You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by su...@openmbox.net on 2022/11/11 13:31:34 UTC
[users@httpd] Help check my config for server section
I think I need to read httpd's doc carefully.
Before doing that can you help check my this config (for php primarily) are going without issue?
Thanks in advance.
root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =mail.openmbox.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
DocumentRoot /var/www/snappy
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory />
Options None
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/snappy>
Options +Indexes
Order deny,allow
Allow from all
Require all granted
</Directory>
<Directory /var/www/snappy/data>
Require all denied
</Directory>
SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help check my config for server section
Posted by su...@openmbox.net.
I finally use this config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
DocumentRoot /var/www/snappy
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory />
Options None
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/snappy>
Options +Indexes
Require all granted
</Directory>
<Directory /var/www/snappy/data>
Require all denied
</Directory>
SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it.
Thank you for your kind helps.
Henry
November 12, 2022 at 12:37 AM, "Frank Gingras" <th...@apache.org> wrote:
>
> That config snippet has no effect on php; that being said, you many two issues so far:
>
> 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices
> 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module
>
> On Fri, 11 Nov 2022 at 08:32, <su...@openmbox.net> wrote:
>
> >
> > I think I need to read httpd's doc carefully.
> > Before doing that can you help check my this config (for php primarily) are going without issue?
> > Thanks in advance.
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> > <VirtualHost *:80>
> >
> > ServerAdmin webmaster@localhost
> > ServerName mail.openmbox.net http://mail.openmbox.net/
> >
> > ErrorLog ${APACHE_LOG_DIR}/error.log
> > CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> > RewriteEngine on
> > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/
> > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> > </VirtualHost>
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> > <IfModule mod_ssl.c>
> > <VirtualHost *:443>
> >
> > ServerAdmin webmaster@localhost
> > ServerName mail.openmbox.net http://mail.openmbox.net/
> > DocumentRoot /var/www/snappy
> >
> > ErrorLog ${APACHE_LOG_DIR}/error.log
> > CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> > <Directory />
> > Options None
> > AllowOverride None
> > Require all denied
> > </Directory>
> >
> > <Directory /var/www/snappy>
> > Options +Indexes
> > Order deny,allow
> > Allow from all
> > Require all granted
> > </Directory>
> >
> > <Directory /var/www/snappy/data>
> > Require all denied
> > </Directory>
> >
> > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem http://mail.openmbox.net/fullchain.pem
> > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem http://mail.openmbox.net/privkey.pem
> > Include /etc/letsencrypt/options-ssl-apache.conf
> > </VirtualHost>
> > </IfModule>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Help check my config for server section
Posted by Frank Gingras <th...@apache.org>.
That config snippet has no effect on php; that being said, you many two
issues so far:
1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect
suffices
2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2
directives, and unload the mod_access_compat module
On Fri, 11 Nov 2022 at 08:32, <su...@openmbox.net> wrote:
> I think I need to read httpd's doc carefully.
> Before doing that can you help check my this config (for php primarily)
> are going without issue?
> Thanks in advance.
>
>
> root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> <VirtualHost *:80>
>
> ServerAdmin webmaster@localhost
> ServerName mail.openmbox.net
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
> RewriteEngine on
> RewriteCond %{SERVER_NAME} =mail.openmbox.net
> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> </VirtualHost>
>
>
> root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
>
> ServerAdmin webmaster@localhost
> ServerName mail.openmbox.net
> DocumentRoot /var/www/snappy
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
>
> <Directory />
> Options None
> AllowOverride None
> Require all denied
> </Directory>
>
> <Directory /var/www/snappy>
> Options +Indexes
> Order deny,allow
> Allow from all
> Require all granted
> </Directory>
>
> <Directory /var/www/snappy/data>
> Require all denied
> </Directory>
>
> SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> </VirtualHost>
> </IfModule>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>