LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 02-10-2014, 03:20 AM   #1
pedenski
Member
 
Registered: Feb 2012
Posts: 33

Rep: Reputation: Disabled
understading mod_rewrite for apache


hello. after reading several articles about mod_rewrite or reverse proxying im still really confused about it. given the fact im still learning about server administration.

to simply explain my situation, i have this webserver, and this server contains 1 website only which can be accessed by
http://<some ip>/website

i gave this website to some security dept. for vulnerability scanning and was told that i need to configure my mod_rewrite rules. my question is how?

he gave me a document exactly similar to this http://seclists.org/fulldisclosure/2011/Oct/232

the document suggests to apply a patch http://www.apache.org/dist/httpd/pat...ply_to_2.2.21/

currently my apache version is :
Code:
Server version: Apache/2.2.22 (Ubuntu)
Server built:   Mar  8 2013 15:53:09
or update configuration to something like

Code:
RewriteRule /(.*)\.(jpg|gif|png)    http://images.example.com/$1.$2 [P]
im assuming, since im using the 2.2.22, patch seems to be unnecessary anymore which leaves me to the configuration.

where and how do i change my RewriteRules

Last edited by pedenski; 02-11-2014 at 12:43 AM. Reason: clarity
 
Old 02-11-2014, 09:27 AM   #2
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 2,725
Blog Entries: 3

Rep: Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627
Can we have a look at the conf file for this site? (Sanitize if necessary)

It could be as simple as
Code:
<Directory "/var/www/html">
...
RewriteEngine on
RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P]
...
</directory>
in site.conf which would require a service restart after editing.

Please let us know...
 
Old 02-12-2014, 12:08 AM   #3
pedenski
Member
 
Registered: Feb 2012
Posts: 33

Original Poster
Rep: Reputation: Disabled
Hi Habitual, thanks for looking over this topic.

apology for this, but when you said look over the conf file. are you referring to /etc/apache2/sites-available and /etc/apache2/sites-enabled?


Code:
<VirtualHost *:80>
   ...
        DocumentRoot /var/www/webiste
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
   ...
</VirtualHost>
or do i have to create an .htaccess and place the rewrite rules there?

Last edited by pedenski; 02-12-2014 at 12:56 AM.
 
Old 02-12-2014, 07:37 AM   #4
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 2,725
Blog Entries: 3

Rep: Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627
Quote:
Originally Posted by pedenski View Post
Hi Habitual, thanks for looking over this topic.

apology for this, but when you said look over the conf file. are you referring to /etc/apache2/sites-available and /etc/apache2/sites-enabled?


Code:
<VirtualHost *:80>
   ...
        DocumentRoot /var/www/webiste
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>
   ...
</VirtualHost>
or do i have to create an .htaccess and place the rewrite rules there?
No, you don't and for performance reasons, shouldn't.
Sites-enabled should just show symlinks to sites-available, but YMMV.
Code:
ls -al /etc/apache2/sites-enabled/
should show them.
So
Code:
ls al /etc/apache2/sites-available/
shows what?

Thank you.

Subscribed with interest...
 
Old 02-13-2014, 12:35 AM   #5
pedenski
Member
 
Registered: Feb 2012
Posts: 33

Original Poster
Rep: Reputation: Disabled
really appreciate for taking the time to look into this..


this shows when i enter the command

Code:
lroot@webserver:~# ls -al /etc/apache2/sites-available/
total 36
drwxr-xr-x 2 root root 4096 Dec 27 13:38 .
drwxr-xr-x 7 root root 4096 Dec 27 13:38 ..
-rw-r--r-- 1 root root  950 Feb  7  2012 default
-rw-r--r-- 1 root root 7469 Feb  7  2012 default-ssl
-rw-r--r-- 1 root root 1030 Dec 26 13:10 website
-rw-r--r-- 1 root root 1028 Dec  9 12:20 website.backup2
-rw-r--r-- 1 root root 1043 Nov 25 11:01 website-nfc
-rw-r--r-- 1 root root 1042 Nov 28 14:21 website.backup
 
Old 02-13-2014, 08:21 AM   #6
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 2,725
Blog Entries: 3

Rep: Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627Reputation: 627
Quote:
Originally Posted by pedenski View Post
really appreciate for taking the time to look into this..
Not a problem. Thank me if|when it works.

I believe your modification needs to be here:
Code:
<VirtualHost *:80>
   	...
        DocumentRoot /var/www/website
        <Directory />
                Options FollowSymLinks
                AllowOverride None
                RewriteEngine on
		RewriteRule (.*)\.(jpg|gif|png) http://images.example.com$1.$2 [P]
	...				
        </Directory>
2 things, one of which I see you are doing. make backups before edits, AND
restart the service daemon after editing .conf files.

You realize that "images.example.com" needs to be altered, yes?

If you wish to log rewrites, you can add these 2 lines anywhere in the <Directory /> stanza and restart the service
Code:
    RewriteLogLevel 9
    RewriteLog logs/rewrite_log
Have a Great Day!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
apache 2.2.3 tomcat 7 proxying pudhiyavan Linux - Server 5 03-26-2011 03:59 AM
Correct Apache RewriteCond to stop proxying ... curtisa Linux - Security 1 07-21-2009 10:38 AM
apache httpd config:how can i rewrite urls in javascript while reverse proxying amolgupta Linux - Software 0 07-20-2009 01:43 AM
A more secure alternative to http reverse, matahari frenchn00b Debian 5 02-06-2008 03:55 PM
Secure Reverse Proxy Question adutton Linux - Software 4 11-13-2007 01:00 PM


All times are GMT -5. The time now is 10:15 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration