You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by John Fisher GM <jo...@gmail.com> on 2015/07/21 20:12:56 UTC
[users@httpd] Strange Apache behavior
We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24
vhosts, mostly small sites but also one large site. Some sites are
Drupal, some are Wordpress and some are handcoded going back to 1995.
Our structure generally is:
/home
/home/mysite-1/public_html/index.html
/home/mysite-2/public_html/index.html
/home/mysite-3/public_html/index.html
and so on...
We prefer this structure rather than the Debian norm /var/www
Here's the problem(s):
On all of the sites calls to "mysite-1.com/index.html" works properly.
Things also work with the cname "www" as that is explicitly defined as
"ServerAlias www.mysite-1.com" in the vhost file under sites-available.
So calls to "www.mysite-1.com/index.html" also work.
But when someone mistypes the URL, things go wrong.
For example, typing ww1.mysite-1.com takes us to the /home directory, up
two levels and displays a directory listing of everything under /home.
I made a quick fix by adding a dummy file at /home/index.html
Without that plug, a directory of all sites under /home displays,
allowing access to files above the public_html directory on all our sites.
But even with the /home/index.html file, one can just type a URL such as:
http://ww1.mysite-1.com/mysite-2/ and view anything in mysite-2
above public_html.
I probably could restrict directory access using .htaccess, but I'd
prefer to find the cause of the issue.
I spent some time simplifying the files under "sites-available" to
remove anything that might cause these errors. (hence my questions
yesterday about /share/doc and cgi-bin).
I considered that the problem might have been something in the
apache2.conf file. But I looked closely there and found nothing.
I suspect the problem is in the "sites-available/default" vhost file and
the symlink "/sites-enabled/000-default" and might have to do with our
changing the /var/www entry to /home.
Is the default file and 000-default symlink needed? If so, why is that?
But I could use some guidance on all this.
Here's a typical vhost file:
> <VirtualHost *:80>
> ServerAdmin webmaster@localhost
> ServerName mysite-1.com
> ServerAlias www.mysite-1.com
> DocumentRoot /home/mysite-1/public_html/
>
> <Directory />
> Options FollowSymLinks
> AllowOverride None
> </Directory>
>
> <Directory /home/mysite-1/>
> Options Indexes FollowSymLinks MultiViews
> AllowOverride All
> Order allow,deny
> allow from all
> </Directory>
>
> ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
> CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
>
> # Possible values include: debug, info, notice, warn, error,
> crit, alert, emerg.
> LogLevel warn
>
> </VirtualHost>
and here is the default file:
> <VirtualHost *:80>
> ServerAdmin webmaster@localhost
> DocumentRoot /home/
>
> <Directory />
> Options FollowSymLinks
> AllowOverride None
> </Directory>
>
> <Directory /home/>
> Options Indexes FollowSymLinks MultiViews
> Allowoverride Indexes
> Order allow,deny
> allow from all
> </Directory>
>
> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
> <Directory "/usr/lib/cgi-bin">
> AllowOverride None
> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
> Order allow,deny
> Allow from all
> </Directory>
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
>
> # Possible values include: debug, info, notice, warn, error, crit,
> # alert, emerg.
> LogLevel warn
>
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
> Alias /doc/ "/usr/share/doc/"
> <Directory "/usr/share/doc/">
> Options Indexes MultiViews FollowSymLinks
> AllowOverride None
> Order deny,allow
> Deny from all
> Allow from 127.0.0.0/255.0.0.0 ::1/128
> </Directory>
>
> </VirtualHost>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Strange Apache behavior
Posted by Mike Rumph <mi...@oracle.com>.
Hello John,
The directory listing display is due to the "Options Indexes" directive.
- http://httpd.apache.org/docs/2.2/mod/core.html#options |
Indexes|
If a URL which maps to a directory is requested and there is no
|DirectoryIndex
<http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex>|
(/e.g./, |index.html|) in that directory, then |mod_autoindex
<http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html>| will
return a formatted listing of the directory.
Thanks,
Mike
On 7/21/2015 11:12 AM, John Fisher GM wrote:
> We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24
> vhosts, mostly small sites but also one large site. Some sites are
> Drupal, some are Wordpress and some are handcoded going back to 1995.
>
> Our structure generally is:
>
> /home
> /home/mysite-1/public_html/index.html
> /home/mysite-2/public_html/index.html
> /home/mysite-3/public_html/index.html
> and so on...
>
> We prefer this structure rather than the Debian norm /var/www
>
> Here's the problem(s):
>
> On all of the sites calls to "mysite-1.com/index.html" works properly.
> Things also work with the cname "www" as that is explicitly defined as
> "ServerAlias www.mysite-1.com" in the vhost file under
> sites-available. So calls to "www.mysite-1.com/index.html" also work.
>
> But when someone mistypes the URL, things go wrong.
>
> For example, typing ww1.mysite-1.com takes us to the /home directory,
> up two levels and displays a directory listing of everything under /home.
>
> I made a quick fix by adding a dummy file at /home/index.html
>
> Without that plug, a directory of all sites under /home displays,
> allowing access to files above the public_html directory on all our
> sites.
>
> But even with the /home/index.html file, one can just type a URL such as:
>
> http://ww1.mysite-1.com/mysite-2/ and view anything in
> mysite-2 above public_html.
>
> I probably could restrict directory access using .htaccess, but I'd
> prefer to find the cause of the issue.
>
> I spent some time simplifying the files under "sites-available" to
> remove anything that might cause these errors. (hence my questions
> yesterday about /share/doc and cgi-bin).
>
> I considered that the problem might have been something in the
> apache2.conf file. But I looked closely there and found nothing.
>
> I suspect the problem is in the "sites-available/default" vhost file
> and the symlink "/sites-enabled/000-default" and might have to do with
> our changing the /var/www entry to /home.
>
> Is the default file and 000-default symlink needed? If so, why is that?
>
> But I could use some guidance on all this.
>
> Here's a typical vhost file:
>
>> <VirtualHost *:80>
>> ServerAdmin webmaster@localhost
>> ServerName mysite-1.com
>> ServerAlias www.mysite-1.com
>> DocumentRoot /home/mysite-1/public_html/
>>
>> <Directory />
>> Options FollowSymLinks
>> AllowOverride None
>> </Directory>
>>
>> <Directory /home/mysite-1/>
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride All
>> Order allow,deny
>> allow from all
>> </Directory>
>>
>> ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
>> CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
>>
>> # Possible values include: debug, info, notice, warn, error,
>> crit, alert, emerg.
>> LogLevel warn
>>
>> </VirtualHost>
>
> and here is the default file:
>
>> <VirtualHost *:80>
>> ServerAdmin webmaster@localhost
>> DocumentRoot /home/
>>
>> <Directory />
>> Options FollowSymLinks
>> AllowOverride None
>> </Directory>
>>
>> <Directory /home/>
>> Options Indexes FollowSymLinks MultiViews
>> Allowoverride Indexes
>> Order allow,deny
>> allow from all
>> </Directory>
>>
>> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
>> <Directory "/usr/lib/cgi-bin">
>> AllowOverride None
>> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>> Order allow,deny
>> Allow from all
>> </Directory>
>>
>> ErrorLog ${APACHE_LOG_DIR}/error.log
>>
>> # Possible values include: debug, info, notice, warn, error,
>> crit,
>> # alert, emerg.
>> LogLevel warn
>>
>> CustomLog ${APACHE_LOG_DIR}/access.log combined
>>
>> Alias /doc/ "/usr/share/doc/"
>> <Directory "/usr/share/doc/">
>> Options Indexes MultiViews FollowSymLinks
>> AllowOverride None
>> Order deny,allow
>> Deny from all
>> Allow from 127.0.0.0/255.0.0.0 ::1/128
>> </Directory>
>>
>> </VirtualHost>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
Re: [users@httpd] Strange Apache behavior
Posted by Tobias Adolph <To...@lrz.de>.
Hi John,
I think the described behaviour is normal.
Apache makes a lookup whether it has a vhost with the requested
hostname, if not it delivers the document root of the first vhost loaded
which on Debian based systems (including Ubuntu) this conf file is
"000-default" (the files are loaded via numeric ordering, hence the
"000" to safeguard that this file is loaded first). You should not
change the setup by your OS, read the documentation to understand the
symlinking.
If you want to change this behavior, you could adapt your default.conf
with a RewriteRule using wild-card -mappings.
Untested (you should'nt try this out on a productive server, please test
first)
RewriteCond %{HTTP_HOST} ^.*mysite-1.com$
RewriteRule /(.*) http://www.mysite-1.com/$1
Or you could display a "Oops"-site if the given hostname is not
configured in the default-directory and give the user a hint that he had
made a typo.
Kind regards,
Tobias Adolph
Am 21.07.2015 um 20:12 schrieb John Fisher GM:
> We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24
> vhosts, mostly small sites but also one large site. Some sites are
> Drupal, some are Wordpress and some are handcoded going back to 1995.
>
> Our structure generally is:
>
> /home
> /home/mysite-1/public_html/index.html
> /home/mysite-2/public_html/index.html
> /home/mysite-3/public_html/index.html
> and so on...
>
> We prefer this structure rather than the Debian norm /var/www
>
> Here's the problem(s):
>
> On all of the sites calls to "mysite-1.com/index.html" works properly.
> Things also work with the cname "www" as that is explicitly defined as
> "ServerAlias www.mysite-1.com" in the vhost file under
> sites-available. So calls to "www.mysite-1.com/index.html" also work.
>
> But when someone mistypes the URL, things go wrong.
>
> For example, typing ww1.mysite-1.com takes us to the /home directory,
> up two levels and displays a directory listing of everything under /home.
>
> I made a quick fix by adding a dummy file at /home/index.html
>
> Without that plug, a directory of all sites under /home displays,
> allowing access to files above the public_html directory on all our
> sites.
>
> But even with the /home/index.html file, one can just type a URL such as:
>
> http://ww1.mysite-1.com/mysite-2/ and view anything in
> mysite-2 above public_html.
>
> I probably could restrict directory access using .htaccess, but I'd
> prefer to find the cause of the issue.
>
> I spent some time simplifying the files under "sites-available" to
> remove anything that might cause these errors. (hence my questions
> yesterday about /share/doc and cgi-bin).
>
> I considered that the problem might have been something in the
> apache2.conf file. But I looked closely there and found nothing.
>
> I suspect the problem is in the "sites-available/default" vhost file
> and the symlink "/sites-enabled/000-default" and might have to do with
> our changing the /var/www entry to /home.
>
> Is the default file and 000-default symlink needed? If so, why is that?
>
> But I could use some guidance on all this.
>
> Here's a typical vhost file:
>
>> <VirtualHost *:80>
>> ServerAdmin webmaster@localhost
>> ServerName mysite-1.com
>> ServerAlias www.mysite-1.com
>> DocumentRoot /home/mysite-1/public_html/
>>
>> <Directory />
>> Options FollowSymLinks
>> AllowOverride None
>> </Directory>
>>
>> <Directory /home/mysite-1/>
>> Options Indexes FollowSymLinks MultiViews
>> AllowOverride All
>> Order allow,deny
>> allow from all
>> </Directory>
>>
>> ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
>> CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined
>>
>> # Possible values include: debug, info, notice, warn, error,
>> crit, alert, emerg.
>> LogLevel warn
>>
>> </VirtualHost>
>
> and here is the default file:
>
>> <VirtualHost *:80>
>> ServerAdmin webmaster@localhost
>> DocumentRoot /home/
>>
>> <Directory />
>> Options FollowSymLinks
>> AllowOverride None
>> </Directory>
>>
>> <Directory /home/>
>> Options Indexes FollowSymLinks MultiViews
>> Allowoverride Indexes
>> Order allow,deny
>> allow from all
>> </Directory>
>>
>> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
>> <Directory "/usr/lib/cgi-bin">
>> AllowOverride None
>> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
>> Order allow,deny
>> Allow from all
>> </Directory>
>>
>> ErrorLog ${APACHE_LOG_DIR}/error.log
>>
>> # Possible values include: debug, info, notice, warn, error,
>> crit,
>> # alert, emerg.
>> LogLevel warn
>>
>> CustomLog ${APACHE_LOG_DIR}/access.log combined
>>
>> Alias /doc/ "/usr/share/doc/"
>> <Directory "/usr/share/doc/">
>> Options Indexes MultiViews FollowSymLinks
>> AllowOverride None
>> Order deny,allow
>> Deny from all
>> Allow from 127.0.0.0/255.0.0.0 ::1/128
>> </Directory>
>>
>> </VirtualHost>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
--
###############################
# Tobias Adolph #
# Leibniz-Rechenzentrum #
# Zimmer I.2.019 #
# Boltzmannstraße 1 #
# 85748 Garching bei München #
###############################
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org