在SSL下强制域在不同的UID apache下运行

时间:2013-06-27 00:09:03

标签: php apache ssl cpanel whm

不使用ssl,我的apache conf有一个vhost,看起来像这样:

<VirtualHost 192.175.55.83:80>
ServerName nutra4you.com
ServerAlias www.nutra4you.com
DocumentRoot /home/media183/public_html
ServerAdmin webmaster@nutra4you.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/nutra4you.com combined
CustomLog /usr/local/apache/domlogs/nutra4you.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User nutra4yo # Needed for Cpanel::ApacheConf
UserDir enabled media183
<IfModule mod_suphp.c>
    suPHP_UserGroup media183 media183
</IfModule>
<IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
        SuexecUserGroup media183 media183
    </IfModule>
</IfModule>
<IfModule mod_ruid2.c>
    RMode config
    RUidGid media183 media183
</IfModule>
ScriptAlias /cgi-bin/ /home/media183/public_html/cgi-bin/


# To customize this VirtualHost use an include file at the following location
# Include "/usr/local/apache/conf/userdata/std/2/nutra4yo/nutra4you.com/*.conf"

我基本上希望www.nutra4you.com的所有内容都能从media183用户运行。没有ssl它完美无缺!

但是,启用SSL后,例如https://www.nutra4you.com/checkout.php?b=12

我收到内部服务器错误,并抛出:

 [Wed Jun 26 16:49:05 2013] [error] [client 98.175.107.93] File does not exist: /home/media183/public_html/500.shtml, referer: http://www.nutra4you.com/product.php?b=12
[Wed Jun 26 16:49:05 2013] [error] [client 98.175.107.93] SoftException in Application.cpp:422: Mismatch between target UID (685) and UID (672) of file "/home/media183/public_html/checkout.php", referer: http://www.nutra4you.com/product.php?b=12

这只是不允许的事情吗?

SSL Virt Host:

<IfModule mod_ssl.c>
<VirtualHost 192.175.55.83:80>
    ServerName nutra4you.com
    ServerAlias www.nutra4you.com
    DocumentRoot /home/media183/public_html
    ServerAdmin webmaster@nutra4you.com
    UseCanonicalName Off
    CustomLog /usr/local/apache/domlogs/nutra4you.com combined
    CustomLog /usr/local/apache/domlogs/nutra4you.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    ## User nutra4yo # Needed for Cpanel::ApacheConf
    UserDir enabled media183
    <IfModule mod_suphp.c>
        suPHP_UserGroup media183 media183
    </IfModule>
    <IfModule !mod_disable_suexec.c>
        <IfModule !mod_ruid2.c>
            SuexecUserGroup media183 media183
        </IfModule>
    </IfModule>
    <IfModule mod_ruid2.c>
        RMode config
        RUidGid media183 media183
    </IfModule>
    ScriptAlias /cgi-bin/ /home/media183/public_html/cgi-bin/


    # To customize this VirtualHost use an include file at the following location
    # Include "/usr/local/apache/conf/userdata/std/2/nutra4yo/nutra4you.com/*.conf"

</VirtualHost>
</IfModule>

1 个答案:

答案 0 :(得分:2)

您的vhost for ssl不正确。 SSL必须在不同于HTTP的端口上运行...通常为443.所以在这种情况下,因为你在80上它与你的初始非ssl vhost冲突,并且无论如何都没有为ssl配置。因此,当您通过HTTPS访问该站点时,您仍然可以获得default-ssl虚拟主机。

<IfModule mod_ssl.c>
# Needed to change the port below from 80 to 443
<VirtualHost 192.175.55.83:443>
    # the rest of your configuration
</VirtualHost>
</IfModule>

此外,您缺少一些特定于SSL的指令。我认为如果在vhost中没有单独定义,那么在所有配置中定义的服务器范围都会启动,但您需要仔细检查:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html

相关问题
最新问题