Tag Archives: apache2

HOWTO: Force https with Amazon Elastic Load Balancer and Apache

Posted on by
6

The Amazon ELB service now supports https, which is great, but how do you configure Apache such that it redirects all insecure requests to use a secure connection?

It turns out that the ELB adds a X-Forwarded-Proto header that you can capture with a mod_rewrite rule. Here’s the configuration snippet:

<VirtualHost *:80>
  ...
  RewriteEngine On
  RewriteCond %{HTTP:X-Forwarded-Proto} !https
  RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
</VirtualHost>

(this assumes your health check is /status, which doesn’t require https)

HOWTO: Force https/SSL for Apache2, Phusion Passenger and Rails

Posted on by
Reply

There’s a lot of buzz right now about Firesheep and non-secure Rails applications.

This is a pretty simple problem to solve with Apache’s mod_rewrite. If the traffic isn’t on https, force it to be. This configuration only needs to be in production, of course.

Here’s /etc/apache2/sites-enabled/adgrok:

Continue reading

Simple 301 or 302 redirects with Apache or PHP

Posted on by
Reply

It behooves you to make sure you’ve only got one URL that serves a given piece of content–so says google. But what if you’ve got a bunch of domains that go to your page?

For this blog, for example, matthew.mceachen.org, and mrm.mceachen.org all go to the same place. That was done with an apache redirect in /etc/apache2/sites-enabled/matthew:

Continue reading

Apache2, PHP, and MySQL on Mac OS X using MacPorts

Posted on by
Reply

1. Install MacPorts

Follow the instructions here: http://www.macports.org/install.php.

2. Install apache2

sudo port install apache2

Note that the macports instructions suggest installing the launchctl script now, but we’ll do that after mysql and php are installed.

3. Install and configure MySQL

If you want 5.0.x, use mysql5-server. If you need 5.1.x, install mysql5-server-devel (at least as of August 2009).

sudo port install mysql5-server

As the macports instructions state,

In order to setup the database, you might want to run sudo -u mysql mysql_install_db5 if this is a new install.

It’s never a bad idea to set the root password, and as the document suggests, run:

/opt/local/lib/mysql5/bin/mysqladmin -u root password 'new-password'

You also want to install a database configuration file — there are a bunch of templates in /opt/local/share/mysql5/mysql/, but for development, my-small.cnf should suffice:

sudo cp /opt/local/share/mysql5/mysql/my-small.cnf /opt/local/etc/mysql5/my.cnf

Once the config is in place, spin up mysql:

sudo launchctl load -w /Library/LaunchDaemons/org.macports.mysql5.plist

Check that mysql is up and running by connecting with the mysql client:

mysql -h localhost -u root -p

4. Fix your PATH

Note that the mysql binaries in /opt/local/bin all have a “5″ suffix, but /opt/local/lib/mysql5/bin has “normal” named binaries, so you probably want that in your PATH too. The apachectl in /usr/bin will spin up the mac os x version of apache (that we’re avoiding), and that lives in /opt/local/apache2/bin. So in your .bashrc (or .profile or whatever):

export PATH=/opt/local/bin:/opt/local/sbin:/opt/local/lib/mysql5/bin:/opt/local/apache2/bin:$PATH

5. Install PHP5

sudo port install php5 +pear +apache2 +fastcgi +mysql5

Note that php5 has a lot of variants. If you think you want other goodness, run port variants php5 and cook up your own set of options.

Again, as the macports instructions state,

copy /opt/local/etc/php5/php.ini-development (if this is a development server) or /opt/local/etc/php5/php.ini-production (if this is a production server) to /opt/local/etc/php5/php.ini and then make changes.

6. Install the PHP-MySQL driver:

sudo port install php5-mysql +mysql5

7. Configure apache2

The mod_php.conf from the php5 package is put into a directory that the apache2 configuration doesn’t read by default — so you need to add this line to the end of /opt/local/apache2/conf/httpd.conf:

Include conf/extras-conf/*

Hopefully this will be considered a packaging bug, and will be fixed at some point.

8. Run apache2

sudo launchctl load -w /Library/LaunchDaemons/org.macports.apache2.plist

Note that the logs, by default, are in /opt/local/apache2/logs.

If you change the PHP or Apache configuration files, run 

sudo /opt/local/apache2/bin/apachectl restart

and watch the logs for errors.