I have a DigitalOcean Ubuntu 16.04 droplet with pre-installed Wordpress. It has SSH login
enabled with root and password login disabled. UFW is enabled.
Not a security expert and only a novice webdev but it seems it has been compromised.
I think this occured because I disabled 'strict SQL mode' as per this tutorial:
https://serverpilot.io/community/articles/how-to-disable-strict-mode-in-mysql-5-7.html
I had a second Wordpress install to install on the server and could only do it with
strict mode disabled. I didn't re-enable it once I completed the install.
Here is an excerpt from the Apache2 error.log file:
[Mon Dec 05 10:32:51.819437 2016] [:error] [pid 15466] [client 172.68.10.110:26708] PHP Warning: mysqli_query(): MySQL server has gone away in /var/www/html/wp-includes/wp-db.php on line 1868
[Mon Dec 05 10:32:51.821173 2016] [:error] [pid 15466] [client 172.68.10.110:26708] PHP Warning: mysqli_query(): Error reading result set's header in /var/www/html/wp$
[Mon Dec 05 10:32:51.819142 2016] [:error] [pid 4570] [client 66.249.79.102:64614] PHP Warning: mysqli_query(): MySQL server has gone away in /var/www/html/wp-include$
[Mon Dec 05 10:32:51.821877 2016] [:error] [pid 4570] [client 66.249.79.102:64614] PHP Warning: mysqli_query(): Error reading result set's header in /var/www/html/wp-$
[Mon Dec 05 10:32:51.819998 2016] [:error] [pid 3981] [client 173.245.55.78:35305] PHP Warning: mysqli_query(): MySQL server has gone away in /var/www/html/wp-include$
[Mon Dec 05 10:32:51.822283 2016] [:error] [pid 3981] [client 173.245.55.78:35305] PHP Warning: mysqli_query(): Error reading result set's header in /var/www/html/wp-$
[Mon Dec 05 15:12:58.198942 2016] [core:error] [pid 17194] (36)File name too long: [client 66.249.79.104:58168] AH00036: access to /read-online-psychedelic-research-in$
[Mon Dec 05 23:02:30.550613 2016] [core:error] [pid 20194] (36)File name too long: [client 66.249.79.98:51473] AH00036: access to /read-online-peoples-temple-including$
[Tue Dec 06 04:15:03.795417 2016] [core:error] [pid 21882] (36)File name too long: [client 66.249.79.98:53902] AH00036: access to /novels-by-tad-williams-including-the$
[Tue Dec 06 07:47:20.068192 2016] [mpm_prefork:notice] [pid 1475] AH00169: caught SIGTERM, shutting down
[Tue Dec 06 07:47:21.097262 2016] [mpm_prefork:notice] [pid 23589] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Tue Dec 06 07:47:21.097393 2016] [core:notice] [pid 23589] AH00094: Command line: '/usr/sbin/apache2'
[Tue Dec 06 07:54:16.190667 2016] [mpm_prefork:notice] [pid 23589] AH00169: caught SIGTERM, shutting down
[Tue Dec 06 07:54:32.918723 2016] [mpm_prefork:notice] [pid 1525] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Tue Dec 06 07:54:32.934492 2016] [core:notice] [pid 1525] AH00094: Command line: '/usr/sbin/apache2'
[Tue Dec 06 07:55:51.504685 2016] [mpm_prefork:notice] [pid 1525] AH00169: caught SIGTERM, shutting down
[Tue Dec 06 07:55:52.592154 2016] [mpm_prefork:notice] [pid 1906] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Tue Dec 06 07:55:52.592279 2016] [core:notice] [pid 1906] AH00094: Command line: '/usr/sbin/apache2'
[Tue Dec 06 08:45:58.655029 2016] [core:error] [pid 2052] (36)File name too long: [client 66.249.79.79:42704] AH00036: access to /read-online-encyclopedia-of-christmas$
And here is an excerpt from the Apache2 access.log file:
130.193.51.38 - - [05/Dec/2016:08:21:55 +0000] "GET /file-archive-1692.xml HTTP/1.1" 404 517 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)"
66.249.79.98 - - [05/Dec/2016:08:21:55 +0000] "GET /file-archive-1575.xml HTTP/1.1" 404 516 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.htm$
172.68.11.121 - - [05/Dec/2016:08:21:56 +0000] "GET /steps-for-astaire-by-nigel-roberts.pdf HTTP/1.1" 404 537 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yand$
66.249.79.98 - - [05/Dec/2016:08:21:56 +0000] "GET /christian-prayer-liturgy-of-the-hours-black-leather.pdf HTTP/1.1" 404 550 "-" "Mozilla/5.0 (compatible; Googlebot/2$
66.249.79.122 - - [05/Dec/2016:08:21:56 +0000] "GET /colonel-roosevelt.pdf HTTP/1.1" 404 514 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.ht$
66.249.79.98 - - [05/Dec/2016:08:21:57 +0000] "GET /definitive-bob-dylan-songbook-music-sales-america.pdf HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; Googlebot/2.1$
172.68.11.131 - - [05/Dec/2016:08:21:57 +0000] "GET /doris-force-at-locked-gates-gytcjx.pdf HTTP/1.1" 404 537 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yand$
66.249.79.79 - - [05/Dec/2016:08:21:57 +0000] "GET /read-online-le-belv-d-re-du-diable-by-rosemary-carter.pdf HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; Googlebot$
66.249.79.98 - - [05/Dec/2016:08:21:58 +0000] "GET /read-online-furball-and-feathers-by-sean-sweeney.pdf HTTP/1.1" 404 547 "-" "Mozilla/5.0 (compatible; Googlebot/2.1;$
172.68.11.121 - - [05/Dec/2016:08:21:58 +0000] "GET /until-it-breaks-by-suggestivescribe.pdf HTTP/1.1" 404 538 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yan$
66.249.79.98 - - [05/Dec/2016:08:21:58 +0000] "GET /the-knights-templars-the-key-of-solomon-the-king.pdf HTTP/1.1" 404 547 "-" "Mozilla/5.0 (compatible; Googlebot/2.1;$
66.249.79.81 - - [05/Dec/2016:08:21:59 +0000] "GET /file-archive-845.xml HTTP/1.1" 404 527 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html$
66.249.79.98 - - [05/Dec/2016:08:21:59 +0000] "GET /guide-to-old-radios-pointers-pictures-and-prices.pdf HTTP/1.1" 404 547 "-" "Mozilla/5.0 (compatible; Googlebot/2.1;$
172.68.11.134 - - [05/Dec/2016:08:21:59 +0000] "GET /the-puppet-boy-of-warsaw-eva-weaver.pdf HTTP/1.1" 404 538 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yan$
66.249.79.98 - - [05/Dec/2016:08:21:59 +0000] "GET /bon-voyage-level-2-student-edition-glencoe-french.pdf HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; Googlebot/2.1$
66.249.79.102 - - [05/Dec/2016:08:22:00 +0000] "GET /read-online-the-seal-s-surprise-baby-by-amy-j-fetzer.pdf HTTP/1.1" 404 552 "-" "Mozilla/5.0 (compatible; Googlebot$
162.158.91.152 - - [05/Dec/2016:08:22:00 +0000] "GET /my-philosophy-for-successful-living.pdf HTTP/1.1" 404 538 "-" "Mozilla/5.0 (compatible; YandexBot/3.0; +http://ya$
66.249.79.106 - - [05/Dec/2016:08:22:00 +0000] "GET /read-online-time-enough-for-drums-by-ann-rinaldi.pdf HTTP/1.1" 404 548 "-" "Mozilla/5.0 (compatible; Googlebot/2.1$
I was using nano to grab these so they got partially cutoff.
As you can see my server is making all these strange GET requests, it looks like torrent traffic or something.
172.68.10.110 and 172.68.11.121 are Russian IPs.
Is this just a consequence of disabling SQL's strict mode? Any advice?
This is normal server behavior and nothing of particular concern.
