Apache 2.2 mod rewrite issue... or something

Apache 2.2 mod rewrite issue... or something

am 25.02.2010 19:29:00 von Brandon Stout

--------------060108050801010103040105
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

I have this on my new server:


SuexecUserGroup brasto brasto
ServerName flfn.org
ServerAlias www.flfn.org
ServerAdmin admin@flfn.org
DocumentRoot /home/brasto/www/flfn

Options Indexes FollowSymLinks
AllowOverride All

CustomLog /var/log/httpd/brasto/flfn/access_log combined
ErrorLog /var/log/httpd/brasto/flfn/error_log
# Next three lines I'll want after fixing rewrite problem:
# RewriteEngine On
# RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]
# RewriteRule ^(.*)$ http://flfn.org$1 [R=301,L]


Don't try to see the issue on FLFN.org since the site is still on my old
server. I access it by modifying /etc/hosts with the new IP until the
site is working. I have mod rewrite installed, and I can verify it by
uncommenting the last three lines of that vhost. That rewrite works
just fine. However, if I install Wordpress or Drupal and try to turn on
friendly urls, they create a .htaccess file with these lines:


RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]


With that the whole site seems to work except I can't go to
http://flfn.org/ . If I ask for http://flfn.org/index.php it works.
All friendly URLs work. In the .htaccess file, if I comment out every
line except 'RewritEngine on' I still have the same problem, and can't
request http://flfn.org/ without index.php. If I move the .htaccess
file and put those lines in the vhost config, I get a browser error but
nothing in the server error logs (not the vhost error logs or the
default error logs). Here's what I get in the browser with the
..htaccess info added to the vhost:

Bad Request

Your browser sent a request that this server could not understand.
Apache/2.2.3 (CentOS) Server at flfn.org Port 80

Here's what I get in the vhost error logs when I request http://flfn.org
without /index.php:

[Wed Feb 24 15:05:50 2010] [error] [client 67.182.203.21] Options
FollowSymLinks or SymLinksIfOwnerMatch is off which implies that
RewriteRule directive is forbidden: /home/brasto/www/flfn/, referer:
http://flfn.org/admin/reports/status

As you can see, I have Options FollowSymLinks set in the vhost. The
..htaccess file also has Options +FollowSymLinks in it.

I've sent this same thing to the Utah PHP Users group and so far haven't fixed it. Here's some of what's been done there:

Yes, I've tried SymLinksIfOwnerMatch. It didn't make a difference.

All files are owned by brasto:apache.

Yes, DirectoryIndex has index.php as a server default, and even when I put it in the vhost, it didn't resolve the issue. Note that if I comment out all rules and conditions and the only line in the .htaccess file is "RewriteEngine on" the problem occurs.

One person asked if PHP has mod rewrite compiled in. I said:

I'm not sure:

# php -i | grep modules
extension_dir => /usr/lib64/php/modules => /usr/lib64/php/modules
# ls /usr/lib64/php/modules
curl.so json.so pdo_mysql.so sqlite.so xsl.so
dom.so mbstring.so pdo.so wddx.so zip.so
fileinfo.so mysqli.so pdo_sqlite.so xmlreader.so
gd.so mysql.so phar.so xmlwriter.so

that seems to tell me no. However phpinfo() tells me it's loaded. I
put it here:

http://chsalumni.net/phpinfo.php

At least until this is resolved.

In case of a DNS issue, I have duplicated the issue, this time with a Wordpress-driven site, with http://chsalumni.net (on the same new server) since I can bear it having the issue for a little while until we can hopefully resolve it. Here's the vhost and .htaccess file:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]


# END WordPress

Once again, if I comment out every line except RewriteEngine On, I have
the same problem (with or without wrapping it in mod_rewrite.c>). The vhost is almost identical:


SuexecUserGroup brasto brasto
ServerName chsalumni.net
ServerAlias www.chsalumni.net chs91.org www.chs91.org
ServerAdmin admin@chsalumni.net
DocumentRoot /home/brasto/www/chsalumni

Options Indexes FollowSymLinks
AllowOverride All

CustomLog /var/log/httpd/brasto/chsalumni/access_log combined
ErrorLog /var/log/httpd/brasto/chsalumni/error_log
# RewriteEngine On
# RewriteCond %{HTTP_HOST} !^chsalumni\.net$ [NC]
# RewriteRule ^(.*)$ http://chsalumni.net$1 [R=301,L]


Again, if I turn on Rewrite Engine using the vhost and use the rule and
condition that are commented out right now, they work fine, but if I try
to use the rules and conditions in the .htaccess file within the vhost,
I get the bad request error, with nothing in the error logs anywhere.
With the .htaccess as it is and vhost as it is, I still get these
entries in the logs when requesting http://chsalumni.net :

tail -f /var/log/httpd/brasto/chsalumni/*



==> /var/log/httpd/brasto/chsalumni/access_log <==
67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET / HTTP/1.1" 403 5043
"http://chsalumni.net/wp-admin/options-permalink.php" "Mozilla/5.0 (X11;
U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20091201 SUSE/3.5.6-1.1.1
Firefox/3.5.6"

==> /var/log/httpd/brasto/chsalumni/error_log <==
[Wed Feb 24 23:38:48 2010] [error] [client 67.182.203.21] Options
FollowSymLinks or SymLinksIfOwnerMatch is off which implies that
RewriteRule directive is forbidden: /home/brasto/www/chsalumni/,
referer: http://chsalumni.net/wp-admin/options-permalink.php

==> /var/log/httpd/brasto/chsalumni/access_log <==
67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET /icons/apache_pb.gif
HTTP/1.1" 200 2326 "http://chsalumni.net/" "Mozilla/5.0 (X11; U; Linux
x86_64; en-US; rv:1.9.1.6) Gecko/20091201 SUSE/3.5.6-1.1.1 Firefox/3.5.6"
67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET
/icons/powered_by_rh.png HTTP/1.1" 200 1213 "http://chsalumni.net/"
"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20091201
SUSE/3.5.6-1.1.1 Firefox/3.5.6"

This site I can leave broken for longer, so I'll leave it this way
hoping we can find a solution soon. Of course, FollowSymLinks is set,
though I have not tested SymLinksIfOwnerMatch on this site like I did
the other.

Finally, somone asked for the perms on the doc root directory and other config files in conf.d:

/home/brasto > ls -al www/
total 79836
drwsrwsr-x 16 brasto apache 4096 Feb 24 09:20 .


For config files:

# ls -al /etc/httpd/conf.d/
total 36
drwxr-xr-x 2 root root 4096 Feb 13 12:18 .
drwxr-xr-x 4 root root 4096 Feb 16 15:24 ..
-rw-r--r-- 1 root root 674 Nov 20 10:26 php.conf
-rw-r--r-- 1 root root 566 Nov 12 16:47 proxy_ajp.conf
-rw-r--r-- 1 root root 392 Nov 12 16:47 README
-rw-r--r-- 1 root root 9677 Nov 12 16:47 ssl.conf
-rw-r--r-- 1 root root 298 Feb 12 22:58 welcome.conf

The only thing I found that might be related is welcome.conf, which
probably explains why I get the page served that I do for the 403. It
only has this (commented lines excluded):


Options Indexes
ErrorDocument 403 /error/noindex.html


Thank you all for your help.

Brandon


--------------060108050801010103040105
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit








I have this on my new server:



<VirtualHost *:80>

    SuexecUserGroup    brasto brasto

    ServerName     flfn.org

    ServerAlias    
 href="http://www.flfn.org">www.flfn.org

    ServerAdmin    
 href="mailto:admin@flfn.org">admin@flfn.org

    DocumentRoot   /home/brasto/www/flfn

    <Directory /home/brasto/www/flfn>

        Options Indexes FollowSymLinks

        AllowOverride All

    </Directory>

    CustomLog      /var/log/httpd/brasto/flfn/access_log combined

    ErrorLog       /var/log/httpd/brasto/flfn/error_log

#    Next three lines I'll want after fixing rewrite problem:

#    RewriteEngine On

#    RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]

#    RewriteRule ^(.*)$ 
 href="http://flfn.org$1">http://flfn.org$1 [R=301,L]

</VirtualHost>



Don't try to see the issue on FLFN.org since the site is still on my old

server.  I access it by modifying /etc/hosts with the new IP until the

site is working.  I have mod rewrite installed, and I can verify it by

uncommenting the last three lines of that vhost.  That rewrite works

just fine.  However, if I install Wordpress or Drupal and try to turn on

friendly urls, they create a .htaccess file with these lines:



<IfModule mod_rewrite.c>

  RewriteEngine on

  RewriteCond %{REQUEST_FILENAME} !-f

  RewriteCond %{REQUEST_FILENAME} !-d

  RewriteCond %{REQUEST_URI} !=/favicon.ico

  RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]

</IfModule>



With that the whole site seems to work except I can't go to

 .  If I ask for 
 class="moz-txt-link-freetext" href="http://flfn.org/index.php">http://flfn.org/index.php it works. 

All friendly URLs work.  In the .htaccess file, if I comment out every

line except 'RewritEngine on' I still have the same problem, and can't

request  without index.php.  If I move the .htaccess

file and put those lines in the vhost config, I get a browser error but

nothing in the server error logs (not the vhost error logs or the

default error logs).  Here's what I get in the browser with the

..htaccess info added to the vhost:



Bad Request



Your browser sent a request that this server could not understand.

Apache/2.2.3 (CentOS) Server at flfn.org Port 80



Here's what I get in the vhost error logs when I request 
 class="moz-txt-link-freetext" href="http://flfn.org">http://flfn.org

without /index.php:



[Wed Feb 24 15:05:50 2010] [error] [client 67.182.203.21] Options

FollowSymLinks or SymLinksIfOwnerMatch is off which implies that

RewriteRule directive is forbidden: 
 class="moz-txt-tag">/home/brasto/www/flfn
 class="moz-txt-tag">/, referer:


  href="http://flfn.org/admin/reports/status">http://flfn.org/ admin/reports/status



As you can see, I have Options FollowSymLinks set in the vhost.  The

..htaccess file also has Options +FollowSymLinks in it.



I've sent this same thing to the Utah PHP Users group and so far haven't fixed it.  Here's some of what's been done there:



Yes, I've tried SymLinksIfOwnerMatch.  It didn't make a difference.



All files are owned by brasto:apache.



Yes, DirectoryIndex has index.php as a server default, and even when I put it in the vhost, it didn't resolve the issue.  Note that if I comment out all rules and conditions and the only line in the .htaccess file is "RewriteEngine on" the problem occurs.



One person asked if PHP has mod rewrite compiled in.  I said:



I'm not sure:



# php -i | grep modules

extension_dir => /usr/lib64/php/modules => /usr/lib64/php/modules

# ls /usr/lib64/php/modules

curl.so      json.so      pdo_mysql.so   sqlite.so     xsl.so

dom.so       mbstring.so  pdo.so         wddx.so       zip.so

fileinfo.so  mysqli.so    pdo_sqlite.so  xmlreader.so

gd.so        mysql.so     phar.so        xmlwriter.so



that seems to tell me no.  However phpinfo() tells me it's loaded.  I

put it here:







At least until this is resolved.



In case of a DNS issue, I have duplicated the issue, this time with a Wordpress-driven site, with  (on the same new server) since I can bear it having the issue for a little while until we can hopefully resolve it.  Here's the vhost and .htaccess file:



# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>



# END WordPress



Once again, if I comment out every line except RewriteEngine On, I have

the same problem (with or without wrapping it in <IfModule

mod_rewrite.c>).  The vhost is almost identical:



<VirtualHost *:80>

    SuexecUserGroup    brasto brasto

    ServerName     chsalumni.net

    ServerAlias    
 href="http://www.chsalumni.net">www.chsalumni.net chs91.org 
 class="moz-txt-link-abbreviated" href="http://www.chs91.org">www.chs91.org

    ServerAdmin    
 href="mailto:admin@chsalumni.net">admin@chsalumni.net

    DocumentRoot   /home/brasto/www/chsalumni

    <Directory /home/brasto/www/chsalumni>

        Options Indexes FollowSymLinks

        AllowOverride All

    </Directory>

    CustomLog      /var/log/httpd/brasto/chsalumni/access_log combined

    ErrorLog       /var/log/httpd/brasto/chsalumni/error_log

#    RewriteEngine On

#    RewriteCond %{HTTP_HOST} !^chsalumni\.net$ [NC]

#    RewriteRule ^(.*)$ 
 href="http://chsalumni.net$1">http://chsalumni.net$1 [R=301,L]

</VirtualHost>



Again, if I turn on Rewrite Engine using the vhost and use the rule and

condition that are commented out right now, they work fine, but if I try

to use the rules and conditions in the .htaccess file within the vhost,

I get the bad request error, with nothing in the error logs anywhere.

With the .htaccess as it is and vhost as it is, I still get these

entries in the logs when requesting 
 href="http://chsalumni.net">http://chsalumni.net :



tail -f /var/log/httpd/brasto/chsalumni
 class="moz-txt-tag">/*



<snip to when page refresh occurs>



==> /var/log/httpd/brasto/chsalumni/access_log <==

67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET / HTTP/1.1" 403 5043


  href="http://chsalumni.net/wp-admin/options-permalink.php">" http://chsalumni.net/wp-admin/options-permalink.php" "Mozilla/5.0 (X11;

U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20091201 SUSE/3.5.6-1.1.1

Firefox/3.5.6"



