apache 2.4 – What step am I missing to effectively update a DocumentRoot?

I am working on a new VPS, and I’ve copied over software from the development server to display at a subdomain.

At present, at least apart from tinkering with /var/www/html, I have not managed to get Apache to display anything else besides the Debian Apache “It worked!” page. My sites-enabled entry reads:

<VirtualHost *:80>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com

    ServerName apps.example.com
    ServerAdmin webmaster@localhost
    DocumentRoot /path/apps/www/
    DirectoryIndex index.cgi

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

If there is an issue with an index.cgi, I’d expect descriptive error messages (or display of the script’s source code).

What should I be investigating to give this VirtualHost its own DocumentRoot?

Thanks,

8 – Media theme missing from the file system?

Not really sure about this error, I wasn’t aware there was a media theme but could anyone help me understand this please?

User warning: The following theme is missing from the file system: media in drupal_get_filename() (line 268 of core/includes/bootstrap.inc).
drupal_get_filename(‘theme’, ‘media’) (Line: 291)
drupal_get_path(‘theme’, ‘media’) (Line: 394)
DrupalCoreAssetLibraryDiscoveryParser->drupalGetPath(‘theme’, ‘media’) (Line: 85)
DrupalCoreAssetLibraryDiscoveryParser->buildByExtension(‘media’) (Line: 87)
DrupalCoreAssetLibraryDiscoveryCollector->getLibraryDefinitions(‘media’) (Line: 66)
DrupalCoreAssetLibraryDiscoveryCollector->resolveCacheMiss(‘media’) (Line: 149)
DrupalCoreCacheCacheCollector->get(‘media’) (Line: 44)
DrupalCoreAssetLibraryDiscovery->getLibrariesByExtension(‘media’) (Line: 58)
DrupalCoreAssetLibraryDiscovery->getLibraryByName(‘media’, ‘form’) (Line: 54)
DrupalCoreAssetLibraryDependencyResolver->doGetDependencies(Array, Array) (Line: 56)
DrupalCoreAssetLibraryDependencyResolver->doGetDependencies(Array) (Line: 31)
DrupalCoreAssetLibraryDependencyResolver->getLibrariesWithDependencies(Array) (Line: 104)
DrupalCoreAssetAssetResolver->getLibrariesToLoad(Object) (Line: 116)
DrupalCoreAssetAssetResolver->getCssAssets(Object, ) (Line: 291)
DrupalCoreRenderHtmlResponseAttachmentsProcessor->processAssetLibraries(Object, Array) (Line: 161)
DrupalCoreRenderHtmlResponseAttachmentsProcessor->processAttachments(Object) (Line: 45)
DrupalCoreEventSubscriberHtmlResponseSubscriber->onRespond(Object, ‘kernel.response’, Object)
call_user_func(Array, Object, ‘kernel.response’, Object) (Line: 111)
DrupalComponentEventDispatcherContainerAwareEventDispatcher->dispatch(‘kernel.response’, Object) (Line: 191)
SymfonyComponentHttpKernelHttpKernel->filterResponse(Object, Object, 1) (Line: 173)
SymfonyComponentHttpKernelHttpKernel->handleRaw(Object, 1) (Line: 68)
SymfonyComponentHttpKernelHttpKernel->handle(Object, 1, 1) (Line: 57)
DrupalCoreStackMiddlewareSession->handle(Object, 1, 1) (Line: 47)
DrupalCoreStackMiddlewareKernelPreHandle->handle(Object, 1, 1) (Line: 99)
Drupalpage_cacheStackMiddlewarePageCache->pass(Object, 1, 1) (Line: 78)
Drupalpage_cacheStackMiddlewarePageCache->handle(Object, 1, 1) (Line: 47)
DrupalCoreStackMiddlewareReverseProxyMiddleware->handle(Object, 1, 1) (Line: 50)
DrupalCoreStackMiddlewareNegotiationMiddleware->handle(Object, 1, 1) (Line: 23)
StackStackedHttpKernel->handle(Object, 1, 1) (Line: 664)
DrupalCoreDrupalKernel->handle(Object) (Line: 19)

WebAuthn – What am I missing?

I’m trying to learn a bit about authentication and security protocols at a 10,000 foot level. I was reading about WebAuthn here: https://webauthn.guide/ and here:
https://webauthn.io/

I’m sure what I’m about to ask has obvious answers, because this protocol has been developed by smart people with probably decades of experience. But, I don’t get the two questions in bold (or more likely, i don’t get at least, the two questions in bold…):

  1. What ties the user (i.e. the carbon based life form with some sort of uniquely ‘you’ property) to the key used in the registration attempt?

For instance, if the key is generated from an HSM, where is the step of providing something that only ‘you know’, rather than ‘you physically possess but couldn’t potentially be in the possession of others,’ to verify that is your carbon life form submitting the key from the HSM for this registration attempt?
I.e. where is the passphrase, and how does needing to have that to tie ‘you’ to ‘the key’ in the whole registration process (and future login attempts) in anyway circumvent the use of passwords and all the management that goes along with them anyway?
All this boils down to needing to present something that clearly ties your carbon based existence, to the presentation of a strong key….I presume this is why Yubikey and co are going for bio-metric HSM’s….(based on the security of many bio-metric implementations in the past and their relatively ‘spoofable’ nature, that prospect doesn’t really fill me with certainty that it’s fixing anything)….
And even then, why not just present the biometric data directly and do away with the middle ware of the WebAuthn crypto key in the process?…
(presumably because there is too much data in the actual biometrics, to punch it directly over slow networks, and/or proving that it hasn’t been modified in transit requires key signing of the data anyway, so the keys are back on the table…?)

  1. What prevents a Man-In-The-Middle from hijacking the registration process with their own credentials and key material?…and then just monitoring the transactions and relaying information, or even just sitting in the middle and being an ‘evil proxy webauthn’ server, or just taking ownership of the ‘user representation’ that you tried to register?

Obviously the user would become aware when they attempted to use the given service over a network that ‘evil mitm proxy’ hasn’t managed to intercept, as the service that ‘they registered for’ with ‘their key’ will be reject the login attempt (since now the users actual key is being presented rather than ‘evil mitm key’)….but it’s all a bit late by then isn’t it?
I mean someone else at that point would own (in a cryptographic-ally verifiable manner) the service account. So, you’d know you’ve been screwed, but what are you going to do about it, particularly if that service is a publicly attributable front-end to your carbon life form (think Twitter, email, social networks or some sort of social security style registration of nation state recognised credential like a drivers licence or passport etc).


I’m thinking these problems are presumed to be solved by layering external technologies outside of the WebAuthn protocol. For instance the HSM requires bio/passphrases, and the registration happens over HTTPS.

So, is the presumption that these external mechanisms (arguably) prevent the above two scenario’s, rather than the WebAuthn protocol itself?
How much of a stack is being relied upon, to achieve the goal of binding ‘your carbon life form’ to ‘the registration for a service’ such that is apparently ‘your registration’?

users – The admin/content page only shows the Delete button for nodes; missing edit and view

I have created a role in D8 with permissions to add/edit/delete any content type, even if its not their own. They also have the blanket “Administer Content” permission.

When they view a node, they see the tabs to Edit, Delete, Revisions, etc., and are able to act accordingly without issue.

However, when viewing the admin/content overview page, the only button available underneath the “Operations” column is the delete button. When they click the title of the node and go to view it, they can edit it from there without issue.

I’ve attached a screenshot with some info blocked out.

admin/content overview page with only delete buttons

coinbase.com – Missing money sent from blockchain to coin base

Missing money sent from blockchain to coin base. I have put in multiple tickets with coinbase starting on 6/18 and am not gettting any help. They say it takes 5-7 dayes it has been almost 2 months. Is there someone i can call

Hi there,

Thanks for contacting Coinbase Support. I understand the importance of your digital currency and thank you for your patience with us.

I’ve taken a look at your case and am working with a specialist to address your issue properly. Please note that these reviews are typically completed within 5-7 business days.

Thank you,
Coinbase Support

Firefox profile is missing or inaccessible (again) on macOS High Sierra after running CleanMyMac X

My Firefox install broke right after I first ran a version of CleanMyMac X. When trying to run, I get this error.

Your firefox profile cannot be loaded. It may be missing or inaccessible mac.

To troubleshoot, I did the following:

  1. I tried downloading the latest FireFox.

    /Applications/Firefox.app/Contents/MacOS/firefox --full-version
    
    Mozilla Firefox 79.0 20200720193547 20200720193547
    (MacOS High Sierra (10.13.6 (17G11023)))
    
  2. I also checked these files.

    ~/Library/Application Support/Firefox/ # If I rename this to a backup file, this get replaced on an attempted FF launch 
    ~/Library/Caches/Firefox/Profiles/ # Doesn't exist
    

I’ve followed Mozilla’s official guide for “How to run Firefox when your profile is missing or inaccessible”. I’ve also combed through this SO post to no avail.

Has anyone solved this? Even while following the documentation, I get the same error window, regardless of the command that I run.

/Applications/Firefox.app/Contents/MacOS/firefox-bin -P
/Applications/Firefox.app/Contents/MacOS/firefox -P
/Applications/Firefox.app/Contents/MacOS/firefox --ProfileManager

enter image description here

What am is missing? (API CORS)

I created a plug-in that retrieves data from an api(at least tries to!). This is the code of the function.

function call_back(){

     
$apiKey = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
$response = wp_remote_get ('http://mysite.atlassian.net/rest/api/3/issue/LD-1',$args);
$args = array(

    'headers' => array(
      'Content-Type' => 'application/json',
      'Authorization' => 'Basic ', $apiKey,
    )
);


echo '<pre>';
var_dump(wp_remote_retrieve_body($response));
echo '</pre>';
};

The api key that i use works, used it in postman. But the problem i get is that in WP i get:

"string(95) "{"errorMessages":("Issue does not exist or you do not have permission to see it."),"errors":{}}""

I do have permission and the issue does exist, the problem is with authentication. For some reason i don’t get access. Any idea on why?

magento2 – Status attribute missing values

After building a new Magento (2.3.5-p1) webshop and imported the products and categories from the old Magento 1 webshop, I have now the problem that a duplicated product is not showing in the frontend. The product is enabled in the backend.

When I wanted to add the product to an order in the backend, I got the notice the product was disabled.

I checked the product status attribute in th e backend and noticed that it had no values. Is it possible to restore the values with SQL? In the backend it is not possible.

Date-Sensitive Interpolation of Missing Data in Google Sheets

I am trying to calculate the correlation coefficient of a dataset with missing data. It’s difficult to describe why data is missing, so I posted an editable spreadsheet to help illustrate the problem:

https://docs.google.com/spreadsheets/d/1acO8hZARorwd8_NsAnAuKaulpemQe7W0AUzgzf3Mku8/edit?usp=sharing

Sheet 3 contains the dataset that I want to calculate the correlation coefficient for. Column B was collected from Sheet1, and column C was collected from Sheet2. The missing data results from combining the data from Sheet1 and Sheet2. Is there any way to interpolate the missing data while considering the dates and times posted in column A?

For instance, cell B5 is blank. The average of the cells above and below B5 would be “4”, but because the dates/times between A4 and A5 are much closer, B5 should be filled in with a higher number, such as 4.7 or 4.8. Is this possible to do in Sheets?