[EMAIL PROTECTED] limiting log files' size
Hi guys :) I was searching the documentation for a while for some way to get my httpd-access.log limited by size but I didn't found anything... is there a way to limit my log files by size ? for example when the log file reaches 100Mbytes to stop growing and evry new line to overwrites the oldest apache2.2.2 FreeBSD 6.1 RELEASE thank you :) - http://ide.li/ - портал за българите по света. Статии, новини, форуми, снимки, информация. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: RPC over HTTP through mod_proxy
Paul, Paul Freeman schrieb: There are already workarounds in apache and squid for certain non-compliant behaviour of various browsers. Perhaps this is another case (although it is a bit more fundamental given we are dealing with a protocol). There may even be a solution using current settings available in apache. Actually, I was hoping for something like that when I wrote to the list. :-} I'll probably open a bug ticket for this. Hans -- Hans Maurer[EMAIL PROTECTED] "You have chronic Mahjobbis Crappus" - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DirectoryIndex, DirectorySlash and mod_dav?
Joshua Slive wrote: > What are you trying to accomplish? As I said, activating DAV without > any DAV methods doesn't make any sense. I was trying to see if I could give my users a public_html directory within their DAV shares. > In addition, the use of "Dav UserDir" implies you are using some > special dav module. That option is not available in the standard > install as far as I know. Perhaps this special module is broken. Well, I wrote it, so it's very likely broken :) OTOH, it works just fine for regular DAV traffic. >From looking at the mod_dir docs, I assumed that the "/" -> index.html >translation happens before the request is given to the provider. If that's not >the case, what does a provider have to return to get mod_dir to translate the >request? Or is this handled in mod_dav itself? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: RPC over HTTP through mod_proxy
Hans Maurer red.roses.de> writes: > > Hi, > > > Actually, my theory is more along the line that the basic design of RPC over > HTTP is broken. It's extremely sensitive to any kind of delay or buffering > on intermediary servers, and apache does exactly that (RFC compliant, > nevertheless). However, I still think it should be able to be done as Squid can do it. Squid and apache are obviously doing the reverse proxying slightly differently. It would be interesting to know why one works and the other doesn't (at least not reliably) and whether there is anything that can be done to get it to work on apache and still maintain compliance with the relevant RFC's. There are already workarounds in apache and squid for certain non-compliant behaviour of various browsers. Perhaps this is another case (although it is a bit more fundamental given we are dealing with a protocol). There may even be a solution using current settings available in apache. I guess it depends on what the actual problem is (I certainly do not have the skill set to diagnose it) and then whether the solution is difficult or worthwhile to implement. > > > Do you use basic or ntlm authentication in the outlook settings? I > > suppose basic ? > > I'm using basic authentication. I am also using basic authentication. As far as I know NTLM is not friendly with proxy servers. > > Best regards, >Hans > Regards Paul - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Applying a universal rewrite
On Mon, 10 Jul 2006 17:14, Boyle Owen wrote: Thanks for your response. I have some success now, although it took a fight and there's still a problem with the location of my rewrite code. For background I'll put up the geoip.conf include file contents: GeoIPEnable On GeoIPDBFile /usr/local/share/GeoIP/GeoIP.dat MemoryCache GeoIPOutput All # default country must be australia # TODO: improve this to care only if it seems to be a local net address SetEnvIf GEOIP_COUNTRY_CODE ^$ GEOIP_COUNTRY_CODE=AU SetEnvIf GEOIP_COUNTRY_CODE ^--$ GEOIP_COUNTRY_CODE=AU # actual list includes more bad countries SetEnvIf GEOIP_COUNTRY_CODE ^(CN|HK|JP|KR|RU)$ BlockCountry Straight away there's a problem that I have tried unsuccessfully to solve with the extra SetEnvIf. If you are on a local subnet (ie 10. or 192.168.) then the GeoIP module can't nominate a country. It seems to return -- as the country code in that case. (Or an empty string; the output from phpinfo() shows the variable as -- but I'm suspicious) However the SetEnvIf does not seem capable of rewriting that variable, even though a plain SetEnv can. Am I trying to override the variable's value incorrectly, or match the value incorrectly? > > Rewrites don't appear to work outside of Location > > blocks, and unless I'm doing something wrong, it > > doesn't work in the block either. > > You're doing something wrong. Rewrites will work at any level (check the > "Context" line in > http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule). Yup - i see that in the doco, but unless I have the rewrites in the block, it is not triggering. I have tried it up near the include of the conf.d/geoip.conf file, or at the end of the file, but it definitely didn't work until it went inside the block. Here's my rewrite rules which might shed some light: RewriteEngine on RewriteBase / RewriteCond %{ENV:BlockCountry} 1 RewriteRule .* http://nastysite/ [L,R=301] Options FollowSymLinks AllowOverride None Order Allow,Deny Allow from all Oh, the error_log was showing a complaint that "without Options FollowSymlinks", it says it "implies that rewrites are not allowed", so I had to add the option. > Otherwise, you need to debug the rewrite logic - switch on rewrite > logging to see what it's doing. Even that yielded no output even at level 9 until I got the thing in a place that made it function. I guess it's time to point out that I'm using 2.0.54 on RedHat FC4 Still, it's now working successfully so that my access and error logs are down to a far more pleasant size, including the nightly LogWatch email. Got to be happy with that, and I like to think that stupid little script kiddies in chinese schools are now viewing appalling images that would probably get them locked in a Gulag. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DirectoryIndex, DirectorySlash and mod_dav?
On 7/11/06, Brandon Fosdick <[EMAIL PROTECTED]> wrote: Joshua Slive wrote: > Show us the config and log entries. In general, activating DAV for a > directory shouldn't change anything about GET/HEAD requests. This is the relevant bit from httpd.conf --- #Serve account public_html directories DirectoryIndex index.html Order allow,deny Deny from all Allow from all Dav UserDir --- Relevant line from httpd-access.log --- 192.168.0.5 - - [11/Jul/2006:18:31:24 -0700] "GET /~1000/ HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.0.4) Gecko/20060605 Firefox/1.5.0.4" What are you trying to accomplish? As I said, activating DAV without any DAV methods doesn't make any sense. In addition, the use of "Dav UserDir" implies you are using some special dav module. That option is not available in the standard install as far as I know. Perhaps this special module is broken. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DirectoryIndex, DirectorySlash and mod_dav?
Joshua Slive wrote: > Show us the config and log entries. In general, activating DAV for a > directory shouldn't change anything about GET/HEAD requests. This is the relevant bit from httpd.conf --- #Serve account public_html directories DirectoryIndex index.html Order allow,deny Deny from all Allow from all Dav UserDir --- Relevant line from httpd-access.log --- 192.168.0.5 - - [11/Jul/2006:18:31:24 -0700] "GET /~1000/ HTTP/1.1" 200 - "-" "Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.0.4) Gecko/20060605 Firefox/1.5.0.4" --- My own trace log generated by the repo module, in case it makes any sense. --- > 0 src/repository.cc:33 get_resource ( GET '/~1000/' ) |> 1 src/resource.h:101 resource_t ||> 2 src/resource.h:54 init ( /~1000/ ) ||< 2 src/resource.h:54 init ||> 2 src/serverconfig.h:174 get_resource ( public_html ) ||< 2 src/serverconfig.h:174 get_resource |< 1 src/resource.h:101 resource_t < 0 src/repository.cc:33 get_resource > 0 src/repository.cc:214 set_headers ( /~1000/ ) |> 1 src/repository.cc:431 getetag ( /~1000/ ) |< 1 src/repository.cc:431 getetag < 0 src/repository.cc:214 set_headers > 0 src/repository.cc:244 deliver ( /~1000/ ) < 0 src/repository.cc:244 deliver --- - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite and mod_cache
Vincent Bray wrote: I have an httpd config with a rewrite rule with a proxy; RewriteRule ^/path1/(.*) http://localhost:8080/path2$1 [P] Why use rewrite for this? ProxyPass & ProxyPassReverse would be better. Ah. I see, for some reason I didn't think mod_proxy would handle the mapping which simplfies things nicely. and a disk cache like so; CacheRoot /tmp/cache CacheSize 32768 CacheEnable disk / Now my index page "index.html" gets cached, but nothing that is handled by the rewrite rule below path1 or path2. I find "LogLevel debug" very helpful in determining why mod_cache isn't doing it's thing. Thanks, the rewrite urls were being caught by a mem_cache earlier in the config. Thanks again. Tom noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: [EMAIL PROTECTED] spamassassin
thank you will do. best regards mike roland > -Ursprüngliche Nachricht- > Von: Pid [mailto:[EMAIL PROTECTED] > Gesendet: Dienstag, 11. Juli 2006 23:14 > An: users@httpd.apache.org > Betreff: Re: [EMAIL PROTECTED] spamassassin > > > you would probably want the spamassassin mailing list for that, rather > than the httpd list. > > try here: > http://wiki.apache.org/spamassassin/MailingLists > > > > Mididoc Productions wrote: > > Hello, > > > > my name is mike roland. > > i'm not a unix expert. > > > > we have a vps server with for virtual host domains. > > everything is working fine so far: > > the webs are accessible the mails can be sent and received. > > > > but we want to install a blacklist to refuse emails from certain > > email-addresses for the whole server, say one list for the whole server. > > > > so we proceeded like in the spamassassin manual and edited the file: > > /usr/local/etc/mail/spamassassin/local.cf > > > > we inserted a blacklist entry: blacklist_from [EMAIL PROTECTED] > > > > we have also rebooted the server, but it is not working. > > emails from the address: [EMAIL PROTECTED] are stil beeing received. > > > > could anybody please help us setting the blacklist? > > > > thank you > > > > best regards > > > > mike roland > > > > > > - > > The official User-To-User support forum of the Apache HTTP > Server Project. > > See http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: [EMAIL PROTECTED] > >" from the digest: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] How to unsubscribe?
On 7/11/06, David Zhao <[EMAIL PROTECTED]> wrote: Hi there, How do I unsubscribe from this list, sending emails to [EMAIL PROTECTED] is not working. Thanks very much! Likely because you are subscribed to the main list, not the digest list. Try: [EMAIL PROTECTED] See: http://httpd.apache.org/userslist.html Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] spamassassin
you would probably want the spamassassin mailing list for that, rather than the httpd list. try here: http://wiki.apache.org/spamassassin/MailingLists Mididoc Productions wrote: > Hello, > > my name is mike roland. > i'm not a unix expert. > > we have a vps server with for virtual host domains. > everything is working fine so far: > the webs are accessible the mails can be sent and received. > > but we want to install a blacklist to refuse emails from certain > email-addresses for the whole server, say one list for the whole server. > > so we proceeded like in the spamassassin manual and edited the file: > /usr/local/etc/mail/spamassassin/local.cf > > we inserted a blacklist entry: blacklist_from [EMAIL PROTECTED] > > we have also rebooted the server, but it is not working. > emails from the address: [EMAIL PROTECTED] are stil beeing received. > > could anybody please help us setting the blacklist? > > thank you > > best regards > > mike roland > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] spamassassin
On 7/11/06, Mididoc Productions <[EMAIL PROTECTED]> wrote: Hello, my name is mike roland. i'm not a unix expert. we have a vps server with for virtual host domains. everything is working fine so far: the webs are accessible the mails can be sent and received. but we want to install a blacklist to refuse emails from certain email-addresses for the whole server, say one list for the whole server. so we proceeded like in the spamassassin manual and edited the file: /usr/local/etc/mail/spamassassin/local.cf we inserted a blacklist entry: blacklist_from [EMAIL PROTECTED] we have also rebooted the server, but it is not working. emails from the address: [EMAIL PROTECTED] are stil beeing received. could anybody please help us setting the blacklist? You're on the wrong list. Head over to http://spamassassin.apache.org/ Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DirectoryIndex, DirectorySlash and mod_dav?
On 7/11/06, Brandon Fosdick <[EMAIL PROTECTED]> wrote: As a quick hack I tried enabling mod_dav on a location to see if it would act as a storage backend for regular page serving. That is, just to use it for GET and HEAD requests and none of the other DAV-related requests. For the most part it works, but for some reason DirectorySlash and DirectoryIndex don't work in this configuration. If I do http://example.com/mydir/ I get a blank page (no errors), however http://example.com/mydir/index.html works just fine. My trace log shows that the first request was handled as a request for the directory instead of a request for mydir/index.html, so I'm guessing the request wasn't redirected properly before being given to mod_dav. Any suggestions? Did I miss a directive somewhere? Or is this just un-doable? Show us the config and log entries. In general, activating DAV for a directory shouldn't change anything about GET/HEAD requests. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] How to unsubscribe?
Hi there,How do I unsubscribe from this list, sending emails to [EMAIL PROTECTED] is not working.Thanks very much!David
[EMAIL PROTECTED] Finding the origin server
Hello: This is my first message on the list so please bare with me... I have this situation where a site is giving me back a 302 response with a Location in violation of the HTTP protocol, like this HTTP/1.1 302 Found Location: Site/Main/missao.htm so i can't catch this with ProxyPassReverse. I was hoping to catch this using something like this: - set a env var with the site url - redirect to the url - if i catch a url not starting with http:// i append it to the env var and redirect it. I've done that but the env var allways come out empty. It seems it's life span is only the request, not between requests? So, how can i have some kind of env vars that life bewtween requests? Or alternativly, how can i find what's the origin server of that HTTP/1.1 302 Found, so i can append the relative url and redirect it back? I'm sorry if this is a stupid or basic (or both) question, but i'm new in this. Many thanks. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Problems with CGI
Hi, I am having some problems with Ruby CGI code. What I am trying to do is to use the Ruby WordNet Modules when working with some CGI programs. I need the CGI program to call a couple of functions defined in a different module. The CGI program seems to run fine when run from the command line (offline mode) but when run from a browser it does not load the WordNet modules. Could someone please help out with this. I am using wordnet 2.0 Ruby 1.8 apache2 and Suse 9 I could include the code but there is tons of it so I could include whatever may be needed ( not sure what that is as of now) Here is the Apache error log entry.[Wed Jul 12 01:35:49 2006] [error] [client 192.168.0.34] /usr/lib64/ruby/site_ruby/1.8/linguistics/en/wordnet.rb:117:in `wnL\exicon': WordNet functions are not loaded: No such file to load -- wordnet (NotImplementedError), referer: http://192.168.0.\34/cgi-bin/TextToTermsStart.rb?name=Harish&account=Account1&theme=Theme1Interestingly I get the same error when I ssh into the server from a windows machine (putty) and try to run the program from command line (although the program works when I run it from the server on command line) Also the program runs when I ssh into the server from another Linux machine. ( I have tried to access it through a browser from both windows and Linux and it does not work ) here is that error msg:suseserver2:/srv/www/cgi-bin # ruby extract_from_string.rb/usr/lib64/ruby/site_ruby/1.8/linguistics/en/wordnet.rb:117:in `wnLexicon': WordNet functions are not loaded: No such file to load -- wordnet (NotImplementedError) from /usr/lib64/ruby/site_ruby/1.8/linguistics/en/wordnet.rb:175:in `synsets' from {Autoloaded: /usr/lib64/ruby/site_ruby/1.8/linguistics.rb}:98:in `synsets' from /usr/lib64/ruby/site_ruby/1.8/linguistics.rb:98:in `call' from /usr/lib64/ruby/site_ruby/1.8/linguistics.rb:98:in `method_missing' from extract_from_string.rb:53:in `extractSyn' from extract_from_string.rb:87:in `extractPhrase' from extract_from_string.rb:211 I thought it had something to do with permissions and have tried changing them around. Then tried some things with the Apache config, but since the ssh is not working it looks like that is not the error. I am at a complete loss... is there some Wordnet stuff I need to preloadHarish
[EMAIL PROTECTED] spamassassin
Hello, my name is mike roland. i'm not a unix expert. we have a vps server with for virtual host domains. everything is working fine so far: the webs are accessible the mails can be sent and received. but we want to install a blacklist to refuse emails from certain email-addresses for the whole server, say one list for the whole server. so we proceeded like in the spamassassin manual and edited the file: /usr/local/etc/mail/spamassassin/local.cf we inserted a blacklist entry: blacklist_from [EMAIL PROTECTED] we have also rebooted the server, but it is not working. emails from the address: [EMAIL PROTECTED] are stil beeing received. could anybody please help us setting the blacklist? thank you best regards mike roland - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] CacheEnable and forward proxy
Still struggling on this one - can anyone help?If you don't feel like reading the entire thread: basically I want to limit caching to only forward proxy requests. It has been suggested that I just put 'CacheEnable disk /' in a virtual host that only does proxy. Although its a clean solution, it will not work for my situation. In my testing I have found that if I try caching all http:// proxy requests: (CacheEnable disk http://) I get no cache entries for any http proxy request. However if i explicitly put the protocol and the host ( CacheEnable disk http://www.apache.org/) and make the same proxy request to http://www.apache.org it does make cache entries. Shouldn't CacheEnable disk http:// satisfy http://www.apache.org?? I think this may be a bug.Also, if I want to cache every possible forward proxy request do I have to specify every protocol? (CacheEnable disk http:// , ftp://, https:// etc.). This seems like a sloppy way to do it (and at this point does not work). ThanksRyanOn 6/29/06, Joshua Slive <[EMAIL PROTECTED]> wrote: On 6/29/06, Ryan Pendergast <[EMAIL PROTECTED]> wrote:> Thanks thats a good idea. However do you know of a way to do it without> having to use a virtual host? I'm trying to just specify the protocols > (CacheEnable disk http://). If I do it like this (leave off the host name)> requests to http://www.apache.org/ don't make cache entries. However if i> explicitly put the protocol and the host (CacheEnable disk > http://www.apache.org/) and make the same proxy request to> http://www.apache.org it does make cache enties. Shouldnt CacheEnable disk > http:// satisfy http://www.apache.org??>> I know its not as clean as the virtual host but incase one of my customers> does not want to use vir. host. Thx Joshua. The docs imply that the protocol allone should be enough. I don'tknow beyond that.Joshua.-The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info.To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite and mod_cache
Hi, Couple of points.. On 7/11/06, Tom Hodder <[EMAIL PROTECTED]> wrote: Hi, I have an httpd config with a rewrite rule with a proxy; RewriteRule ^/path1/(.*) http://localhost:8080/path2$1 [P] Why use rewrite for this? ProxyPass & ProxyPassReverse would be better. and a disk cache like so; CacheRoot /tmp/cache CacheSize 32768 CacheEnable disk / Now my index page "index.html" gets cached, but nothing that is handled by the rewrite rule below path1 or path2. I find "LogLevel debug" very helpful in determining why mod_cache isn't doing it's thing. noodl - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] RE: proxy SSL question
> > Ellison , John P wrote: > > Hi. I was wondering if I can setup a reverse proxy using Apache and > > somehow have the origin server require a "client" certificate from the > > proxy server? I've been reading the docs about the directives, and it > > looks like the SSLProxyVerify directive will require the proxy to obtain > > a valid certificate from the origin. I need to have the origin verify > > the identity of the proxy server as well. > > Looks like you need SSLProxyMachineCertificateFile. It's the certificate > store that a reverse proxy will use to authenticate itself to remote > servers requiring client certificates. > > Joost Thanks. I completely missed that. JP - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: proxy SSL question
Ellison , John P wrote: > Hi. I was wondering if I can setup a reverse proxy using Apache and > somehow have the origin server require a "client" certificate from the > proxy server? I've been reading the docs about the directives, and it > looks like the SSLProxyVerify directive will require the proxy to obtain > a valid certificate from the origin. I need to have the origin verify > the identity of the proxy server as well. Looks like you need SSLProxyMachineCertificateFile. It's the certificate store that a reverse proxy will use to authenticate itself to remote servers requiring client certificates. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_rewrite and mod_cache
Hi, I have an httpd config with a rewrite rule with a proxy; RewriteRule ^/path1/(.*) http://localhost:8080/path2$1 [P] and a disk cache like so; CacheRoot /tmp/cache CacheSize 32768 CacheEnable disk / Now my index page "index.html" gets cached, but nothing that is handled by the rewrite rule below path1 or path2. Is there any way around this? My initial though was that mod_cache would write files, that because of the mod_rewrite rule would not be found. But at the moment I can't even get it to write a cache file. This is my response header from a file that is NOT cached, which I feel should be; Date: Tue, 11 Jul 2006 18:39:06 GMT Server: Apache/2.0.46 (Red Hat) Last-Modified: Thu, 15 Sep 2005 11:41:54 GMT Content-Length: 134 Content-Type: text/html; charset=UTF-8 Etag: "2805b-86-f6b20480" Accept-Ranges: bytes Connection: close 200 OK (the etag is always the same for this file) Cheers, Tom H - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] DirectoryIndex, DirectorySlash and mod_dav?
