[users@httpd] Re: Proxy Balancing Not working as Expected

[nskarthik]

Hi

Sticky Session : We do not use Cookie in our Existing applications and the
same is configured to work perfectly with
"ProxyPass & ProxyPassReverse

ProxyPass/APPX  http://192.168.4.32:8085/APPX
ProxyPassReverse /APPX http://192.168.4.32:8085/APPX 

>>You can enable debug log level

I have already done with "LogLevel error" as stated.

[Mon Jun 24 03:55:06 2013] [notice] Apache/2.2.22 (Unix) DAV/2 configured
-- resuming normal operations
[Mon Jun 24 03:55:15 2013] [error] (111)Connection refused: proxy: HTTP:
attempt to connect to 192.168.4.32:8085 (192.168.4.32) failed
[Mon Jun 24 03:55:15 2013] [error] ap_proxy_connect_backend disabling
worker for (192.168.4.32)
[Mon Jun 24 03:55:16 2013] [error] (111)Connection refused: proxy: HTTP:
attempt to connect to 192.168.4.32:8086 (192.168.4.32) failed
[Mon Jun 24 03:55:16 2013] [error] ap_proxy_connect_backend disabling
worker for (192.168.4.32)
[Mon Jun 24 04:23:37 2013] [notice] caught SIGTERM, shutting down
[Mon Jun 24 04:25:52 2013] [notice] Digest: generating secret for digest
authentication ...
[Mon Jun 24 04:25:52 2013] [notice] Digest: done
[Mon Jun 24 04:25:53 2013] [notice] Apache/2.2.22 (Unix) DAV/2 configured
-- resuming normal operations
[Mon Jun 24 04:28:07 2013] [error] (111)Connection refused: proxy: HTTP:
attempt to connect to 192.168.4.32:8085 (192.168.4.32) failed
[Mon Jun 24 04:28:07 2013] [error] ap_proxy_connect_backend disabling
worker for (192.168.4.32)
[Mon Jun 24 04:29:33 2013] [error] (111)Connection refused: proxy: HTTP:
attempt to connect to 192.168.4.32:8085 (192.168.4.32) failed
[Mon Jun 24 04:29:33 2013] [error] ap_proxy_connect_backend disabling
worker for (192.168.4.32)
[Mon Jun 24 05:29:54 2013] [error] (111)Connection refused: proxy: HTTP:
attempt to connect to 192.168.4.32:8085 (192.168.4.32) failed

with regards
karthik



On Tue, Jun 25, 2013 at 5:12 AM, Daniel Ruggeri [via Apache HTTP Server] <
ml-node+s18135n5006594...@n6.nabble.com> wrote:

> On 6/23/2013 11:37 PM, nskarthik wrote:
>
> > Hi
> >
> > SPEC : Apache httpd 2.22 [ Cannot upgrade currently ]
> > O/s SUSE Enterprise-10
> > Sticky session [ Have 2 Tomcats with session based application ]
> >
> > The following is Configured with Sticky session as per APACHE Docs
> >
> > /
> > LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
> > LoadModule proxy_balancer_module  modules/mod_proxy_balancer.so
> > LoadModule proxy_http_module   modules/mod_proxy_http.so
> > LoadModule ssl_module  modules/mod_ssl.so
> > LoadModule proxy_connect_module  modules/mod_proxy_connect.so
> > LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
> > LoadModule proxy_scgi_modulemodules/mod_proxy_scgi.so
> >
> > 
> > BalancerMember http://192.168.4.32:8085  loadfactor=1
> > BalancerMember http://192.168.4.32:8086  loadfactor=1
> > ProxySet lbmethod=bytraffic
> > 
> > ProxyPass /APPX balancer://myclust/ stickysession=JSESSIONID
> > ProxyPassReverse /APPX balancer://myclust//
> >
> > Problem tried
> >
> > a)Application APPX is not reflected  in the URL  as
> http://192.168.8.77/APPX
> What do you mean by this? According to your requirements, should it be?
> I do see that you have a trailing slash on the second argument but not
> the first in ProxyPass - you should avoid this
>
> > b)If the BalancerMember are complete defined as "BalancerMember
> > http://:/APPX ,then the application appears in the URL
> > http://192.168.8.77/APPX
> >
> > c)Stick Session is not maintained [ have checked the application after
> > logging
>
> You can enable debug log level - the balancer will log whether it can
> detect the sticky session cookie.
>
> > HTTP Status 404 - /APPX/Dashboard.action
> >
> >
> > Am i doing something Wrong ??
> >
> >
> > with regards
> > karthik
> >
> --
> Daniel Ruggeri
>
>
> -
> To unsubscribe, e-mail: [hidden 
> email]
> For additional commands, e-mail: [hidden 
> email]
>
>
>
> --
>  If you reply to this email, your message will be added to the discussion
> below:
>
> http://apache-http-server.18135.x6.nabble.com/Proxy-Balancing-Not-working-as-Expected-tp5006568p5006594.html
>  To unsubscribe from Proxy Balancing Not working as Expected, click 
> here
> .
> NAML
>



-- 
*N.S.KART

Re: [users@httpd] HTTP 2.4.4 graceful

[David Guerra]

Is it a virtual machine?  I've seen issues where Apache would start before
some appliances can set the hostname of the server.

