Apache Limit access to a url

I want to limit access to admin login url of a web application to specified IP address.

The web site had admin login in following URL

https://domain.com/login

To limit IP address, i edited Apache VirtualHost configuration for this web site, added

Restart apache

Or

Now only IP listed on the Allow from directive are allowed to access the /login URL.

NOTE: this won’t work in .htaccess file. You need to add it in Apache VirtualHost.

Apache mod_proxy

Cpanel ReverseProxy Traffic to Docker Container

On a cpanel server, i need to run a web application using docker container.

Application running side docker container listening on port 8000 on localhost.

For a web site to serve traffic from this docker container, we can use Apache mod_proxy, this is enabled by default on cpanel servers.

https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html

You can verify it at

Apache mod_proxy

For the site, you need to create reverse proxy, create a folder.

NOTE: Replace CPANEL_USER and DOMAIN with your actual cpanel user name and domain name. You can find/verify this path by looking virtual host entry for your domain name in /etc/apache2/conf/httpd.conf file. By default this “Include” line will be commented. Once you put a file and rebuildhttpdconf, this line get uncommented.

Now create a file

Add following.

Now rebuild Apache config.

Now if you check Apache config file (/etc/apache2/conf/httpd.conf), you will see included in Apache virtual host entry.

Restart Apache

Now if you visit the site, you will see the web application running on http://localhost:8000/

See Reverse proxy, Cpanel Server, Apache

Apache AH00144: couldn’t grab the accept mutex

On Ubuntu 18.04 server, apache crashed. On checking apache error log, found following

To fix the error, edit file

Find

Replace with

Restart Apache

See Apache

Limit Access Using htaccess

To limit access to a folder using .htaccess, create .htacess file with following content.

YOUR_IP_HERE = Replace it with your actual IP.

You can white list IP range by entering CIDR notation for the IP range.

Here is .htacess i use on one of my web sites admin folder.

If your server is behind a reverse proxy server, you may need to use

newrelic-apdex

Moving from Apache PHP 5 to Nginx PHP 7

Today i moved a high traffic WordPress web using from Apache + PHP 5 to Nginx + PHP 7.2.

Here is a graph provided by LiquidWeb (server provider).

With Apache, load was like 8.

[email protected]:/etc/php# uptime
12:35:01 up 14:33, 1 user, load average: 8.03, 6.66, 5.84
[email protected]:/etc/php#

After switching to Nginx + PHP-FPM, load come down to 2.

[email protected]:~# uptime
17:26:20 up 19:24, 1 user, load average: 1.13, 1.07, 1.21
[email protected]:~#

Here is sar result.

With Apache idle CPU was approx 72. With Nginx we have 90%+ idle CPU most of the time.

Here is NewRelic Web transactions graph. The break in data is due to PHP 7.2 have no newrelic module installed. So i just switched back to Apache for a while, reinstalled NewRelic for PHP 7.2, then turned Nginx back on.

NewRelic Apdex Score went from poor to fair.

Run .htm files as PHP in Apache

On Ubuntu, to execute .htm files as PHP, create file

Add following content

This is similar code from your PHP configuration. In this case, it is from /etc/apache2/mods-available/php5.6.conf

Now restart apache

Apache | PHP

Apache SSL

Here is a non SSL apache virtual host.

To convert it to SSL VirtualHost, first change port to 443

Find

Replace with

Add above Directory entry

The resulting VirtualHost will look like

Enable mod_ssl

If you get following error

Invalid command ‘SSLEngine’, perhaps misspelled or defined by a module not included in the server configuration

You need to enable mod_ssl, to do this, run

On Debian/Apache, run

Restart Apache

Force SSL

You can add following code to apache virtualhost for the web site

ssl

apache

Apache Invalid command Header

On a new Debian server with Apache, web site give 500 internal server error.

On checking error log, i found

[Thu Jan 04 06:44:42.483932 2018] [core:alert] [pid 27583] [client 112.133.248.19:63020] /home/user/public_html/.htaccess: Invalid command ‘Header’, perhaps misspelled or defined by a module not included in the server configuration

The error is due to Apache headers module not installed on the server.

To fix, run

Restart Apache

Apache

htaccess

Redirect domain to SSL (HTTPS)

Or

Redirect a Page to another

You can also use