Hi Steven,
Thanks for your reply.
No there appears to be no difference there either. And I don't think reverse dns is setup on either host.
Tim
On Mon, Jun 9, 2014 at 11:03 PM, Steven Tardy sjt5atra@gmail.com wrote:
does /etc/hosts (or DNS or reverse DNS) differ between working server and non-working server?
On Mon, Jun 9, 2014 at 10:44 PM, Tim Dunphy bluethundr@gmail.com wrote:
Ok lets' try this again. I set the following in httpd.conf:
<Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from 127.0.0.1 10.10.1.160
</Location>
I bounce apache.
I verify the IP information is correct:
[root@webhosta apache2]# ifconfig | grep inet inet addr:10.10.1.160 Bcast:10.10.1.255 Mask:255.255.254.0 inet addr:127.0.0.1 Mask:255.0.0.0
Then if I try a GET on that IP using hostname -i
[root@webhosta apache2]# GET http://$(hostname -i)/server-status
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /server-status on this server.</p> <hr> <address>Apache Server at 10.10.1.160 Port 80</address> </body></html>
OR if I try a GET with the actual IP, I get the following:
[root@webhosta apache2]# GET http://10.10.1.160/server-status
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head> <title>403 Forbidden</title> </head><body> <h1>Forbidden</h1> <p>You don't have permission to access /server-status on this server.</p> <hr> <address>Apache Server at 10.10.1.160 Port 80</address> </body></html>
Any further thoughts?
Thanks
On Mon, Jun 9, 2014 at 10:23 PM, Steven Tardy sjt5atra@gmail.com
wrote:
10.10.160 != 10.10.1.160 the GET is probably going across ethx interface instead of lo
interface.
On Mon, Jun 9, 2014 at 9:56 PM, Tim Dunphy bluethundr@gmail.com
wrote:
Hey all,
I'm having a slightly weird issue with apache server-status on just
one
of
my nodes.
In my httpd.conf I have the following:
<Location /server-status>
SetHandler server-status Order deny,allow Deny from all Allow from 127.0.0.1 10.10.160</Location>
If I do a ps grep I know that I'm using the right config:
[root@webhosta apache2]# ps -ef | grep apache | grep -v grep | head
-5
root 28359 1 0 21:38 ? 00:00:00
/opt/apache2/bin/httpd
-k
start
apache 28360 28359 0 21:38 ? 00:00:00
/opt/apache2/bin/httpd
-k
start
apache 28361 28359 0 21:38 ? 00:00:00
/opt/apache2/bin/httpd
-k
start
apache 28362 28359 0 21:38 ? 00:00:00
/opt/apache2/bin/httpd
-k
start
apache 28363 28359 0 21:38 ? 00:00:00
/opt/apache2/bin/httpd
-k
start
And if I check apachectl -S things look ok there too. I can also see
I'm
using the right config:
[root@webhosta apache2]# /opt/apache2/bin/httpd -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:* is a NameVirtualHost
default server test.mydomain.com(/opt/apache2/conf.d/z001_mydomain.conf:1)
port * namevhost test.mydomain.com(/opt/apache2/conf.d/z001_mydomain.conf:1)
port * namevhost webhosta.dmz.domain.com(/opt/apache2/conf/httpd.conf:469)
port * namevhost webhosta.dmz.domain.com(/opt/apache2/conf/httpd.conf:480)
port * namevhost hcphp.nbc.com(/opt/apache2/conf/httpd.conf:501)
Syntax OK
Yet, for some reason I get permission denied when I try to do a get
from
localhost:
[root@webhosta apache2]# GET http://$(hostname -i)/server-status
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /server-status
on this server.</p>
<hr>
<address>Apache Server at 10.10.1.160 Port 80</address>
</body></html>
I can do a successful GET to 127.0.0.1, but our system is automated
and
relies on doing a GET to the value of hostname -i.
Does anyone have any ideas or suggestions as to what could be wrong?
Thanks
Tim
-- GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos