RE: [EMAIL PROTECTED] Apache web server efficiency go down with increasing uptime.
> -Original Message- > From: kalaj [mailto:[EMAIL PROTECTED] > Sent: Tuesday, May 22, 2007 6:17 PM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Apache web server efficiency go down > with increasing uptime. > > > I use Apache 2.2.4,MySQL 5.0 and PHP 5.2.2 run on Debian VPS system, > I noticed that my web server efficiency go down with a web server > increasing uptime,for example,when I restart the web server that will > cut down the WordPress php page produce time half. > Any idea with this? Memory leaks would be the usual suspect in a case like this - more likely from PHP than from apache (this is not a common problem on servers where apache is running alone...) Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > -- > View this message in context: > http://www.nabble.com/Apache-web-server-efficiency-go-down-wit h-increasing-uptime.-tf3797420.html#a10741507 > Sent from the Apache HTTP Server - Users mailing list archive > at Nabble.com. > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re[2]: Can't find index.html
Hi Boyle, Wednesday, May 23, 2007, 4:23:28 PM, you wrote: >> -Original Message- >> From: Richard Luckhurst [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, May 23, 2007 1:09 AM >> To: users@httpd.apache.org >> Subject: [EMAIL PROTECTED] Can't find index.html >> >> Hi >> >> This is probably a silly simple question. I have just set up >> Apache 2.2.4 on a >> Fedora Core 4 box and am having a little trouble. When I >> browse to the website >> url BO> "website url"? would that be http://server or http://server/? In the case that is causing problems it is https://secure.resmaster.com/ that does not work but https://secure.resmaster.com/index.html works. Note that I have no trouble with http:// sites. >> I find I get a messsage wanting to save or open the home >> page. BO> That looks like a wrong mime-type.. Can you check the response header BO> (eg, via LiveHTTPHeaders extension in FireFox)? Here is the output from LivrHTTPHeaders https://secure.resmaster.com/ GET / HTTP/1.1 Host: secure.resmaster.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 200 OK Date: Wed, 23 May 2007 07:24:25 GMT Server: Apache Last-Modified: Wed, 12 Apr 2006 05:26:05 GMT Etag: "10a8da-4ac-1380f540" Accept-Ranges: bytes Content-Length: 1196 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: application/x-httpd-php -- https://secure.comodo.net/trustlogo/javascript/trustlogo.js GET /trustlogo/javascript/trustlogo.js HTTP/1.1 Host: secure.comodo.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 200 OK Date: Wed, 23 May 2007 07:24:58 GMT Server: Apache Last-Modified: Fri, 15 Dec 2006 15:12:45 GMT Etag: "22678-3e3b-424a61063f540" Accept-Ranges: bytes Content-Length: 15931 Cache-Control: max-age=86400 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: application/x-javascript -- BO> BTW, what *exactly* is the browser prompting you to save (ie, the "home BO> page")? The Downloads window pops up and it is showing a temporary html file with the option to open or remove it. If I use IE 7 I get the file download window trying to download a file called secure.resmaster[1] and the Type is resmaster[1]_auto_file. >> I f I browse >> to the url/index.html then the page opens fine. What have I >> forgotten to set up? BO> Something to do with apache's self-referential URLs and/or the BO> directory-indexing mechanism... BO> Check out these two directives: BO> http://httpd.apache.org/docs/2.2/mod/core.html#usecanonicalname BO> http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryindex The Directory Index directive is as follows. DirectoryIndex index.html index.html.var index.shtml index.cgi index.php index.phtml index.php3 index.htm home.html welcome.html UseCanonicalName was set to Off in the httpd.conf file and it made no difference set to On. BO> If, after digesting the information therein and trying a few things, it BO> still "doesn't work", post back. If you can, quote the headers returned BO> by the server. Regards Richard BO> Rgds, BO> Owen Boyle BO> Disclaimer: Any disclaimer attached to this message may be ignored. >> >> Regards, >> Richard Luckhurst >> >> >> >> - >> The official User-To-User support forum of the Apache HTTP >> Server Project. >> See http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [EMAIL PROTECTED] >>" from the digest: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> BO> BO> BO> This message is for the named person's use only. It may contain BO> confidential, proprietary or legally privileged information. No BO> confidentiality or privilege is waived or lost by any mistransmission. If BO> you receive this message in error, please notify the sender urgently and BO> then immediately delete the message and any copies of it from your system. BO> Please also immediately destroy any hardcopies of the message. You must not, BO> directly or indirectly, use, disclose, distribute, print, or copy any part BO> of this message if you are not the intended recipient. The sender's company BO> reserves the right to monitor all e-mail communications through their BO> networks. Any views expressed in this message are those of the individual BO> sender
Re: [EMAIL PROTECTED]: Can't find index.html
Richard Luckhurst wrote: > Hi Boyle, > > Wednesday, May 23, 2007, 4:23:28 PM, you wrote: > >>> -Original Message- >>> From: Richard Luckhurst [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, May 23, 2007 1:09 AM >>> To: users@httpd.apache.org >>> Subject: [EMAIL PROTECTED] Can't find index.html >>> >>> Hi >>> >>> This is probably a silly simple question. I have just set up >>> Apache 2.2.4 on a >>> Fedora Core 4 box and am having a little trouble. When I >>> browse to the website >>> url > > BO> "website url"? would that be http://server or http://server/? > > In the case that is causing problems it is https://secure.resmaster.com/ that > does not work > but https://secure.resmaster.com/index.html works. > > Note that I have no trouble with http:// sites. > >>> I find I get a messsage wanting to save or open the home >>> page. > > BO> That looks like a wrong mime-type.. Can you check the response header > BO> (eg, via LiveHTTPHeaders extension in FireFox)? > > Here is the output from LivrHTTPHeaders > > https://secure.resmaster.com/ > > GET / HTTP/1.1 > Host: secure.resmaster.com > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) > Gecko/20070309 Firefox/2.0.0.3 > Accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > > HTTP/1.x 200 OK > Date: Wed, 23 May 2007 07:24:25 GMT > Server: Apache > Last-Modified: Wed, 12 Apr 2006 05:26:05 GMT > Etag: "10a8da-4ac-1380f540" > Accept-Ranges: bytes > Content-Length: 1196 > Keep-Alive: timeout=15, max=100 > Connection: Keep-Alive > Content-Type: application/x-httpd-php Do you have mod_php installed? Since this says apache is sending a php file. > -- > https://secure.comodo.net/trustlogo/javascript/trustlogo.js > > GET /trustlogo/javascript/trustlogo.js HTTP/1.1 > Host: secure.comodo.net > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) > Gecko/20070309 Firefox/2.0.0.3 > Accept: */* > Accept-Language: en-us,en;q=0.5 > Accept-Encoding: gzip,deflate > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > Keep-Alive: 300 > Connection: keep-alive > > HTTP/1.x 200 OK > Date: Wed, 23 May 2007 07:24:58 GMT > Server: Apache > Last-Modified: Fri, 15 Dec 2006 15:12:45 GMT > Etag: "22678-3e3b-424a61063f540" > Accept-Ranges: bytes > Content-Length: 15931 > Cache-Control: max-age=86400 > Keep-Alive: timeout=5, max=100 > Connection: Keep-Alive > Content-Type: application/x-javascript This is saying your https is sending javascript, so index.js is the file it is sending. This should more commonly be text/plain for a javascript file, then the browser will parse the file and execute the javascript. ~snip~ > The Directory Index directive is as follows. > > DirectoryIndex index.html index.html.var index.shtml index.cgi index.php > index.phtml index.php3 index.htm home.html welcome.html I see index.php so I'm guessing mod_php is installed. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] closed with aborted shutdown
We have an apache 2.2 server that works as reverse proxy. It is listening on port 443 (we have no client authentication). As you can see in my log we have a client that can connect to our server successfullly but sometime we get the message in the subject and then it seems that the client (in this case a client is a bank Automatic Teller Machine) doesn't call my apache anymore until someone restarts it. This message is random and it appears sometime for an ATM and sometime for another and someday it doesn't appear. I cannot understand. Have you any idea??? What does this message mean? Thanks in advance Greetings MANUCIAO May 4 06:04:45 li0watp0 httpd[2005]: [info] Connection to child 81 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:05:00 li0watp0 httpd[2005]: [info] Connection to child 81 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:09:45 li0watp0 httpd[2364]: [info] Connection to child 264 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:09:46 li0watp0 httpd[1993]: [info] Connection to child 69 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:09:46 li0watp0 httpd[1993]: [info] Connection to child 69 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:10:00 li0watp0 httpd[2364]: [info] Connection to child 264 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:14:46 li0watp0 httpd[1991]: [info] Connection to child 67 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:15:01 li0watp0 httpd[1991]: [info] Connection to child 67 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:19:46 li0watp0 httpd[2362]: [info] Connection to child 262 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:19:47 li0watp0 httpd[1974]: [info] Connection to child 207 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:19:47 li0watp0 httpd[1974]: [info] Connection to child 207 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:20:01 li0watp0 httpd[2362]: [info] Connection to child 262 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:24:47 li0watp0 httpd[1965]: [info] Connection to child 198 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:25:02 li0watp0 httpd[1965]: [info] Connection to child 198 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:29:47 li0watp0 httpd[1965]: [info] Connection to child 198 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:29:49 li0watp0 httpd[2009]: [info] Connection to child 85 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:29:49 li0watp0 httpd[2009]: [info] Connection to child 85 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:30:02 li0watp0 httpd[1965]: [info] Connection to child 198 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:34:48 li0watp0 httpd[2368]: [info] Connection to child 268 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:35:03 li0watp0 httpd[2368]: [info] Connection to child 268 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:39:48 li0watp0 httpd[2375]: [info] Connection to child 275 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:39:49 li0watp0 httpd[1963]: [info] Connection to child 196 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:39:49 li0watp0 httpd[1963]: [info] Connection to child 196 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:40:04 li0watp0 httpd[2375]: [info] Connection to child 275 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:44:49 li0watp0 httpd[1994]: [info] Connection to child 70 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:45:04 li0watp0 httpd[1994]: [info] Connection to child 70 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:45:08 li0watp0 httpd[2362]: [info] Connection to child 262 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:45:26 li0watp0 httpd[2362]: [info] Connection to child 262 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:50:11 li0watp0 httpd[2369]: [info] Connection to child 269 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:50:12 li0watp0 httpd[1982]: [info] Connection to child 215 established (server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:50:12 li0watp0 httpd[1982]: [info] Connection to child 215 closed with standard shutdown(server xxx.xxx.xxx.xxx:443, client 10.88.32.126) May 4 06:50:2
Re: [EMAIL PROTECTED] Experience in mod_rewrite in Apache 2.2
Joshua Slive wrote:
> On 5/22/07, Dmitriy Gorbenko <[EMAIL PROTECTED]> wrote:
>
>> I think I could do it using mod_rewrite, but now I understand, that I
>> can't: in apache config file I can create rules, which will makes an
>> decision: redirect or proxy request of client (R and P flags).
>> But by using external program I can't make such decision.
>> And that is a problem.
>
> Ahhh, so your question is: how do I activate rewrite flags from a prg:
> RewriteMap. (Not at all clear from your first email.)
>
> Indeed, this can't be done directly, but it can be easily done
> indirectly. For example, have your map program prefix the URL with
> proxy: or redirect: depending on what you want, and then:
> RewriteRule ^(.+)$ ${rd:%{THE_REQUEST}}
> RewriteRule ^proxy:(.*)$ $1 [P]
> RewriteRule ^redirect:(.*)$ $1 [R]
>
> (Use the RewriteLog to debug!)
>
> Joshua.
>
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> " from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
Yes, but in this case the logic of making decision (doing proxy or
redirect) imposes oneself to URL. It still is possible to agree with this.
Let's admit, the user is sent URL, in which where is a word proxy.
However that logic, which I wish to create, should in some cases do not
proxy request, but do redirect. And if we have written rule
RewriteRule ^proxy:(.*)$ $1 [P]
then the program which process request cannot change action proxy to
redirect.
Look at this three examples - they perfectly illustrate that behaviour
which I wish to create:
C: GET http://ofiice.domain.com/document.html
S: 302 - http://login.domain.com/ (redirect method)
C: GET http://login.domain.com/?username=aaa&passwd=bbb
S: 302 - http://office.domain.com/afjgn39nxnx8n3f29ss/document.html
(redirect method)
C: GET http://office.domain.com/afjgn39nxnx8n3f29ss/document.html
S: gives resource content (proxy to some local resource)
Clients tries to acces some document, but server want client to be
authenticated before. Server create paramert session-id
(afjgn39nxnx8n3f29ss), and client should use this session-id to access
resource office.domain.com. And later, than client send this session-id.
server will proxy such request to local network server, which is not
public, and which contains 'document.html' resource.
