On 03 Oct 2018, at 12:07, Filipe Cifali <cifali.filipe@xxxxxxxxx> wrote:
> you can check what virtualhost is being served via apache2ctl like this: $ apache2ctl -S
> $ apache2ctl -h provides this info:
> -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG
Yes that is all fine, and the site was loading perfectly for almost three and a half hours.
port 443 namevhost www.XXX.com (/usr/local/etc/apache24/users/XXX.conf:1)
alias XXX.com
port 80 namevhost www.XXX.com (/usr/local/etc/apache24/users/XXX,conf:26)
alias XXX.com
I do not have an apache2ctl, just apachectl (apache 2.4 FreeBSD 11.2-REALEASE compiled from ports)
> After checking that the right vhost is being served, start removing proxy logic and just make the txt work again, then slowly start adding the proxy config to make the php work again.
There is exactly one line in the site configuration that, when commented, makes the site work again. Though, possibly only for a little while. I’ll have to check more in 3-4 hours. There is no other proxy logic at all.
> If you can, post the full vhost here regarding the domain that misbehaves.
Sure, but other than the host name, it is identical to all the other sites.
<VirtualHost *:443>
ServerName www.XXX
ServerAlias XXX
DocumentRoot /www/XXX/
#ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/www/XXX/$1
<Directory "/www/XXX/">
Options +Indexes +FollowSymLinks +MultiViews -SymLinksIfOwnerMatch
AllowOverride all
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /usr/local/etc/dehydrated/certs/XXX/cert.pem
SSLCertificateKeyFile /usr/local/etc/dehydrated/certs/XXX/privkey.pem
SSLCertificateChainFile /usr/local/etc/dehydrated/certs/XXX/chain.pem
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
# 15638400 seconds is 181 dayds
# 63072000 seconds is 730 days
Header always set Strict-Transport-Security "max-age=15638400; includeSubdomains;"
Header always set X-Frame-Options DENY
ErrorLog /home/user1/logs/XXX.error_log
CustomLog /home/user1/logs/XXX.access_log combined
</VirtualHost>
> The important part is: Having a zeroed robots.txt doesn't break httpd.
Yeah, it didn’t seem likely, but then again it seemed to work for q bit…
And, just for kicks:
# apachectl -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
authn_file_module (shared)
mpm_prefork_module (shared)
authn_dbm_module (shared)
authn_core_module (shared)
authz_host_module (shared)
authz_groupfile_module (shared)
authz_user_module (shared)
authz_dbm_module (shared)
authz_core_module (shared)
access_compat_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
socache_shmcb_module (shared)
socache_dbm_module (shared)
reqtimeout_module (shared)
include_module (shared)
filter_module (shared)
mime_module (shared)
log_config_module (shared)
env_module (shared)
headers_module (shared)
setenvif_module (shared)
version_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)
ssl_module (shared)
unixd_module (shared)
dav_module (shared)
status_module (shared)
autoindex_module (shared)
cgi_module (shared)
dav_fs_module (shared)
vhost_alias_module (shared)
dir_module (shared)
userdir_module (shared)
alias_module (shared)
rewrite_module (shared)
# cat /www/XXX/.htaccess
Options +Includes +FollowSymLinks +MultiViews
--
One tequila, two tequila, three tequila, floor.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|