Hi everyone,
I'm running :
Server version: Apache/2.4.57 (Debian)
Server built: 2023-04-13T03:26:51
Server's Module Magic Number: 20120211:127
Server loaded: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.42 2022-12-11
Compiled using: APR 1.7.2, APR-UTIL 1.6.3, PCRE 10.42 2022-12-11
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
I've been struggling for almost 2 weeks on this weird issue.
I have multiple vhosts working perfectly either in http and httpS with let's encrypt.
Yet for one vhost we need to set limitrequestline to a higher value. I'm familiar with the procedure and I changed the value in the vhost. Sadly it didn't worked as expected.
After searching in any place, enabling/disabling securities, modules etc... I found another conf conflicting with mine.
The ssl.conf vhost placed in conf-enabled is causing troubles. However its content is not really complicated :
LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
Listen 443
<VirtualHost *:443>
ServerName publicdomainname.tld
SSLEngine on
SSLCertificateFile "/etc/ssl/certs/apache-httpd.crt"
SSLCertificateKeyFile "/etc/ssl/private/apache-httpd.key"
</VirtualHost>
My other vhost is as follows :
<VirtualHost *:443>
ServerName otherdomain.tld
.../...
<IfModule mod_ssl.c>
RequestHeader set X-Forwarded-Proto "https"
</IfModule>
.../....
LimitRequestLine 10240
.../...
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
When both are enabled, the LimitRequestLine is not considered when reaching htps://otherdomain.tld . When I comment the Vhost in ssl.conf everything works fine.
Is there any "permeability" between vhosts ? is there any precedence that could cause this vhost to be considered as the "master" of some options? Could anyone lead me to wha I am doing wrong?
Sorry if I'm not clear, any question and/or feedback would be appreciated.
Regards,
Florent THOMAS