Re: [users@httpd] Help check my config for server section
I finally use this config: ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Options None AllowOverride None Require all denied Options +Indexes Require all granted Require all denied SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it. Thank you for your kind helps. Henry November 12, 2022 at 12:37 AM, "Frank Gingras" wrote: > > That config snippet has no effect on php; that being said, you many two > issues so far: > > 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect > suffices > 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 > directives, and unload the mod_access_compat module > > On Fri, 11 Nov 2022 at 08:32, wrote: > > > > > I think I need to read httpd's doc carefully. > > Before doing that can you help check my this config (for php primarily) are > > going without issue? > > Thanks in advance. > > > > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#' > > > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net http://mail.openmbox.net/ > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > RewriteEngine on > > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/ > > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > > > > > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#' > > > > > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net http://mail.openmbox.net/ > > DocumentRoot /var/www/snappy > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > > > Options None > > AllowOverride None > > Require all denied > > > > > > > > Options +Indexes > > Order deny,allow > > Allow from all > > Require all granted > > > > > > > > Require all denied > > > > > > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem > > http://mail.openmbox.net/fullchain.pem > > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem > > http://mail.openmbox.net/privkey.pem > > Include /etc/letsencrypt/options-ssl-apache.conf > > > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Help check my config for server section
That config snippet has no effect on php; that being said, you many two issues so far: 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module On Fri, 11 Nov 2022 at 08:32, wrote: > I think I need to read httpd's doc carefully. > Before doing that can you help check my this config (for php primarily) > are going without issue? > Thanks in advance. > > > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#' > > > ServerAdmin webmaster@localhost > ServerName mail.openmbox.net > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > RewriteEngine on > RewriteCond %{SERVER_NAME} =mail.openmbox.net > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > > > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#' > > > > ServerAdmin webmaster@localhost > ServerName mail.openmbox.net > DocumentRoot /var/www/snappy > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > Options None > AllowOverride None > Require all denied > > > > Options +Indexes > Order deny,allow > Allow from all > Require all granted > > > > Require all denied > > > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem > Include /etc/letsencrypt/options-ssl-apache.conf > > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
Re: [users@httpd] firefox shows default site page
Thanks. So I know that it's due to 000-default.conf was using the system hostname as its default virtual server. And my system hostname is just same as web domain name. # hostname mail.openmbox.net After I removed 000-default.conf the site does work. Thanks a lot. November 11, 2022 at 9:27 PM, "Eric Covener" wrote: > > On Fri, Nov 11, 2022 at 8:27 AM wrote: > > > > > Hello > > > > # rm -f 000-default.conf > > # service apache2 restart > > > > After I removed 000-default.conf the site http://mail.openmbox.net/ just > > works. > > so the reason is due to 000-default.conf? we should remove this file in a > > regular webserver? > > > > If the systems hostname matches one of your other port 80 vhosts, you > should set a ServerName in it and not it let implicitly use the system > hostname. > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Help check my config for server section
I think I need to read httpd's doc carefully. Before doing that can you help check my this config (for php primarily) are going without issue? Thanks in advance. root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#' ServerAdmin webmaster@localhost ServerName mail.openmbox.net ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined RewriteEngine on RewriteCond %{SERVER_NAME} =mail.openmbox.net RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#' ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Options None AllowOverride None Require all denied Options +Indexes Order deny,allow Allow from all Require all granted Require all denied SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