Are there any pids at all?


On Tuesday, June 25, 2013, Christian Cioni wrote:

> Pratically, the pid number in the httpd.pid file, is not updated. Any idea?
> 
>
> ** **
>
> Christian
>
> ** **
>
> *Da:* Christian Cioni 
> [mailto:christian.ci...@staff.aruba.it 'christian.ci...@staff.aruba.it');>]
>
> *Inviato:* giovedì 20 giugno 2013 17:00
> *A:* users@httpd.apache.org  'users@httpd.apache.org');>
> *Oggetto:* [users@httpd] HTTP 2.4.4 graceful
>
> ** **
>
> Hi,
>
> after the update from apache 2.4.3 to 2.4.4, when perform the gracaful
> after short time
>
> receive the message:
>
> *httpd not running, trying to start*
>
> *(98)Address already in use: AH00072: make_sock: could not bind to
> address 0.0.0.0:80*
>
> ** **
>
> but apache, running without problems:
>
> *httpd*
>
> *pid:*
>
> *3013 3014 3067 3107 3433 5303 13531*
>
> *is running...*
>
> ** **
>
> any idea?
>
> ** **
>
> -- 
>
> Saluti
>
> 
>
> Christian Cioni
>
> Technical Department
>
> Aruba.it http://www.aruba.it
>
> N° diretto: 0575/1939143
>
> N° centralino: 0575/0505
>
> N° fax: 0575/862300
>
> MailTo: christian.ci...@staff.aruba.it
>
>  
>
> ** **
>
> : AVVISO PRIVACY
>
> = = = = = = = = = = = = = = = = = = = =
>
> Il contenuto della presente e-mail ed i suoi allegati,
>
> sono diretti esclusivamente al destinatario e devono
>


-- 
Take Care,

David Guerra
http://frustratedtech.com/

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

User from the Internet can see the 3rd vhost site now. The current access
control directives are:

Order allow,deny
All from all

Now that Apache can route to the 3rd vhost block I edited the access
controls to tighten things down and enable localhost access as:

Order deny,allow
Deny from all
Allow from [redacted public IP subnet] 127.

And it works great!

The issue was more complicated than it needed to be due to my lack of
understanding of DNS routing integrated with Apache (using a public IP for
the alias directive). Thanks to everyone for their help!


On Tue, Jun 25, 2013 at 2:05 PM, Kirk Woellert  wrote:

> Starting to understand this better. Appending the public IP to the current
> list of alias names in httpd.conf works as you said (for me).
>
> ServerAlias [redacted alias] [redacted public IP]
>
> Sent the link to a user- see what they say.
>
>
> On Tue, Jun 25, 2013 at 1:31 PM, Eric Covener  wrote:
>
>> On Tue, Jun 25, 2013 at 11:33 AM, Kirk Woellert 
>> wrote:
>> > That worked. I edited the /etc/host file on the linux client with a
>> public
>> > IP, and I can get access to the 3rd vhost. Finally, get back to the
>> original
>> > issue which started all this.
>> >
>> > I need to be able expose the site to certain decision makers while its
>> under
>> > development. Hence why I tried Order, Deny, Allow directives for a
>> public
>> > IP. I can't edit their individual /etc/hosts files. Any other way to
>> help
>> > Apache route to the 3rd vhost until I can get a FQDN?
>>
>> Give them links with the IP address. Add the IP address as a ServerAlias.
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
>


-- 
Kirk Woellert
Independent Consultant
Science & Technology Policy, Technical Services
cel 703-732-5339

Re: [users@httpd] Help with Apache Virtual Host Config for Ubuntu Server 4 IPs

[Francis Lee Mondia]

Hi Yehuda,

Yes, this is the Ubuntu default configuration. I did as you suggested and
it worked. Thanks for all the help.

Francis




On Tue, Jun 25, 2013 at 11:48 PM, Yehuda Katz  wrote:

> On Tue, Jun 25, 2013 at 11:35 AM, Francis Lee Mondia 
> wrote:
>
>> I'm trying to configure an Ubuntu server with 4 Public IPs to display
>> "This is a shared IP site" if any of the IPs are accessed directly. The
>> server has IP-based virtual-hosts configured on the different IPs. So far,
>> I'm not having any success with it.
>>
>
> Are you using the default Ubuntu configuration where each vhost is in its
> own file?
> If so, Ubuntu should load them in alphabetical order, so which ever vhost
> is loaded first for each IP will be the default one.
> Common practice is to rename the symlinks in /etc/apache/sites-enabled to
> something like ###-NAME (where ### is the order you want the vhosts loaded
> 000,001,002, etc). That will force (at least the Ubuntu-distributed version
> of) apache to load the vhosts in that order.
>
> As long as your "This is a shared IP site" vhost is the first one loaded,
> it will be shown as the default site.
> You might need to explicitly bind the vhost to every IP address. Something
> like "*:80" won't do it.
>
> I have a setup like this and it works really well.
>
> - Y
>

[users@httpd] R: HTTP 2.4.4 graceful

[Christian Cioni]

Pratically, the pid number in the httpd.pid file, is not updated. Any idea?

 

Christian

 

Da: Christian Cioni [mailto:christian.ci...@staff.aruba.it] 
Inviato: giovedì 20 giugno 2013 17:00
A: users@httpd.apache.org
Oggetto: [users@httpd] HTTP 2.4.4 graceful

 

Hi,

after the update from apache 2.4.3 to 2.4.4, when perform the gracaful after
short time

receive the message:

httpd not running, trying to start

(98)Address already in use: AH00072: make_sock: could not bind to address
0.0.0.0:80

 

but apache, running without problems:

httpd

pid:

3013 3014 3067 3107 3433 5303 13531

is running...

 

any idea?

 

-- 

Saluti



Christian Cioni

Technical Department

Aruba.it   http://www.aruba.it

N° diretto: 0575/1939143

N° centralino: 0575/0505

N° fax: 0575/862300

MailTo:  
christian.ci...@staff.aruba.it

 

 

: AVVISO PRIVACY

= = = = = = = = = = = = = = = = = = = =

Il contenuto della presente e-mail ed i suoi allegati,

sono diretti esclusivamente al destinatario e devono

ritenersi riservati, con divieto di diffusione o di uso

non conforme alle finalità per le quali la presente e-mail

è stata inviata.

Pertanto, ne è vietata la diffusione e la comunicazione

da parte di soggetti diversi dal destinatario, ai sensi degli

artt. 616 e ss. c.p. e D.lgs n. 196/03 Codice Privacy.

 

Se la presente e-mail ed i suoi allegati sono stati ricevuti

per errore, siete pregati di distruggere quanto ricevuto e

di informare il mittente al seguente recapito:

Mailto:  
christian.ci...@staff.aruba.it

= = = = = = = = = = = = = = = = = = = =

 

[users@httpd] HTTP Rewrite to HTTPS proxy works but direct HTTPS doesn't proxy

[Pete Jibe]

Hi there, 

After looking this over I've located the issue but haven't determined how to
best implement the resolution. 

The problem is that when folks access HTTP (via httpd-vhosts.conf) the
configuration Rewrites the URL as
https://www.yippyskippy.com/ClusterTester$1 

When end-users bypass the HTTP configuration and go directly to HTTPS the
httpd-ssl.conf file has been configured to expect that the Rewrite has
already occurred and that the /ClusterTester$1 suffix already exists. 

Because the original httpd-vhosts.conf Rewrite command is bypassed, the
httpd-ssl.conf configuration tries to proxypass the incorrect URL string to
the back-end Glassfish server resulting in the original error. 

Now I'm trying to determine how/where to best place the Rewrite command (I'm
assuming within the httpd-ssl.conf virtual hosts section) while still
maintaining the redirect from HTTP to HTTPS. 

As before, any input that would get me on the write path to resolution is
highly appreciated. 

~Pete

Re: [users@httpd] Form problem with non-ascii characters (æ or ß)

[Pi Dizayn]

I verified. I used other computers and browsers.


On Wed, Jun 26, 2013 at 12:24 AM, Jim Albert  wrote:

> On 6/25/2013 1:34 PM, Pi Dizayn wrote:
>
>> Dear Apaches :) ,
>>
>> I'm moving a website to another server. In the new server when I submit
>> a form with æ or ß the browser says "The connection was reset". This
>> never happened before. The OS is CentOS. PHP or CGI forms are the same.
>>
>> --
>> Boray Eris
>> www.pidizayn.com 
>>
>
> Did you verify the problem yourself assuming you would not normally use
> non-western characters or is this feedback from visitors?
>
> Since I believe those are non-western characters could the problem be
> related to network problems from distant users (as in another part of the
> world from your server)?
>
> Jim
>
>
> --**--**-
> To unsubscribe, e-mail: 
> users-unsubscribe@httpd.**apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>


-- 
Boray Eris
www.pidizayn.com

Re: [users@httpd] Form problem with non-ascii characters (æ or ß)

[Jim Albert]

On 6/25/2013 1:34 PM, Pi Dizayn wrote:

Dear Apaches :) ,

I'm moving a website to another server. In the new server when I submit
a form with æ or ß the browser says "The connection was reset". This
never happened before. The OS is CentOS. PHP or CGI forms are the same.

--
Boray Eris
www.pidizayn.com 


Did you verify the problem yourself assuming you would not normally use 
non-western characters or is this feedback from visitors?


Since I believe those are non-western characters could the problem be 
related to network problems from distant users (as in another part of 
the world from your server)?


Jim


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Auth aliases problem

[Brandon Gould]

You can also try authenticating to PAM, and then in 

 

/etc/pam.d/apache2 (or httpd, I'll have to check)

 

You specify

 

Auth  sufficient pam_ldap.so

Account   sufficient pam_ldap.so

 

Pam_ldap is part of  the nss_ldap package.

 

This tells PAM to authenticate with LDAP.

 

On your VirtualHost directive, you'll also need to add:

 


AuthType Basic
AuthName "Restricted area for My Server"
AuthPAM_Enabled On
Require group mygroup


 

This should allow you to authenticate to LDAP.

