Apache

From Server Knowledge Base
Jump to navigationJump to search

Note: Apache on Fedora and CentOS may be called httpd

Errors

Use either of the below commands to check the apache2 configuration:

apache2 -t
apache2ctl -t
apache2ctl -configtest

#and the status
/etc/init.d/apache2 status
/etc/init.d/httpd status

Mime Types

A common issue is being only able to either download or view a PDF. This needs to either be added in the /etc/mime.types with:

application/pdf .pdf

Or the .htaccess file for that domain or /etc/apache2/mods-enabled/mime.conf with:

AddType application/pdf .pdf

New web server configuration

New files of configuration for Apache web server were not built due to errors in configuration templates. The detailed error message was e-mailed to you, so please check the e-mail, fix the errors, and click here to retry generating configuration or New web server configuration for some domains within the marked subscriptions was not built due to errors in configuration templates. The detailed error message was e-mailed to you, so please check the e-mail, fix the errors, and click here to retry generating configuration.

apache2: bad user name ${APACHE_RUN_USER} ("Apache2 bad user name $ apache run user") or

apache2: Syntax error on line X of /etc/apache2/apache2.conf: Syntax error on line X of /etc/apache2/conf.d/zz010_psa_httpd.conf: Syntax error on line X of /opt/psa/admin/conf/vhosts_bootstrap.conf: Could not open configuration file

Fixs:

If it is complaining about a user name, check if this was an FTP or Email account, or a User under Customers or Users. You can sometimes suspend the offending domain to temporarily resolve the issue.

If when clicking the domain you get this sort of error below, see this Parallels KB article.

Internal error: Unable to load object of type SysUser with id=1: SysUser: unable to select: no such row in the table
Message    Unable to load object of type SysUser with id=1: SysUser: unable to select: no such row in the table
File    common_func.php3
Type    PleskFatalException

If you have removed a domain or SSL and do:

/etc/init.d/apache2 restart

You may get an error in /etc/apache2/apache2.conf

vim /etc/apache2/apache2.conf

Check the line in the error. It may then reference:

/etc/apache2/conf.d/zz010_psa_httpd.conf

Which references:

/opt/psa/admin/conf/vhosts_bootstrap.conf

Which will want to include the following type of file:

/var/www/vhosts/domain.com/conf/XXXXXXXXXXX.XXXXXXXX_httpd.include
/opt/psa/var/certificates/cert*

/var/www/vhosts/domain.com/conf

Run:

/usr/local/psa/admin/bin/httpdmng --reconfigure-all

If this does not work, run:

/usr/local/psa/bin/domain --remove domain.com

And then you may need to remove the include entries for the missing domain in:

/opt/psa/admin/conf/vhosts_bootstrap.conf

You MAY be able to remove some of the httpd.include files from here so it might not include them in the Apache configuration, however this has not been tried.

If this does not work and you are getting the following error:

New files of configuration for Apache web server were not built due to errors in configuration templates: Syntax error on line XXX of /opt/psa/admin/conf/generated/13589366030.21908000_server.include: SSLCertificateFile: file '/opt/psa/var/certificates/certl8w1mkz' does not exist or is empty

ERR (3): Apache config (13589358830.79743100) generation failed: Syntax error on line 131 of /opt/psa/admin/conf/generated/13589358830.79743100_server.include: SSLCertificateFile: file '/opt/psa/var/certificates/certl8w1mkz' does not exist or is empty

Check this and then if that does not work do this:

ls -lah /opt/psa/var/certificates/
vim cert-xxXx00

Copy the contents of that file and input it into the one it says is missing:

vim certl8w1mkz
:wq
/etc/init.d/apache2 restart

This can also be caused due to the MySQL bug seen here as well. Do not upgrade Plesk to 10.4.4 on Ubuntu 8.04.

Alternate fixes:
http://innovationframes.com/phpbb/viewtopic.php?f=33&t=274
http://kb.parallels.com/en/111605
Rebuild Plesk Apache httpd.conf configuration file

SSL server IP/port conflict

This will normally appear in either /var/log/apache2/error.log or /var/log/syslog. It can be caused by Plesk's webmail clients horde.webmail:443 or atmail.webmail:443 conflicting with an SSL assigned to a domain.com:443

This can cause Apache to get stuck in a loop on startup and sometimes use 100% CPU usage. Either get another IP address, remove and re-add the domain/SSL, do not use webmail or configure it to use a different port.

Unable to start/restart Apache

If the following error appears after issuing /etc/init.d/apache2 start command

* Starting web server apache2      (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

It is normally what they call "hogging a port". You can use the following commands below to kill it and start it again. The issue as caused by apache hogging the HTTP port.

/etc/init.d/apache2 stop
kill -15 process
*wait 5-15 seconds*
kill -9 apache2
killall apache2
/etc/init.d/apache2 start

If it can continually be stopped and shows this when starting:

* Starting web server apache2
98)Address already in use: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down
Unable to open logs

Ensure /etc/apache2/ports.conf only has this in it:

NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
    Listen 443
</IfModule>
<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

If you get:

Service /etc/init.d/apache2 failed to start
websrvmng: /opt/psa/admin/bin/apache_control_adapter execution failed:

(20014)Internal error: Error retrieving pid file /var/run/apache2.pid
Remove it before continuing if it is corrupted.

Do this:

cd /var/run
mv apache2.pid apache2.pid.old
/etc/init.d/apache2 stop
/etc/init.d/apache2 start

Vhost Configuration Syntax

The below error indicates there may be spacing, closing and spelling issues with the vhosts configuration file or you have broken the apache configuration as in the header above.

Syntax error on line 1177 of /etc/apache2/apache2.conf:
Syntax error on line 151 of /etc/apache2/conf.d/zz010_psa_httpd.conf:
Syntax error on line 86 of /var/www/vhosts/domain.com/conf/httpd.include: 
Syntax error on line 1 of /var/www/vhosts/domain.com/conf/vhost.conf: 
/var/www/vhosts/domain.com/conf/vhost.conf:8: Less Than Greater Than was not closed.
\n/var/www/vhosts/domain.com/conf/vhost.conf:1: Less Than Greater Than was not closed.   [fail]
vim /var/www/vhosts/domain.com/conf/vhost.conf
/opt/psa/admin/sbin/websrvmng -av
/etc/init.d/apache2 start
 * Starting web server apache2

Normal Apache Virtual Host configuration

<VirtualHost X.X.X.X:80>
ServerName "domain.co.uk:80"
ServerAlias "ipv4.domain.co.uk"
ServerAlias "www.domain.co.uk"
UseCanonicalName Off

Cannot upload to website

Check the following location:

tail -f /var/www/vhosts/yourdomain.com/statistics/logs/error.log

If you see:

mod_fcgid: HTTP request length 131100 (so far) exceeds MaxRequestLen (131072)

go into:

vim /etc/apache2/mods-available/fcgid.conf
#add the below between the <IfModule> and </IfModule> tags.
FcgidMaxRequestLen 1073741824 (or cgid for CGI)

It should appear in white if correct. Restart Apache using /etc/init.d/apache2 restart.

Creating Virtual Hosts from scratch

This is using an Ubuntu 12.04, Apache 2.2.22 server as an example.

cd /var/www
mkdir sites ; cd sites ; mkdir yourdomain.co.uk
cd /etc/apache2/sites-available
vim domain.co.uk

Insert the following:

<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot "/var/www/sites/domain.co.uk"
    ServerName domain.co.uk
    ServerAlias www.domain.co.uk
    #for subdomains just put the ServerAlias the same as ServerName
    ErrorLog "/var/log/apache2/domain.co.uk-error_log"
    CustomLog "/var/log/apache2/domain.co.uk--access_log" common
</VirtualHost>
a2ensite domain.co.uk
[ -f /etc/init.d/httpd ] && service httpd restart ; [ -f /etc/init.d/apache2 ] && service apache2 restart
apache2ctl -t

To disable a site, do a2dissite domain.co.uk

Extension Modules

Before installing, use apt-get update
Search using apt-cache search <module name>
After installing, use /etc/init.d/apache2 restart

C Compiler (gcc)

apt-get install build-essential
y

Crypt:SSLEay, Net:SSL and SSLEay

These are commonly needed alongside OpenSSL and ModPerl.

Ubuntu:

apt-get install libnet-ssleay-perl libcrypt-ssleay-perl

CentOS:

yum install perl-Crypt-SSLeay.x86_64 perl-Net-SSLeay.x86_64

In case you need it for an additional module:

yum install php-pecl-apc.x86_64

libmcrypt

apt-get update
apt-cache search mcrypt
apt-get install <package name>

Examples of libraries are libmcrypt-dev, libmcrypt4, libtomcrypt-dev, libtomcrypt and libtomcrypt0

mcrypt

apt-get install php5-mcrypt

mod_headers and mod_expires

a2enmod expires
a2enmod headers
service apache2 restart

expires is needed to set expiration dates on files (for caching)

mysql-devel

Under Ubuntu 10 this has been renamed to libmysqlclient16-dev and libmysql++-dev (or 15)

pear

apt-get install php-pear

You may need php-pear.noarch on CentOS. Alternatively you may need the EPEL repository installing:

wget serverkb.co.uk/tools/epel.sh ; chmod +x epel.sh ; ./epel.sh ; yum search pear

Using Apache on Windows

As long as the IP address is not within IIS and no domains are assigned to it it should be possible. You may want this for tomcat statistics for example. It is not advised however as it is native to Linux.

httpd dead but subsys locked

Googling this message comes back with a lot of different information regarding it. It can happen if a database using MySQL comes under high load and overloads the web server. Restarting/starting Apache/httpd normally fixes this.

Manually create Virtual Hosts

Performance Tuning

As mentioned on the front page http://pingdom.com and http://slowcop.com are good places to start. For example, I improved the load speeds of this Wiki by enabling compression on the server by doing the following in SSH:

a2enmod deflate
vim /etc/apache2/mods-enabled/deflate.conf

Add in the following underneath the </IfModule>

<Location />
  # Insert filter
  SetOutputFilter DEFLATE

  # Netscape 4.x has some problems...
  BrowserMatch ^Mozilla/4 gzip-only-text/html

  # Netscape 4.06-4.08 have some more problems
  BrowserMatch ^Mozilla/4\.0[678] no-gzip

  # MSIE masquerades as Netscape, but it is fine
  # BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  # NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
  # the above regex won't work. You can use the following
  # workaround to get the desired effect:
  BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

  # Don't compress images
  SetEnvIfNoCase Request_URI \
  \.(?:gif|jpe?g|png)$ no-gzip dont-vary
</Location>

Then restart the web server: /etc/init.d/apache2 restart

If you do not use mod_perl or mod_python on your websites, disabling these may decrease memory usage.

Premature end of script headers

This can be an indication the server has run out of RAM. This could be due to the amount of traffic, specific actions on the server or a deliberate attack on the server. Check the server status logs to see if there are spikes where the load on the server increases.

Check for any suspicious network traffic destined for your server. You can install a reactive firewall that will log and block a large range of deliberate attacks against your server. It's unlikely to have any side effects but if you do notice any changes to functionality of your site the rules can be relaxed or disabled.

Install apf http://www.rfxn.com/projects/advanced-policy-firewall . If the firewall prevents anything from functioning just do /etc/init.d/apf stop

Scan your site for Malware (e.g. Maldet or NOD32).

It's possible the issue is simply the legitimate traffic to the site putting more load on the server than it can handle. If you are using Wordpress use caching plugins. We would strongly recommend totalcache or supercache as these can dramatically improve the performance of Wordpress sites. RSS Feeds are notorious for attracting traffic.

CGI scripts in arbitrary directories

UID of script is smaller than min_uid

You likely need to chown the files to the right user:group