NameVirtualHost on apache2 issues

Message

st0ma · Post by **st0ma** » Mon Sep 24, 2007 5:06 pm

I am trying to test a vhost domain name using NameVirtualHost option by starting the apache2 with APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D PHP5" in the /etc/conf.d/apache2 file. The httpd.conf is the default one..

here is the httpd.conf

Code: Select all

ServerRoot "/usr/lib/apache2"


LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
<IfDefine CACHE>
LoadModule cache_module modules/mod_cache.so
</IfDefine>
<IfDefine DAV>
LoadModule dav_module modules/mod_dav.so
</IfDefine>
<IfDefine DAV>
LoadModule dav_fs_module modules/mod_dav_fs.so
</IfDefine>
<IfDefine DAV>
LoadModule dav_lock_module modules/mod_dav_lock.so
</IfDefine>
LoadModule dbd_module modules/mod_dbd.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
<IfDefine CACHE>
LoadModule disk_cache_module modules/mod_disk_cache.so
</IfDefine>
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule ext_filter_module modules/mod_ext_filter.so
<IfDefine CACHE>
LoadModule file_cache_module modules/mod_file_cache.so
</IfDefine>
LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
LoadModule ident_module modules/mod_ident.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
<IfDefine INFO>
LoadModule info_module modules/mod_info.so
</IfDefine>
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
<IfDefine CACHE>
LoadModule mem_cache_module modules/mod_mem_cache.so
</IfDefine>
LoadModule mime_module modules/mod_mime.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule negotiation_module modules/mod_negotiation.so
<IfDefine PROXY>
LoadModule proxy_module modules/mod_proxy.so
</IfDefine>
<IfDefine PROXY>
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
</IfDefine>
<IfDefine PROXY>
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
</IfDefine>
<IfDefine PROXY>
LoadModule proxy_connect_module modules/mod_proxy_connect.so
</IfDefine>
<IfDefine PROXY>
LoadModule proxy_http_module modules/mod_proxy_http.so
</IfDefine>
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule speling_module modules/mod_speling.so
<IfDefine INFO>
LoadModule status_module modules/mod_status.so
</IfDefine>
LoadModule unique_id_module modules/mod_unique_id.so
<IfDefine USERDIR>
LoadModule userdir_module modules/mod_userdir.so
</IfDefine>
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
<IfDefine LDAP>
LoadModule ldap_module modules/mod_ldap.so
</IfDefine>
<IfDefine AUTH_LDAP>
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
</IfDefine>
LoadModule cgi_module modules/mod_cgi.so
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
</IfDefine>
<IfDefine SUEXEC>
LoadModule suexec_module modules/mod_suexec.so
</IfDefine>

User apache
Group apache

Include /etc/apache2/modules.d/*.conf

Include /etc/apache2/vhosts.d/*.conf

here is my 00_default_vhost.conf

Code: Select all

<IfDefine DEFAULT_VHOST>

Listen 80

NameVirtualHost *:80

<VirtualHost *:80>
        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>
Include /etc/apache2/vhosts.d/xxxxxxx_com.include
</IfDefine>

and here is my xxxxxx_com.include file

Code: Select all

<VirtualHost *:80>
ServerName www.xxxxxx.com
ServerAlias xxxxxx.com *.xxxxxx.com
<Directory "/var/www/vhosts/xxxxxx.com/htdocs">
        Options Indexes FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
        DirectoryIndex index.html index.htm index.php
</Directory>

<IfModule alias_module>
                ScriptAlias /cgi-bin/ "/var/www/vhosts/xxxxxx.com/cgi-bin/"
</IfModule>
<Directory "/var/www/vhosts/xxxxxx.com/cgi-bin">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
</Directory>
</VirtualHost>

when I start the start script /etc/init.d/apache2 start and I try to hit the domain I configured in the browser I get the following.

Forbidden 403.

The apache2 error log file shows the following

[Fri Sep 24 14:08:50 2007] [error] [client xx.xx.xx.xx] client denied by server configuration: /usr/htdocs

If I try to browse the server IP address I load the content in the /var/www/localhost/htdocs/ which is setup by default in the 00_default_vhost.conf file included by the main httpd.conf..
I have nowhere in my configuration files for apache what so ever the folder /usr/htdocs..

