Re: [users@httpd] Basic Authentication question
I tried with both IE and with FireFox..but both prompt me for the password twice...Did it ask you for the password only once ?? Anand > Works here using Mozilla.. what browser are you checking it with? > perhaps it's one that doesn't follow the standards properly :-) > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
K Anand wrote: That was my understanding alsoBut in my case, it is again prompting me for userid and password for subsequent pages also...Actually, it asks password 2 times when opening the main page..after that it does not ask for the password... http://ns.sail-steel.com/ userid is guest and password is gst123... I have created it temporarily... Works here using Mozilla.. what browser are you checking it with? perhaps it's one that doesn't follow the standards properly :-) - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
That was my understanding alsoBut in my case, it is again prompting me for userid and password for subsequent pages also...Actually, it asks password 2 times when opening the main page..after that it does not ask for the password... http://ns.sail-steel.com/ userid is guest and password is gst123... I have created it temporarily... Anand - Original Message - From: "zcat" <[EMAIL PROTECTED]> To: Sent: Friday, July 15, 2005 11:26 AM Subject: Re: [EMAIL PROTECTED] Basic Authentication question > > The browser prompts me for userid and password... > > now i click a link on that page and say the request goes as > > http://a.b.c.d/xyz.html > > Will it prompt again for user id and password ?? > > The browser keeps the username and password for the rest of the session, > and will automatically send them with every request for pages 'below' > the first one. > > So you won't need to enter this password again until you close and > re-open the browser. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
The browser prompts me for userid and password... now i click a link on that page and say the request goes as http://a.b.c.d/xyz.html Will it prompt again for user id and password ?? The browser keeps the username and password for the rest of the session, and will automatically send them with every request for pages 'below' the first one. So you won't need to enter this password again until you close and re-open the browser. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Basic Authentication question
Hi all, I have a very basic question regarding authentication on apache...I have in my httpd.conf a section like below : AuthType Basic AuthName "By Invitaion Only" AuthUserFile /etc/httpd/conf/passwd/passwords Require valid-user Does this mean that everytime I access a different page on the server, I will be asked a userid and password the first time it is accessed ??? let me specify I say http://a.b.c.d/ The browser prompts me for userid and password... now i click a link on that page and say the request goes as http://a.b.c.d/xyz.html Will it prompt again for user id and password ?? Thanx Anand - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Compile errors from Apache HTTPD 2.0.54
Greetings all. I have a Red Hat Enterprise Linux 3ES server and am attempting to install Apache HTTPD. I used /usr/local/apache2 as my intended install directory, and Config appeared to complete successfully with no errors. Make seems to run successfully for several steps, but then ends with: make[3]: Entering directory `/usr/apache-httpd/httpd-2.0.54/srclib/apr' /bin/sh /usr/apache-httpd/httpd-2.0.54/srclib/apr/libtool --silent --mode=link gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -I./include -I../include -version-info -o libapr-.la -rpath /usr/local/apache2/lib strings/apr_cpystrn.lo strings/apr_fnmatch.lo strings/apr_snprintf.lo strings/apr_strings.lo strings/apr_strnatcmp.lo strings/apr_strtok.lo passwd/apr_getpass.lo tables/apr_hash.lo tables/apr_tables.lo file_io/unix/copy.lo file_io/unix/dir.lo file_io/unix/fileacc.lo file_io/unix/filedup.lo