Login is not completed with Apache2.4

csaeum · October 25, 2020, 1:54pm

Hi folks, I have an Apache 2.4 container with an online shop. The shop frontend works without any problems, but unfortunately I can no longer log into the admin.

There is no error message or anything else.

My question to you can you see what's wrong here or where my config is wrong?

Here is a shop that still runs without Docker https://www.leder-stoff-design.de/admin
and here the domain https://www.cuir-et-tissus.fr/admin
that is already running in Docker and the error produced.

Here is my Docker Compose for Traefik:

version: "3.3"

services:
  traefik:
    image: "traefik:v2.3"
    container_name: Traefik
    command:
      - "--api=true"
      - "--api.dashboard=true"
      - "--log.level=INFO"
      - "--accesslog=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.myresolver.acme.httpchallenge=true"
      - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web"
      - "--certificatesresolvers.myresolver.acme.caserver=https://acme-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.myresolver.acme.email=info@Example.com"
      - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"

    ports:
      - "80:80"
      - "443:443"

    volumes:
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

    networks:
      - "traefik_proxy"
      - "default"

    labels:
      traefik.enable: true
      # Routers
      traefik.http.routers.traefik.rule: Host(`example.com`)
      traefik.http.routers.traefik.entrypoints: websecure
      traefik.http.routers.traefik.service: api@internal
      traefik.http.routers.traefik.tls.certresolver: myresolver
      traefik.http.routers.traefik.middlewares: traefik-auth
      # global redirect to https
      traefik.http.routers.http-catchall.rule: hostregexp(`{host:.+}`)
      traefik.http.routers.http-catchall.entrypoints: web
      traefik.http.routers.http-catchall.middlewares: redirect-to-https
      # Middleware
      traefik.http.middlewares.traefik-auth.basicauth.removeheader: true
      traefik.http.middlewares.traefik-auth.basicauth.users: 
      # middleware redirect
      traefik.http.middlewares.redirect-to-https.redirectscheme.scheme: https

networks:
  traefik_proxy:
    external:
      name: traefik_proxy
  default:
    driver: bridge

Here are the labels from the Apache container:

    labels:
      - traefik.enable=true
      # Routers
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.rule=${HOSTRULE}
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.entrypoints=websecure
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.tls.certresolver=myresolver
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.service=${COMPOSE_PROJECT_NAME}_SVC
      - traefik.http.routers.${COMPOSE_PROJECT_NAME}.middlewares=${COMPOSE_PROJECT_NAME}_Header
      - traefik.http.services.${COMPOSE_PROJECT_NAME}_SVC.loadBalancer.server.port=80
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.customrequestheaders.X-Forwarded-Proto=https
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.customrequestheaders.X-Forwarded-Ssl=on
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.customrequestheaders.X-Forwarded-Port=443
      #Header JTL?
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.framedeny=true
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.sslredirect=true
      - traefik.http.middlewares.${COMPOSE_PROJECT_NAME}_Header.headers.addvaryheader=true
      - traefik.docker.network=traefik_proxy

Thanks for your tips and help

csaeum · October 25, 2020, 7:15pm

Here my Logs for a Login:

[httpd:access] www.cuir-et-tissus.fr:80 93.230.203.21 - 172.18.0.2 - - [25/Oct/2020:19:10:36 +0000] "GET /admin/favicon.ico HTTP/1.1" 200 bytesIn:782 bytesOut:626 reqTime:0


172.18.0.2 - - [25/Oct/2020:19:10:36 +0000] "GET /admin/templates/bootstrap/css/custom.css HTTP/1.1" 200 9585 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"


[httpd:access] www.cuir-et-tissus.fr:80 93.230.203.21 - 172.18.0.2 - - [25/Oct/2020:19:10:36 +0000] "GET /admin/templates/bootstrap/css/custom.css HTTP/1.1" 200 bytesIn:753 bytesOut:9937 reqTime:0


NOTICE: PHP message: PHP Warning:  Unknown: POST Content-Length of 88 bytes exceeds the limit of 64 bytes in Unknown on line 0


[Sun Oct 25 19:10:49.591342 2020] [proxy_fcgi:error] [pid 67:tid 140596503538464] [client 172.18.0.2:42418] AH01071: Got error 'PHP message: PHP Warning:  Unknown: POST Content-Length of 88 bytes exceeds the limit of 64 bytes in Unknown on line 0', referer: https://www.cuir-et-tissus.fr/admin/index.php


[php-fpm:access] 127.0.0.1 -  25/Oct/2020:19:10:49 +0000 "POST /admin/index.php" 200 /app/JTL4-CeT-Projekt/admin/index.php 149.417 2048 13.39%


172.18.0.2 - - [25/Oct/2020:19:10:49 +0000] "POST /admin/index.php HTTP/1.1" 200 2162 "https://www.cuir-et-tissus.fr/admin/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"


[httpd:access] www.cuir-et-tissus.fr:80 93.230.203.21 - 172.18.0.2 - - [25/Oct/2020:19:10:49 +0000] "POST /admin/index.php HTTP/1.1" 200 bytesIn:1066 bytesOut:2531 reqTime:0


172.18.0.2 - - [25/Oct/2020:19:10:50 +0000] "GET /admin/favicon.ico HTTP/1.1" 200 271 "https://www.cuir-et-tissus.fr/admin/index.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"


[httpd:access] www.cuir-et-tissus.fr:80 93.230.203.21 - 172.18.0.2 - - [25/Oct/2020:19:10:50 +0000] "GET /admin/favicon.ico HTTP/1.1" 200 bytesIn:782 bytesOut:626 reqTime:0

csaeum · October 27, 2020, 6:26pm

Ok, I've tried it from the start.
I think that I also have the error now.
When I call the installation routine, my server or container fulfills the requirements.

But I can't install because:

The CSS and JS instructions come over HTTP and he sees these urls as unsafe.

If I override the protection it loads the pages with the CSS instructions etc. but if I enter the database data it doesn't do it and shows me the same page again as when I logged in.

My question is how do I get Traefik to control the web server via https (internally) so that the installation program does not control http as it does now (internally) for me but changes to https and in the best case also forwards the URL to www.

So the same as the htaccess rules:

  # Redirect requests to access the site with HTTPS
  RewriteCond %{HTTPS} off
  RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R] 

  #REWRITE ANPASSUNG 2 (auf www.meinedomain.de umleiten)
  #Ihr Shop sollte nicht unter www.meinedomain.de und nur meinedomain.de erreichbar sein, siehe: http://guide.jtl-software.de/index.php?title=JTL-Shop3-Neuinstallation#4._Einrichtung_einer_Domainweiterleitung
  RewriteCond %{HTTP_HOST} ^example.fr
  RewriteRule ^(.*)$ http://www.example.fr/$1 [r=301,L]

csaeum · October 27, 2020, 8:50pm

Ok, I had a bug in my php.ini

The backend works again

Topic		Replies	Views
Need Help with my install Traefik v2 docker	1	710	July 5, 2023
SSL not working Traefik v2 docker , letsencrypt-acme	1	5049	February 6, 2021
Uses a non-existent resolver: myresolver Traefik v2 docker , letsencrypt-acme	0	640	May 26, 2021
Some problems with traefik and docker Traefik v2 docker	1	440	January 8, 2021
Traefik + Docker + Let's Encrypt Traefik v2 docker , letsencrypt-acme	4	833	April 6, 2021

Login is not completed with Apache2.4

Related topics