How do I server multiple domains from the same directory and codebase without my configuraton breaking when apache.conf is overwritten?
Posted
by
neokio
on Pro Webmasters
See other posts from Pro Webmasters
or by neokio
Published on 2014-05-16T06:34:45Z
Indexed on
2014/06/10
3:44 UTC
Read the original article
Hit count: 179
apache
I have 20 domains on a VPS running cPanel. One public_html is filled with code, the remaining 19 are symbolic links to that one. (For example, assets
is a directory within public_html
... for the 19 others, there's a symbolic link to that directory in each each accounts public_html
dir.)
It's all PHP / MySQL database driven, with content changing depending on the domain. It works like a charm, assuming cPanel has suExec
enabled correctly, and assuming apache.conf does NOT have SymLinksIfOwnerMatch
enabled.
However, every few weeks, my apache.conf
is mysteriously overwritten, re-enabling SymLinksIfOwnerMatch
, and disabling all 19 linked sites for as long as it takes for me to notice. Here's the offending line in apache.conf:
<Directory "/">
AllowOverride All
Options ExecCGI FollowSymLinks IncludesNOEXEC Indexes SymLinksIfOwnerMatch
</Directory>
The addition of SymLinksIfOwnerMatch
disables the sites in a strange way ... the html is generated correctly, but all css/js/image in the html fails to load. Clicking any link redirects to /
. And I have no idea why. I do have a few things in my .htaccess
, which work fine when SymLinksIfOwnerMatch
is not present:
<IfModule mod_rewrite.c>
# www.example.com -> example.com
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Remove query strings from static resources
RewriteRule ^assets/js/(.*)_v(.*)\.js /assets/js/$1.js [L]
RewriteRule ^assets/css/(.*)_v(.*)\.css /assets/css/$1.css [L]
RewriteRule ^assets/sites/(.*)/(.*)_v(.*)\.css /assets/sites/$1/$2.css [L]
# Block access to hidden files and directories
RewriteCond %{SCRIPT_FILENAME} -d [OR]
RewriteCond %{SCRIPT_FILENAME} -f
RewriteRule "(^|/)\." - [F]
# SLIR ... reroute images to image processor
RewriteCond %{REQUEST_URI} ^/images/.*$
RewriteRule ^.*$ - [L]
# ignore rules if URL is a file
RewriteCond %{REQUEST_FILENAME} !-f
# ignore rules if URL is not php
#RewriteCond %{REQUEST_URI} !\.php$
# catch-all for routing
RewriteRule . index.php [L]
</ifModule>
I also use most of the 5G Blacklist 2013 for protection against exploits and other depravities. Again, all of this works great, except when SymLinksIfOwnerMatch
gets added back into apache.conf.
Since I've failed to find the cause of whatever cPanel/security update is overwriting apache.conf, I thought there might be a more correct way to accomplish my goal using group permissions.
I've created a 'www' group, added all accounts to the group, and chmod -R
'd the code source to use that group. Everything is 644
or 755
. But doesn't seem to be enough. My unix isn't that strong. Do you need to restart something for group changes to take effect? Probably not. Anyways, I'm entering unknown territory.
Can anyone recommend the right way to configure a website for multiple sites using one codebase that doesn't rely on apache.conf?
© Pro Webmasters or respective owner