404 Not Found

Apache

This page requires updating. Please do so and remove this template when finished.

This article refers to the ‘Apache HTTP server’

The Apache HTTP server is the software that (along with the PHP scripting language) ‘runs’ Moodle. Note that there are alternatives (e.g. IIS on Windows, Nginx on Linux, MacOS) but the Apache HTTP Server is very popular on all platforms.

Contents

Installing Apache

Installers are available for most platforms from http://httpd.apache.org/download.cgi. The official installation instructions are here: http://httpd.apache.org/docs/2.0/install.html. If you are running Linux then you are recommended to use the packaged version if you can. For example, in Debian/Ubuntu it is simply:

sudo apt-get install apache2

See the documentation for your particular platform for the instructions. Apache is straightforward to build from source if you have to and the PHP documentation contains an article on building both Apache and PHP together — although you should rarely need to do that.

Performance

Slasharguments

The function slash arguments is required for various features in Moodle to work correctly, as described in Using slash arguments.

To turn it on, add this line to your httpd.conf, or to a .htaccess file in your local directory:

Note: When using «.htaccess» in your local Moodle install folder, you may need to include/enable «AllowOverride Directive» in «httpd.conf», first.

Note: Using .htaccess file will cause performance hit on your server!

If you are using Ionos (formerly 1&1) shared webhosting, the above does not work, there is a known bug when using PHP as CGI. The solution is to create a php.ini file in the moodle directory with this content:

Also Ionos requires that this php.ini be in every directory that a script executes. Use the procedure below to link a php.ini in every subdirectory back to your original php.ini file.

cd your_moodle_directory find -type d -exec ln -s $PWD/php.ini <>/php.ini \; 

This may affect other shared hosting providers as well.

Handling 40x errors

This enables missing files to be themed by Moodle

ErrorDocument 404 /error/index.php # This sends any 403 from apache through to the same page, but also # overrides the http status with 404 instead for better security. ErrorDocument 403 /error/index.php?code=404

Hiding internal paths

RewriteEngine On RewriteRule "(\/vendor\/)" - [F] RewriteRule "(\/node_modules\/)" - [F] RewriteRule "(^|/)\.(?!well-known\/)" - [F] RewriteRule "(composer\.json)" - [F] RewriteRule "(\.lock)" - [F] RewriteRule "(\/environment.xml)" - [F] Options -Indexes RewriteRule "(\/install.xml)" - [F] RewriteRule "(\/README)" - [F] RewriteRule "(\/readme)" - [F] RewriteRule "(\/moodle_readme)" - [F] RewriteRule "(\/upgrade\.txt)" - [F] RewriteRule "(phpunit\.xml\.dist)" - [F] RewriteRule "(\/tests\/behat\/)" - [F] RewriteRule "(\/fixtures\/)" - [F]

Note: Please pay attention that above rules may block loading desired/required content, e.g. SCORM-packages containing a «vendor»-directory.

SSL

Moodle has an option to enable HTTPS for the whole site or for just the login pages; either option requires that your web server is configured for SSL.

• Whole site HTTPS is enabled by changing http:// to https:// in your config.php ‘wwwroot’ parameter.
• Login only HTTPS is enabled by setting the ‘loginhttps’ parameter, where the wwwroot schema should remain as http://

NOTE: Login only https was deprecated and removed from Moodle 3.4: https://tracker.moodle.org/browse/MDL-42834

Login only https is available in Moodle 3.3 and earlier in the admin interface via Administration>Security>HTTP Security and checking the button. (Note the warning and see ssl section below)

Prior to Moodle 2.3 It was not advised to run the whole site over HTTPS due to legacy restrictions with client-side caching. This is no longer the case assuming client browsers support the ‘Cache-Control: public’ method, which all supported browsers for this version of Moodle do.

To use HTTPS you will need to obtain an SSL certificate, you have two options:

• Generate a self-signed certificate. This is fine on (say) an Intranet but unsuitable for the public internet, but users will we warned the certificated is untrusted when used publicly.
• Purchase a certificate from a vendor. There is a surprising range of prices and value-added services available. Some hosting companies even provide free certificates.

Debian provides instructions for installing a self-signed certificate on their wiki and includes general information on configuring Apache for SSL. If you purchase a vendor certificate you will normally receive instructions for installing it.

A basic Apache SSL configuration can be summarised as:

Listen 443 NameVirtualHost *:443 SSLEngine On SSLCertificateFile /path/to/your/certificate.crt SSLCertificateKeyFile /path/to/your/certificate.key . 

Load Balancer Hints (AWS)

If you’re using an AWS load balancer in front your infrastructure, you can set up some of the configuration above, preventing traffic to go forward. Here is the configuration applied to hide files, with a few considerations due to known limitations:

• 100 total rules per application load balancer
• 5 condition values per rule
• 5 wildcards per rule
• 5 weighted target groups per rule:

[ < "Conditions": [ < "Field": "path-pattern", "Values": [ "*/.*", "*/upgrade.txt", "*/db/install.xml", "*/README.md" ], "PathPatternConfig": < "Values": [ "*/.*", "*/upgrade.txt", "*/db/install.xml", "*/README.md" ] >> ], "Actions": [ < "Type": "fixed-response", "Order": 1, "FixedResponseConfig": < "ContentType": "text/html", "MessageBody": "\n\n\n
404 Not Found\n
\n\n", "StatusCode": "404" > > ] >, < "Conditions": [ < "Field": "path-pattern", "Values": [ "*/composer.json", "*/Gruntfile.js", "*.lock", "*/environtment.xml", "*/readme.txt" ], "PathPatternConfig": < "Values": [ "*/composer.json", "*/Gruntfile.js", "*.lock", "*/environtment.xml", "*/readme.txt" ] >> ], "Actions": [ #### Same as above . ] >, < "Conditions": [ < "Field": "path-pattern", "Values": [ "*/fixtures/*", "*/behat/*", "*/phpunit.xml" ], "PathPatternConfig": < "Values": [ "*/fixtures/*", "*/behat/*", "*/phpunit.xml" ] >> ], "Actions": [ #### Same as above . ] > ]

