Unable to use Subsonic after changing Apache2 site config

Need help? Post your questions here.

Moderator: moderators

Unable to use Subsonic after changing Apache2 site config

Postby GH0 » Sun Apr 19, 2015 5:51 pm

I have Subsonic to use proxypass over Apache, honestly, I think it would be really nice, if subsonic would be possible to just have a drop in folder so I could drop it in my website folder, but alas that doesn't exist.

Anyways, I was editing my apache2 sites file, to improve security on my website, after editing it with the recommended security settings, I get a blue screen background of what Subsonic looks like, but no content is being delivered to my browser. If I enable insecure loading of content via Firefox, I receive the same thing. What gives?



Apache2 - -sites-available.conf (removed location of SSL files and IP addresses/ports)
Code: Select all
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel info

        CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

        SSLEngine on
<Location />
SetEnvIfExpr "%{HTTPS} == 'on'" no-gzip
        #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
        #            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
        #            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
        #            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
        #            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
        #           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/

</Location>
        #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                SSLOptions +StdEnvVars
        </Directory>
        BrowserMatch "MSIE [2-6]" \
                nokeepalive ssl-unclean-shutdown \
                downgrade-1.0 force-response-1.0
        # MSIE 7 and newer should be able to use keepalive
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

RequestHeader set Front-End-Https "On"
ProxyRequests On
SSLProxyEngine on
ProxyPreserveHost on
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXP:!LOW:!MD5:!RC4:!3DES:!PSK
SSLCompression off
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
#Subsonic Music Server
ProxyPass /subsonic/ http://0.0.0.0:4040/subsonic/
ProxyPassReverse /subsonic/ http://0.0.0.0:4040/subsonic/
</VirtualHost>
</IfModule>


Are the X-* lines removing the ability to display the content?
GH0
 
Posts: 45
Joined: Sun Dec 18, 2011 6:44 pm

Return to Help

Who is online

Users browsing this forum: No registered users and 13 guests