Any clue what is wrong in my configuration ?
If you need more system info please let me know.. I am quite puzzled.. went through the other posts with related issues but they all have at least the denied folder somewhere in their conf or include files .. this is not the case on my box tho..

st0ma · Post by **st0ma** » Wed Sep 26, 2007 7:35 am

Let me know if you need more information on the subject or if the information currently provided looks messy to you.. I indeed tried to be as informative as possible on my first post. My vhost project is frozen and I am considering the option to unmerge the apache and start all over soon. If anyone has a crazy idea what could be my mistake please share it with me. Thank you!

nastasa_andrey · Post by **nastasa_andrey** » Wed Sep 26, 2007 2:14 pm

You must add to your vhost configuration

Code: Select all

<Directory path_to_your_host_dir>
    Order allow,deny
    Allow from all
</Directory>

st0ma · Post by **st0ma** » Wed Sep 26, 2007 3:59 pm

in my vhost configuration file I have the following under the Directory tag

<Directory "/var/www/vhosts/xxxxxx.com/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
DirectoryIndex index.html index.htm index.php
</Directory>

I tried your option as well .. same result.
Then I unmerged apache and php and will start from scratch..I will update the post if I have it to work properly.
Thank you!

denstark · Post by **denstark** » Wed Sep 26, 2007 7:41 pm

I'm getting the same problem.. no idea how to fix it =(

st0ma · Post by **st0ma** » Wed Sep 26, 2007 8:48 pm

i did unmerged and emerged again the apache2 and php .. applied kind of the same use flags for both applications and the same outcome.... I don't know.. could you spend a bit more time on the details of your compilation? how did you get to this same error message?

115552 · Post by **115552** » Fri Sep 28, 2007 9:05 am

nastasa_andrey wrote:You must add to your vhost configuration
Code: Select all
<Directory path_to_your_host_dir>
    Order allow,deny
    Allow from all
</Directory>

You just solved my problem! I've spent about a week reconfiguring everyting from scratch after this FSCKING upgrade of apache2 to 2.2.6 that i didn't even want...

However, i have to add those lines now on every virtual host i have.. This wasn't like that before. Is there a way to add it globally so that i save my self the trouble of adding it on every one ?

Thanks

st0ma · Post by **st0ma** » Fri Sep 28, 2007 9:59 am

Check my final config and compare to yours i fneeded.

00_default_vhost.conf

Code: Select all

<IfDefine DEFAULT_VHOST>

Listen 80

NameVirtualHost *:80

<VirtualHost *:80>
        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>
Include /etc/apache2/vhosts.d/xxxxxx_com.include
</IfDefine>

*************
and here is the content of the included xxxxxx_com.include

Code: Select all

<VirtualHost *:80>
ServerName www.xxxxxx.com
ServerAlias xxxxxx.com *.xxxxxx.com
<Directory "/var/www/vhosts/xxxxxx.com/htdocs">
    Order allow,deny
    Allow from all
</Directory>
<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/var/www/vhosts/xxxxxx.com/cgi-bin/"
</IfModule>
<Directory "/var/www/vhosts/xxxxxx.com/cgi-bin">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
</Directory>
<IfModule mpm_peruser_module>
        ServerEnvironment apache apache
</IfModule>
</VirtualHost>

when opening the domain name I still get the Forbidden 403message and the ugly error message in the error_log that I have included in my original post.. Can someone paste his config files for a reference?

Much appreciated.

MikeTheGreat · Post by **MikeTheGreat** » Fri Sep 28, 2007 8:33 pm

I got exactly the same problem when I upgraded from Apache 2.0 to 2.2. I believe the new config files are much more minimal in the newer version and therefore you may have to add something to your virtual hosts file.

I fixed the problem by adding the following to the top of mine.

Code: Select all

<Directory /var/www/>
        Order allow,deny
        Allow from all
</Directory>

This tells apache to allow access to the given directory and applies to all subdirectories unless overridden at a later point.

st0ma: I believe your new 00_default_vhost.conf should read

Code: Select all

<IfDefine DEFAULT_VHOST>

<Directory /var/www/>
        Order allow,deny
        Allow from all
</Directory>

Listen 80

NameVirtualHost *:80

<VirtualHost *:80>
        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>
Include /etc/apache2/vhosts.d/xxxxxx_com.include
</IfDefine>

st0ma · Post by **st0ma** » Mon Oct 08, 2007 1:41 pm

Finally I got it working.. Thatnks to a gentoo guru I was able to realize few key errors that I had in my current configuration

.
Since httpd.conf is including all .conf files in the vhosts.d folder all virtual host files can be created as separate files starting with a number that represents the loading sequence of apache. Since the first 00_default_vhost.conf file is already present and it fires up the default content in the /var/www/localhost I had to create file callse 01_xxxxxx.com.conf. The content is as follows:

<VirtualHost *:80>
ServerName www.xxxxxx.com
ServerAlias xxxxxx.com *.xxxxxx.com
DocumentRoot "/var/www/vhosts/namerih.com/htdocs"
<Directory "/var/www/vhosts/xxxxxx.com/htdocs">
Order allow,deny
Allow from all
DirectoryIndex index.html index.htm index.php
</Directory>

<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/vhosts/xxxxxx.com/cgi-bin/"
</IfModule>
<Directory "/var/www/vhosts/xxxxxx.com/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

Then the error message with the "Permission Denied" went away and the vhost was working just fine.. Now I am to work with the custom error_log and access_log files per virtual hosts.

