AH01630: client denied by server configuration, redirected from one virtualhost to another












0















Summary



I've read through a crapload of Google results and stackoverflow questions but can't figure this out. The core issue seem to be:




  • Basic setup is Apache/2.4.10, libapache2-mod-wsgi-py3 4.3.0-1 and flask 1.0.2

  • This was working fine before I setup HTTPS using certbot

  • There are two subdomains setup in separate .conf files using virtualhosts. The .conf files are identical apart from the directories and project names/URLs

  • The Apache logs indicate that request is somehow redirected from project_2 URL to project_1 WSGI script, and I don't understand why

  • If anyone could please point me in the right direction I'd be eternally grateful


Apache logs:




[ssl:debug] ssl_engine_kernel.c(243): AH02034: Initial (No.1) HTTPS request received for child 67 (server project_2.domain.com:443)
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied
[authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi
[ssl:debug] ssl_engine_kernel.c(243): AH02034: Subsequent (No.2) HTTPS request received for child 68 (server project_2.domain.com:443), ref$
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied, referer: https://www.project_2.domain.com/
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied, referer: https://www.project_2.domain.com/
authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi, referer: https://www.project_2.domain.com/



Apache .conf files



/etc/apache2/sites-available/project_2.conf



WSGIDaemonProcess project_2 user=username group=username threads=5

WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"



<VirtualHost *:80>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log

        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]

RewriteCond %{SERVER_NAME} =project_2.domain.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>


/etc/apache2/sites-available/project_2-le-ssl.conf



<IfModule mod_ssl.c>

<VirtualHost *:443>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/project_2_error.log

        CustomLog ${APACHE_LOG_DIR}/project_2_access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/www.project_2.domain.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/www.project_2.domain.com/privkey.pem

</VirtualHost>

</IfModule>


sudo apachectl -S:




VirtualHost configuration:
*:443 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
port 443 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
alias www.project_1.domain.com
port 443 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2-le-ssl.conf:2)
alias www.project_2.domain.com
*:80 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
port 80 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
alias www.project_1.domain.com
port 80 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2.conf:4)
alias www.project_2.domain.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33






apache flask wsgi certbot







share|improve this question























  • I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

    – freefall
    Nov 25 '18 at 3:34


















0















Summary



I've read through a crapload of Google results and stackoverflow questions but can't figure this out. The core issue seem to be:




  • Basic setup is Apache/2.4.10, libapache2-mod-wsgi-py3 4.3.0-1 and flask 1.0.2

  • This was working fine before I setup HTTPS using certbot

  • There are two subdomains setup in separate .conf files using virtualhosts. The .conf files are identical apart from the directories and project names/URLs

  • The Apache logs indicate that request is somehow redirected from project_2 URL to project_1 WSGI script, and I don't understand why

  • If anyone could please point me in the right direction I'd be eternally grateful


Apache logs:




[ssl:debug] ssl_engine_kernel.c(243): AH02034: Initial (No.1) HTTPS request received for child 67 (server project_2.domain.com:443)
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied
[authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi
[ssl:debug] ssl_engine_kernel.c(243): AH02034: Subsequent (No.2) HTTPS request received for child 68 (server project_2.domain.com:443), ref$
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied, referer: https://www.project_2.domain.com/
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied, referer: https://www.project_2.domain.com/
authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi, referer: https://www.project_2.domain.com/



Apache .conf files



/etc/apache2/sites-available/project_2.conf



WSGIDaemonProcess project_2 user=username group=username threads=5

WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"



<VirtualHost *:80>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log

        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]

RewriteCond %{SERVER_NAME} =project_2.domain.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>


/etc/apache2/sites-available/project_2-le-ssl.conf



<IfModule mod_ssl.c>

<VirtualHost *:443>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/project_2_error.log

        CustomLog ${APACHE_LOG_DIR}/project_2_access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/www.project_2.domain.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/www.project_2.domain.com/privkey.pem

</VirtualHost>

</IfModule>


sudo apachectl -S:




VirtualHost configuration:
*:443 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
port 443 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
alias www.project_1.domain.com
port 443 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2-le-ssl.conf:2)
alias www.project_2.domain.com
*:80 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
port 80 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
alias www.project_1.domain.com
port 80 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2.conf:4)
alias www.project_2.domain.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33






apache flask wsgi certbot







share|improve this question























  • I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

    – freefall
    Nov 25 '18 at 3:34
















0












0








0








Summary



I've read through a crapload of Google results and stackoverflow questions but can't figure this out. The core issue seem to be:




  • Basic setup is Apache/2.4.10, libapache2-mod-wsgi-py3 4.3.0-1 and flask 1.0.2

  • This was working fine before I setup HTTPS using certbot

  • There are two subdomains setup in separate .conf files using virtualhosts. The .conf files are identical apart from the directories and project names/URLs

  • The Apache logs indicate that request is somehow redirected from project_2 URL to project_1 WSGI script, and I don't understand why

  • If anyone could please point me in the right direction I'd be eternally grateful


Apache logs:




[ssl:debug] ssl_engine_kernel.c(243): AH02034: Initial (No.1) HTTPS request received for child 67 (server project_2.domain.com:443)
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied
[authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi
[ssl:debug] ssl_engine_kernel.c(243): AH02034: Subsequent (No.2) HTTPS request received for child 68 (server project_2.domain.com:443), ref$
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied, referer: https://www.project_2.domain.com/
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied, referer: https://www.project_2.domain.com/
authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi, referer: https://www.project_2.domain.com/



Apache .conf files



/etc/apache2/sites-available/project_2.conf



WSGIDaemonProcess project_2 user=username group=username threads=5

WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"



<VirtualHost *:80>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log

        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]

RewriteCond %{SERVER_NAME} =project_2.domain.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>


/etc/apache2/sites-available/project_2-le-ssl.conf



<IfModule mod_ssl.c>

<VirtualHost *:443>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/project_2_error.log

        CustomLog ${APACHE_LOG_DIR}/project_2_access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/www.project_2.domain.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/www.project_2.domain.com/privkey.pem

</VirtualHost>

</IfModule>


sudo apachectl -S:




VirtualHost configuration:
*:443 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
port 443 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
alias www.project_1.domain.com
port 443 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2-le-ssl.conf:2)
alias www.project_2.domain.com
*:80 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
port 80 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
alias www.project_1.domain.com
port 80 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2.conf:4)
alias www.project_2.domain.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33






apache flask wsgi certbot







share|improve this question














Summary



I've read through a crapload of Google results and stackoverflow questions but can't figure this out. The core issue seem to be:




  • Basic setup is Apache/2.4.10, libapache2-mod-wsgi-py3 4.3.0-1 and flask 1.0.2

  • This was working fine before I setup HTTPS using certbot

  • There are two subdomains setup in separate .conf files using virtualhosts. The .conf files are identical apart from the directories and project names/URLs

  • The Apache logs indicate that request is somehow redirected from project_2 URL to project_1 WSGI script, and I don't understand why

  • If anyone could please point me in the right direction I'd be eternally grateful


Apache logs:




[ssl:debug] ssl_engine_kernel.c(243): AH02034: Initial (No.1) HTTPS request received for child 67 (server project_2.domain.com:443)
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied
[authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi
[ssl:debug] ssl_engine_kernel.c(243): AH02034: Subsequent (No.2) HTTPS request received for child 68 (server project_2.domain.com:443), ref$
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of Require all denied: denied, referer: https://www.project_2.domain.com/
[authz_core:debug] mod_authz_core.c(809): AH01626: authorization result of <RequireAny>: denied, referer: https://www.project_2.domain.com/
authz_core:error] AH01630: client denied by server configuration: /home/username/projects/project_1/app/run_site.wsgi, referer: https://www.project_2.domain.com/



Apache .conf files



/etc/apache2/sites-available/project_2.conf



WSGIDaemonProcess project_2 user=username group=username threads=5

WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"



<VirtualHost *:80>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log

        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]

RewriteCond %{SERVER_NAME} =project_2.domain.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>


/etc/apache2/sites-available/project_2-le-ssl.conf



<IfModule mod_ssl.c>

<VirtualHost *:443>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/project_2_error.log

        CustomLog ${APACHE_LOG_DIR}/project_2_access.log combined

Include /etc/letsencrypt/options-ssl-apache.conf

SSLCertificateFile /etc/letsencrypt/live/www.project_2.domain.com/fullchain.pem

SSLCertificateKeyFile /etc/letsencrypt/live/www.project_2.domain.com/privkey.pem

</VirtualHost>

</IfModule>


sudo apachectl -S:




VirtualHost configuration:
*:443 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
port 443 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1-le-ssl.conf:2)
alias www.project_1.domain.com
port 443 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2-le-ssl.conf:2)
alias www.project_2.domain.com
*:80 is a NameVirtualHost
default server project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
port 80 namevhost project_1.domain.com (/etc/apache2/sites-enabled/project_1.conf:4)
alias www.project_1.domain.com
port 80 namevhost project_2.domain.com (/etc/apache2/sites-enabled/project_2.conf:4)
alias www.project_2.domain.com
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/lock/apache2" mechanism=fcntl
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: ENABLE_USR_LIB_CGI_BIN
User: name="www-data" id=33
Group: name="www-data" id=33






apache flask wsgi certbot




apache flask wsgi certbot






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 25 '18 at 3:29









freefallfreefall

141211




141211













  • I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

    – freefall
    Nov 25 '18 at 3:34





















  • I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

    – freefall
    Nov 25 '18 at 3:34



















I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

– freefall
Nov 25 '18 at 3:34







I think this has something to do with bringing the definition of WSGIScriptAlias outside of the virtualhost (which is necessary so there are no duplicates), but I feel this might duplicate the configuration between the different virtualhosts causing a redirect from project_2 to project_1 since they both have a WSGIScriptAlias line

– freefall
Nov 25 '18 at 3:34














1 Answer
1






active

oldest

votes


















0














OK I figured out my mistake. When I was setting up certbot I moved both these lines outside the virtual host:



WSGIDaemonProcess project_2 user=username group=username threads=5

WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"


This lead to two WSGIScriptAlias lines in both my .conf files, one was overriding the other. What fixed this is bringing the WSGIScriptAlias inside the virtual host in both scripts project_1.conf and project_2.conf, as well as adding it manually back into project_1-le-ssl.conf and project_2-le-ssl.conf



Resulting .conf example:



WSGIDaemonProcess project_2 user=username group=username threads=5



<VirtualHost *:80>

        ServerName project_2.domain.com

        ServerAlias www.project_2.domain.com



        WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"



        <Directory "/home/username/projects/project_2/">

                WSGIProcessGroup project_2

                WSGIApplicationGroup %{GLOBAL}

                WSGIScriptReloading On



                Require all granted

        </Directory>



        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log

        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined

RewriteEngine on

RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]

RewriteCond %{SERVER_NAME} =project_2.domain.com

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>





share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53464408%2fah01630-client-denied-by-server-configuration-redirected-from-one-virtualhost%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    OK I figured out my mistake. When I was setting up certbot I moved both these lines outside the virtual host:



    WSGIDaemonProcess project_2 user=username group=username threads=5
    
WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"


    This lead to two WSGIScriptAlias lines in both my .conf files, one was overriding the other. What fixed this is bringing the WSGIScriptAlias inside the virtual host in both scripts project_1.conf and project_2.conf, as well as adding it manually back into project_1-le-ssl.conf and project_2-le-ssl.conf



    Resulting .conf example:



    WSGIDaemonProcess project_2 user=username group=username threads=5
    

    
<VirtualHost *:80>
    
        ServerName project_2.domain.com
    
        ServerAlias www.project_2.domain.com
    

    
        WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"
    

    
        <Directory "/home/username/projects/project_2/">
    
                WSGIProcessGroup project_2
    
                WSGIApplicationGroup %{GLOBAL}
    
                WSGIScriptReloading On
    

    
                Require all granted
    
        </Directory>
    

    
        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log
    
        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined
    
RewriteEngine on
    
RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]
    
RewriteCond %{SERVER_NAME} =project_2.domain.com
    
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
    
</VirtualHost>





    share|improve this answer




























      0














      OK I figured out my mistake. When I was setting up certbot I moved both these lines outside the virtual host:



      WSGIDaemonProcess project_2 user=username group=username threads=5
      
WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"


      This lead to two WSGIScriptAlias lines in both my .conf files, one was overriding the other. What fixed this is bringing the WSGIScriptAlias inside the virtual host in both scripts project_1.conf and project_2.conf, as well as adding it manually back into project_1-le-ssl.conf and project_2-le-ssl.conf



      Resulting .conf example:



      WSGIDaemonProcess project_2 user=username group=username threads=5
      

      
<VirtualHost *:80>
      
        ServerName project_2.domain.com
      
        ServerAlias www.project_2.domain.com
      

      
        WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"
      

      
        <Directory "/home/username/projects/project_2/">
      
                WSGIProcessGroup project_2
      
                WSGIApplicationGroup %{GLOBAL}
      
                WSGIScriptReloading On
      

      
                Require all granted
      
        </Directory>
      

      
        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log
      
        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined
      
RewriteEngine on
      
RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]
      
RewriteCond %{SERVER_NAME} =project_2.domain.com
      
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
      
</VirtualHost>





      share|improve this answer


























        0












        0








        0







        OK I figured out my mistake. When I was setting up certbot I moved both these lines outside the virtual host:



        WSGIDaemonProcess project_2 user=username group=username threads=5
        
WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"


        This lead to two WSGIScriptAlias lines in both my .conf files, one was overriding the other. What fixed this is bringing the WSGIScriptAlias inside the virtual host in both scripts project_1.conf and project_2.conf, as well as adding it manually back into project_1-le-ssl.conf and project_2-le-ssl.conf



        Resulting .conf example:



        WSGIDaemonProcess project_2 user=username group=username threads=5
        

        
<VirtualHost *:80>
        
        ServerName project_2.domain.com
        
        ServerAlias www.project_2.domain.com
        

        
        WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"
        

        
        <Directory "/home/username/projects/project_2/">
        
                WSGIProcessGroup project_2
        
                WSGIApplicationGroup %{GLOBAL}
        
                WSGIScriptReloading On
        

        
                Require all granted
        
        </Directory>
        

        
        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log
        
        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined
        
RewriteEngine on
        
RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]
        
RewriteCond %{SERVER_NAME} =project_2.domain.com
        
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
        
</VirtualHost>





        share|improve this answer













        OK I figured out my mistake. When I was setting up certbot I moved both these lines outside the virtual host:



        WSGIDaemonProcess project_2 user=username group=username threads=5
        
WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"


        This lead to two WSGIScriptAlias lines in both my .conf files, one was overriding the other. What fixed this is bringing the WSGIScriptAlias inside the virtual host in both scripts project_1.conf and project_2.conf, as well as adding it manually back into project_1-le-ssl.conf and project_2-le-ssl.conf



        Resulting .conf example:



        WSGIDaemonProcess project_2 user=username group=username threads=5
        

        
<VirtualHost *:80>
        
        ServerName project_2.domain.com
        
        ServerAlias www.project_2.domain.com
        

        
        WSGIScriptAlias / "/home/username/projects/project_2/run_site.wsgi"
        

        
        <Directory "/home/username/projects/project_2/">
        
                WSGIProcessGroup project_2
        
                WSGIApplicationGroup %{GLOBAL}
        
                WSGIScriptReloading On
        

        
                Require all granted
        
        </Directory>
        

        
        ErrorLog ${APACHE_LOG_DIR}/notifier_error.log
        
        CustomLog ${APACHE_LOG_DIR}/notifier_access.log combined
        
RewriteEngine on
        
RewriteCond %{SERVER_NAME} =www.project_2.domain.com [OR]
        
RewriteCond %{SERVER_NAME} =project_2.domain.com
        
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
        
</VirtualHost>






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 25 '18 at 8:10









        freefallfreefall

        141211




        141211






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53464408%2fah01630-client-denied-by-server-configuration-redirected-from-one-virtualhost%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Lallio

            Image
            Coordenadas: 45° 40' N 9° 38' E Lallio      Comuna    Lallio Localização de Lallio na Itália Coordenadas 45° 40' N 9° 38' E Região Lombardia Província Bérgamo Área - Total 2 km² Altitude 216 m População  - Total 3 826     • Densidade 1 913 hab./km² Outros dados Comunas limítrofes Bergamo, Dalmine, Stezzano, Treviolo Código ISTAT 016123 Código cadastral E422 Código postal 24040 Prefixo telefônico 035 Website www.comune.lallio.bg.it Lallio é uma comuna italiana da região da Lombardia, província de Bérgamo, com cerca de 3.826 habitantes. Estende-se por uma área de 2 km², tendo uma densidade populacional de 1913 hab/km². Faz fronteira com Bergamo, Dalmine, Stezzano, Treviolo. [ 1 ] [ 2 ] [ 3 ] Demografia | Variação demográfica do município entre 1861 e 2011 [ 3 ] Fonte : Istituto Nazionale di Statistica (ISTAT) - Elabor...
            Read more

            Unable to find Lightning Node

            Image
            2 I have successfully installed and synced my lightning node (Raspiblitz). I see my public ip on port 8333 has 8 conns. However, when I check my node on 1ml.com my node is not found. I did forward port 8333 and 9735 on my router. Should I connect to a peer or create a channel before my node is visible for the outside? lightning-network lightning-network-daemon share | improve this question asked 1 hour ago Bart DV Bart DV 31 3 add a comment  |  ...
            Read more

            Futebolista

            Image
            Ronaldo primeiro jogador a ser eleito por três vezes o melhor jogador do mundo pela FIFA. Ronaldinho Gaúcho atuando pelo Barcelona onde foi duas vezes eleito o melhor jogador do mundo pela FIFA. Kaká atuando pelo Milan onde foi eleito em 2007 o melhor jogador do mundo pela FIFA. Lothar Matthäus primeiro jogador a ser eleito o melhor jogador do mundo pela FIFA em 1991 pela Inter de Milão. Neymar durante partida contra a Escócia, em 27 de março de 2011. Crianças praticando futebol. Robinho, futebolista brasileiro, em 15 de novembro de 2006. Atletas do Chelsea, da Inglaterra. A venda de camisas com nome e número dos jogadores é uma grande fonte de arrecadação. Jürgen Klinsmann atuou como jogador e foi treinador da Alemanha. Estádio de futebol, principal local onde laboram os jogadores. O jogador de futebol , ou Futebolista , é um atleta profissional de futebol, e cuja prática do desporto coletivo é fundamental. Estes trabalhadores sã...
            Read more