LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-14-2006, 12:09 AM   #1
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Rep: Reputation: 15
Question error on my webserver


Greetings:

This is a fresh installation of my SLES9. I install the bundle openssl and mod_ssl, also port 443 is open.

When i browse https://domain.com is says: Error Code: -12263 What is the possible cause of this.. BUT http://domain.com is working properly.
 
Old 11-14-2006, 03:26 AM   #2
asquante
Member
 
Registered: Nov 2006
Location: horten, norway
Distribution: gentoo / slackware / suse / red hat
Posts: 30

Rep: Reputation: 15
Did you set up apache so it uses ssl for your website?
And did you create the ssl certificate?
http://www.debian-administration.org/articles/349 - here's a howto. It's actually for Debian, but it has the instructions that are applicable to any distro.

mARGO
 
Old 11-14-2006, 04:06 AM   #3
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on apache2

Quote:
Originally Posted by asquante
Did you set up apache so it uses ssl for your website?
And did you create the ssl certificate?
http://www.debian-administration.org/articles/349 - here's a howto. It's actually for Debian, but it has the instructions that are applicable to any distro.

mARGO
I configured my webserver(SLES9) but something wrong....im new to this. I downloaded a free trial cert on thawte
This is the error on tail -F /var/log/apache2/*_log &

==> /var/log/apache2/access_log <==
124.6.156.131 - - [14/Nov/2006:04:53:57 +0800] "\x16\x03\x01" 501 990 "-" "-"

==> /var/log/apache2/error_log <==
[Tue Nov 14 04:53:57 2006] [error] [client 124.6.156.131] Invalid method in request \x16\x03\x01

NEED HELP.....

Last edited by micro_xii; 11-14-2006 at 04:09 AM.
 
Old 11-14-2006, 04:21 AM   #4
asquante
Member
 
Registered: Nov 2006
Location: horten, norway
Distribution: gentoo / slackware / suse / red hat
Posts: 30

Rep: Reputation: 15
OK, check your httpd.conf for apache.
Are there lines like
Code:
<VirtualHost *:443>
        ServerName your.server.name

        DocumentRoot /var/www/
        ErrorLog /var/log/apache2/error.log
        CustomLog /var/log/apache2/access.log combined

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
Check also that mod_ssl line is not commented out.

mARGO
 
Old 11-14-2006, 05:07 AM   #5
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
error on apache2

Quote:
Originally Posted by asquante
OK, check your httpd.conf for apache.
Are there lines like
Code:
<VirtualHost *:443>
        ServerName your.server.name

        DocumentRoot /var/www/
        ErrorLog /var/log/apache2/error.log
        CustomLog /var/log/apache2/access.log combined

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
Check also that mod_ssl line is not commented out.

mARGO
Yes there is ...heres my httpd.conf on SLES9

ServerType standalone
ServerRoot "/srv/www"
LockFile /var/lock/subsys/httpd/httpd.accept.lock
PidFile /var/run/httpd.pid
ScoreBoardFile /var/run/httpd.scoreboard
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
DocumentRoot "/srv/www/htdocs"
<Directory "/srv/www/htdocs">

<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>

<VirtualHost _default_:443>

# General setup for the virtual host
DocumentRoot "/srv/www/htdocs"
ServerName www.domain.com
ServerAdmin you@your.address
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e
SSLCertificateFile /srv/www/newcert/public.crt
SSLCertificateKeyFile /srv/www/newcert/www.domain.com.key
</VirtualHost>
 
Old 11-14-2006, 10:59 AM   #6
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Are you starting apache with the ssl option? Can't check now as I don't have a webserver with SSL here.

Ah, here for example

Last edited by Wim Sturkenboom; 11-14-2006 at 11:02 AM. Reason: added url
 
Old 11-14-2006, 07:24 PM   #7
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on webserver

Quote:
Originally Posted by Wim Sturkenboom
Are you starting apache with the ssl option? Can't check now as I don't have a webserver with SSL here.

