Apache2 NameVirtualHost not working

intramaweb · 12-11-2007, 08:04 AM

I'm trying to set up a virtual host on Apache2 (CentOS 5) but instead of the default site or the virtual site, all I am getting is the Apache test page.

/etc/sysconfig/network:

Code:

HOSTNAME=webserver

DNS entries on the local DNS server:

Code:

webserver    Host(A)    19.168.0.250
intranet    Host(A)    19.168.0.250

Relevant excerpts (hopefully) from httpd.conf:

Code:

Listen 192.168.0.250:80
ServerName webserver:80
UseCanonicalName Off
DocumentRoot "/var/www/html"

<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    Allow Override None
    Order allow,deny
    Allow from all
</Directory>

<FilesMatch "^\.">
    Order allow,deny
    Deny from all
</FilesMatch>
<FilesMatch "~$">
    Order allow,deny
    Deny from all
</FilesMatch>

HostnameLookups Off

NameVirtualHost 192.168.0.250:80

<VirtualHost 192.168.0.250:80>
    DocumentRoot /var/www/vhost/intranet
    ServerName intranet
    ServerAlias intranet.domain.local
    AddType application/x-httpd-php .php
</VirtualHost>
<Directory /var/www/vhosts/intranet>
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
</Directory>

Permissions for the folders:

Code:

drwxr-xr-x 2 apache apache 4096 Dec  10 14:13 /var/www/html
drwxr-xr-x 11 apache apache 4096 Dec  7 14:41 /var/www/vhosts/intranet

Any ideas what I'm doing wrong? Cheers.

trickykid · 12-11-2007, 10:12 AM

Change this:

Code:

NameVirtualHost 192.168.0.250:80

<VirtualHost 192.168.0.250:80>
    DocumentRoot /var/www/vhost/intranet
    ServerName intranet
    ServerAlias intranet.domain.local
    AddType application/x-httpd-php .php
</VirtualHost>
<Directory /var/www/vhosts/intranet>
    AllowOverride AuthConfig
    Order allow,deny
    Allow from all
</Directory>

To:

Code:

NameVirtualHost *:80

<VirtualHost *:80>
    DocumentRoot /var/www/vhost/intranet
    ServerName intranet
    ServerAlias intranet.domain.local
    ServerPath /intranet
    AddType application/x-httpd-php .php
        <Directory /var/www/vhosts/intranet>
           AllowOverride AuthConfig
           Order allow,deny
           Allow from all
        </Directory>
</VirtualHost>

Basically for vhosts, always put any <Directory> tags within the VirtualHost it's intended for, just makes things easier to understand and read.
Secondly, if you only have one IP address, no reason to put it in the NameVirtualHost and VirtualHost, a simple *:80 will do just fine.
And In Apache2, I found with virtual hosts, it's best to use the ServerPath so it knows where to find the directory cause for some odd reason it reverts back to the main configurations document root.

ServerPath = Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser

intramaweb · 12-11-2007, 10:35 AM

Thanks for the tips. I've made all these changes but unfortunately, I still have the same problem.

I'm thinking that the problem must not be with the vhosts, as browsing to http://webserver/ aught to show me what's in the DocumentRoot but this is also just showing me the test page.

My understanding of the test page is that it redirects a 403 error to the the test page location so I thought there might be a permissions problem but I've tried both the commands below on the DocumentRoot path and on the vhost path to no avail

Code:

chown apache:apache -R
chmod 777 -R

trickykid · 12-11-2007, 10:40 AM

Whenever I have virtual hosts, I always make a virtual host for the main configuration as well. Try that. If you don't need the test page though, just make your main configuration and document root the one you intend to use as well.

complich8 · 12-11-2007, 11:46 AM

that's just typo-tastic...

local dns: 19.168 -> 192.168

apache config DocumentRoot: /var/www/vhost/intranet -> /var/www/vhosts/intranet
or, if that's right,
apache config Directory: /var/www/vhosts/intranet -> /var/www/vhost/internet
(take your pick)

Don't 777 your stuff unless you know what you're doing. 755 is absolutely sufficient. Also, documentroot doesn't need to be owned by apache.

If all else fails, you should check your apache error_log, which is usually pretty enlightening.

Also, do you know if you're running an SELinux config?

intramaweb · 12-12-2007, 04:05 AM

Sorry - the typos were just in my hurriedly typed post. The actual settings are OK.

Yes - SELinux config. Here's the tail end of the error log:

Code:

[Wed Dec 12 09:09:30 2007] [notice] SELinux policy enabled; httpd running as context system_u:system_r:httpd_t:s0
[Wed Dec 12 09:09:30 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Dec 12 09:09:30 2007] [notice] Digest: generating secret for digest authentication ...
[Wed Dec 12 09:09:30 2007] [notice] Digest: done
[Wed Dec 12 09:09:32 2007] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Wed Dec 12 09:09:33 2007] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Wed Dec 12 09:51:20 2007] [error] [client 192.168.0.251] (13)Permission denied: access to /index.php denied
[Wed Dec 12 09:51:23 2007] [error] [client 192.168.0.251] (13)Permission denied: access to /index.php denied

It's saying permission denied, but I don't know what the cause is in this instance. Is it something obvious? Thanks.

Flyte · 12-12-2007, 05:54 AM

Try typing 'setenforce 0' at the command prompt as root on the webserver.

This will temporarily turn off SELinux's enforcing. If it works after doing this, then you need to look at your SELinux policies on the files you're trying to serve.

Unfortunately I can't help you any further with that!

PS. to turn enforcing back on, type 'setenforce 1'.

intramaweb · 12-12-2007, 07:59 AM

Fantastic! Turning off SELinux sorted the problem... Another thing to add to me list of things I need to read up on...

Cheers!