Re: [EMAIL PROTECTED] Resolving to 127.0.0.1
First step: Can you PING your test domain? On 09/01/07, Stephen <[EMAIL PROTECTED]> wrote: I am traveling and set my laptop u with apaches, mysql, php and want to continue my web work. I am using Windows XP Pro I have set the test domains to resolve to 127.0.0.1 in my hosts file. When I ping them in a cmd window they resolve to 127.0.0.1 and the ping works. In Firefox, when I do to http://127.0.0.1 I get the apache welcome page I have entered the domains in my vhosts.conf file. When I enter test domain in Firefox it says it is unable to establish a connection Any ideas? Thank you! Stephen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Steve Swift http://www.swiftys.org.uk
Re: [EMAIL PROTECTED] Requiring SSL?
On Jan 9, 2007, at 5:14 PM, Jay Chandler wrote: How do I force all traffic to go over SSL, and http://my.server.edu to force redirection to https://my.server.edu? 1) Put both 80 and 443 in a virtual host. 2) In the port 80 virtual host, put the following: RedirectPermanent / https://my.server.edu/ 3) Profit! The Virtual Host is the most important part. Without it, a RedirectPermanent placed in the Main Server Configuration will be inherited by the SSL Vhost, creating a redirect loop. S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF smime.p7s Description: S/MIME cryptographic signature
Re: [EMAIL PROTECTED] Requiring SSL?
Jay Chandler wrote: Sorry if this is blindingly obvious; it's been a long day. I have a server set up to work correctly both over port 80 and port 443. 443 requires SSL, and that's working correctly as well. How do I force all traffic to go over SSL, and http://my.server.edu to force redirection to https://my.server.edu? Bad form to reply to my own post, but this is Apache 2.2 we're speaking of... -- Jay Chandler Network Administrator, Chapman University 714.628.7249 / [EMAIL PROTECTED] Today's Excuse: Runt packets - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Requiring SSL?
Sorry if this is blindingly obvious; it's been a long day. I have a server set up to work correctly both over port 80 and port 443. 443 requires SSL, and that's working correctly as well. How do I force all traffic to go over SSL, and http://my.server.edu to force redirection to https://my.server.edu? -- Jay Chandler Network Administrator, Chapman University 714.628.7249 / [EMAIL PROTECTED] Today's Excuse: Runt packets - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Resolving to 127.0.0.1
Duplicate your vhost server names (and serveraliases if you like) in your hosts file with 127.0.0.1. That will allow DNS to resolve them to your loopback IP address and things should work. --Mark Mark Lavi, Enterprise Web Management Team @ SGI mailto:[EMAIL PROTECTED] || phone:+1-650-933-7707 -Original Message- From: Stephen [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 09, 2007 11:30 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Resolving to 127.0.0.1 I am traveling and set my laptop u with apaches, mysql, php and want to continue my web work. I am using Windows XP Pro I have set the test domains to resolve to 127.0.0.1 in my hosts file. When I ping them in a cmd window they resolve to 127.0.0.1 and the ping works. In Firefox, when I do to http://127.0.0.1 I get the apache welcome page I have entered the domains in my vhosts.conf file. When I enter test domain in Firefox it says it is unable to establish a connection Any ideas? Thank you! Stephen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Resolving to 127.0.0.1
I am traveling and set my laptop u with apaches, mysql, php and want to continue my web work. I am using Windows XP Pro I have set the test domains to resolve to 127.0.0.1 in my hosts file. When I ping them in a cmd window they resolve to 127.0.0.1 and the ping works. In Firefox, when I do to http://127.0.0.1 I get the apache welcome page I have entered the domains in my vhosts.conf file. When I enter test domain in Firefox it says it is unable to establish a connection Any ideas? Thank you! Stephen - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Verisign signatures with Apache server
On Jan 9, 2007, at 10:31 AM, Purswani, Prakash wrote: Thanks Sander, It worked now I m not getting Session error anymore but still Apache is not able to start and throwing the following error: ssl-error_log has the following error message :[error] Unable to configure verify locations for client authentication It may be that the server is confused between the SSLCACertificateFile and SSLCACertificatePath directives, which both appear in your configuration snippet. Do you have the cert files set up as required for the latter directive? Perhaps you should remove one. Also, you might consider using SSLCACertificateChainFile to point to the server certificate chain. See also: http://httpd.apache.org/docs/2.0/mod/ mod_ssl.html#sslcertificatechainfile That leaves you with SSLCACertificateFile to point directly to the CA certificate file for which you require your client certificates to have signatures. See also: http://httpd.apache.org/docs/2.0/ssl/ssl_howto.html#accesscontrol S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF smime.p7s Description: S/MIME cryptographic signature
RE: [EMAIL PROTECTED] Verisign signatures with Apache server
Thanks Sander, It worked now I m not getting Session error anymore but still Apache is not able to start and throwing the following error: ssl-error_log has the following error message :[error] Unable to configure verify locations for client authentication Thanks, Prakash -Original Message- From: Sander Temme [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 09, 2007 11:41 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Verisign signatures with Apache server Nancy, On Jan 9, 2007, at 8:20 AM, Booterbaugh, Nancy wrote: > Error_Log has the following warning message : Session Cache is > not configured [hint: SSLSessionCache] > ssl-error_log has the following error message :[error] Unable > to configure verify locations for client authentication Hm... without the SSL session cache, clients will not be able to re- use their SSL sessions. This can have a serious performance impact on your server. Please put in the main server configuration the following directive: SSLSessionCache shm:/usr/local/apache2/logs/ssl_scache(512000) SSLSessionCacheTimeout 300 See the following documentation URL for an explanation: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslsessioncache > I use following command to start the Apache server instead of > "apachectl": > ./httpd -k start -f /usr/local/apache2/conf/httpd-cob-certs.conf That is the command apachectl executes, so you're fine there. > Here is the Virtual host configuration we have in the "httpd-cob- > certs.conf" file. The only difference between this and the one we were > using for self-signed is the directory location in the SSL parameters. Looks like a fine configuration to me, but do add the session cache stuff. S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
RE: [EMAIL PROTECTED] Single Sign On via Windows Active Directory credentials
Hi, I'm using sspi_auth_module along with active directory for single sign on for those users already logged into our network with apache 2.x.x on Windows 2003 server. I'm not running IIS. From: Genesis X1 [mailto:[EMAIL PROTECTED] Sent: Thursday, December 28, 2006 5:00 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Single Sign On via Windows Active Directory credentials Is this a GUESS or are u sure abt it? On 12/27/06, Marc Boorshtein <[EMAIL PROTECTED]> wrote: mod_kerberos should give you SSO with an existing AD environment
Re: [EMAIL PROTECTED] Verisign signatures with Apache server
Nancy, On Jan 9, 2007, at 8:20 AM, Booterbaugh, Nancy wrote: Error_Log has the following warning message : Session Cache is not configured [hint: SSLSessionCache] ssl-error_log has the following error message :[error] Unable to configure verify locations for client authentication Hm... without the SSL session cache, clients will not be able to re- use their SSL sessions. This can have a serious performance impact on your server. Please put in the main server configuration the following directive: SSLSessionCache shm:/usr/local/apache2/logs/ssl_scache(512000) SSLSessionCacheTimeout 300 See the following documentation URL for an explanation: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslsessioncache I use following command to start the Apache server instead of "apachectl": ./httpd -k start -f /usr/local/apache2/conf/httpd-cob-certs.conf That is the command apachectl executes, so you're fine there. Here is the Virtual host configuration we have in the "httpd-cob- certs.conf" file. The only difference between this and the one we were using for self-signed is the directory location in the SSL parameters. Looks like a fine configuration to me, but do add the session cache stuff. S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF smime.p7s Description: S/MIME cryptographic signature
[EMAIL PROTECTED] Verisign signatures with Apache server
Roger et al, Thanks for your help. I have been able to resolve the Private key issue by installing the new Verisign certificates, but now I am running into a new issue: Error_Log has the following warning message : Session Cache is not configured [hint: SSLSessionCache] ssl-error_log has the following error message :[error] Unable to configure verify locations for client authentication I use following command to start the Apache server instead of "apachectl": ./httpd -k start -f /usr/local/apache2/conf/httpd-cob-certs.conf Here is the Virtual host configuration we have in the "httpd-cob-certs.conf" file. The only difference between this and the one we were using for self-signed is the directory location in the SSL parameters. ProxyRequests Off SSLProxyEngine On ProxyVia On RequestHeader set Front-End-Htps "On" SSLEngine On SSLProtocol ALL SSLCertificateFile /export/home/pp/newVersignCerts/pubkey.crt SSLCertificateKeyFile /export/home/pp/newVersignCerts/key.key SSLCACertificateFile /export/home/pp/newVersignCerts/IntermediateCA.crt SSLVerifyClient require SSLVerifyDepth 1 SSLCACertificatePath /app1/webMethods6/IntegrationServer/config/certs/cas #end of setup the Require Certificate ErrorLog logs/ssl-error_log TransferLog logs/ssl-access_log ProxyPass / https://ServerName:PortNumber/ ProxyPassReverse / https://ServerName:PortNumber/ ProxyPreserveHost On Did you get this resolved? Private key issue has been resolved by installing the new verisign certs. If not, then what OS version and APACHE version are you running on? Its Solaris9 & Apache2 When does the error occur? When we start the Apache server with Verisign certs the warning & error messages are logged in the Error_log and ssl-error_log files. The strange thing is we dont get any issue when using self-signed certs. Did you enable logging at the Virtual host level? If so, have you looked at the logs. I m not sure, Could you tell us how do we check if logging is enabled at Virtual host level? Where can we find the log files?
Re: [EMAIL PROTECTED] Building Static Apache on AIX 5.2 with GCC
On Jan 9, 2007, at 6:31 AM, Justin Johnson wrote: > /svn/static/build/httpd-2.2.3/srclib/apr-util>./configure \ > > --prefix=$base_dir/apr-util-httpd \ > > --enable-static=yes \ > > --enable-shared=no \ > > --with-ldap=$base_dir \ > > --with-apr=$base_dir/apr-httpd Did you also build apr-util? Try specifying --with-apr-util= $base_dir/apr-httpd/bin/apu-1-config as well as --with-apr=$base_dir/ apr-httpd/bin/apr-1-config (assuming you installed them in the same place). My question is related to trying to build apr-util. What do you mean "did you also build apr-util?" My bad, I hand't read correctly. I thought that was your httpd ./ configure line, and only now do I see that you're in fact building apr-util. My apologies. This could be a bug in autoconf or m4. Do you have the GNU autoconf, m4 and libtool packages installed on your machine? Could you try running > ./buildconf --with-apr=point/to/apr/source and then try configure again? I'm kind of running out of options here... as I may have said before, I don't know AIX at all and do not have an AIX box at my disposal. If we are running into bugs in our detection code or indeed in its frameworks, perhaps it's time to take this to the [EMAIL PROTECTED] list. S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF smime.p7s Description: S/MIME cryptographic signature
RE: [EMAIL PROTECTED] Rewrite does not work
> > Usually not in server context, mod_rewrite acts before the mapping to > filesystem occurs. You said that the rewrite log is completely empty, > when you request /testtinfo/fea? That would mean the rules are not seen > at all, e.g. a matched and the rules are defined in the > main server config section. > You are right. I put the RewriteCond into the section and now I get some entries in the rewrite.log file. But it still does not work! I commented the RewriteCond and RewriteRule lines out and still had some entries in the rewrite.log!!! I am using mailman and all the (python) scripts are in "/testtinfo" (the ScriptAlias line from a previous posting). Is it possible that this python scripts make some internal rewrites which overwrite mine? Pedro - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Name Resolution error
Sorry about that. - Original Message - From: john To: users@httpd.apache.org Sent: Tuesday, January 09, 2007 2:37 AM Subject: RE: [EMAIL PROTECTED] Name Resolution error HostnameLookups is for logging. I have other systems with many virtual hosts and there is no problem at all. Is there any possibility that when apache starts (runlevel 3) cannot resolve the host names. If I shut the apache (having resolution problem) and then just restart it, everything works fine. -- From: joseph c [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 09, 2007 7:48 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Name Resolution error how about the value of the "HostnameLookups", it should set to "Off" On 1/9/07, john <[EMAIL PROTECTED] > wrote: Hi all I have installed apache 2.2.3 Apache starts automatically, so there is an error [Mon Jan 08 20:11:27 2007] [error] (EAI 3)Temporary failure in name resolution: Could not resolve host name DomainName1 -- ignoring! [Mon Jan 08 20:11:27 2007] [error] (EAI 3)Temporary failure in name resolution: Could not resolve host name DomainName2-- ignoring! DomainName1 and DomainName2 are the names for my virtual hosts. After that error I have to reload apache and then everything works fine. In /etc/rc3.d I have S99apache2. Doesn't the 99 have to do with the order services are started? I see in Solaris that network services are started in run level 2.
Re: [EMAIL PROTECTED] Name Resolution error
- Original Message - From: john To: users@httpd.apache.org Sent: Tuesday, January 09, 2007 2:37 AM Subject: RE: [EMAIL PROTECTED] Name Resolution error HostnameLookups is for logging. I have other systems with many virtual hosts and there is no problem at all. Is there any possibility that when apache starts (runlevel 3) cannot resolve the host names. If I shut the apache (having resolution problem) and then just restart it, everything works fine. -- From: joseph c [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 09, 2007 7:48 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Name Resolution error how about the value of the "HostnameLookups", it should set to "Off" On 1/9/07, john <[EMAIL PROTECTED] > wrote: Hi all I have installed apache 2.2.3 Apache starts automatically, so there is an error [Mon Jan 08 20:11:27 2007] [error] (EAI 3)Temporary failure in name resolution: Could not resolve host name DomainName1 -- ignoring! [Mon Jan 08 20:11:27 2007] [error] (EAI 3)Temporary failure in name resolution: Could not resolve host name DomainName2-- ignoring! DomainName1 and DomainName2 are the names for my virtual hosts. After that error I have to reload apache and then everything works fine. In /etc/rc3.d I have S99apache2. Doesn't the 99 have to do with
Re: [EMAIL PROTECTED] Building Static Apache on AIX 5.2 with GCC
On 1/8/07, Sander Temme <[EMAIL PROTECTED]> wrote: On Jan 5, 2007, at 6:42 AM, Justin Johnson wrote: > My new problem is that apr-util has a problem with a statically linked > ldap. See below. > > /svn/static/build/httpd-2.2.3/srclib/apr-util>./configure \ > > --prefix=$base_dir/apr-util-httpd \ > > --enable-static=yes \ > > --enable-shared=no \ > > --with-ldap=$base_dir \ > > --with-apr=$base_dir/apr-httpd Did you also build apr-util? Try specifying --with-apr-util= $base_dir/apr-httpd/bin/apu-1-config as well as --with-apr=$base_dir/ apr-httpd/bin/apr-1-config (assuming you installed them in the same place). My question is related to trying to build apr-util. What do you mean "did you also build apr-util?" Note that you need to explicitly tell your apr-util build about -- with-ldap=... (in the default build config it'd inherit that from the httpd ./configure). That's what I do above. I am trying to build apr-util, and I specify --with-ldap=$base_dir. Building apr and apr-util separately is not usually required for a build, but it does give you finer-grained control over what gets generated. When I try to build everything (httpd, apr, apr-util) from a single configure at the top level, it doesn't find apr (since it isn't built yet) and when I try to do a make when the configure completes I get an error if I call "make". cd $build_dir/httpd-2.2.3 ./configure \ --prefix=$base_dir/apache2.2 \ --with-apr=$base_dir/apr-httpd \ --with-apr-util=$base_dir/apr-util-httpd \ --enable-static=yes \ --enable-shared=no \ --enable-so \ --without-berkeley-db \ --enable-ssl \ --with-ssl=$base_dir \ --enable-dav=shared \ --enable-dav-fs=shared \ --enable-dav-lock=shared \ --enable-ldap \ --with-ldap=$base_dir \ --with-ldap-include=$base_dir/include \ --with-ldap-lib=$base_dir/lib/libldap.a \ --enable-authnz-ldap \ --enable-rewrite [output snipped] svnadm /svn/static/build/httpd-2.2.3>make Making all in srclib make[1]: Entering directory `/svn/static/build/httpd-2.2.3/srclib' Making all in apr make[2]: Entering directory `/svn/static/build/httpd-2.2.3/srclib/apr' make[3]: Entering directory `/svn/static/build/httpd-2.2.3/srclib/apr' make[3]: Nothing to be done for `local-all'. make[3]: Leaving directory `/svn/static/build/httpd-2.2.3/srclib/apr' make[2]: Leaving directory `/svn/static/build/httpd-2.2.3/srclib/apr' Making all in apr-util make[2]: Entering directory `/svn/static/build/httpd-2.2.3/srclib/apr-util' make[2]: *** No rule to make target `all'. Stop. make[2]: Leaving directory `/svn/static/build/httpd-2.2.3/srclib/apr-util' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/svn/static/build/httpd-2.2.3/srclib' make: *** [all-recursive] Error 1 svnadm /svn/static/build/httpd-2.2.3> I assumed I had to build them separately. I read that somewhere too. When you build APR (and APR-util), does the build follow your specified shared/static requirements? Does the static archive statically link against that holy grail, the gcc runtime? APR does. I can't get APR-util built though because it can't find openldap. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Rewrite does not work
Huesser Peter wrote: Yes, this will cause a reverse DNS lookup of remote_addr. But anyway, I think your order is incorrect. If your request comes through port 80, the 2nd rule won't have any effect, because your first rule matched already. RewriteEngine On RewriteCond %{REMOTE_HOST} \.domain\.ch$ RewriteRule ^/testtinfo/fea http://another.url.ch/ [R,L] RewriteCond %{SERVER_PORT} =80 RewriteRule ^(.+)$ https://server.domain.ch$1 [R,L] Hello Bob I changed the order of the RewriteCond as you suggested but unfortunately it did not have any effect. Maybe I should also mention that /testtinfo is a ScriptAlias: ScriptAlias /testtinfo /var/testtinfo/cgi-bin Could this cause the problem? Usually not in server context, mod_rewrite acts before the mapping to filesystem occurs. You said that the rewrite log is completely empty, when you request /testtinfo/fea? That would mean the rules are not seen at all, e.g. a matched and the rules are defined in the main server config section. -- Bob - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: How to compose an URL so that login is done???
On Tue, 9 Jan 2007 09:28:03 +0200, "Octavian Rasnita" <[EMAIL PROTECTED]> wrote: >Well in that case you can simply use a link like > >http://www.site.com/program_name/username/password > >and put the program "program_name" to parse the URL, get the username and >password, search the user in the file with users or a database and checks if >the password is correct, and if it is, let the user see the page. >The program should use cookie-based sessions, so the subsequent pages won't >need to make the authentication again. > >Of course, the user has the rights to see the page, but when that user sees >it, other users might be around and also see the username/password used. >I think a better idea would be to make a POST request somehow and not a GET >one, because in that case at least the username/password are not shown in >the address bar. > >You can create a form that uses the POST method, with the hidden username >and password fields set by default, and use a Javascript function that sends >the form for making the login... >In that case, the username and password will be sent in CGI style like >http://www.site.com/program_name?user=xxx&password=zzz. > >Octavian Thanks, I decided to go another route because I really do not want to bypass the Apache security handling I am using already by instead having logins handled by a program I have to maintain myself... I have created a new password protected folder somewhere on our website and there I will store the real user/password combinations. My program will then itself get the proper file from the website using its own secret user/password and parse out the data for the customer. Then it will display a link to the customer pages along with the login data for that customer. When he clicks the link the default browser opens up and shows the login dialogue which he now has to fill in from the display in the program page shown. This way my program acts as a reminder for the customer and shows his own login data but he has to do the login himself. Bo Berglund - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Rewrite does not work
> > Yes, this will cause a reverse DNS lookup of remote_addr. But anyway, I > think your order is incorrect. If your request comes through port 80, > the 2nd rule won't have any effect, because your first rule matched > already. > > RewriteEngine On > RewriteCond %{REMOTE_HOST} \.domain\.ch$ > RewriteRule ^/testtinfo/fea http://another.url.ch/ [R,L] > RewriteCond %{SERVER_PORT} =80 > RewriteRule ^(.+)$ https://server.domain.ch$1 [R,L] > Hello Bob I changed the order of the RewriteCond as you suggested but unfortunately it did not have any effect. Maybe I should also mention that /testtinfo is a ScriptAlias: ScriptAlias /testtinfo /var/testtinfo/cgi-bin Could this cause the problem? Pedro - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_proxy maximum connections to a backend
Hi All, I've asked this on irc and it was suggested that I try asking the dev because the docs aren't clear, but I'll ask here aswell. I'm using apache httpd 2.2.3 with the event MPM to do some traffic throttling to a backend. What I have is this: First, traffic hit a default vhost with lots of rewrite rules such as this: RewriteCond %{REQUEST_URI}^/page.*$ [NC] RewriteCond %{QUERY_STRING} ^.*pattern.*$ [NC] RewriteRule ^(.*)$ http://trafficclass.localhost/$1 [P,L] In the hosts file, trafficclass.localhost is 127.0.0.1, so from there, the traffic heads back into a vhost. Then I have a vhost with the following in it: DocumentRoot /opt/apache/htdocs ServerName trafficclass.localhost ProxyRequests off ProxyBadHeader Ignore CustomLog /var/log/apache2/gold-access.log combined Errorlog /var/log/apache2/gold-error.log ProxyPass http://1.2.3.4/ max=200 acquire=500 # IIS Sucks SetEnv force-proxy-request-1.0 1 SetEnv proxy-nokeepalive 1 In my setup I have 100 processes with 64 threads per process. Last night during exceptional load, I saw over 3200 connections to the backend. My question - is it possible that max=200 is a per process and not server wide limit? If so, there's a way to set a server wide limit to the backend? Cheers, George -- George Barnett e: [EMAIL PROTECTED] m: +44 797 457 1868 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: Apache2 on Linux Virtualhosting Question
Problem solved, in Linux 2.6 that Limit is gone :-) - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Ghost Script Problem
Try to include the absolute path to gs in your call (e.g. /usr/local/ bin/gs ). Your can get the complete path with the command "which gs" (at least if you are on a UNIX/Linux box). /frank 4 jan 2007 kl. 20.30 skrev Kyle Quillen: Hello all, I am having a small config issue. I have a php application that is trying to call ghost script but it only ever returns a blank page. in my error_log for httpd I see "sh gs: command not found" Can anyone help me out with this? Much thanks Q - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] International Characters?
Check that the response is being served with the correct character-set. If all of your server's pages are internationalized and in the same caracter set, you can use the AddDefaultCharset directive (see http://httpd.apache.org/docs/2.2/mod/core.html#adddefaultcharset) Issac Jay Chandler wrote: > Howdy. > > On one of our servers, international characters (specifically french > accents) display correctly. On the new Apache2.2 server (FreeBSD 6.1) > they don't. Is there a package missing that I need to install? > > Regards, > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Apache2 on Linux Virtualhosting Question
Hi, I'm currently trying to setup a dedicated Linux Server for some private Homepages (Friends & mine private stuff) using Apache 2.0.54 on Linux 2.4.34. To have the vHosts (name based) separated securely my idea was to use "SuexecUserGroup" (and maybe "suPHP_UserGroup") so each User could start his Scripts etc. under his own UID (which might help troubleshooting resource intensive scripts for me too) and gives each user the benefit of having his private homedirectory where no one else is allowed to enter. This Idea worked fine so far, the Users homedirectory is owned by user1.group1, permissions are 750. Apache can still access the Web directory because i added him as user to "group1". The Problem i face now is the Linux limit that a user (my Web server in this case) can maximally be in 32 Groups :( I googled pretty much about this topic, found some other people having the same problem, but no real solution sadly so far. How can i solve this problem ? Any idea how huge Hosters solve this Problem (can't believe they have all their user's htdocs/ 755) Any help is very appreciated, thanks in advance, Stefan - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Rewrite does not work
Huesser Peter wrote: My interpretation of "RewriteCond %{REMOTE_HOST} \.domain\.ch$" is the following: If the client that makes the https request is within the "domain.ch" than apply the following RewriteRule. Yes, this will cause a reverse DNS lookup of remote_addr. But anyway, I think your order is incorrect. If your request comes through port 80, the 2nd rule won't have any effect, because your first rule matched already. RewriteEngine On RewriteCond %{REMOTE_HOST} \.domain\.ch$ RewriteRule ^/testtinfo/fea http://another.url.ch/ [R,L] RewriteCond %{SERVER_PORT} =80 RewriteRule ^(.+)$ https://server.domain.ch$1 [R,L] -- Bob - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] How to force a core dump on Linux
Hi Sander, Thanks for the inputs. We are having a production server that just stops processing requests over a period of time. To minimize the downtime, we would like to forcefully core dump apache (when it stops processing requests) and then gdb the core file at a later point of time. Is there any command we can use for this? -Original Message- From: Sander Temme [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 09, 2007 1:06 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] How to force a core dump on Linux On Jan 8, 2007, at 10:34 PM, Sai Jai Ganesh Gurubaran wrote: > We are getting frequent Apache (59) outages at our installation. > > Apache is compiled in as worker module, forward proxy on RHEL 3 > > I would like to core dump Apache when such a outage occurs. > > Can any one tell me how to force Apache to core dump? 1) The shell that starts httpd needs to have ulimit -c set 2) Set the CoreDumpDirectory directive in httpd.conf to point to a directory where httpd child processes can write (needs to be writable by the username set in your User directive 3) After starting your server with the above in place, attach to your problem child process with gdb and use the bt command S. -- [EMAIL PROTECTED]http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF *** The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. This email does not constitute any commitment from Cordys Holding BV or any of its subsidiaries except when expressly agreed in a written agreement between the intended recipient and Cordys Holding BV or its subsidiaries. *** - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] Rewrite does not work
> > What are you seeing in your rewrite log? (If you don't have a rewrite > log, switch it on now, and set debugging to a sufficiently high > level). > Thanks for your answer. I turned it on and see nothing in the rewrite.log file for the second RewriteCond (the first works fine and produces several entries)!!! My interpretation of "RewriteCond %{REMOTE_HOST} \.domain\.ch$" is the following: If the client that makes the https request is within the "domain.ch" than apply the following RewriteRule. Am I right? Pedro - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Per-user cgi-bin + php + fastcgi + suexec
On Mon, Jan 08, 2007 at 05:38:54PM +0100, Erik van Pienbroek wrote: > So I came up with the idea to create a wrapper script for each user > account (with the owner of the script set to the relevant user) and > put it in each home directory. However, when I change the Action-line > in the config shown above to something like Action > application/x-httpd-fastphp /*/cgi-bin/php-wrapper then apache doesn't > know how to replace the * with the username belonging to the asked > file. If each wrapper script is really in a homedir, can't you just use {$HOME}/cgi-bin/php-wrapper? -- Riemer PalstraAmsterdam, The Netherlands [EMAIL PROTECTED]http://www.palstra.com/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]