Thanks for the help again!

Mousee · Post by **Mousee** » Tue Oct 09, 2007 3:42 pm

I'm facing the same issues, but the above hasn't helped me at all.
Especially considering the bold line above "DirectoryRoot "/var/www/vhosts/xxxxxx.com/htdocs" " isn't even a valid configuration option.

Apache continues to attempt to make calls from /usr/htdocs if you attempt to include any new virtual hosts besides the default.
I'll have to play with it more tomorrow and find out what's causing this.

st0ma · Post by **st0ma** » Tue Oct 09, 2007 3:54 pm

Hey Mousee,

Sorry for the typo in the previous post.. I had it corrected now.. the whole file looks as follows:

spas@ns1 ~ $ cat /etc/apache2/vhosts.d/01_xxxxxx_com.conf
<VirtualHost *:80>
ServerName www.xxxxxx.com
ServerAlias xxxxxx.com
DocumentRoot "/var/www/vhosts/xxxxxx.com/htdocs"

<Directory "/var/www/vhosts/xxxxxx.com/htdocs">
# Options Indexes FollowSymLinks
# AllowOverride All
# Order allow,deny
# Allow from all
Order allow,deny
Allow from all
</Directory>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/vhosts/xxxxxx.com/cgi-bin/"
</IfModule>
<Directory "/var/www/vhosts/xxxxxx.com/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
</VirtualHost>

Mousee · Post by **Mousee** » Tue Oct 09, 2007 3:58 pm

No worries st0ma - I tried it with the correct configuration option as well and still no dice. It continues to look under "/usr/htdocs" even though NOTHING in my configuration files point to that folder (and in fact, point to another location completely). It's beyond me and it's not worth taking the time to try and troubleshoot. I've decided just to switch back to apache version 2.0.59.
There's clearly some major issues with the current 2.2.x release (as can be seen all over the forums) and I'll just stay away from it until a stable, proper release is out

Thanks for the input all the same.

st0ma · Post by **st0ma** » Tue Oct 09, 2007 4:34 pm

Hmm I would not give up but you know best Mousee. The guy that helped me took not more than 5 minutes as root to have this sorted out.. Previously I was ready to give up on this but it seemed to work fine now..
Cheers!

Mousee · Post by **Mousee** » Fri Oct 19, 2007 2:01 pm

Okay, I figured out what I was doing wrong. I totally don't remember it being this way before when I used VHosts, but apparently it changed (or I forgot xD ).

Anyways, just underneath the default Vhost setup within 00_default_vhost.conf:

Code: Select all

<VirtualHost *:80>
	Include /etc/apache2/vhosts.d/default_vhost.include

	<IfModule mpm_peruser_module>
		ServerEnvironment apache apache
	</IfModule>
</VirtualHost>

You have to THEN throw in your own VHost configuration, not the other way around. Like this:

Code: Select all

<VirtualHost mywebsite.tld:80>
Include /etc/apache2/vhosts.d/mywebsite.include
	<IfModule mpm_peruser_module>
		ServerEnvironment mousee apache
	</IfModule>
</VirtualHost>

I'd been adding just my includes file instead of including the VirtualHost statement above it, placing that instead within the includes file itself, which apparently didn't take for some reason. I'd also tried placing it after the closing 'IfDefine' statement, thinking that would make more sense as it doesn't make any sense to include your custom VHost within the Defeault VHost. Again, apparently the Apache team has decided logic isn't logic after all.

Off to break more stuff now!

instance · Post by **instance** » Sat Oct 20, 2007 2:50 pm

For those of you using PHP in CGI mode, modules.d/70-mod_php5-cgi.conf adds the ScriptAlias but doesn't set permissions. You need to add something like this:

Code: Select all

        <Directory "/usr/lib/php5/bin/">
            AllowOverride None
            Options None
            Order allow,deny
            Allow from all
        </Directory>

Change PHP5 to PHP4 if you're still on 4.