Hallo marce,
hier die gewünschten Dateien:
Suse 10.1 HTTPD.conf:
Code:
### Global Environment ######################################################
Include /etc/apache2/uid.conf
Include /etc/apache2/server-tuning.conf
ErrorLog /var/log/apache2/error_log
Include /etc/apache2/sysconfig.d/loadmodule.conf
Include /etc/apache2/listen.conf
Include /etc/apache2/mod_log_config.conf
Include /etc/apache2/sysconfig.d/global.conf
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
Include /etc/apache2/mod_usertrack.conf
Include /etc/apache2/mod_autoindex-defaults.conf
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf
Include /etc/apache2/errors.conf
Include /etc/apache2/ssl-global.conf
# forbid access to the entire filesystem by default
<Directory />
Options None
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var
### 'Main' server configuration #############################################
Include /etc/apache2/default-server.conf
Include /etc/apache2/sysconfig.d/include.conf
# Security Module
#
LoadModule security_module /usr/lib64/apache2-prefork/mod_security.so
Include /etc/apache2/modsecurity.conf
### Virtual server configuration ############################################
Include /etc/apache2/vhosts.d/*.conf
Die Suse 9.0 httpd.conf
Code:
### Global Environment ######################################################
Include /etc/apache2/uid.conf
Include /etc/apache2/server-tuning.conf
ErrorLog /var/log/apache2/error_log
Include /etc/apache2/sysconfig.d/loadmodule.conf
Include /etc/apache2/listen.conf
Include /etc/apache2/mod_log_config.conf
Include /etc/apache2/sysconfig.d/global.conf
Include /etc/apache2/mod_status.conf
Include /etc/apache2/mod_info.conf
Include /etc/apache2/mod_autoindex-defaults.conf
TypesConfig /etc/apache2/mime.types
DefaultType text/plain
Include /etc/apache2/mod_mime-defaults.conf
Include /etc/apache2/errors.conf
Include /etc/apache2/ssl-global.conf
# forbid access to the entire filesystem by default
#<Directory />
#Options None
#AllowOverride None
#Order deny,allow
#Deny from all
#</Directory>
<Directory />
Options -Indexes +FollowSymLinks +Includes
AllowOverride All
</Directory>
# use .htaccess files for overriding,
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
# List of resources to look for when the client requests a directory
DirectoryIndex index.html index.html.var
### 'Main' server configuration #############################################
Include /etc/apache2/default-server.conf
<IfModule mod_suphp.c>
suPHP_Engine on
php_admin_flag engine off
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3
AddType application/x-httpd-php .php4
AddHandler x-httpd-php .php
DirectoryIndex index.php
DirectoryIndex index.php3
DirectoryIndex index.php4
</IfModule>
Include /etc/apache2/sysconfig.d/include.conf
# Security Module (this is mod_security)
#
LoadModule security_module /usr/lib/apache2-prefork/mod_security.so
Include /etc/apache2/modsecurity.conf
#
### Virtual server configuration ############################################
Include /etc/apache2/vhosts.d/*.conf
<VirtualHost _default_:443>
DocumentRoot /usr/local/visas/public_html/
ServerName x.y.net
ServerAlias www.x.y.net
php_admin_value open_basedir /usr/local/visas/public_html/ssl/
php_admin_value engine off
IndexOptions
DirectoryIndex index.htm index.html index.shtml start.htm start.html start.shtml index.php index.php3
SSLEngine on
SSLCertificateFile /etc/apache2/ssl.crt/server.crt
SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
Redirectpermanent /adminlevel https://x.y.net:22222/adminlevel
Redirectpermanent /domainadminlevel https://x.y.net:22222/domainadminlevel
Redirectpermanent /serveradminlevel https://x.y.net:22222/serveradminlevel
Redirectpermanent /mail https://x.y.net:22222/webmail
Redirectpermanent /webmail https://x.y.net:22222/webmail
Redirectpermanent /support https://x.y.net:22222/support
Redirectpermanent /mysql https://x.y.net:22222/mysql
</VirtualHost>
Der VHOST Eintrag ist der vom VISAS System.
Die anderen vhosts gehen alle...
Wenn ich hier auf https://www.servername.de gehe, dann seh ich die Visas Startseite, klicke ich dann auf einen der Links, die mich auf eine andere Seite verweisen (Port 22222), dann sehe ich immer nur "Seite nicht gefunden"...
Und hier die modsecurity.conf, welche bei beiden Systemen gleich ist:
Code:
SecFilterEngine On
SecFilterDefaultAction "deny,log,status:403"
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckUnicodeEncoding Off
SecFilterForceByteRange 1 255
SecServerSignature " "
SecUploadDir /tmp
SecUploadKeepFiles Off
SecAuditEngine RelevantOnly
SecAuditLog /var/log/apache2/security/audit_log
SecFilterDebugLevel 0
SecFilterDebugLog /var/log/apache2/security/modsec_debug_log
SecFilterSelective REQUEST_METHOD "!^(GET|HEAD)$" chain
SecFilterSelective HTTP_Content-Type "!(^application/x-www-form-urlencoded$|^multipart/form-data;)"
SecFilterSelective REQUEST_METHOD "^(GET|HEAD)$" chain
SecFilterSelective HTTP_Content-Length "!^$"
SecFilterSelective REQUEST_METHOD "^POST$" chain
SecFilterSelective HTTP_Content-Length "^$"
SecFilterSelective HTTP_Transfer-Encoding "!^$"
SecFilter /bin/sh
SecFilterSelective "QUERY_STRING" "bin/(ba|a|z|c|k)?sh"
SecFilterSelective "QUERY_STRING" "bin/(kill|ls|passwd|perl|chmod|wget|lynx|links|net(stat|cat)|who|whoami|id|cd|ld)"
SecFilterSelective ARGS "wget\x20"
SecFilterSelective ARGS "<[[:space:]]*script"
SecFilterSelective ARG_highlight "%27"
Ich bin am Verzweifeln... Normaler Betrieb des Webservers geht, nur Administration des Servers nimmer ...
Geändert hab ich an den Config nix, ausser dass ich bei den httpd.confs eben die 2 Zeilen für die Modsecurity eingebaut habe ...
Lesezeichen