As a quick hack I tried enabling mod_dav on a location to see if it would act as a storage backend for regular page serving. That is, just to use it for GET and HEAD requests and none of the other DAV-related requests. For the most part it works, but for some reason DirectorySlash and DirectoryIndex don't work in this configuration. If I do http://example.com/mydir/ I get a blank page (no errors), however http://example.com/mydir/index.html works just fine. My trace log shows that the first request was handled as a request for the directory instead of a request for mydir/index.html, so I'm guessing the request wasn't redirected properly before being given to mod_dav. Any suggestions? Did I miss a directive somewhere? Or is this just un-doable? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Difficulty with LDAP / AD group authentication using mod_auth_ldap from muquit.com
I'd posted previously about some problems getting LDAP / AD authentication working from Win 2K3 and Apache 2.0.55; using the module from muquit.com solved the problem for individual users. However, I'm unable to get protected directories working by group - that is, I can either allow any user to access a directory, or none; I cannot seem to get AD group membership recognized. The page on muquit.com is unclear whether this should work, or exactly what the syntax should be. Lisa Gallardo had replied previously that she also has this setup working - Lisa, do you also have groups working? If so, would you mind posting or sending me a sample of a protected dir from your httpd.conf file? Thanks, Dan -- Dan Buettner - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] proxy SSL question
Hi. I was wondering if I can setup a reverse proxy using Apache and somehow have the origin server require a "client" certificate from the proxy server? I've been reading the docs about the directives, and it looks like the SSLProxyVerify directive will require the proxy to obtain a valid certificate from the origin. I need to have the origin verify the identity of the proxy server as well. Internet<->proxy<->origin Thanks, JP - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] (again) Can not define "default" name virtual host
> -Original Message- > From: Matus UHLAR - fantomas [mailto:[EMAIL PROTECTED] > > > > This is intended for some reason or another. In the source, the > > name is searched first (in order of appearance in conf > > file) and returns a match before ServerName/Alias is even tried. I would guess that the reason is to emulate the OSI model. The VH is defined by an IP address and port number, which are attributes of the TCP/IP layer. The ServerName is defined by a Host name, which is a header in the HTTP layer. The TCP/IP transport layer is more fundamental than the HTTP application layer so has to take precedence. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > There is even a comment in the source stating that "If this is a > > NameVirtualHost then we may not be doing the Right Thing". So you > > could argue a bug, but this goes all the way through to 2.2.2 so it > > will never be changed, heh. > > I always thought it's a bug ;) Of course the judgement is not on me. > > I guess, this functionality was created to make name-vhost > configurations > like this one: > > ### > NameVirtualHost "host1" > > > DocumentRoot /home/host1 > > > > DocumentRoot /home/host2 > > ### > > ...work, where "host1" and "host2" point to the same address, > e.g. to make the > move from ip-based to name-based vhosts a bit easier by > avoiding the need of > using ServerName/ServerAlias. But that's just my guess, based > on config file > I saw some time ago. > > > So, as previously stated, just always configure your VH with > > ServerName same as tag as the *first* one in the file. > > This will work fine. > > It won't work the desired way - as I said before, I want to > have virtual > hosts that only applies to non-existing names... > > > As for patching (not recommended), you could change > > ap_matches_request_vhost in http_vhost.c to run the matches_aliases > > before the VirtualHost name matches. > > Or possibly to remove the VirtualHost names match at all? Or > do it only if > no ServerName/ServerAlias is defined? Do you think that could break > anything? (my problem is that thhe check is done at all). > > ### However: > > I found out this dirty workaround: > > 1. put default.fantomas.sk to /etc/hosts: > > 196.168.3.66 fantomas.fantomas.skdefault.fantomas.sk > > (default.fantomas.sk is "virtual" name - it's designed not to > exist in DNS, > fantomas.fantomas.sk is main host name and for reverse > mapping it must be > the first, otherwise other apps may comply) > > 2. use "NameVirtualHost default.fantomas.sk" directive > 3. define virtualhosts on this fake host > > This way it works as desired, and it also works, if other hosts then > defauilt have "fantomas.fantomas.sk" or "195.168.3.66" in > , as > long as there is in NameVirtualHost with the same value. > > ### *This way it works > > NameVirtualHost default.fantomas.sk:80 > # and also > #NameVirtualHost fantomas.fantomas.sk:80 > > > ServerName default.fantomas.sk > DocumentRoot /home/webs/default.fantomas.sk > > > > # or also > # > ServerName fantomas.fantomas.sk > DocumentRoot /home/webs/fantomas.fantomas.sk > > > > # or also > # > ServerName 195.168.3.66 > DocumentRoot /home/webs/195.168.3.66 > > > ### END *This > > > Once recommended way - using * (even *:80) for > default.fantomas.sk, does NOT > work, virtual host "default.nextra.sk" will never get > matched. That way > fantomas.fantomas.sk and 195.168.3.66 match, and the default > is the first > one of them. > > Note I want these hosts only at _one_ IP address, so using > "*" for _all_ > hosts is not possible. > > ### *This does NOT work > > NameVirtualHost *:80 > > > ServerName default.fantomas.sk > DocumentRoot /home/webs/default.fantomas.sk > > > NameVirtualHost 195.168.3.66:80 > > > ServerName 195.168.3.66 > DocumentRoot /home/webs/195.168.3.66 > > > > ServerName fantomas.fantomas.sk > DocumentRoot /home/webs/fantomas.fantomas.sk > > > ### END *This > > Well, At least I know how to workaround this issue. I will > post comments to > bug 39910... > > -- > Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > Fucking windows! Bring Bill Gates! (Southpark the movie) > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or bu
Re: [EMAIL PROTECTED] (again) Can not define "default" name virtual host
> >On 27.06.06 14:31, Neil A. Hillard wrote: > >> No, the VirtualHost entry tells Apache _where to listen_ for the request > >> and nothing else. > On 6/27/06, Matus UHLAR - fantomas <[EMAIL PROTECTED]> wrote: > >That is, what docs says and how I understand it. On 29.06.06 18:04, Brian Rectanus wrote: > I was curious as well as to *why* this is the way it is, so I looked > in the source... > > This is intended for some reason or another. In the source, the > name is searched first (in order of appearance in conf > file) and returns a match before ServerName/Alias is even tried. > There is even a comment in the source stating that "If this is a > NameVirtualHost then we may not be doing the Right Thing". So you > could argue a bug, but this goes all the way through to 2.2.2 so it > will never be changed, heh. I always thought it's a bug ;) Of course the judgement is not on me. I guess, this functionality was created to make name-vhost configurations like this one: ### NameVirtualHost "host1" DocumentRoot /home/host1 DocumentRoot /home/host2 ### ...work, where "host1" and "host2" point to the same address, e.g. to make the move from ip-based to name-based vhosts a bit easier by avoiding the need of using ServerName/ServerAlias. But that's just my guess, based on config file I saw some time ago. > So, as previously stated, just always configure your VH with > ServerName same as tag as the *first* one in the file. > This will work fine. It won't work the desired way - as I said before, I want to have virtual hosts that only applies to non-existing names... > As for patching (not recommended), you could change > ap_matches_request_vhost in http_vhost.c to run the matches_aliases > before the VirtualHost name matches. Or possibly to remove the VirtualHost names match at all? Or do it only if no ServerName/ServerAlias is defined? Do you think that could break anything? (my problem is that thhe check is done at all). ### However: I found out this dirty workaround: 1. put default.fantomas.sk to /etc/hosts: 196.168.3.66fantomas.fantomas.skdefault.fantomas.sk (default.fantomas.sk is "virtual" name - it's designed not to exist in DNS, fantomas.fantomas.sk is main host name and for reverse mapping it must be the first, otherwise other apps may comply) 2. use "NameVirtualHost default.fantomas.sk" directive 3. define virtualhosts on this fake host This way it works as desired, and it also works, if other hosts then defauilt have "fantomas.fantomas.sk" or "195.168.3.66" in , as long as there is in NameVirtualHost with the same value. ### *This way it works NameVirtualHost default.fantomas.sk:80 # and also #NameVirtualHost fantomas.fantomas.sk:80 ServerName default.fantomas.sk DocumentRoot /home/webs/default.fantomas.sk # or also # ServerName fantomas.fantomas.sk DocumentRoot /home/webs/fantomas.fantomas.sk # or also # ServerName 195.168.3.66 DocumentRoot /home/webs/195.168.3.66 ### END *This Once recommended way - using * (even *:80) for default.fantomas.sk, does NOT work, virtual host "default.nextra.sk" will never get matched. That way fantomas.fantomas.sk and 195.168.3.66 match, and the default is the first one of them. Note I want these hosts only at _one_ IP address, so using "*" for _all_ hosts is not possible. ### *This does NOT work NameVirtualHost *:80 ServerName default.fantomas.sk DocumentRoot /home/webs/default.fantomas.sk NameVirtualHost 195.168.3.66:80 ServerName 195.168.3.66 DocumentRoot /home/webs/195.168.3.66 ServerName fantomas.fantomas.sk DocumentRoot /home/webs/fantomas.fantomas.sk ### END *This Well, At least I know how to workaround this issue. I will post comments to bug 39910... -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie) - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Fwd: Re: [EMAIL PROTECTED] configuration question from an Apache newbie
On 7/11/06, Rob Wilkerson <[EMAIL PROTECTED]> wrote: Check your DirectoryIndex directive, too. I get this a lot when I forget to put in a file that I use. By default, Apache ships with index.html, for example, but not index.htm (which is what I use). Right you are. I found that and changed it. Thanks, Rob. I also happened across this comment and directive: # This should be changed to whatever you set DocumentRoot to. # Once I changed that and DirectoryIndex, everything worked right. Guess I better take the time to read httpd.conf from start to finish. Thanks for your reply too, Axel-Stéphane. :o) Chris Schulman On 7/10/06, Chris Schulman <[EMAIL PROTECTED]> wrote: Forgive me for asking a possibly very basic question. I'm good in a lot of technical areas, but I'm trying to get Apache working and it's my first time ever to install any kind of server. My server needs are simple, as I'm installing Apache for local use only; it will not be accessible through the Internet. I'm running WinXP SP2. I downloaded and installed the Apache 2.2.2 Win32 binary. The installation appeared successful; after I finished, I pointed my browser to http://127.0.0.1/, and received Apache's "It Works!" web page. I then opened httpd.conf and changed the DocumentRoot directive to: DocumentRoot "G:/tees" which is my development directory. (That directory contains index.htm and several other web pages.) But now, when I try to browse http://127.0.0.1/, I get the familiar "Forbidden: You don't have permission to access / on this server." I've checked everything I can think of related to permissions and security, and I don't know what the problem is. Any suggestions? Thanks in advance. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] configuration question from an Apache newbie
Check your DirectoryIndex directive, too. I get this a lot when I forget to put in a file that I use. By default, Apache ships with index.html, for example, but not index.htm (which is what I use). On 7/10/06, Chris Schulman <[EMAIL PROTECTED]> wrote: Forgive me for asking a possibly very basic question. I'm good in a lot of technical areas, but I'm trying to get Apache working and it's my first time ever to install any kind of server. My server needs are simple, as I'm installing Apache for local use only; it will not be accessible through the Internet. I'm running WinXP SP2. I downloaded and installed the Apache 2.2.2 Win32 binary. The installation appeared successful; after I finished, I pointed my browser to http://127.0.0.1/, and received Apache's "It Works!" web page. I then opened httpd.conf and changed the DocumentRoot directive to: DocumentRoot "G:/tees" which is my development directory. (That directory contains index.htm and several other web pages.) But now, when I try to browse http://127.0.0.1/, I get the familiar "Forbidden: You don't have permission to access / on this server." I've checked everything I can think of related to permissions and security, and I don't know what the problem is. Any suggestions? Thanks in advance. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Rob Wilkerson - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: RPC over HTTP through mod_proxy
Hi, Pieter Vanmeerbeek schrieb: I tried to create a setup similar to the one Paul did (with https on the internet and http on the secure lan). I couldn't get this working even on the 2.0.53, ie. owa and active sync works fine RPC does some strange things. If you wait a very long time ( more then5 minutes) it eventually gets a sync. Yes, I have to correct myself: It's not "working like a charm" in 2.0.53 (also 2.0.54), but it is actually somewhat working. It's not very stable, though. Since everything works from the lan and the reverse proxy works for owa, I suppose it has something to do with the ssl ofloading settings? Actually, my theory is more along the line that the basic design of RPC over HTTP is broken. It's extremely sensitive to any kind of delay or buffering on intermediary servers, and apache does exactly that (RFC compliant, nevertheless). Do you use basic or ntlm authentication in the outlook settings? I suppose basic ? I'm using basic authentication. Best regards, Hans -- Hans Maurer [EMAIL PROTECTED] "Es gibt keine guten Ziele in Afghanistan, und es gibt viele gute Ziele im Irak" - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Alternative sources of help
Hi all, since this list was not able to answer my question regarding the LDAP authentication module of Apache, could you recommend another source of help? Even if it is a commercial help provider... Kind Regards, Steffen Sobiech - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: RPC over HTTP through mod_proxy
Pieter Vanmeerbeek able.be> writes: > > Hi Paul and Hans, > > I tried to create a setup similar to the one Paul did (with https on the > internet and http on the secure lan). I couldn't get this working even > on the 2.0.53, ie. owa and active sync works fine RPC does some strange > things. If you wait a very long time ( more then5 minutes) it eventually > gets a sync.However using a port forwording this works immediatly. Do > you guys have the same timing problem or did I do something wrong? > Inspecting a tcpdump shows rpc errors, however it is not clear to me > what they mean. > Pieter Since my email I have now tried apache 2.0.53 and found a similar result to you. It works but takes a long time (5-10 minutes, although this seems to vary a lot) before outlook establishes a connection. On one occasion it connected in about 20 seconds but that only happened once:-( I think the problem stems from how mod_proxy is handling the rpc_in_data and rpc_out_data methods. I decided to try squid 2.6stable1 as an alternative to apache. I already had it compiled for use as a normal proxy so all I needed to do was set it up with a configuration as a https reverse proxy. I had come across some newsgroup postings where they talked about this a little so it only took me about 5 minutes to get it configured and what do you know - it works! It also works for OWA access. I have not tried outlook mobile access or active sync as I don't have the devices to try it out. My testing so far is across our local LAN but I see no reason why this will not work when coming in from the internet. It will just require some additional configuration to handle this case. If you would like more info, I can provide you with a very basic (insecure) squid.conf file that works. Regards Paul - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] configuration question from an Apache newbie
You probably need to modify the access rights of the associated Directory section accordingly. I am not familiar with Apache on Win XP but I guess you need something like Options MultiViews AllowOverride None Order allow,deny Allow from all -ascs -Original Message- From: Chris Schulman [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 11, 2006 5:38 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] configuration question from an Apache newbie Forgive me for asking a possibly very basic question. I'm good in a lot of technical areas, but I'm trying to get Apache working and it's my first time ever to install any kind of server. My server needs are simple, as I'm installing Apache for local use only; it will not be accessible through the Internet. I'm running WinXP SP2. I downloaded and installed the Apache 2.2.2 Win32 binary. The installation appeared successful; after I finished, I pointed my browser to http://127.0.0.1/, and received Apache's "It Works!" web page. I then opened httpd.conf and changed the DocumentRoot directive to: DocumentRoot "G:/tees" which is my development directory. (That directory contains index.htm and several other web pages.) But now, when I try to browse http://127.0.0.1/, I get the familiar "Forbidden: You don't have permission to access / on this server." I've checked everything I can think of related to permissions and security, and I don't know what the problem is. Any suggestions? Thanks in advance. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: RPC over HTTP through mod_proxy
Hi Paul and Hans, I tried to create a setup similar to the one Paul did (with https on the internet and http on the secure lan). I couldn't get this working even on the 2.0.53, ie. owa and active sync works fine RPC does some strange things. If you wait a very long time ( more then5 minutes) it eventually gets a sync.However using a port forwording this works immediatly. Do you guys have the same timing problem or did I do something wrong? Inspecting a tcpdump shows rpc errors, however it is not clear to me what they mean. Is there a way to do some troubleshooting on the RPC connection? How can I check my ssl offloading settings? The certificates are imported correctly as they are the same ones for the owa. My setup works fine if I try to make anr RPC over http(s) connection on the lan itself (checked with rpcdiagnostics in outlook). Since everything works from the lan and the reverse proxy works for owa, I suppose it has something to do with the ssl ofloading settings? Do you use basic or ntlm authentication in the outlook settings? I suppose basic ? kind regards, Pieter Paul Freeman wrote: Hans Maurer red.roses.de> writes: Hi, I'm trying to grant road warrior users access to our company Exchange server through RPC over HTTP. In my setup, an Apache 2.2.2 on a FreeBSD server in the DMZ should act as a proxy between the Internet and the IIS on on the Exchange server. The communication is SSL-encrypted in both directions (SSLEngine and SSLProxyEngine On). Unfortunately, the Outlook client just hangs when trying to access Exchange through the proxy. The Apache error log shows these messages: Hans Thanks for your email. I was beginning to think I had configured something incorrectly (still may have!) in trying to get rpc over http working to an exchange 2003 SP2 server:-) I have been able to get OWA access to work without problems and can connect via rpc over http over the local LAN to the exchange server also. However, I am experiencing exactly the same problem you describe when trying to use apache as the front end proxy. I have tried apache 2.0.54, 2.0.58 and 2.2.2 and they all behave the same way in relation to this problem. I had also noticed the very long content length in some ethereal packet dumps I did on the non-ssl connection between apache and the exchange server (my config is outlook client -> (ssl) -> apache -> (non-ssl) -> exchange) but I was not sure what it meant. I will be keen to see if anyone has worked out how to overcome this. For the moment, I will try apache 2.0.53, as you mentioned it does work in this configuration. Regards Paul - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- --- Able: 1996-2006: already 10 safe years in YOUR company! aXs GUARD has completed security and anti-virus checks on this e-mail (http://www.axsguard.com) --- Able NV: ond.nr 0457.938.087 RPR Mechelen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Re: problem with mod_rewrite rewiterule with [P](internal proxying)
Ooops. :-) -Original Message- From: Robert Ionescu [mailto:[EMAIL PROTECTED] Sent: Monday, July 10, 2006 11:52 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Re: problem with mod_rewrite rewiterule with [P](internal proxying) Axel-Stéphane SMORGRAV wrote: > What does that have to do with this particular problem Well, the answer is simple: I replied to the wrong thread... :-( -- Robert - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]