So we are all probably familiar with the Heartbleed bug at this point. Remediating this issue on a couple of servers that I admin required moving from Ubuntu 13.04 to 13.10. I am going to go into a few of the problems I ran into when I made the jump…
First, I accidentally did a “ctrl-c” in the middle of the upgrade. What a mess… Do-release-upgrade wouldn’t do anything to finish the upgrade cycle. Some quick searching though yield this…
First, dpkg was locking things up (because I stopped in the middle of the upgrade) and deleting the lock file allowed me to move forward with running dpkg with some arguments which got me right back on track. So… if you ever screw up the upgrade process… try the following:
dpkg --configure -a
Apache Virtual Host files… they need .conf
Apache is upgraded to a newer version as of Ubuntu 13.10. This new version brings with it some fun new quirks. Such that upon rebooting my box after the upgrade (the last step in the upgrade)… none of my sites came back up… Now, as I was working on the heartbleed issue I figured something with SSL was borked. That wasn’t the issue at all. Apparently in Apache 2.4, they have gotten very particular about how your name your virtual-host configuration files (you know, the files in sites-available and sites-enabled folders). Now, I applaud them on wanting some consistency but this was a bit of a pain. Basically all of those files must now have the “.conf” extension added to the end of the file name. For example…
must NOW be…
For me, the simplest thing to do was make a copy of all of the active site config files in my sites-available folder with the extension added and then a2dissite all of the old site names, delete out any residual symlinks from the sites-enabled directory and then a2ensite all of the new site conf files. So it looked like this…
Notice all site config files linked in this folder. Do the following for each.
Check the contents again and delete any residual symlinks that stuck around. Then go into sites-available and cp your existing config files for your active sites to the same folder but append .conf to the names.
cp contoso.com contoso.com.conf
cp myothercoolsite.com myothercoolsite.com.conf
Finally, a2ensite the new files and restart Apache…
service apache2 restart
UPDATE: If you would like to just keep leaving the .conf off the end of your files, there is an alternative method mentioned here for doing just that. I however don’t recommend this. Reason being that Apache is moving towards this being the new normal and if at all possible I like to keep my setups consistent with set standards.
No more “namevirtualhosts” in ports.conf
That fixes the Apache configuration file issue… However you may notice this error message every time Apache is restarted:
That is just an error message and doesn’t actually hurt anything but if you want to make it go away you need to comment out the namevirtualhost lines in your ports.conf file. Basically, they have gotten smarter with Apache. You don’t need to spell out your virtual hosts in two different places. If you have a virtual hosts file (or section in another config) it assumes that is a named virtual host. Makes perfect sense to me.
PHP Modules… they all broke…
This was extremely annoying… it made me want to smack someone. Maybe there was a PHP change or maybe some things just break easily. Two custom PHP modules that I use on one of my Drupal sites broke… and they broke badly.
Namely: memcache and mcrypt
I wrestled with this one for a long while before figuring out that the bloody shared object file was just plain gone. Memcache.so being the file I am talking about. But running the re-install with PECL (which will recompile and rebuild the so file) doesn’t work unless you add the force flag, which helped…
That isn’t the end of it though. PHP has some similar commands that can be run to Apache specifically for loading and unloading modules. It needs to be told to load memcache again. My recommendation is to just create a new memcache.ini file in the correct place and then run the correct command to enable it.
In this document put the following and save and close it:
Finally, enable it
Restarting the apache service should then take care of any memcache issues you were having with Drupal. Finally, mcrypt was causing me pain… To fix that..
In this case the fix was much easier as the mcrypt.so file wasn’t missing. Do the following:
sudo ln -s ../conf.d/mcrypt.ini
service apache2 restart
EDIT 10.01.2014: Apparently just doing this might also work for fixing mcrypt and it is a bit easier:
After Apache was restarted that last time my PHP module woes were gone…
Rewrite Rules for SSL – Borked
Apparently I was doing some SSL stuff incorrectly anyhow. This link set me straight:
https://wiki.apache.org/httpd/RewriteHTTPToHTTPS ##notice the NOTE on that page, it redirects to a better solution here:
Rewrite rules can be used for some functions of SSL, particularly for Drupal there are some rules in the default .htaccess file that can be set and used. But if you really want to direct certain parts of your site (or your WHOLE site) to SSL, then an Apache redirect is BY FAR the cleanest, easiest, and most straightforward way to go about this. The above link lays it out well enough. I had to play around to get it just right but was finally able to get my site straightened out.
Upgrading Ubuntu from 13.04 to 13.10 was a pain. But we made it! If you run into any other issues, I would urge you to post your stuff here. It would be nice if people didn’t have to traipse all over Google to find this information. I have a feeling in the wake of Heartbleed that a lot of people are going to find themselves upgrading their Ubuntu distro.