3

My local dev environment consists of a mac with OSX El Capitan 10.11.6. I have Apache 2.4.28 installed.

Something seems to have gone wrong with my virtual host configuration as none of my local websites work when trying to access them using their alias URLs. They all result in a 'DNS error' with 502 status.

My httpd-vhosts.conf has the following configuration:

<VirtualHost *:80>
    ServerName myaccuen.booking.test
    ServerAlias www.myaccuen.booking.test

    DocumentRoot "/Users/john.doe/Sites/myaccuen-booking/public"
    <Directory "/Users/john.doe/Sites/myaccuen-booking/public">
        AllowOverride all
    </Directory>
</VirtualHost>

Accordingly in /etc/hosts I have the following entry:

127.0.0.1       myaccuen.booking.test www.myaccuen.booking.test

Running ping myaccuen.booking.test in the command line results in the following output:

64 bytes from 127.0.0.1: icmp_seq=67 ttl=64 time=0.078 ms
64 bytes from 127.0.0.1: icmp_seq=68 ttl=64 time=0.049 ms
64 bytes from 127.0.0.1: icmp_seq=69 ttl=64 time=0.095 ms
^C
--- myaccuen.booking.test ping statistics ---
70 packets transmitted, 70 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.024/0.083/0.184/0.031 ms

Nothing is logged in the Apache error log when this occurs.

When I run sudo lsof -i :80 the following is output:

COMMAND     PID USER   FD   TYPE             DEVICE SIZE/OFF NODE NAME
httpd      2007 root    5u  IPv6 0x541c6553e1ecf9ad      0t0  TCP *:http (LISTEN)
httpd      2013 _www    5u  IPv6 0x541c6553e1ecf9ad      0t0  TCP *:http (LISTEN)
httpd      2204 _www    5u  IPv6 0x541c6553e1ecf9ad      0t0  TCP *:http (LISTEN)
httpd      2205 _www    5u  IPv6 0x541c6553e1ecf9ad      0t0  TCP *:http (LISTEN)
httpd      2206 _www    5u  IPv6 0x541c6553e1ecf9ad      0t0  TCP *:http (LISTEN)
rpc.geo   32041 root    5u  IPv4 0x541c6553f68452dd      0t0  TCP 10.140.208.29:64083->search.namequery.com:http (CLOSED)
SophosSXL 33937 root    7u  IPv4 0x541c6553fae302dd      0t0  TCP 10.140.208.38:53453->ec2-54-247-166-17.eu-west-1.compute.amazonaws.com:http (ESTABLISHED)
SophosSXL 33937 root   15u  IPv4 0x541c6553fba820ed      0t0  TCP 10.140.208.38:53454->ec2-54-247-166-17.eu-west-1.compute.amazonaws.com:http (ESTABLISHED)
rpc.net   37659 root    5u  IPv4 0x541c6553f5e05efd      0t0  TCP 10.140.208.29:53347->search.namequery.com:http (ESTABLISHED)

Does the above look okay?

I feel like, I've overlooked something simple but can't quite put my finger on it.

I think the cause is the work firewall, Z scaler interfering.

Appreciate any suggestions to debug and identify the cause of the issue.

Mr B
  • 151
  • 4
  • Please share the contents of your _/etc/hosts_ file as well as the relevant Apache configuration. Is your browser displaying the "DNS error"? What if you ping the DNS name in a shell? – Tommiie Oct 18 '18 at 11:25
  • 1
    Welcome to Server Fault! A 500 error is the webservers way of saying "I have a major problem, but I don't want to talk about it in public". Look at the error log of the server, there will be a clear message saying what's wrong. – Gerald Schneider Oct 18 '18 at 12:02
  • Nothing is logged in the error log file when the 502 is returned. – Mr B Oct 18 '18 at 13:17
  • Your `lsof` output only shows type IPv6 for the Apache server yet you are trying to connect on the IPv4 loopback address. What does your `Listen` statement look like? – Tommiie Oct 18 '18 at 13:37
  • Apologies, @Tom can you provide the listen command please. – Mr B Oct 18 '18 at 13:46
  • I mean the `Listen` statement(s) of your Apache webserver. Is it also listening on IPv4 or only IPv6? – Tommiie Oct 18 '18 at 13:47
  • The httpd.conf has: `Listen 80` – Mr B Oct 18 '18 at 13:54
  • Is your web browser connecting to local webserver? To be 100% sure about this, you might want to install the "showip" firefow extension or anything similar – bgtvfr Oct 18 '18 at 14:35
  • I installed showip and it says 127.0.0.1 – Mr B Oct 18 '18 at 14:39
  • @Tom That's perfectly normal. Apache uses dual stack sockets by default. And in the `lsof` output you won't see any difference between dual stack sockets and IPv6-only sockets. – kasperd Oct 19 '18 at 13:03
  • There is no such thing as a DNS error 502. Currently assigned [DNS response codes](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6) range from 0 to 23. Just show us the actual error message you are receiving. – kasperd Oct 19 '18 at 13:13

1 Answers1

2

The cause of my servernames not working for my local websites was in fact due to the company firewall, Zscaler.

I figured this out by restarting Zscaler (I don't have the privileges turning it off). Whilst the firewall was restarting, I tried the virtualhost servername/alias in my browser and the application loaded without any errors.

Mr B
  • 151
  • 4