Re: Help check my config for server section

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I finally use this config:

<IfModule mod_ssl.c>
<VirtualHost *:443>

	ServerAdmin webmaster@localhost
	ServerName mail.openmbox.net
	DocumentRoot /var/www/snappy

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

  <Directory />
    Options None
    AllowOverride None
    Require all denied
  </Directory>

  <Directory /var/www/snappy>
    Options +Indexes
    Require all granted
  </Directory>

  <Directory /var/www/snappy/data>
     Require all denied
  </Directory>

SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>


And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it.

Thank you for your kind helps.
Henry




November 12, 2022 at 12:37 AM, "Frank Gingras" <thumbs@xxxxxxxxxx> wrote:


> 
> That config snippet has no effect on php; that being said, you many two issues so far:
> 
> 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices
> 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module
> 
> On Fri, 11 Nov 2022 at 08:32, <support@xxxxxxxxxxxx> wrote:
> 
> > 
> > I think I need to read httpd's doc carefully.
> > Before doing that can you help check my this config (for php primarily) are going without issue?
> > Thanks in advance.
> > 
> > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> > <VirtualHost *:80>
> > 
> >         ServerAdmin webmaster@localhost
> >         ServerName mail.openmbox.net http://mail.openmbox.net/ 
> > 
> >         ErrorLog ${APACHE_LOG_DIR}/error.log
> >         CustomLog ${APACHE_LOG_DIR}/access.log combined
> > 
> > RewriteEngine on
> > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/ 
> > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> > </VirtualHost>
> > 
> > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> > <IfModule mod_ssl.c>
> > <VirtualHost *:443>
> > 
> >         ServerAdmin webmaster@localhost
> >         ServerName mail.openmbox.net http://mail.openmbox.net/ 
> >         DocumentRoot /var/www/snappy
> > 
> >         ErrorLog ${APACHE_LOG_DIR}/error.log
> >         CustomLog ${APACHE_LOG_DIR}/access.log combined
> > 
> >   <Directory />
> >     Options None
> >     AllowOverride None
> >     Require all denied
> >   </Directory>
> > 
> >   <Directory /var/www/snappy>
> >     Options +Indexes
> >     Order deny,allow
> >     Allow from all
> >     Require all granted
> >   </Directory>
> > 
> >   <Directory /var/www/snappy/data>
> >      Require all denied
> >   </Directory>
> > 
> > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem http://mail.openmbox.net/fullchain.pem 
> > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem http://mail.openmbox.net/privkey.pem 
> > Include /etc/letsencrypt/options-ssl-apache.conf
> > </VirtualHost>
> > </IfModule>
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> >
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux