How To Watch https Calls to Apache 2.4 using Perl and mod_status

Author: , September 5th, 2017

Step 1: Enable Apache status and lock it down: Make sure mod_status is being loaded: grep -Rn mod_status /etc/httpd/* 1 /etc/httpd/conf.modules.d/00-base.conf:58:LoadModule status_module modules/mod_status.so /etc/httpd/conf.modules.d/00-base.conf:58:LoadModule status_module modules/mod_status.so Add support for the call just under the first DocumentRoot statement: vim /etc/httpd/conf/httpd.conf 1 2 3 4 5 6 <Location /server-status>     SetHandler server-status     Require ip […]

How To Configure Apache 2.4 to Renew LetsEncrypt running WordPress and https

Author: , August 21st, 2017

This post does not cover configuring letsencrypt or ssl/https. First, make sure your LetsEncrypt configuration points to the actual WordPress document root directory cat /etc/letsencrypt/renewal/www.yourdomain.com.conf 1 2 3 4 … [[webroot_map]] yourdomain.com = /volumes/data/www/yourdomain.com/prod/wordpress www.yourdomain.com = /volumes/data/www/yourdomain.com/prod/wordpress … [[webroot_map]] yourdomain.com = /volumes/data/www/yourdomain.com/prod/wordpress www.yourdomain.com = /volumes/data/www/yourdomain.com/prod/wordpress Second, use the new macro language feature in Apache 2.4 […]

How To Change the umask for Apache on AWS Linux

Author: , September 22nd, 2016

echo “umask 002″ >> /etc/sysconfig/httpd service httpd restart

How To Protect a WordPress Site Using Basic Auth in Apache 2.4

Author: , August 25th, 2016

Apache 2.4 changed the security configuration directives a bit. Here is an example using basic auth: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 <Directory "/path/to/your/wordpress">    AllowOverride All    Options +FollowSymLinks +ExecCGI -Indexes    Order allow,deny    Allow from all      <RequireAll>       AuthType Basic […]

How To Fix Apache VirtualHost Overlap on Port 443 on AWS Linux

Author: , July 4th, 2016

If you get this error when starting Apache or via `apachectl configtest`: [warn] _default_ VirtualHost overlap on port 443, the first has precedence then you must add: NameVirtualHost *:443 to /etc/httpd/conf/httpd.conf, then restart Apache

How To Use wget with Basic Auth

Author: , June 9th, 2016

If you need to use wget to obtain the contents of a web page, but that page has either Basic or Digest Authentication enabled, use the following syntax to gain access: wget –http-user=yourUserNameHere –http-password=yourSecretPasswordHere http://example.org/desired/path/ ~or~ wget http://yourUserNameHere:yourSecretPasswordHere@yourSite.com/desired/path/

How To Enable Compression On Apache Webservers

Author: , April 26th, 2016

Add the following to either .htaccess or httpd.conf: 1 2 3 4 5 6 7 8 9 AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE […]

How To Force SVG To Use the Correct Content-Type

Author: , April 22nd, 2016

If when trying to use SVG as an image <img src=”image.svg”> or as a CSS background-image, the browser doesn’t display it, your web host is probably serving the SVG with the wrong content-type. Add this to your web server config or .htaccess file: AddType image/svg+xml .svg .svgz

How To Restart Apache Using cron If the Load Gets Too High

Author: , February 3rd, 2016

There are times when the hackers slam my servers and the load gets too high. I use a very simple bash script as a cron job to monitor the load and take action when it gets too high. The script will stop httpd, sleep for a configurable period of time (currently 3 minutes), then start […]

How To Allow Cross-Site Javascript Using Apache

Author: , September 24th, 2015

The key is to send a response header like this: Access-Control-Allow-Origin: * In the Apache web server, one enables this via the following directive: Header set Access-Control-Allow-Origin * This requires the use of mod_headers, which is enabled by default in Apache. For example: 1 2 3 4 5 6 7 8 9 LoadModule headers_module modules/mod_headers.so […]