Apache Config Steps – Run multiple domains on same ip

Suppose you want to point abc.mydomain.com and mydomain.com to same machine/ip, but to different applications. There are multiple ways to achieve this (basically with same config settings but in different files). I am giving one way here that worked for me:

* Go to /etc/apache2/sites-available
* open a file abc.mydomain.com.conf
* copy this to abc.mydomain.com.conf, make changes to folder path domain name etc. and Save the file


<VirtualHost *:80>

DocumentRoot /var/www/abcappfolder/
ServerAdmin admin@mydomain.com
ServerName abc.mydomain.com
ServerAlias www.abc.mydomain.com

Options FollowSymLinks
AllowOverride None

#we want specific log file for this server
CustomLog /var/log/apache2/abc.com-access.log combined
ErrorLog /var/log/apache2/abc.com-error.log

</VirtualHost>

* Now create another file mydomain.com.conf
* copy this to mydomain.com.conf, make changes to folder path domain name etc. and Save the file. Note that here I am assuming mydomain.com will actually redirect to an app server (like tomcat or jboss) running on port 8080, that’s why you see ProxyPass statements:


<VirtualHost *:80>

DocumentRoot /var/www/mysecondapp/
ServerAdmin admin@mydomain.com
ServerName mydomain.com
ServerAlias www.mydomain.com

Options FollowSymLinks
AllowOverride None

ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ProxyPreserveHost on

#if using awstats
ScriptAlias /awstats/ /usr/lib/cgi-bin/
#we want specific log file for this server
CustomLog /var/log/apache2/mydomain.com-access.log combined
ErrorLog /var/log/apache2/mydomain.com-error.log

# if your machine's name is also mydomain.com
# then you need to use config settings below
# otherwise site will NOT be accessible with mydomain.com
# (although it will be accessble as www.mydomain.com)
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mydomain.com [NC]
RewriteRule ^(.*)$ http://www.mydomain.com/$1 [L,R=301]

</VirtualHost>


* on command line run these commands to enable these 2 configs:

a2ensite abc.mydomain.com.conf
a2ensite mydomain.com.conf

This creates symlinks to the 2 config files in /etc/apache2/sites-enabled folder
You can create the same symlinks manually also like this:

cd /etc/apache2/sites-enabled
ln -s /etc/apache2/sites-available/abc.mydomain.com.conf abc.mydomain.com.conf
ln -s /etc/apache2/sites-available/mydomain.com.conf mydomain.com.conf

* Following step is required only if your machine’s name is also mydomain.com (that means you sftp or ssh to your machine using mydomain.com). In this case I was not able to access my site using mydomain.com in browser. Hence I did this which worked, there may be a different way to solve this problem though:

remove symlink to ln -s /etc/apache2/sites-available/default file from /etc/apache2/sites-enabled folder. You can use rm command or you can run this command

a2dissite default

You do not need to do this for sub-domains (like abc.mydomain.com)

* Restart apache (/etc/conf.d/apache restart)
* Your sites should be accessible now

Note : If it does not work make sure you do not have ProxyPass statements inside httpd.conf or a conf file in /etc/apache2/conf.d to redirect URL

Generating ssh keys – steps

These are the steps:

Suppose you want to connect from machine X to machine Y as userme.

* login to X as userme
* At /home/userme run this command:

ssh-keygen -t rsa

This will generate 2 files in /home/userme/.ssh folder

id_rsa
id_rsa.pub

* open id_rsa.pub file and copy its contents – this is the public key

* Now login to machine Y as userme, open file /opt/userme/.ssh/authorized_keys – If path/file does not exist create it

* Append contents copied from id_rsa.pub on machine X to the end of authorized_keys file

* Save file and exit

Now you can ssh to machine Y from X without entering credentials.

SSH Port Forwarding

SSH Port Forwarding

[All machines on Linux distribution]

I used to connect to oracle database running on machine M5, which was behind multiple firewalls. From my local machine M5 was not directly accessible. So I will SSH from my machine M1 to another machine M2, from M2 to M3, from M3 to M4 and finally from M4 to M5. Then on M5 command prompt, I was able to use sqlplus.

But that was not convenient. I wanted to connect to M5 database directly from sqldeveloper running on my local machine.

Here’s how I managed to do it (SSH port forwarding):

1. SSH to M4 as usual (M1 to M2, M2 to M3 and M3 to M4)

2. On M4, run this command:

ssh -v -N -L 1540:localhost:1521 userid@M5

This means, any request to port 1540 on M4 should be forwarded to port 1521 (default Oracle port) on machine M5.

-v flag will display all messages so you can see if there’s any problem. -N makes sure command is forwarded to M5 instead of executing on local system.

This command will not return control back to prompt (it did not in my case), so don’t worry, leave that window apart. In my case, following are the messages I was able to see to make sure port forwarding was working:

debug1: Authentication succeeded (password).

debug1: Connections to local port 1540 forwarded to remote address localhost:1521

debug1: Local forwarding listening on 127.0.0.1 port 1540.

debug1: channel 0: new [port listener]

debug1: Local forwarding listening on ::1 port 1540.

debug1: channel 1: new [port listener]

debug1: Entering interactive session.

3. Similarly, open another window and connect to M3 now (M1 to M2, M2 to M3) and run this command:

ssh -v -N -L 1539:localhost:1540 userid@M4

That means forward requests to port 1539 on M3 to port 1540 on M4. Notice that M4 is already set to forward requests on port 1540 to 1521 (step 2 above).

4. Now do a similar thing on machine M2

ssh -v -N -L 1538:localhost:1539 userid@M3

5. Finally open localhost and run this command:

ssh -v -N -L 1537:localhost:1538 userid@M2

The tunnel is built now.

In sqldeveloper, you can connect to Oracle database running on M5 by using ‘localhost’ as Hostname, 1537 as port and with your SID.

This example shows how to connect to oracle, but in fact you can connect to any remote port accessible to you. But make sure numbers you decide to use as intermediate ports (in my case 1537, 1538, 1539 and 1540) are not in use already on machine where you use them.

Apache enable module

On apache webserver (tested on apache 2.2 on Ubuntu) here’s how to enable a module. Run this command on shell:

a2enmod

It will show you names of all the modules which are under folder /etc/apache2/mods-available and will ask for name of module to be enabled. Once you give the name and press enter key, module will be enabled.

What it does:

Enable creates a symlink in /etc/apache2/mods-enabled folder that points to the module library in /usr/lib/apache2/modules/ folder. This symlink also contains a directive for apache to load module. For e.g. if you enable expires module, it creates a symlink as below:

expires.load -> ../mods-available/expires.load

and puts following statement into it

LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so

Note: One shortcut to enable module if you know the name already is to give the module name immediately like below:

a2enmod expires

a2dismod

This is the reverse of a2enmod. It disables given apache module.

Linux “grep and copy”

Suppose I have a folder hierarchy as below:

f1 > f2

f2 > f3

f2 > f4

f4 > f5

I want to find all files in f1 or any of its descendant folder that contain text “I am a match” and copy them into f1′s parent folder (whatever that is).

To accomplish above, run any of following commands from within f1 folder:

i) cp `grep -rl “i am a match” *` ..

ii) grep -rl “i am a match” * | xargs -i cp {} ..