Hey Apache webmasters,
Here's the tldr: I'm testing a simple catch-all rewrite rule. It doesn't seem to
be taking effect, it's not being logged and I'm not getting any errors.
Now here's the long version.
I'm a junior-level Linux systems administrator trying to gain a better understanding of how to configure the Apache web server. Right now I'm reading through some documentation and experimenting with Apache/2.2.22 on Ubuntu 12.04.5 LTS (Precise Pangolin).
One piece of advice I've read is that it's a good policy to use mod_rewrite to explicitly require HTTP/1.1 and reject HTTP/1.0 requests. The example code given is the following:
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1\.1$
RewriteRule .* - [F]
I tried adding this block to my configuration file:
/etc/apache2/conf.d/security
I also checked to make sure that mod_rewrite was enabled and that there were no other conflicting rewrite rules, e.g.:
$ sudo a2enmod rewrite
> Module rewrite already enabled
$ grep -Firl 'Rewrite' /etc/apache2/
> /etc/apache2/conf.d/security
> /etc/apache2/mods-enabled/rewrite.load
> /etc/apache2/mods-available/rewrite.load
Then I restarted Apache and tested out the new configuration with curl:
curl --http1.0 127.0.0.1
Unfortunately I got back the default welcome page instead of the expected 403 FORBIDDEN response. After a little bit of tinkering I ended up with the following rewrite configuration (in /etc/apache2/conf.d/security):
RewriteEngine On
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 3
RewriteCond %{THE_REQUEST} ^.*$
RewriteRule ^.*$ - [F]
Again I get the Apache default welcome page rather than the expected 403 FORBIDDEN response. Here is an example session where I test the server with curl and then check the log files (rewrite, error and access logs):
$ sudo service apache2 restart
> * Restarting web server apache2
> ... waiting . [OK ]
$ curl 127.0.0.1
> <html><body><h1>It works!</h1>
> <p>This is the default web page for this server.</p>
> <p>The web server software is running but no content has been added, yet.</p>
> </body></html>
$ sudo tail -1 /var/log/apache2/rewrite.log
>
$ sudo tail -2 /var/log/apache2/error.log
> [Sun Oct 25 18:13:13 2015] [notice] caught SIGTERM, shutting down
> [Sun Oct 25 18:13:13 2015] [notice] Apache/2.2.22 (Ubuntu) configured -- resuming normal operations
$ sudo tail -1 /var/log/apache2/access.log
> 127.0.0.1 - - [25/Oct/2015:18:13:16 +0000] "GET / HTTP/1.1" 200 402 "-" "curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3" I've also posted this question to serverfault; here's a link in case anyone is into that sort of thing:
Cheers,
Itamar