Ah, here for example
I follow the link you gave to me:

dmx:/usr/sbin # apachectl start
/usr/sbin/apachectl start: httpd started

dmx:/usr/sbin # apachectl -k start

usage: /usr/sbin/apachectl (start|stop|restart|fullstatus|status|graceful|configtest|help)

start - start httpd
startssl - start httpd with SSL enabled
stop - stop httpd
restart - restart httpd if running by sending a SIGHUP or start if
not running
fullstatus - dump a full status screen; requires lynx and mod_status enabled
status - dump a short status screen; requires lynx and mod_status enabled
graceful - do a graceful restart by sending a SIGUSR1 or start if not running
configtest - do a configuration syntax test
help - this screen

/usr/sbin/apachectl start: httpd started

dmx:/usr/sbin # apachectl -D SSL -k start
usage: /usr/sbin/apachectl (start|stop|restart|fullstatus|status|graceful|configtest|help)

start - start httpd
startssl - start httpd with SSL enabled
stop - stop httpd
restart - restart httpd if running by sending a SIGHUP or start if
not running
fullstatus - dump a full status screen; requires lynx and mod_status enabled
status - dump a short status screen; requires lynx and mod_status enabled
graceful - do a graceful restart by sending a SIGUSR1 or start if not running
configtest - do a configuration syntax test
help - this screen

usage: /usr/sbin/apachectl (start|stop|restart|fullstatus|status|graceful|configtest|help)

start - start httpd
startssl - start httpd with SSL enabled
stop - stop httpd
restart - restart httpd if running by sending a SIGHUP or start if
not running
fullstatus - dump a full status screen; requires lynx and mod_status enabled
status - dump a short status screen; requires lynx and mod_status enabled
graceful - do a graceful restart by sending a SIGUSR1 or start if not running
configtest - do a configuration syntax test
help - this screen

usage: /usr/sbin/apachectl (start|stop|restart|fullstatus|status|graceful|configtest|help)

start - start httpd
startssl - start httpd with SSL enabled
stop - stop httpd
restart - restart httpd if running by sending a SIGHUP or start if
not running
fullstatus - dump a full status screen; requires lynx and mod_status enabled
status - dump a short status screen; requires lynx and mod_status enabled
graceful - do a graceful restart by sending a SIGUSR1 or start if not running
configtest - do a configuration syntax test
help - this screen

/usr/sbin/apachectl start: httpd started


dmx:/usr/sbin # apachectl startssl
Syntax error on line 1383 of /etc/httpd/httpd.conf:
Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module not included in the server configuration
/usr/sbin/apachectl startssl: httpd could not be started
 
Old 11-14-2006, 10:15 PM   #8
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Quote:
Originally Posted by micro_xii
dmx:/usr/sbin # apachectl startssl
Syntax error on line 1383 of /etc/httpd/httpd.conf:
Invalid command 'SSLEngine', perhaps mis-spelled or defined by a module not included in the server configuration
/usr/sbin/apachectl startssl: httpd could not be started
Says it all.
 
Old 11-14-2006, 10:38 PM   #9
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on webserver

Quote:
Originally Posted by Wim Sturkenboom
Says it all.
Im using SLES9,apache2 ,mod_ssl

PLS...say it clearly and expand your explanations pls...NewB....heres my httpd.conf...What wrong to my webserver


<IfDefine SSL>

##
## SSL Virtual Host Context
##

<VirtualHost _default_:443>

# General setup for the virtual host
DocumentRoot "/srv/www/htdocs"
ServerName www.domain.com
ServerAdmin you@your.address
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.

SSLEngine on

# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A test
# certificate can be generated with `make certificate' under
# built time. Keep in mind that if you've both a RSA and a DSA
# certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
#SSLCertificateFile /etc/httpd/ssl.crt/server.crt
#SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt

SSLCertificateFile /srv/www/newcert/public.crt

# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
#SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
#SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key

SSLCertificateKeyFile /srv/www/newcert/www.domain.com.key

# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt

# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCACertificatePath /etc/httpd/ssl.crt
#SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt
#SSLCACertificateFile /srv/www/newcert/intermediate.crt

# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/httpd/ssl.crl
#SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl

# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10

# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>

# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o CompatEnvVars:
# This exports obsolete environment variables for backward compatibility
# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
# to provide compatibility to existing CGI scripts.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>

Last edited by micro_xii; 11-15-2006 at 12:13 AM.
 
Old 11-15-2006, 02:34 AM   #10
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Which one is line 1383? Please highlight it in your previous post, i.e. by making it bold.
 
