Difference between revisions of "Webserver"

From Blue-IT.org Wiki

(Ubuntu Hardy - 8.04)
(Apache2)
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
= Apache2 =
 
= Apache2 =
 +
== Redirect to HTTPS ==
 +
 +
RewriteEngine on
 +
RewriteCond  %{SERVER_PORT} ^80$
 +
RewriteRule  ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
 +
RewriteLogLevel 2
 +
 +
== Apache 2.4 ==
 +
Since apache version 2.4 there exists some new vocabularies for directives.
 +
 +
The next sections show the difference to apache2 version 2.2:
 +
 +
=== Directory ===
 +
Old
 +
  <Directory "/srv/www/whatever">
 +
    Options ExecCGI FollowSymLinks
 +
    AllowOverride None
 +
 +
    '''Order allow,deny'''
 +
    '''Allow from all'''
 +
 +
New
 +
  <Directory "/srv/www/whatever">
 +
    Options ExecCGI FollowSymLinks
 +
    AllowOverride All
 +
 +
    '''Require all granted'''
 +
 
== SSL ==
 
== SSL ==
 
=== Ubuntu Hardy - 8.04 ===
 
=== Ubuntu Hardy - 8.04 ===
Line 9: Line 37:
  
 
  sudo apt-get install ssl-cert
 
  sudo apt-get install ssl-cert
  sudo mkdir "${MY_SSLDIR}"
+
  sudo mkdir "${MY_SSL_DIR}"
  sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf "${MY_SSLDIR}/${MY_PAM_FILE}"
+
  sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf "${MY_SSL_DIR}/${MY_PAM_FILE}"
  
 
Now add the following to your virtual hosts config file (test with ''default''). And use the pam filename and path from above:
 
Now add the following to your virtual hosts config file (test with ''default''). And use the pam filename and path from above:
Line 27: Line 55:
 
== Subversion ==
 
== Subversion ==
 
* see [http://alephzarro.com/blog/2007/01/07/installation-of-subversion-on-ubuntu-with-apache-ssl-and-basicauth/ Installation of Subversion on Ubuntu, with Apache, SSL, and BasicAuth]
 
* see [http://alephzarro.com/blog/2007/01/07/installation-of-subversion-on-ubuntu-with-apache-ssl-and-basicauth/ Installation of Subversion on Ubuntu, with Apache, SSL, and BasicAuth]
 +
 +
== firefox Sync Server 1.5 ==
 +
--[[User:Apos|Apos]] ([[User talk:Apos|talk]]) 22:14, 24 May 2015 (CEST)
 +
This is still not working ...
 +
 +
------
 +
 +
* https://sathya.de/blog/how-tos/setup-your-own-firefox-1-5-sync-server-on-debian-with-apache2-and-mysql/
 +
* https://www.vegard.net/archives/10175/
 +
 +
 +
Errors
 +
 +
'''[:error] [pid 11729] INFO:mozsvc.metrics:{"code": 401, "request_time": 0.0018489360809326172, "remoteAddressChain": ["217.86.204.174"], "agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0", "token.assertion.audience_mismatch_error": 1, "token.assertion.verify_failure": 1, "tokenserver.assertion.verify": 0.0001819133758544922, "path": "https://YOURSERVER.TLD/token/1.0/sync/1.5", "method": "GET"}'''
 +
[:error] [pid 11729] Exception AttributeError: "'NoneType' object has no attribute 'pack'" in <bound method Connection.__del__ of <pymysql.connections.Connection object at 0x7fc210e83b90>> ignored
 +
[:error] [pid 11729] Exception AttributeError: "'NoneType' object has no attribute 'pack'" in <bound method Connection.__del__ of <pymysql.connections.Connection object at 0x7fc210b502d0>> ignored
 +
[ssl:warn] [pid 13326] AH01909: RSA certificate configured for www.YOURSERVER.TLD:443 does NOT include an ID which matches the server name
 +
  [ssl:warn] [pid 13347] AH01909: RSA certificate configured for www.YOURSERVER.TLD:443 does NOT include an ID which matches the server name
 +
 +
 +
[[Category:Web Development]]
 +
[[Category:Project Management]]

Latest revision as of 14:13, 5 November 2015

Apache2

Redirect to HTTPS

RewriteEngine on
RewriteCond   %{SERVER_PORT} ^80$
RewriteRule   ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
RewriteLogLevel 2

Apache 2.4

Since apache version 2.4 there exists some new vocabularies for directives.

The next sections show the difference to apache2 version 2.2:

Directory

Old

  <Directory "/srv/www/whatever">
   Options ExecCGI FollowSymLinks
   AllowOverride None

   Order allow,deny
   Allow from all

New

  <Directory "/srv/www/whatever">
   Options ExecCGI FollowSymLinks
   AllowOverride All

   Require all granted

SSL

Ubuntu Hardy - 8.04

First create a server certificate. Please add the directory and filennames according to your needs:

sudo a2enmod ssl
export MY_SSL_DIR="/etc/apache2/ssl"
export MY_PAM_FILE="apache.pem"
sudo apt-get install ssl-cert
sudo mkdir "${MY_SSL_DIR}"
sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf "${MY_SSL_DIR}/${MY_PAM_FILE}"

Now add the following to your virtual hosts config file (test with default). And use the pam filename and path from above:

<VirtualHost *>

[...]
       SSLEngine on
       SSLCertificateFile /etc/apache2/ssl/apache.pem
       SSLProtocol all
       SSLCipherSuite HIGH:MEDIUM
[...]

Restart the webserver

sudo invoke-rc.d apache2 restart

Subversion

firefox Sync Server 1.5

--Apos (talk) 22:14, 24 May 2015 (CEST) This is still not working ...



Errors

[:error] [pid 11729] INFO:mozsvc.metrics:{"code": 401, "request_time": 0.0018489360809326172, "remoteAddressChain": ["217.86.204.174"], "agent": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0", "token.assertion.audience_mismatch_error": 1, "token.assertion.verify_failure": 1, "tokenserver.assertion.verify": 0.0001819133758544922, "path": "https://YOURSERVER.TLD/token/1.0/sync/1.5", "method": "GET"}
[:error] [pid 11729] Exception AttributeError: "'NoneType' object has no attribute 'pack'" in <bound method Connection.__del__ of <pymysql.connections.Connection object at 0x7fc210e83b90>> ignored
[:error] [pid 11729] Exception AttributeError: "'NoneType' object has no attribute 'pack'" in <bound method Connection.__del__ of <pymysql.connections.Connection object at 0x7fc210b502d0>> ignored
[ssl:warn] [pid 13326] AH01909: RSA certificate configured for www.YOURSERVER.TLD:443 does NOT include an ID which matches the server name
 [ssl:warn] [pid 13347] AH01909: RSA certificate configured for www.YOURSERVER.TLD:443 does NOT include an ID which matches the server name