apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName

By default Ubuntu doesn’t specify a ServerName in the Apache configuration, because it doesn’t know what the name of your server is. It tries a reverse lookup on your IP address, which returns nothing, so it just has to use the IP address as the ServerName. To fix it, either add a ServerName directive outside … Read more

How to handle relative urls correctly with a reverse proxy

The Apache ProxyPassRewrite does not rewrite the response bodies received from http://test.example.com, only headers (like redirects to a 404 page and such). A number of alternatives: One) Rewrite the internal app to use relative paths instead of absolute. i.e. ../css/style.css instead of /css/style.css Two) Redeploy the internal app in a the same subdirectory /folder rather … Read more

Using variables in Apache config files to reduce duplication?

You could use mod_macro, which has been included in Apache httpd since version 2.4 Before that it had to be installed separately, see mod_macro. For example on Debian: apt-get install libapache2-mod-macro; a2enmod macro. Example configuration /etc/apache2/conf.d/vhost.macro <Macro VHost $host $port> <VirtualHost $host:$port> ServerName $host DocumentRoot /var/vhosts/$host <Directory /var/vhosts/$host> # do something here… </Directory> </VirtualHost> </Macro> … Read more

Apache2 config variable is not defined

[Fri Nov 29 17:35:43.942472 2013] [core:warn] [pid 14655] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined This message is displayed because you directly executed the apache2 binary. In Ubuntu/Debian the apache config relies on the envvar file which is only activated. If you start apache with the init script or apachectl. Your original problem is that … Read more

Dealing with HTTP w00tw00t attacks

From your error log they are sending a HTTP/1.1 request without the Host: portion of the request. From what I read, Apache replies with a 400 (bad request) error to this request, before handing over to mod_security. So, it doesn’t look like your rules will be processed. (Apache dealing with it before requiring to hand … Read more