禁止Apache虚拟主机文档根和代理文件访问

时间:2017-06-14 08:37:02

标签: apache jira centos7 mod-proxy

我正在设置我的个人域名,我有这个配置:

ServerAdmin contact@brentc.in

Listen 80
<VirtualHost *:80>
    DocumentRoot "/www/brentc.in"
    ServerName brentc.in
    ServerAlias www.brentc.in
</VirtualHost>

Listen 443 https

SSLPassPhraseDialog builtin

SSLSessionCache         shmcb:/opt/rh/httpd24/root/var/run/httpd/sslcache(512000)
SSLSessionCacheTimeout  300

SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin

SSLCryptoDevice builtin

<VirtualHost *:443>
    ServerName brentc.in
    ServerAlias www.brentc.in
    DocumentRoot /www/brentc.in/
    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/brentc.in/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/brentc.in/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/brentc.in/fullchain.pem   
</VirtualHost>

<VirtualHost *:443>
    ServerName atlassian.brentc.in
    ServerAlias www.atlassian.brentc.in
    DocumentRoot /www/atlassian.brentc.in/

    Options Indexes FollowSymLinks Includes ExecCGI

    SSLProtocol all -SSLv2

    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    </Files>

    ProxyRequests Off
    ProxyPreserveHost On

    ProxyPass       /jira/secure/admin/IntegrityChecker.jspa    http://localhost:8081/jira/secure/admin/IntegrityChecker.jspa timeout=3600
    ProxyPassReverse    /jira/secure/admin/IntegrityChecker.jspa        http://localhost:8081/jira/secure/admin/IntegrityChecker.jspa

    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/brentc.in/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/brentc.in/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/brentc.in/fullchain.pem

    BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    <Location /jira>
        Header set Access-Control-Allow-Origin "*"
        Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept"
        ProxyPass               http://localhost:8081/jira retry=0
        ProxyPassReverse        http://localhost:8081/jira
        SetOutputFilter DEFLATE
    </Location>
</VirtualHost>

对于第一个域(brentc.in),我可以正常访问index.html。 对于第二个域(atlassian.brentc.in),它显示了apache示例(测试123)页面,当我明确转到index.html时,它表示我不允许访问该文件。

我的文件权限与工作index.html完全相同。我在这里错过了什么吗?

atlassian.brentc.in也是幕后tomcat服务器的代理。我的目的是,当你转到atlassian.brentc.in时,它会显示一个目标网页。然后从那里你可以去atlassian.brentc.in/jira

error_log包含:

[Wed Jun 14 10:43:47.714099 2017] [authz_core:error] [pid 4399] [client <ip>:58299] AH01630: client denied by server configuration: /www/atlassian.brentc.in/index.html
[Wed Jun 14 10:43:47.952670 2017] [authz_core:error] [pid 4399] [client <ip>:58299] AH01630: client denied by server configuration: /www/atlassian.brentc.in/favicon.ico, referer: https://atlassian.brentc.in/index.html

1 个答案:

答案 0 :(得分:1)

我认为你需要添加这样的东西

library(lubridate).
相关问题
最新问题