==> /var/log/httpd/brasto/chsalumni/error_log <==

[Wed Feb 24 23:38:48 2010] [error] [client 67.182.203.21] Options

FollowSymLinks or SymLinksIfOwnerMatch is off which implies that

RewriteRule directive is forbidden: 
 class="moz-txt-tag">/home/brasto/www/chsalumni
 class="moz-txt-tag">/,

referer: 
  href="http://chsalumni.net/wp-admin/options-permalink.php">h ttp://chsalumni.net/wp-admin/options-permalink.php



==> /var/log/httpd/brasto/chsalumni/access_log <==

67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET /icons/apache_pb.gif

HTTP/1.1" 200 2326 
 href="http://chsalumni.net/">"http://chsalumni.net/" "Mozilla/5.0 (X11; U; Linux

x86_64; en-US; rv:1.9.1.6) Gecko/20091201 SUSE/3.5.6-1.1.1 Firefox/3.5.6"

67.182.203.21 - - [24/Feb/2010:23:38:48 -0700] "GET

/icons/powered_by_rh.png HTTP/1.1" 200 1213 "
 class="moz-txt-tag">/"

"Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.6) Gecko/20091201

SUSE/3.5.6-1.1.1 Firefox/3.5.6"



This site I can leave broken for longer, so I'll leave it this way

hoping we can find a solution soon.  Of course, FollowSymLinks is set,

though I have not tested SymLinksIfOwnerMatch on this site like I did

the other.



Finally, somone asked for the perms on the doc root directory and other config files in conf.d:



/home/brasto > ls -al www
 class="moz-txt-tag">/

total 79836

drwsrwsr-x 16 brasto apache     4096 Feb 24 09:20 .

<snip>



For config files:



# ls -al /etc/httpd/conf.d
 class="moz-txt-tag">/

total 36

drwxr-xr-x 2 root root 4096 Feb 13 12:18 .

drwxr-xr-x 4 root root 4096 Feb 16 15:24 ..

-rw-r--r-- 1 root root  674 Nov 20 10:26 php.conf

-rw-r--r-- 1 root root  566 Nov 12 16:47 proxy_ajp.conf

-rw-r--r-- 1 root root  392 Nov 12 16:47 README

-rw-r--r-- 1 root root 9677 Nov 12 16:47 ssl.conf

-rw-r--r-- 1 root root  298 Feb 12 22:58 welcome.conf



The only thing I found that might be related is welcome.conf, which

probably explains why I get the page served that I do for the 403.  It

only has this (commented lines excluded):



<LocationMatch "^/+$">

    Options Indexes

    ErrorDocument 403 /error/noindex.html

</LocationMatch>



Thank you all for your help.



Brandon




--------------060108050801010103040105--

Re: Apache 2.2 mod rewrite issue... or something

am 25.02.2010 22:13:47 von Brandon Stout

--------------010100060008020604070006
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

On 02/25/2010 11:29 AM, Brandon Stout wrote:

> I have this on my new server...
>
I've found a hack I guess I'll live with. I commented out the
ErrorDocument line here:

# cat /etc/httpd/conf.d/welcome.conf
#
# This configuration file enables the default "Welcome"
# page if there is no default index page present for
# the root URL. To disable the Welcome page, comment
# out all the lines below.
#

Options Indexes
#ErrorDocument 403 /error/noindex.html


Then I add this to the bottom of the vhost (uncommenting my own rewrite
rule designed redirect any ServerAliase to the ServerName):

RewriteEngine On
RewriteOptions Inherit
RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]
RewriteRule ^(.*)$ http://flfn.org$1 [R=301,L]
#Hack:
ErrorDocument 403 /index.php

Now it all works just fine. The underlying problem is still there, but
without a real solution, I'll take the hack and move on.

Brandon


--------------010100060008020604070006
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit








On 02/25/2010 11:29 AM, Brandon Stout wrote:





I have this on my new server...

  




I've found a hack I guess I'll live with.  I commented out the

ErrorDocument line here:



# cat /etc/httpd/conf.d/welcome.conf

#

# This configuration file enables the default "Welcome"

# page if there is no default index page present for

# the root URL.  To disable the Welcome page, comment

# out all the lines below.

#

<LocationMatch "^/+$">

    Options Indexes

    #ErrorDocument 403 /error/noindex.html

</LocationMatch>



Then I add this to the bottom of the vhost (uncommenting my own rewrite

rule designed redirect any ServerAliase to the ServerName):



    RewriteEngine On

    RewriteOptions Inherit

    RewriteCond %{HTTP_HOST} !^flfn\.org$ [NC]

    RewriteRule ^(.*)$ 
 href="http://flfn.org$1">http://flfn.org$1 [R=301,L]

#Hack:

    ErrorDocument 403 /index.php



Now it all works just fine.  The underlying problem is still there, but

without a real solution, I'll take the hack and move on.



Brandon




--------------010100060008020604070006--