You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Paul Doubek <pd...@xmission.com> on 2008/11/17 20:52:16 UTC
[users@httpd] httpd 2.2.8 not responding to client requests
I feel like a dummy for not figuring this out... I suspect it's a simple
config problem. I've installed Apache 2.2.8 on Fedora Core 9 with SSL
and PHP5 support. When I try to access the home page from either a SuSE
box (my firewall) or my WinXP client it fails with "Failed to connect"
(Firefox)/"cannot display the webpage" (IE). I can open web pages on the
Fedora box; PHP and SSL both work. I've searched around the web and
pored through several books to try to figure out where it's breaking
down but I'm striking out... which leads me to believe that most folks
don't have this problem. If you can point me in the right direction I
can probably set it right... I'm just coming up blank with where else to
look.
-Installed Apache, PHP5, and SSL as part of the Fedora online
installation rather than from separate packages or make files.
-The SuSE box is my firewall, both the Fedora and WinXP boxes are on the
inside interface.
-Don't have DNS running for local addresses. I'm trying to access the
Fedora web service by IP address rather than host name.
-Can ping Fedora from both SuSE and WinXP.
-Telnet from either box to Fedora's port 80 fails (SuSE: "No route to
host", WinXP: Connect failed"), but telnet to Fedora's port 22 succeeds.
-All the machines are on the same segment/same network (192.168.1), but
Fedora and WinXP use the SuSE IP for the default gateway.
-Observed network traffic on the Fedora box while pinging and trying to
telnet/http access the box and I can see the traffic bump up, so I don't
think I'm getting blocked by the firewall.
-Set the error logging to Debug in httpd.conf.
-See no indication of a problem in the httpd/error_log or access_log...
there don't appear to be any entries that correspond to my attempts to
access the server remotely.
-Disabled the Fedora firewall as it was enabled when the build was complete.
-Have changed /var/www/html and all it's contents to be owned by
user/group apache/apache, all have 755 permissions.
I've dug through the /etc/httpd/conf/httpd.conf file looking for a tweak
I've missed. I tried both commenting out the "Listen" directive and
putting the full IP address/port in with no change in behavior. (Yes, I
restarted httpd after each change.) I am including a big chunk of the
httpd.conf file that I thought might be relevant with most of the
comments snipped out for brevity. Please let me know if I missed
something that would help troubleshoot.
I appreciate your help,
Paul
### Section 1: Global Environment
#
ServerTokens OS
#
# ServerRoot: The top of the directory tree under which the server's
ServerRoot "/etc/httpd"
#
# PidFile: The file in which the server should record its process
PidFile run/httpd.pid
#
# Timeout: The number of seconds before receives and sends time out.
Timeout 120
#
# KeepAlive: Whether or not to allow persistent connections (more than
KeepAlive Off
#
# MaxKeepAliveRequests: The maximum number of requests to allow
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from
KeepAliveTimeout 15
##
## Server-Pool Size Regulation (MPM specific)
##
# prefork MPM
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
# worker MPM
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
Listen 80
#
# Dynamic Shared Object (DSO) Support
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
#
# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf
#
# ExtendedStatus controls whether Apache will generate "full" status
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
#
User apache
Group apache
### Section 2: 'Main' server configuration
# ServerAdmin: Your address, where problems with the server should be
ServerAdmin root@localhost
#
# ServerName gives the name and port that the server uses to identify
Servername 192.168.1.15:80
#
# UseCanonicalName: Determines how Apache constructs self-referencing
UseCanonicalName Off
#
# DocumentRoot: The directory out of which you will serve your
DocumentRoot "/var/www/html"
