apache - error 400 in domain Debian 8

Question

I have a problem with apache 2.4 in debian 8. I am using virtualhosts in apache with fake domains (example.42). What happens is that when I do the example.42.conf file and I enable it to a2ensite example.42, when I enter the browser I miss an error 400: Bad request, do you know why it will be?

The domain is pointed correctly to the apache (I already made pings and everything well). There are people who tell me that it is apache problem, which is misconfigured virtualhosts. I already tried with all the settings and it does not remove the error.

The file virtualhost:

<VirtualHost *:80> 
ServerName example.42 
ServerAdmin webmaster@example.42 
DocumentRoot /var/www/html 
ErrorLog ${APACHE_LOG_DIR}/error.log 
CustomLog ${APACHE_LOG_DIR}/access.log combined 
</VirtualHost>

I dont see any error here. Please try clear cache, cookie, dns cache, restart apache. if not, read the error.log and apache log, i think here will have many useful infomation — BQ Khánh, Mar 17 '17 at 16:29
I already tried to restart everything, clean cache and everything and it still comes out error. Where are the apache log files? — Abraham Morales, Mar 17 '17 at 16:33
try this file /etc/apache2/error.log or /var/log then find there — BQ Khánh, Mar 17 '17 at 16:35
In the error.log say **[authz_core:error] : client denied by server configuration /var/www/html/** and the other_vhosts_access.log say **example.42:80 192.168.0.19 - - [date] HEAD / HTTP/1.1 400 0 "-" "curl/7.38.0"** — Abraham Morales, Mar 17 '17 at 16:43
Try add this block to vhost config Options All AllowOverride All Require all granted — BQ Khánh, Mar 17 '17 at 16:49
http://stackoverflow.com/questions/19445686/apache-2-4-6-on-ubuntu-server-client-denied-by-server-configuration-php-fpm — BQ Khánh, Mar 17 '17 at 16:52

score 0 · Accepted Answer · answered Apr 08 '17 at 18:19

The problem is the domain ".42", because apache has http header settings and the ".42" domain is invalid to verify https://httpd.apache.org/security/vulnerabilities_24.html (CVE-2016-8743)

Possible solution (not recommended for sysadmin): Changing the HttpProtocolOptions Strict variable by HttpProtocolOptions Unsafe

Check: http://httpd.apache.org/docs/2.4/en/mod/core.html#HttpProtocolOptions

apache - error 400 in domain Debian 8

1 Answers1