SOLVED Problems manually editing apache configurations

sys_alex

Member
Apr 23, 2018
18
6
3
Spain, Galicia
cPanel Access Level
Root Administrator
Hello,

I'm trying to edit our apache configuration editing this file:

/var/cpanel/conf/apache/local

adding this:
---
main:
keepalive:
item:
keepalive: 'Off'

as said in cpanel documentation: Global Configuration - Version 68 Documentation - cPanel Documentation

My problem is that when i rebuild apache configuration and restart the service no changes are made to the actual configuration.

Is there any new way to manually change this?
 
  • Like
Reactions: rarod

cPanelKenneth

cPanel Development
Staff member
Apr 7, 2006
4,578
52
308
cPanel Access Level
Root Administrator
The file format of the local file is YAML. At a guess, the manual edits you did are not valid YAML format. Why are you doing the changes manually versus using the GUI to create the file? The GUI will always create the proper format.
 
  • Like
Reactions: cPanelLauren

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @sys_alex,

If your goal is to replicate the exact Apache/EA4 configuration from one server to another, then you may want to consider using the cpconftool script. It's documented at:

The cpconftool Script - Version 68 Documentation - cPanel Documentation

For example, you'd run the following command to generate a backup

Code:
/usr/local/cpanel/bin/cpconftool --backup --modules=cpanel::easy::apache
Backup Successful
/home/whm-config-backup-cpanel__easy__apache-1.0.0-1524677032.tar.gz
You'd then move the backup archive to the destination server and restore it using the following command:

Code:
 /usr/local/cpanel/bin/cpconftool --restore=/home/whm-config-backup-cpanel__easy__apache-1.0.0-1524676829.tar.gz --modules=cpanel::easy::apache
However, keep in mind this would backup and restore the following configuration files:

/etc/cpanel/ea4
/var/cpanel/easy
/etc/apache2/conf.d
/etc/apache2/conf
/usr/local/apache/conf
/var/cpanel/secdatadir
/var/cpanel/modsec_cpanel_conf_datastore
/var/cpanel/conf/apache/main
/var/cpanel/conf/apache/local
/usr/local/apache/conf/includes
/var/cpanel/templates/apache*/*local
Thank you.
 

sys_alex

Member
Apr 23, 2018
18
6
3
Spain, Galicia
cPanel Access Level
Root Administrator
One question about that script then: do any of those files you listed have any server specific configuration? Like hostname, ip, etc

If they do have specific information , does the script works around that and adds variables to that kind of data?
 
  • Like
Reactions: rarod

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @sys_alex,

Here's an example of the files that are included with the Apache backup:

Code:
# tar -zxvf whm-config-backup-cpanel__easy__apache-1.0.0-1524842077.tar.gz
./
./version
./cpanel/
./cpanel/easy/
./cpanel/easy/apache/
./cpanel/easy/apache/modsec_settings.json
./cpanel/easy/apache/tweak/
./cpanel/easy/apache/tweak/cpanel.config
./cpanel/easy/apache/other/
./cpanel/easy/apache/other/main
./cpanel/easy/apache/other/local
./cpanel/easy/apache/config/
./cpanel/easy/apache/config/modsec_cpanel_conf_datastore
./cpanel/easy/apache/modsec_vendor.json
./cpanel/easy/apache/etc/
./cpanel/easy/apache/etc/apache2/
./cpanel/easy/apache/etc/apache2/conf/
./cpanel/easy/apache/etc/apache2/conf/httpd.conf
./cpanel/easy/apache/etc/apache2/conf/magic
./cpanel/easy/apache/etc/apache2/conf/mime.types
./cpanel/easy/apache/etc/apache2/conf/httpd.conf,v
./cpanel/easy/apache/etc/apache2/conf/httpd.conf.datastore
./cpanel/easy/apache/etc/apache2/conf.d/
./cpanel/easy/apache/etc/apache2/conf.d/includes/
./cpanel/easy/apache/etc/apache2/conf.d/includes/account_suspensions.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/errordocument.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/post_virtualhost_1.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/post_virtualhost_2.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/post_virtualhost_global.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_main_1.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_main_2.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_main_global.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_virtualhost_1.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_virtualhost_2.conf
./cpanel/easy/apache/etc/apache2/conf.d/includes/pre_virtualhost_global.conf
./cpanel/easy/apache/etc/apache2/conf.d/README
./cpanel/easy/apache/etc/apache2/conf.d/autoindex.conf
./cpanel/easy/apache/etc/apache2/conf.d/cperror.conf
./cpanel/easy/apache/etc/apache2/conf.d/http2.conf
./cpanel/easy/apache/etc/apache2/conf.d/modsec/
./cpanel/easy/apache/etc/apache2/conf.d/modsec/modsec2.user.conf
./cpanel/easy/apache/etc/apache2/conf.d/modsec/modsec2.cpanel.conf.PREVIOUS
./cpanel/easy/apache/etc/apache2/conf.d/modsec/modsec2.cpanel.conf
./cpanel/easy/apache/etc/apache2/conf.d/modsec2.conf
./cpanel/easy/apache/etc/apache2/conf.d/php.conf
./cpanel/easy/apache/etc/apache2/conf.d/ssl.crt/
./cpanel/easy/apache/etc/apache2/conf.d/ssl.crt/server.crt
./cpanel/easy/apache/etc/apache2/conf.d/ssl.key/
./cpanel/easy/apache/etc/apache2/conf.d/ssl.key/server.key
./cpanel/easy/apache/etc/apache2/conf.d/php.version
./cpanel/easy/apache/etc/cpanel/
./cpanel/easy/apache/etc/cpanel/ea4/
./cpanel/easy/apache/etc/cpanel/ea4/profiles/
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/allphp-opcache.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/allphp.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/default.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/mpm_itk.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/nophp.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/rubypassenger.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/cpanel/worker.json
./cpanel/easy/apache/etc/cpanel/ea4/profiles/custom/
./cpanel/easy/apache/etc/cpanel/ea4/profiles/custom/cpconftool_current_profile.json
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php54-php/
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php54-php/dso.json
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php55-php
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php56-php
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php70-php
./cpanel/easy/apache/etc/cpanel/ea4/recommendations/ea-php71-php
./cpanel/easy/apache/etc/cpanel/ea4/is_ea4
./cpanel/easy/apache/etc/cpanel/ea4/paths.conf
./cpanel/easy/apache/etc/cpanel/ea4/php.conf
./cpanel/easy/apache/etc/cpanel/ea4/php.conf.cache
./cpanel/easy/apache/usr/
./cpanel/easy/apache/usr/local/
./cpanel/easy/apache/usr/local/apache/
./cpanel/easy/apache/usr/local/apache/conf/
./cpanel/easy/apache/usr/local/apache/conf/mime.types
./cpanel/easy/apache/usr/local/apache/conf/httpd.conf
./cpanel/easy/apache/usr/local/apache/conf/includes
./cpanel/easy/apache/usr/local/apache/conf/php.conf
./cpanel/easy/apache/conf_includes/
./cpanel/easy/apache/conf_includes/account_suspensions.conf
./cpanel/easy/apache/conf_includes/errordocument.conf
./cpanel/easy/apache/conf_includes/post_virtualhost_1.conf
./cpanel/easy/apache/conf_includes/post_virtualhost_2.conf
./cpanel/easy/apache/conf_includes/post_virtualhost_global.conf
./cpanel/easy/apache/conf_includes/pre_main_1.conf
./cpanel/easy/apache/conf_includes/pre_main_2.conf
./cpanel/easy/apache/conf_includes/pre_main_global.conf
./cpanel/easy/apache/conf_includes/pre_virtualhost_1.conf
./cpanel/easy/apache/conf_includes/pre_virtualhost_2.conf
./cpanel/easy/apache/conf_includes/pre_virtualhost_global.conf
./cpanel/easy/apache/var/
./cpanel/easy/apache/var/cpanel/
./cpanel/easy/apache/var/cpanel/secdatadir/
./cpanel/easy/apache/version
It's possible some of these files will include server specific values, yes. It's generally better used when you are migrating accounts from one server to another. If you just want the contents of the /var/cpanel/conf/apache/local file, have you considered simply copying the file as opposed to manually modifying it with a text editor?

Thank you.
 

sys_alex

Member
Apr 23, 2018
18
6
3
Spain, Galicia
cPanel Access Level
Root Administrator
Thing is , we are actually copying the file, but when doing an apache rebuild that file is ignored for new configuration.

We didn't have this problem before, just recently, and i was wondering if something changed in version 68 about this file or how it's used.
 

sys_alex

Member
Apr 23, 2018
18
6
3
Spain, Galicia
cPanel Access Level
Root Administrator
Sure, file contents at the end of the post.

to deploy i just copy this file to /var/cpanel/conf/apache/local and rebuild & restart apache

Code:
---
main:
  directory:
    options:
      directive: options
      item:
        options: ExecCGI FollowSymLinks IncludesNOEXEC Indexes
  directoryindex:
    item:
      directoryindex: index.php index.php5 index.php4 index.php3 index.perl index.pl index.plx index.ppl index.cgi index.jsp index.jp index.phtml index.shtml index.xhtml index.html index.htm index.wml Default.html Default.htm default.html default.htm home.html home.htm index.js raiola.html
  fileetag:
    item:
      fileetag: None
  keepalive:
    item:
      keepalive: 'Off'
  keepalivetimeout:
    item:
      keepalivetimeout: 5
  loglevel:
    item:
      loglevel: warn
  maxclients:
    item:
      maxclients: 499
  maxkeepaliverequests:
    item:
      maxkeepaliverequests: 100
  maxrequestsperchild:
    item:
      maxrequestsperchild: 4000
  maxspareservers:
    item:
      maxspareservers: 10
  minspareservers:
    item:
      minspareservers: 5
  optimize_htaccess:
    item:
      optimize_htaccess: search_homedir_below
  root_options:
    item:
      root_options:
        ExecCGI: 1
        FollowSymLinks: 1
        Includes: 0
        IncludesNOEXEC: 1
        Indexes: 1
        MultiViews: 0
        SymLinksIfOwnerMatch: 0
  serverlimit:
    item:
      serverlimit: 500
  serversignature:
    item:
      serversignature: 'Off'
  servertokens:
    item:
      servertokens: ProductOnly
  sslciphersuite:
    item:
      sslciphersuite: sslciphersuite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
  sslprotocol:
    item:
      sslprotocol: All -SSLv2 -SSLv3
  startservers:
    item:
      startservers: 5
  timeout:
    item:
      timeout: 15
  traceenable:
    item:
      traceenable: 'Off'
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
sslciphersuite:
item:
sslciphersuite: sslciphersuite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
Hello @sys_alex,

You have a duplicate entry for sslciphersuite under "item" in the text quoted above. Removing the duplicate entry should solve the problem.

Thank you.
 
  • Like
Reactions: sys_alex