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
# This should be changed to whatever you set DocumentRoot to.
<Directory "/var/www/html">
# Possible values for the Options directive are "None", "All",
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess
AllowOverride None
#
Order allow,deny
Allow from all
</Directory>
#
# UserDir: The name of the directory that is appended onto a user's home
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
UserDir disable
</IfModule>
#
# Control access to UserDir directories. The following is an example
# DirectoryIndex: sets the file that Apache will serve if a directory
DirectoryIndex index.html index.html.var
# AccessFileName: The name of the file to look for in each directory
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
#
# TypesConfig describes where the mime.types file (or equivalent) is
TypesConfig /etc/mime.types
#
# DefaultType is the default MIME type the server will use for a
DefaultType text/plain
#
# The mod_mime_magic module allows the server to use various hints from
<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>
# HostnameLookups: Log the names of clients or just their IP addresses
HostnameLookups Off
#
# EnableMMAP: Control whether memory-mapping is used to deliver
#
# ErrorLog: The location of the error log file.
ErrorLog logs/error_log
#
# LogLevel: Control the number of messages logged to the error_log.
LogLevel debug
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
ServerSignature On
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] httpd 2.2.8 not responding to client requests
Posted by morgan gangwere <0....@gmail.com>.
On 11/17/08, Paul Doubek <pd...@xmission.com> wrote:
> Well... thanks for the input... it was the firewall after all. I had used
> the GUI to "disable" it but it must have still been running. I edited the
> /etc/sysconfig/iptables files per another article I found and bounced the
> server... still didn't work. I finally went back into the GUI Firewall admin
> tool, enabled the firewall, and told it to pass traffic for ports 80 and
> 443. Now I can hit the web server from both the SuSE and WinXP boxes. I
> guess it won't hurt to have a firewall on this machine, but since it's only
> a development server and it's sitting behind my Internet firewall I intended
> to get the Fedora firewall out of the way.
>
> Thanks again, Morgan, for the advice.
>
> Paul Doubek
>
> Paul Doubek wrote:
>
> > Morgan, thanks for the quick reply... see below:
> >
> > Morgan Gangwere wrote:
> >
> > > Paul Doubek wrote:
> > >
> > > > -Telnet from either box to Fedora's port 80 fails (SuSE: "No route to
> host", WinXP: Connect failed"), but telnet to Fedora's port 22 succeeds.
> > > >
> > >
> > I've looked in all the log files in /var/log/httpd. The only time I see
> any activity in those log files is if I access the Fedora web server from
> the Fedora machine (locally). It acts as if Apache is never seeing the
> traffic from the other two machines, but it appears to me that the OS is
> seeing the requests. That's what let me to look for (and find) the Fedora
> firewall running.
> >
> >
> > >
> > >
> > > > -Disabled the Fedora firewall as it was enabled when the build was
> complete.
> > > > -Have changed /var/www/html and all it's contents to be owned by
> user/group apache/apache, all have 755 permissions.
> > > >
> > > >
> > >
> >
> >
> > > Try going from the Fedora box to the SuSE box. If that works, routing is
> working one way. Make sure everything is in place and you //may// just find
> your problem.
> > >
> >
> > I will work that direction a little more. I actually hoped that in the act
> of trying to describe the problem the solution would come to me, as seems to
> happen quite often. I agree... it behaves like a routing problem except I
> can ping and TN both directions... so it seems like it's got to be a
> Transport or Session layer thing. I've been looking for some clue that would
> indicate either httpd or the OS is trapping or rejecting the packets but I'm
> striking out.
> >
> >
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
glad to hear. i was going to suggest packet sniffing on the fedora box
--
Morgan gangwere
"Space does not reflect society, it expresses it." -- Castells, M.,
Space of Flows, Space of Places: Materials for a Theory of Urbanism in
the Information Age, in The Cybercities Reader, S. Graham, Editor.
2004, Routledge: London. p. 82-93.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] httpd 2.2.8 not responding to client requests
Posted by Paul Doubek <pd...@xmission.com>.
Well... thanks for the input... it was the firewall after all. I had
used the GUI to "disable" it but it must have still been running. I
edited the /etc/sysconfig/iptables files per another article I found and
bounced the server... still didn't work. I finally went back into the
GUI Firewall admin tool, enabled the firewall, and told it to pass
traffic for ports 80 and 443. Now I can hit the web server from both the
SuSE and WinXP boxes. I guess it won't hurt to have a firewall on this
machine, but since it's only a development server and it's sitting
behind my Internet firewall I intended to get the Fedora firewall out of
the way.
Thanks again, Morgan, for the advice.
Paul Doubek
Paul Doubek wrote:
> Morgan, thanks for the quick reply... see below:
>
> Morgan Gangwere wrote:
>> Paul Doubek wrote:
>>> -Telnet from either box to Fedora's port 80 fails (SuSE: "No route to
>>> host", WinXP: Connect failed"), but telnet to Fedora's port 22 succeeds.
> I've looked in all the log files in /var/log/httpd. The only time I see
> any activity in those log files is if I access the Fedora web server
> from the Fedora machine (locally). It acts as if Apache is never seeing
> the traffic from the other two machines, but it appears to me that the
> OS is seeing the requests. That's what let me to look for (and find) the
> Fedora firewall running.
>
>>
>>> -Disabled the Fedora firewall as it was enabled when the build was
>>> complete.
>>> -Have changed /var/www/html and all it's contents to be owned by
>>> user/group apache/apache, all have 755 permissions.
>>>
>
>> Try going from the Fedora box to the SuSE box. If that works, routing
>> is working one way. Make sure everything is in place and you //may//
>> just find your problem.
>
> I will work that direction a little more. I actually hoped that in the
> act of trying to describe the problem the solution would come to me, as
> seems to happen quite often. I agree... it behaves like a routing
> problem except I can ping and TN both directions... so it seems like
> it's got to be a Transport or Session layer thing. I've been looking for
> some clue that would indicate either httpd or the OS is trapping or
> rejecting the packets but I'm striking out.
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] httpd 2.2.8 not responding to client requests
Posted by Paul Doubek <pd...@xmission.com>.
Morgan, thanks for the quick reply... see below:
Morgan Gangwere wrote:
> Paul Doubek wrote:
>> -Don't have DNS running for local addresses. I'm trying to access the
>> Fedora web service by IP address rather than host name.
>> -Can ping Fedora from both SuSE and WinXP.
>> -Telnet from either box to Fedora's port 80 fails (SuSE: "No route to
>> host", WinXP: Connect failed"), but telnet to Fedora's port 22 succeeds.
>
> Try pinging. No Route To Host means that there's proabably a layer 1 or
> 3 problem...
As you can see above... I can ping to the Fedora box from the SuSE and
WinXP boxes fine, in fact I can ping either SuSE or WinXP from Fedora as
well. I can also telnet from SuSE and WinXP to Fedora port 22 (SSH) but
I can't telnet to port 80. I can telnet from Fedora to SuSE port 22.
I've tried adding each of the machines to the other machines' hosts
files. That allows me to access ping each of the other machines by name,
but doesn't fix the http problem.
>
>> -All the machines are on the same segment/same network (192.168.1),
>> but Fedora and WinXP use the SuSE IP for the default gateway.
>> -Observed network traffic on the Fedora box while pinging and trying
>> to telnet/http access the box and I can see the traffic bump up, so I
>> don't think I'm getting blocked by the firewall.
> Could be your physical network or the layer 3 routing again.
>> -Set the error logging to Debug in httpd.conf.
>> -See no indication of a problem in the httpd/error_log or
>> access_log... there don't appear to be any entries that correspond to
>> my attempts to access the server remotely.
>
> Apache logs //everything// ttbomk.
I've looked in all the log files in /var/log/httpd. The only time I see
any activity in those log files is if I access the Fedora web server
from the Fedora machine (locally). It acts as if Apache is never seeing
the traffic from the other two machines, but it appears to me that the
OS is seeing the requests. That's what let me to look for (and find) the
Fedora firewall running.
>
>> -Disabled the Fedora firewall as it was enabled when the build was
>> complete.
>> -Have changed /var/www/html and all it's contents to be owned by
>> user/group apache/apache, all have 755 permissions.
>>
> Try going from the Fedora box to the SuSE box. If that works, routing is
> working one way. Make sure everything is in place and you //may// just
> find your problem.
I will work that direction a little more. I actually hoped that in the
act of trying to describe the problem the solution would come to me, as
seems to happen quite often. I agree... it behaves like a routing
problem except I can ping and TN both directions... so it seems like
it's got to be a Transport or Session layer thing. I've been looking for
some clue that would indicate either httpd or the OS is trapping or
rejecting the packets but I'm striking out.
I appreciate your thoughts on the subject.
Paul Doubek
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] httpd 2.2.8 not responding to client requests
Posted by Morgan Gangwere <0....@gmail.com>.
Paul Doubek wrote:
> I feel like a dummy for not figuring this out... I suspect it's a simple
> config problem. I've installed Apache 2.2.8 on Fedora Core 9 with SSL
> and PHP5 support. When I try to access the home page from either a SuSE
> box (my firewall) or my WinXP client it fails with "Failed to connect"
> (Firefox)/"cannot display the webpage" (IE). I can open web pages on the
> Fedora box; PHP and SSL both work. I've searched around the web and
> pored through several books to try to figure out where it's breaking
> down but I'm striking out... which leads me to believe that most folks
> don't have this problem. If you can point me in the right direction I
> can probably set it right... I'm just coming up blank with where else to
> look.
>
> -Installed Apache, PHP5, and SSL as part of the Fedora online
> installation rather than from separate packages or make files.
> -The SuSE box is my firewall, both the Fedora and WinXP boxes are on the
> inside interface.
> -Don't have DNS running for local addresses. I'm trying to access the
> Fedora web service by IP address rather than host name.
> -Can ping Fedora from both SuSE and WinXP.
> -Telnet from either box to Fedora's port 80 fails (SuSE: "No route to
> host", WinXP: Connect failed"), but telnet to Fedora's port 22 succeeds.
Try pinging. No Route To Host means that there's proabably a layer 1 or
3 problem...
> -All the machines are on the same segment/same network (192.168.1), but
> Fedora and WinXP use the SuSE IP for the default gateway.
> -Observed network traffic on the Fedora box while pinging and trying to
> telnet/http access the box and I can see the traffic bump up, so I don't
> think I'm getting blocked by the firewall.
Could be your physical network or the layer 3 routing again.
> -Set the error logging to Debug in httpd.conf.
> -See no indication of a problem in the httpd/error_log or access_log...
> there don't appear to be any entries that correspond to my attempts to
> access the server remotely.
Apache logs //everything// ttbomk.
> -Disabled the Fedora firewall as it was enabled when the build was
> complete.
> -Have changed /var/www/html and all it's contents to be owned by
> user/group apache/apache, all have 755 permissions.
>
> I've dug through the /etc/httpd/conf/httpd.conf file looking for a tweak
> I've missed. I tried both commenting out the "Listen" directive and
> putting the full IP address/port in with no change in behavior. (Yes, I
> restarted httpd after each change.) I am including a big chunk of the
> httpd.conf file that I thought might be relevant with most of the
> comments snipped out for brevity. Please let me know if I missed
> something that would help troubleshoot.
Try going from the Fedora box to the SuSE box. If that works, routing is
working one way. Make sure everything is in place and you //may// just
find your problem.
-0-0-0-0-0-
Morgan Gangwere
Unknown Software
http://sonof.bandit.name/
Member, INCOSE [ http://incose.org ] PACA [ http://paca.org ] and New
Mexico .NET Users Group [ http://nmug.net ]
Registered Linux user #LOLOLOLOLOLOLOLOLOL
"Please, in all cases, PEBKAC errors are your most liekly cause"
-- <mudkipz> on #cisco
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org