file_io/unix/filepath.lo file_io/unix/filepath_util.lo file_io/unix/filestat.lo file_io/unix/flock.lo file_io/unix/fullrw.lo file_io/unix/mktemp.lo file_io/unix/open.lo file_io/unix/pipe.lo file_io/unix/readwrite.lo file_io/unix/seek.lo file_io/unix/tempdir.lo network_io/unix/inet_ntop.lo network_io/unix/inet_pton.lo network_io/unix/sendrecv.lo network_io/unix/sockaddr.lo network_io/unix/sockets.lo network_io/unix/sockopt.lo threadproc/unix/proc.lo threadproc/unix/procsup.lo threadproc/unix/signals.lo threadproc/unix/thread.lo threadproc/unix/threadpriv.lo misc/unix/charset.lo misc/unix/env.lo misc/unix/errorcodes.lo misc/unix/getopt.lo misc/unix/otherchild.lo misc/unix/rand.lo misc/unix/start.lo misc/unix/version.lo locks/unix/global_mutex.lo locks/unix/proc_mutex.lo locks/unix/thread_cond.lo locks/unix/thread_mutex.lo locks/unix/thread_rwlock.lo time/unix/time.lo time/unix/timestr.lo mmap/unix/common.lo mmap/unix/mmap.lo shmem/unix/shm.lo user/unix/groupinfo.lo user/unix/userinfo.lo memory/unix/apr_pools.lo atomic/unix/apr_atomic.lo poll/unix/pollacc.lo poll/unix/poll.lo support/unix/waitio.lo dso/unix/dso.lo -lrt -lm -lcrypt -lnsl -lpthread -ldl libtool: link: you must specify an output file Try `libtool --help --mode=link' for more information. make[3]: *** [libapr-.la] Error 1 make[3]: Leaving directory `/usr/apache-httpd/httpd-2.0.54/srclib/apr' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/apache-httpd/httpd-2.0.54/srclib/apr' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/apache-httpd/httpd-2.0.54/srclib' make: *** [all-recursive] Error 1 I googled for "apache httpd make libtool: link: you must specify an output file" and found a link to: http://mail-archives.apache.org/mod_mbox/httpd-bugs/200501.mbox/%3c20050 [EMAIL PROTECTED] I made the change it recommended [edit srclib/apr/Makefile and change the TARGET_LIB line to read TARGET_LIB = libapr-0.la], but this didn't make any difference. I made sure not to mix up my ELs and ONEs. ;) But I still got the following when compiling again: make[3]: Entering directory `/usr/apache-httpd/httpd-2.0.54/srclib/apr' /bin/sh /usr/apache-httpd/httpd-2.0.54/srclib/apr/libtool --silent --mode=link gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500 -D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE -I./include -I../include -version-info -o libapr-0.la -rpath /usr/local/apache2/lib strings/apr_cpystrn.lo strings/apr_fnmatch.lo strings/apr_snprintf.lo strings/apr_strings.lo strings/apr_strnatcmp.lo strings/apr_strtok.lo passwd/apr_getpass.lo tables/apr_hash.lo tables/apr_tables.lo file_io/unix/copy.lo file_io/unix/dir.lo file_io/unix/fileacc.lo file_io/unix/filedup.lo file_io/unix/filepath.lo file_io/unix/filepath_util.lo file_io/unix/filestat.lo file_io/unix/flock.lo file_io/unix/fullrw.lo file_io/unix/mktemp.lo file_io/unix/open.lo file_io/unix/pipe.lo file_io/unix/readwrite.lo file_io/unix/seek.lo file_io/unix/tempdir.lo network_io/unix/inet_ntop.lo network_io/unix/inet_pton.lo network_io/unix/sendrecv.lo network_io/unix/sockaddr.lo network_io/unix/sockets.lo network_io/unix/sockopt.lo threadproc/unix/proc.lo threadproc/unix/procsup.lo threadproc/unix/signals.lo threadproc/unix/thread.lo threadproc/unix/threadpriv.lo misc/unix/charset.lo misc/unix/env.lo misc/unix/errorcodes.lo misc/unix/getopt.lo misc/unix/otherchild.lo misc/unix/rand.lo misc/unix/start.lo misc/unix/version.lo locks/unix/global_mutex.lo locks/unix/proc_mutex.lo locks/unix/thread_cond.lo locks/unix/thread_mutex.lo locks/unix/thread_rwlock.lo time/unix/time.lo time/unix/timestr.lo mmap/unix/common.lo mmap/unix/mmap.lo shmem/unix/shm.lo user/unix/groupinfo.lo user/unix/userinfo.lo memory/unix/apr_pools.lo atomic/unix/apr_atomic.lo poll/unix/pollacc.lo poll/unix/poll.lo support/unix/waitio.lo dso/unix/dso.lo -lrt -lm -lcrypt -lnsl -lpthread -ldl libtool: link: you must specify an output file Try `libtool --help --mode=link' for more informat
[users@httpd] Will be an issue if MaxClients > 150?
Hi, All, We have apache-2.0.52 on Linux host, running worker MPM. It seems a lot of child processes are in hanging status. Is it possible caused by too big number of MaxClients(500)? Please help. Thanks, Q.Xie === The current configure httpd.conf is below: ServerLimit 22 #StartServers 15 StartServers 5 MaxClients 500 MinSpareThreads 25 MaxSpareThreads 20 ThreadsPerChild 25 MaxRequestsPerChild 2500 __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache + AWSTATS = Vulnerability????
Thanks for all the replies. Strange thing about apache logs is that all requests done to AWSTATS cgi returned only 404 ... funny... About sanitizing my box, It will be most than difficult, almost impossible... Checked already a lot of "infected" files, and I'm sure there are a lot more. Heck, gonna have to get a full reinstall over a new machine (my infected system is still running... slowly, but running... I can't just take the whole system down and make a fresh install... Gotta do it in a new box and restore my files from damaged system).. Now I must be going, got some work to do... :/ Oh, and once more, thanks for all the replies! - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] LDAP Authorization with Active Directory
I should be more clear. When I load the following modules: LoadModule ldap_module modules/util_ldap.so LoadModule auth_ldap_module modules/mod_auth_ldap.so Apache crashes in two cases: when I try to authenticate, and when I try to shut down the server. I'll try your tip with the [EMAIL PROTECTED], but honestly there's something up because even if I don't try to login, Apache crashes on shutdown when those above two modules are loaded. __ Jeremy Weiland Systems Engineer ALTERthought 4449 Cox Road Glen Allen, VA 23060 (804) 934 - 0300 www.alterthought.com -Original Message- From: Gary W. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, July 14, 2005 12:59 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] LDAP Authorization with Active Directory With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the [EMAIL PROTECTED] I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN [EMAIL PROTECTED] AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user > -Original Message- > From: Jeremy Weiland [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > __ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache + AWSTATS = Vulnerability????
It was thus said that the Great Anderson Miranda once stated: > > Now I want to know just 2 things: > > First, how can I be sure that it all happened because of the awstats > security flaw? > Second, how could I completely remove this Unix/Hacktop from my system > (Linux RedHat9 k2.4) ? First, don't know. Second, nuke the disks and reinstall the *latest* version of *everything* on the servers. Disable *all* CGI scripts when restoring from backup. Vet everything. That's the only way to make sure. http://boston.conman.org/2004/09/13.1 http://boston.conman.org/2004/09/14.1 http://boston.conman.org/2004/09/19.1 -spc (Been there, done that, never want to go there again ... ) - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache + AWSTATS = Vulnerability????
> >>Kk, here is what I've got so far: >> >>My system seems to be infected by some kind of trojan/worm/virus called >>Unix/Hacktop, wich does (for what I'm seeing) some kind of scanport via >>ssh (22). >>I found some related info saying that the intruder could be using a >>security flaw from AWSTATS + Apache to get a valid root bash session >>over port 80. >> >>Now the intruder created a few files, infected some others and is using >>this scanport. I stopped the scanport by blocking the output of ssh in >>my iptables and could be able to erase some virus related files. >> >>Now I want to know just 2 things: >> >>First, how can I be sure that it all happened because of the awstats >>security flaw? > > > No way to be 100% certain, but examing your access log for funny calls > to your awstats cgi would be a good way to start. > Awstats has some known security holes, that permit to upload an execute binarys. > >>Second, how could I completely remove this Unix/Hacktop from my system >>(Linux RedHat9 k2.4) ? > > > Technically, this is impossible without a clean reinstall. The > hacker/cracker could have replaced anything and everything. He could > have replaced the "rm" binary so that it never deletes files that he > placed there. He could have replaced "ls" so it doesn't show those > files. He could have replaced iptables so that it allows in his IP no > matter what you configure. > > But since most hackers aren't that smart, you might have some luck if > you can figure out what root kit was used and undo the damage. But as > you mentioned, this isn't the best list to find help with that. > Not completely impossible.. but could get real hard. Anyways, as Joshua pointed. Most "hackers" (so called by themselves.. when they are really more like a "script kiddie") arent that smart. So, you could try to search for problems using standar rpm utility (rpm -VVV procps fileutils rpm perl util-linux , etc) and find replaced rpm's. Do a port scan.. etc. If you are not that familiar with sanitizing a compromised machine, your best chance, is reinstalling the system. good luck ;) - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache + AWSTATS = Vulnerability????
On 7/14/05, Anderson Miranda <[EMAIL PROTECTED]> wrote: > Kk, here is what I've got so far: > > My system seems to be infected by some kind of trojan/worm/virus called > Unix/Hacktop, wich does (for what I'm seeing) some kind of scanport via > ssh (22). > I found some related info saying that the intruder could be using a > security flaw from AWSTATS + Apache to get a valid root bash session > over port 80. > > Now the intruder created a few files, infected some others and is using > this scanport. I stopped the scanport by blocking the output of ssh in > my iptables and could be able to erase some virus related files. > > Now I want to know just 2 things: > > First, how can I be sure that it all happened because of the awstats > security flaw? No way to be 100% certain, but examing your access log for funny calls to your awstats cgi would be a good way to start. > Second, how could I completely remove this Unix/Hacktop from my system > (Linux RedHat9 k2.4) ? Technically, this is impossible without a clean reinstall. The hacker/cracker could have replaced anything and everything. He could have replaced the "rm" binary so that it never deletes files that he placed there. He could have replaced "ls" so it doesn't show those files. He could have replaced iptables so that it allows in his IP no matter what you configure. But since most hackers aren't that smart, you might have some luck if you can figure out what root kit was used and undo the damage. But as you mentioned, this isn't the best list to find help with that. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Apache + AWSTATS = Vulnerability????
Kk, here is what I've got so far: My system seems to be infected by some kind of trojan/worm/virus called Unix/Hacktop, wich does (for what I'm seeing) some kind of scanport via ssh (22). I found some related info saying that the intruder could be using a security flaw from AWSTATS + Apache to get a valid root bash session over port 80. Now the intruder created a few files, infected some others and is using this scanport. I stopped the scanport by blocking the output of ssh in my iptables and could be able to erase some virus related files. Now I want to know just 2 things: First, how can I be sure that it all happened because of the awstats security flaw? Second, how could I completely remove this Unix/Hacktop from my system (Linux RedHat9 k2.4) ? PS: I know that the second question doesn't have nothing to do with the httpd list at all, but if someone could plz help me, I would be really thankful! :) Best Regards, Anderson - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache trying to find .htaccess on VirtualHost's DocumentRoot
On 7/14/05, Dan Lyons <[EMAIL PROTECTED]> wrote: > > We have Apache running on a win2k server, with a mapped drive to a directory > on a Sun server(also running Apache). Using VirtualHost, we have made the > mapped drive our document root to the network shared drive: > > > ServerAdmin [EMAIL PROTECTED] > DocumentRoot H: > ServerName ourDNSname > >AllowOverride None >order allow,deny >allow from all > > > > However, whenever we go to http://ourDNSname/anydirectory we get a > 403-Forbidden error. In error.log I get the error: > > [crit] [client ipaddress] (22)Invalid Argument: h:/.htaccess > pcfg_openfile: unable to check htaccess file, ensure it is readable > > I am a novice where Apache and configuring httpd.conf is concerned, but I > was under the impression that "AllowOverride None" would cause Apache to not > look for .htaccess, which in any case is not there. Can anyone recommend > any solution to keep Apache from looking for a .htaccess file? Your base assumption is correct. Apache won't check for .htaccess when AllowOverride is none. I'm not sure what the exact problem here is, but as a first guess I would use forward-slashes instead of back-slashes in all pathnames: H:/. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] LDAP Authorization with Active Directory
With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the [EMAIL PROTECTED] I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN [EMAIL PROTECTED] AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user > -Original Message- > From: Jeremy Weiland [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > __ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] LDAP Authorization with Active Directory
Hi, I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based on Active Directory settings. I've got an LDAP browser on my computer and can connect to the Win2k3 server perfectly, but for some reason when I authenticate over the website it brings Apache down with an error in wldap32.dll. I have NO idea what's going on - any clue? Say the word and I'll provide more details. Here's my directory settings in httpd.conf: Options All ExecCGI -Indexes Order allow,deny Allow from all AuthLDAPAuthoritative on AuthType Basic AuthName "Restricted Area" AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com AuthLDAPBindPassword xx #tried the both the string below and the one below that # AuthLDAPURL ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(object Class=*) AuthLDAPURL ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(object Class=User) require valid-user Thanks - I'm kind of a newbie to Apache but I just got thrown into this, and I've been scouring the web like crazy for tips. Posting here is a last resort, and I do appreciate the help. __ Jeremy Weiland Systems Engineer ALTERthought 4449 Cox Road Glen Allen, VA 23060 www.alterthought.com - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache trying to find .htaccess on VirtualHost's DocumentRoot
Dan, I haven't stopped to research any of this, but some shots in the dark: Are you sure the problem isn't that Apache can't find H:, not that it just can't find .htaccess? I have to say I don't like the look of a path in httpd.conf of just "H:" without slashes. Even if that's okay, it could be that the apache user can't read the mounted drive for some reason (usually permissions). By the way, in terms of httpd.conf syntax, I believe paths are expressed with forward slashes, regardless of OS, so I also don't like the looks of "H:\" in your Directory block. But maybe I'm just in a mood where I don't like anything that looks Microsoft-y. ;) -- Craig Dunigan IS Technical Services Specialist (I don't know what it means, either) Middleware - Enterprise Info Systems - Department of Info Technology University of Wisconsin, Madison opinions expressed are my own, not the University's On Thu, 14 Jul 2005, Dan Lyons wrote: > We have Apache running on a win2k server, with a mapped drive to a > directory on a Sun server(also running Apache). Using VirtualHost, we > have made the mapped drive our document root to the network shared > drive: > > > ServerAdmin [EMAIL PROTECTED] > DocumentRoot H: > ServerName ourDNSname > >AllowOverride None >order allow,deny >allow from all > > > > However, whenever we go to http://ourDNSname/anydirectory we get a > 403-Forbidden error. In error.log I get the error: > > [crit] [client ipaddress] (22)Invalid Argument: > h:/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is > readable > > I am a novice where Apache and configuring httpd.conf is concerned, but > I was under the impression that "AllowOverride None" would cause Apache > to not look for .htaccess, which in any case is not there. Can anyone > recommend any solution to keep Apache from looking for a .htaccess > file? > > regards, > Daniel > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] zlib weirdness
So have have installed zlib version 1.2.2, then recompiled apache and php, but when I look at phpinfo.php from the web (aka apache 1.3.33) it tells me the following: ZLib Supportenabled Compiled Version1.2.2 Linked Version 1.2.1 I have checked the libphp4.so file in apache/libexec over and over, to make sure it was the newly compiled one. It is. The other thing I find interesting is here is the result of running the phpinfo.php file from the commandline (php phpinfo.php ZLib Support => enabled Compiled Version => 1.2.2 Linked Version => 1.2.2 Why would these two results be different? Any ideas on what is causing this apparent linked version when running through apache to be different than the compiled version? -- Preston Podaril [EMAIL PROTECTED] Network Administrator New Digital Group - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Starting Apache2 on Win2k as another user
Did you apply the "Log on as a service" right to apacheuser? -T - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Starting Apache2 on Win2k as another user
Stephen Cook wrote: I am trying to get Apache2 (v2.0.54) to run as a service on Windows 2000 as a specific user ("apacheuser", original name huh?), which only has rights to read and execute on Apache2 root directory, and full access to the logs directory. When I start the service as local user (when I am logged in as admin) it works fine, but when I change the service to log on as "apacheuser" it doesn't start. There is a message in the Event Viewer that says "The Apache2 service terminated with service-specific error 1." and another message that says "The Apache service named reported the following error: Apache.exe: could not open document config file bin/conf/httpd.conf . " I'm not even getting that far with 2.0.54 on Windows XPsp2. I can run apache from a console window with no problem, but when I try to start it as a service, either from the console or from ApacheMonitor or the Services menu, I get the "service-specific error 1" but no other messages! --DLM - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Apache trying to find .htaccess on VirtualHost's DocumentRoot
We have Apache running on a win2k server, with a mapped drive to a directory on a Sun server(also running Apache). Using VirtualHost, we have made the mapped drive our document root to the network shared drive: ourDNSname:80> ServerAdmin [EMAIL PROTECTED] DocumentRoot H: ServerName ourDNSname AllowOverride None order allow,deny allow from all However, whenever we go to http://ourDNSname/anydirectory we get a 403-Forbidden error. In error.log I get the error: [crit] [client ipaddress] (22)Invalid Argument: h:/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable I am a novice where Apache and configuring httpd.conf is concerned, but I was under the impression that "AllowOverride None" would cause Apache to not look for .htaccess, which in any case is not there. Can anyone recommend any solution to keep Apache from looking for a .htaccess file? regards, Daniel
Re: [users@httpd] Re: Alias not matching warning
* Kvetch <[EMAIL PROTECTED]> wrote: > Thanks Joshua. Do you know of a way to supress that warnging message? It > will take me some time to clean up all the overlapping Aliases so if I start > adding new virtual hosts I would still want to see any messages startup > would spit out and with the 100 odd warnings it makes it hard to see if > anything else scrolled by the screen. Sorry, no way except grep -v ;-) ...or fixing the real problems. They are typically caused by just configuring Aliases/ScriptAliases (or their *Match compagnions) in the wrong order. Aliases work by "first come, first serve". nd - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Handler added with AddHandler gets invoked when is not really an extension
On 7/13/05, dAniel hAhler <[EMAIL PROTECTED]> wrote: > Thank you, Joshua. After reading it, it makes sense. > > I've now used FilesMatch to force vi backups to not been shown unparsed with: > > > SetHandler php-fastcgi > > > > As a side note, it would make sense IMHO to add a note to the AddHandler > directive documentation about this. Well, then a note would need to be added to all the Add* directives, since they all behave the same way. Instead, we usually document these issues in common sections like the "Files With Multiple Extensions" section that I pointed you to. On an unrelated topic, why do you have the block? If the point is to protect against security violations by preventing unparsed php~ files being shown, then surely you would prefer the SetHandler to be present whether or not mod_fastcgi is loaded. Then if you accidentally forget to load mod_fastcgi, apache would generate an error rather than sending unparsed php. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Re: Alias not matching warning
Thanks Joshua. Do you know of a way to supress that warnging message? It will take me some time to clean up all the overlapping Aliases so if I start adding new virtual hosts I would still want to see any messages startup would spit out and with the 100 odd warnings it makes it hard to see if anything else scrolled by the screen. Thanks,NickOn 7/13/05, Joshua Slive <[EMAIL PROTECTED]> wrote: On 7/13/05, Kvetch <[EMAIL PROTECTED]> wrote:> I tested it on Apache2.0.49 and it does allow me to use the same Alias for> mutlple virtual hosts that point to different locations. So is this new in > 2.0.54?>> On 7/13/05, Kvetch <[EMAIL PROTECTED]> wrote:> > Hello, I just upgraded from Apache 2.0.49 to Apache 2.0.54. I have a ton> of virtual hosts in my conf and now when I start Apache I get a million > warning messages stating> > [warn] The Alias directive in> /usr/local/apache2.0.54/conf/httpd.conf at line 3267 will> probably never match because it overlaps an earlier Alias.> > > > My questions are - is this warning new because I can put my 2.0.49 conf in> the 2.0.54 install and still get the warnings. Did these overlapping> Aliases ever work? I am guessing they did not but Apache 2.0.49 didn't warn> me about it. Is this a new warning in the 2.05x versions? Is there a way> to get an overlapping Alias to work in a VHost with a different domain name?> If I have domain A with an Alias /test to /01/test1 and then domain B with > an Alias /test /01/test2, does domain B's Alias to /test go to /01/test?Yes, the warning is new but the behavior of the Alias has not changed. But this warning should not be triggered for overlapping aliases in different vhosts. It is only when the Aliases overlap in the samecontext.Joshua.
RE: [users@httpd] Starting Apache2 on Win2k as another user
I would get filemon from sysinternals site and use to see which "Access Denied" error messages you get for that user and then give them rights to access them.Boyle Owen <[EMAIL PROTECTED]> wrote: > -Original Message-> From: Stephen Cook [mailto:[EMAIL PROTECTED]> Sent: Donnerstag, 14. Juli 2005 12:56> To: apache list> Subject: [EMAIL PROTECTED] Starting Apache2 on Win2k as another user> > > I am trying to get Apache2 (v2.0.54) to run as a service on > Windows 2000 > as a specific user ("apacheuser", original name huh?), which only has > rights to read and execute on Apache2 root directory, and > full access to > the logs directory.> > When I start the service as local user (when I am logged in > as admin) it > works fine, but when I change the service to log on as > "apacheuser" it > doesn't start. There is a message in the Event Viewer that says "The > Apache2 service terminated with service-specific error 1." > and anothe r > message that says "The Apache service named reported the following > error: Apache.exe: could not open document config file > bin/conf/httpd.conf . "Are you sure that's a windows path name? Doesn't win32 usually use paths like C:\Program Files\Apache and so on?Alternatively, it could be that the bit of the path you don't see is user-defined and it works as admin because admin has a bin/conf/httpd.conf but apacheuser doesn't..However, I'm no windows guru...Rgds,Owen BoyleDisclaimer: Any disclaimer attached to this message may be ignored. > > This is from the standard Windows Installer install for > version 2.0.54, > I have no idea why it would look for the configuration file in > "bin/conf/" instead of just "conf/" (and copying the conf > directory into > bin doesn't help at all, so I wonder if that is the real problem).> > Doesn anyone have any id ea what could be wrong? Is there some other > information you'd need?> > Thanks in advance for any advice.> > -- Stephen> > -> The official User-To-User support forum of the Apache HTTP > Server Project.> See for more info.> To unsubscribe, e-mail: [EMAIL PROTECTED]> " from the digest: [EMAIL PROTECTED]> For additional commands, e-mail: [EMAIL PROTECTED]> > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX.This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.-The official User-To-User support for um of the Apache HTTP Server Project.See for more info.To unsubscribe, e-mail: [EMAIL PROTECTED]" from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED] How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos. Get Yahoo! Photos
RE: [users@httpd] Starting Apache2 on Win2k as another user
> -Original Message- > From: Stephen Cook [mailto:[EMAIL PROTECTED] > Sent: Donnerstag, 14. Juli 2005 12:56 > To: apache list > Subject: [EMAIL PROTECTED] Starting Apache2 on Win2k as another user > > > I am trying to get Apache2 (v2.0.54) to run as a service on > Windows 2000 > as a specific user ("apacheuser", original name huh?), which only has > rights to read and execute on Apache2 root directory, and > full access to > the logs directory. > > When I start the service as local user (when I am logged in > as admin) it > works fine, but when I change the service to log on as > "apacheuser" it > doesn't start. There is a message in the Event Viewer that says "The > Apache2 service terminated with service-specific error 1." > and another > message that says "The Apache service named reported the following > error: Apache.exe: could not open document config file > bin/conf/httpd.conf . " Are you sure that's a windows path name? Doesn't win32 usually use paths like C:\Program Files\Apache and so on? Alternatively, it could be that the bit of the path you don't see is user-defined and it works as admin because admin has a bin/conf/httpd.conf but apacheuser doesn't.. However, I'm no windows guru... Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > This is from the standard Windows Installer install for > version 2.0.54, > I have no idea why it would look for the configuration file in > "bin/conf/" instead of just "conf/" (and copying the conf > directory into > bin doesn't help at all, so I wonder if that is the real problem). > > Doesn anyone have any idea what could be wrong? Is there some other > information you'd need? > > Thanks in advance for any advice. > > -- Stephen > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] .phps extension with mod_fastcgi
it's a PHP thing. add: # display formatted, syntax hilighted php source code AddType application/x-httpd-php-source .phps to httpd.conf and restart the server On 7/13/05, dAniel hAhler <[EMAIL PROTECTED]> wrote: > Hi, > > is the handling of .phps extensions (probably as text/html, with syntax > coloured php source code) a feature of mod_php only or can I activate/use it > with mod_fastcgi (+PHP) also? > > Thank you. > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Starting Apache2 on Win2k as another user
I am trying to get Apache2 (v2.0.54) to run as a service on Windows 2000 as a specific user ("apacheuser", original name huh?), which only has rights to read and execute on Apache2 root directory, and full access to the logs directory. When I start the service as local user (when I am logged in as admin) it works fine, but when I change the service to log on as "apacheuser" it doesn't start. There is a message in the Event Viewer that says "The Apache2 service terminated with service-specific error 1." and another message that says "The Apache service named reported the following error: Apache.exe: could not open document config file bin/conf/httpd.conf . " This is from the standard Windows Installer install for version 2.0.54, I have no idea why it would look for the configuration file in "bin/conf/" instead of just "conf/" (and copying the conf directory into bin doesn't help at all, so I wonder if that is the real problem). Doesn anyone have any idea what could be wrong? Is there some other information you'd need? Thanks in advance for any advice. -- Stephen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]