I'm trying to configure Apache2 (WHM managed) and Tomcat9 (not managed) on CentOS 7, to work together.
When you browse my website: example.com you are NOT taken to the DocumentRoot /home/example/example_web that I specify in post_virtualhost_global.conf, instead you are taken to public_html.
If you browse to my website using the SSL port - example.com:8443 - you are taken to /home/example/example_web, but the SSL certificate doesn't work.
I include the files involved below.
I appreciate any help I can get on this.
tomcat9 server.xml:
httpd.conf:
post_virtualhost_global.conf:
workers.properties (I don't think this is working because the stdout and stderr aren't created):
When you browse my website: example.com you are NOT taken to the DocumentRoot /home/example/example_web that I specify in post_virtualhost_global.conf, instead you are taken to public_html.
If you browse to my website using the SSL port - example.com:8443 - you are taken to /home/example/example_web, but the SSL certificate doesn't work.
I include the files involved below.
I appreciate any help I can get on this.
tomcat9 server.xml:
Code:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080"
protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
scheme="https"
secure="true"
SSLEnabled="true"
keystoreFile="/home/.keystore"
keystorePass="********"
sslProtocol="TLS"
clientAuth="false"
maxThreads="200" />
<Connector port="8009"
protocol="AJP/1.3"
redirectPort="8443"
enableLookups="false" />
<Engine name="Catalina" defaultHost="example.com">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="example.com" appBase="/home/example/example_web" unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Alias>www.example.com</Alias>
<Context path="" reloadable="true" docBase="/home/example/example_web" />
<Context path="/manager" docBase="/usr/local/tomcat/users/example/tomcat/webapps/manager"
privileged="true" antiResourceLocking="false" antiJARLocking="false" reloadable="true" />
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
Code:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT. AUTOMATICALLY GENERATED. USE INCLUDE FILES IF YOU NEED TO MAKE A CHANGE
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
# Direct modifications to the Apache configuration file WILL be lost upon subsequent
# regeneration of this configuration file, or an Apache update.
#
# To have your modifications retained, you should create/edit administrator-specific
# include files:
#
# /etc/apache2/conf.d/includes/pre_main_global.conf
# /etc/apache2/conf.d/includes/pre_virtualhost_global.conf
# /etc/apache2/conf.d/includes/post_virtualhost_global.conf
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
##################################################
##################################################
#
# cPanel & WHM controlled Apache configuration
#
##################################################
##################################################
Include "/etc/apache2/conf.modules.d/*.conf"
# Administrator locations for safely altering httpd.conf
Include "/etc/apache2/conf.d/includes/pre_main_global.conf"
# These are hard-coded values that are required by cPanel & WHM
PidFile /run/apache2/httpd.pid
User nobody
Group nobody
ExtendedStatus On
LogLevel warn
# You can change this by using WHM, and navigating to the 'Basic WebHost Manager® Setup' -> 'Contact Information' interface.
ServerAdmin [email protected]
# You can change this by using WHM, and navigating to the 'Networking Setup' => 'Change Hostname' interface.
ServerName dev.example.com
# You can change this by using WHM, and navigating to the 'Apache Configuration' -> 'Global Configuration' interface.
TraceEnable Off
ServerSignature Off
ServerTokens ProductOnly
FileETag None
<Directory "/">
AllowOverride All
Options ExecCGI FollowSymLinks IncludesNOEXEC Indexes
</Directory>
StartServers 5
<IfModule prefork.c>
MinSpareServers 5
MaxSpareServers 10
</IfModule>
ServerLimit 256
MaxRequestWorkers 150
MaxConnectionsPerChild 10000
KeepAlive On
KeepAliveTimeout 5
MaxKeepAliveRequests 100
Timeout 300
<IfModule rewrite_module>
# Global DCV Exclude - Rewrites
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/(?:\ Ballot169)? [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$ [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Sectigo\ DCV)?$
# Exclude proxy subdomains as we need rewrites to capture the DCV requests
RewriteCond %{HTTP_HOST} !^(?:autoconfig|autodiscover|cpanel|cpcalendars|cpcontacts|webdisk|webmail|whm)\.
RewriteRule ^ - [END]
</IfModule>
<LocationMatch "(^/\.well-known/pki-validation/(?: Ballot169)?|^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$|^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?: Sectigo DCV)?$)">
# Global DCV Exclude - Location
Satisfy Any
Order Allow,Deny
Allow from all
</LocationMatch>
# You can change this by using WHM, and navigating to the 'Apache Configuration' -> 'DirectoryIndex Priority' interface.
<IfModule dir_module>
DirectoryIndex index.php index.php5 index.php4 index.php3 index.perl index.pl index.plx index.ppl index.cgi index.jsp index.jp index.phtml index.shtml index.xhtml index.html index.htm index.wml Default.html Default.htm default.html default.htm home.html home.htm index.js
</IfModule>
# You can change this by using WHM, and navigating to the 'Apache Configuration' -> 'Memory Usage Restrictions' interface.
# This setting is required by cPanel & WHM in order to provide access to a default webpage when none exists
<Directory "/var/www/html">
Options All
AllowOverride None
Require all granted
</Directory>
# Required cPanel security policy: Disallow remote access to .htaccess, .htpasswd, .user.ini, and php.ini files
<FilesMatch "^(\.ht(access|passwds?)|\.user\.ini|php\.ini)$">
Require all denied
</FilesMatch>
# PHP error_log protection
<Files ~ "^error_log$">
<RequireAll>
Require all denied
</RequireAll>
</Files>
<IfModule alias_module>
ScriptAliasMatch ^/?controlpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?kpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?securecontrolpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
ScriptAliasMatch ^/?securecpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
ScriptAliasMatch ^/?securewhm/?$ /usr/local/cpanel/cgi-sys/swhmredirect.cgi
ScriptAliasMatch ^/?webmail$ /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/?webmail/ /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/?whm/?$ /usr/local/cpanel/cgi-sys/whmredirect.cgi
Alias /bandwidth /usr/local/bandmin/htdocs/
Alias /img-sys /usr/local/cpanel/img-sys/
Alias /java-sys /usr/local/cpanel/java-sys/
Alias /mailman/archives /usr/local/cpanel/3rdparty/mailman/archives/public/
Alias /pipermail /usr/local/cpanel/3rdparty/mailman/archives/public/
Alias /sys_cpanel /usr/local/cpanel/sys_cpanel/
ScriptAlias /cgi-sys /usr/local/cpanel/cgi-sys/
ScriptAlias /mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/
</IfModule>
# This can be configured in the cPanel 'Leech Protection' interface.
<IfModule rewrite_module>
RewriteEngine on
RewriteMap LeechProtect prg:/usr/local/cpanel/bin/leechprotect
Mutex file:/run/apache2 rewrite-map
</IfModule>
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddType application/x-tar .tgz
AddType text/vnd.wap.wml .wml
AddType image/vnd.wap.wbmp .wbmp
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlc .wmlc
AddType application/vnd.wap.wmlscriptc .wmlsc
# These extensions are used to redirect incoming requests to WHM
AddHandler cgi-script .cgi .pl .plx .ppl .perl
# This is used for custom error documents
AddHandler server-parsed .shtml
</IfModule>
# You can change this by using WHM, and updating the 'Tweak Settings' -> 'System' -> 'Allow server-info' option.
<IfModule status_module>
# This is used by the WHM 'Apache Status' application
<Location /whm-server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1
<IfModule security2_module>
SecRuleEngine Off
</IfModule>
</Location>
</IfModule>
# Required cPanel security policy: disable userdir when mod_ruid2 or mpm_itk or mod_passenger are loaded
<IfModule userdir_module>
UserDir public_html
<IfModule ruid2_module>
UserDir disabled
</IfModule>
<IfModule mpm_itk.c>
UserDir disabled
</IfModule>
<IfModule mod_passenger.c>
UserDir disabled
</IfModule>
</IfModule>
<IfModule mod_log_config.c>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhost
<IfModule logio_module>
LogFormat "%v %{%s}t %I .\n%v %{%s}t %O ." bytesvhost
</IfModule>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
<IfModule logio_module>
CustomLog "|/usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=dev.example.com --suffix=-bytes_log" bytesvhost
</IfModule>
CustomLog "|/usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=dev.example.com --mainout=/etc/apache2/logs/access_log" combinedvhost
</IfModule>
# The Listen port can be updated using 'Tweak Settings' -> 'System',
# However, if you have any Apache Reserved IPs, then this Tweak setting will
# be ignored. Instead, each IP on your system (excluding Apache Reserved IPs)
# will be listed here.
Listen 0.0.0.0:80
<IfModule ssl_module>
# cipher and protocol directives can be set in WHM under 'Apache Configuration' -> 'Global Configuration'
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLProtocol TLSv1.2
SSLPassPhraseDialog builtin
<IfModule socache_shmcb_module>
SSLUseStapling on
SSLStaplingCache shmcb:/run/apache2/stapling_cache_shmcb(256000)
# Prevent browsers from failing if an OCSP server is temporarily broken.
SSLStaplingReturnResponderErrors off
SSLStaplingErrorCacheTimeout 60
SSLStaplingFakeTryLater off
SSLStaplingResponderTimeout 3
SSLSessionCache shmcb:/run/apache2/ssl_gcache_data_shmcb(1024000)
</IfModule>
<IfModule !socache_shmcb_module>
SSLSessionCache dbm:/run/apache2/ssl_gcache_data_dbm
</IfModule>
SSLSessionCacheTimeout 300
Mutex file:/run/apache2 ssl-cache
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
# The Listen port can be updated using 'Tweak Settings' -> 'System',
# However, if you have any Apache Reserved IPs, then this Tweak setting will
# be ignored. Instead, each IP on your system (excluding Apache Reserved IPs)
# will be listed here.
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfModule>
Include "/etc/apache2/conf.d/*.conf"
Include "/etc/apache2/conf.d/includes/account_suspensions.conf"
Include "/etc/apache2/conf.d/includes/errordocument.conf"
# Administrator locations for safely globally altering all virtualhost configurations
Include "/etc/apache2/conf.d/includes/pre_virtualhost_global.conf"
ProxyPass /___proxy_subdomain_ws_cpanel ws://127.0.0.1:2082 max=1 retry=0
ProxyPass /___proxy_subdomain_ws_whm ws://127.0.0.1:2086 max=1 retry=0
ProxyPass /___proxy_subdomain_ws_webmail ws://127.0.0.1:2095 max=1 retry=0
##################################################
##################################################
#
# Define default vhosts for shared IPs
#
##################################################
##################################################
<VirtualHost 127.0.0.1:80>
ServerName dev.example.com
DocumentRoot /var/www/html
ServerAdmin [email protected]
# Global DCV Rewrite Exclude
<IfModule rewrite_module>
RewriteOptions Inherit
</IfModule>
<Directory "/var/www/html">
AllowOverride All
</Directory>
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
</VirtualHost>
<VirtualHost 162.253.xxx.xxx:80>
ServerName dev.example.com
DocumentRoot /var/www/html
ServerAdmin [email protected]
# Global DCV Rewrite Exclude
<IfModule rewrite_module>
RewriteOptions Inherit
</IfModule>
<Directory "/var/www/html">
AllowOverride All
</Directory>
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
</VirtualHost>
##################################################
##################################################
#
# Define default vhosts for unbound IPs
#
##################################################
##################################################
<VirtualHost *>
ServerName dev.example.com
DocumentRoot /var/www/html
ServerAdmin [email protected]
# Global DCV Rewrite Exclude
<IfModule rewrite_module>
RewriteOptions Inherit
</IfModule>
<Directory "/var/www/html">
AllowOverride All
</Directory>
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
</VirtualHost>
##################################################
##################################################
#
# Define the virtual host configurtion for user domains
#
##################################################
##################################################
# BEGIN: HTTP vhosts list
<VirtualHost 162.253.xxx.xxx:80>
ServerName example.com
<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/\.well-known/(pki-validation|cpanel-dcv)/
RewriteRule ^ - [END]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
ServerAlias mail.example.com mail.tanglemydata.com mail.tanglemydata.dev tanglemydata.com tanglemydata.dev www.example.com www.tanglemydata.com www.tanglemydata.dev
DocumentRoot /home/example/public_html
ServerAdmin [email protected]
UseCanonicalName Off
## User example # Needed for Cpanel::ApacheConf
<IfModule userdir_module>
<IfModule !mpm_itk.c>
<IfModule !ruid2_module>
<IfModule !mod_passenger.c>
UserDir disabled
UserDir enabled example
</IfModule>
</IfModule>
</IfModule>
</IfModule>
# Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
# To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
# the user's .htaccess file. For more information, please read:
# http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
<IfModule include_module>
<Directory "/home/example/public_html">
SSILegacyExprParser On
</Directory>
</IfModule>
<IfModule suphp_module>
suPHP_UserGroup example example
</IfModule>
<IfModule suexec_module>
<IfModule !mod_ruid2.c>
SuexecUserGroup example example
</IfModule>
</IfModule>
<IfModule ruid2_module>
RMode config
RUidGid example example
</IfModule>
<IfModule mpm_itk.c>
# For more information on MPM ITK, please read:
# http://mpm-itk.sesse.net/
AssignUserID example example
</IfModule>
<IfModule mod_passenger.c>
PassengerUser example
PassengerGroup example
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ /home/example/public_html/cgi-bin/
</IfModule>
# Global DCV Rewrite Exclude
<IfModule rewrite_module>
RewriteOptions Inherit
</IfModule>
# To customize this VirtualHost use an include file at the following location
# Include "/etc/apache2/conf.d/userdata/std/2_4/example/example.com/*.conf"
</VirtualHost>
# END: HTTP vhosts list
# BEGIN: HTTPS vhosts list
<VirtualHost 162.253.xxx.xxx:443>
ServerName example.com
ServerAlias mail.example.com mail.tanglemydata.com mail.tanglemydata.dev tanglemydata.com tanglemydata.dev www.example.com www.tanglemydata.com www.tanglemydata.dev webdisk.example.com webmail.example.com cpanel.example.com
DocumentRoot /home/example/public_html
ServerAdmin [email protected]
UseCanonicalName Off
## User example # Needed for Cpanel::ApacheConf
<IfModule userdir_module>
<IfModule !mpm_itk.c>
<IfModule !ruid2_module>
<IfModule !mod_passenger.c>
UserDir disabled
UserDir enabled example
</IfModule>
</IfModule>
</IfModule>
</IfModule>
# Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
# To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
# the user's .htaccess file. For more information, please read:
# http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
<IfModule mod_include.c>
<Directory "/home/example/public_html">
SSILegacyExprParser On
</Directory>
</IfModule>
<Proxymatch ^https?://127\.0\.0\.1:(2082|2083|2077|2078|2079|2080|2086|2087|2095|2096)/>
<IfModule security2_module>
SecRuleEngine Off
</IfModule>
</Proxymatch>
<IfModule mod_suphp.c>
suPHP_UserGroup example example
</IfModule>
<IfModule suexec_module>
<IfModule !mod_ruid2.c>
SuexecUserGroup example example
</IfModule>
</IfModule>
<IfModule ruid2_module>
RMode config
RUidGid example example
</IfModule>
<IfModule mpm_itk.c>
# For more information on MPM ITK, please read:
# http://mpm-itk.sesse.net/
AssignUserID example example
</IfModule>
<IfModule mod_passenger.c>
PassengerUser example
PassengerGroup example
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ /home/example/public_html/cgi-bin/
</IfModule>
<IfModule ssl_module>
SSLEngine on
SSLCertificateFile /var/cpanel/ssl/apache_tls/example.com/combined
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<Directory "/home/example/public_html/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
</IfModule>
# To customize this VirtualHost use an include file at the following location
# Include "/etc/apache2/conf.d/userdata/ssl/2_4/example/example.com/*.conf"
<IfModule headers_module>
RequestHeader set X-HTTPS 1
</IfModule>
RewriteEngine On
RewriteCond %{HTTP_HOST} =cpanel.example.com [OR]
RewriteCond %{HTTP_HOST} =cpanel.example.com:443
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_cpanel/$1 [PT]
ProxyPass "/___proxy_subdomain_cpanel" "http://127.0.0.1:2082" max=1 retry=0
RewriteCond %{HTTP_HOST} =webdisk.example.com [OR]
RewriteCond %{HTTP_HOST} =webdisk.example.com:443
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_webdisk/$1 [PT]
ProxyPass "/___proxy_subdomain_webdisk" "http://127.0.0.1:2077" max=1 retry=0
RewriteCond %{HTTP_HOST} =webmail.example.com [OR]
RewriteCond %{HTTP_HOST} =webmail.example.com:443
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_webmail/$1 [PT]
ProxyPass "/___proxy_subdomain_webmail" "http://127.0.0.1:2095" max=1 retry=0
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteCond %{HTTP_HOST} =cpanel.example.com [OR]
RewriteCond %{HTTP_HOST} =cpanel.example.com:443
RewriteRule ^/(.*) /___proxy_subdomain_ws_cpanel/$1 [PT]
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteCond %{HTTP_HOST} =webmail.example.com [OR]
RewriteCond %{HTTP_HOST} =webmail.example.com:443
RewriteRule ^/(.*) /___proxy_subdomain_ws_webmail/$1 [PT]
</VirtualHost>
# END: HTTPS vhosts list
##################################################
##################################################
#
# Define the main cPanel & WHM proxy subdomains
#
##################################################
##################################################
# CPANEL/WHM/WEBMAIL/WEBDISK PROXY SUBDOMAINS
<VirtualHost 162.253.xxx.xxx:80 127.0.0.1:80>
ServerName proxy-subdomains-vhost.localhost
ServerAlias cpanel.* whm.* webmail.* webdisk.* cpcalendars.* cpcontacts.*
DocumentRoot /var/www/html
ServerAdmin [email protected]
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
<Proxy "*">
<IfModule security2_module>
SecRuleEngine Off
</IfModule>
</Proxy>
<Directory "/var/www/html">
AllowOverride All
</Directory>
ScriptAlias /.cpanel/dcv /usr/local/cpanel/cgi-priv/get_local.cgi
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/(?:\ Ballot169)? [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$ [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Sectigo\ DCV)?$
RewriteRule ^ /.cpanel/dcv [passthrough]
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_cpanel/$1 [PT]
ProxyPass "/___proxy_subdomain_cpanel" "http://127.0.0.1:2082" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_webmail/$1 [PT]
ProxyPass "/___proxy_subdomain_webmail" "http://127.0.0.1:2095" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^whm\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_whm/$1 [PT]
ProxyPass "/___proxy_subdomain_whm" "http://127.0.0.1:2086" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^webdisk\.
RewriteRule ^/(.*) /___proxy_subdomain_webdisk/$1 [PT]
ProxyPass "/___proxy_subdomain_webdisk" "http://127.0.0.1:2077" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpcalendars\.
RewriteRule ^/(.*) /___proxy_subdomain_cpcalendars/$1 [PT]
ProxyPass "/___proxy_subdomain_cpcalendars" "http://127.0.0.1:2079" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpcontacts\.
RewriteRule ^/(.*) /___proxy_subdomain_cpcontacts/$1 [PT]
ProxyPass "/___proxy_subdomain_cpcontacts" "http://127.0.0.1:2079" max=1 retry=0
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_cpanel/$1 [PT]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_webmail/$1 [PT]
RewriteCond %{HTTP_HOST} ^whm\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_whm/$1 [PT]
UseCanonicalName Off
<IfModule security2_module>
SecRuleEngine On
</IfModule>
</VirtualHost>
# CPANEL/WHM/WEBMAIL/WEBDISK PROXY SUBDOMAINS
<VirtualHost 162.253.xxx.xxx:443 127.0.0.1:443>
ServerName dev.example.com
ServerAlias cpanel.* whm.* webmail.* webdisk.* cpcalendars.* cpcontacts.*
DocumentRoot /var/www/html
ServerAdmin [email protected]
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
<Proxy "*">
<IfModule security2_module>
SecRuleEngine Off
</IfModule>
</Proxy>
<Directory "/var/www/html">
AllowOverride All
</Directory>
RewriteEngine On
<IfModule ssl_module>
SSLEngine on
SSLCertificateFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateChainFile /var/cpanel/ssl/cpanel/mycpanel.pem
</IfModule>
<IfModule headers_module>
RequestHeader set X-HTTPS 1
</IfModule>
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_cpanel/$1 [PT]
ProxyPass "/___proxy_subdomain_cpanel" "http://127.0.0.1:2082" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_webmail/$1 [PT]
ProxyPass "/___proxy_subdomain_webmail" "http://127.0.0.1:2095" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^whm\.
RewriteCond %{HTTP:Upgrade} !websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_whm/$1 [PT]
ProxyPass "/___proxy_subdomain_whm" "http://127.0.0.1:2086" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^webdisk\.
RewriteRule ^/(.*) /___proxy_subdomain_webdisk/$1 [PT]
ProxyPass "/___proxy_subdomain_webdisk" "http://127.0.0.1:2077" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpcontacts\.
RewriteRule ^/(.*) /___proxy_subdomain_cpcontacts/$1 [PT]
ProxyPass "/___proxy_subdomain_cpcontacts" "http://127.0.0.1:2079" max=1 retry=0
RewriteCond %{HTTP_HOST} !^dev.example.com$
RewriteCond %{HTTP_HOST} ^cpcalendars\.
RewriteRule ^/(.*) /___proxy_subdomain_cpcalendars/$1 [PT]
ProxyPass "/___proxy_subdomain_cpcalendars" "http://127.0.0.1:2079" max=1 retry=0
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_cpanel/$1 [PT]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_webmail/$1 [PT]
RewriteCond %{HTTP_HOST} ^whm\.
RewriteCond %{HTTP:Upgrade} websocket [nocase]
RewriteRule ^/(.*) /___proxy_subdomain_ws_whm/$1 [PT]
UseCanonicalName Off
<IfModule security2_module>
SecRuleEngine On
</IfModule>
</VirtualHost>
# Administrator locations for safely altering virtualhost configuration
Include "/etc/apache2/conf.d/includes/post_virtualhost_global.conf"
##################################################
##################################################
#
# Define the Domain Forwarding virtual hosts
#
##################################################
##################################################
# Domain forwarding is currently disabled.
# You can set this by logging into WHM, and navigating to the 'DNS Functions' => 'Setup/Edit Domain Forwarding' interface.
##################################################
##################################################
#
# Default SSL Hostname Virtual Host
#
##################################################
##################################################
<VirtualHost 127.0.0.1:443 162.253.xxx.xxx:443 *:443>
ServerName dev.example.com
DocumentRoot /var/www/html
ServerAdmin [email protected]
<IfModule suphp_module>
suPHP_UserGroup nobody nobody
</IfModule>
<Directory "/var/www/html">
AllowOverride All
</Directory>
<IfModule ssl_module>
SSLEngine on
SSLCertificateFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateKeyFile /var/cpanel/ssl/cpanel/mycpanel.pem
SSLCertificateChainFile /var/cpanel/ssl/cpanel/mycpanel.pem
</IfModule>
UseCanonicalName Off
<IfModule security2_module>
SecRuleEngine On
</IfModule>
</VirtualHost>
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# DO NOT EDIT. AUTOMATICALLY GENERATED. USE INCLUDE FILES IF YOU NEED TO MAKE A CHANGE
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
Code:
<virtualhost 127.0.0.1:8443 162.253.xxx.xxx:8443 *:8443>
ServerName example.com
ServerAlias example.com
ServerAdmin [email protected]
DocumentRoot "/home/example/example_web"
<Directory /home/example/example_web>
AllowOverride All
Allow from all
</Directory>
<IfModule ssl_module>
SSLEngine on
SSLCertificateFile /home/example/mycerts/237494542.crt
SSLCertificateKeyFile /home/example/mycerts/237494542_private_key.txt
SSLCertificateChainFile /home/example/mycerts/237494542.ca-bundle
</IfModule>
UseCanonicalName Off
<IfModule security2_module>
SecRuleEngine On
</IfModule>
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
</virtualhost>
Code:
# workers.properties
#
workers.tomcat_home=/usr/local/tomcat/default
workers.java_home=/usr/java/default
ps=/
worker.list=ajp13, example
#worker.list=ajp13
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
worker.ajp13.lbfactor=1
worker.inprocess.type=jni
worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar
worker.inprocess.cmd_line=start
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
worker.example.port=8443
Last edited by a moderator: