How to redirect http requests to https on Debian Linux with Apache Web Server?

securing-apache5-590x277

[dfads params=’groups=-1′]

Do the following to redirect http requests to https running on Debian Linux with Apache Web Server.

File : /etc/apache2/ports.conf

[code]
NameVirtualHost *:80
Listen 80
[/code]

File : /etc/apache2/sites-availabe/default

[code]
<VirtualHost *:80>
ServerName www.example.com
Redirect / https://www.example.com/
</VirtualHost>

<VirtualHost *:443>
ServerName www.example.com
# … SSL configuration goes here
</VirtualHost>
[/code]

Restart Apache Webserver

[code]
/etc/init.d/apache2 restart
[/code]

[dfads params=’groups=-1′]

Installing and Configuring Commercial SSL on Debian Linux

SSL-Certificate-Secrity-H01CB360EBAB420000000000000004713

[dfads params=’groups=-1′]

Note: Please note that commercial SSL certificates require a unique IP address for SSL-enabled sites.

a. Enable SSL for Apache and make a directory named “ssl” inside “/etc/apache2/”

[code]
a2enmod ssl
mkdir /etc/apache2/ssl
[/code]

b. Create a Certificate Signing Request

[code]
cd /etc/apache2/ssl
openssl req -new -days 365 -nodes -keyout www.mydomain.com.key -out www.mydomain.com.csr
[/code]

The above command will create a certificate signing request (CSR) for the site which you’d like to use with SSL. Leave the challenge password blank.
Execute the following command to protect the key:

[code]
chmod 400 /etc/apache2/ssl/www.mydomain.com.key
[/code]

Files for your domain will be created in /etc/apache2/ssl. You may now submit the file ending in .csr to a commercial SSL provider for signing. You will receive a signed file after the CA signs the request. Save this file as /etc/apache2/ssl/www.mydomain.com.crt.
Execute the following command to protect the signed certificate:

[code]
chmod 400 /etc/apache2/ssl/www.mydomain.com.crt
[/code]

[dfads params=’groups=-1′]

c. Get the CA Root Certificate
You’ll need to get the root certificate for the CA that you paid to sign your certificate. You may obtain the root certs for various providers from these sites:
Verisign
Thawte
Globalsign
Comodo
For example, if we downloaded a root cert for Verisign, we would save it to /etc/apache2/ssl/verisign.cer.
d. Configure Apache to use the Signed SSL Certificate.
We’ll add an entry to /etc/apache2/ports.conf for the IP address you’ll be using to host your SSL-enabled site.
File excerpt:/etc/apache2/ports.conf

[code]
NameVirtualHost 12.34.56.78:443
Listen 443
[/code]

Replace the above IP address with your dedicated IP Address. Next, we edit the VirtualHost Configuration file i.e. /etc/apache2/sites-available/default in our case.

[code]
<Virtualhost 10.10.10.109:443>
SSLEngine On SSLCertificateFile /etc/apache2/ssl/www.mydomain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.mydomain.com.key
SSLCACertificateFile /etc/apache2/ssl/verisign.cer

ServerAdmin info@mydomain.com
ServerName www.mydomain.com
DocumentRoot /var/www/
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</Vritaulhost>
[/code]

NOTE: You can edit your existing Virtualhost Configuration file (Virtualhost *:80) by adding the above attributes within the Virtualhost tag.

e. Restart Apache:

[code]
/etc/init.d/apache2 restart
[/code]

f. Congratulations, you’ve installed a commercial SSL certificate! You can visit your site with SSL enabled. i.e. https://mydomain.com OR https://localhost/your_website/

[Source: https://library.linode.com/web-servers/apache/ssl-guides/debian-5-lenny]

[dfads params=’groups=-1′]

Upload Max Filesize PHP Configuration

[dfads params=’groups=-1′]

I have installed Apache2, PHP5.5 & MySQL5 independently on my Debian 7.3 OS. I hosted my drupal site on my Dedicated Server. I faced problem to upload files greater than 2MB from the CMS of the Site. After exploring the Internet I found the solution. Here’s the steps:

1. Edit /etc/php5/cgi/php.ini file.

2. Add the following line of code:

[php]upload_max_filesize = 10M[/php]

Make sure that you are not editing /etc/php5/php.ini file

[dfads params=’groups=-1′]

Solution to Url Encoded Slashes (%2F) Problem in Apache

[dfads params=’groups=-1′]

I was working on Drupal 6. I had to troubleshoot a site that has a problem in its link. The ugly URL looks like this: http://rcportblair.ignou.ac.in/admin/build/employee/search/result/none/0/none/%252F1

The last argument in the link i.e. %252F is a forward slash automatically added by the Drupal engine which was creating problem while generating result. There are many ways to handle these urls. One way is listed below:

<VirtualHost *:80>
    AllowEncodedSlashes On
</VirtualHost>

This directive may be set in server config file (e.g. httpd.conf OR /etc/apache2/sites-available/default) and may appear inside <VirtualHost> containers to affect certain websites. Using it in .htaccess files is not allowed.

[dfads params=’groups=-1′]

Clean URLs in CodeIgniter and Drupal for Debian based Dedicated Servers

[dfads params=’groups=-1′]

Initially, when my projects were in CodeIgniter I struggled to find out the solutions for Clean URLs. Now, I am working on Drupal CMS and the process for activating Clean URLs are similar as in CodeIgniter.

drupal&CodeIgniter

1. The first step is to add the following code in your .htaccess file.

<IfModule mod_rewrite.c>
RewriteEngine on

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ project_dir/index.php?q=$1 [L,QSA]
</IfModule>

2. Next, for Debian Linux OS edit /etc/apache2/sites-available/default file and add the following script.

<Directory "/var/www/project_dir/">
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ project_dir/index.php?q=$1 [L,QSA]
</Directory>

3. If you are using CodeIgniter, the above two steps are done but for Drupal sites, visit the following link from your Drupal CMS Admin: http://your_site/admin/settings/clean-urls. Select the Enabled radio button & click on save.

Congratulations, You have activated Clean URLs for your websites.

[dfads params=’groups=-1′]

Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe. You need to recompile PHP.

[dfads params=’groups=-1′]

After installing Apache2, MySQL & PHP on Debian wheezy 7.1, I tried to reboot the apache server. It showed me the following error.
Starting web server: apache2[Fri Dec 27 11:29:16 2013] [crit] Apache is running a threaded MPM, but your PHP Module
is not compiled to be threadsafe. You need to recompile PHP.
Pre-configuration failed
Action 'start' failed.
The Apache error log may have more information.
failed!

So I searched through the internet to recomplie the PHP Source. But none of the tutorials were best and feasible.

Finally, after long try I found the command below that helped me to run the apache and PHP along.
apt-get install apache2-mpm-prefork

[dfads params=’groups=-1′]