by ·0 Comments

After an update to Apache 2.4, my Chiliproject (served by Phusion Passenger) instance did not run anymore. The problem was twofold:

Firstly, I used passenger 3.0.19, which is not compatible with Apache 2.4:

apache2: Syntax error on line 140 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/passenger.load: Cannot load /home/roland/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/apache2/mod_passenger.so into server: /home/roland/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/apache2/mod_passenger.so: undefined symbol: unixd_config

This happens because Apache 2.4 has changed the symbol unixd_config to ap_unixd_config. The issue can quickly be solved by installing a more recent version of passenger:

gem install passenger –version 4.0.20

Afterwards, we need to cd to ~/.rvm/gems/ruby-1.9.3-p392/gems/passenger-4.0.20  and execute:

./bin/passenger-install-apache2-module

and follow the instructions. You may consider to specify a user and group under which Passenger will run. This is useful, if you have an rvm in your home directory. In my case these lines look like:

PassengerDefaultUser roland
PassengerDefaultGroup www-data

After this, Apache starts again without problems (sudo service apache2 restart), but instead of the web application we see the raw directory contents. This is because the access control mechanism blocks an execution of Passenger.
Open up the sites configuration (default: /etc/apache2/sites-available/www.conf) and add the following line to the <Directory> section that applies to your Chiliproject:

Require all granted

Afterwards, restart Apache once more.

References

  • [1] New API for Apache 2.4

by ·0 Comments

Simple-to-configure and -use access control is a very versatile feature of the Apache webserver. This article summarizes the basic steps for securing your website with such a login facility. Access control is enabled in the .htaccess file contained in the topmost folder to which it shall be applied (typically the root of your site). All directory levels below this will inherit the settings from this file (as explained here). Add the following lines to your .htaccess file:

# absolute or relative
AuthUserFile <path-to-document-root>/.htpasswd
AuthName "This message appears in the login dialog"
AuthType Basic # not very safe, but OK for temporary access control
Require valid-user # requires a user that is listed in the .htpasswd file
DirectoryIndex index.html #only necessary to show the test site

In order to test your access control settings, create an index.html in your site’s root directory:

<html><body><h1>You are allowed to see this :-)</h1></body></html>

In the same directory, create an .htpasswd file with initial user horst:

htpasswd -c .htpasswd horst
 # Afterwards, type and re-type horst's password

You may add more users as follows:

htpasswd .htpasswd bianca
htpasswd .htpasswd bernhar

Each line of .htpasswd contains a user name, followed by his/her MD5-encrypted password. If you see the passwords in plain text, delete .htpasswd and re-issue all of the above commands with option -m.

A number of online tools for generating .htpasswd and the directives in .htaccess exit, such as that on dynamicdrive.com.

Links

  • [1] htaccess documentation
  • [2] Online htaccess and htpasswd generator (one in a “million”)

by ·0 Comments

Currently (July 2013) 1 &1 uses PHP version 4.4.9 as default PHP version on its shared hosted servers as can be tested with php -v. Many content management systems like Joomla or Drupal need more advanced PHP versions. In order for those platforms to run/install, add this to your .htaccess:

AddType x-mapp-php6 .php
AddHandler x-mapp-php6 .php

These directives tell the webserver to use the newer PHP version – php6 -v yields 5.4.17 – for processing php files.

by ·0 Comments

The Apache Webserver is normally clever enough to tell which PHP/HTML/… file to use as the landing page of an URL. For instance, if you type http://blog.roland-kluge.de in your URL bar, the Webserver knows that you actually want to see http://blog.roland-kluge.de/index.php. Default files to redirect to are index.html, index.php and some more. However, sometimes the webserver may be hindered from finding the correct redirect and produces an appropriate HTML error code.

You may tell Apache which file to redirect to with the following directive in the web site’s root .htaccess:

DirectoryIndex index.html

You may even specify multiple sites which will be probed in the given sequence:

DirectoryIndex index.html somethingWentWrong.html

Links

  • [1] mod_dir reference providing the DirectoryIndex directive