I am a danish programmer living in Bangkok.
Read more about me @ rasmus.rummel.dk.
Webmodelling Home > Apache version 2.2 auto updated to version 2.4
If useful then share it

Apache 2.2 -> 2.4

20141013. Monday morning several customers called that their websites did not work. With my breakfast in my hands I rushed up to my computer - it turned out that Apache had updated itself from version 2.2 to 2.4 and configuration was broken.

Here is what I immediately could see :

  1. All websites on our main web server was down like this : You don't have permission to access / on this server
  2. shell> tail -100 /var/log/apache2/error.log : Apache error log was full of access_compat:error showing AH01797: client denied by server configuration:
  3. shell> apache2 -v : Apache had been auto updated from version 2.2.22 to version 2.4.7 (googling access_compat was what lead me to check the Apache version).

The main configuration difference between version 2.2 & 2.4 are :

  • Apache configuration files moved :
    • FROM : /etc/apache2/conf.d
    • TO : /etc/apache2/conf-available
    • Also .conf files are now enabled/disabled using the same logic as modules (a2enmod) & sites (a2ensite) :
      • shell> a2enconf /etc/apache2/conf-available/charset.conf : enables the charset.conf configuration file by creating a symlink in /etc/apache2/conf-enabled/.
  • Site access configuration have changed from using :
    • FROM :
      • Order allow, deny
      • Allow from all
    • TO : Require all granted
  • Default site configuration files MUST end with a .conf extension (not eg. a .vhost extension). This is defined in /etc/apache2/apache2.conf.
  • Default home directory have changed :
    • FROM : /var/www/
    • TO : /var/www/html/
  • Site configuration files Options can now not use mixed - & +. Either all must be - or all must be + or all must not use either - or +
    • Options Indexes FollowSymLinks MultiViews +ExecCGI : not valid and apache restart will fail.
    • Options Indexes FollowSymLinks MultiViews ExecCGI : valid.

Apache Compatibility Mode

Apache 2.4 support compatibility with version 2.2 site access configuration and indeed the automatic update had configured Apache to run in version 2.2 compatiblity mode for access configuration - this could be seen from the above error provider access_compat in the /etc/log/apache2/error.log file.

As long as Apache 2.4 is configured for access compatibility, we can continue to use the version 2.2 access logic in the site configuration files :

  • Order allow, deny
  • Allow from all

However, all my site configuration files had the .vhost extension and therefore they could not be loaded as site configuration files. Instead of changing the extension from .vhost to .conf for all my site configuration file, I edited the /etc/apache2/apache2.conf like this :

  • #IncludeOptional sites-enabled/*.conf: out-comment the original.
  • IncludeOptional sites-enabled/* : remove the .conf part.

shell> service apache2 restart : I then restarted Apache and all customer web sites were working.