plone page loads without css - plone

I put my plone site on a remote sever. I configured the virtual host.
When I get to the default page, it just shows as plain html format. No CSS no style.
My rewrite rule is:
^/(.*) http://localhost:8085/VirtualHostBase/http/interoptest-vlab.drimm.u-bordeaux1.fr:80/VirtualHostRoot/$1 [P,L]
The site is
http://interoptest-vlab.drimm.u-bordeaux1.fr/
you can go and have a look.
The rest is like this.
<VirtualHost *:80>
ServerName interoptest-vlab.drimm.u-bordeaux1.fr
ServerAlias www.interop-vlab.eu
ServerSignature On
ProxyVia On
# prevent your web server from being used as global HTTP proxy
<LocationMatch "^[^/]">
Deny from all
</LocationMatch>
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
RewriteEngine on
RewriteLogLevel 1
Rewritelog /var/log/apache2/plone4_rewrite_log
RewriteRule ^($|/.*) \
http://127.0.0.1:8085/VirtualHostBase/\
http/%{SERVER_NAME}:80/VirtualHostRoot$1 [L,P]
</VirtualHost>

You want to use the excellent RewriteRule Witch to generate your VHM rewriting configurations.
For your settings, the witch recommends you use:
RewriteRule ^($|/.*) \
http://127.0.0.1:8085/VirtualHostBase/\
http/%{SERVER_NAME}:80/VirtualHostRoot$1 [L,P]
This differs from yours in that the root is handled better, and the server name is auto-included from the browser headers, ensuring that you always use the correct server name.
However, your site is serving just the homepage, even a obvious 404 not found response results in the homepage. Something is rewriting your paths to discard all path information, perhaps before the VHM proxy rewrite rule is executed.

Related

Cannot get access https and non-www redirect to testing httpd

I have problem cannot get https and non-www redirect to testing httpd. What should i do? The problem is
I cannot access to https eventhough the certificate created successfully
Why when i tried to access https://www works directly to my exact folder but non www direct to testing httpd?
What's the different between www and non-www? There is big different www and non-www about anything or not?
This is my vhost
<VirtualHost *:80>
ServerName test.com
DocumentRoot /var/www/html/public
<Directory /var/www/html/public>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =test.com [OR]
RewriteCond %{SERVER_NAME} =www.test.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
I tried rerun the certbot, I choosed :
1: Attempt to reinstall this existing certificate
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for new sites, or if you're confident your site works on HTTPS. You can undo this change by editing your web server's configuration.
but i got an error
Failed redirect for test.com
Unable to set enhancement redirect for test.com

Shiny server running on localhost can't be accessed from web when redirected by apache

Hello dear stackoverflow!
I'm having trouble setting up shiny server and apache2 routing.
Roughly following this guide https://support.rstudio.com/hc/en-us/articles/213733868-Running-Shiny-Server-with-a-Proxy (but with apache2)
I set up shiny to run on my 127.0.0.1:2224 port. Everything works just fine when I open a tunnel and port forward, I see my app on localhost.
I set up pwd and redirection in apache as:
<VirtualHost *:80>
ServerAdmin karin#localhost
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ProxyPass "/myapp" "http://localhost:2224"
ProxyPassReverse "/myapp" "http://localhost:2224"
<Location /myapp>
AuthType Basic
AuthName "Enter your login name and password"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Location>
And when I open public my.ip/myapp I am prompted to log in, and after doing so I am redirected to local port 2224, yay!
~ however, the app seems to be broken. I can't see any of the resources, images, css - just the plain interface as coded in the app ui.R
I see a plenty of 404 in logs, the shiny server is looking for all these resources on the web, with address my.ip/shared/whatever - but the resources are accessible only through localhost:2224/shared/whatever
...
any idea where I messed up the routing? What privileges are missing, or what to try to be able to access my app without setting up ssh tunnel and port forward?
Thanks a lot for any ideas!
Roughly following this guide https://support.rstudio.com/hc/en-us/articles/213733868-Running-Shiny-Server-with-a-Proxy (but with apache2)
I have had success in using apache2 as a reverse proxy for shiny server when following that guide in detail, in particular the last examples. In your case, you should replace
ProxyPass "/myapp" "http://localhost:2224"
ProxyPassReverse "/myapp" "http://localhost:2224"
with
RedirectMatch permanent ^/myapp$ /myapp/
RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket
RewriteRule /myapp/(.*) ws://localhost:2224/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket
RewriteRule /myapp/(.*) http://localhost:2224/$1 [P,L]
ProxyPass /myapp/ http://localhost:2224/
ProxyPassReverse /myapp/ http://localhost:2224/
Header edit Location ^/ /myapp/
ProxyRequests Off

Redirect a URL to another URL in Lighthouse/Wordpress

Previously I had a website implemented as a single page application on S3, and it had a page pointing to a list of tools. The URL for this list was: example.com/tool/<tool-name>
To expand the features of my website, I redid the DNS so that this old site is now sitting on a subdomain: tools.example.com/tool/<tool-name> (the new site, that is, example.com, is now on Lighthouse/Wordpress).
As there are still a bunch of links around the web referencing URLs in the tool list of the old site, I would like to write a redirect on Bitnami.
I've already asked for help on this and was told to do the following, but the redirect still doesn't seem to work when I go to example.com/tool/<tool-name>:
Modify /opt/bitnami/apps/wordpress/conf/httpd-app.conf by adding the following rule to the bottom of the file:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/tool/(.*)$
RewriteRule ^(.*)$ https://tools.example.com/tool/$1 [P,L]
sudo /opt/bitnami/ctlscript.sh apache restart
Is this pattern correct, or am I writing to the right file?
EDIT
I changed the redirect code above slightly to reflect feedback in the comments. It is redirecting to https not http and I changed the last bit of code to [P,L] from [R=301,L]
I just tested this change in the Bitnami solution and it worked properly, can you try it?
Remove the changes from the /opt/bitnami/apps/wordpress/conf/httpd-app.conf file
Edit the /opt/bitnami/apache2/conf/bitnami/bitnami.conf file and include the Rewrite* lines the VirtualHost of the port 80
...
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache2/htdocs"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/tool/(.*)$
RewriteRule ^(.*)$ http://google.com [P,L]
...
You can also add those lines in the VirtualHost block of the port 443 in the same file.
Restart Apache
sudo /opt/bitnami/ctlscript.sh restart apache
As you can see, in my example, Apache is redirecting to google.com but you can redirect to any URL.

Mixed Content/Insecure Content SSL [duplicate]

This question already has answers here:
Wordpress Mixed Content Error
(3 answers)
Closed 2 years ago.
I am currently having issues with the following
Mixed Content: The page at 'https://www.example.com/' was loaded over HTTPS, but requested an insecure stylesheet
This is a Wordpress website on a Centos server with httpd installed.
I have following virtual host setup in `http.conf:
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:443>
DocumentRoot /var/www/html/example
ServerName www.example.com
ServerAlias example.com
SSLEngine on
SSLCACertificateFile /etc/httpd/conf/ssl.crt/intermediate.crt
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
Redirect / https://www.example.com/
</VirtualHost>
In my httpd.conf I have changed AllowOverride to all, so it looks like so:
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
I can confirm the htaccess is working as I am using iTheme security plugin and this is working as expected, also if I type some garbage in the htacces I get a server misconfiguration error as expected.
I have changed both the Wordpress URLs in the Dashboard to use https instead of http.
Once all of this was done, I was able to access the site over HTTP, be redirected to the HTTPS version of the site and see the site. However in the console I receive the error regarding mixed content and the padlock shield appears as yellow or red crossed as opposed to the desired green.
There are a few files that are an issue and I know for example I can change the URLs manually to use https as opposed to http. As I understand it, I can use change the URL to the below and this will simply adjust the link to the current protocol in use:
<img src="//www.example.com/image.jpg" />
I have also seen that if a resource is not available over https I can simply do the following:
https://example.com/imageserver?url=http://otherdomain.com/someimage.jpg&hash=abcdeafad
I am however, trying to find a way to fix all of these in one go using htaccess (something I am sure I have done before, but my snippets aren't working for me).
There are two main snippets I have used in an attempt to force everything over https, the first being:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
#These Lines to force HTTPS
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R=301,L]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
The second is from Dave Walsh:
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://example.com/$1 [R,L]
However, neither seem to solve my issue. As a precaution I have restarted the httpd service after every change even htaccess changes which shouldn't require a restart, however the situation remains the same. Can anyone point me in the right direction?
The simplest solution is to replace all links manually using this solution below will save your time and its very straight forward.
The idea is to remove all (protocol HTTP and HTTPS) and leave them to use protocol relative URL https://stackoverflow.com/a/15146073/3599237
We can do this using the following code for index.php
<?php
//this lined added here
ob_start();
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* #package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* #var bool
*/
define('WP_USE_THEMES', true);
/** Loads the WordPress Environment and Template */
require( dirname( __FILE__ ) . '/wp-blog-header.php' );
//and these lines also
$output = ob_get_contents();
ob_end_clean();
$output = str_replace(array("https://", "http://"), "//", $output);
echo str_replace('http:\/\/', "\/\/", $output);
Update: You can simply use Content Security Policy
The HTTP Content-Security-Policy (CSP) upgrade-insecure-requests
directive instructs user agents to treat all of a site's insecure URLs
(those served over HTTP) as though they have been replaced with secure
URLs (those served over HTTPS). This directive is intended for web
sites with large numbers of insecure legacy URLs that need to be
rewritten.
The upgrade-insecure-requests directive is evaluated before
block-all-mixed-content and if it is set, the latter is effectively a
no-op. It is recommended to set either directive, but not both, unless
you want to force HTTPS on older browsers that do not force it after a
redirect to HTTP.
Put below line into header section (header.php file).
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
For more information please read: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests

Remove web / app.php of reference. Symfony2

All requests go through the file web / app.php (similar to index.php), such as a request to the main page - adwords-up.com/web/app.php, input - adwords-up.com /web/app.php/login. I want part of the web / app.php removed from the link. In the configuration .htaccess, redirect to the default web / app.php, so that a request for such was the main form - http://adwords-up.com/, and Page login - http://adwords-up.com/login.
There is my /etc/apache2/sites-available/adwords-up.conf
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port t$
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName adwords-up
ServerAdmin webmaster#localhost
DocumentRoot /var/www/adwords-up/web
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
this might help you
<IfModule mod_rewrite.c>
RewriteEngine On
# Determine the RewriteBase automatically and set it as environment variable.
# If you are using Apache aliases to do mass virtual hosting or installed the
# project in a subdirectory, the base path will be prepended to allow proper
# resolution of the app.php file and to redirect to the correct URI. It will
# work in environments without path prefix as well, providing a safe, one-size
# fits all solution. But as you do not need it in this case, you can comment
# the following 2 lines to eliminate the overhead.
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
# Redirect to URI without front controller to prevent duplicate content
# (with and without `/app.php`). Only do this redirect on the initial
# rewrite by Apache and not on subsequent cycles. Otherwise we would get an
# endless redirect loop (request -> rewrite to front controller ->
# redirect -> request -> ...).
# So in case you get a "too many redirects" error or you always get redirected
# to the startpage because your Apache does not expose the REDIRECT_STATUS
# environment variable, you have 2 choices:
# - disable this feature by commenting the following 2 lines or
# - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
# following RewriteCond (best solution)
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^app\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]
# If the requested filename exists, simply serve it.
# We only want to let Apache serve files and not directories.
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule .? - [L]
</IfModule>
add this to your .htaccess and be sure to have rewriteEngine activated
also this is a common question with answers even on the symfon2 doc
You need to set up apache virtual host and put the correct document root and rewrite rules.
example:
<VirtualHost *:80>
ServerName adwords-up.com
DocumentRoot <path-to-your-codebase>/web
DirectoryIndex app.php
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
RewriteEngine on
RewriteOptions Inherit
RewriteRule ^/app.php/(.*) http://adwords-up.com/$1
RewriteRule ^/(.*) /app.php/$1 [QSA,L]
<Directory "<path-to-your-codebase>/web">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
Hope it helps

Resources