Unable to get /server-status mod working with Apache2 on Ubuntu

April 13, 2015 62.6k views
Server Optimization Apache WordPress Ubuntu

I have installed the default WordPress application image from digital ocean. I tried to follow this tutorial but it doesn’t work for me:

https://www.digitalocean.com/community/tutorials/how-to-install-configure-and-use-modules-in-the-apache-web-server

If I visit http://<my IP>/server-status I get a 404 page the one and only website I have installed on this server. If I visit http://www.domain.com/service-status I get this:

403
Forbidden

You don't have permission to access /server-status on this server.

How can I get this working?

If I try to visit it from lynx from the local host in the terminal whether I use domain name, IP or 127.0.0.1 or localhost I get 404 not found (weird!).

7 Answers

You’re getting a 403 Forbidden error because Apache is configured to only allow localhost to access /server-status:

    Allow from 127.0.0.1 ::1

You can allow access from your IP address like this:

<Location /server-status>
    …
    Allow from 127.0.0.1 ::1
    Allow from Your.IP.Address.Here
</Location>

As for the 404 error, it looks like Wordpress is trying to serve /server-status because of the rewrite rules. There should be a few RewriteCond lines in the .htaccess, add the following line below them:

RewriteCond %{REQUEST_URI} !=/server-status

OK with a lot of trial and error I solved it.

The rewrite rule apparently cannot be above or below the WordPress stuff in the .htaccess of the root and it has to be in the middle as shown below or at least this is the only way that has worked for me so far:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

# rewrite rule for server-status to prevent 404 error
RewriteCond %{REQUEST_URI} !=/server-status

RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Also, I learned that for those of us running Cloud Flare (which is a lot, including digitalocean.com I noticed) you need to install the cloudflare mod or else limiting access by IP doesn’t work. https://www.cloudflare.com/resources-downloads#mod_cloudflare

Perhaps Digital Ocean should consider adding mod_cloudflare to their stock WordPress one click install image and maybe others.

Thanks for the help.

Thanks for the reply. Adding this rewrite rule only makes it so www.mydomain.com/server-status is a “Forbidden” error instead of a 404.

This is what my /etc/apache2/mods-available/status.conf file says (I had already edited it):

        <Location /server-status>
                SetHandler server-status
                Order deny,allow
                Deny from all
                Allow from 127.0.0.1 ::1
                Allow from <my public IP>
        </Location>

I am trying to access it form the local host but I am still getting this forbidden error. Any other ideas?

Thanks.

  • Can you post the full contents of the .htaccess file? Also, are there any errors in Apache’s error log?

    sudo tail /var/log/apache2/error.log
    

Which .htaccess the one in the document root of the only vhost I’m running or the main document root or where?

This is the tail, looks like unrelated errors but any advice on that would be appreciated also.

[Tue Apr 14 00:01:59.167369 2015] [core:alert] [pid 28499] [client 199.27.128.162:42742] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:11:20.591436 2015] [core:alert] [pid 28646] [client 199.27.133.250:57249] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:30.955090 2015] [core:alert] [pid 28681] [client 199.27.133.220:39337] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:41.287518 2015] [core:alert] [pid 28656] [client 199.27.128.152:38262] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:51.618486 2015] [core:alert] [pid 28667] [client 199.27.128.162:20135] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:12:01.967101 2015] [core:alert] [pid 28646] [client 199.27.128.132:19640] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:12:12.334887 2015] [core:alert] [pid 28623] [client 199.27.128.152:18961] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:22.668483 2015] [core:alert] [pid 28680] [client 199.27.128.162:23007] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:33.019929 2015] [core:alert] [pid 28681] [client 199.27.133.250:9626] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:43.358314 2015] [core:alert] [pid 28646] [client 199.27.133.220:35807] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here

I just replaced my actual domain with “mydomain” because I don’t want the web crawlers to pick these up as links to follow.

These errors go back a couple of days before any of the changes above. They seem to happen at random intervals, they are clearly not happening for every visitor though. They show both referr as onsite URLs and things like http://www.google.com.ar. I haven’t noticed any issues from the user side would allow one to tell these errors are happening.

Here is the .htaccess from the main document root on the only vhost I’m running right now. If you wanted something else please let me know.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# rewrite 404 for server status
# RewriteCond %{REQUEST_URI} !=/server-status
</IfModule>
# END WordPress


Thanks.

The above htaccess is wrong.

For enabling server-status on a Wordpress install, it should be:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/server-status
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

What fixes this issue is a mix of settings. At least for myself, and my server.

First in your apache virtualhost configuration you need to change allow overides

<Directory Some/directory/here >
# Options Indexes
Options -FollowSymLinks
Options -Multiviews
Options -Indexes
AllowOverride None
</Directory>

Then before the closing virtualhosts command you place this

<Location /server-status>
SetHandler server-status
# Require local
Require ip YOUR IP here/Server IP
</Location>
</VirtualHost>

Then IF you have the defualt apache2 config modified to your liking with other settings. Like a custom Wordpress installation. You should have this as well for .HTACCESS

The important line is this
RewriteCond %{REQUEST_URI} !=/server-status

.HTACCESS file settings

BEGIN WordPress

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUESTFILENAME} !-f
RewriteCond %{REQUEST
FILENAME} !-d
RewriteCond %{REQUESTURI} !=/server-status
RewriteRule . /index.php [L]
</IfModule>
php
flag register_globals off

END WordPress

phpflag displayerrors Off

Options FollowSymLinks

Options -Indexes
Options -ExecCGI
Options -IncludesNOEXEC

Hope my post solves some other issues,

Have another answer? Share your knowledge.