Troubleshooting your validation problems

Here follows a list of error messages and how to resolve them:

unable to locate a conf.dispatcher.d subfolder in the archive

Your archive should contain folders conf.d and conf.dispatcher.d. Note, that you should not use the prefix etc/httpd in your archive.

unable to find any farm in conf.dispatcher.d/enabled_farms

Your enabled farms should be located in the mentioned subfolder.

file included (…) must be named: …

There are two sections in your farm configuration that must include a specific file: /renders and /allowedClients in the /cache section. Those sections must look as follows:

/renders {
    $include "../renders/default_renders.any"
}

and:

/allowedClients {
    $include "../cache/default_invalidate.any"
}

file included at unknown location: …

There are four sections in your farm configuration where you’re allowed to include a file of your own: /clientheaders, filters, /rules in /cache section and /virtualhosts. The included files need to be named as follows:

Section Include file name
/clientheaders ../clientheaders/clientheaders.any
/filters ../filters/filters.any
/rules ../cache/rules.any
/virtualhosts ../virtualhosts/virtualhosts.any

Alternatively, you can include the default version of those files, whose names are prepended with the word default_, e.g. ../filters/default_filters.any.

include statement at (…), outside any known location: …

Apart from the six sections mentioned in the paragraphs above, you are not allowed to use the $include statement, e.g. the following would generate this error:

/invalidate {
    $include "../cache/invalidate.any"
}

allowed clients/renders are not included from: …

This error is generated when you don’t specify an include for /renders and /allowedClients in the /cache section. See the top entry in this Troubleshooting for more information.

filter must not use glob pattern to allow requests

It is not secure to allow requests with a /glob style rule, which is matched against the complete request line, e.g.

/0100 {
    /type "allow" /glob "GET *.css *"
}

This statement is meant to allow requests for css files, but it also allows requests to any resource followed by the query string ?a=.css. It is therefore forbidden to use such filters (see also CVE-2016-0957).

included file (…) does not match any known file

There are two types of files in your Apache virtual host configuration that can be specified as includes: rewrites and variables. The included files need to be named as follows:

Type Include file name
Rewrites conf.d/rewrites/rewrite.rules
Variables conf.d/variables/custom.vars

Alternatively, you can include the default version of the rewrite rules, whose name is conf.d/rewrites/default_rewrite.rules. Note, that there is no default version of the variables files.

Deprecated configuration layout detected, enabling compatibility mode

This message indicates that your configuration has the deprecated version 1 layout, containing a complete Apache configuration and files with ams_ prefixes. While this is still supported for backward compatibility you should switch to the new layout.