Today I wanted to setup monit behind Apache proxy on my webserver, which runs ISPConfig (https://www.ispconfig.org/) under Debian. Monit is a OpenSource monitoring tool for Linux (see https://mmonit.com/monit/). Requirements I had the following requirements on the solution: monit should only be accessible from the server itself (localhost) monit should run under a special SSL-secured URL (not IP:PORT as […]
Apache directory listing It is possible to let the webserver deliver a list of all files for a directory whenever a user navigates to it in the browser and there is no index file (f.e. index.html). The following Apache directory listing settings can achieve this behavior via entries in a .htaccess-file placed into the respective target folder. Enable Options […]
Just add this snippet to the beginning of your rewrite section of your .htaccess file to force HTTPS: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On # FORCE HTTPS: RewriteCond %{HTTPS} !=on RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L] … </IfModule> # END WordPress As you can see, I placed it directly under “RewriteEngine On”. Or you can also […]
Sometimes you want to protect a certain folder from being accessed via Apache. You can achieve this with the following entries in your .htaccess file: Satisfy all Order deny,allow Deny from all Calls via shell are possible anyway.
Lets imagine you had a .htaccess authentication like that: AuthUserFile /var/www/vhosts/ask-sheldon.com/.htpasswd AuthGroupFile /dev/null AuthName “Sheldons Secret” AuthType Basic <Limit GET> require valid-user </Limit> … and a corresponding password file, you can deactivate the password prompt on 31.12.2014 at 23:59 automatically with this crontab entry: # remove htaccess password protection on 31.12.2014 MAILTO = mustang@snsconsulting.de 59 […]
To Allow crossite calls via Ajax or for Fonts and so one, from specific subdomains: <IfModule mod_headers.c> SetEnvIfNoCase Origin “https?://(www\.|sub1\.|sub2\.|sub3\.|sub4\.)?(ask-sheldon\.com)(:\d+)?$” AccessControlAllowOrigin=$0 Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin Header set Access-Control-Allow-Credentials true </IfModule> Or you can place a crossdomain.xml in your DocumentRoot (does not work everywhere) <?xml version=”1.0″?> <cross-domain-policy> <allow-access-from domain=”*.ask-another-sheldon.com” /> <allow-access-from domain=”*.ask-anothernother-sheldon.com” /> </cross-domain-policy>
To get the user which the apache runs on: $> ps aux | egrep ‘(apache|httpd)’
Activate a vHost $> a2ensite 000-ask-sheldon.com In this example 000-ask-sheldon.com refers to the vhost configuration that is defined under /etc/apache2/sites-available/000-ask-sheldon.com . a2ensite creates a symbolic link under /etc/apache2/sites-enabled with the name 000-ask-sheldon.com that points to the configuration file /etc/apache2/sites-available/000-ask-sheldon.com. So you can see, that you can do it manually too. Deactivate a vHost $> a2dissite 000-ask-sheldon.com In contrast […]
The charset the Apache delivers the content with can be changed really easy. Just add the following line to the respective .htaccess or your Apache configuration to force the UTF-8 character set: AddDefaultCharset UTF-8