Or another example, where client, 1 hour later, tries to access the same
document:
C: GET http://office.domain.com/afjgn39nxnx8n3f29ss/document.html
S: 302 - http://login.domain.com/ (redirect method)
C: GET http://login.domain.com/?username=aaa&passwd=bbb
S: 302 - http://office.domain.com/jh43hkjshdfsdyhskdvc/document.html
(redirect method)
C: GET http://office.domain.com/jh43hkjshdfsdyhskdvc/document.html
S: gives resource content (proxy to some local resource)
And another one (here session-id parametr is correct, and we just doing
proxing):
C: GET http://office.domain.com/ndfklweuixxnlfljdklj/document.html
S: gives resource content (proxy to some local resource)
smime.p7s
Description: S/MIME Cryptographic Signature
[EMAIL PROTECTED] RE:httpd.conf for oracle app 10g
Hello, By creating a new sawpfile and modifying the MaxClients to 1000 seems everything going more smoothly... But still when more that 1000 clients request for the site (Oracle Application server10g) "the site programmed using java" the system hangs... Anyway how can the clients see an error page when the system stop responding or after more than 1000 client connected to the site... Regards, RN
Re: [EMAIL PROTECTED] Problem with Internet Explorer
I forgot to add, I'm using Apache 2.0.58 on a Windows Server 2003. Marcos R. Cardoso escreveu: I might be missing something but I still couldn't figure it out, I'm trying to send a special caracter through a link, the character is ´ (acute). Using Firefox, Opera and Netscape it works, but using Internet Explorer I get an Apache error. Checking the log, the error is: (22)Invalid argument: utf8 to ucs2 conversion failed on this string: REDIRECT_QUERY_STRING=acao=validar&idUnico=40ccca7f7eabc579a7091c62b77a64c0&login=bd\xb4amaral&cdPessoa=72991&link= and the problem resides in the "login=bd\xb4amaral" section of the error. If anyone went through this situation and managed to fix it, please help me. TIA, -- Marcos R. Cardoso Seção de Documentação e Automação Biblioteca Universitária FURB - Blumenau (047) 3321-0660 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DocumentRoot - Apache2 - Ubuntu
On 5/22/07, Tim Johnson <[EMAIL PROTECTED]> wrote: On Tuesday 22 May 2007 11:06, Krist van Besien wrote: > What I've done on my personal server (which also runs Ubuntu Linux) is > to have a seperate config file for each virtual server in > sites-available. In sites-enabled I've then made links to "activate" > those virtual hosts that I want to be active. Hi Krist: To make sure that I follow you - as an example, I would put symlink called @cgi-bin under sites-enabled and then by able to access it as http://localhost/cgi-bin/script.extension ? No no, that is not what I mean. What Ubuntu does is split the httpd.conf in pieces, in seperate config files. The config by default includes all config files in sites_enabled. If you look in that directory you will see that it contains links to files in sites_available. You can add config files to sites_available, and then link them to sites_enabled to make sure apache includes them. This way you can extend and change the config without editing existing files, which helps preserving the changes when you upgrade. You don't have to do this, but the way choosen by the creators of Ubuntu is to have it this way. What I did is put every block in its own config file. In these config files I configured for every virtual host where the docroot is, where it has to log etc... All these config files are under sites_available, and sites_enabled contains links to these files. Krist -- [EMAIL PROTECTED] Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] RE:Oracle Application Server 10g HTTPD???
Hello, If I want to let the client see my error page when the clients past the server MaxClients setting,what can I do? Thanks Guys...
Re: [EMAIL PROTECTED] RE:Oracle Application Server 10g HTTPD???
Red al tubor <[EMAIL PROTECTED]> wrote:If I want to let the client see my error page when the clients past the server MaxClients setting,what can I do? If the server can serve an error page, it could probably handle the request. For a single Apache instance, I don't think that there is anything that you can do. Stephen
Re: [EMAIL PROTECTED] changing the error status code for forbidden resources
Thanks! I really appreciate your input. It may be a waste of time for you but not for someone like me who has just started to learn such things. bpg Joshua Slive wrote: On 5/22/07, Bhagwati Gupta <[EMAIL PROTECTED]> wrote: Hi, I am running Apache 2.2.3 on my Debian 3.1 sarge machine. My local web security team has examined the system and generated a detailed security report. One of the issues that I am having difficulty to fix relates to hidden directories. I have been advised to change the server configuration such that '404 - not found' response is issued for forbidden resources as opposed to '403 - forbidden' response. I have tried looking on the web but have yet to find anything that could solve my problem. I am not sure exactly how server responses for hidden directories (or missing files) can be customized. Could you please help? Thanks! Sounds like a silly waste of time to me. (Actually, it's more than a waste of time, it is deliberately crippling of HTTP.) But anyway, if you want to lie about error codes, you can go all the way and change the to redirects: ErrorDocument 404 http://example.com/not_found.html ErrorDocument 403 http://example.com/not_found.html If you just want to lie about 403 only, then the only way I know (other than editing the code) is to point to a cgi script that emits its own "Status: 404" header: ErrorDocument 403 /cgi-bin/lie-about-the-status-code.pl Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] changing the error status code for forbidden resources
Joshua, Three questions in hopes of bettering my understanding of Apache. Why not just edit the conf file to take the 403 error and have it redirect to the Apache 404 error page within the error directory? Example below. ErrorDocument 403 /error/HTTP_NOT_FOUND.html.var ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var As an alternative, why not just edit the actual 403 error page contents to reflect the error you desire. Finally, You mention that "it's more than a waste of time, it is deliberately crippling of HTTP". Why? >>> [EMAIL PROTECTED] 5/22/2007 7:28 PM >>> On 5/22/07, Bhagwati Gupta <[EMAIL PROTECTED]> wrote: > Hi, > I am running Apache 2.2.3 on my Debian 3.1 sarge machine. My local > web security team has examined the system and generated a detailed > security report. One of the issues that I am having difficulty to fix > relates to hidden directories. I have been advised to change the server > configuration such that '404 - not found' response is issued for > forbidden resources as opposed to '403 - forbidden' response. I have > tried looking on the web but have yet to find anything that could solve > my problem. I am not sure exactly how server responses for hidden > directories (or missing files) can be customized. Could you please help? > Thanks! Sounds like a silly waste of time to me. (Actually, it's more than a waste of time, it is deliberately crippling of HTTP.) But anyway, if you want to lie about error codes, you can go all the way and change the to redirects: ErrorDocument 404 http://example.com/not_found.html ErrorDocument 403 http://example.com/not_found.html If you just want to lie about 403 only, then the only way I know (other than editing the code) is to point to a cgi script that emits its own "Status: 404" header: ErrorDocument 403 /cgi-bin/lie-about-the-status-code.pl Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] changing the error status code for forbiddenresources
> -Original Message- > From: Matt Rigor [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 23, 2007 4:16 PM > To: users@httpd.apache.org > Subject: Re: [EMAIL PROTECTED] changing the error status code for > forbiddenresources > > Joshua, > > Three questions in hopes of bettering my understanding of Apache. > > Why not just edit the conf file to take the 403 error and have it > redirect to the Apache 404 error page > within the error directory? Example below. > > ErrorDocument 403 /error/HTTP_NOT_FOUND.html.var > ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var > > As an alternative, why not just edit the actual 403 error > page contents > to reflect the error you desire. > > Finally, You mention that "it's more than a waste of time, it is > deliberately crippling of HTTP". Why? It's a waste of time because there's no risk. The server is already denying the resource.. It's "crippling" because the request and response headers were defined to help set-up and debug the web as it grew. If every server lied about what was really happening it would be much harder to carry out said set-up and debug. However; I wasn't going to mention this, but since the question has arisen, RFC 2616 section 10.4.4 actually *does* allow the server to masquerade a 403 as a 404 if "the server does not wish to make this information [reason request refused] available to the client"... I understand the reluctance to support these "security by obscurity" ploys, but I think in this case that maybe the RFC has it right I guess it's a bit like the common trick on firewalls whereby a request for a denied socket is silently dropped (nothing sent back to client) rather than actively refused (refusal sent back to client immediately). The idea is that the attacker can't distinguish between a real block at the FW and simple network or application latency and has to wait a long time to find out. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > > >>> [EMAIL PROTECTED] 5/22/2007 7:28 PM >>> > On 5/22/07, Bhagwati Gupta <[EMAIL PROTECTED]> wrote: > > Hi, > > I am running Apache 2.2.3 on my Debian 3.1 sarge machine. My > local > > web security team has examined the system and generated a detailed > > security report. One of the issues that I am having difficulty to > fix > > relates to hidden directories. I have been advised to change the > server > > configuration such that '404 - not found' response is issued for > > forbidden resources as opposed to '403 - forbidden' response. I have > > tried looking on the web but have yet to find anything that could > solve > > my problem. I am not sure exactly how server responses for hidden > > directories (or missing files) can be customized. Could you please > help? > > Thanks! > > Sounds like a silly waste of time to me. (Actually, it's more than a > waste of time, it is deliberately crippling of HTTP.) > > But anyway, if you want to lie about error codes, you can go all the > way and change the to redirects: > > ErrorDocument 404 http://example.com/not_found.html > ErrorDocument 403 http://example.com/not_found.html > > If you just want to lie about 403 only, then the only way I know > (other than editing the code) is to point to a cgi script that emits > its own "Status: 404" header: > ErrorDocument 403 /cgi-bin/lie-about-the-status-code.pl > > Joshua. > > - > The official User-To-User support forum of the Apache HTTP Server > Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. ---
[EMAIL PROTECTED] Blank page with Apache and PHP running
Hi! I set up my Apache 2.2.4 and PHP-5.2.2 on MS Vista. Wrote a test file with just one php statement. i.e. is written in test.php file. Later went to my web browser and wrote http://localhost/test.php and a blank page came up. It seems that my web server and php engine is working cause when I start the web server I got something like "Apache/2.2.4(Win32)PHP/5.2.2". Why I get a blank page and not the system information that the php engine provides? Is anybody out there that can help me out? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Experience in mod_rewrite in Apache 2.2
On 5/23/07, Dmitriy Gorbenko <[EMAIL PROTECTED]> wrote: Yes, but in this case the logic of making decision (doing proxy or redirect) imposes oneself to URL. It still is possible to agree with this. Let's admit, the user is sent URL, in which where is a word proxy. However that logic, which I wish to create, should in some cases do not proxy request, but do redirect. And if we have written rule RewriteRule ^proxy:(.*)$ $1 [P] then the program which process request cannot change action proxy to redirect. Seems we have a serious language barrier here, since I find these two paragraphs almost incomprehensible due to grammar problems. The client/server transcripts don't help, because they don't show what your particular problem is. What exactly about my suggested solution does not work? Note that my suggestion didn't require the client to specify proxy: in the URL. It is your perl rewritemap that puts that in the URL for the cases it wants to proxy. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] changing the error status code for forbidden resources
On 5/23/07, Matt Rigor <[EMAIL PROTECTED]> wrote: Joshua, Three questions in hopes of bettering my understanding of Apache. Why not just edit the conf file to take the 403 error and have it redirect to the Apache 404 error page within the error directory? Example below. ErrorDocument 403 /error/HTTP_NOT_FOUND.html.var ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var Because in addition to the error document itself, the server transmits a status code as part of the HTTP response. So someone looking at the full network stream could still see the difference. As an alternative, why not just edit the actual 403 error page contents to reflect the error you desire. Same problem. Finally, You mention that "it's more than a waste of time, it is deliberately crippling of HTTP". Why? Owen gave a good answer to this. Ask yourself why the authors of the HTTP spec decided to have status codes in the first place. Or why not just two codes: success and failure. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
I have successfully and consistently run 2.25 million servlet transactions out of 45 million+ requests through a hardware balancer across 8 clusters of 2 jvms for a total of 16 tomcat instances running on two different server grade machines in ~1 hour with little or no errors. Each tomcat instance uses ~160 busy threads and most transactions were under 2 seconds. The boxes ran at about 50% utilized. When I try to run the same test against the same setup but with two apache 2.2.4 instances running on a third box, I can successfully proxy to and balance across the clusters, but once the volume ramps-up I run into many issues. Now, tomcat easily uses more than 1000 busy threads. I get different issues with mod_proxy_ajp and mod_proxy_http. With mod_proxy_ajp, ~5 to 10 minutes into the test mod_proxy_ajp transaction times go through the roof and the apache error log complains about: [Wed May 23 05:44:43 2007] [error] server reached MaxClients setting, consider raising the MaxClients setting [Wed May 23 05:48:20 2007] [error] (70014)End of file found: ajp_ilink_receive() can't receive header [Wed May 23 05:48:20 2007] [error] ajp_read_header: ajp_ilink_receive failed [Wed May 23 05:48:20 2007] [error] (120006)APR does not understand this error code: proxy: read response failed from (null) (xxx.xxx.xxx.xxx) [Wed May 23 05:48:25 2007] [error] (104)Connection reset by peer: ajp_ilink_receive() can't receive header With mod_proxy_http everything seems to run fine until about 30 minutes into the test the apache error logs complain about: [Wed May 23 02:41:07 2007] [error] server reached MaxClients setting, consider raising the MaxClients setting [Wed May 23 03:18:41 2007] [error] [client xxx.xxx.xxx.xxx] proxy: error reading status line from remote server xxx.xxx.xxx.xxx, referer: http://xxx.xxx.xxx.xxx. [Wed May 23 03:18:41 2007] [error] [client xxx.xxx.xxx.xxx] proxy: Error reading from remote server returned by /tf/tad/accountSearch, referer: http://xxx.xxx.xxx.xxx [Wed May 23 03:18:42 2007] [error] [client xxx.xxx.xxx.xxx] proxy: error reading status line from remote server xxx.xxx.xxx.xxx, referer: http://xxx.xxx.xxx.xxx [Wed May 23 03:18:42 2007] [error] [client xxx.xxx.xxx.xxx] proxy: Error reading from remote server returned by /tf/tad/loadPageFragment, referer: http://xxx.xxx.xxx.xxx [Wed May 23 03:18:42 2007] [error] [client xxx.xxx.xxx.xxx] proxy: error reading status line from remote server xxx.xxx.xxx.xxx, referer: http://xxx.xxx.xxx.xxx. [Wed May 23 03:18:42 2007] [error] [client xxx.xxx.xxx.xxx] proxy: Error reading from remote server returned by /tf/tad/accountSearch, referer: http://xxx.xxx.xxx.xxx [Wed May 23 03:18:42 2007] [error] [client xxx.xxx.xxx.xxx] (70007)The timeout specified has expired: proxy: error reading response If I let the mod_proxy_http test run it eventually brings down the two application servers to the point where I have to reboot them. Here are my apache settings for mod_proxy_http (mod_proxy_ajp is the same except it uses the ajp protocol): BalancerMember http://1.2.3.4:8201/tf/tad smax=400 max=500 route=b1 redirect=a1 BalancerMember http://1.2.3.5:8201/tf/tad smax=400 max=500 route=a1 redirect=b1 BalancerMember http://1.2.3.4:8202/tf/tad smax=400 max=500 route=b2 redirect=a2 BalancerMember http://1.2.3.5:8202/tf/tad smax=400 max=500 route=a2 redirect=b2 BalancerMember http://1.2.3.4:8203/tf/tad smax=400 max=500 route=b3 redirect=a3 BalancerMember http://1.2.3.5:8203/tf/tad smax=400 max=500 route=a3 redirect=b3 BalancerMember http://1.2.3.4:8204/tf/tad smax=400 max=500 route=b4 redirect=a4 BalancerMember http://1.2.3.5:8204/tf/tad smax=400 max=500 route=a4 redirect=b4 BalancerMember http://1.2.3.4:8205/tf/tad smax=400 max=500 route=b5 redirect=a5 BalancerMember http://1.2.3.5:8205/tf/tad smax=400 max=500 route=a5 redirect=b5 BalancerMember http://1.2.3.4:8206/tf/tad smax=400 max=500 route=b6 redirect=a6 BalancerMember http://1.2.3.5:8206/tf/tad smax=400 max=500 route=a6 redirect=b6 BalancerMember http://1.2.3.4:8207/tf/tad smax=400 max=500 route=b7 redirect=a7 BalancerMember http://1.2.3.5:8207/tf/tad smax=400 max=500 route=a7 redirect=b7 BalancerMember http://1.2.3.4:8208/tf/tad smax=400 max=500 route=b8 redirect=a8 BalancerMember http://1.2.3.5:8208/tf/tad smax=400 max=500 route=a8 redirect=b8 ProxyPass /my/servlet balancer://mybalancer stickysession=JSESSIONID nofailover=Off maxattempts=2 lbmethod=byrequests StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 512 MaxSpareServers 512 MaxRequestsPerChild 512 Server version: Apache/2.2.4 (Unix) Server built: May 14 2007 12:26:06 Compiled in modules: core.c mod_authn_file.c mod_authn_default.c mod_authz_host.c mod_authz_groupfile.c mod_authz_user.c mod_authz_default.c mod_auth_basic.c mod_include.c mod_filter.c mod_log_config.c mod_env.c mod_setenvif.c mod_proxy.c mod_proxy_connect.c
Re: [EMAIL PROTECTED] Problem with Internet Explorer
I've already solved the question. Since I use a PHP script to redirect the link I use the function utf8_encode() to make the proper conversion. Now it works fine here. Sorry for bothering you... Marcos R. Cardoso escreveu: I forgot to add, I'm using Apache 2.0.58 on a Windows Server 2003. Marcos R. Cardoso escreveu: I might be missing something but I still couldn't figure it out, I'm trying to send a special caracter through a link, the character is ´ (acute). Using Firefox, Opera and Netscape it works, but using Internet Explorer I get an Apache error. Checking the log, the error is: (22)Invalid argument: utf8 to ucs2 conversion failed on this string: REDIRECT_QUERY_STRING=acao=validar&idUnico=40ccca7f7eabc579a7091c62b77a64c0&login=bd\xb4amaral&cdPessoa=72991&link= and the problem resides in the "login=bd\xb4amaral" section of the error. If anyone went through this situation and managed to fix it, please help me. TIA, -- Marcos R. Cardoso Seção de Documentação e Automação Biblioteca Universitária FURB - Blumenau (047) 3321-0660 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Blank page with Apache and PHP running
Have your tried turning debug on? # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel debug - Original Message From: Alexei <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 11:46:46 AM Subject: [EMAIL PROTECTED] Blank page with Apache and PHP running Hi! I set up my Apache 2.2.4 and PHP-5.2.2 on MS Vista. Wrote a test file with just one php statement. i.e. is written in test.php file. Later went to my web browser and wrote http://localhost/test.php and a blank page came up. It seems that my web server and php engine is working cause when I start the web server I got something like "Apache/2.2.4(Win32)PHP/5.2.2". Why I get a blank page and not the system information that the php engine provides? Is anybody out there that can help me out? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Luggage? GPS? Comic books? Check out fitting gifts for grads at Yahoo! Search http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
Also, I just found the following in my dmesg output: httpd[8313]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10526]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10532]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10530]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10533]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10543]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10546]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10549]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10550]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10557]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10556]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9678]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10554]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9483]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[10527]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9450]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[4952]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[8736]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[8348]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[10561]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[7064]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[8752]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9803]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[7882]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9930]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9988]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10018]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[10040]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[10035]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[9874]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[6971]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9400]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[10574]: segfault at 7fff62fa8ff8 rip 00441479 rsp 7fff62fa8fe0 error 6 httpd[9914]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 httpd[9067]: segfault at 7fffbbe1dfe8 rip 00441459 rsp 7fffbbe1dfb0 error 6 I have successfully and consistently run 2.25 million servlet transactions out of 45 million+ requests through a hardware balancer across 8 clusters of 2 jvms for a total of 16 tomcat instances running on two different server grade machines in ~1 hour with little or no errors. Each tomcat instance uses ~160 busy threads and most transactions were under 2 seconds. The boxes ran at about 50% utilized. When I try to run the same test against the same setup but with two apache 2.2.4 instances running on a third box, I can successfully proxy to and balance across the clusters, but once the volume ramps-up I run into many issues. Now, tomcat easily uses more than 1000 busy threads. I get different issues with mod_proxy_ajp and mod_proxy_http. With mod_proxy_ajp, ~5 to 10 minutes into the test mod_proxy_ajp transaction times go through the roof and the apache error log complains about: [Wed May 23 05:44:43 2007] [error] server reached MaxClients setting, consider raising the MaxClients setting [Wed May 23 05:48:20 2007] [error] (70014)End of file found: ajp_ilink_receive() can't receive header [Wed May 23 05:48:20 2007] [error] ajp_read_header: ajp_ilink_receive failed [Wed May 23 05:48:20 2007] [error] (120006)APR does not understand this error code: proxy: read response failed from (null) (xxx.xxx.xxx.xxx) [Wed May 23 05:48:25 2007] [error] (104)Connection reset by peer: ajp_ilink_receive() can't receive header With mod_proxy_http everything seems to run fine until about 30 minutes into the test the apache error logs complain about: [Wed May 23 02:41:07 2007] [error] server reached MaxClients setting, consider raising
Re: [EMAIL PROTECTED] Blank page with Apache and PHP running
Hi! I set up my Apache 2.2.4 and PHP-5.2.2 on MS Vista. Wrote a test file with just one php statement. i.e. is written in Should be , not longer supported by default, unless you enable it in the php.ini file. It conflicts with xml syntax. Also when testing your php code, make sure to enable display error messages in the php.ini, so you can see your php code errors. test.php file. Later went to my web browser and wrote http://localhost/test.php and a blank page came up. It seems that my web server and php engine is working cause when I start the web server I got something like "Apache/2.2.4(Win32)PHP/5.2.2". Why I get a blank page and not the system information that the php engine provides? Is anybody out there that can help me out? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
On May 23, 2007, at 1:23 PM, justin wright wrote: StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 512 MaxSpareServers 512 MaxRequestsPerChild 512 I would suggest reading at least *some* of the documents on how to configure Apache. Apache is spending loads of time thrashing and killing/creating processes that it's a wonder it's working at all. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] changing the error status code for forbidden resources
Thank you for sharing your knowledge. >>> [EMAIL PROTECTED] 5/23/2007 12:05 PM >>> On 5/23/07, Matt Rigor <[EMAIL PROTECTED]> wrote: > Joshua, > > Three questions in hopes of bettering my understanding of Apache. > > Why not just edit the conf file to take the 403 error and have it > redirect to the Apache 404 error page > within the error directory? Example below. > > ErrorDocument 403 /error/HTTP_NOT_FOUND.html.var > ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var Because in addition to the error document itself, the server transmits a status code as part of the HTTP response. So someone looking at the full network stream could still see the difference. > > As an alternative, why not just edit the actual 403 error page contents > to reflect the error you desire. Same problem. > > Finally, You mention that "it's more than a waste of time, it is > deliberately crippling of HTTP". Why? Owen gave a good answer to this. Ask yourself why the authors of the HTTP spec decided to have status codes in the first place. Or why not just two codes: success and failure. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
