Recent upgrade to 4.3.3 - now having issues with Apache

[ampapa]

After a recent upgrade to 4.3.3 and a reinstall of the SSL keys I'm getting an Internal server error 500... verified SSL is working correctly and of course all was working fine before the upgrade..

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at admin@NAS to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.
Apache Server at myserver.com Port 443

Anyone else experiencing similar results?

Server is stopping and starting fine, however I can't find the apache logs, can someone assist with that also?

Thanks,

ampapa,

[ensignvorik]

You can follow this to activate logging: https://technedigitale.com/archives/407

Have you got any .htaccess files set up?

[ampapa]

Isn't that site level logging? What about the logs for apache startup/shutdown, etc. I've found a few in /etc/logs some encrypted...?

Yes, in this particular site there is an .htaccess file.

[ensignvorik]

Remove the line authgroupfile in your .htaccess if it's set to null as they have bodged the mod_authz_groupfile not loading by default in the 4.3.3 firmware,

More details:

viewtopic.php?f=32&t=132553

[ampapa]

The .htaccess file does not contain authgroupfile.

I'm also having issues with non SSL sites, one minute it was working now it isn't... the following just showed up and is somewhat repeating in one of the /error_log if this makes any sense.

File does not exist: /home/httpd/v3_menu/images2/qweb/ftp-003.jpg, referer: http://test.website.com/

[ampapa]

Digging in a little more and I'm noticing that the apache.conf file is missing the includes for my virtual hosts?

#Default
Include /etc/config/apache/extra/apache-msv2.conf
Include /etc/config/apache/extra/apache-musicstation.conf
Include /etc/config/apache/extra/apache-photo.conf
Include /etc/config/apache/extra/apache-video.conf
Include /etc/config/apache/extra/apache-ssl.conf
Include /etc/config/apache/extra/apache-dav-proxy.conf
Include /etc/config/apache/extra/apache-myconfig.conf

#Added by me
Include /etc/config/apache/extra/httpd-vhosts-user.conf
Include /etc/config/apache/extra/httpd-ssl-vhosts-user.conf

Adding this fixed my Virtual hosts on non-ssl ports but my ssl virtual hosts are still not working??

[ensignvorik]

Exactly what build of 4.3.3 are you on?

[ampapa]

Version info:

SNAG-0079.jpg

So I'm noticing a few things of interest. The following was in the apache logging when I added the include statements to load "vhosts" ssl and non-ssl so this could be a piece of the puzzle? Is it no longer to add the includes n the apache.conf, maybe this is part of the failed update?

[Fri May 19 22:34:25.315351 2017] [so:warn] [pid 18711] AH01574: module proxy_module is already loaded, skipping
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/config/apache/extra/httpd-vhosts-user.conf:1
AH00558: apache: Could not reliably determine the server's fully qualified domain name, using 192.168.2.11. Set the 'ServerName' directive globally to suppress this message

Although, when I remove the "vhost" includes from the apache.conf file the Web server virtual hosts section is greyed out in the control panel, it will allow me to start it?

SNAG-0080.jpg

and also the following when restarting apache (/usr/local/apache/bin/apachectl restart) does a PID lock mean the service is not starting?

[Sat May 20 07:38:31.710056 2017] [socache_shmcb:info] [pid 21847] AH00830: Shared memory socache initialised
[Sat May 20 07:38:31.710171 2017] [ssl:info] [pid 21847] AH01887: Init: Initializing (virtual) servers for SSL
[Sat May 20 07:38:31.710217 2017] [ssl:info] [pid 21847] AH01914: Configuring server myweb.com:443 for SSL protocol
[Sat May 20 07:38:31.714732 2017] [ssl:info] [pid 21847] AH02568: Certificate and private key myweb.com:443:0 configured from /etc/stunnel/stunnel.pem and /etc/stunnel/stunnel.pem
[Sat May 20 07:38:31.723742 2017] [ssl:info] [pid 21847] AH01876: mod_ssl/2.4.25 compiled against Server: Apache/2.4.25, Library: OpenSSL/1.0.2k
[Sat May 20 07:38:31.752960 2017] [mpm_prefork:notice] [pid 21847] AH00163: Apache/2.4.25 (Unix) OpenSSL/1.0.2k configured -- resuming normal operations
[Sat May 20 07:38:31.753040 2017] [mpm_prefork:info] [pid 21847] AH00164: Server built: May 16 2017 03:45:26
[Sat May 20 07:38:31.753120 2017] [core:notice] [pid 21847] AH00094: Command line: '/usr/local/apache/bin/apache -c PidFile /var/lock/apache.pid -f /etc/config/apache/apache.conf'

The link you provided earlier (viewtopic.php?f=32&t=132553) did have an effect and I was actually able to get the SSL site back up until I rebooted and now even after adding the "LoadModule authz_groupfile_module modules/mod_authz_groupfile.so" to the file: /mnt/HDA_ROOT/.config/apache/extra/apache-default-modules.conf I can not get it back up. So I think I have more than the single issue going on..

I know this is throwing a bit out there but I wanted to give as much information as I could find.

Thanks.

ampapa,

[ensignvorik]

At this point it's probably worth raising a support ticket via the helpdesk app

[ampapa]

I was thinking that after adding LoadModule authz_groupfile_module modules/mod_authz_groupfile.so to file: /mnt/HDA_ROOT/.config/apache/extra/apache-default-modules.conf that this error message should have gone away?


[Sat May 20 09:06:31.766669 2017] [core:alert] [pid 4742] [client 192.168.2.1:52600] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip

Thanks for the assistance.

[ampapa]

Logs are continually filling up with the following..

[Sat May 20 15:20:56.628681 2017] [core:alert] [pid 17669] [client 80.131.105.190:55294] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:57.163713 2017] [core:alert] [pid 22104] [client 80.131.105.190:55305] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:57.694562 2017] [core:alert] [pid 7456] [client 80.131.105.190:55307] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:58.191100 2017] [core:alert] [pid 7458] [client 80.131.105.190:55308] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:58.673877 2017] [core:alert] [pid 7457] [client 80.131.105.190:55309] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:59.173329 2017] [core:alert] [pid 17669] [client 80.131.105.190:55310] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:20:59.696256 2017] [core:alert] [pid 22104] [client 80.131.105.190:55311] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:21:00.213375 2017] [core:alert] [pid 7456] [client 80.131.105.190:55312] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:21:00.730663 2017] [core:alert] [pid 7458] [client 80.131.105.190:55313] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 15:59:33.031000 2017] [core:alert] [pid 7456] [client 66.249.64.128:51285] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip
[Sat May 20 16:30:45.847330 2017] [core:alert] [pid 17669] [client 180.76.15.11:53191] /share/Web/WordPress/.htaccess: Unknown Authz provider: ip

I also did a check of the modules loaded, looks like "authz_groupfile_module" is loaded. So is the error with the site (htaccess) or the webserver, just trying to figure out which to continue honing in on?

[/mnt/ext/opt/apache/bin] # ./apachectl* -t -D DUMP_MODULES
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/config/apache/extra/httpd-ssl-vhosts-user.conf:1
AH00558: apache: Could not reliably determine the server's fully qualified domain name, using 192.168.2.11. Set the 'ServerName' directive globally to suppress this message
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
mpm_prefork_module (static)
php5_module (shared)
unixd_module (shared)
access_compat_module (shared)
authz_core_module (shared)
filter_module (shared)
mime_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
log_config_module (shared)
rewrite_module (shared)
alias_module (shared)
actions_module (shared)
dir_module (shared)
autoindex_module (shared)
deflate_module (shared)
reqtimeout_module (shared)
cgi_module (shared)
version_module (shared)
env_module (shared)
authn_file_module (shared)
authn_core_module (shared)
authz_user_module (shared)
auth_basic_module (shared)
headers_module (shared)
authz_groupfile_module (shared)
proxy_module (shared)
proxy_wstunnel_module (shared)
ssl_module (shared)

[ampapa]

As a follow up to this problem, there were in fact 2 modules that needed to be added to the apache-default-modules.conf

Added LoadModule authz_groupfile_module modules/mod_authz_groupfile.so to file: /mnt/HDA_ROOT/.config/apache/extra/apache-default-modules.conf
Added LoadModule authz_host_module modules/mod_authz_host.so to file: /mnt/HDA_ROOT/.config/apache/extra/apache-default-modules.conf

then a restart

/usr/local/apache/bin/apachectl restart

Since I'm not familiar with logging bugs.. I'll have to defer to someone else.

amapa,