 

From: Tymiński Jan [mailto:jan.tymin...@exorigo-upos.pl] 
Sent: Tuesday, June 25, 2013 9:46 AM
To: users@httpd.apache.org
Subject: [users@httpd] Auth aliases problem

 

I'd like to ask again about my problem: I want to make aliases for ldap
authorization with mod_authn_alias, I have set everything up correctly,
according to the documentation, enabled required module, set
"AuthBasicProvider aaa" in my configuration, and I receive error: "Unknown
Authn provider: aaa" - there is no single line in error.log, there is no
information I can google, as all forward to: "Unknown Authn provider: ldap"
and this is not the problem I experience - there is certainly other basis of
the problem.

 

King Regards,

 

Jan TYMIŃSKI

IT System Administrator

 

Exorigo-UPOS Group

 

tel.: +48 32 44 28 172

mobile.: +48 607 410 656

mailto:jan.tymin...@exorigo-upos.pl

 


--
Exorigo-Upos sp. z o.o., ul. Kolejowa 5/7, 01-217 Warszawa, NIP
526-26-02-464, REGON 017389996, KRS: 053959.
Rejestracja w Sądzie Rejonowym dla m. st. Warszawy w Warszawie, XII Wydział
Gospodarczy KRS. Kapitał zakładowy 2.045.000 zł.

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

Starting to understand this better. Appending the public IP to the current
list of alias names in httpd.conf works as you said (for me).

ServerAlias [redacted alias] [redacted public IP]

Sent the link to a user- see what they say.

On Tue, Jun 25, 2013 at 1:31 PM, Eric Covener  wrote:

> On Tue, Jun 25, 2013 at 11:33 AM, Kirk Woellert  wrote:
> > That worked. I edited the /etc/host file on the linux client with a
> public
> > IP, and I can get access to the 3rd vhost. Finally, get back to the
> original
> > issue which started all this.
> >
> > I need to be able expose the site to certain decision makers while its
> under
> > development. Hence why I tried Order, Deny, Allow directives for a public
> > IP. I can't edit their individual /etc/hosts files. Any other way to help
> > Apache route to the 3rd vhost until I can get a FQDN?
>
> Give them links with the IP address. Add the IP address as a ServerAlias.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Socal Livin]

Hi,

Try using the password protect directories in mod_security until you find the 
solution.




 From: Eric Covener 
To: users@httpd.apache.org 
Sent: Tuesday, June 25, 2013 10:31 AM
Subject: Re: [users@httpd] Apache virtualhost order deny, allow works only on 
localhost; ignores public IP for allow
 

On Tue, Jun 25, 2013 at 11:33 AM, Kirk Woellert  wrote:
> That worked. I edited the /etc/host file on the linux client with a public
> IP, and I can get access to the 3rd vhost. Finally, get back to the original
> issue which started all this.
>
> I need to be able expose the site to certain decision makers while its under
> development. Hence why I tried Order, Deny, Allow directives for a public
> IP. I can't edit their individual /etc/hosts files. Any other way to help
> Apache route to the 3rd vhost until I can get a FQDN?

Give them links with the IP address. Add the IP address as a ServerAlias.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Form problem with non-ascii characters (æ or ß)

[Pi Dizayn]

Dear Apaches :) ,

I'm moving a website to another server. In the new server when I submit a
form with æ or ß the browser says "The connection was reset". This never
happened before. The OS is CentOS. PHP or CGI forms are the same.

-- 
Boray Eris
www.pidizayn.com

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Eric Covener]

On Tue, Jun 25, 2013 at 11:33 AM, Kirk Woellert  wrote:
> That worked. I edited the /etc/host file on the linux client with a public
> IP, and I can get access to the 3rd vhost. Finally, get back to the original
> issue which started all this.
>
> I need to be able expose the site to certain decision makers while its under
> development. Hence why I tried Order, Deny, Allow directives for a public
> IP. I can't edit their individual /etc/hosts files. Any other way to help
> Apache route to the 3rd vhost until I can get a FQDN?

Give them links with the IP address. Add the IP address as a ServerAlias.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Help with Apache Virtual Host Config for Ubuntu Server 4 IPs

[Yehuda Katz]

On Tue, Jun 25, 2013 at 11:35 AM, Francis Lee Mondia wrote:

> I'm trying to configure an Ubuntu server with 4 Public IPs to display
> "This is a shared IP site" if any of the IPs are accessed directly. The
> server has IP-based virtual-hosts configured on the different IPs. So far,
> I'm not having any success with it.
>

Are you using the default Ubuntu configuration where each vhost is in its
own file?
If so, Ubuntu should load them in alphabetical order, so which ever vhost
is loaded first for each IP will be the default one.
Common practice is to rename the symlinks in /etc/apache/sites-enabled to
something like ###-NAME (where ### is the order you want the vhosts loaded
000,001,002, etc). That will force (at least the Ubuntu-distributed version
of) apache to load the vhosts in that order.

As long as your "This is a shared IP site" vhost is the first one loaded,
it will be shown as the default site.
You might need to explicitly bind the vhost to every IP address. Something
like "*:80" won't do it.

I have a setup like this and it works really well.

- Y

[users@httpd] Help with Apache Virtual Host Config for Ubuntu Server 4 IPs

[Francis Lee Mondia]

Hi,

I'm trying to configure an Ubuntu server with 4 Public IPs to display "This
is a shared IP site" if any of the IPs are accessed directly. The server
has IP-based virtual-hosts configured on the different IPs. So far, I'm not
having any success with it.

Any help will be appreciated.

Francis

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

That worked. I edited the /etc/host file on the linux client with a public
IP, and I can get access to the 3rd vhost. Finally, get back to the
original issue which started all this.

I need to be able expose the site to certain decision makers while its
under development. Hence why I tried Order, Deny, Allow directives for a
public IP. I can't edit their individual /etc/hosts files. Any other way to
help Apache route to the 3rd vhost until I can get a FQDN?


On Tue, Jun 25, 2013 at 11:22 AM, Eric Covener  wrote:

> On Tue, Jun 25, 2013 at 11:12 AM, Kirk Woellert  wrote:
> > Ok, there are two clients in this thread, 1 is the client on the server
> > console and is my personal linux system which is on the Internet. The
> > /etc/hosts file on the server has an entry so that the alias in the vhost
> > block resolves when testing on the server. Are you saying I need to edit
> the
> > /etc/hosts file on my linux pc?
>
> Yes.  If you want to use a hostname to discriminate between virtual
> hosts, your client has to use that hostname.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Eric Covener]

On Tue, Jun 25, 2013 at 11:12 AM, Kirk Woellert  wrote:
> Ok, there are two clients in this thread, 1 is the client on the server
> console and is my personal linux system which is on the Internet. The
> /etc/hosts file on the server has an entry so that the alias in the vhost
> block resolves when testing on the server. Are you saying I need to edit the
> /etc/hosts file on my linux pc?

Yes.  If you want to use a hostname to discriminate between virtual
hosts, your client has to use that hostname.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Errors after changing hostname

[Dariusz Dolecki]

we are getting errors in our apache after changing the hostname of a
soalris box, dns was changed as well..any ideas?

The rror message is:
The proxy server received an invalid response from an upstream server.

Re: [users@httpd] Errors after changing hostname

[Kirk Woellert]

Since folks are helping me with an issue thought to give back to the list:

Our department changed the IP for a VM I run Apache on- without telling me,
if you can believe that. Although not the same as hostname change, I had to
check httpd.conf, ssl.conf and /etc/hosts to update the IP.
Hope this helps.


On Tue, Jun 25, 2013 at 11:16 AM, Dariusz Dolecki  wrote:

> we are getting errors in our apache after changing the hostname of a
> soalris box, dns was changed as well..any ideas?
>
> The rror message is:
> The proxy server received an invalid response from an upstream server.
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

Ok, there are two clients in this thread, 1 is the client on the server
console and is my personal linux system which is on the Internet. The
/etc/hosts file on the server has an entry so that the alias in the vhost
block resolves when testing on the server. Are you saying I need to edit
the /etc/hosts file on my linux pc?


On Tue, Jun 25, 2013 at 11:06 AM, Eric Covener  wrote:

> On Tue, Jun 25, 2013 at 11:01 AM, Kirk Woellert  wrote:
> > It's a good point but I need to able to access this site from one public
> IP
> > in particular. I thought an entry in /etc/hosts currently as:
> >
> > 127.0.0.1 [redacted alias for 3rd vhost]
> >
> > would be sufficient but maybe not? If not, how can I get Apache to
> 'route'
> > to that 3rd vhost? What would people typically do in this case? BTW, I'm
> not
> > the DNS manager and won't get a FQDN for this stage of development.
> >
>
> You can use an IP as a ServerName or ServerAlias. Otherwise, You need
> the /etc/hosts entry on the client, and you need to actually use the
> name in the browser -- otherwise the client cannot telegraph to Apache
> which name-based virtual host it's accessing.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Jens-U. Mozdzen]

Hi Kirk,

Zitat von Kirk Woellert :

It's a good point but I need to able to access this site from one public IP
in particular. I thought an entry in /etc/hosts currently as:

127.0.0.1 [redacted alias for 3rd vhost]

would be sufficient but maybe not? If not, how can I get Apache to 'route'
to that 3rd vhost? What would people typically do in this case? BTW, I'm


as already said by Eric: put the /etc/hosts entry on the *client*,  
where you run your browser.


The browser will take the name from the URL, convert it to your  
server's (internal) IP and send the request there - stating it's for  
"". httpd then will take that name and match it to the vhost  
setting.



not the DNS manager and won't get a FQDN for this stage of development.


no need for that.


On Tue, Jun 25, 2013 at 10:55 AM, Eric Covener  wrote:


> As a reminder- I don't have a FQDN for the third vhost site- so I just
made
> a /etc/host temporary entry as mentioned earlier in my post. Therefore


How should that help? The browser doesn't even send the FQDN of the  
vhost, but asks for the IP you give in the URL:



when
> I try to check for public access, I'm always using a physical path in the
> browser as:
>
> http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted
site
> directory for 3rd vhost]/index.php
> [...]
How would Apache know to route  that to the third name-based vhost
when you use the IP address only and no matching servername?  You
should mock the hostname in your hosts file from the client you test
on.


Regards,
Jens


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

Trying everything- test php file i.e. info.php, also just did a 'touch' and
created an index.html, owned by the 3rd vhost user:group, chmod 775.

Can load the index.html on the local server console but not from the
Internet (using a physical path).

-Kirk Woellert
On Tue, Jun 25, 2013 at 10:35 AM, David Guerra wrote:

> Are you only trying to open PHP files or do you get the same issue with
> CSS and image files?
>
>
> On Tue, Jun 25, 2013 at 10:30 AM, Kirk Woellert  wrote:
>
>> Hi, I looked at output of a "# httpd -S" command too- didn't see an
>> obvious problem but here it is (pardon all the redaction):
>> --
>> [root@[myhostname mysuperuser]# httpd -S
>> [Tue Jun 25 10:06:18 2013] [warn] NameVirtualHost *:443 has no
>> VirtualHosts
>> VirtualHost configuration:
>> [Assigned Public IP Redacted]:443  www.[redacted]
>> (/etc/httpd/conf.d/ssl.conf:78)
>> wildcard NameVirtualHosts and _default_ servers:
>> *:80   is a NameVirtualHost
>>  default server localhost (/etc/httpd/conf/httpd.conf:1074)
>>  port 80 namevhost localhost (/etc/httpd/conf/httpd.conf:1074)
>>  alias localhost
>>  port 80 namevhost www.[redacted]
>> (/etc/httpd/conf/httpd.conf:1080)
>>  alias [redacted]
>>  port 80 namevhost [redacted] (/etc/httpd/conf/httpd.conf:1103)
>>  alias [redacted]
>> Syntax OK
>> -
>>
>> To summarize, the default Apache localhost website works, the vhost for a
>> live website works, but I cannot get the third vhost for a site under
>> development to be accessible from the Internet- only on the localhost. I
>> cranked up the Apache log level this morning to "debug" and confirmed the
>> SuExec wrapper script is instantiated for the user associated with the
>> third vhost. So its not SuExec. I double checked permissions/ownership,
>> again. So it does not appear to be that. Again, this morning I changed the
>> Order, Allow,Deny directives to "Allow all". Still no access from the
>> Internet. Third vhost only works when I enter its alias in a browser on the
>> server console.
>>
>> As a reminder- I don't have a FQDN for the third vhost site- so I just
>> made a /etc/host temporary entry as mentioned earlier in my post. Therefore
>> when I try to check for public access, I'm always using a physical path in
>> the browser as:
>>
>> http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted
>> site directory for 3rd vhost]/index.php
>>
>> "as well as a invocation of e.g. wget
>> demonstrating the problem."
>>
>> I don't follow what you mean by reference to wget- a unix file transfer
>> utility...
>>
>> -Kirk Woellert
>>
>>
>> On Tue, Jun 25, 2013 at 9:04 AM, Eric Covener  wrote:
>>
>>> On Tue, Jun 25, 2013 at 8:39 AM, Kirk Woellert 
>>> wrote:
>>> > Update: Still have the same basic problem, I can access the vhost2
>>> from the
>>> > Internet, but can only access vhost3 from the localhost- not from the
>>> > Internet. The behavior in my reply was not repeatable. I tried to
>>> completely
>>> > open up access to the vhost3 site by:
>>>
>>> pastebin your apachectl -S output as well as a invocation of e.g. wget
>>> demonstrating the problem.
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>> For additional commands, e-mail: users-h...@httpd.apache.org
>>>
>>>
>>
>>
>>
>
>
> --
> Take Care,
>
> David Guerra
> http://frustratedtech.com/
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Eric Covener]

On Tue, Jun 25, 2013 at 11:01 AM, Kirk Woellert  wrote:
> It's a good point but I need to able to access this site from one public IP
> in particular. I thought an entry in /etc/hosts currently as:
>
> 127.0.0.1 [redacted alias for 3rd vhost]
>
> would be sufficient but maybe not? If not, how can I get Apache to 'route'
> to that 3rd vhost? What would people typically do in this case? BTW, I'm not
> the DNS manager and won't get a FQDN for this stage of development.
>

You can use an IP as a ServerName or ServerAlias. Otherwise, You need
the /etc/hosts entry on the client, and you need to actually use the
name in the browser -- otherwise the client cannot telegraph to Apache
which name-based virtual host it's accessing.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

It's a good point but I need to able to access this site from one public IP
in particular. I thought an entry in /etc/hosts currently as:

127.0.0.1 [redacted alias for 3rd vhost]

would be sufficient but maybe not? If not, how can I get Apache to 'route'
to that 3rd vhost? What would people typically do in this case? BTW, I'm
not the DNS manager and won't get a FQDN for this stage of development.

-Kirk Woellert


On Tue, Jun 25, 2013 at 10:55 AM, Eric Covener  wrote:

> > As a reminder- I don't have a FQDN for the third vhost site- so I just
> made
> > a /etc/host temporary entry as mentioned earlier in my post. Therefore
> when
> > I try to check for public access, I'm always using a physical path in the
> > browser as:
> >
> > http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted
> site
> > directory for 3rd vhost]/index.php
>
>
> >> ServerName test
> >> ServerAlias test
>
> How would Apache know to route  that to the third name-based vhost
> when you use the IP address only and no matching servername?  You
> should mock the hostname in your hosts file from the client you test
> on.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Eric Covener]

> As a reminder- I don't have a FQDN for the third vhost site- so I just made
> a /etc/host temporary entry as mentioned earlier in my post. Therefore when
> I try to check for public access, I'm always using a physical path in the
> browser as:
>
> http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted site
> directory for 3rd vhost]/index.php


>> ServerName test
>> ServerAlias test

How would Apache know to route  that to the third name-based vhost
when you use the IP address only and no matching servername?  You
should mock the hostname in your hosts file from the client you test
on.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[David Guerra]

Are you only trying to open PHP files or do you get the same issue with CSS
and image files?


On Tue, Jun 25, 2013 at 10:30 AM, Kirk Woellert  wrote:

> Hi, I looked at output of a "# httpd -S" command too- didn't see an
> obvious problem but here it is (pardon all the redaction):
> --
> [root@[myhostname mysuperuser]# httpd -S
> [Tue Jun 25 10:06:18 2013] [warn] NameVirtualHost *:443 has no VirtualHosts
> VirtualHost configuration:
> [Assigned Public IP Redacted]:443  www.[redacted]
> (/etc/httpd/conf.d/ssl.conf:78)
> wildcard NameVirtualHosts and _default_ servers:
> *:80   is a NameVirtualHost
>  default server localhost (/etc/httpd/conf/httpd.conf:1074)
>  port 80 namevhost localhost (/etc/httpd/conf/httpd.conf:1074)
>  alias localhost
>  port 80 namevhost www.[redacted] (/etc/httpd/conf/httpd.conf:1080)
>  alias [redacted]
>  port 80 namevhost [redacted] (/etc/httpd/conf/httpd.conf:1103)
>  alias [redacted]
> Syntax OK
> -
>
> To summarize, the default Apache localhost website works, the vhost for a
> live website works, but I cannot get the third vhost for a site under
> development to be accessible from the Internet- only on the localhost. I
> cranked up the Apache log level this morning to "debug" and confirmed the
> SuExec wrapper script is instantiated for the user associated with the
> third vhost. So its not SuExec. I double checked permissions/ownership,
> again. So it does not appear to be that. Again, this morning I changed the
> Order, Allow,Deny directives to "Allow all". Still no access from the
> Internet. Third vhost only works when I enter its alias in a browser on the
> server console.
>
> As a reminder- I don't have a FQDN for the third vhost site- so I just
> made a /etc/host temporary entry as mentioned earlier in my post. Therefore
> when I try to check for public access, I'm always using a physical path in
> the browser as:
>
> http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted site
> directory for 3rd vhost]/index.php
>
> "as well as a invocation of e.g. wget
> demonstrating the problem."
>
> I don't follow what you mean by reference to wget- a unix file transfer
> utility...
>
> -Kirk Woellert
>
>
> On Tue, Jun 25, 2013 at 9:04 AM, Eric Covener  wrote:
>
>> On Tue, Jun 25, 2013 at 8:39 AM, Kirk Woellert  wrote:
>> > Update: Still have the same basic problem, I can access the vhost2 from
>> the
>> > Internet, but can only access vhost3 from the localhost- not from the
>> > Internet. The behavior in my reply was not repeatable. I tried to
>> completely
>> > open up access to the vhost3 site by:
>>
>> pastebin your apachectl -S output as well as a invocation of e.g. wget
>> demonstrating the problem.
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
>
>


-- 
Take Care,

David Guerra
http://frustratedtech.com/

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

Hi, I looked at output of a "# httpd -S" command too- didn't see an obvious
problem but here it is (pardon all the redaction):
--
[root@[myhostname mysuperuser]# httpd -S
[Tue Jun 25 10:06:18 2013] [warn] NameVirtualHost *:443 has no VirtualHosts
VirtualHost configuration:
[Assigned Public IP Redacted]:443  www.[redacted]
(/etc/httpd/conf.d/ssl.conf:78)
wildcard NameVirtualHosts and _default_ servers:
*:80   is a NameVirtualHost
 default server localhost (/etc/httpd/conf/httpd.conf:1074)
 port 80 namevhost localhost (/etc/httpd/conf/httpd.conf:1074)
 alias localhost
 port 80 namevhost www.[redacted] (/etc/httpd/conf/httpd.conf:1080)
 alias [redacted]
 port 80 namevhost [redacted] (/etc/httpd/conf/httpd.conf:1103)
 alias [redacted]
Syntax OK
-

To summarize, the default Apache localhost website works, the vhost for a
live website works, but I cannot get the third vhost for a site under
development to be accessible from the Internet- only on the localhost. I
cranked up the Apache log level this morning to "debug" and confirmed the
SuExec wrapper script is instantiated for the user associated with the
third vhost. So its not SuExec. I double checked permissions/ownership,
again. So it does not appear to be that. Again, this morning I changed the
Order, Allow,Deny directives to "Allow all". Still no access from the
Internet. Third vhost only works when I enter its alias in a browser on the
server console.

