 1 referral hop
chain-uri "ldap://192.168.4.106"
chain-rebind-as-user yes
chain-idassert-bind bindmethod="simple"
binddn="cn=admin,dc=example,dc=com"
credentials="{SSHA}****"
mode="self"
chain-tls start
chain-idassert-authzFrom "*"
chain-return-error TRUE
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=server2,dc=example,dc=com"
rootdn "cn=admin,dc=server2,dc=example,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(9) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw {SSHA}*********
defaultaccess none
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory /usr/local/var/openldap-data
# Indices to maintain
index objectClass eq
I would be really grateful if someone could point me in the direction of my problem. I'm not sure if this is related but I am unable to view my OpenLDAP server through Apache Directory Studio but I can see it through phpldapadmin.
ldap.conf
host 192.168.4.105
base dc=server2,dc=example,dc=com
uri ldap://192.168.4.105
ldap_version 3
rootbinddn cn=admin,dc=server2,dc=example,dc=com
rootpw {SSHA}blah
scope sub
timelimit 5
bind_timelimit 5
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
pam_password exop
nss_base_passwd ou=People,dc=server2,dc=example,dc=com?sub
nss_base_shadow ou=People,dc=server2,dc=example,dc=com?sub
nss_base_group ou=Group,dc=server2,dc=example,dc=com?sub
nss_base_hosts ou=Hosts,dc=server2,dc=example,dc=com?sub
nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,landscape,libuuid,list,lp,mail,man,messagebus,news,nslcd,openldap,proxy,root,sshd,statd,sync,sys,syslog,uucp,whoopsie,www-data

Xampp local Drupal install image path problems

I've got Drupal 6.19 installed locally in a xampp SUBDIRECTORY. Everything works great with the exception of the images are broken. The path being created is missing my subdirectory where Drupal is installed.
The path should start with:
http://localhost/drupal6.19/sites/default/files/
but is instead
http://localhost/sites/default/files.
I've tried setting base url in the setting php file and clearing my cache:
$base_url = 'http://localhost/drupal6.19';
did not work. I've also tried uncommenting this line in the htaccess file and clearing cache:
# RewriteBase /drupal6.19
nothing.
I'm running out of ideas. Any help?
I won't do a clean install as I've already spent a lot of time migrating content over and configuring the site. I need to get this fixed somehow...
Have you changes something in the hosts file. Its located at C:\Windows\System32\drivers\etc. The content of the file look like
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

Resources