Collect! Credit and Collection Software™

  Page Table of Contents Related 'How To' Tutorials

How To Setup Apache With Web Host

Warning Note WARNING: THIS PAGE IS FOR THE LEGACY WEB HOST CONFIGURATION. IF YOU ARE USING THE NEW PORTALS AND THE API, PLEASE REFER THIS THIS PAGE: HOW TO INSTALL AND SETUP APACHE

Preparation

This document assumes that you have already setup web host as per the help document How to Setup Web Host.

Setup desktop shortcuts or configure tasks in the Windows Task Scheduler to open multiple instances of Collect on the various port numbers. In the startup options, /S80 would be replaced with the ports that you want to use (one for each shortcut or scheduled task). For our example below, we have 4 instances running, and they each use /S8091, /S8092, /S8093, /S8094 respectively. Make note of the actual port numbers that you use as they will be used later in the Apache Configuration below. We would recommend port numbers that are over 1024 to reduce the chance of conflict.

You will also need to alter existing shortcuts to remove 'ss' or 'ss6' from the /W1 argument. For example, /W1ss would become /W1.

Install Microsoft Visual Redistributables from https://support.microsoft.com/en-ca/kb/2977003. Choose the x86 option (32-bit) and x64 installers. 2010 is installed on Server 2012 R2 by default, so you just need to install 2012 and higher.

Top of page.

Install Wamp

Open a browser and download the applicable version of WAMP from http://www.wampserver.com/en/. We recommend that you use the Default Location: C:\wamp64, but it is not required if you want to use a data drive or have experience with Wamp.

Warning Note WARNING: The instructions below are specific to Wamp's version of Apache, not Apache directly or any other web service tool.

Top of page.

Editing Files

Open using a plain-text editor such as UltraEdit, Notepad++, or Sublime Text. Dot not use Notepad or Word as they add characters or strip hard returns. https://notepad-plus-plus.org/download/

C:\wamp64\bin\Apache\Apache2.4.#\conf\httpd.conf

Modify and Add the following to lines 26-28 (line numbers approx.)

ServerSignature Off ServerTokens Prod TraceEnable Off

In the Define's section near the top, add:

Define DOMAIN_NAME sub.yourdomain.com

Uncomment (remove the # symbol) from the beginning of the lines in the Dynamic Shared Objects (DSO) section:

LoadModule headers_module modules/mod_headers.so LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_balancer_module modules/mod_proxy_balancer.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-ssl.conf

At the bottom of file, add the following line:

Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure <IfModule mod_headers.c> Header unset X-Forwarded-Host </IfModule>

C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-vhosts.conf

Copy and paste the below into the bottom of the file.

<VirtualHost *:80> ServerName ${DOMAIN_NAME} ServerAlias ${DOMAIN_NAME} DocumentRoot "${INSTALL_DIR}/www" <Directory "${INSTALL_DIR}/www/"> Options +Indexes +Includes +FollowSymLinks +MultiViews AllowOverride All Require local </Directory> <Directory "${INSTALL_DIR}/www/.well-known/"> Require all granted </Directory> <Directory "${INSTALL_DIR}/www/upload/"> Require all granted </Directory> RewriteEngine on RewriteCond %{REQUEST_URI} '!/.well-known/acme-challenge/' RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=301] </VirtualHost>

C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-ssl.conf

Find the following section (approx. line 125) and update it with the appropriate information for your server.

General setup for the virtual host DocumentRoot "${INSTALL_DIR}/www" ServerName ${DOMAIN_NAME}:443 ServerAdmin info@yourdomain.com Header set X-Frame-Options sameorigin Header set X-Content-Type-Options "nosniff" Header set X-Permitted-Cross-Domain-Policies "none" Header set Referrer-Policy "no-referrer" Header set Cross-Origin-Resource-Policy "same-origin" Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

Alter the following lines with the location of the SSL certs.

SSLCertificateFile "C:/Collect/bin/webhost.crt" SSLCertificateKeyFile "C:/Collect/bin/webhost.rsa" SSLCertificateChainFile "C:/Collect/bin/intermediate.crt" #Optional - see below

At some point you will need to generate a TLS/SSL certificate or use Collect!'s built in self-signed certificate. Optionally, depending on what certificate authority or CA you use, you may also need to add an intermediate chain file. If that's the case, upload that file, and update and uncomment SSLCertificateChainFile on line 165.

Useful Note The SSLCertificateChainFile is optional. If you purchase an SSL certificate, it will likely come with the intermediate certificate. You can either drop the file into the Collect\bin folder and is and give it the applicable filename above, or you can rename the file to intermediate.crt.

Useful Note You can use Let's Encrypt to automatically manage SSL certificates. Please refer to the Help topic How To Setup Security Certificates for more information.

Add the following content to the bottom of the httpd-ssl.conf file before </VirtualHost> (the last line), up to and including the </Proxy>. Replace ports 8091-8094 below with the port numbers you used above.

<Directory "${INSTALL_DIR}/www/upload/"> Require all granted </Directory> ProxyPass /portal balancer://mycluster stickysession=CV12SESSION ProxyPassReverse /portal balancer://mycluster ProxyPassReverseCookieDomain 127.0.0.1:8091 localhost ProxyPassReverseCookieDomain 127.0.0.1:8092 localhost ProxyPassReverseCookieDomain 127.0.0.1:8093 localhost ProxyPassReverseCookieDomain 127.0.0.1:8094 localhost ProxyPassReverseCookiePath / /portal ProxyPreserveHost Off ProxyTimeout 600 <Proxy balancer://mycluster> BalancerMember http://127.0.0.1:8091 keepalive=On route=8091 BalancerMember http://127.0.0.1:8092 keepalive=On route=8092 BalancerMember http://127.0.0.1:8093 keepalive=On route=8093 BalancerMember http://127.0.0.1:8094 keepalive=On route=8094 </Proxy> RedirectMatch 301 ^/$ https://${DOMAIN_NAME}/portal/

Top of page.

Start Up Apache

Open the WampServer "W" icon on your desktop. The icon in the bottom right of the Windows taskbar should turn green. If it was already running, click the icon and select "Restart All Services".

If the icon is red or orange, a service didn't start. Go to the Windows Event Viewer and bring up the application log to review the errors.

If you've resolved all your errors, you can now click on the WampServer "W" icon in the bottom right of the Windows desktop, and choose "Restart All services".

If everything goes well it should go Red -> Orange -> Green and you can begin testing.

If it does not go green, go into C:/wamp64/logs/ and review the logs that were last written to, for errors. Or go to the Windows Logs. Once you've fixed the errors, click the W, Restart All services and when the W goes green, you can begin testing.

Check the Windows Application Log and look for Warnings. Typical issues are either misconfiguration in the files or missing files like SSL certificates.

Useful Note If you are not using the database part of Wamp, you can click the Wamp icon and remove the services for MySQL and MariaDB. You can then right click the Wamp icon, go to Settings, then uncheck Allow MySQL and MariaDB.

Top of page.

Multiple Domain Names

If you are using multiple domains (EX: client, dashboard, portal, api, etc.), you can create multiple virtual hosts and SSL certificates for each domain.

C:\wamp64\bin\Apache\Apache2.4.#\conf\httpd.conf

Add more defines for other domains.

Define DOMAIN_NAME2 sub2.yourdomain.com Define DOMAIN_NAME3 sub3.yourdomain.com

C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-vhosts.conf

Copy and paste the below into the bottom of the file and update the DOMAIN_NAME variables.

<VirtualHost *:80> ServerName ${DOMAIN_NAME2} ServerAlias ${DOMAIN_NAME2} DocumentRoot "${INSTALL_DIR}/www" <Directory "${INSTALL_DIR}/www/"> Options +Indexes +Includes +FollowSymLinks +MultiViews AllowOverride All Require local </Directory> <Directory "${INSTALL_DIR}/www/.well-known/"> Require all granted </Directory> <Directory "${INSTALL_DIR}/www/upload/"> Require all granted </Directory> RewriteEngine on RewriteCond %{REQUEST_URI} '!/.well-known/acme-challenge/' RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=301] </VirtualHost>

C:\wamp64\bin\Apache\Apache2.4.#\conf\extras\httpd-ssl.conf

Copy and paste the existing virtual host listening on 443 to the bottom of the file and update the DOMAIN_NAME variables.

At this point, you can remove any line that starts with a comment (#) to clean it up.

If this virtual host is not connecting to load balancer, you can update to connect to a single port. Below is the example for the Collect! API server.

<VirtualHost _default_:443> # General setup for the virtual host DocumentRoot "${SRVROOT}/htdocs" ServerName ${DOMAIN_NAME2}:443 ServerAdmin admin@collect.org ErrorLog "${SRVROOT}/logs/error.log" TransferLog "${SRVROOT}/logs/access.log" Header set X-Frame-Options sameorigin Header set X-Content-Type-Options "nosniff" Header set X-Permitted-Cross-Domain-Policies "none" Header set Referrer-Policy "no-referrer" Header set Cross-Origin-Resource-Policy "same-origin" Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" #restrict to specific IP addresses <Location /> Order deny,allow Deny from all Allow from 1.2.3.4 Allow from 1.2.3.5 </Location> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # Server Certificate: SSLCertificateFile "F:/CollectClient/bin/api.yourdomain.com-crt.pem" # Server Private Key: SSLCertificateKeyFile "F:/CollectClient/bin/api.yourdomain.com-key.pem" # Server Certificate Chain: SSLCertificateChainFile "F:/CollectClient/bin/api.yourdomain.com-chain.pem" <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "${SRVROOT}/cgi-bin"> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # Per-Server Logging: CustomLog "${SRVROOT}/logs/ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" ProxyPreserveHost On ProxyPass / http://localhost:40000/ ProxyPassReverse / http://localhost:40000/ </VirtualHost>

Once saved, you can re-run the Let's Encrypt process to add more SSL certificates.

Update the SSL certificate values in the virtual host, then restart Wamp.

Top of page.

Upload Functionality In Web Host

The web host has an upload feature. If the above instructions are followed, then implementing is simple.

  1. Navigate to the {database}\html folder.
  2. Copy the upload_file.php file.
  3. Navigate to the wamp64\www folder.
  4. Create a folder called upload.
  5. In the upload folder, paste the upload_file.php file.
  6. In the upload folder, create another folder called upload.

The end result should be wamp64\www\upload\upload

The first upload folder contains the PHP file. All files from the portal will be placed into the second upload folder.

Useful Note You can use a script to move or process the files in the document's upload folder.

Top of page.

Was this page helpful? Do you have any comments on this document? Can we make it better? If so how may we improve this page.

Please click this link to send us your comments: helpinfo@collect.org

Copyright © 2024 Comtech Systems Inc. All rights reserved. Use of the Collect! system indicates acceptance of our product terms • Legal Notices
Use of the Collect! website indicates acceptance of our website terms
This document and any attendant software and/or services subject to change without notice.