tech:notes_apache
Ceci est une ancienne révision du document !
Table des matières
Notes apache
Version apachectl -v Server MPM Mode apachectl -V Loaded Modules apachectl -M Compiled in modules apachectl -l Test Syntax apachectl -t Liste des vhosts apache2ctl -S
Contexte variable environnent Apache.
grep -Pa -o 'TNS_ADMIN=[^\x00]*\x00' /proc/$(pgrep -o apache)/environ |sed -e 's/[^[:print:]]//g'
Rewrite
Exemple de conf
RewriteCond %{HTTP_HOST} =plop.acme.fr [NC,OR] RewriteCond %{HTTP_HOST} =www.plop.acme.fr [NC] RewriteRule .* https://acme.fr/plop [L,R=301] ### GARBAGE COLLECTOR ### RewriteRule .* https://r.acme.fr/error_unavailable [L]
Perf
Voir :
Mem par process
ps -ylC httpd --sort:rss
check allow and deny rules
2.2 configuration:
Order allow,deny Allow from all
2.4 configuration:
Require all granted # Require all denied
Hardening Apache
Liens :
Ignorer dans les logs File does not exist: /var/www/favicon.ico
- /etc/apache2/conf.d/nofavicon.conf
Redirect 404 /favicon.ico <Location /favicon.ico> ErrorDocument 404 "No favicon" </Location>
Pb
Erreur FastCGI: comm with server - FastCGI: incomplete headers
2017-06-16T10:58:25.485 PCWEB1 err apache2[3253]: [fastcgi:error] [pid 3253:tid 140133122676480] [client 192.168.115.153:62059] FastCGI: comm with server "/PhpFpmVirtuel" aborted: idle timeout (30 sec) 2017-06-16T10:58:25.485 PCWEB1 err apache2[3253]: [fastcgi:error] [pid 3253:tid 140133122676480] [client 192.168.115.153:62059] FastCGI: incomplete headers (0 bytes) received from server "/PhpFpmVirtuel"
Si on n'y regarde de plus prêt, on voit dans le access.log, avant l'erreur :
2017-06-16T10:58:25.485 PCWEB1 debug access[3234]: 192.168.115.153 10:57:55.456 duration=30028931 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
Le pb vient que le script PHP /site/plop.php tombe en timeout : On constate que si la durée est inférieur à 30 secondes, c'est OK ⇒ ( 200 ). Si plus de 30s ⇒ erreur ( 500 )
grep plop.php /var/log/apache/access.log | sed -e 's/^.*duration=//' |sort -n |tail
14777626 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes) 15397927 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes) 15993455 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes) 17382090 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes) 17850899 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 200 sent=240 (bytes) 30026574 (us) rec=898 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes) 30027079 (us) rec=892 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes) 30028931 (us) rec=893 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes) 30029299 (us) rec=895 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes) 30029900 (us) rec=898 (bytes) "POST /site/plop.php HTTP/1.1" 500 sent=763 (bytes)
[warn] _default_ VirtualHost overlap on port 443, the first has precedence
# apachectl -t [Mon Sep 14 14:31:10 2020] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
Solution
Ajouter NameVirtualHost *:443
- /etc/apache2/ports.conf
<IfModule mod_ssl.c> NameVirtualHost *:443 # If you add NameVirtualHost *:443 here, you will also have to change # the VirtualHost statement in /etc/apache2/sites-available/default-ssl # to <VirtualHost *:443> # Server Name Indication for SSL named virtual hosts is currently not # supported by MSIE on Windows XP. Listen 443 </IfModule>
tech/notes_apache.1742825205.txt.gz · Dernière modification : de 127.0.0.1