Re: [users@httpd] Alternate Ports and Virtual Directories
What response do you get to the command "ping localhost" What do you have on the "Listen" directive in your config? On 8 March 2012 15:57, Crispen Smith wrote: > > Hello, > I'm hoping I'm not posting this in a place or a way that will offend as I > only came across these forums this morning via google while looking for > groups that may be able to help with a problem I am encountering. > > This is a fairly long post, and I apologize for that but a lot of it is > code > excerpts that are probably familiar to anyone who's worked with the > HTTPD.conf file for Apache. > > Any help would be greatly appreciated. > > Here's the situation: > > I've been using WAMP problem free for a couple of years now, across a > couple > of different platforms and been very happy with it. > > Recently, I've had to install some other apps that are listening to port 80 > and ideally don't want to disable them whenever I'm doing web development, > so I'm experimenting with alternate ports. > > I've gotten 127.0.0.1: working correctly using the advice on this url: > [www.tivohelp.com] > > however, I can't seem to get localhost working correctly; I'm getting a 404 > if I call it as localhost and Forbidden if I call it as localhost:. > > I have tried 2 different versions of the localhost directives, one > referencing port in the allow from, and one ignoring it. The one > referencing the port will not allow Apache to start so I'm going to assume > we can go without it. Here's the relevant section of my http.conf > > ServerName localhost: > > # > # DocumentRoot: The directory out of which you will serve your > # documents. By default, all requests are taken from this directory, but > # symbolic links and aliases may be used to point to other locations. > # > DocumentRoot "c:/wamp/www/" > > # > # Each directory to which Apache has access can be configured with respect > # to which services and features are allowed and/or disabled in that > # directory (and its subdirectories). > # > # First, we configure the "default" to be a very restrictive set of > # features. > # > > Options FollowSymLinks > AllowOverride None > Order deny,allow > Deny from all > > > # > # Note that from this point forward you must specifically allow > # particular features to be enabled - so if something's not working as > # you might expect, make sure that you have specifically enabled it > # below. > # > > # > # This should be changed to whatever you set DocumentRoot to. > # > > # > # Possible values for the Options directive are "None", "All", > # or any combination of: > # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews > # > # Note that "MultiViews" must be named *explicitly* --- "Options All" > # doesn't give it to you. > # > # The Options directive is both complicated and important. Please see > # [httpd.apache.org] > # for more information. > # > Options Indexes FollowSymLinks > > # > # AllowOverride controls what directives may be placed in .htaccess files. > # It can be "All", "None", or any combination of the keywords: > # Options FileInfo AuthConfig Limit > # > AllowOverride all > > # > # Controls who can get stuff from this server. > # > > # onlineoffline tag - don't remove > Order Deny,Allow > Deny from all > Allow from 127.0.0.1 > # Allow from 127.0.0.1: > > > Ideally, once I have localhost: working correctly I need to get 2 more > Vhosts running. This is the essential part as I'm using Zend for > development > and have all of my zend assets in two vhost directories. > > The old configuration had the following entries in my hosts file: > 127.0.0.1 ct.local > 127.0.0.1 km.local > > and Matching Vhosts in http.conf. However, I've removed the vhosts for now > as I don't want to muddy the waters on this part. > > I believe the directives should look like: > > > DocumentRoot "C:\Users\Public\Documents\CT" > ServerName ct.local > > AllowOverride all > > Order Deny,Allow > Deny from all > Allow from 127.0.0.1 > > > > Any help would be greatly appreciated. > -- > View this message in context: > http://old.nabble.com/Alternate-Ports-and-Virtual-Directories-tp33465842p33465842.html > Sent from the Apache HTTP Server - Users mailing list archive at > Nabble.com. > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Alternate Ports and Virtual Directories
Well, first off, the ServerName directive shouldn't contain ":" On 8 March 2012 15:57, Crispen Smith wrote: > > Hello, > I'm hoping I'm not posting this in a place or a way that will offend as I > only came across these forums this morning via google while looking for > groups that may be able to help with a problem I am encountering. > > This is a fairly long post, and I apologize for that but a lot of it is > code > excerpts that are probably familiar to anyone who's worked with the > HTTPD.conf file for Apache. > > Any help would be greatly appreciated. > > Here's the situation: > > I've been using WAMP problem free for a couple of years now, across a > couple > of different platforms and been very happy with it. > > Recently, I've had to install some other apps that are listening to port 80 > and ideally don't want to disable them whenever I'm doing web development, > so I'm experimenting with alternate ports. > > I've gotten 127.0.0.1: working correctly using the advice on this url: > [www.tivohelp.com] > > however, I can't seem to get localhost working correctly; I'm getting a 404 > if I call it as localhost and Forbidden if I call it as localhost:. > > I have tried 2 different versions of the localhost directives, one > referencing port in the allow from, and one ignoring it. The one > referencing the port will not allow Apache to start so I'm going to assume > we can go without it. Here's the relevant section of my http.conf > > ServerName localhost: > > # > # DocumentRoot: The directory out of which you will serve your > # documents. By default, all requests are taken from this directory, but > # symbolic links and aliases may be used to point to other locations. > # > DocumentRoot "c:/wamp/www/" > > # > # Each directory to which Apache has access can be configured with respect > # to which services and features are allowed and/or disabled in that > # directory (and its subdirectories). > # > # First, we configure the "default" to be a very restrictive set of > # features. > # > > Options FollowSymLinks > AllowOverride None > Order deny,allow > Deny from all > > > # > # Note that from this point forward you must specifically allow > # particular features to be enabled - so if something's not working as > # you might expect, make sure that you have specifically enabled it > # below. > # > > # > # This should be changed to whatever you set DocumentRoot to. > # > > # > # Possible values for the Options directive are "None", "All", > # or any combination of: > # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews > # > # Note that "MultiViews" must be named *explicitly* --- "Options All" > # doesn't give it to you. > # > # The Options directive is both complicated and important. Please see > # [httpd.apache.org] > # for more information. > # > Options Indexes FollowSymLinks > > # > # AllowOverride controls what directives may be placed in .htaccess files. > # It can be "All", "None", or any combination of the keywords: > # Options FileInfo AuthConfig Limit > # > AllowOverride all > > # > # Controls who can get stuff from this server. > # > > # onlineoffline tag - don't remove > Order Deny,Allow > Deny from all > Allow from 127.0.0.1 > # Allow from 127.0.0.1: > > > Ideally, once I have localhost: working correctly I need to get 2 more > Vhosts running. This is the essential part as I'm using Zend for > development > and have all of my zend assets in two vhost directories. > > The old configuration had the following entries in my hosts file: > 127.0.0.1 ct.local > 127.0.0.1 km.local > > and Matching Vhosts in http.conf. However, I've removed the vhosts for now > as I don't want to muddy the waters on this part. > > I believe the directives should look like: > > > DocumentRoot "C:\Users\Public\Documents\CT" > ServerName ct.local > > AllowOverride all > > Order Deny,Allow > Deny from all > Allow from 127.0.0.1 > > > > Any help would be greatly appreciated. > -- > View this message in context: > http://old.nabble.com/Alternate-Ports-and-Virtual-Directories-tp33465842p33465842.html > Sent from the Apache HTTP Server - Users mailing list archive at > Nabble.com. > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] changing owner:group of uploaded data
This certainly sounds like a situation for SUEXEC. However, if you need the apache server to assign files to arbitrary user:group then there are two ways that I know of: 1. You could create a SUDO entry which allows apache to use the chown/chgrp command AS root 2. You could create a program to issue the chown/chgrp commands and use the SETUID bit so that it executes as root. In the first case, the SUDO entry should be restricted to your apache ID In the second case, the process is controlled by a program that you control, so you can add any security that you wish. I'd start by having the program verify that it is, indeed, running under the apache userid, whatever that is in your case. On 4 March 2012 21:57, Mark Montague wrote: > On March 4, 2012 12:33 , Wolfgang Laun wrote: > >> A CGI script creates a file; it should also change it's "natural" owner >> and group (daemon.daemon) to the one of the (authenticated) requesting >> user. Several users should be able to do that. Having read the Apache 2.4 >> documentation on Suexec I have the impression that this isn't possible at >> all. Is this correct or did I miss something? >> > > Only root can change the owner of a file. So if a CGI needs to change the > owner of a file that it creates, the CGI would have to be run as root (very > dangerous, do not do this) or it would have to use a set-uid helper script > to change the owner. Suexec cannot change the owner of a file created by a > CGI, because it will not know what files the CGI creates. > > I think what you want is to run the CGI as the user who is authenticated. > Then any files created by the CGI will be owned by the user who is > authenticated. Does this sound right? > > For more information, see https://wiki.apache.org/httpd/** > PrivilegeSeparation <https://wiki.apache.org/httpd/PrivilegeSeparation> > > -- > Mark Montague > m...@catseye.org > > > --**--**- > To unsubscribe, e-mail: > users-unsubscribe@httpd.**apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Problems with cgi scripts and Apache's log.
My apologies; gmail disguised the Spanish so I didn't realise until too late. I should have been more careful with my English. If you added: Alias /cgi-bin/cbws1084.dll /var/apache2/html/go_away.html ... to your apache configuration, then any request for /cgi-bin/cbws1084.dll would be served from page /go_away.html in your document root; you'd have to adjust the path to suit your system. You could put anything in there, such as: Page not foundPlease stop using URI /cgi-bin/cbws1084.dll 2012/3/1 Antonio Fernández Pérez > Hi Steve > > Thanks for your reply. I don't understand what I should to do. Can you > explain me it again? > > Thanks. > > Best regards, > > Toni. > > El 1 de marzo de 2012 12:44, Steve Swift escribió: > >> You could alias /cgi-bin/cbws1084.dll to /sod_off.html >> >> 2012/3/1 Antonio Fernández Pérez >> >>> Hi everybody, >>> >>> I'm having problems with my Apache. Apache's log of my server is growing >>> a lot because somebody tries to execute this file "cgi-bin/cbws1084.dll" >>> that doesn't exist. Anybody can tell me if is possible disable this or how >>> can I do to solve it? >>> >>> Thanks. >>> >>> Best regards, >>> >>> Toni. >>> >>> -- >>> >>> *Antonio Manuel Fernández Pérez* >>> >>> Ingeniero Técnico Informático >>> >>> Dpto. Informático Fabergames S.L. >>> >>> TLF:96626 / FAX:966551801 >>> >>> www.fabergames.com >>> Fabergames respeta su >>> privacidad<http://www.fabergames.com/index.php/component/content/article/57/1-politica-de-privacidad> >>> >>> * * * ADVERTENCIA LEGAL * * * >>> >>> Le informamos, como destinatario de este mensaje, que el correo >>> electrónico y las comunicaciones por medio de Internet no permiten asegurar >>> ni garantizar la confidencialidad de los mensajes transmitidos, así como >>> tampoco su integridad o su correcta recepción, por lo que FABERGAMES S.L. >>> no asume responsabilidad alguna por tales circunstancias. Si no consintiese >>> en la utilización del correo electrónico o de las comunicaciones vía >>> Internet le rogamos nos lo comunique y ponga en nuestro conocimiento de >>> manera inmediata. Este mensaje va dirigido, de manera exclusiva, a su >>> destinatario y contiene información confidencial y sujeta al secreto >>> profesional, cuya divulgación no está permitida por la ley. En caso de >>> haber recibido este mensaje por error, le rogamos que, de forma inmediata, >>> nos lo comunique mediante correo electrónico remitido a nuestra atención o >>> a través del teléfono (+ 34) 966 26 11 11 y proceda a su eliminación, >>> así como a la de cualquier documento adjunto al mismo. Asimismo, le >>> comunicamos que la distribución, copia o utilización de este mensaje, o de >>> cualquier documento adjunto al mismo, cualquiera que fuera su finalidad, >>> están prohibidas por la ley. >>> >>> >>> >>> >> >> >> -- >> Steve Swift >> http://www.swiftys.org.uk >> > > > > -- > > *Antonio Manuel Fernández Pérez* > > Ingeniero Técnico Informático > > Dpto. Informático Fabergames S.L. > > TLF:96626 / FAX:966551801 > > www.fabergames.com > Fabergames respeta su > privacidad<http://www.fabergames.com/index.php/component/content/article/57/1-politica-de-privacidad> > > * * * ADVERTENCIA LEGAL * * * > > Le informamos, como destinatario de este mensaje, que el correo > electrónico y las comunicaciones por medio de Internet no permiten asegurar > ni garantizar la confidencialidad de los mensajes transmitidos, así como > tampoco su integridad o su correcta recepción, por lo que FABERGAMES S.L. > no asume responsabilidad alguna por tales circunstancias. Si no consintiese > en la utilización del correo electrónico o de las comunicaciones vía > Internet le rogamos nos lo comunique y ponga en nuestro conocimiento de > manera inmediata. Este mensaje va dirigido, de manera exclusiva, a su > destinatario y contiene información confidencial y sujeta al secreto > profesional, cuya divulgación no está permitida por la ley. En caso de > haber recibido este mensaje por error, le rogamos que, de forma inmediata, > nos lo comunique mediante correo electrónico remitido a nuestra atención o > a través del teléfono (+ 34) 966 26 11 11 y proceda a su eliminación, así > como a la de cualquier documento adjunto al mismo. Asimismo, le comunicamos > que la distribución, copia o utilización de este mensaje, o de cualquier > documento adjunto al mismo, cualquiera que fuera su finalidad, están > prohibidas por la ley. > > > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Problems with cgi scripts and Apache's log.
You could alias /cgi-bin/cbws1084.dll to /sod_off.html 2012/3/1 Antonio Fernández Pérez > Hi everybody, > > I'm having problems with my Apache. Apache's log of my server is growing a > lot because somebody tries to execute this file "cgi-bin/cbws1084.dll" that > doesn't exist. Anybody can tell me if is possible disable this or how can I > do to solve it? > > Thanks. > > Best regards, > > Toni. > > -- > > *Antonio Manuel Fernández Pérez* > > Ingeniero Técnico Informático > > Dpto. Informático Fabergames S.L. > > TLF:96626 / FAX:966551801 > > www.fabergames.com > Fabergames respeta su > privacidad<http://www.fabergames.com/index.php/component/content/article/57/1-politica-de-privacidad> > > * * * ADVERTENCIA LEGAL * * * > > Le informamos, como destinatario de este mensaje, que el correo > electrónico y las comunicaciones por medio de Internet no permiten asegurar > ni garantizar la confidencialidad de los mensajes transmitidos, así como > tampoco su integridad o su correcta recepción, por lo que FABERGAMES S.L. > no asume responsabilidad alguna por tales circunstancias. Si no consintiese > en la utilización del correo electrónico o de las comunicaciones vía > Internet le rogamos nos lo comunique y ponga en nuestro conocimiento de > manera inmediata. Este mensaje va dirigido, de manera exclusiva, a su > destinatario y contiene información confidencial y sujeta al secreto > profesional, cuya divulgación no está permitida por la ley. En caso de > haber recibido este mensaje por error, le rogamos que, de forma inmediata, > nos lo comunique mediante correo electrónico remitido a nuestra atención o > a través del teléfono (+ 34) 966 26 11 11 y proceda a su eliminación, así > como a la de cualquier documento adjunto al mismo. Asimismo, le comunicamos > que la distribución, copia o utilización de este mensaje, o de cualquier > documento adjunto al mismo, cualquiera que fuera su finalidad, están > prohibidas por la ley. > > > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] unexpected EOF while looking for matching
Do any of the GET requests in your access log correspond with CGI scripts which might run for a long time? I presume that the access log entry corresponds to when the script starts, not when it ends. The "sh" error messages may thus occur minutes after the corresponding GET entry in the access log. In my case, the language that I'm using allows for me to request an exception if a shell command exits with a non-zero return code (the "misisng quote" error yields RC=1). So, each time I find one of these, I ensure that scripts which ran before the error get updated to trap non-zero return codes. I've found (and fixed) precisely one instance since I started this approach. On 20 February 2012 16:16, Phil Smith wrote: > Do you have any suggestions for some way of mapping the sh error back > to the IP address making the request (assuming it's an external > request)? That would be helpful in attributing the error to a given > request, but I can't think of a way to do that. > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] unexpected EOF while looking for matching
Thank you for your persistence, which has paid off, and conquered my obtuseness. So, apache doesn't invoke "sh". Neither does my code, explicitly. But when my script invokes a host command, the interpreter just hands the command to the default execution environment, which in this case is "sh". I wrote a test command, called "quote", then tried to execute it incorrectly, in a script called "test_shell". The code in test_shell is: "quote 'stuff" ... so the command passed to "sh" would be *quote 'stuff* and that generates exactly the error messages that I see. Debugging this will be simple, now I know what I'm looking for; the interpreter can raise an exception whenever a host command returns anything other than a zero return code. If you just know to ask it to do so. I'm now looking forward with some excitement to the next occurrence of the problem. It's just a shame that they are quite rare. On 20 February 2012 13:54, Tom Evans wrote: > 'll try and make it clearer - Apache *does not* invoke sh, *for any > reason*. If sh is being invoked, your script is doing it. If you see > sh errors in your error log, then your script is invoking sh > incorrectly. > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] unexpected EOF while looking for matching
Ah, but the "sh" error means that my code never starts executing. If the very first line of my code were to get executed, then the error message would come from the error handlers in my code, but nothing in my code executes under these circumstances. So, without a single byte of my code changing (including the shebang; the file's "last changed" timestamp is usually months in the past), the script will run happily for months on end, encounter one of these weird "sh" errors, then go back to working again. On 20 February 2012 10:36, Tom Evans wrote: > Again, unlikely. Computer programs, given the same inputs, will > generally produce the same outputs. Probably you are not invoking the > script with the same environment - if you are invoking as a CGI, that > includes all headers, cookies, user agent strings etc. > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] unexpected EOF while looking for matching
I get entries like this in my error log. They are extremely sporadic, and because the access rate is low on our server, it is easy to find the CGI script that was being accessed. In all cases, it is one which hasn't changed in months, and has seen plenty of use in the intervening period, without problems. My assumption is that this is some temporary blockage in the file system that causes apache to think it has reached EOF before it has actually processed the entire script. What puzzles me is: What is looking for quotes in the first place? The script in question is written in Open Object Rexx. The shebang is: #!/usr/bin/rexx -- REXX is perfectly happy to execute the script (witness the prior successful usage, since it was last updated). Altogether, one of my life's great mysteries. On 18 February 2012 15:40, Phil Smith wrote: > On Sat, Feb 18, 2012 at 7:10 AM, Eric Covener wrote: > > On Sat, Feb 18, 2012 at 12:00 AM, Phil Smith > wrote: > >> I'm running Apache/2.2.3 (CentOS) which is the latest version > >> available for CentOS5. > >> I'm noticing the following in my error logs: > >> sh: -c: line 0: unexpected EOF while looking for matching `"' > >> sh: -c: line 1: syntax error: unexpected end of file > >> > >> They usually arrive in groups of 2-10 such messages; always the exact > >> same message and always in pairs. > >> > >> I've done all the normal examination of access logs that you would > >> expect and with various markers that I've been able to send to my > >> error log, I can pinpoint the time of the errors to within a second or > >> two. But nothing of interest shows in my access logs. Only what > >> appears to be normal and harmless looking GET requests for appropriate > >> URLs to my site. There are not any POSTs near the error time which I > >> understand could send data that I could not gather from the access > >> logs. > >> > >> I've googled and have seen a very few people seeing this, but no > answers. > >> > >> Any thoughts, please? > > > > Find a shell-script CGI accessed around the same time. > > I've already looked for several hours gathering access log data around > the time of those errors. I'm writing some debug to my access logs > every second so I have a very accurate timestamp around the sh errors. > The only requests in the access logs near the time in question are > perl CGIs requested via GET so I can request them myself in the exact > same manner and they do not produce the 'sh' error. They work as > expected. I'm beginning to suspect something internal to apache or an > apache module that might be printing to STDERR and failing. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] vhosts conf file efficiency
I don't think it would make a significant difference if you had a single file with 2000 vhosts, or 2000 files with one vhost each. Having them all in one file would make life easier if you needed to make a global change. One caveat: Don't ever rely on a a wildcard INCLUDE for the order of your vhosts. This probably only matters for the first vhost, which is the default for any request which doesn't match any vhost. On 12 February 2012 06:35, Nick Edwards wrote: > Hi, > > Is it more efficient for all virtualhost blocks to be in a single > file, eg httpd-vhosts.conf, or for each of them to be in their own > "one file per domain" via an include hosts.d/*.conf > We are talking a minimum of 2000 hosts per machine. > > Memory I assume would be the same since it needs to know every domain, > but hows it for speed of starts? > > Any other caveats, like file descriptor issues? > > Thanks > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] RE: Can you use variables inside a conf file?
I'll investigate mod_macro. Thank you.
On 29 January 2012 11:01, Rainer Jung wrote:
> On 29.01.2012 09:42, Steve Swift wrote:
>
>> Out of curiosity, is it possible to define the same environment
>> variable, but with different values, in different VirtualHosts? I
>> presume this can't be done, as all of the hosts would inherit the same
>> environment, including the environment variables.
>>
>> For example, I have live and test versions of every "server" in our
>> apache. The live server uses directory /cgi-bin/ and the test server
>> uses /cgi-test/. This means that we have to define things like aliases
>> in both live and test VirtualHosts. This means we can screw them up...
>>
>> I've always wanted to define some sort of "local" variable in each
>> VirtualHost, containing the location of the cgi directory. Then we could
>> INCLUDE the same set of aliases in both the live and test hosts, but
>> they would pick up their respective paths.
>>
>> In fact, I've often wished that the Apache configuration would support
>> its own internal variables, but so far nothing has happened. I must not
>> be wishing hard enough.
>>
>
> Sorry, mod_define and the builtin variables for Apache 2.4 only support
> global variables.
>
> Maybe mod_macro could help you. It allows to specify recurring config
> snipets which you can instantiate using parameters.
>
> Regards,
>
> Rainer
>
> On 28 January 2012 14:53, Rainer Jung > <mailto:rainer.jung@kippdata.**de >> wrote:
>>
>>On 25.01.2012 14:47, Desilets, Alain wrote:
>>
>>I use this syntax too, but I think it works for me
>>only because of my
>>loading of a NON-STANDARD module, mod_define.
>>
>>http://people.apache.org/~__**rjung/mod_define/mod_define.__**
>> html <http://people.apache.org/~__rjung/mod_define/mod_define.__html>
>>
>><http://people.apache.org/~**rjung/mod_define/mod_define.**
>> html <http://people.apache.org/~rjung/mod_define/mod_define.html>>
>>
>>
>>It works for me and I don't have mod_define loaded.
>>
>>
>>Using an environment variable with the ${MYVAR} syntax works without
>>mod_define. If you want to define the value of the variable inside
>>the httpd configuration files, you would need mod_define.
>>
>>Major difference: environment variables can't be changed with
>>"apachectl restart" or "apachectl graceful", because in both cases
>>the httpd parent process keept running and all child processes are
>>forked from it with an unchanged environment.
>>
>>If you define the variables inside the configuration and use the
>>additional module, any changes to the definitions will become active
>>by "apachectl restart" and "apachectl graceful".
>>
>>Starting with the forthcoming Apache 2.4 defining variable inside
>>the httpd configuration will become a core feature.
>>
>>Regards,
>>
>> Rainer
>>
>
> --**--**-
> The official User-To-User support forum of the Apache HTTP Server Project.
> See
> http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>>
> for more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.**apache.org
> " from the digest:
> users-digest-unsubscribe@**httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
--
Steve Swift
http://www.swiftys.org.uk
Re: [users@httpd] RE: Can you use variables inside a conf file?
Out of curiosity, is it possible to define the same environment variable,
but with different values, in different VirtualHosts? I presume this can't
be done, as all of the hosts would inherit the same environment, including
the environment variables.
For example, I have live and test versions of every "server" in our apache.
The live server uses directory /cgi-bin/ and the test server uses
/cgi-test/. This means that we have to define things like aliases in both
live and test VirtualHosts. This means we can screw them up...
I've always wanted to define some sort of "local" variable in each
VirtualHost, containing the location of the cgi directory. Then we could
INCLUDE the same set of aliases in both the live and test hosts, but they
would pick up their respective paths.
In fact, I've often wished that the Apache configuration would support its
own internal variables, but so far nothing has happened. I must not be
wishing hard enough.
On 28 January 2012 14:53, Rainer Jung wrote:
> On 25.01.2012 14:47, Desilets, Alain wrote:
>
>>I use this syntax too, but I think it works for me only because of
>>> my
>>>loading of a NON-STANDARD module, mod_define.
>>>
>>>http://people.apache.org/~**rjung/mod_define/mod_define.*
>>> *html <http://people.apache.org/~rjung/mod_define/mod_define.html>
>>>
>>
>> It works for me and I don't have mod_define loaded.
>>
>
> Using an environment variable with the ${MYVAR} syntax works without
> mod_define. If you want to define the value of the variable inside the
> httpd configuration files, you would need mod_define.
>
> Major difference: environment variables can't be changed with "apachectl
> restart" or "apachectl graceful", because in both cases the httpd parent
> process keept running and all child processes are forked from it with an
> unchanged environment.
>
> If you define the variables inside the configuration and use the
> additional module, any changes to the definitions will become active by
> "apachectl restart" and "apachectl graceful".
>
> Starting with the forthcoming Apache 2.4 defining variable inside the
> httpd configuration will become a core feature.
>
> Regards,
>
> Rainer
>
>
> --**--**-
> The official User-To-User support forum of the Apache HTTP Server Project.
> See
> http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>>
> for more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.**apache.org
> " from the digest:
> users-digest-unsubscribe@**httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>
--
Steve Swift
http://www.swiftys.org.uk
Re: [users@httpd] Running cgi binaries as root
An alternative is to create a virtualhost to run URL's in the format http://server.name~root/cgi-bin/etc (I forget the technical term for these hosts run under the authority of the user in the ~root/ part of the URL). There may be restrictions on using user root though; I've never tried this. This sidesteps the set-uid requirement as the code will be run under the authority of root. So you don't have to worry about anyone else who might somehow get access to execute the code AS root. On 24 January 2012 14:19, Mark Montague wrote: > On January 24, 2012 9:00 , Tarzan Jane wrote: > >> The scripts address IO-pins on the embedded system [...] If I run the >> scripts as root in the /var/www/cgi-bin directory all is fine. But when >> trying to run the scripts using Apache via a web page nothing happens. This >> is because the scripts are run as www-data user and the www-data user is >> not allowed to perform these actions. Suexec doesn't work either because >> suexec expects ascii written cgi/php/pl script. >> > > If you can grant the www-data user the right to address the IO pins, that > is the best solution. This way, the CGIs are given only the permissions > they need, not superuser (root) permissions to do everything. If, for > example, the IO pins are addressed through device files, then you may be > able to simply change the owner of the device files to www-data. > > Otherwise, you can change the owner of the CGI binaries to be root and > turn on the set-uid bit. This way, when the CGI binaries are run they will > be run as root. > https://en.wikipedia.org/wiki/**Setuid<https://en.wikipedia.org/wiki/Setuid> > Since you've already said that you're aware of the security issues, I > won't repeat any dire warnings here. > > -- > Mark Montague > m...@catseye.org > > > --**--**- > The official User-To-User support forum of the Apache HTTP Server Project. > See > http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>> > for more info. > To unsubscribe, e-mail: > users-unsubscribe@httpd.**apache.org > " from the digest: > users-digest-unsubscribe@**httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] webserver
You are probably reaching the server but it is rejecting the connection. Technically, this isn't an error, so the messages about these events go into the access log, as your access was denied. See if there is anything interesting in there. On our system it is at /var/log/apache2/access.log On 21 January 2012 08:33, Dr. Sunil M. Dogra wrote: > Sorry my private ip is 10.20.1.44 and 10.20.1.45 > > > > Thank you Steve >> >> 10.20.2.1 is my private ip >> >> ping 10.20.1.44 works >> ssh to 10.20.1.44 works >> >> scp from 10.20.1.45 to 10.20.1.44 works >> >> >> but http://10.20.1.44 does not work >> >> Any help >> >> With Best regards >> sunil >> >> On Sat, Jan 21, 2012 at 1:06 PM, Steve Swift wrote: >> >>> On one of the systems which cannot connect, issue the command "ping >>> myserver.edu.in" (or whatever the actual hostname is) and compare the >>> result with the actual IP address of the server. >>> >>> If they are different (a 99% probability) then fix that. >>> >>> The other 1% probability might be interesting. >>> >>> On 21 January 2012 06:46, Frank Gingras wrote: >>> >>>> >>>> >>>> On 20/01/12 06:42 AM, Dr. Sunil M. Dogra wrote: >>>> >>>>> >>>>> Hi >>>>> >>>>> I am running webserver on Scientific linux 6.1 (64bit) machine in >>>>> private network >>>>> "http://myserver.edu.in"; >>>>> >>>>> I am able to see this page on server but when open on other machines on >>>>> my private network, it says can't connect to http://server.edu.in >>>>> because it could not find server. >>>>> >>>>> >>>>> I can ssh to this server, also can copy the file to this server. >>>>> >>>>> >>>>> any help ??? >>>>> >>>>> >>>>> With Best Regards >>>>> sunil >>>>> >>>> >>>> That's a DNS error. >>>> >>>> Frank >>>> >>>> --**--** >>>> - >>>> The official User-To-User support forum of the Apache HTTP Server >>>> Project. >>>> See >>>> http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>> >>>> for more info. >>>> To unsubscribe, e-mail: >>>> users-unsubscribe@httpd.**apache.org >>>> " from the digest: >>>> users-digest-unsubscribe@**httpd.apache.org >>>> For additional commands, e-mail: users-h...@httpd.apache.org >>>> >>>> >>> >>> >>> -- >>> Steve Swift >>> http://www.swiftys.org.uk >>> >> >> > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] webserver
On one of the systems which cannot connect, issue the command "ping myserver.edu.in" (or whatever the actual hostname is) and compare the result with the actual IP address of the server. If they are different (a 99% probability) then fix that. The other 1% probability might be interesting. On 21 January 2012 06:46, Frank Gingras wrote: > > > On 20/01/12 06:42 AM, Dr. Sunil M. Dogra wrote: > >> >> Hi >> >> I am running webserver on Scientific linux 6.1 (64bit) machine in >> private network >> "http://myserver.edu.in"; >> >> I am able to see this page on server but when open on other machines on >> my private network, it says can't connect to http://server.edu.in >> because it could not find server. >> >> >> I can ssh to this server, also can copy the file to this server. >> >> >> any help ??? >> >> >> With Best Regards >> sunil >> > > That's a DNS error. > > Frank > > --**--**- > The official User-To-User support forum of the Apache HTTP Server Project. > See > http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>> > for more info. > To unsubscribe, e-mail: > users-unsubscribe@httpd.**apache.org > " from the digest: > users-digest-unsubscribe@**httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Name Virtual Host Weirdness
