| View previous topic :: View next topic |
| Author |
Message |
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
 Posted: Sat Mar 26, 2005 9:27 pm Post subject: Apache Virtual Hosts Help! |
 |
|
Whenever I try to use virtual hosts I get a 403 not allowed, but if I take it down to ONE domain, it works.. Just 2 domains, one box... Apache is a learning experience for me right now, as I'm still learning how to set the permissions right and stuff. But I just want two domains with two ftp's pointed at two different folders and I've been trying on my own with no luck..
I assume it's something simple.. Please help! Thanks!
my vhosts.conf
| Code: |
################# vhosts.conf
#This is where we store the VirtualHosts configuration.
#
#Since Apache 1.3.19, we modified the setup to include some nice tricks:
#
#- Added SuExecUserGroup [user] [group] directive so VirtualHosts now work with
# suexec directive. If set, Apache will run all cgi scripts under that
# user and group (provided the uid and gid are > 1000 for security). The
# directories and cgi files *must* belong to that user/group for the
# feature to work
#- We added the Setenv VLOG directive. This works in conjunction with
# the CustomLog in commonapache2.conf. When Setenv VLOG is set, apache will
# create a /var/log/apache2/VLOG-YYYY-MM-<ServerName>.log instead of logging
# to access_log. Use this instead of defining a special logfile for
# each vhost, otherwise you eat up file descriptors.
#- You can also specify a path for the VLOG for each Vhost, for example,
# to place the logs in each user's directory. However, if you want to
# use the file for accounting, place it in a directory owned by root,
# otherwise the user will be able to erase it.
#- I suggest only including the ErrorLog *only* if the vhost will use
# cgi scripts. Again, it saves file descriptors!
################# IP-based Virtual Hosts
#<VirtualHost 192.168.2.100>
#SuExecUserGroup jmdault jmdault
#DocumentRoot /home/jmdault/public_html
#ServerName test2.com
#Setenv VLOG /home/jmdault/logs
#ErrorLogs /home/jmdault/test2-error_log
#RewriteEngine On
#RewriteOptions inherit
#</VirtualHost>
################# Named VirtualHosts
#NameVirtualHost 111.222.33.44
#<VirtualHost 111.222.33.44>
#ServerName www.domain.tld
#ServerPath /domain
#DocumentRoot /web/domain
#</VirtualHost>
#Listen 80
ServerRoot /usr/lib/apache2
NameVirtualHost *
<VirtualHost *>
ServerName www.framerate.info
ServerAlias framerate.info
DocumentRoot /www/framerate
</VirtualHost>
<VirtualHost *>
ServerName www.therentals.org
ServerAlias therentals.org
DocumentRoot /www/therentals
</VirtualHost>
|
my httpd.conf:
| Code: |
### /etc/apache2/conf/apache2.conf
### $Id: apache2.conf,v 1.1 2004/03/22 21:17:57 stuart Exp $
###
### Main Configuration Section
### You really shouldn't change these settings unless you're a guru
###
ServerRoot /usr/lib/apache2
ServerName www.framerate.info
#LockFile /etc/apache2/apache2.lock
PidFile /var/run/apache2.pid
ErrorLog logs/error_log
LogLevel warn
DocumentRoot /var/www/localhost/htdocs
#DocumentRoot /www/framerate/
### Dynamic Shared Object (DSO) Support
###
### You should always leave these three, as they are needed for normal use.
### mod_access (Order, Allow, etc..)
### mod_log_config (Transferlog, etc..)
### mod_mime (AddType, etc...)
###
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
###
### New Modules for 2.0 (some are experimental)
###
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule echo_module modules/mod_echo.so
LoadModule charset_lite_module modules/mod_charset_lite.so
LoadModule cache_module modules/mod_cache.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule case_filter_module modules/mod_case_filter.so
LoadModule case_filter_in_module modules/mod_case_filter_in.so
LoadModule deflate_module modules/mod_deflate.so
#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so
#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so
#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so
#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so
#LoadModule bucketeer_module modules/mod_bucketeer.so
LoadModule logio_module modules/mod_logio.so
###
### Global Configuration
###
# Splitting up apache2.conf into two files makes it easier to support
# multiple configurations on the same serer. In commonapache2.conf
# you keep directives that apply to all implementations and in this
# file you keep server-specific directives. While we don't yet have
# multiple configurations out-of-the-box, this allows us to do that
# in the future easily. (PERLPROXIED *ahem*)
#
# For Apache2 we load all conf files in conf/modules.d
Include conf/modules.d/*.conf
Include conf/commonapache2.conf
###
### IP Address/Port
###
#BindAddress *
Listen 80
###
### Log configuration Section
###
<IfModule mod_log_config.c>
#Single logfile with access, agent and referer information
#This is the default, if vlogs are not defined for the main server
CustomLog logs/access_log combined env=!VLOG
#If VLOG is defined in conf/vhosts/vhosts.conf, we use this entry
#CustomLog "|/usr/sbin/apache2splitlogfile" vhost env=VLOG
</IfModule>
###
### Virtual Hosts
###
# We include different templates for Virtual Hosting. Have a look in the
# vhosts directory and modify to suit your needs.
Include conf/vhosts/vhosts.conf
#Include conf/vhosts/dynamic-vhosts.conf
#Include conf/vhosts/virtual-homepages.conf
###
### Performance settings Section
###
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
# prefork MPM [THIS IS THE DEFAULT]
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# perchild MPM
# NumServers: constant number of server processes
# StartThreads: initial number of worker threads in each server process
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# MaxThreadsPerChild: maximum number of worker threads in each server process
# MaxRequestsPerChild: maximum number of connections per server process
<IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
</IfModule>
# JRun Settings
LoadModule jrun_module /opt/coldfusionmx/runtime/lib/wsconfig/1/mod_jrun20.so
<IfModule mod_jrun20.c>
JRunConfig Verbose false
JRunConfig Apialloc false
JRunConfig Ssl false
JRunConfig Ignoresuffixmap false
JRunConfig Serverstore /opt/coldfusionmx/runtime/lib/wsconfig/1/jrunserver.store
JRunConfig Bootstrap 127.0.0.1:51010
#JRunConfig Errorurl <optionally redirect to this URL on errors>
AddHandler jrun-handler .jsp .jws .cfm .cfml .cfc
</IfModule>
#NameVirtualHost *:80
|
[/code]
_________________
Linux User | 364705
howto install coldfusion mx 7 under gentoo |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sat Mar 26, 2005 9:57 pm Post subject: |
|
|
You must write a Directory block for every directory you want to share.
http://httpd.apache.org
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sun Mar 27, 2005 1:52 am Post subject: |
|
|
Doesn't matter; you can put each inside its own vhost for clarity.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
| Posted: Sun Mar 27, 2005 11:58 pm Post subject: |
|
|
Ok I can't find what youi mean by "Directory Block"
I've read the documentation and by following the directions I get:
| Quote: |
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.0.52 (Gentoo/Linux) JRun/4.0 Server at www.framerate.info Port 80
|
when I add the <VirtualHost *> </VirtualHost> stuff to my httpd.conf..
suggestions?
_________________
Linux User | 364705
howto install coldfusion mx 7 under gentoo |
|
| Back to top |
|
|
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
| Posted: Mon Mar 28, 2005 12:00 am Post subject: |
|
|
nevermind
I had it right all along, it's just my /www was a sym link to /var/www/localhost/htdocs...
but when I use /www in the DocumentRoot it gave me the error.. the actual path worked fine..
_________________
Linux User | 364705
howto install coldfusion mx 7 under gentoo |
|
| Back to top |
|
|
duckyhatezchat
Tux's lil' helper
Joined: 22 Nov 2003
Posts: 77
|
| Posted: Mon Mar 28, 2005 9:56 am Post subject: |
|
|
It might help:
| Code: | <VirtualHost *>
ServerName www.framerate.info
ServerAlias framerate.info
DocumentRoot /www/framerate
<Directory /www/framerate>
Options All
# Your options here...
</Directory>
</VirtualHost> |
_________________
Ducky |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Tue Mar 29, 2005 8:58 am Post subject: |
|
|
| frameRATE wrote: | nevermind
I had it right all along, it's just my /www was a sym link to /var/www/localhost/htdocs... |
And when did you divulge this information before ?
I don't think you had anything "right" whatsoever - you just don't understand the issues.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
| Posted: Tue Mar 29, 2005 2:30 pm Post subject: |
|
|
Well I DO understand apache, at least that's the point of this exercise. I just wasn't aware you couldn't use symlinked-ed folders in the .conf files.. I assumed they'd work just the same.
Either way, I appreciate the help attempted.
_________________
Linux User | 364705
howto install coldfusion mx 7 under gentoo |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Tue Mar 29, 2005 7:29 pm Post subject: |
|
|
Of course you can use symlinks in apache's config - as long as you write Directory blocks for the real directories, and not the symlinked ones.
That was sort of my point.
Apache simply forces you to be a little more security-aware.
Which is good.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
frameRATE
Guru
Joined: 28 Apr 2003
Posts: 386
Location: Orange County California
|
| Posted: Tue Mar 29, 2005 8:41 pm Post subject: |
|
|
That's what I'm trying to learn here. My goal is to be able to lock down the box tight, but I had to learn functionality first (of a server)
So I do appreciate the help. Any other security suggestions, please point me in the right direction
_________________
Linux User | 364705
howto install coldfusion mx 7 under gentoo |
|
| Back to top |
|
|
|
Networking & Security