When I use the default settings apache immediately complains that it reaches the server limit. Therefore, I kept raising the limits until I reached the configuration listed below and still the CPU utilization on the apache box is less than 10% (Its a quad AMD box with plenty of memory). I've spent the past month pouring through the documents trying to figure out how to configure these settings. What would you suggest for a high-volume site that can serve up 45+ million requests in an hour? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 12:29:31 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On May 23, 2007, at 1:23 PM, justin wright wrote: > > > StartServers 512 > ServerLimit 1024 > MaxClients 1024 > MinSpareServers 512 > MaxSpareServers 512 > MaxRequestsPerChild 512 > > I would suggest reading at least *some* of the documents on how to configure Apache. Apache is spending loads of time thrashing and killing/creating processes that it's a wonder it's working at all. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Blank page with Apache and PHP running
On May 23, 2007, at 9:46 AM, Alexei wrote: Is anybody out there that can help me out? What does the error log say? S. -- Sander Temme [EMAIL PROTECTED] PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF smime.p7s Description: S/MIME cryptographic signature
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
Some pointers: MaxRequestsPerChild 512 This means that after an Apache child process handles 512 requests, it will be killed off (and a replacement will need to be forked). With 45+ million request per hour, that's a lot of forking. Min/MaxSpareServers 512 You are telling Apache that you want between 512 and 512 idle Apache processes. If you have more, kill them off; less, add more. Can you see the issue with this? :) (actually, Apache internally tries to handle this misconfig by setting Max to 513, but still, that's a REAL NARROW BAND) On May 23, 2007, at 1:41 PM, justin wright wrote: When I use the default settings apache immediately complains that it reaches the server limit. Therefore, I kept raising the limits until I reached the configuration listed below and still the CPU utilization on the apache box is less than 10% (Its a quad AMD box with plenty of memory). I've spent the past month pouring through the documents trying to figure out how to configure these settings. What would you suggest for a high-volume site that can serve up 45+ million requests in an hour? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 12:29:31 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On May 23, 2007, at 1:23 PM, justin wright wrote: StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 512 MaxSpareServers 512 MaxRequestsPerChild 512 I would suggest reading at least *some* of the documents on how to configure Apache. Apache is spending loads of time thrashing and killing/creating processes that it's a wonder it's working at all. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] __ __Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] DocumentRoot - Apache2 - Ubuntu
On Wednesday 23 May 2007 12:03, Krist van Besien wrote: <> > > What I did is put every block in its own config file. In > these config files I configured for every virtual host where the > docroot is, where it has to log etc... > All these config files are under sites_available, and sites_enabled > contains links to these files. Hi Krist: Thank you for the explanation - here's what I did - paths obfuscated: in /etc/apache2/sites-available/default, which is symlinked as you describe - I have the following: DocumentRoot /mydoc/root/ ScriptAlias /cgi-bin/ "/mydoc/root/cgipath/" ## quoted and trailing '/' AllowOverride None Options ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all I'm much obliged for the help. tim -- Tim Johnson <[EMAIL PROTECTED]> Palmer, Alaska, USA - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
I've set the apache confs to use the following StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 256 MaxSpareServers 512 MaxRequestsPerChild 10 I reran the test with a smaller load (350 users as opposed to 1250). It didn't hit the server limit but I still get this error: [Wed May 23 07:30:54 2007] [error] (70014)End of file found: ajp_ilink_receive() can't receive header [Wed May 23 07:30:54 2007] [error] ajp_read_header: ajp_ilink_receive failed [Wed May 23 07:30:54 2007] [error] (120006)APR does not understand this error code: proxy: read response failed from (null) (xxx.xxx.xxx.xxx) Any other suggestions? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 12:51:11 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? Some pointers: MaxRequestsPerChild 512 This means that after an Apache child process handles 512 requests, it will be killed off (and a replacement will need to be forked). With 45+ million request per hour, that's a lot of forking. Min/MaxSpareServers 512 You are telling Apache that you want between 512 and 512 idle Apache processes. If you have more, kill them off; less, add more. Can you see the issue with this? :) (actually, Apache internally tries to handle this misconfig by setting Max to 513, but still, that's a REAL NARROW BAND) On May 23, 2007, at 1:41 PM, justin wright wrote: > When I use the default settings apache immediately complains that > it reaches the server limit. Therefore, I kept raising the limits > until I reached the configuration listed below and still the CPU > utilization on the apache box is less than 10% (Its a quad AMD box > with plenty of memory). I've spent the past month pouring through > the documents trying to figure out how to configure these > settings. What would you suggest for a high-volume site that can > serve up 45+ million requests in an hour? > > > - Original Message > From: Jim Jagielski <[EMAIL PROTECTED]> > To: users@httpd.apache.org > Sent: Wednesday, May 23, 2007 12:29:31 PM > Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy > (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 > clusters - Configuration issues or bugs? > > > On May 23, 2007, at 1:23 PM, justin wright wrote: > >> >> >> StartServers 512 >> ServerLimit 1024 >> MaxClients 1024 >> MinSpareServers 512 >> MaxSpareServers 512 >> MaxRequestsPerChild 512 >> >> > > I would suggest reading at least *some* of the documents > on how to configure Apache. Apache is spending > loads of time thrashing and killing/creating processes > that it's a wonder it's working at all. > > > - > The official User-To-User support forum of the Apache HTTP Server > Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > __ > __Be a better Globetrotter. Get better travel answers > from someone who knows. Yahoo! Answers - Check it out. > http://answers.yahoo.com/dir/?link=list&sid=396545469 > > - > The official User-To-User support forum of the Apache HTTP Server > Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Yahoo! oneSearch: Finally, mobile search that gives answers, not web links. http://mobile.yahoo.com/mobileweb/onesearch?refer=1ONXIC - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Redirect HTTPS page to HTTPS page
I have created a login page for a network of mine and am needing some
Rewrite help. Let me describe what is going on.
When you first connect to the network and visit an HTTP page, my rewrite
rules redirect the user to https://dns-name-of-server/index.php.
When you first connect to the network and visit an HTTPS page, my
rewrite rules redirect the user to the appropriate page, but do not
change the URL. Thus, the user receives an SSL certificate error
because the name on the certificate does not match the name in the URL.
I have seen other users who have wanted to do this, but I have never
found an answer. Does anybody have any ideas as to how to get this to
work without the certificate error? Below is the code for my rewrite rules.
RewriteEngine On
RewriteCond %{HTTP_HOST}!^auth\.server\.com$
RewriteRule (.*) https://auth.server.com/index.php [R=301,L]
I have also tried:
RewriteEngine On
RewriteCond %{SERVER_PORT} ^443$
RewriteCond %{HTTP_HOST}!^auth\.server\.com$
RewriteRule (.*) https://auth.server.com/index.php [R=301,L]
--
Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA
Spider Security
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
On 5/23/07, justin wright <[EMAIL PROTECTED]> wrote: I've set the apache confs to use the following StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 256 No comment on the ajp stuff, but MinSpareServers is still way too high. Why would you want to ask apache to keep a MINimum of 256 SPARE (idle/unused) SERVERS (processes) available at all times? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Redirect HTTPS page to HTTPS page
On 5/23/07, Nathaniel Hall <[EMAIL PROTECTED]> wrote:
RewriteEngine On
RewriteCond %{HTTP_HOST}!^auth\.server\.com$
RewriteRule (.*) https://auth.server.com/index.php [R=301,L]
You're always going to get the cert error here, because ssl
negotiation (including certificate verification) happens before any
HTTP request headers are sent to apache. Further, apache can't know
what hostname is being requested until it reads the Host from the HTTP
request headers. So by the time it knows to redirect, the ssl
negotiation and certificate error are long gone. (This is the same
reason you can't do name-based virtual hosting with ssl.)
So you either need to fix your links to point to auth.server.com or
acquire a cert for the other hostnames.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
I'm assuming that since I have plenty of memory and plenty of CPU capacity and I am trying to come up with a configuration for a site that will have very high peak loads that I would want plenty of spare servers to service a sudden influx of requests. What would you suggest. - Original Message From: Joshua Slive <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 1:55:36 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On 5/23/07, justin wright <[EMAIL PROTECTED]> wrote: > I've set the apache confs to use the following > > StartServers 512 > ServerLimit 1024 > MaxClients 1024 > MinSpareServers 256 No comment on the ajp stuff, but MinSpareServers is still way too high. Why would you want to ask apache to keep a MINimum of 256 SPARE (idle/unused) SERVERS (processes) available at all times? Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Got a little couch potato? Check out fun summer activities for kids. http://search.yahoo.com/search?fr=oni_on_mail&p=summer+activities+for+kids&cs=bz - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
On May 23, 2007, at 2:49 PM, justin wright wrote: I've set the apache confs to use the following StartServers 512 ServerLimit 1024 MaxClients 1024 MinSpareServers 256 MaxSpareServers 512 MaxRequestsPerChild 10 I reran the test with a smaller load (350 users as opposed to 1250). It didn't hit the server limit but I still get this error: [Wed May 23 07:30:54 2007] [error] (70014)End of file found: ajp_ilink_receive() can't receive header [Wed May 23 07:30:54 2007] [error] ajp_read_header: ajp_ilink_receive failed [Wed May 23 07:30:54 2007] [error] (120006)APR does not understand this error code: proxy: read response failed from (null) (xxx.xxx.xxx.xxx) That means that when ajp_ilink_receive() (actually ilink_read()) tried to read from the AJP socket, it rec'd an error. Could be a network issue. Could be not enough workers on the Tomcat side. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
justin wright wrote: > I'm assuming that since I have plenty of memory and plenty of CPU capacity > and I am trying to come up with a configuration for a site that will have > very high peak loads that I would want plenty of spare servers to service a > sudden influx of requests. What would you suggest. I would suggest that as you get nailed, it's going to be too busy keeping 256 more servers FREE than acutally serving all the requests that are inbound. MaxSpareServers can certainly be kept quite high if you have all that ram available, but MinSpareServers is the edge level at which apache is busier forking off spares rather than taking care of your incoming requests. The default value was probably right. StartServers can also be set quite high so that your forking is all going on long before the traffic gets to your site. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
If worker == thread, I have 1500 max threads on the tomcat side. When I ran the test straight against the tomcat servers, they only consumed ~160 threads/tomcat instance. When I put apache in front of it, this number goes up to ~1100. The network is a gig ethernet and is only about 15% utilized. I have read about bugs with apache 2.2.x and mod_proxy where it doesn't reuse connections and eventually runs out, but I also read this bug was fixed. Any tips on debugging connections to tomcat or how would I find out if apache is getting bind exceptions when trying to connect to tomcat? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 2:27:16 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On May 23, 2007, at 2:49 PM, justin wright wrote: > I've set the apache confs to use the following > > StartServers 512 > ServerLimit 1024 > MaxClients 1024 > MinSpareServers 256 > MaxSpareServers 512 > MaxRequestsPerChild 10 > > > I reran the test with a smaller load (350 users as opposed to > 1250). It didn't hit the server limit but I still get this error: > > [Wed May 23 07:30:54 2007] [error] (70014)End of file found: > ajp_ilink_receive() can't receive header > [Wed May 23 07:30:54 2007] [error] ajp_read_header: > ajp_ilink_receive failed > [Wed May 23 07:30:54 2007] [error] (120006)APR does not understand > this error code: proxy: read response failed from (null) > (xxx.xxx.xxx.xxx) > > That means that when ajp_ilink_receive() (actually ilink_read()) tried to read from the AJP socket, it rec'd an error. Could be a network issue. Could be not enough workers on the Tomcat side. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sick sense of humor? Visit Yahoo! TV's Comedy with an Edge to see what's on, when. http://tv.yahoo.com/collections/222 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Redirect HTTPS page to HTTPS page
Joshua Slive wrote:
On 5/23/07, Nathaniel Hall <[EMAIL PROTECTED]> wrote:
RewriteEngine On
RewriteCond %{HTTP_HOST}!^auth\.server\.com$
RewriteRule (.*) https://auth.server.com/index.php [R=301,L]
You're always going to get the cert error here, because ssl
negotiation (including certificate verification) happens before any
HTTP request headers are sent to apache. Further, apache can't know
what hostname is being requested until it reads the Host from the HTTP
request headers. So by the time it knows to redirect, the ssl
negotiation and certificate error are long gone. (This is the same
reason you can't do name-based virtual hosting with ssl.)
So you either need to fix your links to point to auth.server.com or
acquire a cert for the other hostnames.
Joshua.
That is what I was afraid of. Unfortunately, I cannot get a certificate
for the other hostnames because I want to be able to redirect for any
HTTPS site until the user logs in. Thanks for the help.
--
Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA
Spider Security
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_rewrite
I need to change a bahaviour on the rewrite of the apache server. Right now, if I type in a path that does not exist (like /nopage.html) Apache will serve up the 404 page (/html/404.html), but the URL will still read /nopage.html. I need the URL to be /html/404.html Conversely, when someone goes to a page that does exist (/x10) Apache will serve up the redirected page (/landing/index.jsp?wfId=685) We need Apache to instead serve up /x10. Diar Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545433
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
I'm in the middle of a test right (~15min into it) now with 1250 users pounding the heck out of this thing and (knock on wood) there are no errors in the apache logs. Here are my settings: StartServers 512 ServerLimit 2048 MaxClients 1250 MinSpareServers 25 MaxSpareServers 512 MaxRequestsPerChild 10 It seems if these setting aren't right it really messes with the proxy. On the tomcat side the number of busy threads continue to grow. I still don't understand how I can go directly against tomcat and only consume ~160 busy threads and now its consuming ~1000 threads and is still climbing. Any ideas? Thanks again, J - Original Message From: justin wright <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 2:43:14 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? If worker == thread, I have 1500 max threads on the tomcat side. When I ran the test straight against the tomcat servers, they only consumed ~160 threads/tomcat instance. When I put apache in front of it, this number goes up to ~1100. The network is a gig ethernet and is only about 15% utilized. I have read about bugs with apache 2.2.x and mod_proxy where it doesn't reuse connections and eventually runs out, but I also read this bug was fixed. Any tips on debugging connections to tomcat or how would I find out if apache is getting bind exceptions when trying to connect to tomcat? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 2:27:16 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On May 23, 2007, at 2:49 PM, justin wright wrote: > I've set the apache confs to use the following > > StartServers 512 > ServerLimit 1024 > MaxClients 1024 > MinSpareServers 256 > MaxSpareServers 512 > MaxRequestsPerChild 10 > > > I reran the test with a smaller load (350 users as opposed to > 1250). It didn't hit the server limit but I still get this error: > > [Wed May 23 07:30:54 2007] [error] (70014)End of file found: > ajp_ilink_receive() can't receive header > [Wed May 23 07:30:54 2007] [error] ajp_read_header: > ajp_ilink_receive failed > [Wed May 23 07:30:54 2007] [error] (120006)APR does not understand > this error code: proxy: read response failed from (null) > (xxx.xxx.xxx.xxx) > > That means that when ajp_ilink_receive() (actually ilink_read()) tried to read from the AJP socket, it rec'd an error. Could be a network issue. Could be not enough workers on the Tomcat side. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sick sense of humor? Visit Yahoo! TV's Comedy with an Edge to see what's on, when. http://tv.yahoo.com/collections/222 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. http://sims.yahoo.com/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
As soon as I sent that last message everything went into the toilet and now the application servers aren't even responding. - Original Message From: justin wright <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 3:07:13 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? I'm in the middle of a test right (~15min into it) now with 1250 users pounding the heck out of this thing and (knock on wood) there are no errors in the apache logs. Here are my settings: StartServers 512 ServerLimit 2048 MaxClients 1250 MinSpareServers 25 MaxSpareServers 512 MaxRequestsPerChild 10 It seems if these setting aren't right it really messes with the proxy. On the tomcat side the number of busy threads continue to grow. I still don't understand how I can go directly against tomcat and only consume ~160 busy threads and now its consuming ~1000 threads and is still climbing. Any ideas? Thanks again, J - Original Message From: justin wright <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 2:43:14 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? If worker == thread, I have 1500 max threads on the tomcat side. When I ran the test straight against the tomcat servers, they only consumed ~160 threads/tomcat instance. When I put apache in front of it, this number goes up to ~1100. The network is a gig ethernet and is only about 15% utilized. I have read about bugs with apache 2.2.x and mod_proxy where it doesn't reuse connections and eventually runs out, but I also read this bug was fixed. Any tips on debugging connections to tomcat or how would I find out if apache is getting bind exceptions when trying to connect to tomcat? - Original Message From: Jim Jagielski <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 2:27:16 PM Subject: Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs? On May 23, 2007, at 2:49 PM, justin wright wrote: > I've set the apache confs to use the following > > StartServers 512 > ServerLimit 1024 > MaxClients 1024 > MinSpareServers 256 > MaxSpareServers 512 > MaxRequestsPerChild 10 > > > I reran the test with a smaller load (350 users as opposed to > 1250). It didn't hit the server limit but I still get this error: > > [Wed May 23 07:30:54 2007] [error] (70014)End of file found: > ajp_ilink_receive() can't receive header > [Wed May 23 07:30:54 2007] [error] ajp_read_header: > ajp_ilink_receive failed > [Wed May 23 07:30:54 2007] [error] (120006)APR does not understand > this error code: proxy: read response failed from (null) > (xxx.xxx.xxx.xxx) > > That means that when ajp_ilink_receive() (actually ilink_read()) tried to read from the AJP socket, it rec'd an error. Could be a network issue. Could be not enough workers on the Tomcat side. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sick sense of humor? Visit Yahoo! TV's Comedy with an Edge to see what's on, when. http://tv.yahoo.com/collections/222 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. http://sims.yahoo.com/ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Shape Yahoo! in your own image. Join our Network Research Panel today! http://
Re: [EMAIL PROTECTED] Re: High volume issues using mod_proxy (balancer,http,ajp) on Apache 2.2.4 across multiple tomcat 5.5.23 clusters - Configuration issues or bugs?
On May 23, 2007, at 4:07 PM, justin wright wrote: I'm in the middle of a test right (~15min into it) now with 1250 users pounding the heck out of this thing and (knock on wood) there are no errors in the apache logs. Here are my settings: StartServers 512 ServerLimit 2048 MaxClients 1250 MinSpareServers 25 MaxSpareServers 512 MaxRequestsPerChild 10 It seems if these setting aren't right it really messes with the proxy. On the tomcat side the number of busy threads continue to grow. I still don't understand how I can go directly against tomcat and only consume ~160 busy threads and now its consuming ~1000 threads and is still climbing. Any ideas? Think of Apache as a switchboard operator... In this case, people don't call Joe Blow directly, but they call the operator who then "patches them in" to Joe Blow. Joe Blow can get away with 1 phone line and his load is small. The switchboard operator does not have life so easy. Configuring Apache right makes the switchboard operator more efficient. Now when using Apache in front, and connection pooling, the operator now has several lines to Joe Blow and will use them as needed... Still don't see the need for MaxRequestsPerChild to be anything other than 0. And netstat -an is your friend to see the socket utilization between Apache and TC. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite
On 5/23/07, Diar Gashi <[EMAIL PROTECTED]> wrote: I need to change a bahaviour on the rewrite of the apache server. Right now, if I type in a path that does not exist (like /nopage.html) Apache will serve up the 404 page (/html/404.html), but the URL will still read /nopage.html. I need the URL to be /html/404.html This is usually a bad idea, since it requires returning a redirect status code to the client instead of the not-found status code. This can confuse search engines. But if you want to do it, it is easy: Errordocument 404 http://example.com/html/404.html Conversely, when someone goes to a page that does exist (/x10) Apache will serve up the redirected page (/landing/index.jsp?wfId=685) We need Apache to instead serve up /x10. Show us the directives you use currently to do the redirect. A simple guess would be RewriteRule ^/x10 /landing.index.jsp?wfld=685 Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite
Joshua, thanks for the very useful info. The site is currently not opening, but I'll give it a try again later. As for the second part, there is a redirect rule: Redirect /x10 http://DOMAIN_NAME/landing/index.jsp?wfId=685 Thanks, Diar - Original Message From: Joshua Slive <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 4:41:56 PM Subject: Re: [EMAIL PROTECTED] mod_rewrite On 5/23/07, Diar Gashi <[EMAIL PROTECTED]> wrote: > > > > I need to change a bahaviour on the rewrite of the apache server. Right now, > if I type in a path that does not exist (like /nopage.html) Apache will > serve up the 404 page (/html/404.html), but the URL will still read > /nopage.html. I need the URL to be /html/404.html This is usually a bad idea, since it requires returning a redirect status code to the client instead of the not-found status code. This can confuse search engines. But if you want to do it, it is easy: Errordocument 404 http://example.com/html/404.html > Conversely, when someone goes to a page that does exist (/x10) Apache will > serve up the redirected page (/landing/index.jsp?wfId=685) We need Apache to > instead serve up /x10. Show us the directives you use currently to do the redirect. A simple guess would be RewriteRule ^/x10 /landing.index.jsp?wfld=685 Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Get the free Yahoo! toolbar and rest assured with the added security of spyware protection. http://new.toolbar.yahoo.com/toolbar/features/norton/index.php
Re: [EMAIL PROTECTED] fully qualified domain name - Problem
Thanks to Joshua and Dragon, all is good now. cheers tim -- Tim Johnson <[EMAIL PROTECTED]> Palmer, