mod_ssl: HTTP und HTTPS gleichzeitig auf Port 443?
Hallo Liste, das Problem ist eigentlich mehr akademisch, ich wollte jemandem helfen, der mit seiner Apache-Config in das bekannte Problem mit nicht funktionierendem Name- VirtualHosting von mehreren SSL-fähigen VirtualHosts auf derselben IPnr:443 gestolpert ist (siehe http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2 ). Er berichtete mir nun aber, daß er per HTTP, also mit URIs wie http://host1.domain.tld:443/ http://host2.domain.tld:443/ jeweils den richtigen NameVirtualHost erreicht hat (was ich eigentlich auch nicht für möglich gehalten habe). Ich wollte das nachvollziehen und habe mir also mal einen Testserver aufgesetzt und mich ein wenig näher mit den nichtalltäglicheren mod_ssl-Direktiven auseinandergesetzt. Aus der puren Existenz von 'SSLRequireSSL' habe ich dann (etwas voreilig?) geschlossen, dass HTTP tatsächlich AUCH funktionieren könnte/sollte/müsste, solange die besagte Option nicht explizit im SSL-enabled VirtualHost steht. Hier ein Link zum Nachlesen: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslrequiressl Nunmehr wider Erwarten bekomme ich jedoch Error 400 / Bad request. Dann habe ich weiter 'rumprobiert und gehofft, dass man durch Herumschrauben an 'SSLCipherSuite' und/oder evtl. 'SSLHonorCipherOrder on' dahin kommen müsste, auch HTTP zu akzeptieren, nämlich durch Hinzufügen von ':NULL' oder auch 'SSLCipherSuite ALL:+NULL' oder ähnlich. Leider aber auch Fehlanzeige, immer noch Bad request. Und jetzt bin ich erst mal ratlos. Wo ist mein Denkfehler? Achso: besagter Jemand verwendet Apache 2.0 unter Linux, meine Testumgebung ist Apache 2.2.3 unter Win2K. Aber das sollte nicht den Unterschied ausmachen. Beste Wochenendgrüße Olaf Lautenschläger ANOVA Multimedia Studios GmbH, Rostock -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an [EMAIL PROTECTED] sonstige Anfragen an [EMAIL PROTECTED] --
[EMAIL PROTECTED] Mod re-write help
Hello,
I would like to know how to turn this URI
http://destinationsguide.info/catalogue/c51/c57?b_start=15
into something like
http://destinationsguide.info/catalogue/africa/eastern-africa.html
I am already using one rewrite into Zope, so I am not sure how to proceed.
VirtualHost *:80
ServerName destinationsguide.info
ServerAlias www.destinationsguide.info
RewriteEngine On
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
RewriteRule ^/(.*)
http://destinationsguide.info:15080/VirtualHostBase/http/destinationsguide.info:80/destinations/VirtualHostRoot/$1
[L,P]
Thanks
Norman
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
AW: [EMAIL PROTECTED] Problem using apache as a reverse proxy for https
-Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag If you don't want the proxy decrypting the traffic, then you don't want an HTTP proxy, you want a port-forwarder. Just tell your OS or firewall to forward port 443 on to the back-end server. But remember that a certificate is associated with a particular hostname, so you'll need to be careful to get that right. I think that port forwarding will not work, based on domain names (I have multiple domains pointing to the same IP address). I guess, I have to use properly configured certificates and decrypt/encrypt at the proxy... Thanks a lot, Frank - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] mod_access = mod_authz_host change
-Original Message- From: Bill Moseley [mailto:[EMAIL PROTECTED] Sent: Friday, December 15, 2006 7:14 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] mod_access = mod_authz_host change I have a httpd.conf file that runs on multiple machines -- where a different collection of modules are compiled in. So, I use IfModule to test if the module is loaded, and load if if needed. But, now I have one machine running 2.0.54 and another 2.2 so on one machine I need mod_access and the other mod_authz_host. Can I write httpd.conf to know which module to load so it will work on both versions? You want to run two different *versions* of apache, which take different directives, off the *same* config? As you've probably realised, the config file syntax does not support any dynamic assignment stuff - it's just a flat file. The only way you can do this is by generating the file at runtime with a script or preprocessor (m4/perl/python/whatever...) Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. Both machines are Debian, with Stable showing: $ /usr/sbin/apache2 -l Compiled in modules: core.c mod_access.c mod_auth.c mod_log_config.c mod_logio.c mod_env.c mod_setenvif.c prefork.c http_core.c mod_mime.c mod_status.c mod_autoindex.c mod_negotiation.c mod_dir.c mod_alias.c mod_so.c And on Sid: $ /usr/sbin/apache2 -l Compiled in modules: core.c mod_log_config.c mod_logio.c prefork.c http_core.c mod_so.c Frankly, that seems a bit sparse for me. Hard to imagine never needing Allow. -- Bill Moseley [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] re-writing URI's
Good point well made,
the current rules are as follows:
non-secure handler:
# =
# Rewrite to HTTPS Settings
# =
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteCond %{REQUEST_URI} !=/server-status
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
RewriteCond %{HTTP_HOST} !^www\.domain\.com [NC]
RewriteCond %{HTTP_HOST} !=
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteRule ^/(.*) http://www.domain.com:%{SERVER_PORT}/$1 [R=301,L]
Secure Virtual host:
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
The backend application catches the /home part and assesses whether the client
has already logged in and if not re-directs to /login which then returns the
URL/URI given in the original email further down this thread.
Hope that helps
Steve
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joshua
Slive
Sent: 14 December 2006 15:07
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] re-writing URI's
On 12/14/06, Foster, Stephen (ASPIRE) [EMAIL PROTECTED] wrote:
Hi there,
i'm having a bit of trouble getting a rewrite rule for a URI to work.
Basically i have the following scenario,
The user enters http://www.domain.com and this gets intercepted by another
API and the browser gets a URL sent back with a URI added including the
original URL of http://www.domain.com , my re-writing rules then re-write the
first part to secure, i.e https://www.domain.com but the URI stays non-secure
,e.g http://www.domain.com
so the outcome to the browser is:
https://www.domain.com/login?APPURI=http://www.domain.com/home
What i need to do when i re-write the first part to secure is also to
intercept the URI and re-write this to secure if it comes back as non-secure,
so i need the URL being sent back to the browser to appear as follows:
https://www.domain.com/login?APPURI=https://www.domain.com/home
I know i can use the RewriteCond %{REQUEST_URI} context but need to be able
to tell it to find http: and re-write this to https: wherever it appears
in the URI in case the developers change it without me knowing. However if
needs be then i can intercept APPURI=http: and rewrite this to
APPURI=https:
Does that make sense to anybody??
Sure, it should be a relatively straightforward regex with
substitution. But I'm not going to try to guess at your entire
config. Show us what you've got already and we can perhaps tell you
what to add.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
===
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please
update your address books.
===
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Enabling huge uploads
I got so fed up with having to search through the file included from httpd.conf that I wrote myself a little utility to generate a composite httpd.conf file containing all of the included files. I was quite amazed at how much extra stuff was being configured in my apache! On 14/12/06, Curby [EMAIL PROTECTED] wrote: On 12/14/06, Richard Lynch [EMAIL PROTECTED] wrote: On Thu, December 14, 2006 2:37 am, Curby wrote: I'm having trouble accepting large file uploads in Apache 2.0.46 (RHEL3). I've set LimitRequestBody 1074790400 I *think* Apache also has a separate Limit on the POST size... Search for that in your httpd.conf and http://apache.org directives. Whoops, sorry about all that. I stupidly forgot to search other configuration files for this directive. It was set in another confiiguration file. Changing the directive in the other place as well made everything work. Thanks! --Mike - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Mod re-write help
On 12/15/06, Norman Khine [EMAIL PROTECTED] wrote:
Hello,
I would like to know how to turn this URI
http://destinationsguide.info/catalogue/c51/c57?b_start=15
into something like
http://destinationsguide.info/catalogue/africa/eastern-africa.html
I am already using one rewrite into Zope, so I am not sure how to proceed.
VirtualHost *:80
ServerName destinationsguide.info
ServerAlias www.destinationsguide.info
RewriteEngine On
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
RewriteRule ^/(.*)
http://destinationsguide.info:15080/VirtualHostBase/http/destinationsguide.info:80/destinations/VirtualHostRoot/$1
[L,P]
The problem is a little under-specified. What do you mean by turn
into? Do you expect people to use the pretty url, and then you
will internally send them to Zope using the less-pretty one? Or do
you want to externally redirect between them so that people enter the
less-pretty url and then their browser location bar changes?
In addition, it is unclear how you expect the mapping between the two
urls to work in general. Do you have a list that maps one form to the
other?
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Mod re-write help
Joshua Slive wrote:
On 12/15/06, Norman Khine [EMAIL PROTECTED] wrote:
Hello,
I would like to know how to turn this URI
http://destinationsguide.info/catalogue/c51/c57?b_start=15
into something like
http://destinationsguide.info/catalogue/africa/eastern-africa.html
I am already using one rewrite into Zope, so I am not sure how to
proceed.
VirtualHost *:80
ServerName destinationsguide.info
ServerAlias www.destinationsguide.info
RewriteEngine On
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
RewriteRule ^/(.*)
http://destinationsguide.info:15080/VirtualHostBase/http/destinationsguide.info:80/destinations/VirtualHostRoot/$1
[L,P]
The problem is a little under-specified. What do you mean by turn
into? Do you expect people to use the pretty url, and then you
will internally send them to Zope using the less-pretty one? Or do
you want to externally redirect between them so that people enter the
less-pretty url and then their browser location bar changes?
In addition, it is unclear how you expect the mapping between the two
urls to work in general. Do you have a list that maps one form to the
other?
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server
Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi Joshua,
I wanted to make the URL's google /index engine search friendly -
whether this is possible, I am not sure ;(
My idea was to use the Page header and use this as the mapping, but I
can see the problem now...
Forget I asked...
By the way, how do I make this to work
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
When I uncomment the code the second RewriteRule is not taken into account
Cheers
Norman
--
Norman Khine
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Mod re-write help
Heya Norman,
this is a Zope problem, or even more of the Content Management System
(Plone, ZMS etc.) you use within Zope.
I had the same problem and it turned out that you have to have the logic
that maps between the pretty URLs and your object-ids within Zope.
You can not rely on Apache to solve that unless you want to maintain a
_huge_ list of rewrite rules.
Fortunately our CMS ZMS has such a logic which we're using now.
I think if you turn to the mailing list for your CMS you should have a
solution very quickly.
Cheers /Carsten
Carsten Germer Deutsches Elektronen Synchrotron (Web-Office, IT)
phone: +49-40-8998-1661Notkestr. 85
web: http://wof.desy.de22607 Hamburg
e-mail: [EMAIL PROTECTED] Germany
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Joshua Slive
Sent: Friday, December 15, 2006 2:53 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Mod re-write help
On 12/15/06, Norman Khine [EMAIL PROTECTED] wrote:
Hello,
I would like to know how to turn this URI
http://destinationsguide.info/catalogue/c51/c57?b_start=15
into something like
http://destinationsguide.info/catalogue/africa/eastern-africa.html
I am already using one rewrite into Zope, so I am not sure
how to proceed.
VirtualHost *:80
ServerName destinationsguide.info
ServerAlias www.destinationsguide.info
RewriteEngine On
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
RewriteRule ^/(.*)
http://destinationsguide.info:15080/VirtualHostBase/http/destin
ationsguide.info:80/destinations/VirtualHostRoot/$1
[L,P]
The problem is a little under-specified. What do you mean by turn
into? Do you expect people to use the pretty url, and then you
will internally send them to Zope using the less-pretty one? Or do
you want to externally redirect between them so that people enter the
less-pretty url and then their browser location bar changes?
In addition, it is unclear how you expect the mapping between the two
urls to work in general. Do you have a list that maps one form to the
other?
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server
Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Problem using apache as a reverse proxy for https
On 12/15/06, frank rittinger [EMAIL PROTECTED] wrote: -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag If you don't want the proxy decrypting the traffic, then you don't want an HTTP proxy, you want a port-forwarder. Just tell your OS or firewall to forward port 443 on to the back-end server. But remember that a certificate is associated with a particular hostname, so you'll need to be careful to get that right. I think that port forwarding will not work, based on domain names (I have multiple domains pointing to the same IP address). I guess, I have to use properly configured certificates and decrypt/encrypt at the proxy... Well, in general you can't have multiple names on the same IP address when vhosting SSL anyway, since there is no way for the correct certificate to be negotiated. So unless you are doing something very special, you're going to need to rethink the whole strategy. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Mod re-write help
Germer, Carsten wrote:
Heya Norman,
this is a Zope problem, or even more of the Content Management System
(Plone, ZMS etc.) you use within Zope.
I had the same problem and it turned out that you have to have the logic
that maps between the pretty URLs and your object-ids within Zope.
You can not rely on Apache to solve that unless you want to maintain a
_huge_ list of rewrite rules.
Fortunately our CMS ZMS has such a logic which we're using now.
I think if you turn to the mailing list for your CMS you should have a
solution very quickly.
Cheers /Carsten
Carsten Germer Deutsches Elektronen Synchrotron (Web-Office, IT)
phone: +49-40-8998-1661Notkestr. 85
web: http://wof.desy.de22607 Hamburg
e-mail: [EMAIL PROTECTED] Germany
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Joshua Slive
Sent: Friday, December 15, 2006 2:53 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Mod re-write help
On 12/15/06, Norman Khine [EMAIL PROTECTED] wrote:
Hello,
I would like to know how to turn this URI
http://destinationsguide.info/catalogue/c51/c57?b_start=15
into something like
http://destinationsguide.info/catalogue/africa/eastern-africa.html
I am already using one rewrite into Zope, so I am not sure
how to proceed.
VirtualHost *:80
ServerName destinationsguide.info
ServerAlias www.destinationsguide.info
RewriteEngine On
#RewriteCond %{HTTP_HOST} ^www\.destinationsguide\.info [nc]
#RewriteRule (.*) http://destinationsguide.info [R=301,C]
RewriteRule ^/(.*)
http://destinationsguide.info:15080/VirtualHostBase/http/destin
ationsguide.info:80/destinations/VirtualHostRoot/$1
[L,P]
The problem is a little under-specified. What do you mean by turn
into? Do you expect people to use the pretty url, and then you
will internally send them to Zope using the less-pretty one? Or do
you want to externally redirect between them so that people enter the
less-pretty url and then their browser location bar changes?
In addition, it is unclear how you expect the mapping between the two
urls to work in general. Do you have a list that maps one form to the
other?
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server
Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi Carsten,
Thanks for the advice, much appreciated. What is the logic with the ZMS
used to map this, is there an external python method? For now I am using
the Bizar Shop, as I will be linking this to a payment system, but maybe
will change, is still early.
By the way the http://www.zms-publishing.com seems cool, how do you
compare to Plone for example?
Cheers
Norman
--
Norman Khine
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] re-writing URI's
On 12/15/06, Foster, Stephen (ASPIRE) [EMAIL PROTECTED] wrote:
Good point well made,
the current rules are as follows:
non-secure handler:
# =
# Rewrite to HTTPS Settings
# =
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteCond %{REQUEST_URI} !=/server-status
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
RewriteCond %{HTTP_HOST} !^www\.domain\.com [NC]
RewriteCond %{HTTP_HOST} !=
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteRule ^/(.*) http://www.domain.com:%{SERVER_PORT}/$1 [R=301,L]
Secure Virtual host:
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
The backend application catches the /home part and assesses whether the client
has already logged in and if not re-directs to /login which then returns the
URL/URI given in the original email further down this thread.
Sorry, but I don't get it. You talked about a query string with
APPURI=http://www.domain.com/home getting added someplace. But I
don't see that above. If it is your application that is adding it,
then your application should be able to set the correct scheme.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re-writing cookie names?
Is there a way to use mod_rewrite in apache 1.3 to rename cookies? It looks like mod_rewrite will let me use cookies, but not change them. Any help would be appreciated. Thanks Marc - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] re-writing URI's
hi joshua,
sorry i should have been more specific. Its not actually our app but an
authentication plug-in and backend that changes the URI and then passes back to
the browser. There may be a bug in it that its capturing the incoming URL and
not able to re-write it to https before passing back. This is being
investigated by the provider but in the meantime i would like to re-write the
URI to the proper secure method.
does that make sense?
cheers
Steve
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joshua
Slive
Sent: 15 December 2006 14:19
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] re-writing URI's
On 12/15/06, Foster, Stephen (ASPIRE) [EMAIL PROTECTED] wrote:
Good point well made,
the current rules are as follows:
non-secure handler:
# =
# Rewrite to HTTPS Settings
# =
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteCond %{REQUEST_URI} !=/server-status
RewriteCond %{SERVER_PORT} !=443
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
RewriteCond %{HTTP_HOST} !^www\.domain\.com [NC]
RewriteCond %{HTTP_HOST} !=
RewriteCond %{REQUEST_URI} !=/heartbeat/heartbeat.htm
RewriteRule ^/(.*) http://www.domain.com:%{SERVER_PORT}/$1 [R=301,L]
Secure Virtual host:
RewriteRule ^/$ https://www.domain.com/home [R=301,L]
The backend application catches the /home part and assesses whether the
client has already logged in and if not re-directs to /login which then
returns the URL/URI given in the original email further down this thread.
Sorry, but I don't get it. You talked about a query string with
APPURI=http://www.domain.com/home getting added someplace. But I
don't see that above. If it is your application that is adding it,
then your application should be able to set the correct scheme.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
===
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please
update your address books.
===
-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Processes not yielding, and lockf
On 12/15/06, Kevin Jones [EMAIL PROTECTED] wrote: I used the server-status handler with extended status to see what was happening. I have also reduced the KeepAliveTimeout to 4 seconds. I placed session_write_close() within my scripts. Currently all 256 requests (that is MaxClients) are being processed. Every single one of them is stuck on Sending Reply. Ok. So my guess about KeepAlive was wrong. Your problem is that the php scripts are blocking on something or other. Could still be the session file, or could be something else. You'd probably have better luck asking on a php list, since the problem has nothing directly to do with apache. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] re-writing URI's
On 12/15/06, Foster, Stephen (ASPIRE) [EMAIL PROTECTED] wrote: hi joshua, sorry i should have been more specific. Its not actually our app but an authentication plug-in and backend that changes the URI and then passes back to the browser. There may be a bug in it that its capturing the incoming URL and not able to re-write it to https before passing back. This is being investigated by the provider but in the meantime i would like to re-write the URI to the proper secure method. does that make sense? Sort of. But it is hard to tell where your authentication plug-in is acting here. What I would do is simply tack a ? on the end of the URL when redirecting from HTTP to HTTPS. This will eliminate the query string and hopefully force your plug-in to recreate it. And it also has the benefit of making sure your don't accidentally have people submit sensitive information in the query string to the non-secure server. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Templated config for vhost
On 12/14/06, Joshua Slive [EMAIL PROTECTED] wrote: On 12/13/06, Florian Lindner [EMAIL PROTECTED] wrote: Hello, is is possible to define a template for a vhost config entry and use this template in other entries. For example I have the template: Template ServerName $SERVER_NAME ServerAlias *.$SERVER_NAME $MORE_ALIASES DocumentRoot /home/$DIR/http/pub CustomLog /home/$DIR/http/log/access.log combined ErrorLog /home/$DIR/http/log/error.log php_admin_value sendmail_path /usr/sbin/sendmail -t -i -f [EMAIL PROTECTED] php_admin_value open_basedir /home/$DIR/http /Template now a config use this template VirtualHost * $SERVER_NAME xgm.de $DIR xgmde $MORE_ALIASES someotherdomain.tld /VirtualHost Can I do something like this? Yes, there are various modules available from http://modules.apache.org/ that allow you to do stuff like this. But I'd recommend simply pre-processing your config file with m4/perl/python/whatever. I had a similar problem, but solved it using mod_perl. Most of my config is now written in perl... Krist -- [EMAIL PROTECTED] Bremgarten b. Bern, Switzerland -- ...what you don't realize is that in the future Google WILL reach sentience, will [have had] invent[ed] a time machine, and will [have had] travel[ed] back in time to prevent Bill Gates... only to become Bill Gates by accident because of a search engine optimization miscalculation. (Comment on the Dilbert Blog) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] make error --with-dbm=gdbm, version 2.0.59
On 12/14/06, K. Clair [EMAIL PROTECTED] wrote: On 12/14/06, Joe Orton [EMAIL PROTECTED] wrote: On Thu, Dec 14, 2006 at 10:04:01AM -0600, K. Clair wrote: I don't think it has anything to do with the installed libraries: httpd-2.0.55 with the same configure options compiles with no errors on the same machine. I also tried to compile httpd-2.0.57, and I got the same make error as with 2.0.59. Again, all of this was done on the same system. Has anyone been able to compile 2.0.59 with the --with-dbm=gdbm configure option? Does it work if you pass --with-gdbm as well? I can't reproduce a failure exactly like this. I realized that I mis-read your email yesterday, and I tried using both --with-dbm=gdbm and --with-gdbm ... this worked! We never needed the --with-gdbm before. Thanks, Kristina - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Address CGI w/ URL and not Path Name
I have a set of cgi scripts that will only run when addressed with an 'http://type URL' and not the 'C:/directory/file' format. When I need to use cgi Apache produces a 'Save As' Dialog box because the http server is being bypassed. I can't figure out how to rewrite how my cgi programs are addressed. I don't want the Document Root included, I need the http:// format for them to run. EG
Re: [EMAIL PROTECTED] Processes not yielding, and lockf
On Fri, December 15, 2006 10:59 am, Joshua Slive wrote: On 12/15/06, Kevin Jones [EMAIL PROTECTED] wrote: I used the server-status handler with extended status to see what was happening. I have also reduced the KeepAliveTimeout to 4 seconds. I placed session_write_close() within my scripts. Currently all 256 requests (that is MaxClients) are being processed. Every single one of them is stuck on Sending Reply. Ok. So my guess about KeepAlive was wrong. Your problem is that the php scripts are blocking on something or other. Could still be the session file, or could be something else. You'd probably have better luck asking on a php list, since the problem has nothing directly to do with apache. As a super-quick stupid hack, try adding: ?php exit; ? to the end of the PHP scripts, if you can... Again, more in the realm of Voodoo than debugging, but easy to test, and may get you through until you can really fix the true problem. Check settings in php.ini for ignore_user_abort and session time out settings. Do post to php-general, and be specific about your versions of everything. I seem to recall an issue with the session-writer and how it serialized data in PHP, but it was very version-specific. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some starving artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Address CGI w/ URL and not Path Name
When you use the C:/directory/file format your browser is fetching the file directly from the filesystem and displaying it as best it can; your apache webserver is not involved in the process at all. So there will be no execution of the CGI script, as that takes place inside apache. On 15/12/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I have a set of cgi scripts that will only run when addressed with an ' http://type URL' and not the 'C:/directory/file' format. When I need to use cgi Apache produces a 'Save As' Dialog box because the http server is being bypassed. I can't figure out how to rewrite how my cgi programs are addressed. I don't want the Document Root included, I need the http:// format for them to run. EG -- Steve Swift http://www.swiftys.org.uk