On Fri, Nov 11, 2022 at 8:27 AM wrote: > > Hello > > # rm -f 000-default.conf > # service apache2 restart > > After I removed 000-default.conf the site http://mail.openmbox.net just works. > so the reason is due to 000-default.conf? we should remove this file in a > regular webserver? If the systems hostname matches one of your other port 80 vhosts, you should set a ServerName in it and not it let implicitly use the system hostname. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
Hello # rm -f 000-default.conf # service apache2 restart After I removed 000-default.conf the site http://mail.openmbox.net just works. so the reason is due to 000-default.conf? we should remove this file in a regular webserver? Thanks. November 11, 2022 at 9:19 PM, "Eric Covener" wrote: > > > > > As you see, these two lines of output are quite strange: > > default server mail.openmbox.net > > (/etc/apache2/sites-enabled/000-default.conf:1) > > port 80 namevhost mail.openmbox.net > > (/etc/apache2/sites-enabled/000-default.conf:1) > > > > this is normal > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: firefox shows default site page
Hi, Just a thought, but can you show the output from: apache2ctl -S Ed On Fri, 11 Nov 2022 at 13:06, wrote: > Hello > > I just created config files under /etc/apache2/sites-enabled directly. > > $ ls /etc/apache2/sites-enabled > lrwxrwxrwx 1 root root 35 Oct 20 14:42 000-default.conf -> > ../sites-available/000-default.conf > -rw-r--r-- 1 root root 1850 Nov 11 03:58 webmail-le-ssl.conf > -rw-r--r-- 1 root root 1469 Nov 11 03:59 webmail.conf > > so no a2ensite command is needed. > Thanks > > > November 11, 2022 at 8:55 PM, " Good Guy " wrote: > > > > > > On 11/11/2022 12:05, supp...@openmbox.net wrote: > > > > > > > > And apache2 restarted without error. > > > > > > but http://mail.openmbox.net/ still go to default site. > > > > > > any idea? > > > > > > regards. > > > > > > > Can I just ask a simple but obvious question. Have you enabled the site? > A simple command such as "sudo a2ensite openmbox.conf". I am assuming > openmbox.conf file is created. I always create separate conf files for each > site/domain to make things simple but some people have different vies about > this. You can enable all sites with "*.conf" parameter to make it even more > simpler. > > > > - > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
Re: [users@httpd] firefox shows default site page
> As you see, these two lines of output are quite strange: > default server mail.openmbox.net > (/etc/apache2/sites-enabled/000-default.conf:1) > port 80 namevhost mail.openmbox.net > (/etc/apache2/sites-enabled/000-default.conf:1) this is normal - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
sure, here are the content. root@mail:/etc/apache2/sites-enabled# cat 000-default.conf |grep -v '#' ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined root@mail:/etc/apache2/sites-enabled# apachectl -S VirtualHost configuration: *:443 is a NameVirtualHost default server openmbox.net (/etc/apache2/sites-enabled/homepage-le-ssl.conf:2) port 443 namevhost openmbox.net (/etc/apache2/sites-enabled/homepage-le-ssl.conf:2) port 443 namevhost mail.openmbox.net (/etc/apache2/sites-enabled/webmail-le-ssl.conf:2) *:80 is a NameVirtualHost default server mail.openmbox.net (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost mail.openmbox.net (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost openmbox.net (/etc/apache2/sites-enabled/homepage.conf:1) port 80 namevhost mail.openmbox.net (/etc/apache2/sites-enabled/webmail.conf:1) ServerRoot: "/etc/apache2" Main DocumentRoot: "/var/www/html" Main ErrorLog: "/var/log/apache2/error.log" Mutex default: dir="/var/run/apache2/" mechanism=default Mutex mpm-accept: using_defaults Mutex watchdog-callback: using_defaults Mutex rewrite-map: using_defaults Mutex ssl-stapling-refresh: using_defaults Mutex ssl-stapling: using_defaults Mutex ssl-cache: using_defaults PidFile: "/var/run/apache2/apache2.pid" Define: DUMP_VHOSTS Define: DUMP_RUN_CFG Define: ENABLE_USR_LIB_CGI_BIN User: name="www-data" id=33 Group: name="www-data" id=33 As you see, these two lines of output are quite strange: default server mail.openmbox.net (/etc/apache2/sites-enabled/000-default.conf:1) port 80 namevhost mail.openmbox.net (/etc/apache2/sites-enabled/000-default.conf:1) so how to? Thanks. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
> but it shows the default site (ubuntu default html) on firefox as you can > test it as well. > > I am totally confused. can you help? I suggest turning on `loglevel trace8` and noting the time of your test request with firefox. Is a request traced? Does the Host: header or anything else traced look unexpected? - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
Can you show us the output of the apachectl -S command ? > On Nov 11, 2022, at 22:05, supp...@openmbox.net wrote: > > Hello > > I just created config files under /etc/apache2/sites-enabled directly. > > $ ls /etc/apache2/sites-enabled > lrwxrwxrwx 1 root root 35 Oct 20 14:42 000-default.conf -> > ../sites-available/000-default.conf > -rw-r--r-- 1 root root 1850 Nov 11 03:58 webmail-le-ssl.conf > -rw-r--r-- 1 root root 1469 Nov 11 03:59 webmail.conf > > so no a2ensite command is needed. > Thanks > > > November 11, 2022 at 8:55 PM, " Good Guy " wrote: > > >> >> On 11/11/2022 12:05, supp...@openmbox.net wrote: >> >>> >>> And apache2 restarted without error. >>> >>> but http://mail.openmbox.net/ still go to default site. >>> >>> any idea? >>> >>> regards. >>> >> >> Can I just ask a simple but obvious question. Have you enabled the site? A >> simple command such as "sudo a2ensite openmbox.conf". I am assuming >> openmbox.conf file is created. I always create separate conf files for each >> site/domain to make things simple but some people have different vies about >> this. You can enable all sites with "*.conf" parameter to make it even more >> simpler. >> >> - >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: firefox shows default site page
Hello I just created config files under /etc/apache2/sites-enabled directly. $ ls /etc/apache2/sites-enabled lrwxrwxrwx 1 root root 35 Oct 20 14:42 000-default.conf -> ../sites-available/000-default.conf -rw-r--r-- 1 root root 1850 Nov 11 03:58 webmail-le-ssl.conf -rw-r--r-- 1 root root 1469 Nov 11 03:59 webmail.conf so no a2ensite command is needed. Thanks November 11, 2022 at 8:55 PM, " Good Guy " wrote: > > On 11/11/2022 12:05, supp...@openmbox.net wrote: > > > > > And apache2 restarted without error. > > > > but http://mail.openmbox.net/ still go to default site. > > > > any idea? > > > > regards. > > > > Can I just ask a simple but obvious question. Have you enabled the site? A > simple command such as "sudo a2ensite openmbox.conf". I am assuming > openmbox.conf file is created. I always create separate conf files for each > site/domain to make things simple but some people have different vies about > this. You can enable all sites with "*.conf" parameter to make it even more > simpler. > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Re: firefox shows default site page
On 11/11/2022 12:05, supp...@openmbox.net wrote: And apache2 restarted without error. but http://mail.openmbox.net still go to default site. any idea? regards. Can I just ask a simple but obvious question. Have you enabled the site? A simple command such as "sudo a2ensite openmbox.conf". I am assuming openmbox.conf file is created. I always create separate conf files for each site/domain to make things simple but some people have different vies about this. You can enable all sites with "*.conf" parameter to make it even more simpler. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] GeoIP module problem
Hi apache heroes, I have an atypical behavior on my setup. I installed and enabled the GeoIP module. I'm using the MaxMind CSV files (https://dev.maxmind.com/geoip/updating-databases?lang=en#directly-downloading-databases) to generate a geoip.dat file using the tool geolite2legacy (https://github.com/sherpya/geolite2legacy) to convert MaxMind GeoLite2 Database to the old legacy format. My test client IP address is 90.161.x.x (located in Spain) This IP is on 2510769 zone ... #grep "90.160.0.0/12" GeoLite2-Country-Blocks-IPv4.csv 90.160.0.0/12,2510769,2510769,,0,0 And the zone 2510769 is in my country, Spain ... # grep 2510769 GeoLite2-Country-Locations-en GeoLite2-Country-Locations-en.csv:2510769,en,EU,Europe,ES,Spain,1 Well, so far everything is working as expected. The problem starts when I test with the following setup on my .htaccess file (yes it's a PrestaShop)... # ~~start~~ Do not remove this comment, Prestashop will keep automatically the code outside this comment when .htaccess will be generated again # .htaccess automaticaly generated by PrestaShop e-commerce open-source solution # http://www.prestashop.com - http://www.prestashop.com/forums SetEnv HTTP_MOD_REWRITE On RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule . - [E=HTTP_AUTHORIZATION:%1] RewriteCond %{REQUEST_URI} 4da116c575 RewriteRule .* /ca/ RewriteRule . - [E=REWRITEBASE:/] RewriteRule ^api$ api/ [L] RewriteRule ^api/(.*)$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] # Images RewriteRule ^([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$1$2$3.jpg [L] RewriteRule ^([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$1$2$3$4.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$1$2$3$4$5.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg [L] RewriteRule ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg [L] RewriteRule ^c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2$3.jpg [L] RewriteRule ^c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ %{ENV:REWRITEBASE}img/c/$1$2.jpg [L] # AlphaImageLoader for IE and fancybox RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 [L] # Dispatcher RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] AddType application/vnd.ms-fontobject .eot AddType font/ttf .ttf AddType font/otf .otf AddType font/woff2 .woff2 AddType application/x-font-woff .woff Header set Access-Control-Allow-Origin "*" ExpiresActive On ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType text/css "access plus 1 week" ExpiresByType text/javascript "access plus 1 week" ExpiresByType application/javascript "access plus 1 week" ExpiresByType application/x-javascript "access plus 1 week" ExpiresByType image/x-icon "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/vnd.microsoft.icon "access plus 1 year" ExpiresByType application/font-woff "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType font/woff2 "access plus 1 year" ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType font/opentype "access plus 1 year" ExpiresByType font/ttf "access plus 1 year" ExpiresByType font/otf "access plus 1 year" ExpiresByType application/x-font-ttf "access plus 1 year" ExpiresByType application/x-font-otf "access plus 1 year" Header unset Etag FileETag none AddOutputFilterByType DEFLATE text/html text/css text/javascript application/javascript application/x-javascript font/ttf application/x-font-ttf font/otf application/x-font-otf font/opentype image/svg+xml #If rewrite mod isn't enabled ErrorDocument 404 /index.php?controller=404 # ~~end~~ Do not remove this comment, Prestashop will keep
Re: [users@httpd] firefox shows default site page
SpiceMan, I follow your suggestions to set up as follows. webmail.conf: ServerAdmin webmaster@localhost ServerName mail.openmbox.net ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined RewriteEngine on RewriteCond %{SERVER_NAME} =mail.openmbox.net RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] webmail-le-ssl.conf: ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Options None AllowOverride None Require all denied Options +Indexes Order deny,allow Allow from all Require all granted Require all denied SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf And apache2 restarted without error. but http://mail.openmbox.net still go to default site. any idea? regards. November 11, 2022 at 6:03 PM, "SpiceMan" wrote: > > Delete all that Rewrite voodoo and just redirect. > > > ServerName example.com > ServerAlias www.example.com > > Redirect permanent / https://example.com/ > > > IMPORTANT NOTE: > Also you are configuring all that access to your SYSTEM root directory. > is the whole filesystem path there, not an url path. > > Don’t do that. Restrict all and allow what you need for your content, don’t > expose your whole system. > > > > > On Nov 11, 2022, at 18:07, supp...@openmbox.net wrote: > > > > Hello, > > > > I have this hostname: mail.openmbox.net > > when access it as http, it will be rewrited to https (rewrite and certs > > setup by certbot automatically). > > > > this works fine in chrome browser. > > > > but when I access http://mail.openmbox.net/ in firefox, it will show the > > default site. > > > > That's to say, > > > > http://mail.openmbox.net/ works correctly on chrome (show the correct site > > and rewrite to https). > > but it shows the default site (ubuntu default html) on firefox as you can > > test it as well. > > > > I am totally confused. can you help? > > > > Thanks. > > > > Additional info: > > > > The version: > > # apache2 -v > > Server version: Apache/2.4.41 (Ubuntu) > > Server built: 2022-06-14T13:30:55 > > > > The config: > > > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net > > DocumentRoot /var/www/snappy > > > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > > > Options +Indexes +FollowSymLinks +ExecCGI > > AllowOverride All > > Order deny,allow > > Allow from all > > Require all granted > > > > > > > > Require all denied > > > > > > RewriteEngine on > > RewriteCond %{SERVER_NAME} =mail.openmbox.net > > RewriteRule ^ https://% https://%25/ {SERVER_NAME}%{REQUEST_URI} > > [END,NE,R=permanent] > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
Thanks Daniel for pointting out these. While i changed the config to follows: ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Options None AllowOverride None Require all denied Options +Indexes Order deny,allow Allow from all Require all granted Require all denied RewriteEngine on RewriteCond %{SERVER_NAME} =mail.openmbox.net RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] And I restarted apache2 without error. But http://mail.openmbox.net still points to the default site. Can you help further? Regards. Henry November 11, 2022 at 6:01 PM, "Daniel Ferradal" wrote: > > Allow me to step aside from your question for a moment, I believe if > you don't get the basics right you should just stop, this is very > important: > > Directory directive specifies a directory in your filesystem, ***do > not ever allow anything in /***, even less the execution of cgi > scripts. > > You are also mixing authz 2.2 directives with 2.4 directives. > > And also allowing .htaccess files to be used throughout your whole > operative system. > > Briefly it is a compendium of ill advice. > > In your server config context you should define at least these: > > > Options None > AllowOverride none > Require all denied > > > and inside your virtualhost: > > DocumentRoot /var/www/snappy > > #Options "add whatever options you do need, do not add random options .." > Require all granted > > > and then configure other directories or whatever you need for service. > But these above are the basics. > > About including AllowOverride directive, only do if you want non-admin > users to setup specific directories configuration, set it up where it > is really needed (NOT EVER system wide), most times using .htaccess > will just complicate your life otherwise. > > El vie, 11 nov 2022 a las 10:08, escribió: > > > > > Hello, > > > > I have this hostname: mail.openmbox.net > > when access it as http, it will be rewrited to https (rewrite and certs > > setup by certbot automatically). > > > > this works fine in chrome browser. > > > > but when I access http://mail.openmbox.net/ in firefox, it will show the > > default site. > > > > That's to say, > > > > http://mail.openmbox.net/ works correctly on chrome (show the correct site > > and rewrite to https). > > but it shows the default site (ubuntu default html) on firefox as you can > > test it as well. > > > > I am totally confused. can you help? > > > > Thanks. > > > > Additional info: > > > > The version: > > # apache2 -v > > Server version: Apache/2.4.41 (Ubuntu) > > Server built: 2022-06-14T13:30:55 > > > > The config: > > > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net > > DocumentRoot /var/www/snappy > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > > > Options +Indexes +FollowSymLinks +ExecCGI > > AllowOverride All > > Order deny,allow > > Allow from all > > Require all granted > > > > > > > > Require all denied > > > > > > RewriteEngine on > > RewriteCond %{SERVER_NAME} =mail.openmbox.net > > RewriteRule ^ https://% https://%25/ {SERVER_NAME}%{REQUEST_URI} > > [END,NE,R=permanent] > > > > > > - > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > > For additional commands, e-mail: users-h...@httpd.apache.org > > > > -- > Daniel Ferradal > HTTPD Project > #httpd help at Libera.Chat > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
Delete all that Rewrite voodoo and just redirect. ServerName example.com ServerAlias www.example.com Redirect permanent / https://example.com/ IMPORTANT NOTE: Also you are configuring all that access to your SYSTEM root directory. is the whole filesystem path there, not an url path. Don’t do that. Restrict all and allow what you need for your content, don’t expose your whole system. > On Nov 11, 2022, at 18:07, supp...@openmbox.net wrote: > > Hello, > > I have this hostname: mail.openmbox.net > when access it as http, it will be rewrited to https (rewrite and certs setup > by certbot automatically). > > this works fine in chrome browser. > > but when I access http://mail.openmbox.net in firefox, it will show the > default site. > > That's to say, > > http://mail.openmbox.net/ works correctly on chrome (show the correct site > and rewrite to https). > but it shows the default site (ubuntu default html) on firefox as you can > test it as well. > > I am totally confused. can you help? > > Thanks. > > Additional info: > > The version: > # apache2 -v > Server version: Apache/2.4.41 (Ubuntu) > Server built: 2022-06-14T13:30:55 > > The config: > > > ServerAdmin webmaster@localhost > ServerName mail.openmbox.net > DocumentRoot /var/www/snappy > > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > >Options +Indexes +FollowSymLinks +ExecCGI >AllowOverride All >Order deny,allow >Allow from all >Require all granted > > > > Require all denied > > > RewriteEngine on > RewriteCond %{SERVER_NAME} =mail.openmbox.net > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
