Avoid Potholes When Deploying Drupal Sites to Media Temple Virtual Private Servers
I recently had occasion to set up a new Drupal site on a dedicated virtual private server on Media Temple (dv 4.0). Everything was going swimmingly until I deployed the site and tried to reach it via the IP address.
The result was the install.php page, even though my settings file was uploaded and had the correct settings for the database.
To make matters more frustrating, the log files were not located in the standard place (/var/log/httpd/domain.com-error.log)
After some searching we* finally found them at /var/www/vhosts/domain.com/conf/ and found that the particular file that contained the database settings was causing a 403 error - access forbidden.
More searching revealed a setting in the httpd config file that automatically sets the open_basedir option for Apache like so:
php_admin_value open_basedir /var/www/vhosts/yourdomain.com/httpdocs/:/tmp/
Which meant that anything outside of the approved directories - like say, the settings file which stores the database information - couldn't be reached.
So then it was off to the httpd_ip_default.include file in the conf folder.
The first lines in that file were extremely ominous:
# ATTENTION! # DO NOT MODIFY THIS FILE OR ANY PART OF IT. THIS CAN RESULT IN IMPROPER PLESK # FUNCTIONING OR FAILURE, CAUSE DAMAGE AND LOSS OF DATA. IF YOU REQUIRE CUSTOM # MODIFICATIONS TO BE APPLIED TO THE CONFIGURATION, PLEASE, PERFORM THEM IN THE # FOLLOWING FILE(S): #/var/www/vhosts/penusa.org/conf/vhost.conf #/var/www/vhosts/penusa.org/conf/vhost_ssl.conf
Backing away slowly, we created the vhost.conf file and set open_basedir to none to turn off the option, restarted Apache and waited for magic.
Don't tell anyone, but at that point, we edited the DO NOT EDIT file, just to see if it would actually fix things. It did, yay! But we did it illegally, boo!
Later when I had more time, I dug a little deeper to figure out the right way to override the conf file.
In this Media Temple knowledge article, I found the magic ingredient:
Reconfigure your webserver so it will look for your new vhost.conf file by running the following code:
REALLY? That would have been nice information to put in the DO NOT EDIT message don't you think?
So now the vhost.conf file looks like this:
<Directory "/var/www/vhosts/yourdomain.com/httpdocs"> php_admin_value open_basedir none Options +FollowSymLinks </Directory>
And voila! After restarting Apache, Our files were all visible again and life (well, at least surfing), could resume.
I hope this little story can save a few other Media Temple users a few headaches.
*Thanks to Dylan Tack for much help in solving these deployment issues.