Personal tools

Number of visitors
since 27 March 2006
 
Document Actions

How to use re-write module of Apache web server 2.2.3 on FC6 with new or refurbished laptops

Click here to start saving with ING DIRECT!

Digg!

I finished upgrading my web server to better hardware and latest OS and web server just yesterday. Whether you get better hardware after you buy refurbished laptops or brand new PCs, upgrading will help your computer run better. Installation of FC6 was seamless once I found out that I could not run XEN on my computer because of CPU limitations. My CPU does not have PAE on which XEN requires to operate. So finally I figured out that not installing virt-manager solves my problem by installing a non-XEN kernel (Duh!!). So once that problem was out of the way, I moved on to the next task of migrating my web server to the new box.

Migrating a Plone website from one box to another is very well documented. However, there are some things to watch out for which I will post here shortly. After a lot of research and trouble-shooting, I finally managed to get the Zope and Plone working on my box. Since Apache is much more secure, robust and modular in management, I use Apache server as a front-end to my website and use URL re-writing to have Apache forward those to Zope.

Last week I moved my website to the new box and copied the re-write configuration from the old httpd.conf file to the new one and switched off the old one. I did not test Apache functionality trusting that it would work in the new setup, if it worked in the old setup. On trying to access the URL, the browser refused to serve the page instantly throwing up a Error 503 on the screen. At first I thought, it was the new Apache server which did not understand the re-write commands from older (2.0.54) version and tried to find out what had changed. I checked forums, website and even Apache release and change notes, but could not find anything that could possibly solve my problem. I worked for around 4 hours on a wild goose chase and then gave up. As the site traffic had also returned to normal, the urgency to upgrade was also not there till yesterday when my son kept on switching off the box as it was accessible to him.

So I started my work again yesterday; this time on a fresh FC6 installation inside a VMWare and worked through the Virtual Hosting Monster and re-write tutorial from the Zope book just to make sure, I was doing everything correctly. The VHM was working correctly, but as soon as switched on Apache URL re-write I started getting the same errors. So it was not my configuration file or version issue with Apache. I again searched for the same and this time I was a bit more successful. One of the forums posts mentioned something about the permissions being correct and it lit a light in my head and I knew the problem was not with Apache but with permissions issue. I checked my error log (which I admit I should have done earlier, but since I am not really "expert" in Linux, I didn't do it. Partly because I never thought of it and mostly because I didn't know the location. Anyway.) and found the following entries in the error_log.

[Tue Nov 14 16:03:53 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:04:20 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:22:17 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:26:44 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:26:47 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:28:08 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:28:12 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:45:43 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:47:14 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed
[Tue Nov 14 16:47:17 2006] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (*) failed

I checked the permissions on all the folder and didn't find anything that would SE Linux Configurationhave caused any problems. Suddenly a thought came to my mind to check the security level issue as I had faced issues with security level (firewall) in the past. The only difference this time being, I disable Linux firewall as I have hardware firewall. So I opened up the Security Configuration screen and started reviewing the SELinux policy settings. As I have already mentioned I am not an expert in Linux, I started experimenting with the SELinux policy for HTTPD Service by enabling one setting at a time and checked if Apache URL re-writing worked or not. The second option I chose to "Allow HTTPD scripts and modules to connect to the network" did the trick and the re-writing started flowing correctly.

I made the similar change in my production web server and happily it started working and I was able to move the website to the new server and switch off the old one. Because I am not an expert in Linux and these things are not documented anywhere, I thought I would add my two cents to the documentation and make Linux a better OS and usable to non-techie guys like me. Now that SELinux is an integral part of Linux (at the Fedora and Ubuntu flavours) I am sure many more people will face this same issue. I hope this will help them to save time and effort that I had to spend to get this issue resolved. If there is a better way of doing this out there, please direct me to it so that I can update my piece and knowledge.

The URL to Trackback this entry is:
http://www.dharwadkar.com/weblog/apache_fc6_01/tbping

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Jim, Washington, DC at Feb 26, 2006 10:10 PM

Awesome find! I have been struggling with this for several days. Very nice detailed post that clearly pointed out the problem and why.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by mukul at Dec 10, 2006 02:07 PM

I am glad I could be of help to you Jim. Let me know if you need any further help.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Feb 08, 2007 04:47 PM

You ARE THE MAN. Thank you, Thank you, Thank you. I was beating my head against the wall until i found your post. Lost 3-4 hours.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Jono McKay at Apr 23, 2007 12:19 PM

Very well done! If only the internet linux Community had more more people like you. Thanks.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Aditya/Nitin at May 07, 2007 10:43 PM

Thanks a lot for help!!

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Jul 17, 2007 02:13 PM

Mukul, you may not be a linux guru but you really helped me out! Thanks!

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Andrew at Jul 31, 2007 10:53 PM

Can only add to the praise - nice post. Helped me out lots.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Aug 29, 2007 12:58 AM

Thank you! I was trying to figure out for days what the problem was. You da man!

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by DimaS at Nov 07, 2007 04:07 PM

It's greate. Exactly what I need. Thank you

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Wil at Feb 06, 2008 09:36 AM

What is the command line to set this Selinux conf without graphical interface?

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Chris Shenton at Feb 07, 2008 12:28 PM

My server's in across town and I don't have no stinkin' GUI. Besides, I'm a real man, I use a CLI. Too bad it took this FreeBSD bigot so long to figure it out:

# /usr/sbin/setsebool httpd_can_network_connect 1

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Alejandro at Mar 21, 2009 04:58 PM

Thank you!! Life saver post... i also wonder how to do this from the command line?

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Sep 29, 2009 04:25 PM

Thanks a lot for this document.

I recently upgraded from fedora 5 to fedora 11 and was not able to to ProxyPassReverse even after opening firewall ports.

Followed your document and fixed in seconds.

Thanks again.

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Jun 29, 2010 01:29 PM

Chris: remember to use -P in order to persist over reboots

/usr/sbin/setsebool -P httpd_can_network_connect 1

Re:How to use re-write module of Apache web server 2.2.3 on FC6

Posted by Anonymous User at Sep 15, 2010 04:09 PM

Thanks that worked! Wasted like 5 hours on that one!

Add comment

You can add a comment by filling out the form below. Plain text formatting.

(Required)
(Required)

Cloud VPS Hosting

Acronis True Image 2012 Special offer 125x125
iTunes, App Store, iBookstore, and Mac App Store