Develop Reference

Issue with httpd. unable to view any files on folder

I have a created file serving tool using http. it was working without any issue. I did recently upgraded to httpd services. post that not able view/open any files.
my http.conf
ServerRoot "/etc/httpd"
Include conf.modules.d/*.conf
User apache
Group apache
<VirtualHost *:443>
SSLEngine on
SSLProtocol -ALL -SSLv3 +TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
SSLCompression off
SSLSessionTickets off
SSLCertificateFile /etc/pki/tls/certs/tool.crt
SSLCertificateKeyFile /etc/pki/tls/private/tool.key
SSLCertificateChainFile /etc/pki/tls/certs/tool.crt
Servername 10.x.x.x
</VirtualHost>
ServerAdmin root#localhost
DocumentRoot "/opt"
<Directory "/opt">
AllowOverride None
Require all granted
</Directory>
<Directory "/opt/tool">
Options Indexes FollowSymLinks
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
my error:
[Mon Apr 25 22:42:04.696565 2022] [mime_magic:error] [pid 16538] (13)Permission denied: [client 10.x.x.x:53639] AH01513: mod_mime_magic: read failed: /opt/Backup/2022/Apr/25/device.config
not sure, how to fix this issue.
my finding,
1.when give permission 751 to files, i am able to see but unable to open it getting some error.
error
Forbidden
You don't have permission to access /tool/2022/Apr/25/device.config on this server.
2.when i create files extension with .txt able to see but able to open not able to see any content. getting below
<!DOCTYPE HTML PUBLIC "-//IETF//DTD
am not from dev background. need some help here.

Combine r-handler and tls

Is it possible to provide the Apache R-mod via TLS directly? Without the need to set up a reverse proxy?
I'm trying to set up an OpenCPU instance without the typical reverse proxy configuration. It should be accessible via HTTPS and HTTPS only.
Whenever I try to enable the TLS/SSL engine, Apache ignores that and on port 443 I'll get a header missmatch as HTTP is delivered over port 443.
<IfModule mod_ssl.c>
SSLStaplingCache "shmcb:${APACHE_LOG_DIR}/stapling-cache(150000)"
<IfModule mod_R.c>
RSourceOnStartup "/usr/lib/opencpu/rapache/onstartup.R"
<Location /ocpu>
SSLEngine on
SSLUseStapling on
SSLCertificateFile /etc/ssl/xxx.pem
SSLCertificateKeyFile /etc/ssl/private/xxx.key
SSLCertificateChainFile /etc/ssl/certs/chain.pem
SetHandler r-handler
RHandler opencpu:::rapachehandler
SetOutputFilter DEFLATE
SetInputFilter DEFLATE
</Location>
Alias /favicon.ico /usr/lib/opencpu/rapache/favicon.ico
Alias /robots.txt /usr/lib/opencpu/rapache/robots.txt
# Increase prefork defaults
<IfVersion >= 2.4>
#StartServers 10
MaxConnectionsPerChild 200
<Directory /usr/lib/opencpu/rapache>
Require all granted
</Directory>
</IfVersion>
</IfModule>

It seems that the Location /ocpu is valid for both VirtualHosts, the one for HTTP and HTTPS.
So it suffices to redirect HTTP to HTTPS in 000-default.conf and to correctly set up TLS in the default-ssl.conf.
<VirtualHost *:80>
ServerName xxx
ServerAdmin xxx
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect / https://xxx/
</VirtualHost>
And
# cat default-ssl.conf
<IfModule mod_ssl.c>
SSLStaplingCache "shmcb:${APACHE_LOG_DIR}/stapling-cache(150000)"
LogLevel Debug
<VirtualHost *:443>
ServerName xxx
ServerAdmin xxx
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLUseStapling on
SSLCertificateFile /etc/ssl/certs/xxx.pem
SSLCertificateKeyFile /etc/ssl/private/xxx.key
SSLCertificateChainFile /etc/ssl/certs/xxx.pem
DocumentRoot /var/www/html
</VirtualHost>
</IfModule>
No need to change anything in the opencpu.conf.

Wordpress Permalink settings not working with apache on ubuntu 16.04 - getting site not found error

I know this question has been asked so many times. However, I had to post this since I have followed all of the posts and still getting this error.
I want to change my permalink settings with post name like http://www.example.com/sample-post. when I change that in the wordpress admin (settings/permalink) and save changes, I get page not found for any of my pages.
I see that wordpress has access to .htaccess file on the main folder since i removed it once and it got created when I restart my permalink settings in wordpress admin. (settings/permalink)
below is my etc/apache2/apache2.conf
Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options FollowSymLinks
AllowOverride All
Order deny,allow
Deny from all
Satisfy all
</Directory>
AccessFileName .htaccess
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
Thanks so much for reading this long post and helping a friend! And, please let me know if you have any questions.

I found a fix.
sudo a2enmod rewrite

wordpress inifinite redirect loop

My domain "walterscube.com" is point to a google cloud wordpress server http://xx.xx.xx.xx/. I use godaddy as my domain provider.
I changed my site address and wordpress address from ip to domain, because i want to see my domain name in the browser not my ip. The webpage will be in an infinite redirect lope between the ip and my domain. Can someone help what possibly causes this?
I already tried change all IP to domain in the database,
and i tried add to wp-config.php this lines
define('WP_HOME','http://walterscube.com/');
define('WP_SITEURL','http://walterscube.com/');
,with no result.
Thank you
Vince
*edit:
The server is the default google cloud launcher>WordPress, I did not change any settings.
apache2.conf:
Mutex file:${APACHE_LOCK_DIR} default
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf
Include ports.conf
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
AccessFileName .htaccess
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
IncludeOptional conf-enabled/*.conf
IncludeOptional sites-enabled/*.conf
wordpress.conf:
<VirtualHost *:80>
ServerAdmin xxx#xxx
DocumentRoot /var/www/html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Try running these queries in your DB to update your site's URL in the database. I would think that the constants you reference above should do it, but for thoroughness' sake, update these values, too.
UPDATE wp_options SET option_value = REPLACE (option_value,'http://xx.xxx.xxx.xx','http://walterscube.com');
UPDATE wp_posts SET guid = REPLACE (guid,'http://xx.xxx.xxx.xx','http://walterscube.com');
UPDATE wp_posts SET post_content = REPLACE (post_content, 'http://xx.xxx.xxx.xx', 'http://walterscube.com');
UPDATE wp_postmeta SET meta_value = REPLACE (meta_value,'http://xx.xxx.xxx.xx','http://walterscube.com');
The reason I reccommend this over checking your DNS records or anything else is that when I curl -H 'Host: walterscube.com' xx.xxx.xxx.xx -v, I get
* TCP_NODELAY set
* ...
> GET / HTTP/1.1
> Host: walterscube.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Mon, 26 Mar 2018 13:10:29 GMT
< Server: Apache/2.4.10 (Debian)
< X-Powered-By: PHP/5.6.33-0+deb8u1
< Location: http://xx.xxx.xxx.xx/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
(Which tells me that it's WordPress doing the redirecting, not the web server.)
Edit: ^ Quite an assumption, it turns out. The above likely just means that PHP's being executed by Apache. Not necessarily that WP's sent a 301 response!

Apache for http + https: Unwanted redirect

I want a site to be served both for http and https. With the configuration as pasted below, apache starts without any error or warning. the site is a wordpress installation. Now, accessing the server on https works fine. However, accessing port 80 gets a redirect - which I don't want because it breaks my routing. Here is what access log shows: 36.9.152.171 - - [05/Feb/2015:08:16:05 +0100] "GET / HTTP/1.1" 301 586 "-" "curl/7.30.0" - this happens when I do a curl http://acme.com. Where could this 302 come from? Could it be wordpress? How can I get rid of it?
default site
<VirtualHost *:80>
ServerName acme.com
SSLEngine off
ServerAdmin info#acme.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DocumentRoot /var/www/acme
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/acme>
Options FollowSymLinks MultiViews
Satisfy Any
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Require all granted
</Directory>
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
default-ssl site
ServerName acme.com
ServerAdmin info#acme.com
DocumentRoot /var/www/acme
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/acme>
Options FollowSymLinks MultiViews
Satisfy Any
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
ports.conf
NameVirtualHost *:80
NameVirtualHost *:443
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
apache.conf
### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
#ServerRoot "/etc/apache2"
#
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
#
LockFile ${APACHE_LOCK_DIR}/accept.lock
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
# This needs to be set in /etc/apache2/envvars
#
PidFile ${APACHE_PID_FILE}
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a
# graceful restart. ThreadLimit can only be changed by stopping
# and starting Apache.
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_worker_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxClients: maximum number of simultaneous client connections
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# These need to be set in /etc/apache2/envvars
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
# It is also possible to omit any default MIME type and let the
# client's browser guess an appropriate action instead. Typically the
# browser will decide based on the file's extension then. In cases
# where no good assumption can be made, letting the default MIME type
# unset is suggested instead of forcing the browser to accept
# incorrect metadata.
#
DefaultType None
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog ${APACHE_LOG_DIR}/error.log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
# Include module configuration:
Include mods-enabled/*.load
Include mods-enabled/*.conf
# Include all the user configurations:
Include httpd.conf
# Include ports listing
Include ports.conf
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
# Include of directories ignores editors' and dpkg's backup files,
# see README.Debian for details.
# Include generic snippets of statements
Include conf.d/
# Include the virtual host configurations:
Include sites-enabled/
httpd.conf (empty)
/var/www/acme/.htaccess
# BEGIN WordPress
# END WordPress
(there's nothing else in my .htaccess)

It appears like the 302 has indeed come from wordpress. I had it changed through the web interface to use https://acme.com as the site URL because there were some errors with resources not being loaded when trying to access the site through https and the site URL still being set to http in WP. Once forcing it back to http by adding define('WP_HOME','http://web.protogrid.com');
define('WP_SITEURL','http://web.protogrid.com'); to wp-config.php, it worked again.
I just hate how WP rewrites URLs - why even do that in the CMS at all? I'd expect a good CMS to only use relative URLs so I can move it without doing a data migrations. Oh well...
My takeaway on this: WP only works with https if you only use https. In order to implement this I first had to move it out of my dynamic reverse proxy (hipache) and use static routes again.