One more comment on the "defunct vhost" setup. You have to be very careful if you decide to define each of your virtual hosts in their own distinct definition file, and include them all with a wildcard Include directive, such as "Include vhost.*" I think that the order that the files are included is alphabetical. Whatever it is, the order can easily be changed by introducing new files, which might not get included where you expect in the sequence. More importantly, the vhost which is first (default) may change unexpectedly. This is what happened to us. I have a webpage on our server which displays the effective httpd.conf with all of the "include"s expanded out. I recently added a case-sensitive alphabetical sort on filename when an include directive references multiple files, so that's what my research identified a few months ago. On 13 January 2012 16:29, Tom Evans wrote: > On Fri, Jan 13, 2012 at 4:13 PM, Clay Porter > wrote: > > Thanks for the info. I will try what you suggested. > > > > I'm pretty new to all of this, so I hope you don't mind a n00b > > question. What do you mean by a "defunct vhost"? Could I trouble you > > for an example? > > > > Thanks again. > > > > Clay > > > > He means a vhost is not used for serving the sites you want to serve, > and only serves when a request is received that doesn't match one of > your real vhosts, which Apache by default will serve from the first > applicable vhost listed in the configuration. > > Eg if you have this configuration: > > NameVirtualHost *:80 > > > ServerName foo > > > > ServerName bar > > > and a request comes in on port 80 with server name 'wibble', then none > of these vhosts match, and Apache will serve from the first listed > vhost, in this case the 'foo' vhost. > > If the configuration was like this: > > NameVirtualHost *:80 > > > DocumentRoot /var/empty > > > > ServerName foo > > > > ServerName bar > > > then a request for the host 'wibble' would be served from the first > unnamed vhost. This helps make it clear that a request was correctly > routed to the right vhost, and didn't just get there because the vhost > was the first listed and hence default. > > Cheers > > Tom > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Name Virtual Host Weirdness
It all looks correct to me. Can you exchange the order of the VirtualHost definitions? The first Virtualhost defined is the one that gets used if anything goes wrong with allocating a request to a particular vhost, so you often end up thinking you are using the first Vhost when in fact you are using the default vhost. I tend to define a defunct vhost first - one with nothing in the documentroot, except an error document which is served in response to every URI. This makes errors less puzzling. On 12 January 2012 21:21, Clay Porter wrote: > All, > > I have two virtual hosts set up that look like the following (I've > tried to only include the information pertaining to the problem, i,e, > I've removed the actual rewrite rules, etc): > > Listen *:38215 > NameVirtualHost *:38215 > > >DocumentRoot /www/sitea >ServerName www.sitea.com >ErrorLog logs/sitea-error.log >CustomLog logs/sitea-access.log common > > >RewriteEngine on > #RewriteLog logs/sitea-rewrite.log > #RewriteLogLevel 3 > > > > >DocumentRoot /www/siteb >ServerName www.siteb.com >ErrorLog logs/siteb-error.log >CustomLog logs/siteb-access.log common > > >RewriteEngine on >RewriteLog logs/sitea-rewrite.log >RewriteLogLevel 3 > > > > What's happening is that all of the log information is being written > to sitea's log files, no matter which virtual host I hit. The log > files for siteb are being created at start up but they are empty. I'm > afraid this weirdness might also be affecting the rewrite rules > specific to the sites. Does anyone know why this might be happening? > > I'm using Apache 2.2.3 on a RHEL 5.6 box. > > Thanks for any help you can give. Please let me know if I need to > provide more info than this. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] virtualhost on localhost with .htaccess
That looks about right. The only reason (that I can think of) for using .htaccess files is if you want to devolve control of a virtualhost to the person who has write access to the documentroot (where you'd normally store the .htaccess file, thought they can also be used in subdirectories as well). This requires a degree of trust between you (the server owner) and the owner of the virtualhost, depending on which powers you give away. I run apache under my Windows XP, and have two or three virtualhosts, but they all belong to me, so I don't bother with .htaccess - but if you run into problems, I can tinker with my own system to help work out what you need to do. I'm somewhat familiar with htaccess from my www.swiftys.org.uksite, as that is hosted for me, and I'm obliged to configure it using .htaccess Incidentally, my main reason for using VirtualHosts is to intercept people who send requests to my IP address (81.2.123.82) rather than the hostname ( swiftys.org.uk). Requests to the IP *address* will go to the default VirtualHost, and that blocks all accesses. On 6 January 2012 23:31, Alain Roger wrote: > Hi, > > on my local computer (localhost on windows 7) i installed Apache to use > Joomla. > I setup virtual host (\apache\conf\extra\httpd-vhosts.conf) and it works > great. > > now for each virtual host, i would like to use a special .htaccess file, > so i added: > AccessFileName .htaccess > > here is an example of a virtualhost: > > DocumentRoot "d:/webserver/www/rogtek17" > ServerName rogtek17.loc > ServerAlias www.rogtek17.loc > ErrorLog "logs/rogtek17.loc.error.log" > CustomLog "logs/rogtek17.loc.access.log" common > > AccessFileName .htaccess > > > AllowOverride AuthConfig FileInfo > Order deny,allow > Deny from all > Allow from 127.0.0.1 > > > > > 1. is it correct or should i also update the standar httpd.conf file in > the \apache\conf\ folder ? > 2. How to be sure that it is well configured ? > > > thx. > -- > Alain > ------- > Windows 7 x64 / Fedora 14 x64 > PostgreSQL 8.3.5 / MySQL 5 > Apache 2.2.16 > PHP 5.3.1 > C# 2005-2008 > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Configured New virtualhost asked for authentication entication
The virtualhost will inherit the authentication from the main section of the config, unless you override it inside the Virtualhost definition. So if the main section defines authentication, the your virtualhost will require it. On 24 December 2011 10:21, Reetika786 wrote: > > Hi > I have configured virtual host but suddenly when its started asking for > authentication asking for username /pwd/ but ..Allowoveride optio is none > and i didnt config any authentication ..Please suggest me what to do > -- > View this message in context: > http://old.nabble.com/Configured-New-virtualhost-asked-for-authentication-entication-tp33032205p33032205.html > Sent from the Apache HTTP Server - Users mailing list archive at > Nabble.com. > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] apache won't start, and nothing written to error logs
> # Alias /webpath /full/filesystem/path > # > # If you include a trailing / on /webpath then the server will > # require it to be present in the URL. You will also likely > # need to provide a section to allow access to > # the filesystem path. > > # > # ScriptAlias: This controls which directories contain server scripts. > # ScriptAliases are essentially the same as Aliases, except that > # documents in the target directory are treated as applications and > # run by the server when requested rather than as documents sent to the > # client. The same rules about trailing "/" apply to ScriptAlias > # directives as to Alias. > # > ScriptAlias /cgi-bin/ "C:/Program Files/Apache Software > Foundation/Apache2.2/cgi-bin/" > > > > > # > # ScriptSock: On threaded servers, designate the path to the UNIX > # socket used to communicate with the CGI daemon of mod_cgid. > # > #Scriptsock logs/cgisock > > > # > # "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin" should > be changed to whatever your ScriptAliased > # CGI directory exists, if you have that configured. > # > > AllowOverride None > Options None > Order allow,deny > Allow from all > > > # > # DefaultType: the default MIME type the server will use for a document > # if it cannot otherwise determine one, such as from filename extensions. > # If your server contains mostly text or HTML documents, "text/plain" is > # a good value. If most of your content is binary, such as applications > # or images, you may want to use "application/octet-stream" instead to > # keep browsers from trying to display binary files as though they are > # text. > # > DefaultType text/plain > > > # > # TypesConfig points to the file containing the list of mappings from > # filename extension to MIME-type. > # > TypesConfig conf/mime.types > > # > # AddType allows you to add to or override the MIME configuration > # file specified in TypesConfig for specific file types. > # > #AddType application/x-gzip .tgz > # > # AddEncoding allows you to have certain browsers uncompress > # information on the fly. Note: Not all browsers support this. > # > #AddEncoding x-compress .Z > #AddEncoding x-gzip .gz .tgz > # > # If the AddEncoding directives above are commented-out, then you > # probably should define those extensions to indicate media types: > # > AddType application/x-compress .Z > AddType application/x-gzip .gz .tgz > > # > # AddHandler allows you to map certain file extensions to "handlers": > # actions unrelated to filetype. These can be either built into the > server > # or added with the Action directive (see below) > # > # To use CGI scripts outside of ScriptAliased directories: > # (You will also need to add "ExecCGI" to the "Options" directive.) > # > #AddHandler cgi-script .cgi > > # For type maps (negotiated resources): > #AddHandler type-map var > > # > # Filters allow you to process content before it is sent to the client. > # > # To parse .shtml files for server-side includes (SSI): > # (You will also need to add "Includes" to the "Options" directive.) > # > #AddType text/html .shtml > #AddOutputFilter INCLUDES .shtml > > > # > # The mod_mime_magic module allows the server to use various hints from the > # contents of the file itself to determine its type. The MIMEMagicFile > # directive tells the module where the hint definitions are located. > # > #MIMEMagicFile conf/magic > > # > # Customizable error responses come in three flavors: > # 1) plain text 2) local redirects 3) external redirects > # > # Some examples: > #ErrorDocument 500 "The server made a boo boo." > #ErrorDocument 404 /404.cfm > #ErrorDocument 404 "/cgi-bin/missing_handler.pl" > #ErrorDocument 402 http://server/subscription_info.html > # > > # > # EnableMMAP and EnableSendfile: On systems that support it, > # memory-mapping or the sendfile syscall is used to deliver > # files. This usually improves server performance, but must > # be turned off when serving from networked-mounted > # filesystems or if support for these functions is otherwise > # broken on your system. > # > #EnableMMAP off > #EnableSendfile off > > # Supplemental configuration > # > # The configuration files in the conf/extra/ directory can be > # included to add extra features or to modify the default configuration of > # the server, or you may simply copy their contents here and change as > # necessary. > > # Server-pool management (MPM specific) > #Include conf/extra/httpd-mpm.conf > > # Multi-language error messages > #Include conf/extra/httpd-multilang-errordoc.conf > > # Fancy directory listings > #Include conf/extra/httpd-autoindex.conf > > # Language settings > #Include conf/extra/httpd-languages.conf > > # User home directories > #Include conf/extra/httpd-userdir.conf > > # Real-time info on requests and configuration > #Include conf/extra/httpd-info.conf > > # Virtual hosts > #Include conf/extra/httpd-vhosts.conf > > # Local access to the Apache HTTP Server Manual > #Include conf/extra/httpd-manual.conf > > # Distributed authoring and versioning (WebDAV) > #Include conf/extra/httpd-dav.conf > > # Various default settings > #Include conf/extra/httpd-default.conf > > # Secure (SSL/TLS) connections > #Include conf/extra/httpd-ssl.conf > # > # Note: The following must must be present to support > # starting without SSL on platforms with no /dev/random equivalent > # but a statically compiled-in mod_ssl. > # > > SSLRandomSeed startup builtin > SSLRandomSeed connect builtin > > > > Order allow,deny > Deny from all > > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] using htaccess on all hosts to block addresses
Presumably, it not whether you use htaccess, but whether you have it enabled. Once it is enables, apache has to follow the directory tree, just in case an htaccess file has turned up. I wonder if apache takes advantage of hosts which notify it when new/changed files appear in a directory tree that "interests" it? For example, Windows Media Player knows about new albums that I've downloaded a few seconds after I add them to my music collection. This way, it could skip looking for htaccess files until it knows where they are. On 12 December 2011 17:55, Tom Evans wrote: > On Mon, Dec 12, 2011 at 5:42 PM, Steve Swift > wrote: > > I think you'll have to put it in the documentroot of all of your > > virtualhosts. Since it would be so much easier to do this in the Apache > > config, I'll assume that you cannot do this for some reason. > > > > Second best would be to create the file in one documentroot, then use > hard > > links to place it in all of the other documentroots. > > > > No, when Apache is instructed to read .htaccess files (from an > appropriate AllowOverride section), it will walk up the directory tree > until it reach a directory that has AllowOverride None, or it reaches > the root. > > Therefore, if you have /srv/http/site1/htdocs and > /srv/http/site2/htdocs, and you place a htaccess at > /srv/http/.htaccess, and /srv/http/siteN/htdocs is allowed to have a > htaccess file, then the following htaccess files will be attempted to > be loaded: > > /srv/http/siteN/htdocs/.htaccess > /srv/http/siteN/.htaccess > /srv/http/.htaccess > /srv/.htaccess > > '/' is normally marked 'AllowOverride None' in the base conf file, so > that wouldn't normally be checked. > > As should be obvious, this is part of the reason why you are > discouraged from using .htaccess, it vastly inflates the work that > apache must do to serve a request. More info in the docs: > > http://httpd.apache.org/docs/2.2/howto/htaccess.html > > Cheers > > Tom > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] using htaccess on all hosts to block addresses
I think you'll have to put it in the documentroot of all of your virtualhosts. Since it would be so much easier to do this in the Apache config, I'll assume that you cannot do this for some reason. Second best would be to create the file in one documentroot, then use hard links to place it in all of the other documentroots. Since the users will be editing the files in their documentroot's, take care that you set their permissions on this file so they cannot modify it. You would have complete mayhem if it was shared across all of your VirtualHosts, then one of them decided to update it "just a little bit". Of course, this means that the owners of the VirtualHosts won't be able to use the htaccess file for their own purposes. On 12 December 2011 16:00, David Mehler wrote: > Hello, > > I've got a list of host IP's i'd like to block. I want to do this with > an .htaccess file and want it to effect all virtual hosts on my > server. I've got the .htaccess file and am wondering where to place > it. Can I put it in the ServerRoot area which is /srv/http I believe > on my arch box or do I have to put in the public_html directory of > every virtual host? Or is there another way? Ideally i'd like one one > copy of this file to be active for all virtual hosts. > > Thanks. > Dave. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Double Slashes in URL Path
I'm no expert in this area, which is perhaps why I've also seen the problem. The upside is that apache seems to ignore the double slashes, but this is probably because the underlying systems do the same. Try typing a file, then change one of the slashes to a double slash; it still types out (both Windows and Linux). Your first step is to be very clear what is creating the url's. You say they are coming from the client application, but what, exactly, is this? Are the URL's generated by code of some sort (JavaScript/CGI scripts/etc), or simply HTML? On 4 December 2011 02:16, Tim Roberts wrote: > > I need some help understanding URLs returned from our WebDAV server. > > I have several sites set up using Name Based virtual hosts. > > i.e. http://hostname.mydomain.com > > I need to be able to send direct links to files. When I use Copy URL from > my client application I get a URL that looks like: > > http://hostname.mydomain.com//filename > > Note double slashes. > > I do not have trailing slashes in DocumentRoot or Directory statements. > > I need for URLs to be: > > http://hostname.mydomain.com/filename > > > I've searched high and low for an answer and can't find any references to > such a problem. > I just replaced the stock Apache with the current release and still have > the same results. > > Any help would be appreciated. > > Mac OS X Server 10.6.8 > Server version: Apache/2.2.21 (Unix) > > Thanks, > > Tim Roberts > Vibe Room Music > Nashville, TN > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Server default vhost
Once you have your Virtualhosts setup, the first one becomes the default for any requests which do not match the ServerName/ServerAlias in any other Virtualhost. On 3 November 2011 21:46, Helmut Schneider wrote: > Hi, > > let's say I have a webserver named www.domain.tld at IP 192.168.0.1. > That server serves http://www.domain.tld. > > Now I want to have another VHOST serving http://192.168.0.1 (the > DEFAULT VHOST e.g. to serve /server-status because > http://www.domain.tld requires authentication). > > How would I do so? > > I unsuccessfully tried numerous variations of NameVirtualHost, > VirtualHost and ServerName but apache either serves www.domain.tld or > 192.168.0.1 for *all* requests. > > Thanks in advance, Helmut > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] best practice: suexec with PHP5 in a many-user/non-technical-user environment
I don't understand how suexec is "calling" php-cgi, and how such php scripts work. I use SUEXEC on a couple of very different systems. My scripts (as is required) run from a directory below my DocumentRoot. In turn, they use the shebang method to invoke the programming language: #!/usr/bin/rexx -- As far as I'm aware, this executable can be anywhere; the restriction is on where the SCRIPT is housed, not where it's processing executable lives. Once my script starts executing under suexec, it can run more or less any executable/binary that my own userid has access to; at least, I've never run into any problems. On 25 October 2011 22:07, Jesse B. Crawford wrote: > From the > documentation I have read (and it is quite possible I'm missing > something), suexec can only call binaries within the userdir, not > somewhere on the rest of the system. This makes PHP difficult since > php-cgi must be called. -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Intermittent access to web address
When you start to get "not responding", are you testing from inside your 192.168.*.* network, or from beyond your router? If you are testing from inside your network, are you fetching from 192.168.1.102 or from 76.18.232.237? If the latter, then you should check your router to see if it allows such "triangle connections", from inside your network, to the router, and back in to your network. Mine (ZyXEL P660) initially blocked such indirect connections (it throws work onto the router, to no purpose) You might do better allocating your webserver system a fixed IP address within your home network. Mine is on 192.168.1.2 - the router being 192.168.1.1 On 26 October 2011 03:14, Webmaster Bill wrote: > It will work for a while then I start getting > connection time outs saying the web site is not > responding. > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Fw: favicon.ico
Is not relevant; You're going to get the accesses in there whether they result in 200 or 404. On 15 October 2011 06:35, Dan Trainor wrote: > And the access log? > On Oct 14, 2011 9:59 PM, "Steve Swift" wrote: > >> I don't have any particular axe to grind, but putting a favicon.ico in the >> documentroot would avoid the error log starting to fill from the outset. >> Also, for someone who had just installed their first ever server, it would >> give them a clue how to get their own icon to appear in the browser. This >> question comes up regularly. >> >> On 14 October 2011 22:37, William A. Rowe Jr. wrote: >> >>> On 10/14/2011 3:56 PM, Steve Swift wrote: >>> > It is surprising that the installation of apache does not install a >>> sample favicon.ico >>> > (the apache "feather", perhaps). >>> >>> Wouldn't happen. Take a look at the modern rendition of 'it worked'. >>> >>> It works! >>> >>> The arbitrary user installs a server, why should that be branded to >>> browsers as the ASF? It is that person's server. >>> >>> I suppose you could make a case for a transparent empty icon, though. >>> >>> >>> - >>> The official User-To-User support forum of the Apache HTTP Server >>> Project. >>> See http://httpd.apache.org/userslist.html> for more info. >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>> " from the digest: users-digest-unsubscr...@httpd.apache.org >>> For additional commands, e-mail: users-h...@httpd.apache.org >>> >>> >> >> >> -- >> Steve Swift >> http://www.swiftys.org.uk >> > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Fw: favicon.ico
I don't have any particular axe to grind, but putting a favicon.ico in the documentroot would avoid the error log starting to fill from the outset. Also, for someone who had just installed their first ever server, it would give them a clue how to get their own icon to appear in the browser. This question comes up regularly. On 14 October 2011 22:37, William A. Rowe Jr. wrote: > On 10/14/2011 3:56 PM, Steve Swift wrote: > > It is surprising that the installation of apache does not install a > sample favicon.ico > > (the apache "feather", perhaps). > > Wouldn't happen. Take a look at the modern rendition of 'it worked'. > > It works! > > The arbitrary user installs a server, why should that be branded to > browsers as the ASF? It is that person's server. > > I suppose you could make a case for a transparent empty icon, though. > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Fw: favicon.ico
It is surprising that the installation of apache does not install a sample favicon.ico (the apache "feather", perhaps). On 14 October 2011 14:34, Mark H. Wood wrote: > On one hand: favicon.ico must be readable by the process which runs > the web server. Check the ACL on that file. > > On the other hand: it is not an error if favicon.ico does not exist. > That's the small image which is typically displayed just to the left > of the URL entry field near the top of the browser window. If there > is no favicon, the browser just leaves the space blank or substitutes > a default. Your actual problem is somewhere else. Check the ACLs on > the other files in htdocs to ensure that httpd can read them, and also > check all of your Allow and Deny commands in httpd.conf to ensure that > your client machine is allowed access to the page you requested. > > You may see other errors in the log which will help you to pin down > the actual problem. Favicon is not it. > > > > A message in the archives said no problem just add the folder > favicon.ico > > > to the tree. Tried that but it still would not recognize the folder and > I > > > get the same > > Woops, I read this again. favicon.ico is not a folder; it's an image > file. Find more than you ever wanted to know here: > > http://en.wikipedia.org/wiki/Favicon > > -- > Mark H. Wood, Lead System Programmer mw...@iupui.edu > Asking whether markets are efficient is like asking whether people are > smart. > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] Hidden 301 redirect buried somewhere in configuration
Do you have an Errordocument 404 directive that is causing the redirect? Perhaps by running a CGI? The configuration files can come from places other than the "conf" directory, such as the directory conf.d I wrote myself a simple CGI script to expand out the base httpd.conf and any "Include" statements that it finds. The result is a webpage that displays a "monolithic" version of the configuration which is identical (in effect) to what is running. I find this invaluable when I can't work out which configuration statement is causing something. On 19 September 2011 19:28, mathog wrote: > At some point in the last couple of years I did something which was > apparently too clever by half to our 2.2.14 server so that this: > > > http://aserver/adirectory/178_**hlah.html<http://aserver/adirectory/178_hlah.html> > > does a 301 redirect to > > > http://aserver/adirectory/170_**hlah.html<http://aserver/adirectory/170_hlah.html> > > Now I can't find whatever configuration accomplishes this! > Tried to find it by modifying httpd.conf with > > RewriteLog logs/rewrite_log > RewriteLogLevel 9 > > but the log file does not show the 178->170 redirect (it does show > one redirect test for "aserver" failing, which is as it should be). > > Grep'd for 170 and 178 in all the files in the conf directory, but found > nothing. > No .htaccess file in "adirectory" or in ~apache, which is what the server > runs as. > In "adirectory" there is no 178_blah.html file. > Putting in another number, like 165_blah.html gives a 404 not found error. > > Put a file 178_blah.html into adirectory, and then restart the server. > After > that the physical file is used instead of the mysterious 301 redirect. No > error or warnings result. So apparently the 301 redirect happens only > after > the direct file access has failed. > > Any ideas where else the 301 redirect might be? > > Thanks, > > David Mathog > mat...@caltech.edu > Manager, Sequence Analysis Facility, Biology Division, Caltech > > > --**--**- > The official User-To-User support forum of the Apache HTTP Server Project. > See > http://httpd.apache.org/**userslist.html<http://httpd.apache.org/userslist.html>> > for more info. > To unsubscribe, e-mail: > users-unsubscribe@httpd.**apache.org > " from the digest: > users-digest-unsubscribe@**httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
Re: [users@httpd] httpd-vhosts.conf using include
You can arrange them any way that you like. The include statement includes the referenced file(s) at the point where it is encountered. You could expand all of this out, and create a single httpd.conf file, and it would work exactly the same. Or you could have an include statement for every line in your config, with each included file containing just one line. The include mechanism makes it easier to manage, is all. Things I use "include" for: 1. You can remove "stuff" fron your config by commenting out the "include". So if you add a new Vhost, and define it in a new Include file, then you can remove it with a very simple comment character if it causes problems. 2. It allows you to replace identical sequences of statements in two or more places, for example, you might apply some common ScriptAlias statements across multiple Vhosts (for example, "Scriptalias /test /var/www/cgi-bin/text.cgi" might be useful in all of your Vhosts. If you add it using "Include", then a single change to the include file will update all of your virtualhosts. On 6 September 2011 19:55, Norman Fournier wrote: > Hello, > > I am working on rebuilding a web server after a crash. In my previous > httpd.conf file, include was used to point to virtual host .conf files. In > this httpd.conf file it points to httpd-vhosts.conf for virtual hosting. My > question is should I include my vitual hosts in the httpd-vhosts.conf or can > I use still include in the httpd-vhosts.conf file to point to individual > .conf files for my virtual hosts? > > I have googled for the answer but each examples includes the virtual host > in httpd-vhosts.conf. > > Thank you for your help. > > Norman > --- > www: http://www.normanfournier.com > facebook: http://www.facebook.com/normanfournierdotcom > linkedin: http://www.linkedin.com/profile/view?id=18127460 > youtube: http://www.youtube.com/user/normanfournier > > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Steve Swift http://www.swiftys.org.uk
[users@httpd] What does apache use as a "Directory Name"
If I have a file "/var/www/cgi-bin/user/test.cmd" then what string will be passed to the code that handles and directives as the name of the file's directory? It seems to me it could be either /var/www/cgi-bin/user or /var/www/cgi-bin/user/ So what should I use in a directive to match items in directory /var/www/cgi-bin/user *without* matching items in directory /var/www/cgi-bin/users The reason I'm trying to get this clear is that I'm trying to create a block that will apply to all subdirectories of directory /var/www/cgi-bin without affecting files within directory /var/www/cgi-bin I think it should be The "/" ensures there is at least one character beyond the "cgi-bin/" in the directory name. This is why I'm curious what directory name is used when the file referenced is /var/www/cgi-bin/user/test.cmd In the past I've tried things like but this doesn't seem to work in our 2.2.9 server. -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Bizarre event upgrading Windows 2.2.4 to 2.2.6
2.2.6 said "Uninstall previous version" so I took a backup copy of the "Apache 2.2" directory and proceeded. After the install I went to my homepage (which you can see at http://swiftys.org.uk/). It was an old version! Definately mine, but old… How odd! I looked at the backup I'd taken, and in there index.html was my current "version" and dated 27/08/2007 In the live htdocs directory, index.html was an old version from 20/11/2004 1. Why did this happen? 2. Where on earth did it get that ancient index.html from? I've now restored my current homepage, so all is well, but I'm very puzzled, and frankly slightly concerned… what else might be banjaxed? Incidentally, following the install I couldn't find any way to start the "Apache Monitor", other than finding it under \Program Files and launching it manually. Shouldn't this be somewhere in the Start Menu, under "Control Apache Server" ? -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] AccessLog isn't logging
I'm no expert on logging, but the "CustomLog" statement seems to be all you need for apache to create the corresponding log at startup. However, to actually add some lines, it would need to use your "common" LogFormat... Perhaps you have some flaw in the LogFormat that is preventing it from working? What's in your "Logformat ... common" line? -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Telling one IP address 404 "Nothing found"
Thanks for all the suggestions. I'll wait for a suitable time to reload our server, and start off by blocking myself, from our test virtual host. Incidentally, I forgot one part of my original plan. I presume this will get logged in our access/error logs? I don't suppose there's a way to stop that. On 23/08/07, Vincent Bray <[EMAIL PROTECTED]> wrote: > > Yep, good point. Use the anchors. > -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Telling one IP address 404 "Nothing found"
Is it possible to block a specific IP address such that they get 404 "Not found" no matter what URL they try? I don't want to use "Deny From" or other IP address blocking schemes, because that will just alert them to the fact that I have my shields up. I just want this particular IP address to think that my website is completely empty. And yes, it is a fixed IP address, so it's worth doing. It will cause them a lot more grief to negotiate a different IP address, and hopefully they will abandon their probing. Then they'll stop pestering my server with request that all fail -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Re: Unexpected/Unwanted DNS lookups
I'm asking my system admin to setup some sort of trace right now. We don't have a DNS service on our own system, so tracing that will be a little tricky, I think. I may see if we can run our own caching DNS, if only for a while. On 15/08/07, Per Jessen <[EMAIL PROTECTED]> wrote: > > If you trace what is being looked up, it might give you a clue to where > the queries are coming from. Turn on query logging or use tcpdump. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Unexpected/Unwanted DNS lookups
Vincent, Thank you. We use both "Allow" and "Deny", but only with numerical addresses or subnet masks. -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Unexpected/Unwanted DNS lookups
During a period of apalling DNS response times we became aware that our CGI scripts were suffering an intermittent ~25 second delay between the browser "Click" and the CGI starting execution. This seemed to be caused by DNS lookups. We don't use reverse DNS in our error logs, so I'm wondering what else might be calling on DNS services? We've now fixed the DNS issues, so this is something of an intellectual exercise, but there is always the response time bonus of eliminating the DNS calls to consider. The server in question is IBM internal, so beyond the reach of all bar IBM personnel and expert hackers. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Running one website via two apache running boxes (windows)
If you're prepared to go the route of Option 2, a new PC with dual processors and a faster disc get's you to the same performance without all the rigmarole of mirroring the data. You can avoid the single point of failure (at least hardware wise) by going with a system using dual power supplies, RAID disc and physically separate processors, but now we'restarting to talk a few thousand dollars/pounds. Option 2 will cost you an extra box, and introduce a new single point of failure. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] .htpasswd problems
Using htpasswd to control passwords in the .htpasswd file has always resulted in varying values for the same password. This is a standard encryption technique. It doesn't matter what gets stored as long as the decrypted value matches the password. A simple mechanism could use 256 different encryption methods, with the one used stored in the first byte of the encrypted results. On 20/04/07, Jannetta S Steyn <[EMAIL PROTECTED]> wrote: Hi All I'm not sure that I'm on exactly the correct mailing list here, but I figured it a good place to start, even it is just to get someone to guide me in the right direction. Some years ago I wrote web front-end for managing .htpasswd files. My client has been using this for years. Everything is written in php and I use crypt without a seed to encrypt the passwords. Basically what I do is to allow the user to create entries in the .htadmin file. They can also manage the .htpasswd file by editing and deleting entries. Everything worked very well for about 2 years at which point the passwords wouldn't work anymore. I couldn't figure out what was wrong and the client's ISP would help finding the fault and I couldn't reproduce the problem on my own servers. I then moved everything onto my own servers and everything worked again for several years. Unfortunately I then had to move onto rented web space where everything continued to work for another year or so and now I'm experiencing the same problem again. When the problem originally started I modified the scripts to keep a copy of the .htpasswd file with open passwords and I added a menu item to allow the user to re-submit the password file. The would encrypt all the passwords again and write them to the .htpasswd file and things would work again for a few days. Now however the thing breaks so often that we just can carry on resubmitting again. I have once again moved everything onto my servers and since last night I discovered one thing: If I use htpasswd to create an entry in a .htpasswd file, it will generate a different hash for the password everytime you run it. However, when you log in, it works, even thought the password in the .htpasswd file seemed to have change. My question in the first place then is: How on earth does htpasswd manage to authenticate if the password hash changes every time. My understanding of how authentication work is that the password is saved as a md5 or DES hash and when the user tries to log in he enters his clear password which is then encrypted and compared with the hash in the password file. Surely though the two hashes should be the same. If however a seed is used which is different every time the encrypting is done then we'll get a different password every time and they should be equal. Why then does apache still authenticate the user? My second question is: Did the way htpasswd and apache work change at some stage, or why did my scripts stop working after such a long time? The project is available in sourceforge at http://sourceforge.net/project/showfiles.php?group_id=62350. I would really appreciate any guidance on this problem. Kind Regards Jannetta - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] (13)Permission denied: exec of ... failed
Does the file which failed to execute contain a #! (shebang) pointing at an executable that apache cannot execute? On 19/04/07, Scott Dudley <[EMAIL PROTECTED]> wrote: I'm working on a friend's FC 3 server running Apache/2.0.54. We're getting the following error accessing http://domain/cgi-bin/subdir/index.html: (13)Permission denied: exec of '/www/docs/domain/cgi-bin/subdir/index.html' failed Permissions all appear correct: drwxr-xr-x 20 apache apache 4096 Apr 19 01:07 cgi-bin/ drwxr-xr-x 10 apache apache 4096 Apr 19 00:35 cgi-bin/subdir/ -rw-r--r-- 1 apache apache 15 Apr 19 00:43 cgi-bin/subdir/index.html No suExec and SELinux is disabled. We can execute CGI's placed in the top-most cgi-bin directory but cannot seem to access any contents located deeper in that tree. What am I missing? -- Regards, Scott Dudley - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Apache on Windows
I have a very light-weight server running under Windows at http://swiftys.org.uk The homepage leads nowhere, and I don't advertise the pages on this site. I use it for CGI scripting and demonstration pages, by invitation only. Overall I'm very happy with it. It doesn't restart cleanly from the control in the system area, but doing a stop followed by a start gets around that. On 06/03/07, Randall Fox <[EMAIL PROTECTED]> wrote: Hello, I am wondering if any of you use Apache on Windows, and if so what your experience has been like so far. Thanks, RL. Fox. *Internet E-mail Disclaimer * **This message contains confidential information and is intended only for the individual(s) named. If you are not the named addressee you should not disseminate, distribute or copy this E-mail. Please notify the sender immediately by E-mail if you have received this E-mail by mistake and delete this E-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The recipient should check this E-mail and any attachments for the presence of viruses. The sender and Helzberg Diamond Shops, Inc. therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of E-mail transmission. Views of this E-mail and of Helzberg Diamond Shops, Inc. employees do not necessarily reflect the views of Helzberg Diamond Shops, Inc. If verification is required please request a hard-copy version. Helzberg Diamond Shops, Inc. - 1825 Swift Ave. - N. Kansas City, MO - USA - *www.helzberg.com* - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Does "AllowOverride All" damage Apache performance?
On many systems the htaccess files will tend to stay in cache - if not the systems's memory cache then the disk subsystem's cache. The busier the server gets, the more likely this is to be true, because it uses the one htaccess file for references to all other files in the directory. So there is very little overhead in reading them. However, I come from the era when you avoided machine intructions that took more than two CPU cycles... so I avoid htaccess files :-) On 22/02/07, Joshua Slive <[EMAIL PROTECTED]> wrote: On 2/22/07, thomas Armstrong <[EMAIL PROTECTED]> wrote: > Hi. > > One colleague claims that if we set "AllowOverride All" within our > httpd.conf, the performance of Apache (we use 2.0.59) is damaged. > > Is this true? Any suggestion is welcome. As discussed here: http://httpd.apache.org/docs/2.2/misc/perf-tuning.html#runtime if AllowOverride is set to anything other than "none", then there will be a performance penalty as apache looks for .htaccess files. This would only be noticeable on a site that was stretching its performance to the limits. For example, apache.org runs with AllowOverride enabled and easily transfers hundreds of gigabytes and hundreds of millions of requests per day. And if you are running any kind of dynamic content like php, the processing time for those scripts will overwhelm any time spent looking for .htaccess files. In other words, the performance hit from enabling .htaccess is irrelevant to most sites. But if you are running a site that needs the maximum throughput for requests for small static files, you might consider disabling it and testing the result. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Problems reading error.log from CGI script (Windows)
I have a simple CGI script that displays the error log from my Windows apache 2.2.4 server. It uses the "TYPE" command to take a quick copy of the error.log file, like this: TYPE error.log >temp.log Then it processes the file temp.log into an html table. This works perfectly the very first time I use it, but subsequent attempts get an error from the "TYPE" command, implying that access to the error.logfile has been denied. If I restart apache, it will work once more. This is manageable apart from one problem. I make lots of errors while I'm developing new CGI scripts, and it is very cumbersome having to restart apache after every error! If, instead of using my CGI script to display the error log, I just use "TAIL" on the actual log file (in a command prompt window) then I can inspect the log as often as I like (as long as I don't run the CGI log displayer; once I've run this CGI script, even "TAIL" won't display the log). This is what I'm doing now, but I'd like to know why my CGI script works only once. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Disable TRACE HTTP method on Apache 1.3.33
Try this, then:
# Suppress the TRACE and TRACK methods to avoid cross-site scripting
vulnerability
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
On 13/02/07, Yaniv Ofer <[EMAIL PROTECTED]> wrote:
Hi p
It says here that the TRACE method cannot be limited.
-Ofer
http://httpd.apache.org/docs/1.3/mod/core.html#limit
===
directive
Syntax: ...
Context: any
Status: core
Access controls are normally effective for all access methods, and this
is the usual desired behavior. In the general case, access control
directives should not be placed within a section.
The purpose of the directive is to restrict the effect of the
access controls to the nominated HTTP methods. For all other methods,
the access restrictions that are enclosed in the bracket will
have no effect. The following example applies the access control only to
the methods POST, PUT, and DELETE, leaving all other methods
unprotected:
Require valid-user
The method names listed can be one or more of: GET, POST, PUT, DELETE,
CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK,
and UNLOCK. The method name is case-sensitive. If GET is used it will
also restrict HEAD requests. The TRACE method cannot be limited.
Warning: A section should always be used in preference to
a section when restricting access, since a section
provides protection against arbitrary methods.
===
-Original Message-
From: Pid [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 13, 2007 1:30 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Disable TRACE HTTP method on Apache 1.3.33
try this...
http://httpd.apache.org/docs/1.3/mod/core.html#limit
Deny from all
p
Yaniv Ofer wrote:
> Hello
>
> Our application is running over Apache 1.3.33.
>
> As a result of a failed security test, we have been asked to disable
> the TRACE HTTP method on our Apache Server.
>
> Could you please refer me to a configuration/patch/fix that would
> disable the TRACE HTTP method for Apache 1.3.33 Server?
>
> Our Server should refuse the following HTTP TRACE request:
>
> ==
>
> TRACE /inbox?Uid=379%2D100 HTTP/1.1
>
> Host: 172.17.129.61:50084
>
> ==
>
> Our current server replies with 200 OK for that request.
>
> Thanks
>
> Ofer
>
-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Steve Swift
http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI differences in apache 2.0 and 2.2
Just having suexec loaded shouldn't make any difference because (AFAIK) it isn't actually used unless you explicitly request its use. Putting a "print" statement before the call to system(ls) doesn't tell us anything about whether or not the running program can *find* the ls command in order to execute it, it only proves that you are about to try (and probably fail, perhaps for one of the reasons I've mentioned). It may well be that the error you are geting is "command ls not found". On 11/02/07, Steve Pelikan <[EMAIL PROTECTED]> wrote: Thanks. It is finding and executing the scripts. (Can put in a print statement before the system() command and see the results on a web browser calling the script. Both the 2.0 and 2.2 apaches are using mod_cgi. In 2.0 it is built in and in 2.2 there's a LoadModule statement for it in httpd.conf. But: mod_suexec is loaded in 2.2 and not loaded or built in in 2.0. This is a difference I hadn't thought about or even known about. I don't really know about suexec or how it should be configured, but it looks like it could be close to my problems. Thanks for the pointer. Steve P Steve Swift wrote: > Being in the same directory as the program that is running is no > guarantee that the command will be found, unless you either have "." in > the PATH, or the language your command is written is explicitly looks in > the same directory as the running program when resolving commands. > > On 11/02/07, *William A. Rowe, Jr.* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Steve Pelikan wrote: > > We have several perl cgi scripts that run fine with apache 2.0 > but fail > > with 2.2. This is using 2.2 that is part of recent Fedora and 2.0.59 > > that I just built and installed on the same machine. > > > > The problem seems to be with system() calls in perl. > > > > What am I'm missing? > > httpd -l to compare which MPM's you built with? Are you running mod_cgi > or mod_cgid? Did you build with suexec? > > - > The official User-To-User support forum of the Apache HTTP Server > Project. > See http://httpd.apache.org/userslist.html > <http://httpd.apache.org/userslist.html>> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> >" from the digest: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > > -- > Steve Swift > http://www.swiftys.org.uk > > > > > No virus found in this incoming message. > Checked by AVG Free Edition. > Version: 7.5.441 / Virus Database: 268.17.35/680 - Release Date: 2/10/2007 9:15 PM ----- The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI differences in apache 2.0 and 2.2
Being in the same directory as the program that is running is no guarantee that the command will be found, unless you either have "." in the PATH, or the language your command is written is explicitly looks in the same directory as the running program when resolving commands. On 11/02/07, William A. Rowe, Jr. <[EMAIL PROTECTED]> wrote: Steve Pelikan wrote: > We have several perl cgi scripts that run fine with apache 2.0 but fail > with 2.2. This is using 2.2 that is part of recent Fedora and 2.0.59 > that I just built and installed on the same machine. > > The problem seems to be with system() calls in perl. > > What am I'm missing? httpd -l to compare which MPM's you built with? Are you running mod_cgi or mod_cgid? Did you build with suexec? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI differences in apache 2.0 and 2.2
My only experience with apache under linux is with redhat, so there may be
subtle differences.
In order to execute "ls" then the userid:group under which apache runs needs
at least two things:
1. Execute access to the executable (typically /bin/ls)
2. To have the path to the executable (/bin in this case) in the PATH
environment variable.
There may be additional restrictions on accessing/executing the /bin/ls
command.
Can you logon as the user/group and execute the "ls" command? This is
inconclusive if it works as the environment may be different. It would
probably be a better test if you could issue the "ls" command from a cron
task running on behalf of the userid:group that you use in apache.
Additionally, are you using suexec? I'm suspect there are other restrictions
if you do, maybe.
On 10/02/07, Steve Pelikan <[EMAIL PROTECTED]> wrote:
We have several perl cgi scripts that run fine with apache 2.0 but fail
with 2.2. This is using 2.2 that is part of recent Fedora and 2.0.59
that I just built and installed on the same machine.
The problem seems to be with system() calls in perl.
system("ls"); returns an error with version 2.2 but runs w/o error with
2.0
Same with File::Copy copy() function.
I believe I've made the configurations (httpd.conf) for the two apaches
the same.
What am I'm missing?
Thanks
Steve P
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Steve Swift
http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Locating the origin of segmentation faults
Thanks - That looks to be just what I wanted, with the added bonus that I actually understand the instructions! On 29/01/07, William A. Rowe, Jr. <[EMAIL PROTECTED]> wrote: http://httpd.apache.org/dev/debugging.html#crashes Steve Swift wrote: > Our apache (v2.0.46-61.ent) under Linux 2.4.21-27.0.2.ELsmp is > generating error.log entries: > > child pid 20355 exit signal Segmentation fault (11) > > We have strong circumstantial evidence that these are occurring in our > modified basic authentication handler, but how can we find out more > details of exactly what piece of code is faulting? > > -- > Steve Swift > http://www.swiftys.org.uk - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Locating the origin of segmentation faults
Our apache (v2.0.46-61.ent) under Linux 2.4.21-27.0.2.ELsmp is generating error.log entries: child pid 20355 exit signal Segmentation fault (11) We have strong circumstantial evidence that these are occurring in our modified basic authentication handler, but how can we find out more details of exactly what piece of code is faulting? -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Apache named virtual host
Well, as you've documented the content of your httpd.conf, you are not setting different documentroot values in the other virtual hosts! On 21/01/07, Alessandro Ilardo <[EMAIL PROTECTED]> wrote: Hi there, I can't run any virtual host except for the default. code: NameVirtualHost *:80 ServerName linux.domain.com DocumentRoot /var/www/html ServerName domain-lab.eu ProxyRequests off ProxyPass / http://saturn.domain.com/domain-lab/ ProxyPassReverse / http://saturn.domain.com/domain-lab/ ServerName my-domain.net ProxyRequests off ProxyPass / http://saturn.domain.com/domain-lab/ ProxyPassReverse / http://saturn.domain.com/domain-lab/ Using the the configuration above I always get the first virtual host document root Any help is apreciate. Thanks - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI Windows XP
I've deleted the history on this. "Read only" tends to come back on directories for some reason, but this wouldn't normally affect apache as it is most a "read only" application (apart from the logs). Without the history I cannot imagine why you'd need to do anything in the registry. I run Apache 2.2 under Windows XP with CGI scripts and I've never been anywhere near the registry. On 19/01/07, Can Le <[EMAIL PROTECTED]> wrote: Hi Steve, I have had "Allow from all" as below: AllowOverride None Options None ##Options Includes +ExecCGI MultiViews (tried) Order allow,deny Allow from all Can you show me why I unchecked Read Only in my Windows XP, but after 1 or 2 second it returned Checked Read Only ? What permission should I take in Registry for system, Adm, and owner? Thank you for your helps. Can Le *Steve Swift <[EMAIL PROTECTED]>* wrote: The default block for the CGI directory under Windows is: AllowOverride None Options None Order allow,deny Allow from all I don't see the "Allow from all" in your version. On 19/01/07, Can Le < [EMAIL PROTECTED]> wrote: > > Hi, > > Please help me debug or post a sample link for CGI problem. > > > -- Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games. <http://us.rd.yahoo.com/evt=49936/*http://videogames.yahoo.com> -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI Windows XP
The default block for the CGI directory under Windows is: AllowOverride None Options None Order allow,deny Allow from all I don't see the "Allow from all" in your version. On 19/01/07, Can Le <[EMAIL PROTECTED]> wrote: Hi, Please help me debug or post a sample link for CGI problem. Affter I re-installed Windows and Apache2.2, I could open localhost home page from htdocs/index.html but not CGI from index.cgi. I viewed old apache1.3 plus new apache2.2 helps: http://httpd.apache.org/docs/1.3/misc/FAQ.html#aixccbug I am using Windows XP home, apache2.2 to write Perl cgi. I am having problem of running CGI with this error: [Thu Jan 18 21:05:59 2007] [error] [client 127.0.0.1] client denied by server configuration: C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin I had these among other things in httpd.conf: LoadModule cern_meta_module lib/apache2/mod_cern_meta.so LoadModule cgi_module lib/apache2/mod_cgi.so ScriptAlias /cgi-bin/ "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin/" AllowOverride None AddHandler cgi-script .cgi .html Options Includes +ExecCGI MultiViews LogLevel debug DirectoryIndex index.html index.cgi Myfile.cgi properties from Windows: unchecked Read only, apache in Registry: no group, but after I reboosted Windows XP, the Read only checkmark was checked again. Adding "debug" won't give any more hints. Do I have to remove 2 LoadModules for default.so ? I did it then restarted Apache but the error remained. Any help or guide is very thankful Can Le -- Never miss an email again! Yahoo! Toolbar<http://us.rd.yahoo.com/evt=49938/*http://tools.search.yahoo.com/toolbar/features/mail/>alerts you the instant new Mail arrives.Check it out. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Forbidden web pages
I don't have an answer. I'll add what I found and maybe someone else can see what's going on. From your httpd.conf you have set DocumentRool to /var/www/html So fetching a url such as http://servername/mrtg would try to fetch the file "mrtg" from directory /var/www/html - so it's looking for /var/www/html/mrtg From your error_log, the forbidden is being generated from a reference to /var/www/mrtg - this is outside the document root, so something has directed the URL reference of "/mrtg" to directory/file /var/www/mrtg Do you have a symbolic link at /var/www/html/mrtg which points to /var/www/mrtg ? It's about the only thing I can think of. Do you have anything at /var/www/mrtg on your susyem? If so, is it a file, or a directory? On 19/01/07, Lowe, Grant <[EMAIL PROTECTED]> wrote: Hi Steve. Thanks for such a quick reply. As you asked, here's the last few lines of the access_log: [EMAIL PROTECTED] logs]# tail access_log 132.239.157.144 - - [19/Jan/2007:09:58:44 -0800] "POST / HTTP/1.1" 200 10343 "http://132.239.73.52/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 132.239.157.144 - - [19/Jan/2007:09:58:45 -0800] "GET /NoAuth/webrt.css HTTP/1.1" 200 12658 "http://132.239.73.52/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 132.239.157.144 - - [19/Jan/2007:09:58:45 -0800] "GET /NoAuth/printrt.css HTTP/1.1" 200 696 "http://132.239.73.52/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 132.239.157.144 - - [19/Jan/2007:09:58:49 -0800] "GET /Admin/ HTTP/1.1" 200 4851 "http://132.239.73.52/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 132.239.157.144 - - [19/Jan/2007:09:58:49 -0800] "GET /NoAuth/webrt.css HTTP/1.1" 200 12658 "http://132.239.73.52/Admin/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 132.239.157.144 - - [19/Jan/2007:09:58:49 -0800] "GET /NoAuth/printrt.css HTTP/1.1" 200 696 "http://132.239.73.52/Admin/"; "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.8.1 (KHTML, like Gecko) Safari/312.6" 127.0.0.1 - - [19/Jan/2007:10:56:31 -0800] "GET /mrtg/imgdot- 1x1-transp-ff.gif HTTP/1.1" 404 306 "http://localhost/mrtg/"; "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061222 CentOS/1.5.0.9-0.1.el4.centos4 Firefox/1.5.0.9" 132.239.157.153 - - [19/Jan/2007:11:19:35 -0800] "GET /mrtg HTTP/1.1" 403 285 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.9) Gecko/20061206 Firefox/1.5.0.9" 132.239.157.153 - - [19/Jan/2007:11:19:36 -0800] "GET /mrtg HTTP/1.1" 403 285 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.9) Gecko/20061206 Firefox/1.5.0.9" 132.239.73.52 - - [19/Jan/2007:11:19:53 -0800] "GET /mrtg HTTP/1.1" 403 285 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20061222 CentOS/1.5.0.9-0.1.el4.centos4 Firefox/1.5.0.9" Here's the last lines of the error_log: [Fri Jan 19 07:47:28 2007] [error] [client 132.239.73.52] client denied by server configuration: /var/www/mrtg/ [Fri Jan 19 09:00:22 2007] [error] [client 132.239.73.52] client denied by server configuration: /var/www/mrtg [Fri Jan 19 09:09:46 2007] [error] [client 132.239.73.52] client denied by server configuration: /var/www/mrtg [Fri Jan 19 09:28:34 2007] [error] [client 132.239.73.52] client denied by server configuration: /var/www/mrtg [Fri Jan 19 09:29:03 2007] [error] [client 132.239.157.153] client denied by server configuration: /var/www/mrtg [Fri Jan 19 09:41:58 2007] [error] [client 127.0.0.1] File does not exist: /var/www/mrtg/imgdot-1x1-transp-ff.gif, referer: http://localhost/mrtg/ [Fri Jan 19 10:56:31 2007] [error] [client 127.0.0.1] File does not exist: /var/www/mrtg/imgdot-1x1-transp-ff.gif, referer: http://localhost/mrtg/ [Fri Jan 19 11:19:35 2007] [error] [client 132.239.157.153] client denied by server configuration: /var/www/mrtg [Fri Jan 19 11:19:36 2007] [error] [client 132.239.157.153] client denied by server configuration: /var/www/mrtg [Fri Jan 19 11:19:53 2007] [error] [client 132.239.73.52] client denied by server configuration: /var/www/mrtg -- *From:* Steve Swift [mailto:[EMAIL PROTECTED] *Sent:* Friday, January 19, 2007 11:10 AM *To:* users@httpd.apache.org *Subject:* Re: [EMAIL PROTECTED] Forbidden web pages Also the entries from the error log would be useful. There are (at least) two distinct ways to get "Forbidden&
Re: [EMAIL PROTECTED] Forbidden web pages
Also the entries from the error log would be useful. There are (at least)
two distinct ways to get "Forbidden" - the httpd.conf doesn't say that
apache can server pages from a particular {directory;URL;etc} or, the
httpd.conf says that it *is* OK, but when apache gets to the file it wants
to serve, the operating system says "you can't read that file".
On 19/01/07, Rob Sterenborg <[EMAIL PROTECTED]> wrote:
Lowe, Grant <mailto:[EMAIL PROTECTED]> wrote:
> Hi All.
>
> I'm getting the error:
>
> Forbidden
>
> You don't have permission to access /mrtg on this server.
>
> I have searched through Google and looked at various web pages and
> numerous USENET news groups. I have checked the permissions
> on the mrtg and apache directories and files in question. I have
> tried different browsers. I have also looked through the FAQ,
> specifically, under Configuration, question 15 (Why do I get
> "Forbidden/You don't have permission to access / on this server"
> message whenever I try to access my server). I have tried
> connecting from different computers. Still the same result. I'm
> running Apache 2.0.52 on a CentOS server. Any ideas?
We don't know how you configured the webserver or virtual-host.
And since we don't, my advice would be to start looking at these places:
http://httpd.apache.org/docs/2.0/mod/mod_access.html#allow
(And: http://httpd.apache.org/docs/2.0/mod/mod_access.html#deny)
http://httpd.apache.org/docs/2.0/mod/mod_access.html#order
Check in your config files if you used these directives at multiple
places for the same VH.
Or post your config so someone can look at it.
Grts,
Rob
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Steve Swift
http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Is it possible to restrict Options Indexes?
Well at the very least you could give your site a defferent IP name for use from the Internal Lan, then use Virtual Hosts to apply different overrides depending on whether the public IP name was used or the Internal Lan name was used. This would have the advantage (or perhaps a disadvantage) that your internal Lan users could visit the website at it public address to ensure that it is working correctly and the public can see what you want them to. (Or not see what you don't want them to). On 16/01/07, Andrew Hall <[EMAIL PROTECTED]> wrote: Hi there. I'm wondering if it's possible to turn off Indexes for a website being viewed from the internet, but to enable them if being viewed from an internal LAN? For example... Options -Indexes Options +Indexes Order allow,deny Allow from 192.168.1.0/24 Is it possible to do this? Thanks very much, Andrew Hall. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Re: [httpd 2.2.3][conf] regular expression problem in
You're trying to match a part of the URL that comes after the "?". That part of the URL does not form part of the location, but is part of the parameters passed to whatever handles the request. On 16/01/07, Thorsten Ottosen <[EMAIL PROTECTED]> wrote: Thorsten Ottosen wrote: > Dear All, > > I need " to match an url of the > following form: That should be of course. -Thorsten - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] ServerAlias with Apache 2.0.40
They resolve to different addresses for me (except www.nombre.com which doesn't resolve at all) On 11/01/07, Boyle Owen <[EMAIL PROTECTED]> wrote: > -Original Message- > From: cristina [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 11, 2007 11:11 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] ServerAlias with Apache 2.0.40 > > Hi all, > I'm tryint to test one virtual host with some alias. > My conf is: > > ServerName www.nombre.es > ServerAlias www.nombre.net www.nombre.com www.nombre.org > > > > > I've seen that I could use ServerAlias with the same domain: > www1.nombre.es www2.nombre.es and so on. But my question is > if I can use > ServerAlias for "aliasing" www.nombre.net www.nombre.com > www.nombre.org > because it doesn´t work. Do these aliases resolve in DNS? They must resolve to the same IP as www.nombre.es for aliasing to work... Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > Thanks in advance! > Cristina > > -- > > www.queremosdormir.es > > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Resolving to 127.0.0.1
First step: Can you PING your test domain? On 09/01/07, Stephen <[EMAIL PROTECTED]> wrote: I am traveling and set my laptop u with apaches, mysql, php and want to continue my web work. I am using Windows XP Pro I have set the test domains to resolve to 127.0.0.1 in my hosts file. When I ping them in a cmd window they resolve to 127.0.0.1 and the ping works. In Firefox, when I do to http://127.0.0.1 I get the apache welcome page I have entered the domains in my vhosts.conf file. When I enter test domain in Firefox it says it is unable to establish a connection Any ideas? Thank you! Stephen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Apache won't serve, access denied
If you "replaced the default content" by pointing the DoumentRoot statement at your site contents, then you'll have to change the corresponding block which grants access to the document root. The block for the default document root is setup during installation, and looks typically like this: (there are also lots of descriptive comments) Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all If you have this setup correctly, make sure that the userid/group running apache has both r and x access to each of the parent directories of your document root as well. On 09/01/07, Matt Nelson <[EMAIL PROTECTED]> wrote: I've set up apache on trustix 2.0 box, version 2.0.59. I replaced the default content with content from a site I had on a now out of commision much older server. The server gives 403 forbidden errors. I set permissions to 777 (for testing)and the owner and group to httpd, just as the server runs as. Nope. I put the content where I eventually wanted it, in the /home/www/sitename directory. Same permissions, etc. Same owner. Nope. Now at one point, and I don't remember when at this point, but I was getting the html pages if typed by name, but no images, etc. Never would load. Now, I'm not getting that anymore either. Someone on another list said I had to have a virtual host directive for the site. I didn't think so, and it hasn't helped either. My servername is set to 192.168.1.54:80 for testing, it gets another IP later. Error log shows "error 13, access to / denied" (not exact syntax) but thats whats in there. Now, if its wanted for me to post my entire httpd.conf here, just say so. Don't want to post it unless its wanted to avoid clutter. But I'm doing something wrong here, and its been a while since I set a apache server up, but don't remember this kind of trouble at all. Also, no SELinux installed either, someone else already asked that. Thanks, Matt - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Forcing logging to the access log
This is indeed exactly what I want. I added a "ForensicLog" and a corresponding "LoadModule" to the httpd.conf of my apache 2.2.2 running under my Windows system here at home and tried it out - perfect. Now I'll have to make the corresponding change to the apache 2.0.46 (plus recent fixes) running on our RedHat server in the office. On that system I cannot find any file mod_log_forensic.* anywhere on the system, so the "Loadmodule log_forensic_module modules/mod_log_forensic.so" would fail. Do I need just the "ForensicLog" statement, or do I need to obtain mod_log_forensic.so from somewhere? See mod_log_forensic which is designed to handle exactly this sort of problem. -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Forcing logging to the access log
I'm getting "child pid 32719 exit signal Segmentation fault (11)" in our error_log but whatever is causing it, it is not generating corresponding entries in the access_log. I suspect that the child pid is failing to update the access_log because of the segmentation fault. Is there some way to force the update of the access_log to be committed before the process starts handling the request? I've only just found these errors in our error_log and they've been happening for as log as we have error_logs. No one has complained about truncated pages, or pages in error though. I got a group of four of them in the space of one second, so my theory is that the faults occur loading images associated with one page. I can't think of anything else that would cause such a cluster of errors; the server takes about one hit per minute, on average. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Installing Apache as a service
One minor correction. In the default Windows installation the bin directory (containing httpd.exe) and the conf directory (containing httpd.conf) are in the same (Apache2.2) directory so if you double-click on the httpd.exe it will not find the httpd.conf file because it will start in the bin directory and look for a conf directory below that. You can only launch apache with a shortcut (which you would have to construct), a batch file (which you'd have to write) or a command. The command is the easiest. Open a command prompt, and navigate to "C:\Program Files\Apache Software\Foundation\Apache2.2" and then the command to start apache is bin\apache (with whatever arguments you need) On 03/01/07, Sander Temme <[EMAIL PROTECTED]> wrote: On Jan 3, 2007, at 10:49 AM, servandomontero wrote: > I'm a novice and im trying to install Apache 2.2 on my Windowx XP > (SP2) machine. I've installed Apache using the install option "only > for the Current User, on Port 8080, when started Manually" because > i am running apache a as testing dev platform and dont want to > listen to port 80 all the time (i dont know if this the right > installation option) That sounds like a fine installation mode for your intended use. Just remember to test using http://localhost:8080/... > Im reading the manual, and it says that i need to install Apache as > a NT service (because i've specify to install it to my self only) > from the command prompt at the Apache bin subdirectory using this > command : httpd -k install > I've tried it and i have this message from the command prompt console: > 'http' is not recognized as an internal or external command, > operable program or bach file For testing and development, you don't need to install a Service. If you want to have the web server running while you are not logged in, you would need to install the Service. As others have remarked, you'll need to find and call the httpd.exe program in its install directory. This directory is not automatically added to %PATH%. You can start the server, with its configuration file in conf/httpd.conf under your install directory, content in htdocs, etc. by running httpd.exe either from a command prompt, or by navigating to the bin directory and double-clicking the httpd.exe file. No service install needed. If you do want to install the service, for production or convenience, follow the installation directions (httpd -k install -n Apache22 if I recall correctly) but do remember that httpd.exe is not in your PATH. S. -- [EMAIL PROTECTED] http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Problem with SUEXEC
I've just noticed the "SUEXEC" in the subject. I don't think this is anything to do with SUEXEC, but if it is, then step (13) of the SUEXEC process determines that the CGI which is being accessed lies within the Doc_Root as defined by "suexec -V" -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Problem with SUEXEC
I would interpret "search permission are missing on a component of the path" to mean that some component of the directory path containing the file that apache is trying to access does not contain an "x" permission that applies to the apache userid or group. However, that doesn't work for you (and I've never seen such an explicit message from apache itself, so this may be coming from something else) On 03/01/07, Dhika Cikul <[EMAIL PROTECTED]> wrote: 2007/1/3, Steve Swift <[EMAIL PROTECTED]>: > In order for apache to access /home/mydomain/public_html/ (and presumably > something like index.html inside that directory) then the userid or group > that apache is running under needs both "r" and "x" access to each directory > /home /home/mydomain and /home/mydomain/public_html I have chmoded /home/mydomain and /home/mydomain/public_html to 755, but still get 403 permission denied > I've never understood why it works this way, but I've found out the hard way > that it does. Depending on your system there may be other access > restrictions in force, but the error message describes my suggestion rather > nicely. i didn't understood about the error message. [quote] [Fri Dec 29 14:11:45 2006] [error] [client 192.168.65.1] (13)Permission denied: access to / failed because search permissions are missing on a component of the path [/quote] what is the mean "search permission are missing on a component of the path"? > On 02/01/07, Dhika Cikul <[EMAIL PROTECTED]> wrote: > > > > Dear, > > > > I have problem with apache installation at my machine, i compile > > apache with suexec support > > > > [quote] > > [EMAIL PROTECTED] apache_1.3.37]# ./configure --prefix=/usr/local/apache > > --enable-suexec --suexec-caller=nobody --suexec-uidmin=99 > > --suexec-gidmin=99 > --suexec-safepath=/usr/local/bin:/usr/bin:/bin > > --suexec-userdir=public_html --enable-module=ssl --enable-shared=ssl > > --disable-rule=SSL_COMPAT > > [/quote] > > > > Installation process was succesfull, and this is the PHP configuration : > > > > [quote] > > [EMAIL PROTECTED] php-4.4.4]# ./configure > > --with-apxs=/usr/local/apache/bin/apxs --with-mysql > --with-curl > > --with-gd --with-freetext=/usr/local/freetype > --with-gettext > > --enable-mbstring --enable-mbregex --enable-magic-quotes --with-xml > > --with-jpeg-dir=/usr/lib --with-ftp --with-zlib > --enable-track-vars > > --enable-versioning --enable-memory-limit --with-pear --with-mcrypt > > --with-mhash > > [/quote] > > > > Both of that process was succesfully compiled, and i have tested with > phpinfo() > > > > The problem occur while i add virtualHost at httpd.conf > > > > [quote] > > > > ServerAdmin [EMAIL PROTECTED] > > DocumentRoot /home/mydomain/public_html/ > > User mydomain > > Group mydomain > > ServerName www.mydomain.net > > ServerAlias domainku.net www.mydomain.net > > CustomLog domlogs/mydomain.net-log combined > > #ScriptAlias /cgi-bin/ > /home/mydomain/public_html/cgi-bin/ > > > > [/quote] > > > > While i add that virtualHost and i try to access mydomain.com, i get > > 403 permission error > > > > [quote] > > Forbidden > > You don't have permission to access / on this server. > > > > Apache/1.3.37 Server at www.mydomain.net Port 80 > > [/quote] > > > > i have checked ownership and permission at /home/mydomain/public_html > > the ownership is mydomain.mydomain and permission is 755. I have try > > several times and still unsucessfull > > > > At apache error_log : > > > > [quote] > > [Fri Dec 29 14:11:45 2006] [error] [client 192.168.65.1] > > (13)Permission denied: access to / failed because search permissions > > are missing on a component of the path > > [/quote] > > > > anyone knows how to fix this problem??, i have tried with Apache2 and > > Apache1, and get same problem > > > > Thank's > > -- > > Dhika Cikul > > > > -- > Steve Swift > http://www.swiftys.org.uk -- Dhika Cikul - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Problem with SUEXEC
In order for apache to access /home/mydomain/public_html/ (and presumably something like index.html inside that directory) then the userid or group that apache is running under needs both "r" and "x" access to each directory /home /home/mydomain and /home/mydomain/public_html I've never understood why it works this way, but I've found out the hard way that it does. Depending on your system there may be other access restrictions in force, but the error message describes my suggestion rather nicely. On 02/01/07, Dhika Cikul <[EMAIL PROTECTED]> wrote: Dear, I have problem with apache installation at my machine, i compile apache with suexec support [quote] [EMAIL PROTECTED] apache_1.3.37]# ./configure --prefix=/usr/local/apache --enable-suexec --suexec-caller=nobody --suexec-uidmin=99 --suexec-gidmin=99 --suexec-safepath=/usr/local/bin:/usr/bin:/bin --suexec-userdir=public_html --enable-module=ssl --enable-shared=ssl --disable-rule=SSL_COMPAT [/quote] Installation process was succesfull, and this is the PHP configuration : [quote] [EMAIL PROTECTED] php-4.4.4]# ./configure --with-apxs=/usr/local/apache/bin/apxs --with-mysql --with-curl --with-gd --with-freetext=/usr/local/freetype --with-gettext --enable-mbstring --enable-mbregex --enable-magic-quotes --with-xml --with-jpeg-dir=/usr/lib --with-ftp --with-zlib --enable-track-vars --enable-versioning --enable-memory-limit --with-pear --with-mcrypt --with-mhash [/quote] Both of that process was succesfully compiled, and i have tested with phpinfo() The problem occur while i add virtualHost at httpd.conf [quote] ServerAdmin [EMAIL PROTECTED] DocumentRoot /home/mydomain/public_html/ User mydomain Group mydomain ServerName www.mydomain.net ServerAlias domainku.net www.mydomain.net CustomLog domlogs/mydomain.net-log combined #ScriptAlias /cgi-bin/ /home/mydomain/public_html/cgi-bin/ [/quote] While i add that virtualHost and i try to access mydomain.com, i get 403 permission error [quote] Forbidden You don't have permission to access / on this server. Apache/1.3.37 Server at www.mydomain.net Port 80 [/quote] i have checked ownership and permission at /home/mydomain/public_html the ownership is mydomain.mydomain and permission is 755. I have try several times and still unsucessfull At apache error_log : [quote] [Fri Dec 29 14:11:45 2006] [error] [client 192.168.65.1] (13)Permission denied: access to / failed because search permissions are missing on a component of the path [/quote] anyone knows how to fix this problem??, i have tried with Apache2 and Apache1, and get same problem Thank's -- Dhika Cikul - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] No permission to access files.
As with all errors, and "Forbidden" in particular, the relevent entry(s) from the error log tell us the real reason, so this is something of a guess: Does the userid/group under which your apache tasks run (webroot at another guess) have rx permission to the directory containing main.php and menu.php? On 01/01/07, Rod Rook <[EMAIL PROTECTED]> wrote: Hi, I've been running httpd web server under Fedora Core 4. Now, I installed Fedora Core 6 onto another hard drive and configured httpd server with the same /etc/httpd/conf/httpd.conf as under FC4. My web server is running now, but outside browsers get an error message of no permission to access to the following files: main.php and menu.php. Here is the properties of the files. -rwxrwxr-x 1 user_u:object_r:user_home_t webroot webroot 466 Feb 27 2006 index.php -rwxrwxr-x 1 user_u:object_r:user_home_t webroot webroot4197 Feb 27 2006 main.php -rwxrwxr-x 1 user_u:object_r:user_home_t webroot webroot 529 Nov 29 2005 menu.php The index.php is supposed to execute main.php and menu.php. What could be wrong with the file permission properties? Thank you. pine -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] How to know the VirtualHost/Request procesed by an child process
On Linux system you could find wealth of information about the process in the /proc directory - the numeric sub-directories are the process IDs. On 19/12/06, Graciano Carrillo <[EMAIL PROTECTED]> wrote: Hello, I've an apache 2.2.3 running with several VirtualHosts, and sometimes a child apache stalls and it gets the 100% of the CPU. Apache stop doesn't stop it. I've to send SIGKILL, because the process was in a zombie STATE. I'd like to know if there is a way to obtain the request that launched the child OR the VirtualHost that was processed in the child. The reason of this is to try to debug the problem. Any clue? Regards, Grachi - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Recognising users number format
Slightly off-topic, but maybe the experts who hang around here know the answer: Is there a "correct" way for a CGI script to know whether it should display the result from 10191/10 as 1019.1 1,019.1 or 1.019,1 (or any others you can mention, for that matter!) I can get a clue from the users language preferences, but I suspect I need more detail than that. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Growing Error.log
Well, there is something you can do about it... I downloaded a virus (OK, the EICAR pseudo "virus") and added alias statements to it so that the hackers would end up downloading an apparent "virus" and if *their* antivirus was doing its job they'd get virus alerts. It probably achieves nothing, but it makes me happier. One side effect is that the error log stops growing, because those files are no longer "Not found". On 18/12/06, POLONKAI Gergely <[EMAIL PROTECTED]> wrote: Hello, these files are contents of the IIS, and can be hacked many ways. That's why bad people try to "download" these to hack an IIS based web server. As far as I know you can't do anything against it... Gergely POLONKAI -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Address CGI w/ URL and not Path Name
The DocumentRoot is the same for a CGI script, but when a script is running, the URL is usually something like hotsname/cgi-bin/scriptname so if you refer to myscript.js (note the lack of the leading "/") then apache will try to fetch "myscript.js" from the same directory as the CGI script came from. It will also try to execute it (as it is coming from a CGI script directory). On 17/12/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: Are you referring to the Document Root in httpd.conf? I still need the document root from the file system, but is there a way that when cgi is used it is fed a different argument? EG - Original Message - From: Steve Swift Date: Saturday, December 16, 2006 2:04 am Subject: Re: [EMAIL PROTECTED] Address CGI w/ URL and not Path Name To: users@httpd.apache.org > When you use the "C:/directory/file" format your browser is > fetching the > file directly from the filesystem and displaying it as best it > can; your > apache webserver is not involved in the process at all. So there > will be no > execution of the CGI script, as that takes place inside apache. > > On 15/12/06, [EMAIL PROTECTED] wrote: > > > > I have a set of cgi scripts that will only run when addressed > with an ' > > http://type URL' and not the 'C:/directory/file' format. When > I need to > > use cgi Apache produces a 'Save As' Dialog box because the > http server is > > being bypassed. I can't figure out how to rewrite how my cgi > programs are > > addressed. I don't want the Document Root included, I need > the http:// > > format for them to run. > > > > EG > > > > > > -- > Steve Swift > http://www.swiftys.org.uk > -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] external javascript and cgi generated page
Save one of the pages generated by your CGI scripts as static HTML, on the same server that is serving your CGI scripts. Load this page, and work out why the .js functions are not working, and fix your CGI until it generates html that works. On 17/12/06, michaeljay <[EMAIL PROTECTED]> wrote: I generated a page with C. All executed fine as far as serving up the correct markup. CSS and external ecmascript, though, ignored. Made both links to those absolute to the document root, that is, I moved the .js and .css files out of the cgi-bin folder and into the htdocs folder and in the
Re: [EMAIL PROTECTED] Address CGI w/ URL and not Path Name
When you use the "C:/directory/file" format your browser is fetching the file directly from the filesystem and displaying it as best it can; your apache webserver is not involved in the process at all. So there will be no execution of the CGI script, as that takes place inside apache. On 15/12/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: I have a set of cgi scripts that will only run when addressed with an ' http://type URL' and not the 'C:/directory/file' format. When I need to use cgi Apache produces a 'Save As' Dialog box because the http server is being bypassed. I can't figure out how to rewrite how my cgi programs are addressed. I don't want the Document Root included, I need the http:// format for them to run. EG -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Enabling huge uploads
I got so fed up with having to search through the file included from httpd.conf that I wrote myself a little utility to generate a composite httpd.conf file containing all of the included files. I was quite amazed at how much extra stuff was being configured in my apache! On 14/12/06, Curby <[EMAIL PROTECTED]> wrote: On 12/14/06, Richard Lynch <[EMAIL PROTECTED]> wrote: > On Thu, December 14, 2006 2:37 am, Curby wrote: > > I'm having trouble accepting large file uploads in Apache 2.0.46 > > (RHEL3). I've set > > > > LimitRequestBody 1074790400 > > I *think* Apache also has a separate Limit on the POST size... > > Search for that in your httpd.conf and http://apache.org directives. Whoops, sorry about all that. I stupidly forgot to search other configuration files for this directive. It was set in another confiiguration file. Changing the directive in the other place as well made everything work. Thanks! --Mike - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] ErrorDocument 401
In what way does safari not work fine? In other words, what are the symptoms? On 13/12/06, Liz Kim <[EMAIL PROTECTED]> wrote: I have a 401 error on a directory redirect to a local file... It seems to work fine on most browsers I've tested so far EXCEPT safari... Anyone else have this problem? Any ideas? Thanks! -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] ssl - force ssl per directory
You are specifying a file in your redirect. My documentation states: Syntax: Redirect [status] URL-path URL The old URL-path is a (%-decoded) path beginning with a slash. A relative path is not allowed. On 12/12/06, Nathan Kellogg <[EMAIL PROTECTED]> wrote: We have open ssl running fine on Apache 2.2.3. A separate virtual host is defined for both the :80 port and for :443 In order that the .../secure/... directory be handled exclusively by the SSL host, we have : in the :80 vhost : Redirect permanent c:/orcourt/htdocs/secure https://www.orcourtsonline.com/htdocs/secure and in the :443 vhost : SSLRequireSSL ~ The problem is that requests for http://www.orcourtsonline.com/secure/* still get handled by the :80 host. What am I doing wrong here? btw - this cant be tested form outside. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Newbie Help, Please
Each time you add a new place in your filesystem that will be referenced by apache, such as the DocumentRoot statement inside your virtual hosts blocks, you nearly always have to add a statement permitting access to that place. For example, I have: Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all On 08/12/06, Scott Hughes <[EMAIL PROTECTED]> wrote: Hello, I am attempting to set up a vhost machine using CentOS. The issue I am having is with the user's home directories (where the pages are being server for each site). Example: The user's site is www.example.com and they have a home directory called 'example'. Inside thier home directory is a directory called 'www'. Long story short, I have added the vhost part to the httpd.conf and the directory statement. I get the message in the error log that "Permission is denied for /index.htm". If anyone needs any additional information, please ask. Thank you. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Windows installation error
To tell what program is using port 80 I would use "Active Ports" which I probably downloaded from http://www.protect-me.com/freeware.html When you have IIS Installed, you have an extra Icon in "Control Panel" -> "Administrative Tools" called "Internet Information Service" (or something like that) On 08/12/06, Lawrence Weathers, Ph.D. <[EMAIL PROTECTED]> wrote: How do you tell what has what port? And, if it is IIS, how do you turn it off or get Apache to use another port? Thanks Larry Lawrence Weathers, Ph.D. Psychologist 6921 E Jamieson Rd. Spokane WA 99223 509-448-6462, Fax 806 209 8854 [EMAIL PROTECTED] www.caer.com, www.adhdhelp.org In shallow waters, shrimps make fools of dragons. Chinese Proverb -Original Message- From: William A. Rowe, Jr. [mailto:[EMAIL PROTECTED] Sent: Thursday, December 07, 2006 8:24 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Windows installation error Lawrence Weathers, Ph.D. wrote: > > (OS 10048)Only one usage of each socket address (protocol/network address/port) > is normally permitted. : make_sock: could not bind to address 0.0.0.0:80 > no listening sockets available, shutting down > > What is it trying to tell me and what should I do about it? That something else already has 0.0.0.0:80. Probably, IIS? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.15/579 - Release Date: 12/7/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.15.15/579 - Release Date: 12/7/2006 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Changing DocumentRoot Doesn't Work
The behavior of httpd is to look in ../conf/ so that's probably not it. That's as may be, but the OP ran httpd.exe -V and got: -D SERVER_CONFIG_FILE="conf/httpd.conf" So I maintain that double-clicking on the httpd.exe in the /bin subdirectory will look for /bin/conf/httpd.conf for the configuration file. However, fixing this hasn't apparently fixed the problem, yet I'm sure this is where it lies. My shortcut for starting apache has the command as "C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -w -n "Apache2.2" -k start With the "Start in:" "C:\Program Files\Apache Software Foundation\Apache2.2\" On 07/12/06, William A. Rowe, Jr. <[EMAIL PROTECTED]> wrote: Steve Swift wrote: > You said that you were double-clicking the httpd.exe > That would make the current directory: > C:\Program Fiels\Apache Software Foundation\Apache 2.2\bin > > so apache would go looking for a conf subdirectory of \bin and not find it. The behavior of httpd is to look in ../conf/ so that's probably not it. > You will have to contsruct a shortcut to launch httpd.exe with a working > directory of: > C:\Program Fiels\Apache Software Foundation\Apache 2.2 There should be such a shortcut installed in your Start menu under Apache. > You cannot do it with a simple double-click. Not a good idea, no. On that subject, to the original poster, are you sure you are modifying the C:\Program Files\Apache Software Foundation\Apache 2.2\conf\httpd.conf , and not the httpd.conf.default file we install FOR REFERENCE ONLY? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Changing DocumentRoot Doesn't Work
You said that you were double-clicking the httpd.exe That would make the current directory: C:\Program Fiels\Apache Software Foundation\Apache 2.2\bin so apache would go looking for a conf subdirectory of \bin and not find it. You will have to contsruct a shortcut to launch httpd.exe with a working directory of: C:\Program Fiels\Apache Software Foundation\Apache 2.2 Alternatively, you can open a command prompt at that directory and start apache with the command: bin\httpd.exe You cannot do it with a simple double-click. On 07/12/06, Gaming Mouse <[EMAIL PROTECTED]> wrote: > These are the two important lines. Apache was compiled to expect the > config to be at /apache/conf/httpd.conf. Is it? > > Rgds, > Owen Boyle > Disclaimer: Any disclaimer attached to this message may be ignored. > Owen, What is the initial "/" relative to? Again, for clarity, I will give the complete path on my machine to both the .exe and the .conf file: C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf Is the "2.2" the problem? Because if I change "Apache2.2" to "apache", then when I double-click httpd.exe, the window opens and instantly closes, and I cannot use apache. Do I need to re-install? If so, what should I be sure of when I do? Thanks, Jonah Cheap talk? Check out Yahoo! Messenger's low PC-to-Phone call rates. http://voice.yahoo.com - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Changing DocumentRoot Doesn't Work
Well, before you start playing with your shortcut, is there a "conf" subdirectory below the working directory specified in your shortcut, and does that conf subdirectory contain your configuration file (which had better be named "httpd.conf" !) On 07/12/06, Gaming Mouse <[EMAIL PROTECTED]> wrote: > Sounds to me like Apache can't find the httpd.conf file for some reason... there should be a command switch to force it to look at a specific place: > > httpd -V > > should tell you what config that it has been compiled to look for - make sure it's in the right place or, > > httpd -f "path:/to/config/filename.conf" > > will start Apache with said config file. > > > Norm > --- > Hey Norm, Thanks for the reply. Here is the output of httpd -V. Can you let me know if it is indeed not finding httpd.conf and, if not, how I can fix the problem permanently? Do you recommend adding the -f switch info to the shortcut that I use to start httpd.exe? C:\Program Files\Apache Software Foundation\Apache2.2\bin>httpd -V Server version: Apache/2.2.3 Server built: Jul 27 2006 16:49:49 Server's Module Magic Number: 20051115:3 Server loaded: APR 1.2.7, APR-Util 1.2.7 Compiled using: APR 1.2.7, APR-Util 1.2.7 Architecture: 32-bit Server MPM: WinNT threaded: yes (fixed thread count) forked: no Server compiled with -D APACHE_MPM_DIR="server/mpm/winnt" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="/apache" -D SUEXEC_BIN="/apache/bin/suexec" -D DEFAULT_SCOREBOARD="logs/apache_runtime_status" -D DEFAULT_ERRORLOG="logs/error.log" -D AP_TYPES_CONFIG_FILE="conf/mime.types" -D SERVER_CONFIG_FILE="conf/httpd.conf" Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail beta. http://new.mail.yahoo.com - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Server Staus information by other means
I know that ps doesn't show you what the httpd threads are doing, but on my RedHat system the "top" command shows which CGI script is executing, and that is a step forward. Of course, this only works if the CGI is looping or using a lot of CPU (otherwise it doesn't show in the "top" command). Look around in the /proc directory - this has a wealth of information on running processes (it is where "top" gets its information). The numeric subdirectories are the process IDs (PIDs) On 04/12/06, Nikolai Lusan <[EMAIL PROTECTED]> wrote: Greetings one and all, I have a little problem I am trying to track down ... We run a number of production boxen that are apache 2.0 with php5, occasionally we hit MaxClients and the site becomes unreachable (until some things time out and come back to papa). We know that some of the time this is a database issue, the rest we suspect are php code related issues. What I am after is something that will give me the information from mod_status, but without using a port 80 connection (obviously the thing is at MaxClients and not taking connections to the server). I basically need a full list of the requests that are being processed when this happens and the vhosts they are being processed within (so I can track down the actual problem). Having asked this question elsewhere let me spell out a few things, a) apache2ctl status [and full-status] use lynx and a connection to the server so will not do the job (MaxClients having been hit and the server not taking connections). b) ps [with any options] give a process listing and does not supply the information I require (that being the list of requests being processed). c) Raising MaxClients is not a solution because: 1) If I do that and we come close to MaxClients with all processes using the average memory resources the machine will swap out and die(tm). 2) The problem will keep occurring just with more connections made at the time of the problem and I will still not have the list of information I need. d) Given that the problem is happening infrequently (at about 3 weeks separation) polling once a second is just going to waste resources on my server and still not provide me with what I need. Sorry if that sounds a little abrupt, but I have had too many people suggest all these things, assuming I hadn't thought of all of them and their impact (infact most people don't realise the impact of what they are suggesting). If anyone knows of some utility (or set of options to the apache2 binary I could use) I would be most appreciative. The other option I had thought of was trying to get a single worker (we are using mpm-prefork) running and listening only to loopback, but I am a little unsure if this is actually possible or how to go about it. Thanks in advance. -- Nikolai Lusan Systems Administrator Hitwise Pty. Ltd. Level 7 / 580 St Kilda Road Melbourne, Victoria 3004 Australia Phone: +61 3 8530 2400 Fax: +61 3 9529 8907 www.hitwise.com.au [EMAIL PROTECTED] Worldwide: • United States • United Kingdom • Australia • New Zealand • Singapore • Hong Kong To subscribe to our complimentary monthly newsletter, visit: http://www.hitwise.com.au/ The information transmitted may be confidential, is intended only for the person to which it is addressed, and may not be reviewed, retransmitted, disseminated or relied upon by any other persons. If you received this message in error, please contact the sender and destroy any paper or electronic copies of this message. Any views expressed in this email communication are those of the individual sender, except where the sender specifically states otherwise. Hitwise does not represent, warrant or guarantee that the communication is free of errors, virus or interference. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Virtual Hosts and SSL
Thanks for that, perhaps I'll get a change to use it some time. However, the server in question in this case is inside IBM, and the only common part of its servername across the virtualhosts is ".ibm.com" so I won't rush off to get a certificate for that! On 28/11/06, Robert Fox <[EMAIL PROTECTED]> wrote: You only need a separate IP for every virtual host if you are not using a wildcard certificate. Wildcard certs cost a little more, but they are good for all hosts within a particular domain. Then, you can run all of your vhosts on port 443 with the same IP, and the cert will work for all of the vhosts. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Virtual Hosts and SSL
Thank you for that answer. I'm just beginning to use SSL, and at the moment I'm using the self-signed certificate that was installed for my server during the original apache installation. For my testing I'll need to generate additional certificates/Sever keys for the Virtual Hosts I define in ssl.conf On 28/11/06, Frode E. Moe <[EMAIL PROTECTED]> wrote: You need a separate IP for each SSL virtualhost, since SSL certificates are exchanged before any HTTP headers (especially the Host: header) are transferred. So my guess is that apache just picks the first SSL certificate applicable for a given IP. In other words, it makes no sense to use NameVirtualHost for SSL / port 443. I don't think your *:80 stuff makes any difference either way as that sould be independent of anything on :443. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Virtual Hosts and SSL
Where should I go to learn about configuring Virtual Hosts and SSL in the same apache? I have virtual hosts woking using "NameVirtualHost *:80" SSL works for the Virtual Hosts *I* have defined But in the (default) ssl.conf file installed with apache I find: SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key ... (other, less interesting lines) What puzzles me is this: The VirtualHost definition above seems to be working as SSL is finding the Certificate File (otherwise how would SSL work at all?) How is this VirtualHost definition working in conjunction with "NameVirtualHost *:80" ? -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] multi-homed Apache? Anyone?
I setup my apache to: Listen *:80 and it uses all four NICs in my box On 26/11/06, tim <[EMAIL PROTECTED]> wrote: Has anyone setup their home/SBA network with Apache on one computer but serving content on two networks (DSL and cable)? I tried this but Apache fails to reply on the secondary network. (It works with only 1 network card in the box.) I have not done a TCP trace yet but does anyone have Apache serving content on two NICs? For me it only replies on the primary it seems. This could also be a problem of needing to manually setup the routing tables but just want to know if anyone has this working before I labor down that road. Here is some more detail: 1. DSL network. 192.168.2.0 2. Cable network: 192.168.0.0 Hosts /etc/hosts: 127.0.0.1 localhost.localdomain localhost 192.168.0.13www.serviza.com Apache config: /etc/httpd/conf/httpd.conf Listen 80 #Listen 192.168.2.102:80 # Thought I could toggle the NIC with this but fails to respond. ServerName 192.168.0.13:80 #ServerName serviza.com:80 # Argh! Virtual Hosts fails with this - maybe due to /etc/hosts? Route route -n: Destination Gateway Genmask Flags Metric RefUse Iface 192.168.2.0 0.0.0.0 255.255.255.0 U 0 00 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 00 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 00 eth1 0.0.0.0 192.168.0.1 0.0.0.0 UG0 00 eth1 # This route does not look right to me. I thought I'd see something like: > Destination Gateway Genmask Flags Metric Ref Use Iface > 192.168.2.0 192.168.2.1 255.255.255.0 U 0 00 eth0 > 192.168.0.0 192.168.0.1255.255.255.0 U 0 00 eth1 # Does not that make more sense? I tried setting these in system-config-network but does not seem to take as the changes do not show in route -n. Thanks a bunch, TimJowers P.S> Running on CentOS (built from RHEL sources) or FC6. I tried searching alot but the terms are too generic so no good matches were found. Mostly the results were about running two instances of Apache. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Close browser session while CGI is still active
That's what I'm doing now, but its cumbersome. I'd hoped that I could get away with a couple of closes, but no such luck. It happens quite often in my CGI scripts that I finish the webpage then have to do some tidying-up that just keeps the browser waiting. On 24/11/06, long <[EMAIL PROTECTED]> wrote: Since you already using a detached task to run the batch job, if it's not too much work and the result of the batch job is not a requirement for the response, can you just pass your variables to the batch job? -- Steve Swift http://www.swiftys.org.uk
[EMAIL PROTECTED] Close browser session while CGI is still active
Can a CGI script close the session with the browser before it exits? I tried closing STDOUT and STDERR in the hope that Apache might notice, and clean up the session, but the browser remained waiting. I have a CGI script that send its page to the browser then has a "batch" job to do, which takes several minutes. At the moment I'm handling it by creating a detached task to run the batch portion but since the batch process requires access to the variables that built the HTML page it would be much simpler if I could manage it in one run of the CGI script. -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Problem with POST method
It is almost certainly an error to have the action of a form reference a static webpage. At a guess, you are settinng the action to the same static page that contained the form. That's bound to cause problems, not least of which would be confusion! Every that I've ever seen sets the action to a URL which runs a script of some sort or another. How else are you going to process the input from the form?On 14/11/06, lorenzo <[EMAIL PROTECTED]> wrote: Hi all.I'm sending a simple http POST request and the browser hangs waiting fora reply.This is my test page I have this problem both with httpd-2.2.3 and 2.0.46.I have no problems with GET requests.KeepAlive is turned off.If I turn KeepAlive on things are a little different: if I request the test page and quickly submit the form there is no problem. If I waitenough to make the connection time out the request remains pending.I think this is too big to be an apache problem, so I suspect there is something in os/firewall configuration to fix.Have you ever seen something like this? Do you have any ideas?Thanks, ByeLorenzo- The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI receives SIGTERM
We will just have to agree to disagree. Over many releases of Apache I've never seen a looping or hung CGI sent a SIGTERM. I've even asked in this group how that could be achieved, only to be told that it cannot be done, using facilities within apache alone. On 17/10/06, Ravi Menon <[EMAIL PROTECTED]> wrote: Actually it is more subtle. Even during execution, apache starts the timerduring start of header, and start of body. So a malicious script couldpotentiallygive data in trickles to restart these timers, but my point was that apache definetly takes care of runaway cgi scripts even in execution (as longas it doesn't trick the server as mentioned above).BTW I did not have any issues - I was just responding to the originalcomment that apache does not handle runaway scripts which is not true. RaviOn 10/17/06, Steve Swift <[EMAIL PROTECTED]> wrote:> Ah, that's different - your timeout is occurring trying to read your CGI> script - it is not getting to execution. > I've never had this problem, so I cannot help you>> Steve Swift> http://www.swiftys.org.uk>>> - > The official User-To-User support forum of the Apache HTTP Server Project.> See http://httpd.apache.org/userslist.html> for more info.> To unsubscribe, e-mail: [EMAIL PROTECTED]>" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]>>-The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swifthttp://www.swiftys.org.uk
Re: [EMAIL PROTECTED] make mod_cache ignore the query string?
This is probably impossible on principle, as the two URL's could be expected to generate different results.On 17/10/06, Jeff Behl < [EMAIL PROTECTED]> wrote:running apache 2.2.x, i'm knocking my head against the table trying to get mod_cache to ignore the query string in a URL, such that :http://somedomain.comm/asdf.swf?aa http://somedomain.comm/asdf.swf?bbwill only generate a single cache entry. i've tried usingmod_rewrite to strip the query string off, but even with thepass-through flag set, mod_cache seems to get first dibbs and generate a separate cache entry. i suppose i could layer two apache serverstogether, with one doing a proxy to the other, and that one sending tothe origin, but i'd rather not if possible.any help would be greatly appreciated! thanks.-The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
RE: [EMAIL PROTECTED] CGI receives SIGTERM
Ah, that's different - your timeout is occurring trying to read your CGI script - it is not getting to execution. I've never had this problem, so I cannot help you Steve Swift http://www.swiftys.org.uk - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] CGI receives SIGTERM
Well, I wrote a "timeout" CGI especially to go into a loop. It's still running after 720 seconds on my 2.0.46+ server under linux. Timeout is set to 300.I never saw looping CGI's terminated under version 1 either. With four processors in our system we sometimes don't notice looping CGI scripts for a few days!On 13/10/06, Ravi Menon < [EMAIL PROTECTED]> wrote:In the apache 1.3.x on Linux that I am using, apache does send a SIGTERM when the Timeout value has reached. The code is here:apache_1.3.33/src/main/alloc.c:free_proc_chain()This is called from ap_clear_pool() which is done at the end ofrequest cycle, orduring hard timeouts. The logic here also covers runaway cgi apps.Didn't confirm if the same exists in apache 2x but I would besurprised if this functionality was removed.RaviOn 10/11/06, Steve Swift < [EMAIL PROTECTED]> wrote:> As far as I know Apache doesn't send Sigterm to a running CGI. This has> nothing to do with the Timeout directive.> A couple of weeks ago I asked the opposite question: "How can I timeout a > CGI that is hung/looping?" and the answer I got, from trusted sources was> that it cannot be done with Apache alone, but would require an external> monitor.>> Something else on your system is doing this. >> On 11/10/06, Nguyen, Nguyen Vu <[EMAIL PROTECTED] > wrote:> > Hi guys,> >> > As far as I know the Timeout directive does control the amount of time a > CGI> > has before receiving a SIGTERM. However my CGI still receives a SIGTERM> > after what appears to be a random amount of time that is much less than> what> > I have set in the Timeout directive. The client side still has the > > connection to the CGI when it receives the SIGTERM. So I'm wondering under> > what other circumstances does apache send SIGTERM to a CGI? Any help is> very> > much appreciated. > >> > Thanks.> >> >> >> -> > The official User-To-User support forum of the Apache HTTP Server Project. > > See http://httpd.apache.org/userslist.html> for more> info.> > To unsubscribe, e-mail:> [EMAIL PROTECTED]> >" from the digest:> [EMAIL PROTECTED]> > For additional commands, e-mail: [EMAIL PROTECTED]> >> >>>>> --> Steve Swift> http://www.swiftys.org.uk -----The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Directory listing empty
Does the userid under which you run apache (See the User directive) or the group (See the Group directive) have both "r" and "x" authority on /usr and /usr/share and /usr/share/doc and "r" authority on the files you want to see in the list. These authorities typically come from the "Other" access, but can be via the userid or group that runs your apache.On 13/10/06, Tremal Naik <[EMAIL PROTECTED]> wrote:Hello everybody, this is the first time I write to this ML.I'm not able to list files in the directory /usr/share/doc/I only get a page with the link "Parent Directory"I have installed Apache 2 on a Debian System: # apache2 -vServer version: Apache/2.0.54Server built: Jul 28 2006 08:55:39I didn't touch the default configuration stored in /etc/apache2/apache2.confI created the file:/etc/apache2/conf.d/docs whit the contents:Alias /docs/ "/usr/share/doc/"Order Allow,DenyAllow from allat this point I had a forbidden error, trying to access the url http://myserver/docs/so I added to the above file the following directive: Order Allow,Deny Allow from all Now I can access the directory, but I only have the "Parent Directory" link.I tried to add the optionsOptions Indexes MultiViewsAllowOverride Noneto both and directives, but nothing changed. I CAN list the contents of the icons directoryhttp://myserver/icons/Can you help me?--TREMALNAIK- The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Fixing Localhost on a Mac
Out of the box Apache will display one of the index.html* files in the directory pointed to by the "DocumentRoot" directive in the https.conf configuration file. I say one of the index.html* files because it comes with a plethora of languages defined. On 12/10/06, David Blomstrom <[EMAIL PROTECTED]> wrote: I hired someone to install and configure Apache, PHP, MySQL and phpMyAdmin on my new MacBook Pro and set up a virtual host that I could use as a guide. It's kinda sorta working, but there are some major problems. For example, he installed phpMyAdmin inside one of my websites, and http://localhost displays the home page of that same website.Anyway, it seems like localhost is a logical place to start fixing things, but I'm confused. Can someone tell me what file would normally be displayed at http://localhost on a Mac (I thought it was Apache's welcome page) and what I need to do to make it display there?I moved phpMyAdmin to /Users/MyName/Sites, where my websites are stored. After I get localhost figured out, I'd like to set it up to display at either http://localhost/phpMyAdmin or http://phpMyAdminThanks. -- Steve Swifthttp://www.swiftys.org.uk
Re: [EMAIL PROTECTED] CGI receives SIGTERM
As far as I know Apache doesn't send Sigterm to a running CGI. This has nothing to do with the Timeout directive.A couple of weeks ago I asked the opposite question: "How can I timeout a CGI that is hung/looping?" and the answer I got, from trusted sources was that it cannot be done with Apache alone, but would require an external monitor. Something else on your system is doing this.On 11/10/06, Nguyen, Nguyen Vu <[EMAIL PROTECTED] > wrote:Hi guys,As far as I know the Timeout directive does control the amount of time a CGI has before receiving a SIGTERM. However my CGI still receives a SIGTERMafter what appears to be a random amount of time that is much less than whatI have set in the Timeout directive. The client side still has the connection to the CGI when it receives the SIGTERM. So I'm wondering underwhat other circumstances does apache send SIGTERM to a CGI? Any help is verymuch appreciated.Thanks.- The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] cgi-bin woes
Is your ScriptAlias in a part of the httpd.conf that applies only to certain files/directories, e.g. inside a block?I'm grasping at straws here.On 11/10/06, Thom Hehl <[EMAIL PROTECTED]> wrote: OK, I haven't run httpd in a while. I have a new installation and amhaving a glitch I need some help with.I've gone through the cgi bin document for Apache 2.2.3 and have createdthe first.pl script as suggested in the docs, but do not get any of the four results listed. Instead, when I run 192.168.1.49/cgi-bin/first.pl Iget a 404 error.In my httpd.conf I haveScriptAlias /cgi-bin/ "/var/www/cgi-bin/" In /var/www/cgi-bin, I have:first.plrand_text.plBoth of which have read/execute access for everyone.I checked the logs and there is literally nothing in them. I stoppedhttpd, blew away everything in the logs directory, restarted httpd and re-created the 404 and there is not a single file in the logs directory.Nada!In frustration, I checked the system logs which show only the httpd restart.I am now clueless as to how to proceed. Can anyone point me in a direction? Thanks.-The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] not uploading at full speed
Or investigate the availability/capability of ADSL MAX in your area. I believe that ADSL MAX significantly increases the upload speeds, but they're still not scintillating.If you're determined to run a webserver on the "wrong" end of a domestic ADSL connection then you are doomed to get relatively slow transfers sending data FROM your system. That's what the "A" in ADSL stands for - Asymmetrical; fast download and slow upload. You can get lines that work the other way around, and they are designed for running servers. You get a fast upload speed and a slow download speed.-- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] not uploading at full speed
ADSL upload speeds are in BITS/Sec so my 288KB/s is about 28.8K bytes per second, allowing 8bits per byte and overhead of the TCP/IP protocol packaging. An upload speed reported as 237 KB/s has a maximum transmission speed of roughly 23.7 thousand characters per second. You're getting about half of that, which might imply two transfers running concurrently or congestion in your local loop (your exchange in other words). On 10/10/06, Boyle Owen <[EMAIL PROTECTED]> wrote: > -Original Message-> From: Chris Ackford [mailto:[EMAIL PROTECTED]]> Sent: Tuesday, October 10, 2006 9:40 PM> To: users@httpd.apache.org> Subject: [EMAIL PROTECTED] not uploading at full speed>> how comes the max my users can get is 14kb/s that 1 person> using the server i am currently using 2.2MB Broadband running > at about 237 KB/S upload look here for total specs> http://www.speedtest.net/result/49345028.png any reason why> my users can get max 14 kb/s ? Lots of reasons... very few would have anything to do with apache.To determine if apache *is* responsible, add localhost to the list ofaliases and try downloading via localhost (obviously, you need to do this on the server). If it's fast, it ain't apache.Apache usually just hands the data on to TCP/IP to deliver and doesn'tcare how fast it ships...Rgds,Owen BoyleDisclaimer: Any disclaimer attached to this message may be ignored. >> chris>This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. -The official User-To-User support forum of the Apache HTTP Server Project.See http://httpd.apache.org/userslist.html > for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- Steve Swift http://www.swiftys.org.uk
