/ /etc/httpd/conf/httpd.conf /etc/httpd/httpd.conf /etc/apache2/default-server.conf /etc/apache2/sites-available/loncapa /etc/apache2/conf-available/loncapa This is for Apache 1.X for Red Hat 4ES, Fedora 2, 3 and 4, SusSE 9.2 and 9.3, and SLES 9 distributions. This is for Apache 2.X for Fedora 5, Red Hat 5, CentOS 5, Scientific Linux 5, Oracle Linux 5, SuSE 10.1, SLES 10, Debian 5, Ubuntu LTS 8 and later distributions /etc/httpd/conf/httpd.conf /etc/httpd/httpd.conf /etc/apache2/sites-available/loncapa /etc/apache2/conf-available/loncapa /etc/apache2/default-server.conf # Generated from doc/loncapafiles/webserver.piml use Socket; use Sys::Hostname::FQDN(); unless (-e "") { print '**** ERROR! should exist! Are you missing the Apache '. 'software package?'; exit(1); } else { # Append loncapa_apache.conf inclusion to httpd.conf # (or sites-available/loncapa or conf-available/loncapa) if not present. $flag=0; open(IN,'<'); while (<IN>) { if (/^\s*Include\s+conf\/loncapa_apache.conf/) { $flag=1; } } close(IN); unless ($flag==1) { open(OUT,'>>'); print(OUT 'Include conf/loncapa_apache.conf'."\n"); close(OUT); } # Remove loncapa.conf inclusion from httpd.conf # (or sites-available/loncapa or conf-available/loncapa) if present. $flag=0; open(IN,'<'); while (<IN>) { if (/^\s*Include\s+conf\/loncapa.conf/) { $flag=1; } } close(IN); $in=''; if ($flag==1) { open(IN,'<'); while(<IN>) { $in.=$_ unless /^\s*Include\s+conf\/loncapa.conf/; } close(IN); open(OUT,'>'); print(OUT $in."\n"); close(OUT); } # Checking for overlapping ScriptAlias and DocumentRoot definitions. $scriptalias_flag=0; $documentroot_flag=0; my $scriptalias; my $documentroot; open(IN,'<'); while (<IN>) { if (m!^\s*ScriptAlias\s+/cgi-bin/\s+(.*)$!) { $scriptalias = $1; if ($scriptalias !~ m!home/httpd/cgi-bin!) { $scriptalias_flag = 1; } } if (m!^\s*DocumentRoot\s+(.*)$!) { $documentroot = $1; if ($documentroot !~ m!home/httpd/html!) { $documentroot_flag = 1; } } } close(IN); if ($scriptalias_flag==1) { my $conffile = '/etc/httpd/conf/httpd.conf'; if ('' eq 'suse9.2' || '' eq 'suse9.3' || '' eq 'sles9') { $conffile = '/etc/httpd/httpd.conf'; } elsif ('' =~ /^(suse|sles)/) { $conffile = '/etc/apache2/default-server.conf'; } elsif ('' =~ /^(debian|ubuntu)/) { $conffile = '/etc/apache2/sites-available/loncapa'; } print('**** ERROR **** '.$conffile.' has an overlapping definition of '. 'ScriptAlias (it is incorrectly set to '.$scriptalias.').'."\n". 'This conflicts with loncapa_apache.conf.'."\n"); } if ($documentroot_flag==1) { print('**** ERROR **** '.$conffile.' has an overlapping definition of '. 'DocumentRoot (it is incorrectly set to '.$documentroot.').'."\n". 'This conflicts with loncapa_apache.conf.'."\n"); } # Checking for rewrites of http:// to https:// my $rewrite_dir = '/etc/httpd/conf/rewrites'; my $curr_rewrite = '/etc/httpd/conf/loncapa_rewrite.conf'; if ('' eq 'suse9.2' || '' eq 'suse9.3' || '' eq 'sles9') { $rewrite_dir = '/etc/httpd/rewrites/'; $curr_rewrite = '/etc/httpd/loncapa_rewrite.conf'; } elsif ('' =~ /^(suse|sles|debian|ubuntu)/) { $rewrite_dir = '/etc/apache2/rewrites'; $curr_rewrite = '/etc/apache2/loncapa_rewrite.conf'; } my $rewrite_off = $rewrite_dir.'/loncapa_rewrite_off.conf'; my $rewrite_on = $rewrite_dir.'/loncapa_rewrite_on.conf'; if (!-e $curr_rewrite) { system("cp $rewrite_off $curr_rewrite"); chmod(0644, $curr_rewrite); } else { my ($not_rewrite_on,$not_rewrite_off,$rewrite_state); if (open(PIPE, "diff --brief $rewrite_off $curr_rewrite |")) { my $diffres = <PIPE> ; close(PIPE); chomp($diffres); if ($diffres) { $not_rewrite_off = 1; } else { $rewrite_state = 'off'; } } if (open(PIPE, "diff --brief $rewrite_on $curr_rewrite |")) { my $diffres = <PIPE> ; close(PIPE); chomp($diffres); if ($diffres) { $not_rewrite_on = 1; } else { $rewrite_state = 'on'; } } if ($not_rewrite_off && $not_rewrite_on) { print('**** WARNING **** '."\n".$curr_rewrite.' does not match '. 'either:'."\n".$rewrite_on.' - the file used to enable rewriting '. 'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off. ' - the file used to disable such rewriting'."\n\n". 'This may be because '. $curr_rewrite.' has been '. 'previously customized,'."\n".'or it may be because of a change '. 'to the files in '.$rewrite_dir."\n"); if (open(my $fh,'<',$curr_rewrite)) { while(<$fh>) { if (/^\s*RewriteEngine\s+(on|off)\s*$/i) { if ($1 eq 'on') { $rewrite_state = 'on'; } else { $rewrite_state = 'off'; } last; } } } } if ($rewrite_state eq 'on') { # Checking for rewrites of https:// to http:// my ($gotrules,$rulestr,$ssldir); if ('' eq 'suse9.2' || '' eq 'suse9.3' || '' eq 'sles9') { $ssldir = '/etc/apache/vhosts.d'; } elsif ('' =~ /^(suse|sles)/) { $ssldir = '/etc/apache2/vhosts.d'; } elsif ('' =~ /^(debian|ubuntu)/) { $ssldir = '/etc/apache2/sites-available'; } else { $ssldir = '/etc/httpd/conf.d'; } my $hostname = Sys::Hostname::FQDN::fqdn(); my $hostip = Socket::inet_ntoa(scalar(gethostbyname($hostname)) || 'localhost'); my @expected = ('RewriteEngine on', 'RewriteCond %{HTTPS} =on', 'RewriteCond %{REQUEST_URI} ^/adm/wrapper/ext/(?!https:)', 'RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)', 'RewriteRule ^/adm/wrapper/ext/(?!https:) http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]', 'RewriteCond %{REMOTE_ADDR} 127.0.0.1', 'RewriteRule (.*) - [L]'); if (($hostip ne '') && ($hostip ne '127.0.0.1')) { push(@expected,('RewriteCond %{REMOTE_ADDR} '.$hostip, 'RewriteRule (.*) - [L]')); } push(@expected,('RewriteCond %{REQUEST_URI} ^/public/.*/syllabus$', 'RewriteCond %{QUERY_STRING} (^|&(|amp;))usehttp=1($|&)', 'RewriteRule ^/public/.*/syllabus$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L,NE]')); if (-d $ssldir) { my @rewrites; if (opendir(my $dir,$ssldir)) { my @sslconf_files; foreach my $file (grep(!/^\./,readdir($dir))) { next if ($file =~ /\.rpmnew$/); if (open(my $fh,'<',"$ssldir/$file")) { while (<$fh>) { if (/^\s*<VirtualHost\s+[^:]*\:443>\s*$/) { push(@sslconf_files,$file); last; } } close($fh); } } if (@sslconf_files) { foreach my $file (@sslconf_files) { if (open(my $fh,'<',"$ssldir/$file")) { my ($rewrite,$num) = (0,0); while (<$fh>) { if ($rewrite) { if (/^\s*<\/IfModule>/) { $rewrite = 0; $num ++; } else { chomp(); s/^\s+|\s+$//g; push(@{$rewrites[$num]},$_); } } elsif (/^\s*<IfModule\s+mod_rewrite.c>/) { $rewrite = 1; } } close($fh); } } } closedir($dir); } if (@rewrites) { foreach my $item (@rewrites) { if (ref($item) eq 'ARRAY') { my $found = 0; foreach my $line (@{$item}) { foreach my $match (@expected) { if ($match eq $line) { $found ++; last; } } } if ($found >= scalar(@expected)) { $gotrules = 1; last; } } } } } unless ($gotrules) { print('**** WARNING **** '."\n".$curr_rewrite.' is currently set so rewrites '. 'of http to https are enabled for most URLs.'."\n". 'Unless your Apache configuration includes Strict-Transport-Security '. '(with max-age > 0), it is recommended to also set rewrites from https to http '. 'for specific URLs in a file in '.$ssldir.' by including the following:'."\n". "<IfModule mod_rewrite.c>\n".' '. join("\n ",@expected)."\n". "</IfModule>\n"); } } } } 500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.