{{tag>Brouillon Apache}}
= Notes apache
Version
apachectl -v
Server MPM Mode
apachectl -V
Loaded Modules
apachectl -M
Compiled in modules
apachectl -l
Test Syntax
apachectl -t
Liste des vhosts
apache2ctl -S
Contexte variable environnent Apache.
grep -Pa -o 'TNS_ADMIN=[^\x00]*\x00' /proc/$(pgrep -o apache)/environ |sed -e 's/[^[:print:]]//g'
== Rewrite
Exemple de conf
RewriteCond %{HTTP_HOST} =plop.acme.fr [NC,OR]
RewriteCond %{HTTP_HOST} =www.plop.acme.fr [NC]
RewriteRule .* https://acme.fr/plop [L,R=301]
### GARBAGE COLLECTOR ###
RewriteRule .* https://r.acme.fr/error_unavailable [L]
== Perf
Voir :
* [[ftp://ftp.traduc.org/pub/lgazette/html/2006/123/lg123-D.html|Configuration d'Apache pour des performances maximales]]
Mem par process
ps -ylC httpd --sort:rss
== check allow and deny rules
2.2 configuration:
Order allow,deny
Allow from all
2.4 configuration:
Require all granted
# Require all denied
== Hardening Apache
Liens :
* https://httpd.apache.org/docs/2.4/fr/misc/security_tips.html
* https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Server_Security-Securing_the_Apache_HTTP_Server.html
== Ignorer dans les logs File does not exist: /var/www/favicon.ico
''/etc/apache2/conf.d/nofavicon.conf''
Redirect 404 /favicon.ico
ErrorDocument 404 "No favicon"
Source : https://www.alouit-multimedia.com/02-assistance-informatique/tutoriaux/apache-en-finir-avec-les-erreurs-error-file-does-not-exist-favicon-ico/
== Pb
=== Erreur FastCGI: comm with server - FastCGI: incomplete headers
2017-06-16T10:58:25.485 PCWEB1 err apache2[3253]: [fastcgi:error] [pid 3253:tid 140133122676480] [client 192.168.115.153:62059] FastCGI: comm with server "/PhpFpmVirtuel" aborted: idle timeout (30 sec)
2017-06-16T10:58:25.485 PCWEB1 err apache2[3253]: [fastcgi:error] [pid 3253:tid 140133122676480] [client 192.168.115.153:62059] FastCGI: incomplete headers (0 bytes) received from server "/PhpFpmVirtuel"
Si on n'y regarde de plus prêt, on voit dans le access.log, avant l'erreur :
2017-06-16T10:58:25.485 PCWEB1 debug access[3234]: 192.168.115.153 10:57:55.456 duration=30028931 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
Le pb vient que le script PHP /site/plop.php tombe en timeout :
On constate que si la durée est inférieur à 30 secondes, c'est OK => ( 200 ). Si plus de 30s => erreur ( 500 )
grep plop.php /var/log/apache/access.log | sed -e 's/^.*duration=//' |sort -n |tail
14777626 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes)
15397927 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes)
15993455 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes)
17382090 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes)
17850899 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes)
30026574 (us) rec=898 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
30027079 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
30028931 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
30029299 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
30029900 (us) rec=898 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
=== [warn] _default_ VirtualHost overlap on port 443, the first has precedence
# apachectl -t
[Mon Sep 14 14:31:10 2020] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
=== Solution
Ajouter ''NameVirtualHost *:443''
''/etc/apache2/ports.conf''
NameVirtualHost *:443
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443