Here are some notes on using apache. This talks, a bit about Access Control and redirection. I need to test if any of this content was duplicated elsewhere in the site.

Access Control and Authentication

I have built a LAMP server that would benefit from having some front-page access control and authentication. I have looked up the following links;

  1. http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html, which needs an LDAP server, https://davelevy.info/wiki/openldap/
  2. http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html
  3. http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html
  4. http://httpd.apache.org/docs/2.2/mod/mod_authn_file.html
  5. http://httpd.apache.org/docs/2.2/mod/mod_authn_dbm.html

Priority between redirect and proxy directives

In July 2013, I transferred Rogan’s Trial from Snipsnap to WordPress, i.e. here. Snipsnap is served via a Jetty server on port 8668 and the apache demon works as a Proxy. My original wiki source was on the Google front page so I thought I’d 301 it, and redirect to the new site/page.  I made a bunch of incomplete notes about how to invoke apache redirection commands for use with a snipsnap server. In March 2015 I transferred these to the page comments. When I exited Snipsnap, I created a global 301 for the site.

On https redirections

  1. How-to-redirect-http-to-https-using-htaccess/amp/, from freecodecamp on using .htaccess
  2. how-to-redirect-all-http-requests-to-https-using-htaccess-rules, from stack exchange which recommends the use of virtual server configurations, although it seems they changed their mind.
  3. And from Apache, htaccess.html and the directory command, which goes in the virtual host file.
  4. Dreambot also has some useful examples.
  5. https://htaccessbook.com/htaccess-redirect-https-www/
  6. https://serverfault.com/questions/520195/how-does-servername-and-serveralias-work

I found apachectl configtest which is bloody marvellous

What I did,

I wrote an .htaccess command set, guided by freecodecamp and placed it in the webroot directory. I then amended the secure server vhost file to enable the use of htaccess; it’s default behaviour is off. The following ensures that http old server name := the https new server.

RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://dfl\.ddns\.net/$1 [R,L]

and

<Directory /var/www/html>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
</Directory>

I need to fix the https old server name to new name. This may need an if statement in the 433 virtual host file. See also thisthis, and this from apache.

Dave software, Technology , , ,

One Comment

  1. I have configured the redirect rule

    Redirect 301 snipsnap/space/Dave/FRPG+Games/NWN+Walkthroughs/NWN+Rolgan%27s+Trial http://wiki.davelevy.info/nwn-rolgans-trial/

    both before and after the proxy section in the httpd.conf file. It doesn’t seem to take.

    I have also tried to write a page proxy rule, inserted before the global rule. Both a ProxyPass and ProxyPassReverse rule. The Proxy rules did not like the 301 argument.

    How to fix this? Do I need the Rewrite Engine on?

    Redirection from Scratch

    I decided to issue redirections on http://davelevy.dyndns.info/mingle, to point at http://davelevy.info/mingle. I want to issue a 301 warning as well and decided while I was at it to make a 404 page.

    So here’s the .htaccess file

    Redirect 301 /mingle/index.html http://davelevy.info/mingle
    Redirect 301 /mingle/ http://davelevy.info/mingle
    ErrorDocument 404 404.html

    Apache didn’t grok it, and so I copied them into httpd.conf, which is fine since I am only running a single site and I had the .htaccess file located in the apache htroot directory.

    The Apache Manual pages are at the Apache Documentation site.

    I tried the AllowOverride command which needs to be in a Directory section, it seems it might need the AccessFileName command as well,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.