Old 11-15-2006, 02:47 AM   #11
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on webserver

Quote:
Originally Posted by Wim Sturkenboom
Which one is line 1383? Please highlight it in your previous post, i.e. by making it bold.

How would I know if its line 1383. What is the command to locate the line 1383 easily....or do I need to count it manually guide me pls
 
Old 11-15-2006, 05:22 AM   #12
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
How do you expect me to find it if you only past part of your conf

You can use vi to open the file and type 1383G; this will take you straight to the line. To quit vi, press colon, press 'q' and hit <enter>.
 
Old 11-15-2006, 07:47 PM   #13
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on webserver

Quote:
Originally Posted by Wim Sturkenboom
How do you expect me to find it if you only past part of your conf

You can use vi to open the file and type 1383G; this will take you straight to the line. To quit vi, press colon, press 'q' and hit <enter>.
Yes, line 1383 in on SSLEngine. Sir, I want to send my whole httpd.conf to you but when I try post here, it gets error coz I exceed 25000 characters.Can I ask favor if its ok to you I will send my httpd.conf in your email. What is your email ad? Thanks. Mine is micro.genx@gmail.com
 
Old 11-15-2006, 11:12 PM   #14
Wim Sturkenboom
Senior Member
 
Registered: Jan 2005
Location: Roodepoort, South Africa
Distribution: Slackware 10.1/10.2/12, Ubuntu 12.04, Crunchbang Statler
Posts: 3,786

Rep: Reputation: 282Reputation: 282Reputation: 282
Just post it in two or three posts. And clearly mark the faulty line please.
 
Old 11-15-2006, 11:49 PM   #15
micro_xii
Member
 
Registered: Sep 2006
Posts: 140

Original Poster
Rep: Reputation: 15
Question error on my webserver

Quote:
Originally Posted by Wim Sturkenboom
Just post it in two or three posts. And clearly mark the faulty line please.
Ok this is my httpd.conf...and thnx for the time

##
## httpd.conf -- Apache HTTP server configuration file
##

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://www.apache.org/docs/> for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# After this file is processed, the server will look for and process
# /etc/httpd/srm.conf and then /etc/httpd/access.conf
# unless you have overridden these with ResourceConfig and/or
# -----------AccessConfig directives here.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "/usr/local/apache" will be interpreted by the
# server as "/usr/local/apache/logs/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerType is either inetd, or standalone. Inetd mode is only supported on
# Unix platforms.
#
ServerType standalone

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation
# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
# you will save yourself a lot of trouble.
#
ServerRoot "/srv/www"

#
# The LockFile directive sets the path to the lockfile used when Apache
# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
# its default value. The main reason for changing it is if the logs
# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
# DISK. The PID of the main server process is automatically appended to
# the filename.
#
LockFile /var/lock/subsys/httpd/httpd.accept.lock

#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
PidFile /var/run/httpd.pid

#
# ScoreBoardFile: File used to store internal server process information.
# Not all architectures require this. But if yours does (you'll know because
# this file will be created when you run Apache) then you *must* ensure that
# no two invocations of Apache share the same scoreboard file.
#
ScoreBoardFile /var/run/httpd.scoreboard

#
# In the standard configuration, the server will process httpd.conf (this
# file, specified by the -f command line option), srm.conf, and access.conf
# in that order. The latter two files are now distributed empty, as it is
# recommended that all directives be kept in a single file for simplicity.
# The commented-out values below are the built-in defaults. You can have the
# server ignore these files altogether by using "/dev/null" (for Unix) or
# "nul" (for Win32) for the arguments to the directives.
#
#ResourceConfig /etc/httpd/srm.conf
#AccessConfig /etc/httpd/access.conf

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15

#
# Server-pool size regulation. Rather than making you guess how many
# server processes you need, Apache dynamically adapts to the load it
# sees --- that is, it tries to maintain enough server processes to
# handle the current load, plus a few spare servers to handle transient
# load spikes (e.g., multiple simultaneous requests from a single
# Netscape browser).
#
# It does this by periodically checking how many servers are waiting
# for a request. If there are fewer than MinSpareServers, it creates
# a new spare. If there are more than MaxSpareServers, some of the
# spares die off. The default values are probably OK for most sites.
#

# Note: these two values are set by SuSEconfig according to the setting of the
# HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
MinSpareServers 1
MaxSpareServers 1

#
# Number of servers to start initially --- should be a reasonable ballpark
# figure.
#

# Note: this value is set by SuSEconfig according to the setting of the
# HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
StartServers 1

#
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# the system with it as it spirals down...
#

# Note: this value is set by SuSEconfig according to the setting of the
# HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
MaxClients 150

#
# MaxRequestsPerChild: the number of requests each child process is
# allowed to process before the child dies. The child will exit so
# as to avoid problems after prolonged use when Apache (and maybe the
# libraries it uses) leak memory or other resources. On most systems, this
# isn't really needed, but a few (such as Solaris) do have notable leaks
# in the libraries. For these platforms, set to something like 10000
# or so; a setting of 0 means unlimited.
#
# NOTE: This value does not include keepalive requests after the initial
# request per connection. For example, if a child process handles
# an initial request and 10 subsequent "keptalive" requests, it
# would only count as 1 request towards this limit.
#
MaxRequestsPerChild 0

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
#Listen 3000
#Listen 12.34.56.78:80

#
# BindAddress: You can support virtual hosts with this option. This directive
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
# See also the <VirtualHost> and Listen directives.
#
#BindAddress *

#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Please read the file http://httpd.apache.org/docs/dso.html for more
# details about the DSO mechanism and run `httpd -l' for the list of already
# built-in (statically linked and thus always available) modules in your httpd
# binary.
#
# Note: The order in which modules are loaded is important. Don't change
# the order below without expert advice.

# Note:
#
# The file that is included after the LoadModule statements is generated
# by SuSEconfig according to
#
# 1) which modules (ones not included with apache) are installed
# 2) the settings in /etc/sysconfig/apache
# APACHE_SERVER_FLAGS
# SuSEconfig uses the /etc/httpd/modules/* files that come with each module
# to determine the necessary directives.
#
# Apache no longer needs to be started with '-D <modules>' switches (with
# the exception of mod_ssl, which has a lot of conditional statements).

# Example:
# LoadModule foo_module libexec/mod_foo.so

LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so
LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
LoadModule env_module /usr/lib/apache/mod_env.so
LoadModule define_module /usr/lib/apache/mod_define.so
LoadModule config_log_module /usr/lib/apache/mod_log_config.so
LoadModule agent_log_module /usr/lib/apache/mod_log_agent.so
LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so
LoadModule mime_magic_module /usr/lib/apache/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/mod_mime.so
LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
LoadModule status_module /usr/lib/apache/mod_status.so
LoadModule info_module /usr/lib/apache/mod_info.so
LoadModule includes_module /usr/lib/apache/mod_include.so
LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/mod_dir.so
LoadModule cgi_module /usr/lib/apache/mod_cgi.so
LoadModule asis_module /usr/lib/apache/mod_asis.so
LoadModule imap_module /usr/lib/apache/mod_imap.so
LoadModule action_module /usr/lib/apache/mod_actions.so
LoadModule speling_module /usr/lib/apache/mod_speling.so
# mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes
LoadModule alias_module /usr/lib/apache/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
LoadModule access_module /usr/lib/apache/mod_access.so
LoadModule auth_module /usr/lib/apache/mod_auth.so
LoadModule anon_auth_module /usr/lib/apache/mod_auth_anon.so
LoadModule dbm_auth_module /usr/lib/apache/mod_auth_dbm.so
LoadModule db_auth_module /usr/lib/apache/mod_auth_db.so
LoadModule digest_module /usr/lib/apache/mod_digest.so
LoadModule proxy_module /usr/lib/apache/libproxy.so
LoadModule cern_meta_module /usr/lib/apache/mod_cern_meta.so
LoadModule expires_module /usr/lib/apache/mod_expires.so
LoadModule headers_module /usr/lib/apache/mod_headers.so
LoadModule usertrack_module /usr/lib/apache/mod_usertrack.so
# LoadModule unique_id_module /usr/lib/apache/mod_unique_id.so
LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so
<IfDefine DUMMYSSL>
LoadModule ssl_module /usr/lib/apache/libssl.so
</IfDefine>

Include /etc/httpd/suse_loadmodule.conf


# Reconstruction of the complete module list from all available modules
# (static and shared ones) to achieve correct module execution order.
# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
ClearModuleList
AddModule mod_mmap_static.c
AddModule mod_vhost_alias.c
AddModule mod_env.c
AddModule mod_define.c
AddModule mod_log_config.c
AddModule mod_log_agent.c
AddModule mod_log_referer.c
AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
AddModule mod_speling.c
# mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_auth_anon.c
AddModule mod_auth_dbm.c
AddModule mod_auth_db.c
AddModule mod_digest.c
AddModule mod_proxy.c
AddModule mod_cern_meta.c
AddModule mod_expires.c
AddModule mod_headers.c
AddModule mod_usertrack.c
# AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
<IfDefine DUMMYSSL>
AddModule mod_ssl.c
</IfDefine>



# Again, the following file is generated by SuSEconfig for modules that actually
# have been installed

Include /etc/httpd/suse_addmodule.conf


#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
ExtendedStatus On


#
# To enable mod_dav, add the following directive to the appropriate
# container(s) in the httpd.conf file:
#
<IfModule mod_dav.c>
DavLockDB /var/lib/httpd/DAVLock
</IfModule>



### Section 2: 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#

#
# If your ServerType directive (set earlier in the 'Global Environment'
# section) is set to "inetd", the next few directives don't have any
# effect since their settings are defined by the inetd configuration.
# Skip ahead to the ServerAdmin directive.
#

#
# Port: The port to which the standalone server listens. For
# ports < 1023, you will need httpd to be run as root initially.
#
Port 80

##
## SSL Support
##
## When we also provide SSL we have to listen to the
## standard HTTP port (see above) and to the HTTPS port
##
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>

#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group "#-1" on these systems!
#
User wwwrun
Group www

#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents.
#

# Note: this email address is set by SuSEconfig according to the setting of the
# HTTPD_SEC_SERVERADMIN variable in /etc/sysconfig/apache!
ServerAdmin webmaster@dmx.digoswifi.com

#
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e., use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address (e.g., http://123.45.67.89/)
# anyway, and this will make redirections work in a sensible way.
#
# 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
# machine always knows itself by this address. If you use Apache strictly for
# local testing and development, you may use 127.0.0.1 as the server name.
#
# Note: the host name is set by SuSEconfig according to the setting of the
# /etc/HOSTNAME.
#ServerName www.example.com

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/srv/www/htdocs"

#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
AuthUserFile /etc/httpd/passwd
AuthGroupFile /etc/httpd/group

Options -FollowSymLinks +Multiviews
AllowOverride None

</Directory>


#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/srv/www/htdocs">

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes -FollowSymLinks +Includes MultiViews

#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all


#
# disable WebDAV by default for security reasons.
#
<IfModule mod_dav.c>
DAV Off
</IfModule>

#
# Protect the php3 test page, so it cannot be viewed from an outside system.
#
<Files test.php3>
Order deny,allow
deny from all
allow from localhost
</Files>

</Directory>

#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.

# Note:
# The next three lines are commented out here. These directives and the access
# control section have been put into /etc/httpd/suse_public_html.conf.
# If the variable HTTPD_SEC_PUBLIC_HTML in /etc/sysconfig/apache
# is set to "yes" (default), SuSEconfig will include that file via
# /etc/httpd/suse_include.conf.
# Also note that for the /home/*/public_html directories to be browsable the
# executable flag must be set on the /home/* directories.

#
# <IfModule mod_userdir.c>
# UserDir public_html
# </IfModule>

#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>

#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
#
<IfModule mod_dir.c>
DirectoryIndex index.html
</IfModule>

#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess

#
# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>

#
# CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.
#
#CacheNegotiatedDocs

#
# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a URL that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostnameort that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
#
UseCanonicalName On

#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
TypesConfig /etc/httpd/mime.types
</IfModule>
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Timeout Error When accessing WebServer LinuxStart Linux - Networking 2 07-09-2005 06:18 PM
Apache webserver error message dienerk Mandriva 1 02-24-2004 02:15 PM
Can't see WebServer from outside... Can see WebServer locally as http://localhost friddick Linux - Networking 13 08-19-2003 07:27 PM
::Apache Webserver error:: XxAndyxX Linux - Software 2 03-31-2003 07:21 PM
webserver tarak4u Linux - Networking 3 09-27-2002 05:13 PM


All times are GMT -5. The time now is 03:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration