But still, the api subdomain does not work.. It redirects to the main folder, and on apachectl -S , there is no port 443 for it...
I feel like i'm so close, just that api https needs to be enabled somehow
1 Like
Your certificate doesn't cover api.tvaluer.com. You need to generate a certificate that covers tvaluer.com, www.tvaluer.com, and api.tvaluer.com.
2 Likes
I guess i need to divide the vhosts in separate files then? Not like now with both in the same .conf?
1 Like
That would probably be best. Set aside the api for now and just get the apex and www working for http and https.
1 Like
You are very helpful, i will try this and come back at this post. Thank you.
2 Likes
It's 4AM here and I'm crashing. I'll check back in the morning. Someone else may pick this up before then though.
2 Likes
The ssl certificates work! On the other hand, both domains begin to timeout after a few minutes... when i restart apache, both work, and when i make a request to the api using fetch - both hang..... this has not happened on http, so I guess this is somehow related
1 Like
Now just hanging, I'm getting desperate...
this is apachectl -S
And this happens in apache error log:
AH00161: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting
Is it possible to be DOS/DDOS considering I've put this address on a public site like this one?
1 Like
No matter what i set the MaxRequestWorkers setting, it always goes above it...
if i do
netstat -ntu|awk '{print $5}'|cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r
I can see that there are some ips with 100+ requests, so is this a ddos attack or could be something benign?
1 Like
Most likely a redirection loop is causing this.
Begin at the beginning.
What says:
apachectl -S
[the key to the solution always starts there]
2 Likes
That was my thought exactly.
1 Like
I am getting desperate, I hope it is that redirection loop.
apachectl -S :
VirtualHost configuration:
*:443 is a NameVirtualHost
default server api.tvaluer.com (/etc/apache2/sites-enabled/api.tvaluer-ssl.conf:1)
port 443 namevhost api.tvaluer.com (/etc/apache2/sites-enabled/api.tvaluer-ssl.conf:1)
port 443 namevhost tvaluer.com (/etc/apache2/sites-enabled/tvaluer-ssl.conf:1)
alias www.tvaluer.com
*:80 is a NameVirtualHost
default server api.tvaluer.com (/etc/apache2/sites-enabled/api.tvaluer.conf:1)
port 80 namevhost api.tvaluer.com (/etc/apache2/sites-enabled/api.tvaluer.conf:1)
port 80 namevhost tvaluer.com (/etc/apache2/sites-enabled/tvaluer.conf:1)
alias www.tvaluer.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
1 Like
As soon I restart it, when i run netstat, a bunch of ip addresses from Iran are there from what I see if i type in
netstat -ntu|awk '{print $5}'| | cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r
1 Like
Please show those two file, if the connections are all to port 443
If to port 80, then show the other two files.
1 Like
I am not sure on which port do the connections happen, if i disable 80 / enable 443 and vice versa it's the same
1 Like
Even if I set iptables drop on hitcount 100, the same.... I have no idea what to do
1 Like
This is happening on server restart, in intervals of 1 second
1 Like
Please show:
netstat -pant |grep -Ei '80|443'|grep -i estab
1 Like
I can't see any reason in your config for all those connections from the same IP.
The web server logs may show more relevant details.
You may need to add some protection to your system.
An IPS or even fail2ban may help.
1 Like