Configuring mod_dumpio with apache2 in Ubuntu

 mod_dumpio allows for the logging of all input received by Apache and/or all output sent by Apache to be logged (dumped) to the error.log file.

The data logging is done right after SSL decoding (for input) and right before SSL encoding (for output). As can be expected, this can produce extreme volumes of data, and should only be used when debugging problems.

To configure mod_dumpio you need to enable dump_io.

$ sudo a2enmod dump_io

Next add below mentioned 3 lines in /etc/apache2/apache2.conf

#To capture http request
DumpIOInput On

#To capture http response
DumpIOOutput On 

#To capture everything
DumpIOLogLevel debug

Now change LogLevel in your /etc/apache2/sites-enabled/000-default or /etc/apache2/sites-available/default file to debug.

LogLevel debug

After doing all above changes restart apache2.

$ service apache2 restart

To view logs you need to check /var/log/apache2/error.log

$ tail -f /var/log/apache2/error.log

To test make a dummy request as shown below and at the same time view error.log file where you can lot of lines related to this request.

$ curl http://127.0.0.1/ -d group=user -d sort=name

Since dump_io will create log of disk io, enabling it in production servers is not a good idea. It will slow down your production server.

Advertisements

Apache2 disable http

 

Due to security reason at any instance if you want to disable http on your apache2 webserver comment following lines in /etc/apache2/ports.conf file.

First open /etc/apache2/ports.conf file with any editor.

Then search for following line in ports.conf file.

NameVirtualHost *:80
Listen 80

Comment above mentioned lines:

#NameVirtualHost *:80
#Listen 80

After commenting restart apache2.

$ service apache2 restart

Now try to access your website with http, it should show message as unable to connect.

Ubuntu – Apache2 enable expires headers

 

To enable expires headers or mod_expires with apache2 in Ubuntu OS use following command

$ a2enmod expires

.

Now restart apache2 with any of following command:

$ service apache2 restart

or

$ /etc/init.d/apache2 restart

There are 2 ways to add expire headers

  • FileMatch with ExpiresDefault directives
  • ExpiresByType

To enable expires headers with FileMatch with ExpiresDefault directives add following lines in /etc/apache2/sites-available/default file:

<VirtualHost *:80>
...
...
<IfModule mod_expires.c>
          <FilesMatch "\.(png|css|js|jpe?g|gif)$">
                      ExpiresActive On
                      ExpiresDefault "access plus 1 day"
          </FilesMatch>
</IfModule>
</VirtualHost>

Above code will tell browsers to cache .png, .css, .js, .jpg, .jpeg, and gif for one day.

To enable expires headers with ExpiresByType add following lines in /etc/apache2/sites-available/default file:

<VirtualHost *:80>
...
...
          ExpiresActive on

          ExpiresByType image/jpg "access plus 60 days"
          ExpiresByType image/png "access plus 60 days"
          ExpiresByType image/gif "access plus 60 days"
          ExpiresByType image/jpeg "access plus 60 days"

          ExpiresByType text/css "access plus 1 days"

          ExpiresByType image/x-icon "access plus 1 month"

          ExpiresByType text/javascript "access plus 1 week"
          ExpiresByType application/x-javascript "access plus 1 week"
          ExpiresByType application/javascript "access plus 1 week"
</VirtualHost>

After any thing in /etc/apache2/sites-available/default file you need to restart apache2 to changes make effect.

You can use following units for in expires headers:

  • years
  • months
  • weeks
  • days
  • hours
  • minutes
  • seconds

-Sany

(13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (localhost) failed

(13)Permission denied: proxy: HTTP: attempt to connect to 127.0.0.1:8080 (localhost) failed – this error is because of httpd/apache2 has been denied permission to connect to IP address and port.

Main reason for this error is SELinux. Here SELinux not permitting httpd/apache2 to make network connections.

To resolve it, you need to change an SELinux boolean value (which will automatically persist across reboots). You may also required to restart httpd/apache2 to reset the proxy worker, although this isn’t strictly required.

Run either of following command to allow SELinux to permit httpd/apache2 to make network connections:

$ /usr/sbin/setsebool httpd_can_network_connect 1

or

$ /usr/sbin/setsebool httpd_can_network_connect true

Then restart httpd/apache2.