See also

Источник

Installing Moodle/Creating custom php.ini files

Critical to any installation using php is your php.ini file, which contains directives for you usage of php. This is especially true with respect to a number of moodle settings such as max upload and max post sizes with file upload

Contents

How php.ini is used

Sourcing

PHP searches for php.ini in a specific order in php5 (in php4 you were required to place a copy of php.ini in every directory from which you wished to run a php script which would be impacted by php.ini — looking at phpinfo.php if you are running php4 will only tell you the location of the php.ini files in one directory. )

Apache configuration versus php.ini

Remember, you can effect the behavior of php via php.ini or via htaccess or apache conf files. You should NOT do both. As noted here: http://moodle.org/mod/forum/discuss.php?d=124441&parent=550026 In some types of installations there are apache configuration files that set php values, such as max upload file size. Editing php.ini will not have the desired result if apache configuration files provide php directives.

Invocation

PHP can be run via mod_php or as a cgi program. If the latter is used there are some security considerations to address /need section on php cgi security?/ An artifact of running php as CGI is that since php is invoked everytime a php script is called, you need not restart apache to force a rereading of the php.ini file. http://us2.php.net/manual/en/security.cgi-bin.force-redirect.php

Manipulating php.ini

Editing the php.ini file generally

A general listing of core directives that can be placed in php.ini can be found here. Remember that various versions of php have changed what are allowable directives in php.ini.

Make sure you use a real text editor and make sure you back up any file before editing it.

php.ini with shared hosts

Moodle specific php.ini settings

Common php.ini settings

Please see PHP settings by Moodle version for additional details.

In the discussion below you can substitute Off for 0 and On for 1.

register_globals = 0 ;(necessary) safe_mode = 0 ;(necessary) memory_limit = 40M ;(varies: minimum 16M, 32M Moodle v1.7, 40M Moodle v1.8, 128M large sites) session.save_handler = files ;(unless you are using another handler, e.g. mm) magic_quotes_gpc = 0 ;(preferred but not necessary, necessary from 2.0 onwards) magic_quotes_runtime = 0 ;(necessary) file_uploads = 1 session.auto_start = 0 ;(necessary) session.bug_compat_warn = 0

Max file size settings

You may also want to set other, optional php.ini file settings while you are already editing it. For instance, you may want to reset the maximum upload size of file attachments, which usually defaults to 2M(egabytes). For instance, to set these to 16 Megabytes:

post_max_size = 16M upload_max_filesize = 16M

If you are running PHP4, you may need to copy the php.ini file into various folders for it to work:

1. public_html
2. moodle/admin
3. moodle/course
4. moodle/files
5. root of your moodledata directory

See Also

PHP settings by Moodle version

See PHP settings by Moodle version for more information on different settings by Moodle version.

Источник

Installing and upgrading help

The trouble I am having is that the version of php that I have in my new site is php (cur) 5.4.

3.1+ will run on 5.4. However, I have been told that version 3.2 will require php 5.6. There is an option to update to 5.6 in my hosting plan. So, I did, but how does moodle «know» to start using the newest version?

The second half of my question has to do with where the php.ini file should be located on my servers folders. I can’t seem to force moodle to look at the correct php environment. Right now it points to /opt/php54/lib/php.ini, but I want it to point to /opt/php56/lib/php.ini

How to force it to point to the right directory?

Re: php.ini location

Your host should be able to help you with this. Some hosts use a .htaccess file that would be in your moodle directory.

Re: php.ini location

This is really host-dependent. On DreamHost, changing the version of PHP in the control panel makes it happen automatically. They just update the Apache confiig and reload in the background.

I have been with hosts that required modifying .htaccess as well.

You should be able to upgrade it in your control panel and then check Site Administration > Server > PHP info to see what version you’re running.

Re: php.ini location

None of this is anything to do with Moodle. Moodle doesn’t start PHP or look at php.ini.

These settings are generally made in the web server’s configuration (or possibly an htaccess file). Definitely a question for your hosts’s support people.

Re: php.ini location

Pardon my ignorance. I thought moodle was using the php.ini file because when I want to increase the default size for how large a file can be uploaded to moodle, the docs tell me to modify the php.ini file.

But even though my php.ini file has been modified to allow a larger upload file size, moodle hasn’t responded. That is why I am asking where the php.ini file must be located for moodle to see it.

But it appears what you are saying is that php.ini only sets the environment in my server. Yet, somehow, moodle «knows» what php.ini is telling it.

I just wanted to make sure that moodle is indeed responding to what php.ini sets. Since my max upload size isn’t changing, I assumed moodle wasn’t seeing it.

Re: php.ini location

php.ini sets your PHP server settings. Moodle, as a web application, is served through PHP so PHP affects some things in Moodle. If you were on a Windows machine, it might be IIS that is affecting these settings. Only your host can tell you the location of your php settings and which file is used to set them. Some hosts use a php.ini file and some use a .htaccess. I would suggest looking in your moodle folder or your public html folder and see if you see either file there.

Re: php.ini location

If you go to Site administration > Server > PHP Info and look a few lines down you will find the php.ini location that the current PHP installation is using. Moodle doesn’t access it directly (although it can read the settings via a PHP command) it’s the config file for PHP itself.

Whether you can access that file to change it or (as is possible) there is some other method to override the settings is entirely down to how your host has configured things. So, you need to ask your hosting company.

Источник