Search Results

Search found 419 results on 17 pages for 'vhost'.

Page 6/17 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Multiple ServerRoot directives in single apache

    - by fip
    i came across a apache httpd 2.2 configuration recently in which multiple ServerRoot-directives were defined, each followed by individual prefork Settings. Sort of like this: ServerRoot root1 <IfModule prefork.c> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 </IfModule> [vhost-configs] ServerRoot root2 <IfModule prefork.c> StartServers 10 MinSpareServers 10 MaxSpareServers 20 MaxClients 250 MaxRequestsPerChild 0 </IfModule> [vhost-configs] In my understanding these are global settings one overriding the other. But is that true and is it still true with the second ServerRoot directive between the prefork blocks? Thank you in advance EDIT They are not in different conditional blocks and both server roots are used in that way that files with relative paths to both are correctly included. I just wondered if a <ServerRoot> would initiate a new scope in which all global statements would not override the configuration of previous ones.

    Read the article

  • Creating Multiple Users on Single PHP-FPM Pool

    - by Vince Kronlein
    Have PHP-FPM/FastCGI up and running on my cPanel/WHM server but I'd like have it allow for multiple users off of a single pool. Getting all vhosts to run off a single pool is simple by adding this to the Apache include editor under Global Post Vhost: <IfModule mod_fastcgi.c> FastCGIExternalServer /usr/local/sbin/php-fpm -host 127.0.0.1:9000 AddHandler php-fastcgi .php Action php-fastcgi /usr/local/sbin/php-fpm.fcgi ScriptAlias /usr/local/spin/php-fpm.fcgi /usr/local/sbin/php-fpm <Directory /usr/local/sbin> Options ExecCGI FollowSymLinks SetHandler fastcgi-script Order allow,deny Allow from all </Directory> </IfModule> But I'd like to find a way to implement php running under the user, but sharing the pool. I manage and control all the domains that run under the pool so I'm not concerned about security of files per account, I just need to make sure all scripting can be executed by the user who owns the files, instead of needing to change file permissions for each account, or having to create tons of vhost include files.

    Read the article

  • Passenger apache default page error

    - by gshankar
    I just installed Passenger and the Passenger Pref Pane on OSX. However, when I try to browse to one of my Rails applications I just get the default Apache "it works!" page. I've checked the vhost definitions and they seem ok so I can't seem to figure out whats wrong... I've tried reinstalling passenger and the pref pane and restarting apache but to no avail. Anyone know how to fix this? My vhost definition looks like this: <VirtualHost *:80> ServerName boilinghot.local DocumentRoot "/Users/ganesh/Code/boilinghot/public" RailsEnv development <Directory "/Users/ganesh/Code/boilinghot/public"> Order allow,deny Allow from all </Directory> </VirtualHost>

    Read the article

  • Apache2 graceful restart stops proxying requests to passenger

    - by Rob
    Issue with apache mod proxy, it stops proxying requests after a graceful restart but not all the time. It seems to happen only on a Sunday when a graceful restart is triggered by logrotate. [Sun Sep 9 05:25:06 2012] [notice] SIGUSR1 received. Doing graceful restart [Sun Sep 9 05:25:06 2012] [notice] Apache/2.2.22 (Ubuntu) Phusion_Passenger/3.0.11 configured -- resuming normal operations [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(492) failed in child 26153 for worker proxy:reverse [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(486) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(487) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(489) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(490) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(491) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(480) failed in child 26153 for worker http://api.myservice.org/api [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(481) failed in child 26153 for worker http://api.myservice.org/editor/$1 [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(483) failed in child 26153 for worker http://api.myservice.org/build [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(484) failed in child 26153 for worker http://api.myservice.org/help [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(485) failed in child 26153 for worker http://api.myservice.org/motd.html [Sun Sep 9 05:25:06 2012] [error] proxy: ap_get_scoreboard_lb(479) failed in child 26153 for worker http://api.myservice.org/motd.html After these lines, the logs are flooded with 404's because the requests are not being proxied. It's worth noting that the destination is just another vhost on the same apache instance, but the vhost (http://api.myservice.org) is serving passenger (mod_rails) I was thinking that maybe there's some startup issues with the passenger workers not being ready during a graceful restart? After a full restart resolves it and everything returns to normal. //Edit Here's the vhost config, thanks :) <VirtualHost *:80> UseCanonicalName Off LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <Directory /var/www/vhosts> RewriteEngine on AllowOverride All </Directory> RewriteEngine on RewriteCond /var/www/vhosts/%{SERVER_NAME} !-d RewriteCond /var/www/vhosts/%{SERVER_NAME} !-l RewriteRule ^ http://sitenotfound.myservice.org/ [R=302,L] VirtualDocumentRoot /var/www/vhosts/%0/current # Rewrite requests to /assets to map to the /var/file-store/<SERVER_NAME>/ RewriteMap lowercase int:tolower RewriteCond %{REQUEST_URI} ^/assets/ RewriteRule ^/assets/(.*)$ /var/file-store/${lowercase:%{SERVER_NAME}}/$1 # Map /login to /editor.html as it's far friendlier. RewriteCond %{REQUEST_URI} ^/login RewriteRule .* /editor.html [PT] # Forward some requests to the API ProxyPass /api http://api.myservice.org/api ProxyPass /site.json http://api.myservice.org/api/editor/site ProxyPassMatch ^/editor/(.*)$ http://api.myservice.org/editor/$1 ProxyPassMatch ^/api/(.*) http://api.myservice.org/api/$1 ProxyPass /build http://api.myservice.org/build ProxyPass /help http://api.myservice.org/help ProxyPass /motd.html http://api.myservice.org/motd.html <Proxy *> Order allow,deny Allow from all </Proxy> # TODO generate slightly more specific Error Documents for 401/403/500's, # but for now the 404 page is good enough ErrorDocument 401 /404.html ErrorDocument 403 /404.html ErrorDocument 404 /404.html ErrorDocument 500 /404.html </VirtualHost>

    Read the article

  • Confused about SPF Record setup

    - by Ramon A.
    Hello, I'm confused on how I should set up SPF records for my multiple domains. Here is my configuration: the setup is: (a) domain1.com points to server1 (b) mail.domain1.com points to server2 (c) domain2.com is a vhost in server1 (d) domain3.com is a vhost in server1 (e) and so on.. I want the SPF record to be set up so that domain1.com, domain2.com, domain3.com are authorized to send emails using mail.domain1.com. I'm confused on wether to put the SPF record on each domain, or on the main server only.

    Read the article

  • Enable Server Status using Plesk 11

    - by Lars Ebert
    I am trying to get apaches server status to work with Plesk 11. But running sudo /usr/sbin/apache2ctl fullstatus results in: Forbidden You don't have permission to access /server-status on this server. __________________________________________________________________ Apache Server at localhost Port 80 'www-browser -dump http://localhost:80/server-status' failed. Maybe you need to install a package providing www-browser or you need to adjust the APACHE_LYNX variable in /etc/apache2/envvars How can I enable server status? So far I have tried to insert <Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from localhost </Location> into the httpd.conf, but I am not sure if it is active. I also tried adding it to /var/www/vhosts/somedomain/conf/vhost.conf but I do not know which domain I have to add this to, as fullstatus seems to query localhost directly. I guess I am a little confused by the use of vhost configuration in Plesk.

    Read the article

  • how to set auto redirection in tomcat

    - by Registered User
    I have a site http://social.openitup.in right now what you are seeing is a default Tomcat6 page. I am using mod_ajp as a front end and Apache vhost configuration for same is <VirtualHost *:80 > ServerName social.openitup.in ServerAdmin webmaster@localhost ProxyRequests off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://192.168.1.19:8009/ ProxyPassReverse / ajp://192.168.1.19:8009/ </VirtualHost> How ever I have an application running on it http://social.openitup.in/olat what I want to do is when some one opens http://social.openitup.in then rather than seeing Tomcat6 home page from /var/lib/tomcat6/webapps/ROOT/index.html the person is redirected to olat application which is in /var/lib/tomcat6/webapps/olat how can this be achived? The above vhost configuration is on a machine separate than where OLAT is running.

    Read the article

  • Set ReturnPath globally in Postfix

    - by Gaia
    I have Magento using Sendmail and Wordpress using PHPmailer to send webapp-generated mail. Occasionally, someone will enter their email address incorrectly and the mail (let's say, a purchase receipt) will bounce back to the return-path specified by the script. I dont want to set the return path for each vhost, especially because it is not easily done. Ideally, WP would use the address of the blog admin and Magento would use one of the numerous email fields specified, but they default to using username@machinename (in my case, username is the system user and machinename is a FQDN, but it is not the same as the actual vhost FQDN). The result is that bounced mail returns to the server and, since the server is used only for outbound SMTP, the messages sit there, undelivered and worse, unread. I'm Postfix 2.6.6 on CentOS 6.3, is it possible to globally force a specific returnpath for all messages sent via PHP on the server?

    Read the article

  • Virtualizing Firewalls/UTM

    - by TheD
    So Sophos UTM (Astaro Gateway UTM) can be virtualized in Hyper-V, VMWare, vSphere etc. Now I'm new to virtualization, so am wondering how the networking would be configured in this situation. Imagine the following (a very simple setup). A Zyxel router acting as the default gateway, standard ADSL line. This is connected directly via Ethernet to my VHost, Hyper-V in my case. Now I assume I need two virtual network adapters, one which is the "External" interface to the firewall, and the other being the "Internal" interface. But where does my switch go, since I have 5 machines (or X number of machines). Where is the switch connected, to the internal interface on the VHost? What default gateway do my clients use etc? How would the routing work if these two interfaces weren't bridged since they are virtual networks anyway. I'm a little confused! Any advice is much appreciated! Cheers

    Read the article

  • Are there any tools for monitoring individual Apache virtual hosts in real-time?

    - by Dave Forgac
    I'm looking for a way to monitor and record Apache traffic, separated by virtual host. I am currently using Munin to capture this and other data for the entire server however I can't seem to find a way to do this by vhost. This link describes using a module called mod_watch which is apparently no longer in development: http://www.freshnet.org/wordpress/2007/03/08/monitoring-apaches-virtualhost-with-munin/ The file that is listed as being compatible with Apache 2.x is reported to have problems with missing vhosts an reporting data correctly. Does anyone know of a reliable way to determine real-time traffic per vhost? If I can find this it should be easy enough to write a new Munin plugin.

    Read the article

  • Exclude pings from apache error logs (ran from PHP exec)

    - by fooraide
    Now, for a number of reasons I need to ping several hosts on a regular basis for a dashboard display. I use this PHP function to do it: function PingHost($strIpAddr) { exec(escapeshellcmd('ping -q -W 1 -c 1 '.$strIpAddr), $dataresult, $returnvar); if (substr($dataresult[4],0,3) == "rtt") { //We got a ping result, lets parse it. $arr = explode("/",$dataresult[4]); return ereg_replace(" ms","",$arr[4]); } elseif (substr($dataresult[3],35,16) == "100% packet loss") { //Host is down! return "Down"; } elseif ($returnvar == "2") { return "No DNS"; } } The problem is that whenever there is an unknown host, I will get an error logged to my apache error log (/var/log/apache/error.log). How would I go about disabling logs for this particular function ? Disabling logs in the vhost is not an option since logs for that vhost are relevant, just not the pings. Thanks,

    Read the article

  • Multiple SSL vhosts using wildcard certificate in nginx

    - by vvanscherpenseel
    I have two hostnames sharing the same domain name which I want to serve over HTTPs. I've got a wildcard-SSL certificate and created two vhost configs: Host A listen 127.0.0.1:443 ssl; server_name a.example.com; root /data/httpd/a.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; Host B listen 127.0.0.1:443 ssl; server_name b.example.com; root /data/httpd/b.example.com; ssl_certificate /etc/ssl/wildcard.cer; ssl_certificate_key /etc/ssl/wildcard.key; However, I get the same vhost served for either hostname.

    Read the article

  • Apache Ubuntu SSL Configuration

    - by JSP
    Where besides the vhost configuration can SSL be configured? I see an SSL configuration in sites-available but it's not an enabled vhost (and the certificate it points to is expired). Using apache2 -V shows me the configuration directory is /etc/apache2 but I can not for the life of me find the SSL configuration and it's driving me crazy. Any suggestions on where to look or what I'm missing? Ubuntu 12 Linux ip-10-39-119-18 3.2.0-23-virtual #36-Ubuntu SMP Tue Apr 10 22:29:03 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

    Read the article

  • How do I get dynamic subdomains on domain aliases in Plesk? [closed]

    - by mitchdesign
    I am running a site that is available via many domains. So all domains depend on the same code, but depending on the requested domain, the correct information is shown to the user. In Plesk, I have one domain set up and it has domain aliases for all the others. This works ok. Now, I'd like to be able to use subdomains on those aliased domains. Like the domains, the subdomains will be used as input for the system to display the correct information. So, they are not a fixed set. What I have done: - In DNS I have added *.example.com CNAME example.com to the main domain. This is automatically copied by Plesk to all the aliases. So DNS-wise, I think it's ok. - I have added a vhost.conf file to the main domain, containing ServerAlias *.maindomain.tld. This works for the main domain. But still, not for the aliased domains. And there is no place to put vhost.conf files for the aliased domains.. How do I tell the server to respond to those domain's subdomains as well?

    Read the article

  • open_basedir vs sessions

    - by liquorvicar
    On a virtual hosting server I have the open_basedir set to .:/path/to/vhost/web:/tmp:/usr/share/pear for each virtual host. I have a client who's running WordPress and he's complaining about open_basedir errors thus: PHP WARNING: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/var/lib/php/session/sess_42k7jn3vjenj43g3njorrnrmf2) is not within the allowed path(s): (.:/path/to/vhost/web:/tmp:/usr/share/pear) So the PHP session save_path isn't included in open_basedir but sessions across all sites on the server seems to be working fine apart from in this intermittent instance. I thought that perhaps the default session handler ignored open_basedir and this warning was caused by WP accessing the session file directly. However from what I can see PHP 5.2.4 introduced open_basedir checking to the session.save_path config: http://www.php.net/ChangeLog-5.php#5.2.4 (I am on PHP 5.2.13). Any ideas?

    Read the article

  • Passenger apache default page error

    - by Ganesh Shankar
    Sorry if this is the wrong place to ask this question. I asked it a couple of days ago on Server Fault but am getting no love. (It is sort of related to rails development...) The Question I just installed Passenger and the Passenger Pref Pane on OSX. However, when I try to browse to one of my Rails applications I just get the default Apache "it works!" page. I've checked the vhost definitions and they seem ok so I can't seem to figure out whats wrong... I've tried reinstalling passenger and the pref pane and restarting apache but to no avail. Anyone know how to fix this? My vhost definition looks like this: <VirtualHost *:80> ServerName boilinghot.local DocumentRoot "/Users/ganesh/Code/boilinghot/public" RailsEnv development <Directory "/Users/ganesh/Code/boilinghot/public"> Order allow,deny Allow from all </Directory> </VirtualHost>

    Read the article

  • Disable MOD_PHP in vhosts and activate suphp

    - by mezgani
    I need to desactivate mod_php on a vhost and let it working for other vhosts, I need to disable it in order to activate suphp. here is the vhost config : Options +Indexes ServerName www.native.org ServerAlias native.org DocumentRoot /home/user/www/native/current ServerAdmin [email protected] UseCanonicalName Off CustomLog /var/log/apache2/native_access.log combined ErrorLog /var/log/apache2/native_error.log <Directory /home/user/www/native/current> RemoveHandler .php AllowOverride All Options FollowSymLinks Order allow,deny allow from all </Directory> suPHP_Engine on SuexecUserGroup user native <IfModule mod_suphp.c> suPHP_UserGroup user native AddHandler x-httpd-php .php .php3 .php4 .php5 suPHP_AddHandler x-httpd-php </IfModule> NB: mod_php is activated by default for all vhosts

    Read the article

  • apache+mod_wsgi configuration for django project(s) on a quad core

    - by Stefano
    I've been experiment quite some time with a "typical" django setting upon nginx+apache2+mod_wsgi+memcached(+postgresql) (reading the doc and some questions on SO and SF, see comments) Since I'm still unsatisfied with the behavior (definitely because of some bad misconfiguration on my part) I would like to know what a good configuration would look like with these hypotesis: Quad-Core Xeon 2.8GHz 8 gigs memory several django projects (anything special related to this?) These are excerpts form my current confs: apache2 SetEnv VHOST null #WSGIPythonOptimize 2 <VirtualHost *:8082> ServerName subdomain.domain.com ServerAlias www.domain.com SetEnv VHOST subdomain.domain AddDefaultCharset UTF-8 ServerSignature Off LogFormat "%{X-Real-IP}i %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" custom ErrorLog /home/project1/var/logs/apache_error.log CustomLog /home/project1/var/logs/apache_access.log custom AllowEncodedSlashes On WSGIDaemonProcess subdomain.domain user=www-data group=www-data threads=25 WSGIScriptAlias / /home/project1/project/wsgi.py WSGIProcessGroup %{ENV:VHOST} </VirtualHost> wsgi.py import os import sys # setting all the right paths.... _realpath = os.path.realpath(os.path.dirname(__file__)) _public_html = os.path.normpath(os.path.join(_realpath, '../')) sys.path.append(_realpath) sys.path.append(os.path.normpath(os.path.join(_realpath, 'apps'))) sys.path.append(os.path.normpath(_public_html)) sys.path.append(os.path.normpath(os.path.join(_public_html, 'libs'))) sys.path.append(os.path.normpath(os.path.join(_public_html, 'django'))) os.environ['DJANGO_SETTINGS_MODULE'] = 'settings' import django.core.handlers.wsgi _application = django.core.handlers.wsgi.WSGIHandler() def application(environ, start_response): """ Launches django passing over some environment (domain name) settings """ application_group = environ['mod_wsgi.application_group'] """ wsgi application group is required. It's also used to generate the HOST.DOMAIN.TLD:PORT parameters to pass over """ assert application_group fields = application_group.replace('|', '').split(':') server_name = fields[0] os.environ['WSGI_APPLICATION_GROUP'] = application_group os.environ['WSGI_SERVER_NAME'] = server_name if len(fields) > 1 : os.environ['WSGI_PORT'] = fields[1] splitted = server_name.rsplit('.', 2) assert splitted >= 2 splited.reverse() if len(splitted) > 0 : os.environ['WSGI_TLD'] = splitted[0] if len(splitted) > 1 : os.environ['WSGI_DOMAIN'] = splitted[1] if len(splitted) > 2 : os.environ['WSGI_HOST'] = splitted[2] return _application(environ, start_response)` folder structure in case it matters (slightly shortened actually) /home/www-data/projectN/var/logs /project (contains manage.py, wsgi.py, settings.py) /project/apps (all the project ups are here) /django /libs Please forgive me in advance if I overlooked something obvious. My main question is about the apache2 wsgi settings. Are those fine? Is 25 threads an /ok/ number with a quad core for one only django project? Is it still ok with several django projects on different virtual hosts? Should I specify 'process'? Any other directive which I should add? Is there anything really bad in the wsgi.py file? I've been reading about potential issues with the standard wsgi.py file, should I switch to that? Or.. should this conf just be running fine, and I should look for issues somewhere else? So, what do I mean by "unsatisfied": well, I often get quite high CPU WAIT; but what is worse, is that relatively often apache2 gets stuck. It just does not answer anymore, and has to be restarted. I have setup a monit to take care of that, but it ain't a real solution. I have been wondering if it's an issue with the database access (postgresql) under heavy load, but even if it was, why would the apache2 processes get stuck? Beside these two issues, performance is overall great. I even tried New Relic and got very good average results.

    Read the article

  • Having Hotlink Protectin problem in nginx

    - by Ayaz Malik
    Hello, i am having image hotlink protection problem in my nginx need help. i have a huge issue of my site's images being submited to social networks like stumbleupon with direct link ... xxxxx.jpg which some times get huge traffic and increases cpu usage plus bandwidth usage. what i am trying to do is block direct access to image from other refrers and hotlink protection. Here is the code from my vhost.conf server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } So for hotlink protection i added this code : location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } This is how the current nginx code for this domain looks like but didn't worked: server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } Thank you in advance :) cheers

    Read the article

  • Trouble in Nginx hotlink protection

    - by Ayaz Malik
    I am trying to implement image hotlink protection problem in nginx and I need help. I have a huge issue of my site's images being submitted to social networks like StumbleUpon with a direct link like http://example.com/xxxxx.jpg Which sometimes gets huge traffic and increases CPU usage and bandwidth usage. I want to block direct access to my images from other referrers and protect them from being hotlinked. Here is the code from my vhost.conf server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } For hotlink protection I added this code location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } This is the current nginx code for this domain, but it didn't work: server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } How can I fix this?

    Read the article

  • Issues with ProxyPass and ProxyPassReverse when proxying to localhost and a different TCP port

    - by mbrownnyc
    I am attempting to use ProxyPass and ProxyPassReverse to proxy requests through Apache to another server instance that is bound to the localhost on a different TCP port that the Vhost exists (VHost is bound to :80, when the target is bound to :5000). However, I am repeatedly receiving HTTP 503 when accessing the Location. According to the ProxyPass documentation... <VirtualHost *:80> ServerName apacheserver.domain.local DocumentRoot /var/www/redmine/public ErrorLog logs/redmine_error <Directory /var/www/redmine/public> Allow from all Options -MultiViews Order allow,deny AllowOverride all </Directory> </VirtualHost> PassengerTempDir /tmp/passenger <Location /rhodecode> ProxyPass http://127.0.0.1:5000/rhodecode ProxyPassReverse http://127.0.0.1:5000/rhodecode SetEnvIf X-Url-Scheme https HTTPS=1 </Location> I have tested binding the alternate server to the interface IP address, and the same issue occurs. The server servicing request is an instance of python paste:httpserver, and it has been configured to use the /rhodecode suffix (as I saw this to be mentioned in other posts about ProxyPass). The documentation from the project itself, Rhodecode, reports to use the above. The issue is persistent if I target another server that is serving on a different port. Does ProxyPass allow proxying to a different TCP port? [update] I won't delete this, in case someone comes across the same issue. I had set an ErrorLog, and in that ErrorLog the following error was reported: [Wed Nov 09 11:36:35 2011] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:5000 (192.168.100.100) failed [Wed Nov 09 11:36:35 2011] [error] ap_proxy_connect_backend disabling worker for (192.168.100.100) After some more research, I attempted to set SELinux to permissive (echo 0 >/selinux/enforce), and try again. It turns out the SELinux boolean httpd_can_network_connect must be set to 1. For persistence on reboot: setsebool -P httpd_can_network_connect=1

    Read the article

  • How can I get HTTPD to serve the html/php files and not list/index them when they are in folder for virtual host. Using Centos 6.0

    - by LaserBeak
    My virtual hosts are configured as below, initally I could not even get to the /public_html/ directory when typing example.com and apache would just serve me up the default welcome page, I would also get the error: Directory index forbidden by Options directive: /var/www/html/example.com/public_html/ in the log . After editing the welcome.conf page (- Index) so it does not show again when I now type example.com the/public_html/ contents (Index.php) are indexed in the browser. Where as I want it to actually execute and diplay the index.php page. vhost.conf , located in etc/httpd/vhost.d/ NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin [email protected] ServerName localhost ServerAlias localhost.example.com DocumentRoot /var/www/html/example.com/public_html/ ErrorLog /var/www/html/example.com/logs/error.log CustomLog /var/www/html/example.com/logs/access.log combined </VirtualHost> <VirtualHost *:80> ServerAdmin [email protected] ServerName example.org ServerAlias www.example.org DocumentRoot /var/www/html/example.org/public_html/ ErrorLog /var/www/html/example.org/logs/error.log CustomLog /var/www/html/example.org/logs/access.log combined </VirtualHost> httpd.conf, settings on default, added onto end: Include /etc/httpd/vhosts.d/*.conf Root directories: DocumentRoot "/var/www/html"

    Read the article

  • Trying to reconcile global ip address and Vhosts

    - by puk
    I have been using my local machine as a web server for a while, and I have several websites set up locally on my machine, all with similar Vhost files like the one seen here /etc/apache2/sites-available/john.smith.com: <VirtualHost *:80> RewriteEngine on RewriteOptions Inherit ServerAdmin [email protected] ServerName john.smith.com ServerAlias www.john.smith.com DocumentRoot /home/john/smith # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn LogFormat "%v %l %u %t \"%r\" %>s %b" comonvhost CustomLog /var/log/apache2/access.log comonvhost </VirtualHost> then I set up the /etc/hosts file like so for every Vhost: 192.168.1.100 www.john.smith.com john.smith.com 192.168.1.100 www.jane.smith.com jane.smith.com 192.168.1.100 www.joe.smith.com joe.smith.com 192.168.1.100 www.jimbob.smith.com jimbob.smith.com Now I am hosting my friend's website until he gets a permanent domain. I have port forwarding set up to redirect port 80 to my machine, but I don't understand how the global ip fits into all of this. Do I for example use the following web site addresses (assume global ip is 12.34.56.789): 12.34.56.789.john.smith 12.34.56.789.jane.smith 12.34.56.789.joe.smith 12.34.56.789.jimbob.smith

    Read the article

  • Gitlab and Nginx not loading gitlab

    - by paperids
    I have just installed gitlab and nginx on Ubuntu LTS 12.04 using this guide: http://blog.compunet.co.za/gitlab-installation-on-ubuntu-server-12-04/ I installed this on another server last night and had absolutely no problems with it (sort of a test run to see how long it would take to get going). I am not getting any errors when restarting gitlab or nginx with /etc/init.d and my error logs are empty. The only thing I know of to go on is the vhost config: upstream gitlab { server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.sock$ } server { listen localhost:80; server_name gitlab.bluringdev.com; root /home/gitlab/gitlab/public; # individual nginx logs for this gitlab vhost access_log /var/log/nginx/gitlab_access.log; error_log /var/log/nginx/gitlab_error.log; location / { # serve static files from defined root folder;. # @gitlab is a named location for the upstream fallback$ try_files $uri $uri/index.html $uri.html @gitlab; } # if a file, which is not found in the root folder is r$ # then the proxy pass the request to the upsteam (gitla$ location @gitlab { proxy_redirect off; # you need to change this to "https", if you set "ssl" $ proxy_set_header X-FORWARDED_PROTO http; proxy_set_header Host gitlab.bluringdev.com:80; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://gitlab; } } If there's any other information that would be helpful, just let me know and I'll get it up asap.

    Read the article

  • apache2 VirtualHost in Mac OS X home directory

    - by aaron
    I am running Macports apache2 on Mac OS X 10.5. Whenever I configure a virtual host in the default folder, it works, however when I configure the virtual host in my home directory I get a "403 Forbidden" error. How do I configure a vhost in my home directory? Here is the configuration that yields "403 Forbidden" when I access "devel.mysite.com": /opt/local/apache2/conf/extra/httpd-vhosts.conf: DocumentRoot "/opt/local/apache2/htdocs" ServerName * #CustomLog "" common <VirtualHost *:80> #DocumentRoot "/opt/local/apache2/htdocs/mysite" DocumentRoot "/Users/myuser/Sites/mysite" ServerName devel.mysite.com </VirtualHost> The error message in /opt/local/apache2/logs/devel.mysite.com-error_log: [Sat Apr 17 19:54:49 2010] [error] [client 127.0.0.1] client denied by server configuration: /Users/myuser/Sites/mysite/ When I uncomment the line to make DocumentRoot in /opt/local/apache2/htdocs/mysite, it works: DocumentRoot "/opt/local/apache2/htdocs" ServerName * #CustomLog "" common <VirtualHost *:80> DocumentRoot "/opt/local/apache2/htdocs/mysite" #DocumentRoot "/Users/myuser/Sites" ServerName devel.mysite.com </VirtualHost> I get no errors or warnings when I start apache, and the only thing that is logged on startup is this (in /opt/local/apache/logs/error_log): [Sat Apr 17 19:56:29 2010] [notice] Digest: generating secret for digest authentication ... [Sat Apr 17 19:56:29 2010] [notice] Digest: done [Sat Apr 17 19:56:29 2010] [notice] Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8m DAV/2 configured -- resuming normal operations A few notes: * The permissions of /Home/myuser/Sites/mysite is 755, owned by myuser, group is staff * Everything else works as expected, until I move the ServerRoot of the vhost to the directory in my home

    Read the article

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >