Apache 2.4 Proxy AJP serve multiple domains with Tomcat 8

I developed three Spring based web applications were deployed on my Tomcat 8 server. I can access them in LAN by access as:

http://localhost:8080/webapps1
http://localhost:8080/webapps2
http://localhost:8080/webapps3

which works fine for me.

Tomcat AJP connector was configured as:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Now I tried to publish all the three apps into Internet by using apache 2.4 proxy configure through AJP connector

I also have three FQDN were registered such as:

www.thss.domain1.com.au
www.stoa.domain2.com.au
ozssc.stoa.domain2.com.au

I tested those three FQDN with check-host.net, they all works fine.

Now I will configure my apache 2.4 by using proxy virtual host setting, configure file name as: apache-serviceproxy.conf in /Library/Server/Web/Config/Proxy

......
listen 10.0.1.100:80
......
<VirtualHost 10.0.1.100:80>
  ProxyPreserveHost On
  ServerName www.thss.domain1.com.au
  ServerAlias thss.domain1.com.au
  ServerAdmin [email protected]
  ProxyPass / ajp://127.0.0.1:8009/webapps1/
  ProxyPassReverse / ajp://127.0.0.1:8009/webapps1/
</VirtualHost>
<VirtualHost 10.0.1.100:80>
  ProxyPreserveHost On
  ServerName www.stoa.domain2.com.au
  ServerAlias stoa.domain2.com.au
  ServerAdmin [email protected]
  ProxyPass / ajp://127.0.0.1:8009/webapps2/
  ProxyPassReverse / ajp://127.0.0.1:8009/webapps2/
</VirtualHost>
<VirtualHost 10.0.1.100:80>
  ProxyPreserveHost On
  ServerName ozssc.stoa.domain2.com.au
  ServerAdmin [email protected]
  ProxyPass / ajp://127.0.0.1:8009/webapps3/
  ProxyPassReverse / ajp://127.0.0.1:8009/webapps3/
</VirtualHost>

Please note, FQDN 2 and 3 working in same domain (domain2.com.au) and FQDN 1 working in other domain (domain1.com.au)

I tested over internet by using net renderer.com, FQDN 1 www.thss.domain1.com.au is working beautifully, but FQDN 2 and 3 not working well, I check with my tomcat access log I found some thing is very interesting.

details as:

When I access my first FQDN (www.thss.domain1.com.au) from Internet the request pass through: Router -> Apache 2.4 (port 80) -> AJP connector (8009) -> Tomcat 8.0.28 successfully, all pages working well.

Tomcat access log shows:

58.106.1.75 - - [01/Nov/2015:09:37:40 +1100] "GET /webapps1/ HTTP/1.1" 200 2616
58.106.1.75 - - [01/Nov/2015:09:37:40 +1100] "GET /webapps1/css/thss_layout.css HTTP/1.1" 200 1405
58.106.1.75 - - [01/Nov/2015:09:37:40 +1100] "GET /webapps1/js/dojo-release-1.8.6/dojo/dojo.js HTTP/1.1" 200 158637

Such means, html request, inclusive css/js file request all using single context path /webapps1, which is perfect.

But when I request my FQDN 2 (www.stoa.domain2.com.au) and 3 (ozssc.stoa.domain2.com.au), it only first request come with correct context path such as: /webapps2 any next request on inclusive css and js or image file were double context path such as: /webapps2/webapps2, as it is not well formatted context path, Tomcat response 404 error. As result: All FQDN 2 and 3 pages with out css/js/image support, only display some plain text.

Access log shows:

148.251.45.185 - - [01/Nov/2015:08:58:59 +1100] "GET /webapps2/ HTTP/1.1" 200 19098
148.251.45.185 - - [01/Nov/2015:08:59:00 +1100] "GET /webapps2/webapps2/dojo-release-1.10.4/dijit/themes/claro/claro.css HTTP/1.1" 404 1158
148.251.45.185 - - [01/Nov/2015:08:59:01 +1100] "GET /webapps2/webapps2/css/style.css HTTP/1.1" 404 1088
148.251.45.185 - - [01/Nov/2015:08:59:02 +1100] "GET /webapps2/webapps2/images/icons/search33.png HTTP/1.1" 404 1112

My questions is: How I can configure my proxy with AJP without append that duplicated context path in the front of request from apache 2.4 to tomcat through AJP connector?

Any advice are welcome!

Have a good weekend! Mate

Htaccess redirecting in the wrong way

I'm using a simple HTAccess redirect rule to redirect :-

http://localhost/sell_script/s.php?value=1

to

http://localhost/sell_script/s/1

When I directly load http://localhost/sell_script/s.php?value=1, it works fine. But when I load http://localhost/sell_script/s/1 it again redirects me to http://localhost/sell_script/s.php?value=1.

What might be the problem here?

My htaccess :-

RewriteEngine on 
Options +FollowSymlinks
RewriteBase / 

RewriteRule ^s/(.*) sell_script/s.php?value=$1 [R]

Cohabitation Apache2 / Nginx / Gitlab

Background

Ubuntu 15.04

Apache/2.4.10 (Ubuntu)

GitLab Community Edition 8.0.3

GitLab docroot : /opt/gitlab/embedded/service/gitlab-rails/public

I install GitLab this way : https://about.gitlab.com/downloads/#ubuntu1404

Problem

On my server I have a website running with apache2 (exemple-site.com).

I have GitLab running with the bundled nginx (exemple-gitlab.com)

I have 1 server, 1 IP, and multiple FQDN.

Like this, all my domain names are pointing to GitLab.

So exemple-gitlab.com point to GitLab as wanted but exemple-site.com point to GitLab too, and all others FQDN too.

Ways of solution

I think I have to (and I tried) to :

  • Disable the bundled nginx and configure gitlab with apache2
  • Configure the bundled nginx as a reverse proxy of apache2

I prefer to use apache2 for all my website and I don't mind if gitlab use apache2 or bundled nginx, all I want is using all my FQDN for each of my websites and not all my FQDN redirectinf to gitlab.

Understanding

I don't understand what are omnibus or rails.

I don't know how works reverse proxy and all.

I tried disabling bundled nginx in /etc/gitlab/gitlab.rb and adding an vhost.conf to apache2

    <VirtualHost *:80>
    ServerName exemple-gitlab.com
    ServerSignature Off
    ProxyPreserveHost On

    AllowEncodedSlashes NoDecode

    <Location />
    Require all granted

    #Allow forwarding to gitlab-git-http-server
    ProxyPassReverse http://127.0.0.1:8181
    #Allow forwarding to GitLab Rails app (Unicorn)
    ProxyPassReverse http://127.0.0.1:8080
    ProxyPassReverse http://exemple-gitlab.com/
    </Location>

    #apache equivalent of nginx try files
    RewriteEngine on
    #Forward these requests to gitlab-git-http-server
    RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/repository/archive.* [OR]
    RewriteCond %{REQUEST_URI} ^/api/v3/projects/.*/repository/archive.* [OR]
    RewriteCond %{REQUEST_URI} ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$
    RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA]

    #Forward any other requests to GitLab Rails app (Unicorn)
    RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
    RewriteCond %{REQUEST_URI} ^/uploads
    RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA,NE]

    # needed for downloading attachments
    /opt/gitlab/embedded/service/gitlab-rails/public

    #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
    ErrorDocument 404 /404.html
    ErrorDocument 422 /422.html
    ErrorDocument 500 /500.html
    ErrorDocument 503 /deploy.html

    # /var/log/apache2.
    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
    ErrorLog  /var/log/apache2/logs/gitlab.example.com_error.log
    CustomLog /var/log/apache2/logs/gitlab.example.com_forwarded.log common_forwarded
    CustomLog /var/log/apache2/logs/gitlab.example.com_access.log combined env=!dontlog
    CustomLog /var/log/apache2/logs/gitlab.example.com.log combined

  </VirtualHost>

how can rewrite first rules and remove part of url

can rewrite first rules ?

from

http://sitename.com/media/resizer/420x218/r/sitename.com/wp-content/uploads/2013/12/image.jpg

to

http://sitename.com/media/resizer/420x218/r/2013/12/image.jpg

by removing sitename.com/wp-content/uploads

this my current htaccess :

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /media/
RewriteRule ^resizer/(.*)x(.*)/r/(.*) resizer/resize.php?src=http://$3&h=$2&w=$1&zc=0&s=1
</IfModule>

i use this method : http://code.tutsplus.com/articles/using-timthumb-with-custom-urls-for-site-optimization--wp-23607

Concrete5 pretty URL’s (mod_rewrite) stopped working

I manage two websites, both running the Concrete5 CMS (v5.6.3.4) which uses an .htaccess file to rewrite the URL's so the 'index.php' file is hidden and the URL's look a lot better. Similar to what Wordpress does. The .htaccess content added by Concrete5 is:

<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME}/index.html !-f RewriteCond %{REQUEST_FILENAME}/index.php !-f RewriteRule . index.php [L] </IfModule>

This used to work fine, but now only the homepage is reachable. When I visit one of the webpages like /contact a HTTP 301 Moved Permanently is returned and I'm redirected to the homepage.

When I visit /index.php/contact the contact page loads correctly. I also tried the Wordpress rewrite rules and that gave the same result.

It looks like it stopped working because of some Apache, PHP or mod_rewrite module version change or something by my hosting company. The sites run on Apache 2.4.17 and PHP 5.5.30. I can't discover the mod_rewrite module version.

I also tried the Apache FallbackResource /index.php and that seemed to work for the sub pages, but in that case the homepage failed loading.

Any help is appreciated.

Update:

The Apache loaded modules are:

core mod_authn_file mod_authn_dbm mod_authn_anon mod_authn_dbd mod_authn_socache mod_authn_core mod_authz_host mod_authz_groupfile mod_authz_user mod_authz_dbm mod_authz_owner mod_authz_dbd mod_authz_core mod_access_compat mod_auth_basic mod_auth_form mod_auth_digest mod_allowmethods mod_file_cache mod_cache mod_cache_disk mod_cache_socache mod_socache_shmcb mod_socache_dbm mod_socache_memcache mod_so mod_macro mod_dbd mod_dumpio mod_buffer mod_ratelimit mod_reqtimeout mod_ext_filter mod_request mod_include mod_filter mod_substitute mod_sed mod_deflate http_core mod_mime mod_log_config mod_log_debug mod_logio mod_env mod_expires mod_headers mod_unique_id mod_setenvif mod_version mod_remoteip mod_proxy mod_proxy_connect mod_proxy_ftp mod_proxy_http mod_proxy_fcgi mod_proxy_scgi mod_proxy_wstunnel mod_proxy_ajp mod_proxy_balancer mod_proxy_express mod_session mod_session_cookie mod_session_dbd mod_slotmem_shm mod_ssl mod_lbmethod_byrequests mod_lbmethod_bytraffic mod_lbmethod_bybusyness mod_lbmethod_heartbeat mod_unixd mod_dav mod_status mod_autoindex mod_info mod_suexec mod_cgi mod_dav_fs mod_dav_lock mod_vhost_alias mod_negotiation mod_dir mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_php5 mod_ruid2 prefork

express.js with https on Apache2 subdomain

So what I want to do is have example.com redirect to https://example.com which is static (this works fine). However, I want api.example.com to redirect to https://api.example.com, which I want to use Express.js for.

This is my apache2.conf:

<VirtualHost MY_IP:80>
    ServerName example.com
    ServerAlias www.example.com

    DocumentRoot /var/www/example.com/html
    RewriteEngine On
    Redirect permanent / https://example.com/
    RewriteRule [b]^an[/b]yfolder1/(.*)$ https://www.example.com/$1 [R=301,L] 
</VirtualHost>

<VirtualHost MY_IP:443>
    ServerName example.com/
    ServerAlias www.example.com/
    DocumentRoot /var/www/example.com/html
    <Directory "/var/www/example.com/html"> 
        SetOutputFilter DEFLATE
    Options FollowSymlinks
    AllowOverride All 
        Order Allow,Deny
        Allow from all
        ErrorDocument 400 /error/error_codes/e400.html
        ErrorDocument 401 /error/error_codes/e401.html
        ErrorDocument 403 /error/error_codes/e403.html
        ErrorDocument 404 /error/error_codes/e404.html
        ErrorDocument 408 /error/error_codes/e408.html
        ErrorDocument 500 /error/error_codes/e500.html
        ErrorDocument 502 /error/error_codes/e502.html
        ErrorDocument 503 /error/error_codes/e503.html
        ErrorDocument 504 /error/error_codes/e504.html
    </Directory> 
    SSLEngine on   
    SSLOptions +StrictRequire 
    SSLCertificateFile ../ssl/www.example.com.crt
    SSLCertificateKeyFile ../ssl/www.example.com.key
    SSLCertificateChainFIle ../ssl/www.example.com-geotrust.crt
    SSLProtocol TLSv1
    ErrorLog /var/www/example.com/log/error.log
    LogLevel warn
    CustomLog /var/www/example.com/log/access.log combined
</VirtualHost>

I have tried copying this but replacing example.com with api.example.com, but it always redirects to https://example.com. It works if I just use the port express.js is running on (without https).

Proxy radar found in apache logs file

I was reading the logs of the apache server and I was shocked by seeing these logs!

[Sun Oct 25 06:44:48.922248 2015] [mpm_prefork:notice] [pid 17635] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.13 configured -- resuming normal operations
[Sun Oct 25 06:44:48.922322 2015] [core:notice] [pid 17635] AH00094: Command line: '/usr/sbin/apache2'
[Sun Oct 25 06:52:03.432156 2015] [:error] [pid 12247] [client 185.25.151.159:52483] script '/var/www/testproxy.php' not found or unable to stat
[Sun Oct 25 10:04:07.474749 2015] [:error] [pid 12246] [client 95.213.177.126:26970] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sun Oct 25 13:30:45.499151 2015] [:error] [pid 12249] [client 95.213.177.124:12337] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sun Oct 25 14:56:17.907266 2015] [core:error] [pid 12247] [client 204.232.231.193:42272] AH00126: Invalid URI in request GET HTTP/1.1 HTTP/1.1
[Sun Oct 25 16:47:51.671775 2015] [:error] [pid 13152] [client 95.213.177.122:22221] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sun Oct 25 20:05:20.347574 2015] [:error] [pid 12250] [client 95.213.177.126:26093] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sun Oct 25 20:12:20.573716 2015] [:error] [pid 12247] [client 195.211.154.57:59906] script '/var/www/wp-login.php' not found or unable to stat
[Sun Oct 25 20:12:20.925707 2015] [:error] [pid 12246] [client 195.211.154.57:59982] script '/var/www/wp-login.php' not found or unable to stat
[Sun Oct 25 20:12:21.286692 2015] [:error] [pid 14778] [client 195.211.154.57:60061] script '/var/www/wp-login.php' not found or unable to stat
[Sun Oct 25 20:12:21.653284 2015] [:error] [pid 12248] [client 195.211.154.57:60129] script '/var/www/wp-login.php' not found or unable to stat
[Sun Oct 25 23:40:01.996372 2015] [:error] [pid 13152] [client 95.213.177.125:11645] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 02:51:58.571464 2015] [:error] [pid 12247] [client 185.49.14.190:56375] script '/var/www/testproxy.php' not found or unable to stat
[Mon Oct 26 03:06:19.339766 2015] [:error] [pid 12246] [client 95.213.177.125:57675] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 05:40:34.837617 2015] [:error] [pid 12249] [client 212.26.4.140:45817] PHP Notice:  Undefined index: fileToUpload in /var/www/upload.php on line 16, referer: http://MyServerIPAddress/index.html
[Mon Oct 26 05:40:34.845077 2015] [:error] [pid 12249] [client 212.26.4.140:45817] PHP Notice:  Undefined index: fileToUpload in /var/www/upload.php on line 36, referer: http://MyServerIPAddress/index.html
[Mon Oct 26 06:35:27.184473 2015] [:error] [pid 12247] [client 95.213.177.123:49908] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 10:00:38.818189 2015] [:error] [pid 12250] [client 95.213.177.124:13503] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 13:31:03.088079 2015] [:error] [pid 12246] [client 95.213.177.126:29119] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 17:00:20.614876 2015] [:error] [pid 12247] [client 95.213.177.126:50712] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Mon Oct 26 20:29:44.660822 2015] [:error] [pid 12250] [client 95.213.177.126:1817] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 00:01:58.744948 2015] [:error] [pid 14778] [client 95.213.177.122:21314] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 01:11:03.468846 2015] [:error] [pid 18984] [client 185.25.148.240:59900] script '/var/www/testproxy.php' not found or unable to stat
[Tue Oct 27 03:30:14.778881 2015] [:error] [pid 18983] [client 95.213.177.125:18166] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 07:03:54.964307 2015] [:error] [pid 13152] [client 95.213.177.125:6661] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 10:29:50.276896 2015] [:error] [pid 12246] [client 95.213.177.124:61095] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 13:53:21.732290 2015] [:error] [pid 14778] [client 95.213.177.123:60280] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 17:21:02.887146 2015] [:error] [pid 12248] [client 95.213.177.125:63152] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 20:50:02.216260 2015] [:error] [pid 18983] [client 95.213.177.123:36963] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Tue Oct 27 21:14:02.927072 2015] [:error] [pid 12249] [client 185.25.148.240:60127] script '/var/www/testproxy.php' not found or unable to stat    
[Wed Oct 28 00:14:25.724517 2015] [:error] [pid 12250] [client 95.213.177.123:49920] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 03:44:31.131853 2015] [:error] [pid 12246] [client 95.213.177.124:43972] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 07:10:14.870620 2015] [:error] [pid 18983] [client 95.213.177.122:64165] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 10:41:34.266047 2015] [:error] [pid 12249] [client 95.213.177.122:7384] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 14:04:14.227135 2015] [:error] [pid 13152] [client 95.213.177.122:51171] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 16:20:24.056612 2015] [:error] [pid 12247] [client 91.196.50.33:37592] script '/var/www/testproxy.php' not found or unable to stat
[Wed Oct 28 17:24:12.731783 2015] [:error] [pid 12250] [client 95.213.177.126:63964] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Wed Oct 28 21:01:47.135810 2015] [:error] [pid 12246] [client 95.213.177.122:46135] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 00:26:45.812360 2015] [:error] [pid 12249] [client 95.213.177.123:4377] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 03:51:35.202020 2015] [:error] [pid 13152] [client 95.213.177.123:5403] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 07:16:27.154161 2015] [:error] [pid 14778] [client 95.213.177.125:60001] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 10:47:57.392473 2015] [mpm_prefork:notice] [pid 17635] AH00169: caught SIGTERM, shutting down
[Thu Oct 29 10:47:58.276766 2015] [mpm_prefork:notice] [pid 10744] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.14 configured -- resuming normal     operations
[Thu Oct 29 10:47:58.276856 2015] [core:notice] [pid 10744] AH00094: Command line: '/usr/sbin/apache2'
[Thu Oct 29 10:48:00.183820 2015] [mpm_prefork:notice] [pid 10744] AH00169: caught SIGTERM, shutting down
[Thu Oct 29 10:48:01.268504 2015] [mpm_prefork:notice] [pid 11109] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.14 configured -- resuming normal operations
[Thu Oct 29 10:48:01.268593 2015] [core:notice] [pid 11109] AH00094: Command line: '/usr/sbin/apache2'
[Thu Oct 29 10:53:55.208328 2015] [:error] [pid 11117] [client 95.213.177.126:24617] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 12:05:44.568022 2015] [:error] [pid 11116] [client 185.25.151.159:44881] script '/var/www/testproxy.php' not found or unable to stat
[Thu Oct 29 14:23:29.206838 2015] [:error] [pid 11113] [client     95.213.177.122:51825] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 17:46:40.522593 2015] [:error] [pid 11648] [client 95.213.177.123:6131] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 21:19:33.442885 2015] [:error] [pid 11642] [client 95.213.177.126:29530] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Thu Oct 29 21:40:04.453806 2015] [:error] [pid 11114] [client     195.211.154.57:60044] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:04.717870 2015] [:error] [pid 11643] [client 195.211.154.57:60066] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:04.982542 2015] [:error] [pid 11117] [client 195.211.154.57:60089] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:05.234578 2015] [:error] [pid 11115] [client 195.211.154.57:60114] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:05.482102 2015] [:error] [pid 11116] [client 195.211.154.57:60141] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:05.740567 2015] [:error] [pid 11113] [client 195.211.154.57:60161] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:05.993417 2015] [:error] [pid 11648] [client 195.211.154.57:60182] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:06.254748 2015] [:error] [pid 11642] [client 195.211.154.57:60210] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:06.501836 2015] [:error] [pid 11114] [client 195.211.154.57:60231] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:06.753228 2015] [:error] [pid 11643] [client 195.211.154.57:60252] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:07.015822 2015] [:error] [pid 11117] [client 195.211.154.57:60276] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:07.278555 2015] [:error] [pid 11115] [client 195.211.154.57:60304] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:07.529478 2015] [:error] [pid 11116] [client 195.211.154.57:60329] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:07.777850 2015] [:error] [pid 11113] [client 195.211.154.57:60351] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:08.022832 2015] [:error] [pid 11648] [client 195.211.154.57:60371] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:08.268446 2015] [:error] [pid 11642] [client 195.211.154.57:60393] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:08.524456 2015] [:error] [pid 11114] [client 195.211.154.57:60412] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:08.770056 2015] [:error] [pid 11643] [client 195.211.154.57:60434] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:09.031264 2015] [:error] [pid 11117] [client 195.211.154.57:60450] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:09.286882 2015] [:error] [pid 11115] [client 195.211.154.57:60473] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:09.537999 2015] [:error] [pid 11116] [client 195.211.154.57:60494] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:09.796330 2015] [:error] [pid 11113] [client 195.211.154.57:60512] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:10.047986 2015] [:error] [pid 11648] [client 195.211.154.57:60537] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:10.294042 2015] [:error] [pid 11642] [client 195.211.154.57:60560] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:10.549803 2015] [:error] [pid 11114] [client 195.211.154.57:60581] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:10.808650 2015] [:error] [pid 11643] [client 195.211.154.57:60604] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:11.056997 2015] [:error] [pid 11117] [client 195.211.154.57:60625] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:11.301379 2015] [:error] [pid 11115] [client 195.211.154.57:60652] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:11.547697 2015] [:error] [pid 11116] [client 195.211.154.57:60668] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:11.797300 2015] [:error] [pid 11113] [client 195.211.154.57:60693] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:12.056947 2015] [:error] [pid 11648] [client 195.211.154.57:60717] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:12.312125 2015] [:error] [pid 11642] [client 195.211.154.57:60737] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:12.560742 2015] [:error] [pid 11114] [client 195.211.154.57:60757] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:12.813413 2015] [:error] [pid 11643] [client 195.211.154.57:60776] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:13.065100 2015] [:error] [pid 11117] [client 195.211.154.57:60801] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:13.320162 2015] [:error] [pid 11115] [client 195.211.154.57:60824] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:13.569527 2015] [:error] [pid 11116] [client 195.211.154.57:60848] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:13.814746 2015] [:error] [pid 11113] [client 195.211.154.57:60871] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:14.066743 2015] [:error] [pid 11648] [client 195.211.154.57:60887] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:14.326231 2015] [:error] [pid 11642] [client 195.211.154.57:60915] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:14.585975 2015] [:error] [pid 11114] [client 195.211.154.57:60936] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:14.844341 2015] [:error] [pid 11643] [client 195.211.154.57:60956] script '/var/www/wp-login.php' not found or unable to stat
[Thu Oct 29 21:40:15.095272 2015] [:error] [pid 11117] [client 195.211.154.57:60981] script '/var/www/wp-login.php' not found or unable to stat
[Fri Oct 30 00:47:05.284551 2015] [:error] [pid 11115] [client 95.213.177.125:26477] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 04:09:19.403419 2015] [:error] [pid 11116] [client 95.213.177.122:31198] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 07:42:17.527746 2015] [:error] [pid 11648] [client 95.213.177.124:59115] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 10:13:59.016697 2015] [:error] [pid 11642] [client 91.196.50.33:36603] script '/var/www/testproxy.php' not found or unable to stat
[Fri Oct 30 11:06:15.666434 2015] [:error] [pid 11114] [client 95.213.177.123:16988] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 14:28:18.705393 2015] [:error] [pid 11643] [client 95.213.177.124:53349] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 17:58:00.532339 2015] [:error] [pid 11115] [client 95.213.177.122:53827] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Fri Oct 30 21:12:46.869377 2015] [:error] [pid 11116] [client 95.213.177.122:54578] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sat Oct 31 00:35:01.994847 2015] [:error] [pid 11113] [client 95.213.177.123:2596] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sat Oct 31 02:24:36.644160 2015] [:error] [pid 11648] [client 185.25.148.240:58843] script '/var/www/testproxy.php' not found or unable to stat
[Sat Oct 31 04:05:26.854168 2015] [:error] [pid 11642] [client 95.213.177.123:5184] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sat Oct 31 04:43:12.015411 2015] [:error] [pid 11114] [client 91.196.50.33:46098] script '/var/www/testproxy.php' not found or unable to stat
[Sat Oct 31 07:25:14.509690 2015] [:error] [pid 11117] [client 95.213.177.123:3185] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/
[Sat Oct 31 10:15:58.489698 2015] [:error] [pid 11115] [client 5.8.66.115:54407] script '/var/www/xmlrpc.php' not found or unable to stat
[Sat Oct 31 10:46:10.183445 2015] [:error] [pid 11116] [client 95.213.177.122:28801] script '/var/www/azenv.php' not found or unable to stat, referer: https://proxyradar.com/

Should I be concerned with these logs , do they indicate any kind of attacks ?

as I see from the ip trying to do all that stuff is coming from poland , How can pan this ip and remove all of the files he/she put on my server ? , I am using digitalocean service ,is that related ? thank you

.htaccess Rewritecond causes internal error 500 Joomla1.5 and Jomsocial

I have a website under Joomla 1.5.26 (still there yes, please no comment) + Jomsocial 2.6.

Setting SEF option ON in Joomla backend and using .htaccess, i have a weird behavior due to the following piece of code:

########## Begin - Joomla! core SEF Section
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/index.php
RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$  [NC]
RewriteRule (.*) index.php
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
########## End - Joomla! core SEF Section

with this code, I can display the website homepage and login jomsocial (enter the community as a member) but any article of the site provoques an internal error 500.

By commenting this block of code, all the site can be displayed properly but it is impossible to enter the site as a member + I get "Invalid Token" messages on blank screen trying to login.

Do you know how to fix this ?

The rest of the .htaccess is Ok i think (no issue on the site and working on other sites).

Thank you in advance for your help.

elynx

Kohana in subdirectory

I need to put Kohana 3 project to subdirectory.

Now when I type mysite.xyz/<subdirectory> it run properly (default controller load ok). But, when I type: mysite.xyz/<subdirectory>/<controller> or mysite.xyz/subdirectory>/<controller>/<method> that redirect me to mysite.xyz/<controller>/<method> and fails (Not found requested url).

<subdirectory> = /folder1/folder2/folder3/

I had changed base url in kohana.

Here is my .htaccess:

RewriteEngine On
RewriteBase /folder1/folder2/folder3/

###### Add trailing slash (optional) ######
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+[^/])$ %{REQUEST_URI}/ [L,R=301,NE]

RewriteCond %{REQUEST_METHOD} !POST
RewriteRule ^(.*)folder1/folder2/folder3/index.php/(.*)$ /$1$2 [R=301,L,NE]

RewriteCond $1 ^(index\.php|robots\.txt|favicon\.ico|media)
RewriteRule ^(?:application|modules|system)\b.* index.php/$0 [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?kohana_uri=$1 [L,QSA]

Please help.

How to block a subnet in Apache mod_security

My webserver which is running Windows Server 2003 and Apache 2.2.31 with mod_security2 version 2.8.0 is under heavy DDoS-attack.

How can I configure mod_security to exclude all clients that comes from the subnet *.amazonaws.com? Most of the DDoS is coming from there so if anyone know how to DENY the whole subnet *.amazonaws.com I will be very grateful for an answer.

Please write as simple as possible as I have very little experience with mod_security and need a solution fast. Thanks.