I had some sites on shared hosting environment for which I had to do http to https redirection with .htaccess file. I did 302 redirection intentionally so that in case of error, browser doesn’t cache redirection. You can aslo make permanent 301 redirect if needed.
This is nice and simple way to do it:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
If you have web server on which there is a lot of virtual hosts, you may want to have one webroot directory for Letsencrypt SSL certificates only. So when Letsencrypt will make the requests for SSL registration or renewal, it will look in this directory. In this case I did this on CentOS 7 with NGINX web server.
First, let’s create directory what will be used for letsencrypt purposes. It must be writable by your web server user. You can define different path.
[root@machine ~]# mkdir -p /var/www/le-certs
[root@machine ~]# chown -R wwwuser:wwwgroup /var/www/le-certs
Letsencrypt will need access in “.well-known/acme-challenge”. For NGINX add something like this in your server block for desired virtual host.
location ~ /.well-known/acme-challenge/ {
root /var/www/le-certs/;
break;
}
You can also create new file named, for example le-config.conf and add block above in to it. Then you can simply include this line in your virtual hosts.
server {
listen :443 ssl http2;
server_name mywebsite.com www.mywebsite.com;
root /var/www/mywebsite/;
include le-config.conf;
...
}
I had a problem when publishing project via composer as cPanel user. When trying to execute composer via cpanel user with ssh access, composer returned nothing. This was on CloudLinux with alt-php (PHP Selector) and cPanel.
In documentation is stated that for composer to work, we need PHP library’s Phar, Iconv, Mbstring. This can be done easily with PHP Selector in your user interface. Documentation also says that we need to have enabled allow_url_fopen which is also specified as possible security issue so it shouldnt be enabled globally. And lastly, if you use suhosin, which you should, you have to whitelist Phar. You should do all of this so that is only affecting php.ini for specific user and not globally. Also, you’ll want to increase memory_limit as composer needs it. In my case, I temporary increase it to 1G. First, enable all necessary php library’s through PHP Selector in you cpanel control panel. Then follow steps bellow.
Login in users CageFS like this:
root@server [~]# cagefsctl -e
Then go to your alt-php configuration directory:
root@cpanel [~]# cd /etc/cl.php.d/alt-php<desired version>/
Inside of this directory you should see file alt_php.ini, open it and add this to end of the file:
;>=== Start of PHP Selector Custom Options === memory_limit=1G suhosin.executor.include.whitelist=phar ;<=== End of PHP Selector Custom Options =====
Save this settings and exit user CageFS. You don’t need to restart apache. Then SSH with your cpanel user and try to run composer.
Composer should now work with your cPanel user:
thisisme@server [/]# composer --version Composer version 1.6.2 2018-01-05
If you’re getting message like “Your server does not support the connection encryption type you have specified” when try to set up email in your Outlook, then chances are that your cPanel mail server has disabled some needed encryption types.
By default, cPanel disables all those protocols: SSLv2, SSLv3, TLSv1, TLSv1.1. SSL2 and SSL3 should be disabled at all costs, but you may not get away with TLS 1.1 or even TLS 1 being disabled.
To enable TLS 1 and TLS 1.1 in your Exim, login as admin in your cpanel and then: Home -> Service Configuration -> Exim Configuration Manager. Select second option so you can insert your own directives and add this:
+no_sslv2 +no_sslv3
In this case I used NGINX as reverse proxy for ssl offloading in front of Apache. On this WordPress installation I was getting 404 on all subpages. Htaccess syntax was correct as it was nginx configuration. In this case, problem was caused because of missing “AllowOverride” Apache directive which didn’t allow htaccess to be processed. I added “AllowOverride ALL” in apache configuration for this virtual host. Subpages started to work.
Example:
<VirtualHost *:8080> DocumentRoot /var/www/mysite.com/ ServerName mysite.com ServerAlias www.mysite.com <Directory "/var/www/mysite.com/"> AllowOverride All </Directory> </VirtualHost>
I installed NGINX and put it in front of Apache for SSL offloading and caching static content. Traffic is proxied from Nginx to Apache. When I tried to open site via https, it returned this painful error “Too Many Redirects”.
Try to add this in your wp-config.php – if you have everything else configured correctly, it should work:
$_SERVER['HTTPS'] = 'On';
[kofi]
I was migrating server and rsync all databases to new mariadb server. When tried to start mariadb on new server, I was getting this error:
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' init function returned error. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [Note] Plugin 'FEEDBACK' is disabled. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Unknown/unsupported storage engine: InnoDB Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Aborting
Solution is to generate new ib_logfile0 and ib_logfile1 files. Just try steps bellow.
[root@lol ~]# cd /var/lib/mysql [root@lol mysql]# mv ib_logfile0 ib_logfile0-backup [root@lol mysql]# mv ib_logfile1 ib_logfile1-backup [root@lol mysql]# systemctl start mysql [root@lol mysql]# mysql Welcome to the MariaDB monitor.
It should work.
[kofi]
If you installed Pure-FTPD on your CentOS 7 machine and trying to install SSL certificate on it, chances are that you added your pem file to “/etc/ssl/private/”. I installed valid certificate in this directory and still getting untrusted warning for localhost certificate. Later, I found out that this path is wrong and self signed certificate was being used. Right path on CentOS 7 is “/etc/pki/pure-ftpd/”.
Here is how to do it right on Centos.
It should work.
If you changed php handler for your Directadmin installation to php-fpm, rewrite all configs and then get error like this:
Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET /index.php. Reason: DNS lookup failure for: php-fpm56.domainname
It is almost certainly that apache templates that are used for generating user http configuration files are wrong. Probably you have custom templates.
Go to /usr/local/directadmin/data/templates/custom and check if there are files like files virtual_host2.conf … . If they are, just rename custom directory to something new:
[root@lol ~]# cd /usr/local/directadmin/data/templates/ [root@lol templates]# mv custom custom-bak
Directadmin will then use default templates when creating new Apache configs. Rewrite your apache config files:
[root@lol ~]# cd /usr/local/directadmin/custombuild [root@lol custombuild]# ./build rewrite_confs
It should solve the problem. Also, make sure that php-fpm for all php versions are working.
© 2024 geegkytuts.net Hosted by SIEL
Recent Comments