Forum

graveyardboogie · 05-04-2018, 11:50 AM

I am not sure what happened - but just recently all traffic from port 80 is served the default "Apache2 Ubuntu Default Page"

All direct 443 traffic flows properly.

What I want to happen is any traffic that goes to http://example.com be redirected to https://example.com

I feel like I might be missing something tiny, but I just need another set of eyes on it.

Here are the contents of my vhost entry:

Code:
SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

#

SetOutputFilter INFLATE;proxy-html;DEFLATE;

ProxyHTMLInterp On

ProxyHTMLExtended On

ProxyHTMLURLMap (.*)0.0.0.0:3000(.*) https://www.example.com$2 [Rin]

ProxyPass / http://0.0.0.0:3000/

ProxyPassReverse / http://0.0.0.0:3000/

Any help would be greatly appreciated.

TGates · 05-05-2018, 04:06 AM

It's something more than just your vhost which doesn't make much sense to me since you are using IP with proxy attributes and also using port 3000?? You should never see the "Apache2 Ubuntu Default Page" since Sentora uses custom folder paths that do not include that page/location.

Also, Sentora has a build in port forward setup in Module Admin > Apache Config > Override a Virtual Host.

Example of what Sentora creates to port forward:

Code:
# DOMAIN: domain.com

# PORT FORWARD FROM 80 TO: 443

<virtualhost *:80>

ServerName domain.com

ServerAlias www.domain.com

ServerAdmin webmaster@domain.com

RewriteEngine on

ReWriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] 

</virtualhost>

# END DOMAIN: domain.com

graveyardboogie · 05-05-2018, 04:21 AM

The reason I have port 3000 is because I am running a react project which does some server side rendering which helps with my SEO.

Also, I feel like it worked like that at one point, but for some reason mine looks like this...

Code:
# DOMAIN: example.com

# PORT FORWARD FROM 80 TO: 443

<virtualhost *:443>

ServerName example.com

ServerAlias www.example.com

ServerAdmin zadmin@localhost

RewriteEngine on

ReWriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

</virtualhost>

# END DOMAIN: example.com

My override looks like this...

[Image: 2ylFBof.png]

TGates · 05-05-2018, 05:05 AM

Yes, that's the correct port forwarding attributes. Have you tried bypassing the react project just to see if the forwarding and sites work properly with out it? If so, that would help narrow down where the possible problem resides.

Also, you are using Ubuntu as am I. Most of the time I have to manually restart/reload apache after changes because for some reason Sentora is not restarting it. (A bug I have been working on in my spare time for quite a while now with no success.)

graveyardboogie · 05-05-2018, 05:20 AM

If I override the react project and try to start apache, it fails with these messages...

Code:
[Fri May 04 15:15:02.044167 2018] [ssl:warn] [pid 26799] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

[Fri May 04 15:15:02.044248 2018] [mpm_prefork:notice] [pid 26799] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f configured -- resuming normal operations

[Fri May 04 15:15:02.044255 2018] [core:notice] [pid 26799] AH00094: Command line: '/usr/sbin/apache2'

[Fri May 04 15:16:44.213996 2018] [mpm_prefork:notice] [pid 26799] AH00169: caught SIGTERM, shutting down

[Fri May 04 15:16:45.229524 2018] [ssl:emerg] [pid 8717] AH02240: Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile] ((null):0)

[Fri May 04 15:16:45.229589 2018] [ssl:emerg] [pid 8717] AH02312: Fatal error initialising mod_ssl, exiting.

And if I visit my URL (http) I get this...

[Image: P0rkf6q.png]

TGates · 05-05-2018, 05:34 AM

Code:
Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]

That error is saying that it cannot load the certificate files for a domain. Double check the paths for all SSL domains.
Post your httpd.conf
It seems something is over-riding the entries in the httpd-vhosts.conf file.

graveyardboogie · 05-05-2018, 05:42 AM

Here is the httpd.conf file:

Code:

# Sentora Apache Include file

# Written by Bobby Allen, 15/05/2011



# Set the Sentora Alias (used for development, sable will eventually use a VHOST)








#Alias
 
         /Sentora /etc/sentora/panel



# Set a default server name for the master configuration to supress Apache daemon warnings

ServerName localhost



# Setup the directory settings and PHP security flags for the Sentora application directory.

<Directory /etc/sentora/panel>

    Options +FollowSymLinks

    DirectoryIndex index.php

    <IfModule mod_php5.c>

        AddType application/x-httpd-php .php

        php_flag magic_quotes_gpc Off

        php_flag track_vars On

        php_flag register_globals Off

        php_admin_value upload_tmp_dir /var/sentora/temp

    </IfModule>

</Directory>



# Disallow web access to directories that don't need it/that we don't want people looking in!

<Directory /etc/sentora/panel/cnf/>

    Require all denied 

</Directory>

<Directory /etc/sentora/panel/modules/*/hooks>

    Require all denied 

</Directory>



# Set server tokens

ServerTokens Prod



# Now we include the generic VHOST configuration file that holds all Sentora user hosted vhost data

Include /etc/sentora/configs/apache/httpd-vhosts.conf

And my httpd-vhosts.conf file:

Code:
################################################################

# Apache VHOST configuration file

# Automatically generated by Sentora 1.0.3

# Generated on: 15:37 4th May 2018 EDT

#==== YOU MUST NOT EDIT THIS FILE : IT WILL BE OVERWRITTEN ====

# Use Sentora Menu -> Admin -> Module Admin -> Apache config

################################################################

Listen 443

Listen 80

# Configuration for Sentora control panel.

<VirtualHost *:443>

ServerAdmin zadmin@localhost

DocumentRoot "/etc/sentora/panel/"

ServerName panel.otherexample.com

ErrorLog "/var/sentora/logs/sentora-error.log" 

CustomLog "/var/sentora/logs/sentora-access.log" combined

CustomLog "/var/sentora/logs/sentora-bandwidth.log" common

AddType application/x-httpd-php .php

ErrorDocument 403 /etc/static/errorpages/403.html

ErrorDocument 500 /etc/static/errorpages/500.html

ErrorDocument 510 /etc/static/errorpages/510.html

ErrorDocument 404 /etc/static/errorpages/404.html

<Directory "/etc/sentora/panel/">

Options +FollowSymLinks -Indexes

    AllowOverride All

    Require all granted

</Directory>

# Custom settings are loaded below this line (if any exist)

SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/panel.otherexample.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/panel.otherexample.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/panel.otherexample.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

</VirtualHost>

################################################################

# Sentora generated VHOST configurations below.....

################################################################

# DOMAIN: example.com

<virtualhost *:443>

ServerName example.com

ServerAlias  www.example.com

ServerAdmin zadmin@localhost

DocumentRoot "/var/sentora/hostdata/zadmin/public_html/example_com"

php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/example_com/:/var/sentora/temp/"

php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"

ErrorLog "/var/sentora/logs/domains/zadmin/example.com-error.log" 

CustomLog "/var/sentora/logs/domains/zadmin/example.com-access.log" combined

CustomLog "/var/sentora/logs/domains/zadmin/example.com-bandwidth.log" common

<Directory "/var/sentora/hostdata/zadmin/public_html/example_com">

  Options +FollowSymLinks -Indexes

  AllowOverride All

  Require all granted

</Directory>

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

AddType application/x-httpd-php .php3 .php

DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm

# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)

SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

#

SetOutputFilter INFLATE;proxy-html;DEFLATE;

ProxyHTMLInterp On

ProxyHTMLExtended On

ProxyHTMLURLMap (.*)0.0.0.0(.*) https://www.example.com$2 [Rin]

ProxyPass / http://0.0.0.0:3000/

ProxyPassReverse / http://0.0.0.0:3000/

</virtualhost>

# END DOMAIN: example.com

################################################################

# DOMAIN: example.com

# PORT FORWARD FROM 80 TO: 443

<virtualhost *:443>

ServerName example.com

ServerAlias www.example.com

ServerAdmin zadmin@localhost

RewriteEngine on

ReWriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] 

</virtualhost>

# END DOMAIN: example.com

# DOMAIN: s.example.com

<virtualhost *:443>

ServerName s.example.com

ServerAdmin zadmin@localhost

DocumentRoot "/var/sentora/hostdata/zadmin/public_html/s_example_com"

php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/s_example_com/:/var/sentora/temp/"

php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"

ErrorLog "/var/sentora/logs/domains/zadmin/s.example.com-error.log" 

CustomLog "/var/sentora/logs/domains/zadmin/s.example.com-access.log" combined

CustomLog "/var/sentora/logs/domains/zadmin/s.example.com-bandwidth.log" common

<Directory "/var/sentora/hostdata/zadmin/public_html/s_example_com">

  Options +FollowSymLinks -Indexes

  AllowOverride All

  Require all granted

</Directory>

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

AddType application/x-httpd-php .php3 .php

DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm

# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)

SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

</virtualhost>

# END DOMAIN: s.example.com

################################################################

# DOMAIN: s.example.com

# PORT FORWARD FROM 80 TO: 443

<virtualhost *:443>

ServerName s.example.com

ServerAlias www.s.example.com

ServerAdmin zadmin@localhost

RewriteEngine on

ReWriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] 

</virtualhost>

# END DOMAIN: s.example.com

# DOMAIN: my.example.com

<virtualhost *:443>

ServerName my.example.com

ServerAdmin zadmin@localhost

DocumentRoot "/var/sentora/hostdata/zadmin/public_html/my_example_com"

php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/my_example_com/:/var/sentora/temp/"

php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"

ErrorLog "/var/sentora/logs/domains/zadmin/my.example.com-error.log" 

CustomLog "/var/sentora/logs/domains/zadmin/my.example.com-access.log" combined

CustomLog "/var/sentora/logs/domains/zadmin/my.example.com-bandwidth.log" common

<Directory "/var/sentora/hostdata/zadmin/public_html/my_example_com">

  Options +FollowSymLinks -Indexes

  AllowOverride All

  Require all granted

</Directory>

AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript

AddType application/x-httpd-php .php3 .php

DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm

# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)

SSLEngine on

SSLProtocol ALL -SSLv2 -SSLv3

SSLHonorCipherOrder On

SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/example.com/chain.pem

# Keeping bellow for future upgrades.

# Requires Apache >= 2.4

SSLCompression off

</virtualhost>

# END DOMAIN: my.example.com

################################################################

# DOMAIN: my.example.com

# PORT FORWARD FROM 80 TO: 443

<virtualhost *:443>

ServerName my.example.com

ServerAlias www.my.example.com

ServerAdmin zadmin@localhost

RewriteEngine on

ReWriteCond %{SERVER_PORT} !^443$

RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] 

</virtualhost>

# END DOMAIN: my.example.com

TGates · 05-05-2018, 05:46 AM

I'm off to work right now, I will review it and see if I can source out the issue.

TGates · 05-05-2018, 10:54 AM

After doing some investigation, the line:

Code:
SetOutputFilter INFLATE;proxy-html;DEFLATE;

Should be:

Code:
SetOutputFilter INFLATE;proxy-html;DEFLATE

(No trailing semi colon)

Try removing it and see what happens.

graveyardboogie · 05-05-2018, 12:30 PM

That did not work unfortunately.

Possibly Related Threads…
Thread	Author	Replies	Views	Last Post
Old issue on Daily Backup	iraqiboy90	24	120 ,353	12-26-2020, 12:48 PM Last Post: conglynina
Security issue urgent	johnnyp	7	15 ,179	02-27-2020, 06:19 PM Last Post: johnnyp
sub-domain issue	kevwebbie	15	34 ,673	12-21-2018, 05:51 PM Last Post: kevwebbie