On 4/20/2021 2:56 PM, @lbutlr wrote:
On 20 Apr 2021, at 09:45, Jim Albert wrote:
On 4/20/2021 9:48 AM, @lbutlr wrote:
If I define SSLCipherSuite DEFAULT will apache show the ciphers that are
defined by openSSL and will be used?
Is this the best way to go, or should I specifically list TLSv1.
On 20 Apr 2021, at 09:45, Jim Albert wrote:
> On 4/20/2021 9:48 AM, @lbutlr wrote:
>> If I define SSLCipherSuite DEFAULT will apache show the ciphers that are
>> defined by openSSL and will be used?
>>
>> Is this the best way to go, or should I specifically list TLSv1.2 and TLS1.3?
>>
>> The co
On Tue, Apr 20, 2021 at 6:25 AM Marcel Roșca wrote:
>
> I configured two sites using the "VirtualHost" method in apache2, but if
> there is an error in the first configuration file when I call my site, it
> enters the second site.
...
> the problem is when an error occurs in one of these two fil
If rewriterules cause the error you would get the log in the httpd
error log too. Possibly what you mention, php or whatever backend..
El mar, 20 abr 2021 a las 19:01, Dave Wreski
() escribió:
>
>
>
> On 4/20/21 12:41 PM, Daniel Ferradal wrote:
> > We can just speculate here to those questions. Ru
On 4/20/21 12:41 PM, Daniel Ferradal wrote:
We can just speculate here to those questions. Rule of thumb if not
showing in httpd error log, not httpd error.
Thanks so much for your help. Would that include any RewriteRule entries?
Of course just speculation, but that would lead me more towa
We can just speculate here to those questions. Rule of thumb if not
showing in httpd error log, not httpd error.
El mar, 20 abr 2021 a las 15:59, Dave Wreski
() escribió:
>
>
>
> On 4/20/21 8:54 AM, Daniel Ferradal wrote:
> > That's the key then, you are probably reverse proxying somewhere and
> >
Have you tried the mozzilla ssl generator, it generally is quite good:
For intermediate Security allowing TLSv1.2 for example:
https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1d&guideline=5.6
El mar, 20 abr 2021 a las 17:46, Jim Albert () escribió:
>
>
On 4/20/2021 9:48 AM, @lbutlr wrote:
If I define SSLCipherSuite DEFAULT will apache show the ciphers that are
defined by openSSL and will be used?
Is this the best way to go, or should I specifically list TLSv1.2 and TLS1.3?
The complete list of ciphers that openssl supports numbers 60 and sti
Thanks Daniel and @lbutlr!
OK, did that. I moved the auth user file lines from the *:80 to the
*:443 vhosts. I also in desperation added
Require all denied
to the :443 vhost.
Suddenly, going to the subdir gives me the login prompt!
But of course the top dir and all the other subdirs are
On 4/20/21 8:54 AM, Daniel Ferradal wrote:
That's the key then, you are probably reverse proxying somewhere and
the 500 errors comes from there and not from Apache. Apache always
logs HTTP 500 status code in error log.
Even more, the headers you pasted have no Server: Apache and there are
man
If I define SSLCipherSuite DEFAULT will apache show the ciphers that are
defined by openSSL and will be used?
Is this the best way to go, or should I specifically list TLSv1.2 and TLS1.3?
The complete list of ciphers that openssl supports numbers 60 and still
includes some 14 TLSv1 ciphers like
On 20 Apr 2021, at 06:59, Adrian wrote:
> Daniel Ferradal wrote:
>>
>> ServerName whatever.example.com
>> Redirect / https://whatever.example.com/
>> CustomLog logs/whatevever.example.com.log common
>>
This is one more line that my port 80 configs have, I do not log connections to
port 80.
>
Just define the appropriate *:80 virtualhosts with the redirects and
without taking any shortcuts in the configuration like I showed you,
if it works for you then you can worry later about making it all fancy
and brief.
El mar, 20 abr 2021 a las 15:00, Adrian
() escribió:
>
> Thanks again
>
> So i
I'm intrigued but maybe it was said but I missed it.
You say you can´t do: "aaa.bbb.ccc.ddd/app1, aaa.bbb.ccc.ddd/app2¨
Well, you can, but in the same virtualhost, and you can even point to
multiple fpm pools for each
Did you try something like this? :
Servername ip # no paths here just the ip
Thanks again
So if I redirect to the https version I can out all my per-directory
config into the *:443 vhost entry?
My worry is where that leaves some primitive browsers that don't
support SSL. Can they not access the page at all? Do they use the
*:80 vhost entry and bypass any config that's i
20 Apr 2021, at 06:25, Marcel Roșca wrote:
> I configured two sites using the "VirtualHost" method in apache2, but if
> there is an error in the first configuration file when I call my site, it
> enters the second site. my configuration files are:
This is very confusing. Using white space to se
That's the key then, you are probably reverse proxying somewhere and
the 500 errors comes from there and not from Apache. Apache always
logs HTTP 500 status code in error log.
Even more, the headers you pasted have no Server: Apache and there are
many other headers that tell us you are not dealing
Generally I would never define virtualhosts with , I
think it is better and more straightforward to specify everything,
specially when starting to admin your first apache servers. For
example purposes, let's say I would define them like these in a more
straightforward way:
Listen 80
Listen 443
S
If the error comes from apache itself you should have an error log
entry, what does it say?
I don't have any error log entries, only the 500 error response in the
access log.
72.70.38.104 - - [19/Apr/2021:21:38:56 -0400] "GET
/advisories/debian/debian-dsa-2944-1-gnutls26-security-update H
Thanks again Daniel
I've added a ServerName line to the top level vhost with the name of my
server. No change.
Yes, there are two files in sites-enabled, 000-default and 000-ssl. I
suspect that's the cause of the problem.
I'd thought that 000-ssl only had SSL-related things and had assumed
tha
I configured two sites using the "VirtualHost" method in apache2, but if
there is an error in the first configuration file when I call my site, it
enters the second site. my configuration files are:
1: audio-castle.live:
Protocols h2
Redirect / https://audio-castle.live
Protocols h2
ServerN
Hello,
This says you have two virtualhosts pointing to the same name, so only
the first one will be used:
(/etc/apache2/sites-enabled/000-default.conf:46) *:443
is a NameVirtualHost default server www.example.org
(/etc/apache2/sites-enabled/000-ssl:2) port 443 namevhost
www.example.org
But still
Thanks Daniel.
I had one redundant .htaccess file in the vhost domain, now removed.
Restarted and no change.
Results of apachectl -S below:
apachectl -S
[Tue Apr 20 11:22:05.839049 2021] [so:warn] [pid 2744] AH01574: module
ssl_module is already loaded, skipping VirtualHost configuration:
*:*
Check "apachectl -S" output in case there is some other virtualhost
there getting the requests.
That virtualhost as it is should deny access, if it is not, then there
is something missing in what you show. Not sure if it may be another
virtualhost or another virtualhost and .htaccess, etc.
El mar
using Apache/2.4.38 (Debian)
with Debian-style split config.
Here are the relevant bits of a vhost. This is
in /etc/apache2/sites-enabled/000-default.
ServerName www.example.org
DocumentRoot /var/www/example
CustomLog /var/log/apache2/example/access.log combined
# DISABLE THE ENTIRE DOCROO
25 matches
Mail list logo