Allow me to step aside from your question for a moment, I believe if you don't get the basics right you should just stop, this is very important: Directory directive specifies a directory in your filesystem, ***do not ever allow anything in /***, even less the execution of cgi scripts. You are also mixing authz 2.2 directives with 2.4 directives. And also allowing .htaccess files to be used throughout your whole operative system. Briefly it is a compendium of ill advice. In your server config context you should define at least these: Options None AllowOverride none Require all denied and inside your virtualhost: DocumentRoot /var/www/snappy #Options "add whatever options you do need, do not add random options .." Require all granted and then configure other directories or whatever you need for service. But these above are the basics. About including AllowOverride directive, only do if you want non-admin users to setup specific directories configuration, set it up where it is really needed (NOT EVER system wide), most times using .htaccess will just complicate your life otherwise. El vie, 11 nov 2022 a las 10:08, escribió: > > Hello, > > I have this hostname: mail.openmbox.net > when access it as http, it will be rewrited to https (rewrite and certs setup > by certbot automatically). > > this works fine in chrome browser. > > but when I access http://mail.openmbox.net in firefox, it will show the > default site. > > That's to say, > > http://mail.openmbox.net/ works correctly on chrome (show the correct site > and rewrite to https). > but it shows the default site (ubuntu default html) on firefox as you can > test it as well. > > I am totally confused. can you help? > > Thanks. > > Additional info: > > The version: > # apache2 -v > Server version: Apache/2.4.41 (Ubuntu) > Server built: 2022-06-14T13:30:55 > > The config: > > > ServerAdmin webmaster@localhost > ServerName mail.openmbox.net > DocumentRoot /var/www/snappy > > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > Options +Indexes +FollowSymLinks +ExecCGI > AllowOverride All > Order deny,allow > Allow from all > Require all granted > > > > Require all denied > > > RewriteEngine on > RewriteCond %{SERVER_NAME} =mail.openmbox.net > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > -- Daniel Ferradal HTTPD Project #httpd help at Libera.Chat - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] firefox shows default site page
> I have this hostname: mail.openmbox.net > when access it as http, it will be rewrited to https (rewrite and certs setup > by certbot automatically). > > this works fine in chrome browser. > > but when I access http://mail.openmbox.net in firefox, it will show the > default site. For what it’s worth, I get the “default site” on http://mail.openmbox.net in all browsers I tried (Safari, Firefox, Chrome). The https version looks right. Sorry I have no solution for your problem, just adding some info. If you’re in an urgent situation, as a workaround, you could put a .htaccess or index.php in the default web root and have that redirect to https://mail.openmbox.net/ Good luck, Kind regards, Walter Hop - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] firefox shows default site page
Hello, I have this hostname: mail.openmbox.net when access it as http, it will be rewrited to https (rewrite and certs setup by certbot automatically). this works fine in chrome browser. but when I access http://mail.openmbox.net in firefox, it will show the default site. That's to say, http://mail.openmbox.net/ works correctly on chrome (show the correct site and rewrite to https). but it shows the default site (ubuntu default html) on firefox as you can test it as well. I am totally confused. can you help? Thanks. Additional info: The version: # apache2 -v Server version: Apache/2.4.41 (Ubuntu) Server built: 2022-06-14T13:30:55 The config: ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Options +Indexes +FollowSymLinks +ExecCGI AllowOverride All Order deny,allow Allow from all Require all granted Require all denied RewriteEngine on RewriteCond %{SERVER_NAME} =mail.openmbox.net RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org