最受欢迎

强制域在不同的UID下运行apache在SSL下中断

Forcing domain to run under different UID apache breaks under SSL

本文关键字:中断 运行 apache UID SSL | 更新日期: 2023-09-27

在不使用ssl的情况下,我的apache conf有一个vhost:

<VirtualHost 192.175.55.83:80>
ServerName nutra4you.com
ServerAlias www.nutra4you.com
DocumentRoot /home/media183/public_html
ServerAdmin webmaster@nutra4you.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/nutra4you.com combined
CustomLog /usr/local/apache/domlogs/nutra4you.com-bytes_log "%{%s}t %I .'n%{%s}t %O ."
## User nutra4yo # Needed for Cpanel::ApacheConf
UserDir enabled media183
<IfModule mod_suphp.c>
    suPHP_UserGroup media183 media183
</IfModule>
<IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
        SuexecUserGroup media183 media183
    </IfModule>
</IfModule>
<IfModule mod_ruid2.c>
    RMode config
    RUidGid media183 media183
</IfModule>
ScriptAlias /cgi-bin/ /home/media183/public_html/cgi-bin/

# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/nutra4yo/nutra4you.com/*.conf"

我基本上希望www.nutra4you.com的所有内容都从media183用户运行。没有ssl,它可以完美工作!

但是,一旦SSL打开,例如:https://www.nutra4you.com/checkout.php?b=12

我得到内部服务器错误,并抛出:

 [Wed Jun 26 16:49:05 2013] [error] [client 98.175.107.93] File does not exist: /home/media183/public_html/500.shtml, referer: http://www.nutra4you.com/product.php?b=12
[Wed Jun 26 16:49:05 2013] [error] [client 98.175.107.93] SoftException in Application.cpp:422: Mismatch between target UID (685) and UID (672) of file "/home/media183/public_html/checkout.php", referer: http://www.nutra4you.com/product.php?b=12

这只是不允许的事情吗?

SSL虚拟主机:

<IfModule mod_ssl.c>
<VirtualHost 192.175.55.83:80>
    ServerName nutra4you.com
    ServerAlias www.nutra4you.com
    DocumentRoot /home/media183/public_html
    ServerAdmin webmaster@nutra4you.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/nutra4you.com combined
    CustomLog /usr/local/apache/domlogs/nutra4you.com-bytes_log "%{%s}t %I .'n%{%s}t %O ."
    ## User nutra4yo # Needed for Cpanel::ApacheConf
    UserDir enabled media183
    <IfModule mod_suphp.c>
        suPHP_UserGroup media183 media183
    </IfModule>
    <IfModule !mod_disable_suexec.c>
        <IfModule !mod_ruid2.c>
            SuexecUserGroup media183 media183
        </IfModule>
    </IfModule>
    <IfModule mod_ruid2.c>
        RMode config
        RUidGid media183 media183
    </IfModule>
    ScriptAlias /cgi-bin/ /home/media183/public_html/cgi-bin/

    # To customize this VirtualHost use an include file at the following location
    # Include "/usr/local/apache/conf/userdata/std/2/nutra4yo/nutra4you.com/*.conf"
</VirtualHost>
</IfModule>

ssl的vhost不正确。SSL必须在不同于HTTP的端口上运行。。。通常为443。因此,在这种情况下,由于您在80上有它,它与您的inital非ssl vhost冲突,并且无论如何都没有为ssl配置。因此,当您通过HTTPS访问网站时,您仍然可以获得default-ssl虚拟主机。

<IfModule mod_ssl.c>
# Needed to change the port below from 80 to 443
<VirtualHost 192.175.55.83:443>
    # the rest of your configuration
</VirtualHost>
</IfModule>

此外,您还缺少一些特定于SSL的指令。我认为,如果在vhost中没有单独定义,那么在over-all配置中定义的服务器范围的那些就会生效,但您需要仔细检查:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习