The reason that you are seeing requests for some odd URLs may be that the IP address you were assigned from DigitalOcean was previously used to host another website -- its something that is very common and is nothing to worry about.
Related
Everything was working fine, but now I get error in browser while visiting my websites "error establishing database connection". Error gets solved after restarting xampp, and what I observe every time that mysql module of xampp stops running.
Few months ago this error was coming every 15 days, and I always solved this issue by restarting xampp, but now it occurs very frequently(everyday or in 2 days).
I also tried one solution "deleting the file ibdata1" that helped me for 3-4 days, and problem started again.
here is my error log:
[Mon Dec 05 14:36:21.001921 2016] [ssl:warn] [pid 7479] AH01906: www.example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 05 14:36:21.001985 2016] [ssl:warn] [pid 7479] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Mon Dec 05 14:36:21.002084 2016] [suexec:notice] [pid 7479] AH01232: suEXEC mechanism enabled (wrapper: /opt/lampp/bin/suexec)
[Mon Dec 05 14:36:21.050579 2016] [auth_digest:notice] [pid 7480] AH01757: generating secret for digest authentication ...
[Mon Dec 05 14:36:22.001567 2016] [ssl:warn] [pid 7480] AH01906: www.example.com:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Dec 05 14:36:22.001605 2016] [ssl:warn] [pid 7480] AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
[Mon Dec 05 14:36:22.001713 2016] [lbmethod_heartbeat:notice] [pid 7480] AH02282: No slotmem from mod_heartmonitor
[Mon Dec 05 14:36:22.019204 2016] [mpm_prefork:notice] [pid 7480] AH00163: Apache/2.4.10 (Unix) OpenSSL/1.0.1i PHP/5.5.15 mod_perl/2.0.8-dev Perl/v5.16.3 configured -- resuming normal operations
[Mon Dec 05 14:36:22.019244 2016] [core:notice] [pid 7480] AH00094: Command line: '/opt/lampp/bin/httpd -E /opt/lampp/logs/error_log -D SSL -D PHP'
[Tue Dec 06 05:25:35.571290 2016] [mpm_prefork:notice] [pid 7480] AH00169: caught SIGTERM, shutting down
It is big problem to me as well as visitors of my websites.
Please guys, If any one of you know how to solve this issue, do reply.
Thanks in advance !!
I got the same error on my website.
In my case it was the cron upgrade proces which gave an MySQL error. After fixing this no restarts where needed anymore.
Apache not running :
My xampp configuration for apache is changed to :
apache prot: 80 > 81
apache ssl port : 443 > 1378
apache run as administrator
before run xampp i'm stop IIS services and disable startup
MySQL is running but apache run in 1 sec and shutdown !!!
that is xampp log :
15:10:36 [Apache] Attempting to start Apache app...
15:10:36 [Apache] Status change detected: running
15:10:37 [Apache] Status change detected: stopped
15:10:37 [Apache] Error: Apache shutdown unexpectedly.
15:10:37 [Apache] This may be due to a blocked port, missing dependencies,
15:10:37 [Apache] improper privileges, a crash, or a shutdown by another method.
15:10:37 [Apache] Press the Logs button to view error logs and check
15:10:37 [Apache] the Windows Event Viewer for more clues
15:10:37 [Apache] If you need more help, copy and post this
15:10:37 [Apache] entire log window on the forums
and that's apache logs :
[Fri Mar 11 15:04:13.976216 2016] [ssl:warn] [pid 4052:tid 384] AH01909: www.example.com:1378:0 server certificate does NOT include an ID which matches the server name
[Fri Mar 11 15:04:14.085597 2016] [ssl:warn] [pid 4052:tid 384] AH01909: www.example.com:1378:0 server certificate does NOT include an ID which matches the server name
[Fri Mar 11 15:04:14.116853 2016] [mpm_winnt:notice] [pid 4052:tid 384] AH00455: Apache/2.4.18 (Win32) OpenSSL/1.0.2e PHP/7.0.4 configured -- resuming normal operations
[Fri Mar 11 15:04:14.116853 2016] [mpm_winnt:notice] [pid 4052:tid 384] AH00456: Apache Lounge VC14 Server built: Dec 9 2015 10:17:39
[Fri Mar 11 15:04:14.116853 2016] [core:notice] [pid 4052:tid 384] AH00094: Command line: 'c:\\xampp\\apache\\bin\\httpd.exe -d C:/xampp/apache'
[Fri Mar 11 15:04:14.116853 2016] [mpm_winnt:notice] [pid 4052:tid 384] AH00418: Parent: Created child process 4088
[Fri Mar 11 15:04:14.601248 2016] [ssl:warn] [pid 3280:tid 376] AH01909: www.example.com:1378:0 server certificate does NOT include an ID which matches the server name
[Fri Mar 11 15:04:14.710628 2016] [ssl:warn] [pid 3280:tid 376] AH01909: www.example.com:1378:0 server certificate does NOT include an ID which matches the server name
[Fri Mar 11 15:04:14.741882 2016] [mpm_winnt:crit] [pid 3280:tid 376] (OS 6)The handle is invalid. : AH00389: Child: Unable to access the scoreboard from the parent
[Fri Mar 11 15:04:14.741882 2016] [mpm_winnt:crit] [pid 4052:tid 384] AH00419: master_main: create child process failed. Exiting.
Please help me.
I'm trying to use dbd with mysql as authentification with Apache 2.4.
When Apache starts, i have this error :
[Tue May 12 13:07:18.789021 2015] [mpm_event:notice] [pid 10625:tid 140410697815936] AH00489: Apache/2.4.10 (Debian) configured -- resuming normal operations
[Tue May 12 13:07:18.789118 2015] [core:notice] [pid 10625:tid 140410697815936] AH00094: Command line: '/usr/sbin/apache2'
[Tue May 12 13:07:18.789469 2015] [dbd:error] [pid 10628:tid 140410697815936] (20014)Internal error: AH00629: Can't connect to mysql: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
[Tue May 12 13:07:18.789560 2015] [dbd:error] [pid 10628:tid 140410697815936] (20014)Internal error: AH00633: failed to initialise
[Tue May 12 13:07:18.790282 2015] [dbd:error] [pid 10629:tid 140410697815936] (20014)Internal error: AH00629: Can't connect to mysql: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
[Tue May 12 13:07:18.790441 2015] [dbd:error] [pid 10629:tid 140410697815936] (20014)Internal error: AH00633: failed to initialise
[Tue May 12 13:07:18.792481 2015] [dbd:crit] [pid 10628:tid 140410697815936] (20014)Internal error: AH00636: child init failed!
[Tue May 12 13:07:18.792595 2015] [dbd:crit] [pid 10629:tid 140410697815936] (20014)Internal error: AH00636: child init failed!
dbd_mysql.conf :
DBDriver mysql
DBDParams "host=192.168.1.2 port=3306 user=MY_USERNAME pass=MY_PASSWORD dbname=MY_DATABASE"
DBDMin 2
DBDKeep 4
DBDMax 10
DBDExptime 300
DBDPersist On
000-default.conf
[...]
DBDParams "dbname=DATABASENAME"
<IfModule authnz_ldap_module>
<Directory /var/www/test/>
AuthName "Authentication"
AuthType Basic
AuthBasicProvider dbd
AuthDBDUserPWQuery "SELECT SHA2(password, 256) AS password FROM users WHERE username = %s"
require valid-user
</Directory>
</IfModule>
[...]
If i change the password to put an invalid one, i received the exception
Internal error: AH00629: Can't connect to mysql: Access denied for user...
Debian : 7.8
Apache : 2.4.10
libapr1 : 1.5.1-3 (i tried to downgrade, but i cannot)
Note: The server do not have php nor php+mysql (libphpmysql) installed
Edit :
my.cnf (client part)
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
Edit (2) :
I also tried to use the "odbc" for mysql
odbc.ini :
dbd_mysql.conf
DBDriver odbc
DBDParams "datasource=MYSERVER_MYSQL_MYDATABASE"
DBDMin 1
DBDKeep 1
DBDMax 10
DBDExptime 300
/etc/odbc.ini (i edited the config to remove sensitive data)
[MYSERVER_MYSQL_MYDATABASE]
Driver=/usr/local/lib/libmyodbc5a.so
Description=MYSERVER_MYSQL_MYDATABASE
SERVER=192.168.1.2
PORT=
USER=MY_USER
Password=MY_PASSWORD
Database=MY_DATABASE
OPTION=3
SOCKET=
If i use :
# isql MYSERVER_MYSQL_MYDATABASE
+---------------------------------------+
| Connected! |
| |
| sql-statement |
| help [tablename] |
| quit |
| |
+---------------------------------------+
It working perfectly.. but on the apache error.log :
[Thu May 14 09:07:51.323638 2015] [mpm_event:notice] [pid 1605:tid 140068309481344] AH00489: Apache/2.4.10 (Debian) configured -- resuming normal operations
[Thu May 14 09:07:51.323725 2015] [core:notice] [pid 1605:tid 140068309481344] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 14 09:07:51 2015] [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Thu May 14 09:07:51.323827 2015] [dbd:error] [pid 1608:tid 140068309481344] (20014)Internal error: AH00629: Can't connect to odbc: [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Thu May 14 09:07:51.323870 2015] [dbd:error] [pid 1608:tid 140068309481344] (20014)Internal error: AH00633: failed to initialise
[Thu May 14 09:07:51 2015] [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Thu May 14 09:07:51.324332 2015] [dbd:error] [pid 1609:tid 140068309481344] (20014)Internal error: AH00629: Can't connect to odbc: [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Thu May 14 09:07:51.324430 2015] [dbd:error] [pid 1609:tid 140068309481344] (20014)Internal error: AH00633: failed to initialise
[Thu May 14 09:07:51.331767 2015] [dbd:crit] [pid 1608:tid 140068309481344] (20014)Internal error: AH00636: child init failed!
[Thu May 14 09:07:51.331823 2015] [dbd:crit] [pid 1609:tid 140068309481344] (20014)Internal error: AH00636: child init failed!
Edit (3) :
I found that i did not register the driver :
./myodbc-installer -d -a -n "MySQL ODBC 5.3 Driver" -t "DRIVER=/usr/local/lib/libmyodbc5a.so"
Then changed the "dbd_mysql.conf" with :
DBDriver odbc
DBDParams "CONNECT='DRIVER={MySQL ODBC 5.3 Driver};SERVER=192.168.1.2;DATABASE=MY_DATABASE;UID=MY_USER;PWD=MY_PASSWORD;'"
DBDMin 1
DBDKeep 1
DBDMax 10
DBDExptime 300
But still the same problem (error.log) :
[Fri May 15 09:38:31.905733 2015] [core:notice] [pid 5215:tid 140452627486592] AH00094: Command line: '/usr/sbin/apache2'
[Fri May 15 09:38:31 2015] [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Fri May 15 09:38:31.905842 2015] [dbd:error] [pid 5218:tid 140452627486592] (20014)Internal error: AH00629: Can't connect to odbc: [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Fri May 15 09:38:31.905888 2015] [dbd:error] [pid 5218:tid 140452627486592] (20014)Internal error: AH00633: failed to initialise
[Fri May 15 09:38:31 2015] [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Fri May 15 09:38:31.906424 2015] [dbd:error] [pid 5219:tid 140452627486592] (20014)Internal error: AH00629: Can't connect to odbc: [dbd_odbc] Invalid DBD Parameters - open returned SQL_ERROR (-1) at /tmp/buildd/apr-util-1.5:1146
[Fri May 15 09:38:31.906528 2015] [dbd:error] [pid 5219:tid 140452627486592] (20014)Internal error: AH00633: failed to initialise
[Fri May 15 09:38:31.915211 2015] [dbd:crit] [pid 5218:tid 140452627486592] (20014)Internal error: AH00636: child init failed!
[Fri May 15 09:38:31.915578 2015] [dbd:crit] [pid 5219:tid 140452627486592] (20014)Internal error: AH00636: child init failed!
DBDParams must be separated with comma: DBDParams param1=value1[,param2=value2]
http://httpd.apache.org/docs/2.4/mod/mod_dbd.html
in my.conf try
[client]
protocol=tcp
The reference Connecting to the MySQL Server provides an explanation of how to override the default connection methodology.
The reference Using Option Files vaguely explains what values can be placed in the my.conf file. Essentially an argument that can be passed to the mysql command on the command line (ie. --protocol) can be specified, without the dashes, in the option file.
I'm trying to debug a Server Error 500 with my application. I've read that you should use rhc tail to show a live log stream and with the current error, the log stream that appears when trying to display the page is:
==> app-root/logs/python.log <==
79.24.253.62 - - [01/Jan/2015:08:32:17 -0500] "GET /url/ HTTP/1.1" 500 27 "http://a-b.rhcloud.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36"
The error shown is:
Other pages work, this error only appears on certain "more advanced" pages (eg. static pages show correctly). The rest of the log, is:
==> app-root/logs/python.log <==
[Thu Jan 01 08:30:43 2015] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:openshift_t:s0:c6,c654
[Thu Jan 01 08:30:43 2015] [notice] Digest: generating secret for digest authentication ...
[Thu Jan 01 08:30:43 2015] [notice] Digest: done
[Thu Jan 01 08:30:43 2015] [notice] Apache/2.2.15 (Unix) mod_wsgi/3.4 Python/3.3.2 configured -- resuming normal operations
and:
==> app-root/logs/postgresql.log <==
2015-01-01 13:30:25 GMT LOG: shutting down
2015-01-01 13:30:25 GMT LOG: database system is shut down
2015-01-01 13:30:31 GMT LOG: could not bind socket for statistics collector: Permission denied
2015-01-01 13:30:31 GMT LOG: trying another address for the statistics collector
2015-01-01 13:30:31 GMT LOG: could not bind socket for statistics collector: Cannot assign requested address
2015-01-01 13:30:31 GMT LOG: disabling statistics collector for lack of working socket
2015-01-01 13:30:31 GMT WARNING: autovacuum not started because of misconfiguration
2015-01-01 13:30:31 GMT HINT: Enable the "track_counts" option.
2015-01-01 13:30:31 GMT LOG: database system was shut down at 2015-01-01 13:30:25 GMT
2015-01-01 13:30:31 GMT LOG: database system is ready to accept connections
What is the next step to debug this problem?
I added the following Django logging configuration which gave me the details of the 500 errors in a file django.log. I set LOG_DIR = os.environ.get('OPENSHIFT_LOG_DIR')
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'file': {
'level': 'WARNING',
'class': 'logging.FileHandler',
'filename': os.path.join(LOG_DIR, 'django.log'),
},
},
'loggers': {
'django.request': {
'handlers': ['file'],
'level': 'WARNING',
'propagate': True,
},
},
}
On a mountpoint (specifically: /var/data/) I have mounted a 3tb raid partition that stores all kind of data and I would like to share it through WebDAV. So I installed davfs2 on my client and set up the server site by adding:
ScriptAlias "/var/www/webdav" "/var/data"
<Directory "/var/www/webdav">
Dav On
</Directory>
Finally I added the www-data user to the media group, which is the group that has read/write access to all the /var/data stuff (file mode for all contents is 660, chown is "some_owner_which_is_part_of_media:media").
Then a a2enmod mod_dav and a restart of the apache should arise it to life. Ok, fine until here. I mounted the davfs on my client pc and it worked like a glance. At least it looked like that. The contents were listed and I was happy. Later I tried to open some file on my client, but sadly it failed with an IO error. And here the problems begin.
==> /var/log/apache2/access.log <==
jin.local - - [26/Jun/2010:14:04:45 +0200] "PROPFIND /webdav/ HTTP/1.1" 207 25152 "-" "davfs2/1.4.5 neon/0.29.0"
jin.local - - [26/Jun/2010:14:04:46 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "davfs2/1.4.5 neon/0.29.0"
==> /var/log/apache2/error.log <==
[Sat Jun 26 14:04:46 2010] [error] [client 192.168.2.50] (13)Permission denied: exec of '/var/data/test' failed
[Sat Jun 26 14:04:46 2010] [error] [client 192.168.2.50] Premature end of script headers: test
In the assumption it might be a problem with the permissions that apache2 has no right to access this stuff I swiftly chowned the files and therefore I am quite sure it must be fine like this:
# ls -la /var/data
-rw-r--r-- 1 www-data www-data 22 2010-06-27 10:07 anotherTest
-rw-r--r-- 1 www-data www-data 5 2010-06-26 19:28 test
# cat anotherTest
this is another test
# cat test
test
Lately I also added authentication, in case WebDAV could need that to allow me the GET request. The authentication works but the rest just stays the same.
At this point I don't know what I could change. Anyone got an idea what I could try?
Greetings,
D.
-- EDIT --
some more log stuff and the current configuration. i just dont get what is wrong with it. as you can see in the log i can create (PUT) and delete (DELETE) files. but get just doesnt work.
ScriptAlias /webdav/ /test/
<Location /webdav/>
DAV On
AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
AuthUserFile /var/www/passwords
AuthGroupFile /var/www/groups
<LimitExcept PROPFIND>
require group webdav
</LimitExcept>
</Location>
This is so odd?!
192.168.2.158 - - [02/Jul/2010:21:11:38 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "-"
192.168.2.158 - - [02/Jul/2010:21:11:38 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "-"
192.168.2.158 - dominik [02/Jul/2010:21:11:39 +0200] "PROPFIND /webdav/ HTTP/1.1" 207 1882 "-" "-"
192.168.2.158 - - [02/Jul/2010:21:11:39 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "-"
192.168.2.158 - - [02/Jul/2010:21:11:39 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "-"
192.168.2.158 - - [02/Jul/2010:21:11:39 +0200] "GET /webdav/test HTTP/1.1" 500 823 "-" "-"
192.168.2.158 - dominik [02/Jul/2010:21:11:42 +0200] "PROPFIND /webdav/.test.swp HTTP/1.1" 404 467 "-" "-"
192.168.2.158 - dominik [02/Jul/2010:21:11:42 +0200] "PUT /webdav/.test.swp HTTP/1.1" 201 481 "-" "-"
192.168.2.158 - dominik [02/Jul/2010:21:11:42 +0200] "DELETE /webdav/.test.swp HTTP/1.1" 204 141 "-" "-"
192.168.2.158 - dominik [02/Jul/2010:21:11:45 +0200] "PROPFIND /webdav/ HTTP/1.1" 207 497 "-" "-"
==> /var/log/apache2/private-error.log <==
[Fri Jul 02 21:11:38 2010] [error] [client 192.168.2.158] (13)Permission denied: exec of '/test/test' failed
[Fri Jul 02 21:11:38 2010] [error] [client 192.168.2.158] Premature end of script headers: test
[Fri Jul 02 21:11:38 2010] [error] [client 192.168.2.158] (13)Permission denied: exec of '/test/test' failed
[Fri Jul 02 21:11:38 2010] [error] [client 192.168.2.158] Premature end of script headers: test
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] (13)Permission denied: exec of '/test/test' failed
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] Premature end of script headers: test
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] (13)Permission denied: exec of '/test/test' failed
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] Premature end of script headers: test
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] (13)Permission denied: exec of '/test/test' failed
[Fri Jul 02 21:11:39 2010] [error] [client 192.168.2.158] Premature end of script headers: test
I could bang my head. The solution was simple:
Alias /webdav/ /var/data/
<Location /webdav/>
DAV On
AuthType Basic
AuthName "Restricted Files"
AuthBasicProvider file
AuthUserFile /etc/passwords
AuthGroupFile /etc/groups
<LimitExcept PROPFIND>
require group webdav
</LimitExcept>
</Location>
Note the "Alias" in the place of "ScriptAlias". The reason why this works can be found here.