Question
Unable to get /server-status mod working with Apache2 on Ubuntu
- Posted April 13, 2015
- Server OptimizationApacheWordPressUbuntu
I have installed the default WordPress application image from digital ocean. I tried to follow this tutorial but it doesn’t work for me:
If I visit http://<my IP>/server-status I get a 404 page the one and only website I have installed on this server. If I visit http://www.domain.com/service-status I get this:
403
Forbidden
You don't have permission to access /server-status on this server.
How can I get this working?
If I try to visit it from lynx from the local host in the terminal whether I use domain name, IP or 127.0.0.1 or localhost I get 404 not found (weird!).
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
OK with a lot of trial and error I solved it.
The rewrite rule apparently cannot be above or below the WordPress stuff in the .htaccess of the root and it has to be in the middle as shown below or at least this is the only way that has worked for me so far:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# rewrite rule for server-status to prevent 404 error
RewriteCond %{REQUEST_URI} !=/server-status
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
Also, I learned that for those of us running Cloud Flare (which is a lot, including digitalocean.com I noticed) you need to install the cloudflare mod or else limiting access by IP doesn’t work. https://www.cloudflare.com/resources-downloads#mod_cloudflare
Perhaps Digital Ocean should consider adding mod_cloudflare to their stock WordPress one click install image and maybe others.
Thanks for the help.
You’re getting a 403 Forbidden error because Apache is configured to only allow localhost to access /server-status:
Allow from 127.0.0.1 ::1
You can allow access from your IP address like this:
<Location /server-status>
...
Allow from 127.0.0.1 ::1
Allow from Your.IP.Address.Here
</Location>
As for the 404 error, it looks like Wordpress is trying to serve /server-status because of the rewrite rules. There should be a few RewriteCond lines in the .htaccess, add the following line below them:
RewriteCond %{REQUEST_URI} !=/server-status
What worked for me was to turn RewriteEngine Off for the /server-status Location
<Location /server-status> SetHandler server-status Order Deny,Allow Deny from all Allow from 127.0.0.1 ::1 RewriteEngine Off </Location> ExtendedStatus On
Hope it helps
What fixes this issue is a mix of settings. At least for myself, and my server.
First in your apache virtualhost configuration you need to change allow overides
<Directory Some/directory/here > # Options Indexes Options -FollowSymLinks Options -Multiviews Options -Indexes AllowOverride None </Directory>
Then before the closing virtualhosts command you place this
<Location /server-status> SetHandler server-status # Require local Require ip YOUR IP here/Server IP </Location> </VirtualHost>
Then IF you have the defualt apache2 config modified to your liking with other settings. Like a custom Wordpress installation. You should have this as well for .HTACCESS
The important line is this RewriteCond %{REQUEST_URI} !=/server-status
.HTACCESS file settings
BEGIN WordPress
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !=/server-status RewriteRule . /index.php [L] </IfModule> php_flag register_globals off
END WordPress
php_flag display_errors Off #Options FollowSymLinks Options -Indexes Options -ExecCGI Options -IncludesNOEXEC
Hope my post solves some other issues,
The above htaccess is wrong.
For enabling server-status on a Wordpress install, it should be:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/server-status
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
This comment has been deleted
Which .htaccess the one in the document root of the only vhost I’m running or the main document root or where?
This is the tail, looks like unrelated errors but any advice on that would be appreciated also.
[Tue Apr 14 00:01:59.167369 2015] [core:alert] [pid 28499] [client 199.27.128.162:42742] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:11:20.591436 2015] [core:alert] [pid 28646] [client 199.27.133.250:57249] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:30.955090 2015] [core:alert] [pid 28681] [client 199.27.133.220:39337] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:41.287518 2015] [core:alert] [pid 28656] [client 199.27.128.152:38262] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:11:51.618486 2015] [core:alert] [pid 28667] [client 199.27.128.162:20135] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:12:01.967101 2015] [core:alert] [pid 28646] [client 199.27.128.132:19640] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here, referer: http://www.mydomain.com/tag/big-ass
[Tue Apr 14 00:12:12.334887 2015] [core:alert] [pid 28623] [client 199.27.128.152:18961] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:22.668483 2015] [core:alert] [pid 28680] [client 199.27.128.162:23007] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:33.019929 2015] [core:alert] [pid 28681] [client 199.27.133.250:9626] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
[Tue Apr 14 00:12:43.358314 2015] [core:alert] [pid 28646] [client 199.27.133.220:35807] /var/www/html/mydomain.com/wp-content/cache/.htaccess: ExpiresActive not allowed here
I just replaced my actual domain with “mydomain” because I don’t want the web crawlers to pick these up as links to follow.
These errors go back a couple of days before any of the changes above. They seem to happen at random intervals, they are clearly not happening for every visitor though. They show both referr as onsite URLs and things like http://www.google.com.ar. I haven’t noticed any issues from the user side would allow one to tell these errors are happening.
Here is the .htaccess from the main document root on the only vhost I’m running right now. If you wanted something else please let me know.
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# rewrite 404 for server status
# RewriteCond %{REQUEST_URI} !=/server-status
</IfModule>
# END WordPress
Thanks.
Thanks for the reply. Adding this rewrite rule only makes it so www.mydomain.com/server-status is a “Forbidden” error instead of a 404.
This is what my /etc/apache2/mods-available/status.conf file says (I had already edited it):
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1 ::1
Allow from <my public IP>
</Location>
I am trying to access it form the local host but I am still getting this forbidden error. Any other ideas?
Thanks.
I followed the method below to fix the issue of error 403. https://jamshaidali.com/how-to-activate-apache-mod_status-and-avoid-error-403-no-permission-and-or-error-404-not-found/