Tag Archives: apache

Redirect Request to SSL on Apache

NameVirtualHost *:80
<VirtualHost *:80>
   ServerName mysite.example.com
   DocumentRoot /usr/local/apache2/htdocs
   Redirect /secure https://mysite.example.com/secure
</VirtualHost>

<VirtualHost _default_:443>
   ServerName mysite.example.com
   DocumentRoot /usr/local/apache2/htdocs
   SSLEngine On
# etc...
</VirtualHost>

When redirecting everything you don’t even need a DocumentRoot:

NameVirtualHost *:80
<VirtualHost *:80>
   ServerName www.example.com
   Redirect / https://secure.example.com/
</VirtualHost>

<VirtualHost _default_:443>
   ServerName secure.example.com
   DocumentRoot /usr/local/apache2/htdocs
   SSLEngine On
# etc...
</VirtualHost>

Note: Once the configuration is working as intended, a permanent redirection can be considered. This avoids caching issues by most browsers while testing. The directive would then become:

Redirect permanent / https://secure.example.com/

—————

<Directory /topsecret>
  SSLRequireSSL
</Directory>

References
https://wiki.apache.org/httpd/RedirectSSL
https://serverfault.com/questions/429634/restrict-apache-to-only-allow-access-using-ssl-for-some-directories

Configure Let’s Encrypt for Apache on Ubuntu

sudo apt-get install python-letsencrypt-apache 
letsencrypt --apache
nano /etc/apache2/apache2.conf
<VirtualHost *:443>
	SSLEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/dl.mhdr.ir/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/dl.mhdr.ir/cert.pem
	SSLCertificateChainFile /etc/letsencrypt/live/dl.mhdr.ir/chain.pem
    DocumentRoot "/var/www/html/dl"
    ServerName dl.mhdr.ir
</VirtualHost>
service apache2 restart

PPA

$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

note : only the last VitualHost will be detected by letsencrypt
References
https://certbot.eff.org/#ubuntuxenial-apache
https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension
https://letsencrypt.org/

Use Spring Boot behind Apache front-end proxy server

Apache

a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
sudo a2enmod remoteip
sudo service apache2 restart
<VirtualHost *:80>
  ServerName iterator.ir

  ProxyRequests Off
  ProxyPreserveHost On
  RemoteIPHeader X-Forwarded-For
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>

  ProxyPass / http://localhost:13602/
  ProxyPassReverse / http://localhost:13602/
</VirtualHost>
<VirtualHost *:443>
	SSLEngine on
	RewriteEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/lastlab.pupli.net/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/lastlab.pupli.net/cert.pem
	SSLCertificateChainFile /etc/letsencrypt/live/lastlab.pupli.net/chain.pem
	ServerName lastlab.pupli.net
 
	ProxyRequests Off
	ProxyPreserveHost On
	RemoteIPHeader X-Forwarded-For
	<Proxy *>
		Order deny,allow
		Allow from all
	</Proxy>
 
	ProxyPass / http://localhost:14001/
	ProxyPassReverse / http://localhost:14001/
</VirtualHost>

Spring Boot
set server.use-forward-headers to server.use-forward-headers in Spring Boot application.properties

Java

String ipAddress = request.getHeader("X-FORWARDED-FOR");
if (ipAddress == null) {
	   ipAddress = request.getRemoteAddr();
}

References
https://docs.spring.io/spring-boot/docs/current/reference/html/howto-embedded-servlet-containers.html#howto-use-tomcat-behind-a-proxy-server
https://www.mkyong.com/java/how-to-get-client-ip-address-in-java/
http://serverfault.com/questions/130925/passing-ip-address-with-mod-proxy
https://www.leaseweb.com/labs/2014/12/tutorial-apache-2-4-transparent-reverse-proxy/
http://www.thegeekstuff.com/2011/07/Apache-Virtual-Host/
https://devops.profitbricks.com/tutorials/configure-apache-as-a-reverse-proxy-using-mod_proxy-on-ubuntu/
https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

Install WordPress on Ubuntu

Install Apache

sudo apt-get install apache2

Install MySQL

sudo apt-get install mysql-server php5-mysql

Install PHP

sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt php5-curl
sudo apt-get install php5-cli

Create a MySQL Database and User for WordPress

mysql -u root -p
create database wordpressdb;
create user wordpressuser@localhost identified by 'pass1234';
grant all privileges on wordpressdb.* to wordpressuser@localhost;
FLUSH PRIVILEGES;

exit

Download WordPress

wget http://wordpress.org/latest.tar.gz

or

sudo apt-get install wordpress
sudo apt-get install php5-gd libssh2-php

The group ownership we will give to our web server process, which is www-data. This will allow Apache to interact with the content as necessary.

sudo chown -R :www-data /var/www/html/wordpress

Refernces :

https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-ubuntu-14-04
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-14-04
https://kyup.com/tutorials/install-wordpress/
https://help.ubuntu.com/community/WordPress
https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-with-lamp-on-ubuntu-16-04
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04