[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 766
  • Last Modified:

Ubuntu 14 server problem with joomla (jbetolo) gzipped files

Hi all,

I have a VPS with Linode and I have installed all the software necessary (mysql, apache2, php5) on Ubuntu 14.04 x64 to host joomla and wordpress websites. Wordpress websites work fine, even with W3 Total Cache's minify settings on.

Example: A minified JS resource from my wordpress site

The problem is on the Joomla site with jbetolo installed. The configuration.php has the setting: public $gzip = '1';
However the gzipped resources in the source code do not work. When accessed they throw a "Restricted access" error.
Example: Not working example of new site

This site is a clone of the original site (a shared server which I will have to leave soon) where the same resource works perfectly: Working example on original site

On the VPS server where I have problems I have used the following commands to install zlib and zip:
In /etc/apt/sources.list I added to the bottom: deb http://us.archive.ubuntu.com/ubuntu saucy main universe

sudo apt-get update && sudo apt-get upgrade

sudo apt-get install zlibc zlib1g zlib1g-dev zlib-bin libgcrypt11-dev

sudo nano /etc/php5/apache2/php.ini
(here I made the following changes)
zlib.output_compression = On
zlib.output_compression_level = -1
implicit_flush = Off
cgi.fix_pathinfo = 1
extension=zip.so

sudo apt-get install apache2-mpm-worker libapache2-mod-fastcgi php5-fpm

sudo a2enmod actions alias fastcgi

Then in /etc/apache2/mods-enabled/fastcgi.conf
I inserted:
AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization

sudo service apache2 restart && sudo service php5-fpm restart


sudo mkdir /var/www/cgi-bin
sudo touch /var/www/cgi-bin/php5.fcgi
sudo chown -R www-data:www-data /var/www/cgi-bin
sudo nano /etc/apache2/mods-enabled/fastcgi.conf

This file currently looks like this:

<IfModule mod_fastcgi.c>
  AddHandler fastcgi-script .fcgi
  #FastCgiWrapper /usr/lib/apache2/suexec
  FastCgiIpcDir /var/lib/apache2/fastcgi
 
  Alias /php5.fcgi /var/www/cgi-bin/php5.fcgi
  AddType application/x-httpd-fastphp5 .php
  Action application/x-httpd-fastphp5 /php5.fcgi
 
  FastCGIExternalServer /var/www/cgi-bin/php5.fcgi -socket /var/run/php5-fpm.sock
 
  <Directory "/var/www/cgi-bin">
    Order allow,deny
      <Files "php5.fcgi">
        Order deny,allow
      </Files>
  </Directory>
</IfModule>

and changed my conf file: /etc/apache2/sites-available/salvatoremarchetti.com.conf

# domain: salvatoremarchetti.com
# public: /home/my_user_name/public/salvatoremarchetti.com/

<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin webmaster@salvatoremarchetti.com
  ServerName  salvatoremarchetti.com
  ServerAlias salvatoremarchetti.com
  ServerAlias www.salvatoremarchetti.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.php index.htm
  DocumentRoot /home/my_user_name/public/salvatoremarchetti.com/public
        <Directory /home/my_user_name/public/salvatoremarchetti.com/public>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride all
            Order allow,deny
            Allow from all
            Require all granted
        </Directory>

  # Log file locations
  LogLevel warn
  ErrorLog  /home/my_user_name/public/salvatoremarchetti.com/log/error.log
  CustomLog /home/my_user_name/public/salvatoremarchetti.com/log/access.log combined

  ExpiresActive on

  ExpiresByType image/jpg "access plus 60 days"
  ExpiresByType image/png "access plus 60 days"
  ExpiresByType image/gif "access plus 60 days"
  ExpiresByType image/jpeg "access plus 60 days"

  ExpiresByType text/css "access plus 1 days"

  ExpiresByType image/x-icon "access plus 1 month"

  ExpiresByType text/javascript "access plus 1 week"
  ExpiresByType application/x-javascript "access plus 1 week"
  ExpiresByType application/javascript "access plus 1 week"

</VirtualHost>


After that I did this:

sudo a2enmod deflate

At the bottom of: /etc/apache2/apache2.conf        I added:    Include httpd.conf

I created an empty httpd.conf file in /etc/apache2/httpd.conf
and pasted in it:
LoadModule deflate_module modules/mod_deflate.so

sudo ln -s /etc/apache2/mods-available/deflate.load /etc/apache2/mods-enabled/

sudo service apache2 restart

Open in new window



It is obvious that somewhere along the line I have made a huge mess of it all. I have a feeling that if I uninstalled this bit and reinstalled it in some other way it would work but I don't know what the problem is and don't know how to solve it.

Any help will be appreciated.

thanks in advance
0
badwolfff
Asked:
badwolfff
  • 7
  • 6
1 Solution
 
badwolfffAuthor Commented:
This is my .htacces

What do you think? Anything missing?

# Patched on: %2014-%05-%15 %12:%May:%48
# Auto-patched by jbetolo

<FilesMatch "\.(gif|jpg|jpeg|png|swf|pdf|css|js|html|ico?|xml|txt)$">
	FileETag none
</FilesMatch>

<IfModule mod_expires.c>
        ExpiresActive On
        ExpiresDefault A600
        ExpiresByType image/x-icon A5184000
        ExpiresByType application/x-javascript A5184000
        ExpiresByType application/javascript A5184000
        ExpiresByType text/css A5184000
        ExpiresByType text/javascript A5184000
        ExpiresByType image/gif A5184000
        ExpiresByType image/png A5184000
        ExpiresByType image/jpeg A5184000
        ExpiresByType text/plain A86400
        ExpiresByType application/x-shockwave-flash A5184000
        ExpiresByType video/x-flv A5184000
        ExpiresByType application/pdf A5184000
        ExpiresByType text/html A600
</IfModule>


# Options +FollowSymLinks

## Mod_rewrite in use.

			RewriteEngine On


			AddType video/ogg .ogv 
			AddType audio/ogg .ogg 
			AddType video/mp4 .mp4 
			AddType video/webm .webm
			AddType audio/webm .weba
			AddType text/plain .srt



## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#

# Block out any script trying to base64_encode data within the URL.
			RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]


# Block out any script that includes a <script> tag in URL.
			RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
			
			
# Block out any script trying to set a PHP GLOBALS variable via URL.
			RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
			
			
# Block out any script trying to modify a _REQUEST variable via URL.
			RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})


# Return 403 Forbidden header and show the content of the root homepage
			RewriteRule .* index.php [F]


## End - Rewrite rules to block out some common exploits.



## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects

##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##

RewriteBase /inasia/

## Begin - Joomla! core SEF Section.

			RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
			RewriteCond %{REQUEST_URI} !^/index\.php
			
			
# and the request is for something within the component folder,
# or for the site root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
			RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
		
		
# and the requested path and file doesn't directly match a physical file
			RewriteCond %{REQUEST_FILENAME} !-f
			
			
# and the requested path and file doesn't directly match a physical folder
			RewriteCond %{REQUEST_FILENAME} !-d
			
			
# internally rewrite the request to the index.php script
			RewriteRule .* index.php [L]
			

## End - Joomla! core SEF Section.


#DirectoryIndex index.html index.php


## EXPIRES CACHING ##
			<FilesMatch "\.(gif|jpg|jpeg|png|swf|pdf|css|js|html|ico?|xml|txt)$">
				FileETag none
			</FilesMatch>
			<IfModule mod_expires.c>
					ExpiresActive On
					ExpiresDefault "access plus 2 days"
					
					ExpiresByType image/jpg "access plus 1 year"
					ExpiresByType image/jpeg "access plus 1 year"
					ExpiresByType image/gif "access plus 1 year"
					ExpiresByType image/png "access plus 1 year"
					ExpiresByType image/x-icon "access plus 1 year"
					
					ExpiresByType text/css "access plus 1 month"
					ExpiresByType text/plain "access plus 1 month"
					ExpiresByType text/html "access plus 1 month"
					
					ExpiresByType application/pdf "access plus 1 month"
					
					ExpiresByType application/x-javascript "access plus 1 month"
					ExpiresByType application/javascript "access plus 1 month"
					ExpiresByType text/x-javascript "access plus 1 month"
					
					ExpiresByType application/x-shockwave-flash "access plus 1 month"
					ExpiresByType video/x-flv "access plus 1 month"
			</IfModule>
## EXPIRES CACHING ##		


# Add correct content-type for fonts
			AddType application/vnd.ms-fontobject .eot
			AddType font/ttf .ttf
			AddType font/otf .otf
			AddType font/x-woff .woff
			AddType image/svg+xml .svg
 
# Compress compressible fonts
			AddOutputFilterByType DEFLATE font/ttf font/otf image/svg+xml
 
# Add a far future Expires header for fonts
			ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
			ExpiresByType font/ttf "access plus 1 year"
			ExpiresByType font/otf "access plus 1 year"
			ExpiresByType font/x-woff "access plus 1 year"
			ExpiresByType image/svg+xml "access plus 1 year"


<ifModule mod_deflate.c>
  #AddOutputFilterByType DEFLATE text/html text/xml text/css text/plain
  #AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript application/json

  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/json
  
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml

  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf

  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
</IfModule>

Open in new window

0
 
GaryCommented:
According to the Joomla docs you can not access a file directly without a session i.e. you must be visiting the page.

Whats the actual link to the site? Is it...
http://www.salvatoremarchetti.com/inasia/index.php
0
 
badwolfffAuthor Commented:
Yes that is the link
Thanks
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
GaryCommented:
So I have no problem accessing and all files download ok apart from this error

Parse error: Missing ; before statement in file '[inline]' on line 3

Fix that error then we will go from there.

But the web page is using gzip and is compressed
0
 
badwolfffAuthor Commented:
And both the sites, the original and the clone look the same to you? They don't look the same to me at all. The minified gzipped resource I indicate above throws a restricted access. Please try again. More details at the top of the page.

Thanks
0
 
GaryCommented:
Disable all your plugins - does the site work?

When you moved the site did you copy the site exactly or did you install the latest version and then import everything? It could be a plugin conflict
0
 
badwolfffAuthor Commented:
Copied the files as they were. :(
0
 
GaryCommented:
What version of PHP is running on the two servers and what version of Joomla are you using
0
 
badwolfffAuthor Commented:
The server where the site is working has 5.3.28
The server where it isn't working has PHP 5.5.9

Both have the same joomla installation, there is no difference between the files on one server and those on the other.
It is Joomla! 3.2.4.

By the way, I was just wondering if the "restricted access" error might be related to the permissions on the server?
Maybe joomla doesn't have enough permissions to write to tmp folder?
At the present the dir chmod (recursive) is 755 and the files are all 644.

When joomla or wordpress try to write to the filesystem, which user do they use? Is it possible to give that user admin permissions? (I did a test on my server and on page 3 of this application I got one error: PHP CANNOT WRITE TO FILESYSTEM: http://www.mismatched.be/index.php?step=2)
On the original server, the same test does not give that error: http://www.associazioneculturaleinasia.it/check.php?step=2

thanks in advance
0
 
GaryCommented:
There were lots of changes between PHP 5.3 and 5.5
Looking at the Joomla release notes v3.3 should be used on anything higher than PHP v5.3.9

The folders that need write permissions are
administrator/cache, cache, logs, tmp, configuration.php, images
0
 
badwolfffAuthor Commented:
IT WORKS!
0
 
GaryCommented:
So was it the Joomla version?
0
 
badwolfffAuthor Commented:
No permissions on the folders. I changed them to 755 and everything worked.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now