Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Apache: Configurations with Aliases not detected as vhosts #1199

Open
ghost opened this issue Aug 2, 2021 · 2 comments
Open

Apache: Configurations with Aliases not detected as vhosts #1199

ghost opened this issue Aug 2, 2021 · 2 comments
Assignees
@mboelen
Labels
information-needed

Comments

@ghost
Copy link

ghost commented Aug 2, 2021

Describe the bug
Lynis didn't find any virtual hosts, but I actually have some

Version

  • Distribution: openSUSE Tumbleweed
  • Lynis version 3.0.6

Expected behavior
virtual hosts are detected

Output

[+] Software: webserver
------------------------------------
  - Checking Apache (binary /usr/sbin/httpd)                  [ FOUND ]
      Info: Configuration file found (/etc/apache2/httpd.conf)
      Info: No virtual hosts found

The log mentions them however:

2021-08-02 09:03:18 ====
2021-08-02 09:03:18 Performing test ID HTTP-6626 (Testing other Apache configuration file)
2021-08-02 09:03:18 Apache config file: /etc/apache2/conf.d/api-apache.conf
2021-08-02 09:03:18 Test: check if we can access /etc/apache2/conf.d/api-apache.conf (escaped: /etc/apache2/conf.d/api-apache.conf)
2021-08-02 09:03:18 Result: file is owned by our current user ID (0), checking if it is readable
2021-08-02 09:03:18 Result: file /etc/apache2/conf.d/api-apache.conf is readable (or directory accessible).
...
2021-08-02 09:03:19 Test: check if we can access /etc/apache2/vhosts.d/intelmq-api.conf (escaped: /etc/apache2/vhosts.d/intelmq-api.conf)
2021-08-02 09:03:19 Action: checking symlink for file /etc/apache2/vhosts.d/intelmq-api.conf
2021-08-02 09:03:19 Note: Using real readlink binary to determine symlink on /etc/apache2/vhosts.d/intelmq-api.conf
2021-08-02 09:03:19 Result: readlink shows /etc/intelmq/api-apache.conf as output
2021-08-02 09:03:19 Result: symlink found, pointing to file /etc/intelmq/api-apache.conf
2021-08-02 09:03:19 Result: file is not owned by current user ID (0), but UID 458
2021-08-02 09:03:19 Result: file /etc/intelmq/api-apache.conf is readable (or directory accessible).
2021-08-02 09:03:19 Apache config file: /etc/apache2/vhosts.d/manager-apache.conf
2021-08-02 09:03:19 Test: check if we can access /etc/apache2/vhosts.d/manager-apache.conf (escaped: /etc/apache2/vhosts.d/manager-apache.conf)
2021-08-02 09:03:19 Result: file is owned by our current user ID (0), checking if it is readable
2021-08-02 09:03:19 Result: file /etc/apache2/vhosts.d/manager-apache.conf is readable (or directory accessible).
2021-08-02 09:03:19 Result: found 0 virtual hosts
2021-08-02 09:03:19 ====

Additional context

# ls /etc/apache2/vhosts.d/
intelmq-api.conf  manager-apache.conf  vhost-ssl.template  vhost.template
@mboelen
Copy link
Member

mboelen commented Aug 2, 2021

Can you show the actual definitions of the virtual host? Looks like the files are readable, but the entries are not correctly parsed.

@mboelen mboelen self-assigned this Aug 2, 2021
@ghost
Copy link
Author

ghost commented Aug 2, 2021

Here:
https://github.com/certtools/intelmq-api/blob/develop/contrib/api-apache.conf
https://github.com/certtools/intelmq-manager/blob/develop/contrib/manager-apache.conf

They are not fixed on domains/ports, but just provide Aliases. Maybe this is the reason that the files are not detected?

@ghost ghost changed the title Apache: No virtual hosts found, but they exist Apache: Configurations with Aliases not detected as vhosts Aug 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mboelen mboelen

Labels
information-needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mboelen