Little help with httpd configuration :)

I ask for a little help with httpd configuration with zapache addon (https://github.com/lorf/zapache) for zabbix to monitor my awesome Nextcloud instance :slight_smile:

CentOS 7, apache 2.4 and configs are:

/etc/httpd/conf/httpd.conf – default settings

/etc/httpd/conf.d/nextcloud.conf:

<VirtualHost *:80>
   ServerName mydomain.com
   Redirect permanent / https://mydomain.com
</VirtualHost>

/etc/httpd/conf.d/ssl.conf:

<VirtualHost _default_:443>
Alias / "/var/www/html/nextcloud/"
DocumentRoot "/var/www/html/nextcloud"
ServerName mydomain.com:443
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
</IfModule>
<Directory "/var/www/html/nextcloud">
Options +FollowSymLinks
AllowOverride All
<IfModule mod_dav.c>
    Dav off
</IfModule>
SetEnv HOME /var/www/html/nextcloud
SetEnv HTTP_HOME /var/www/html/nextcloud
</Directory>
<Directory "/var/www/nextcloud/data/">
Require all denied
</Directory>

[and others like SSL options are set of course]

It is working fine.

Now I have to enable httpd server-status for zapache addon to read it and send informations to the Zabbix server.
Zapache addon does it by requesting http://localhost/server-status?auto URL.
I have tried to do it by adding to httpd.conf

<Location /server-status>
    SetHandler server-status
    Require ip 127.0.0.1
    Require ip ::1
</Location>

but it didn’t work:

[root@nextcloud conf.d]# curl http://localhost/server-status?auto
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https:/mydomain.comserver-status?auto">here</a>.</p>
</body></html>

https://localhost/server-status?auto is working, but redirects to nextcloud home page.

So, what is proper configuration for that case?

Regards :))

Ok, solved this with zapache.conf:

<VirtualHost localhost:80>
DocumentRoot "/var/www/html/server-status/"
<Location /server-status>
    SetHandler server-status
    Require ip 127.0.0.1
    Require ip ::1
</Location>
</VirtualHost>

:slight_smile:

You have to put this into your http-virtualhost (not the https-Virtualhost). And you have to exclude server-status from the permanent redirect. You can do this with more detailed rewrite rules (https://stackoverflow.com/questions/3372344/htaccess-301-redirect-entire-site-but-with-exceptions), perhaps a RedirectMatch will do it as well (just quick&dirty&untested):

<VirtualHost *:80>
   ServerName mydomain.com
   RedirectMatch "^((?!server-info).)*$" "https://mydomain.com/$1"
   <Location /server-status>
     SetHandler server-status
     Require ip 127.0.0.1
     Require ip ::1
  </Location>
</VirtualHost>
1 Like

Hi, all, I had a similar problem and found myself here. I have pretty URLs enabled (which generates an .htaccess file) and have forced HTTP > HTTPS redirect (auto-generated by Let’s Encrypt in the /etc/apache2/sites-available/nextcloud.conf file. I ended up having to make two changes:

  1. In /var/www/nextcloud/.htaccess, add the following:
    RewriteCond %{REQUEST_URI} !/server-status

  2. In /etc/apache2/sites-available/nextcloud.conf (your name may vary), add this in the block:
    RewriteCond %{REQUEST_URI} !=/server-status

These (1) prevent the HTTP > HTTPS redirect from applying to /server-status, (2) prevent the pretty URL rewrite from applying to /server-status

Together, they allow http://127.0.0.1/server-status to work in an otherwise SSL-enforced server. Hope that helps someone!