Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Apache>
  3. Users
Help check my config for server section
support at openmbox
Nov 11, 2022, 5:31 AM
Post #1 of 3 (238 views)
Permalink
I think I need to read httpd's doc carefully.
Before doing that can you help check my this config (for php primarily) are going without issue?
Thanks in advance.


root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
<VirtualHost *:80>

ServerAdmin webmaster@localhost
ServerName mail.openmbox.net

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =mail.openmbox.net
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>


root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
<IfModule mod_ssl.c>
<VirtualHost *:443>

ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
DocumentRoot /var/www/snappy

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined


<Directory />
Options None
AllowOverride None
Require all denied
</Directory>

<Directory /var/www/snappy>
Options +Indexes
Order deny,allow
Allow from all
Require all granted
</Directory>

<Directory /var/www/snappy/data>
Require all denied
</Directory>

SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: Help check my config for server section [ In reply to ]
thumbs at apache
Nov 11, 2022, 8:37 AM
Post #2 of 3 (237 views)
Permalink
That config snippet has no effect on php; that being said, you many two
issues so far:

1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect
suffices
2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2
directives, and unload the mod_access_compat module

On Fri, 11 Nov 2022 at 08:32, <support@openmbox.net> wrote:

> I think I need to read httpd's doc carefully.
> Before doing that can you help check my this config (for php primarily)
> are going without issue?
> Thanks in advance.
>
>
> root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> <VirtualHost *:80>
>
> ServerAdmin webmaster@localhost
> ServerName mail.openmbox.net
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
> RewriteEngine on
> RewriteCond %{SERVER_NAME} =mail.openmbox.net
> RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> </VirtualHost>
>
>
> root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
>
> ServerAdmin webmaster@localhost
> ServerName mail.openmbox.net
> DocumentRoot /var/www/snappy
>
> ErrorLog ${APACHE_LOG_DIR}/error.log
> CustomLog ${APACHE_LOG_DIR}/access.log combined
>
>
> <Directory />
> Options None
> AllowOverride None
> Require all denied
> </Directory>
>
> <Directory /var/www/snappy>
> Options +Indexes
> Order deny,allow
> Allow from all
> Require all granted
> </Directory>
>
> <Directory /var/www/snappy/data>
> Require all denied
> </Directory>
>
> SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
> SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
> Include /etc/letsencrypt/options-ssl-apache.conf
> </VirtualHost>
> </IfModule>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
Re: Help check my config for server section [ In reply to ]
support at openmbox
Nov 11, 2022, 4:31 PM
Post #3 of 3 (237 views)
Permalink
I finally use this config:

<IfModule mod_ssl.c>
<VirtualHost *:443>

ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
DocumentRoot /var/www/snappy

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory />
Options None
AllowOverride None
Require all denied
</Directory>

<Directory /var/www/snappy>
Options +Indexes
Require all granted
</Directory>

<Directory /var/www/snappy/data>
Require all denied
</Directory>

SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>


And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it.

Thank you for your kind helps.
Henry




November 12, 2022 at 12:37 AM, "Frank Gingras" <thumbs@apache.org> wrote:


>
> That config snippet has no effect on php; that being said, you many two issues so far:
>
> 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices
> 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module
>
> On Fri, 11 Nov 2022 at 08:32, <support@openmbox.net> wrote:
>
> >
> > I think I need to read httpd's doc carefully.
> > Before doing that can you help check my this config (for php primarily) are going without issue?
> > Thanks in advance.
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> > <VirtualHost *:80>
> >
> >         ServerAdmin webmaster@localhost
> >         ServerName mail.openmbox.net http://mail.openmbox.net/
> >
> >         ErrorLog ${APACHE_LOG_DIR}/error.log
> >         CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> > RewriteEngine on
> > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/
> > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> > </VirtualHost>
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> > <IfModule mod_ssl.c>
> > <VirtualHost *:443>
> >
> >         ServerAdmin webmaster@localhost
> >         ServerName mail.openmbox.net http://mail.openmbox.net/
> >         DocumentRoot /var/www/snappy
> >
> >         ErrorLog ${APACHE_LOG_DIR}/error.log
> >         CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> >   <Directory />
> >     Options None
> >     AllowOverride None
> >     Require all denied
> >   </Directory>
> >
> >   <Directory /var/www/snappy>
> >     Options +Indexes
> >     Order deny,allow
> >     Allow from all
> >     Require all granted
> >   </Directory>
> >
> >   <Directory /var/www/snappy/data>
> >      Require all denied
> >   </Directory>
> >
> > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem http://mail.openmbox.net/fullchain.pem
> > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem http://mail.openmbox.net/privkey.pem
> > Include /etc/letsencrypt/options-ssl-apache.conf
> > </VirtualHost>
> > </IfModule>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal