Category Archives: debian

Apache2 sigterm crash on debian

I have an issue with my debian server.
I have a website hosted on an apache2 but 2 times per day, apache crash and my website is not accessible.
I have looked log files and I haven't a lot of information.
Here are my logs :

access.log

13.235.52.55:443 - - [24/May/2018:10:05:51 +0200] "GET / HTTP/1.1" 200 13244 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:52 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:52 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:53 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:54 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"

error.log

[Thu May 24 08:00:31.698217 2018] [mpm_prefork:notice] [pid 3544] AH00163: Apache/2.4.10 (Debian) OpenSSL/1.0.1t configured -- resuming normal operations
[Thu May 24 08:00:31.698270 2018] [core:notice] [pid 3544] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 24 12:17:43.064962 2018] [mpm_prefork:notice] [pid 3544] AH00169: caught SIGTERM, shutting down
[Thu May 24 12:17:46.968823 2018] [mpm_prefork:notice] [pid 4518] AH00163: Apache/2.4.10 (Debian) OpenSSL/1.0.1t configured -- resuming normal operations
[Thu May 24 12:17:46.968889 2018] [core:notice] [pid 4518] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 24 12:17:47.011670 2018] [mpm_prefork:notice] [pid 4518] AH00169: caught SIGTERM, shutting down

Generally, apache crash at 12:17PM and 00:17AM

I have already check for a DoS attack, but I have not enough access in the access.log

Finally, I have found the following in my phperror log

[24-May-2018 13:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 14:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 14:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 15:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 15:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 16:04:24 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 16:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0

if someone can help me.. :-)

Thank you !

Configuring Apache Virtual Host in separate config file

I would like to add a virtual host for my Apache2 on my Debian 9 (3.16.0-5-amd64). I have a simple webpage in /var/www/mypage1 with an index.html. To set up Apache I created a file called mypage.com.conf in /etc/apache2/sites-available/ with the following content:

Listen 80 <VirtualHost *:80> ServerName mypage1.com DocumentRoot /var/www/mypage1 <Directory /var/www/mypage1> Allow from all AllowOverride All </Directory> </VirtualHost>

and added

Include /etc/apache2/sites-available/mypage1.com.conf

to /etc/apache2/apache2.conf and restarted Apache. However I my page does not show up when opening it in a Browser or doing a ping. Do I miss anything?

Thanks for any help!

Apache stop webdav directory listing on windows

I'm working on a server which has to serve a few files publically via WebDav. The public availability and WebDav is a must have, so I can't just change them. Windows support (sadly) is another must thing...

It would be great if I could disable directory listing, so the person who I give the webdav link would only be able to either guess the link or use only the one I gave.

In default case it's quite easy to disable directory listing, and in the browser the current configuration perfectly stops dir listing, but when I open it via windows explorer, I can easily see the whole directory and its content. My current config is:

<VirtualHost *>
    ServerAdmin [email protected]

    DocumentRoot /var/www/web1/web/
    <Directory /var/www/web1/web/>
        Options MultiViews
        AllowOverride None
        Order allow,deny
        allow from all

        <LimitExcept GET PROPFIND>
                        Require valid-user
                </LimitExcept>
    </Directory>

    Alias /v1 /var/www/web1/web

    <Location /v1>
        DAV On
        AuthName "webdav"
    </Location>
</VirtualHost>

If I wont allow PROPFIND method, windows thinks that the host is unavailable (unsure if linux can access it, that's not my target).

Is it possible to stop directory listing on windows? For me it seems the PROPFIND is what causes this, but I'm unsure if I can somehow bypass this problem. Do you have any idea how should I modify my config file?

How do I restart google cloud service in shell?

I have created a virtual instance in Google Cloud and updated php.ini. I need to restart the server for the changes to take place, but every command I've tried has failed:

  • service php5-fpm restart
  • sudo /etc/init.d/apache2 restart
  • service apache2 restart
  • /etc/init.d/apache2 restart

Any suggestions?

Settings:

Operating system: Debian 9

Package contents:

  • Apache 2.4.33
  • ImageMagick 6.9.8
  • MySQL 5.7.22
  • OpenSSL 1.0.2o
  • PHP 7.0.30
  • phpMyAdmin 4.8.0.1
  • SQLite 3.18.0
  • Varnish 4.1.0
  • WordPress 4.9.5
  • WP-CLI 1.5.1

How to run a sentence as root in perl [duplicate]

This question already has an answer here:

I have made a perl program that add users to the system using apache2. It works when i run as a root but i am using it in a register from a html therefore the program is running by that user (i think) and it doesn't work. The error in /var/log/apache2/error.log is : "AH1215: can't open_a /etc/passwd Permission denied at /usr/lib/cgi-bin/registro.cgi line 60" that line is the following

Linux::usermod->add($user,$password)

One solution must be give the permission +s using chmod +s to the registro.cgi but it is not allowed to use that way.

Several asynchronous requests from javascript to PHP apache not been asynchronous

This behavior was not present all the time, just come from nothing about a month ago and then disappeared suddenly. The problem is that I can't identify what happened. I have no server debug tool because only take place in production. Roughly 100 ajax request are triggered at the same time using some loop like :

let url = "example.com/";

var methods = ["method1", "method2", "method3", "method4"]; //Roughly 100   

$.each(methods, function(index, value) {
  $.ajax({
    url: url + value,
    method: "POST",
    data: { params: "whatever", otherParams: "whatever" }
  }).done(function(data) {
    console.log(data);
  });
});

In server side (apache+php) there are selects, updates and inserts in a relational database. Each request performs an individual thread since apache is hearing.

When I see the network console, all requests starts at the same time (roughly), but here is the problem. The response happen one after the other finish. If request 1 starts at 0 and spend 5 seconds, request 2 starts at 5, and request 3 starts when request 2 was finished. All browser have the same behavior.

The best logic explanation I thought, is that database is blocking some table when performs an update or insert. Some tables are huge and without indexes could spend too much time. Well, staging environment points to the same database and works perfectly asynchronously. So what is going on? It is possible that php or Apache could be stucked in this way for some reason? I thought other crazy idea that is some writing problems with log files in the OS (debian) but I have no idea how that works. So I would be glad if anyone could give me any suggestion. Maybe I could reproduce the problem in a controlled environment and do something to prevent this can happen again.

Some additional information, the API have two clients one in angular the other in javascript+php. It's exactly the same behavior with both clients.

Certificate verification failed using certbot

Here is my situation. I've got Apache server running on Debian Jessie. I've got 3 domains there and 3 months ago, I've run Certbot to install ssl certificates with this command

sudo certbot --authenticator webroot --installer apache

I want to ask - I've noticed, that I have domains example1.com, example2.com, and I installed certificate on both, but I try to explore certificate on example2.com and name of this certificate is example1.com - why? It should be example2.com, isn't it?

Now I'm adding another domain - example3.com, and I want to install certificate, but I'm getting error: Waiting for verification... Cleaning up challenges Failed authorization procedure. example3.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example3.com/.well-known/acme-challenge/5TFHUah63pTLmy6g-3XS4FebHNCj5VvPL0cn1Oa2ZBs

And if I want to visit this site (example3.com) I'm getting content of example1.com, but there should be clean wordpress installation.

Do you have any advice how to solve this?

Thank you.

Apache do not show index of directory

How can I hide the contents of a directory without an index file from being displayed to the user i.e show "Index of:" ? For example, I have a folder called /documents with alot of subdirectories now inside of the subdirectories there will be files stored for example test.pdf. The full URL will look as follows www.example.com/documents/874256987/test.pdf. Currently if the user types www.example.com/documents into the url, all of the subdirectories are displayed, this is what I want to avoid. Only if the user knows the full url for example www.example.com/documents/874258726/test.pdf, the user is able to open the document in the browser. I have tried "IndexIgnore" inside of a .htaccess file, but the problem is even if the user knows the full url he/she will get 403 Forbidden.

Protect directory in apache by only allowing someone with a random generated password to access

I am currently busy with a website which basically does the following:

  1. someone uploads a file then some processing is done on that file and then the completed file is stored in a directory called /documents. Inside of my php script I generate a random number which allows multiple documents to be stored simultaneously, for example a document might be stored in /documents/145214693/file.pdf.
  2. The user then has the option to download the document.
  3. Inside of my /documents folder I have a .htaccess file which Deny's anyone to access the /documents folder by typing it into the URL bar, for example when someone types www.example.com/documents/ they will receive "Forbidden".

Now the issue is, this also disallows anyone from downloading the file.

Is there a way in which I can generate a random code and inside of my htaccess file I specify that only someone with that specific code is allow to access that specific directory?

In short, when someone uploads a file it is stored in /documents/256984128/test.pdf, then generate a random code which is passed through the URL for ex,

www.example.com/documents/256984128/test.pdf?code=<random code here> 

and only if the code is correct access is granted to the file. Thanks in advance!