As a reminder- I don't have a FQDN for the third vhost site- so I just made
a /etc/host temporary entry as mentioned earlier in my post. Therefore when
I try to check for public access, I'm always using a physical path in the
browser as:

http://[redacted public IP]/~[redacted user for 3rd vhost]/[redacted site
directory for 3rd vhost]/index.php

"as well as a invocation of e.g. wget
demonstrating the problem."

I don't follow what you mean by reference to wget- a unix file transfer
utility...

-Kirk Woellert

On Tue, Jun 25, 2013 at 9:04 AM, Eric Covener  wrote:

> On Tue, Jun 25, 2013 at 8:39 AM, Kirk Woellert  wrote:
> > Update: Still have the same basic problem, I can access the vhost2 from
> the
> > Internet, but can only access vhost3 from the localhost- not from the
> > Internet. The behavior in my reply was not repeatable. I tried to
> completely
> > open up access to the vhost3 site by:
>
> pastebin your apachectl -S output as well as a invocation of e.g. wget
> demonstrating the problem.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

[users@httpd] Auth aliases problem

[Tymiński Jan]

I'd like to ask again about my problem: I want to make aliases for ldap 
authorization with mod_authn_alias, I have set everything up correctly, 
according to the documentation, enabled required module, set "AuthBasicProvider 
aaa" in my configuration, and I receive error: "Unknown Authn provider: aaa" - 
there is no single line in error.log, there is no information I can google, as 
all forward to: "Unknown Authn provider: ldap" and this is not the problem I 
experience - there is certainly other basis of the problem.

King Regards,

Jan TYMIŃSKI
IT System Administrator

Exorigo-UPOS Group

tel.: +48 32 44 28 172
mobile.: +48 607 410 656
mailto:jan.tymin...@exorigo-upos.pl


--
Exorigo-Upos sp. z o.o., ul. Kolejowa 5/7, 01-217 Warszawa, NIP 526-26-02-464, 
REGON 017389996, KRS: 053959.
Rejestracja w Sądzie Rejonowym dla m. st. Warszawy w Warszawie, XII Wydział 
Gospodarczy KRS. Kapitał zakładowy 2.045.000 zł.

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Eric Covener]

On Tue, Jun 25, 2013 at 8:39 AM, Kirk Woellert  wrote:
> Update: Still have the same basic problem, I can access the vhost2 from the
> Internet, but can only access vhost3 from the localhost- not from the
> Internet. The behavior in my reply was not repeatable. I tried to completely
> open up access to the vhost3 site by:

pastebin your apachectl -S output as well as a invocation of e.g. wget
demonstrating the problem.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache virtualhost order deny, allow works only on localhost; ignores public IP for allow

[Kirk Woellert]

Update: Still have the same basic problem, I can access the vhost2 from the
Internet, but can only access vhost3 from the localhost- not from the
Internet. The behavior in my reply was not repeatable. I tried to
completely open up access to the vhost3 site by:

order allow,deny
allow all

But still get a forbidden 403 error. Apache error log says the same message
"client denied by server configuration".
Anyone have a thought why I can't seem to enable access?


On Fri, Jun 21, 2013 at 11:30 PM, Kirk Woellert  wrote:

> Its not file permissions -
> So, I tried the suggestion. Now, in addition to access denied from the
> public IP, access is also denied on the localhost (I tried the alias and a
> physical path).
> AND the site with a FQDN got redirected to the default Apache site
> (/var/www). I was not expecting the currently working vhost to get broken
> like that. I changed things back as per the start of my post but, I guess
> this means something is very wrong with how the vhosts are setup. Some sort
> of namespace confusion by Apache?
>
>
> On Fri, Jun 21, 2013 at 8:42 PM, Igor Cicimov  wrote:
>
>>
>> > 
>> > ServerName test
>> > ServerAlias test
>> > DocumentRoot /home/user3/public_html/test
>> > 
>> > SuexecUserGroup test test
>> > 
>> > Order Deny,Allow
>> > Deny from all
>> > Allow from xxx.xxx.xxx.xxx 127
>> >
>> Assuming its not the file permission have you tried
>>
>> Order Allow,Deny
>> Allow from xxx.xxx.xxx.xxx 127
>> Deny from all
>>
>> ?
>>
>
>
>
>

[users@httpd] Defining search depth for mod_ldap.

[Mangesh Sawant]

Hi,

when searching a user mod_ldap returns only parent node attributes.
Is there any setting so that search will return parent node attributes as
well.

LDAP URS is as follows:
LdapUrl=ldap://
172.16.100.237/ou=radiusUserProfile,dc=mtnl,dc=com?uid,userPassword,cn,sn?

Here I could get back only uid,userPassword.
cn and sn were blank, which are attributes of child nodes.

-- 
Thanks And Regards ,
Mangesh Sawant .