Apache2 won`t parse bin/configure

Hello,

i have the problem, that apache2 only shows a plain text, if i try to load bin/configure.

My main Foswikisite shows up, but if i try to load /bin/configure directly or from there, only plain text comes up.

I tried a lot of different configuration option from Apache Configuration Generator, but nothing works.

I've no Apache2 Errors.

My System:

OpenSuse 13.1

Apache2 2.4.6

Use mod_fcgid

I do not know, how i could manage it to start Foswiki.

Any help appreciated

Poul Poulsen

here is my foswiki.conf generated from ApacheGenerator:

-- PoulPoulsen - 30 Sep 2014

Please try without using FCGI for now. You'll need to get foswiki initially configured, and install the optional FastCGIEngineContrib before enabling fcgi in apache. Unfortunately we don't ship the fastcgi or mod_perl engines by default currently. However regardless of that, it should not impact configure, since configure should run with cgi, not fastcgi under this release of Foswiki.

The code SetHandler cgi-script should cause Apache to run the script under the perl CGI. Though I see you are using Apache 2.4. There might be some configuration differences between 2.2 and 2.4, I don't have any test systems running 2.4 to test the results of the config generator. But if you are getting plain text, then something is not matching in your configuration to trigger CGI processing.

In your apache configuration, you need to make sure that perl CGI is enabled, not just fastcgi. See Apache 2.4 CGI docs for information on the apache side of things.

-- GeorgeClark - 30 Sep 2014

Hello, thanks for the quick answer. Unfortunately it doesn`t change anything. For simpification i only load module cgi, no fastcgi or else.

Here is the changed foswiki.conf from Apache config generator. Are there any special chnages in using Apache 2.4? How could i see, why Apache won`t parse /bin/configure?

Any clues?

Thanks Poul

# Autogenerated httpd.conf file for Foswiki. # Generated at http://foswiki.org/Support/ApacheConfigGenerator?vhost=;port=;dir=/srv/www/htdocs/foswiki;symlink=on;pathurl=/localhost/foswiki;shorterurls=disabled;engine=CGI;fastcgimodule=fcgid;fcgidreqlen=;apver=2;allowconf=;requireconf=;loginmanager=Template;htpath=/srv/www/htdocs/foswiki/data;errordocument=UserRegistration;errorcustom=;phpinstalled=PHP4;blockpubhtml=;blocktrashpub=;controlattach=;blockspiders=;foswikiversion=1.1;timeout=

# For Foswiki version 1.1

# The Alias defines a url that points to the root of the Foswiki installation. # The first parameter will be part of the URL to your installation e.g. # http://my.co.uk/foswiki/bin/view/... # The second parameter must point to the physical path on your disc.

ScriptAlias /localhost/foswiki/bin "/srv/www/htdocs/foswiki/bin"

# The following Alias is used to access files in the pub directory (attachments etc) # It must come after the ScriptAlias. # If short URLs are enabled, and any other local directories or files need to be accessed directly, they # must also be specified in an Alias statement, and must not conflict with a web name.

Alias /localhost/foswiki/pub "/srv/www/htdocs/foswiki/pub"

Alias /localhost/foswiki "/srv/www/htdocs/foswiki"

# This enables access to the documents in the Foswiki root directory Order Allow,Deny Allow from all Deny from env=blockAccess

# This specifies the options on the Foswiki scripts directory. The ExecCGI # and SetHandler tell apache that it contains scripts. "Allow from all" # lets any IP address access this URL. # Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies

AllowOverride None Order Allow,Deny Allow from all Deny from env=blockAccess Options +ExecCGI +FollowSymLinks SetHandler cgi-script

# Password file for Foswiki users AuthUserFile /srv/www/htdocs/foswiki/data/.htpasswd AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.' AuthType Basic

# File to return on access control error (e.g. wrong password) ErrorDocument 401 /localhost/foswiki/bin/view/System/UserRegistration

# Limit access to configure to specific IP address(es) or user(s). # Make sure configure is not open to the general public. # It exposes system details that can help attackers. # cf. http://foswiki.org/Support/ProtectingYourConfiguration for details. SetHandler cgi-script

Satisfy Any ErrorDocument 401 default

# This sets the options on the pub directory, which contains attachments and # other files like CSS stylesheets and icons. AllowOverride None stops a # user installing a .htaccess file that overrides these options. # Note that files in pub are not protected by Foswiki Access Controls, # so if you want to control access to files attached to topics you need to # block access to the specific directories same way as the ApacheConfigGenerator # blocks access to the pub directory of the Trash web Options None Options +FollowSymLinks AllowOverride None Order Allow,Deny Allow from all Deny from env=blockAccess ErrorDocument 404 /localhost/foswiki/bin/viewfile

# Disable execution of PHP scripts php_admin_flag engine off

# This line will redefine the mime type for the most common types of scripts AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi # # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate # reducing the load on the server significantly # IF you can, you should enable this - it will improve your Foswiki experience, even if you set it to under one day. # you may need to enable expires_module in your main apache config #LoadModule expires_module libexec/httpd/mod_expires.so #AddModule mod_expires.c # # # ExpiresActive on # ExpiresDefault "access plus 11 days" # # # # Serve pre-compressed versions of .js and .css files, if they exist # Some browsers do not handle this correctly, which is why it is disabled by default # # RewriteEngine on # RewriteCond %{HTTP:Accept-encoding} gzip # RewriteCond %{REQUEST_FILENAME}.gz -f # RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA] # # # RewriteEngine on # RewriteCond %{HTTP:Accept-encoding} gzip # RewriteCond %{REQUEST_FILENAME}.gz -f # RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L] # # # AddEncoding x-gzip .gz # AddType application/x-javascript .gz # # # AddEncoding x-gzip .gz # AddType text/css .gz #

# Security note: All other directories should be set so # that they are not visible as URLs, so we set them as deny from all. deny from all

deny from all

deny from all

deny from all

deny from all

deny from all

# We set an environment variable called blockAccess. # # Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from # including its own topics as URLs and also prevents other Foswikis from # doing the same. This is important to prevent the most obvious # Denial of Service attacks. # # You can expand this by adding more BrowserMatchNoCase statements to # block evil browser agents trying to crawl your Foswiki # # Example: # BrowserMatchNoCase ^SiteSucker blockAccess # BrowserMatchNoCase ^$ blockAccess

BrowserMatchNoCase ^$ blockAccess

-- PoulPoulsen - 01 Oct 2014

I have no idea about migration to apache 2.4. Everything I have is running 2.2. You might try asking on an Apache support forum. I've reviewed the Apache 2.4 documentation for changes in mod_cgi / mod_cgid, and nothing jumps out as what might be wrong. The ScriptAlias and SetHandler directives are still in use.

If I get a chance this weekend I'll try to download and install OpenSuSE on a vm here and see if I can get foswiki running.

By the way... It would be best if you pasted configurations in a verbatim block: Probably easiest to do using the "Edit wiki text" plain text editor. Makes the config much easier to read, and you don't have to deal with line wrapping.

<verbatim>
... paste config here
</verbatim>

-- GeorgeClark - 01 Oct 2014

It turns out that http://foswiki.org/ was just updated to Apache 2.4. It's running foswiki without issues. We had to change some of the access control directives, but those were causing 403 access denied errors, and not issues with cgi execution.

Have you reviewed SystemRequirements and made sure all the perl dependencies are installed?

-- GeorgeClark - 04 Oct 2014

Working through install of OpenSuse 13.1, it looks as though it enables AppArmor by default. This is similar to SELinux extensions and will probably block execution of CGI scripts by default. You could either place it into warning mode, or disable it, or create a profile to allow cgi execution. I'm not far enough along to explain how yet.

-- GeorgeClark - 04 Oct 2014

I got everything running on SuSE 13.1

• Installed as a web server, and also selected development and perl packages
• Had to configure firewall to allow port 80, yast took care of it. Though eventually I just disabled the firewall
• AppArmor came up enforcing. I changed all the rules to Complain mode, however that didn't seem to be necessary,
• Configured Apace to make sure that cgi and perl modules were enabled.
• Ran apache config generator for my vhost (wiki.site.com) port 80, path to foswiki: /srv/www/vhosts/foswiki, Chose TemplateLogin, and enabled Short URLs. Set path for foswki to just the single slash.
• Expanded Foswiki tarball into /srv/www/vhosts/ and then renamed it to foswiki.
• Changed ownership - chown wwwrun:www -R foswiki of the foswiki directory.
• Copied the output of ApacheConfigGenerator into /etc/apache2/vhosts.d/mysite.conf
• Restarted apache apache2ctl -k restart Had a couple of errors:
  • Deleted config line Listen 80 Not needed for suse vhosts
  • Deleted the 3 lines AuthUserFile, AuthName, and AuthType since I'm not using Apache auth and I'm not protecting configure. (Not recommended .. but keeping it simple for now)
  • Added line: UseCanonicalName Off
  • Had to edit the Apache configuration (used yast) and enabled the Rewrite module. Otherwise short URLs configuration errors out.
• Restarted apache again, browsed to http://wiki.site.com/bin/configure and configure came up.
  • One missing dependency reported. CPAN:HTML::Tree. Installed from shell: zypper in perl-HTML-Tree

Did you put your ApacheConfigGenerator output in /etc/apache2/vhosts.d file named somename.conf I'm not sure what else to suggest.

-- GeorgeClark - 04 Oct 2014

Hello, thanks for the info! it is very usefull, but unfortunately for me negativ. Starting configure shows the plain text, no execution i check my apache config, and it seems for me that i do have configured well. rewrite on perl on cgi on

i cant find a yast configuration for apache? have to check yast installation, which modul i have to install - hmmh.

here is my foswiki.conf.

# Autogenerated httpd.conf file for Foswiki.
# Generated at http://foswiki.org/Support/ApacheConfigGenerator?vhost=localhost;port=;dir=/srv/www/vhosts/foswiki;symlink=on;pathurl=/foswiki;shorterurls=enabled;engine=CGI;fastcgimodule=fcgid;fcgidreqlen=;apver=2;allowconf=localhost 127.0.0.1;requireconf=Jens;loginmanager=Template;htpath=/srv/www/vhosts/foswiki/data;errordocument=UserRegistration;errorcustom=;phpinstalled=PHP4;blockpubhtml=;blocktrashpub=;controlattach=;blockspiders=;foswikiversion=1.1;timeout=

# For Foswiki version 1.1

<VirtualHost *>
    ServerAdmin webmaster@localhost
    DocumentRoot "/srv/www/vhosts/foswiki"
    ServerName localhost
    ServerAlias www.localhost         # Optional. Add to list of redirect hosts in bin/configure

# The Alias defines a url that points to the root of the Foswiki installation.
# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/foswiki/bin/view/...
# The second parameter must point to the physical path on your disc.

ScriptAlias /foswiki/bin "/srv/www/vhosts/foswiki/bin"

# The following Alias is used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.
# If short URLs are enabled, and any other local directories or files need to be accessed directly, they
# must also be specified in an Alias statement, and must not conflict with a web name.

Alias /foswiki/pub "/srv/www/vhosts/foswiki/pub"
Alias /foswiki/robots.txt "/srv/www/vhosts/foswiki/robots.txt"

#  Rewriting is required for Short URLs, and Attachment redirecting to viewfile
RewriteEngine    on
#RewriteLog "/var/log/apache/rewrite.log"
#RewriteLogLevel 0

# short urls
Alias /foswiki "/srv/www/vhosts/foswiki/bin/view"
RewriteRule ^/+foswiki/+bin/+view/+(.*) /foswiki/$1 [L,NE,R]
RewriteRule ^/+foswiki/+bin/+view$ /foswiki/ [L,NE,R]

# This enables access to the documents in the Foswiki root directory
<Directory "/srv/www/vhosts/foswiki">
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess
</Directory>

# This specifies the options on the Foswiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
# Note:  If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies

<Directory "/srv/www/vhosts/foswiki/bin">
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess

    Options +ExecCGI  +FollowSymLinks
    SetHandler cgi-script

    # Password file for Foswiki users
#    AuthUserFile /srv/www/vhosts/foswiki/data/.htpasswd
#    AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
#    AuthType Basic

    # File to return on access control error (e.g. wrong password)
#    ErrorDocument 401 /foswiki/System/UserRegistration

    # Limit access to configure to specific IP address(es) or user(s).
    # Make sure configure is not open to the general public.
    # It exposes system details that can help attackers.
    # cf. http://foswiki.org/Support/ProtectingYourConfiguration for details.
#    <FilesMatch "^(configure)$">
#        SetHandler cgi-script
#        Order Deny,Allow
#        Deny from all
#        Allow from localhost 127.0.0.1
#        Require user Jens
#        Satisfy Any
#        ErrorDocument 401 default
#    </FilesMatch>

</Directory>

# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Note that files in pub are *not* protected by Foswiki Access Controls,
# so if you want to control access to files attached to topics you need to
# block access to the specific directories same way as the ApacheConfigGenerator
# blocks access to the pub directory of the Trash web
<Directory "/srv/www/vhosts/foswiki/pub">
    Options None
    Options +FollowSymLinks
    AllowOverride None
    Order Allow,Deny
    Allow from all
    Deny from env=blockAccess
    ErrorDocument 404 /foswiki/bin/viewfile

    # Disable execution of PHP scripts
    php_admin_flag engine off

   # This line will redefine the mime type for the most common types of scripts
    AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
   #
   # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
   # reducing the load on the server significantly
   # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
   # you may need to enable expires_module in your main apache config
   #LoadModule expires_module libexec/httpd/mod_expires.so
   #AddModule mod_expires.c
   #<ifmodule mod_expires.c>
   #  <filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
   #       ExpiresActive on
   #       ExpiresDefault "access plus 11 days"
   #   </filesmatch>
   #</ifmodule>
   #
   # Serve pre-compressed versions of .js and .css files, if they exist
   # Some browsers do not handle this correctly, which is why it is disabled by default
   # <FilesMatch "\.(js|css)$">
   #         RewriteEngine on
   #         RewriteCond %{HTTP:Accept-encoding} gzip
   #         RewriteCond %{REQUEST_FILENAME}.gz -f
   #         RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
   # </FilesMatch>
   # <FilesMatch "\.(js|css)\?.*$">
   #         RewriteEngine on
   #         RewriteCond %{HTTP:Accept-encoding} gzip
   #         RewriteCond %{REQUEST_FILENAME}.gz -f
   #         RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
   # </FilesMatch>
   # <FilesMatch "\.js\.gz(\?.*)?$">
   #         AddEncoding x-gzip .gz
   #         AddType application/x-javascript .gz
   # </FilesMatch>
   # <FilesMatch "\.css\.gz(\?.*)?$">
   #         AddEncoding x-gzip .gz
   #         AddType text/css .gz
   # </FilesMatch>

</Directory>

# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.
<Directory "/srv/www/vhosts/foswiki/data">
    deny from all
</Directory>

<Directory "/srv/www/vhosts/foswiki/templates">
    deny from all
</Directory>

<Directory "/srv/www/vhosts/foswiki/lib">
    deny from all
</Directory>

<Directory "/srv/www/vhosts/foswiki/locale">
    deny from all
</Directory>

<Directory "/srv/www/vhosts/foswiki/tools">
    deny from all
</Directory>

<Directory "/srv/www/vhosts/foswiki/working">
    deny from all
</Directory>

# We set an environment variable called blockAccess.
#
# Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
# including its own topics as URLs and also prevents other Foswikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
#
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying to crawl your Foswiki
#
# Example:
# BrowserMatchNoCase ^SiteSucker blockAccess
# BrowserMatchNoCase ^$ blockAccess

BrowserMatchNoCase ^$ blockAccess

</VirtualHost>

The page comes up as before, i can read the instructions, but no execution ...

For the moment i will gave up and wait until something new comes up with suse, or a rpm package for foswiki.

Thanks very much Poul

-- PoulPoulsen - 06 Oct 2014

Poul, This really is a configuration issue in Apache or SuSE. Nothing new in Foswiki packages is going to fix it.

• The Yast configuration for the http server is listed under http server, not apache. It is part of SuSE, nothing you have to install.
• Where did you put that foswiki.conf file you posted?
• Try issuing apache2ctl -t -D DUMP_VHOSTS Does that list you foswiki vhost there?
• I suspect you will have to use a different host than "localhost", That's the name of the default host.

-- GeorgeClark - 06 Oct 2014

hello,

i`m quite sure, that it is a apache / security problem from the distribution, but because i don`t know how foswiki depends on this problem, i will wait for other help or rpm or updates. btw, i have to install this yastmodul, but no problem.

Therefore i will wait, read about it and perhaps the rpm usable for opsensuse 13.1 is coming. Then the configuration issues are mostly gone, i hope.

I put the foswiki.conf under /etc/apache2/vhosts.d/ I can`t use another host, because do not have a website. Will test on my laptop, thats all for the moment. here is the output of apache2ctl -t -D DUMP_VHOSTS Hope it helps to find out. Will test again.

VirtualHost configuration:
*:*                    is a NameVirtualHost
         default server localhost (/etc/apache2/vhosts.d/foswiki.conf:6)
         port * namevhost localhost (/etc/apache2/vhosts.d/foswiki.conf:6)
                 alias localhost
                 alias #
                 alias Optional.
                 alias Add
                 alias to
                 alias list
                 alias of
                 alias redirect
                 alias hosts
                 alias in
                 alias bin/configure
         port * namevhost localhost (/etc/apache2/vhosts.d/foswiki.conf:6)
                 alias localhost
                 alias #
                 alias Optional.
                 alias Add
                 alias to
                 alias list
                 alias of
                 alias redirect
                 alias hosts
                 alias in
                 alias bin/configure

Best wishes Poul

-- PoulPoulsen - 06 Oct 2014

I'm pretty confident that there will not be SuSE RPM's coming for Foswiki. We have no developers working on that. I was able to get Foswiki working on a new SuSE 13.1 install, no issues. You definitely have an apache configuration issue.

-- GeorgeClark - 06 Oct 2014

Commenting is disabled while not logged in