не может получить доступ к папке ресурсов внутри корня документа на CentOS
Я наконец смог запустить свой сайт в DigitalOcean, и после получения помощи по ServerFault все сертификаты в порядке.
Однако я не могу получить доступ к своим папкам с активами, когда захожу на сайт.
URL сайта: https://www.zandu.biz или https://zandu.biz
эта ссылка должна работать https://zandu.biz/icons/menu/menusection_humanresources.jpg
но это не так
Какие-нибудь советы о том, что я здесь пропустил?
папка / var / www / html / zeintek / merlin / front_end / dist / является корнем документа и местом, где находится индекс.
вот мой файл конфигурации apache:
ServerRoot "/etc/httpd"
Listen 80
Listen 8029
Include conf.modules.d/*.conf
User apache
Group apache
ServerName localhost
ServerAdmin nicolas.zein@zeintek.com
<Directory />
AllowOverride none
Require all denied
Header set Access-Control-Allow-Origin "*"
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel info
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
IncludeOptional conf/v-hosts/*.conf
вот мой файл vhost:
<VirtualHost *:80>
ServerAdmin nicolas.zein@zeintek.com
DocumentRoot "/var/www/html/zeintek/merlin/front_end/dist/"
ServerName zandu.biz
ServerAlias www.zandu.biz
<Directory "/var/www/html/zeintek/merlin/front_end/dist/">
AddHandler cgi-script .cgi .pl .py
Options Indexes Includes FollowSymLinks ExecCGI
Options +ExecCGI
AllowOverride All
Order Allow,Deny
Allow From All
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</Directory>
ErrorLog "logs/webservicesliveroot1.zeintek.com-error.log"
CustomLog "logs/webservicesliveroot1.zeintek.com-access.log" common
</VirtualHost>
<VirtualHost *:8029>
ServerAdmin nicolas.zein@zeintek.com
DocumentRoot "/var/www/html/zeintek/merlin/back_end/public/"
ServerName zandu.biz
ServerAlias www.zandu.biz
<Directory "/var/www/html/zeintek/merlin/back_end/public/">
AddHandler cgi-script .cgi .pl .py
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride All
Order Allow,Deny
Allow From All
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</Directory>
ErrorLog "logs/webservicesliveroot2.zeintek.com-error.log"
CustomLog "logs/webservicesliveroot2.zeintek.com-access.log" common
</VirtualHost>
вот мой файл ssl vhost:
<VirtualHost *:443>
LogLevel warn
SSLEngine On
#we need to prevent the POODLE attach to v3 of SSL is disable. Also we need to enable forward secrecy so disable v2
# SSLProtocol all -SSLv2 -SSLv3
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#for forward secrecy
SSLHonorCipherOrder on
#for forward secrecy
#SSLCipherSuite EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLCertificateFile /etc/letsencrypt/live/zandu.biz-0002/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/zandu.biz-0002/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/zandu.biz-0002/chain.pem
#unused for now
#SSLCACertificateFile NOTUSEDFORNOW #If using a self-signed certificate or a root certificate provided by ca-certificates, omit this line
ServerAdmin nicolas.zein@zeintek.com
DocumentRoot "/var/www/html/zeintek/merlin/front_end/dist/"
ServerName zandu.biz
ServerAlias www.zandu.biz
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/html/zeintek/merlin/front_end/dist/">
SSLOptions +StdEnvVars
AddHandler cgi-script .cgi .pl .py
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride All
Order Allow,Deny
Allow From All
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</Directory>
TransferLog "logs/webservicesliveroot3.zeintek.com-transfer.log"
ErrorLog "logs/webservicesliveroot3.zeintek.com-error.log"
CustomLog "logs/webservicesliveroot3.zeintek.com-access.log" common
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
#CustomLog logs/ssl_request_log \
# "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:8039>
LogLevel warn
SSLEngine On
#we need to prevent the POODLE attach to v3 of SSL is disable. Also we need to enable forward secrecy so disable v2
# SSLProtocol all -SSLv2 -SSLv3
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#for forward secrecy
SSLHonorCipherOrder on
#for forward secrecy
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLCertificateFile /etc/letsencrypt/live/zandu.biz-0002/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/zandu.biz-0002/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/zandu.biz-0002/chain.pem
#unused for now
#SSLCACertificateFile NOTUSEDFORNOW #If using a self-signed certificate or a root certificate provided by ca-certificates, omit this line
ServerAdmin nicolas.zein@zeintek.com
DocumentRoot "/var/www/html/zeintek/merlin/back_end/public/"
ServerName zandu.biz
ServerAlias www.zandu.biz
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/html/zeintek/merlin/back_end/public/">
SSLOptions +StdEnvVars
AddHandler cgi-script .cgi .pl .py
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride All
Order Allow,Deny
Allow From All
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}/$1 [R=301,L]
</Directory>
TransferLog "logs/webservicesliveroot4.zeintek.com-transfer.log"
ErrorLog "logs/webservicesliveroot4.zeintek.com-error.log"
CustomLog "logs/webservicesliveroot4.zeintek.com-access.log" common
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
#CustomLog logs/ssl_request_log \
# "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Конфигурация Apache по умолчанию, поставляемая с CentOS, включает Alias что вызывает пути URL, начинающиеся с /icons/ для загрузки из другого каталога.
В /etc/httpd/conf.d/autoindex.conf ты найдешь:
Alias /icons/ "/usr/share/httpd/icons/"
Поскольку вашего значка нет в этом каталоге, вы получите ошибку Apache 404.
Вы должны закомментировать или удалить эту строку из файла.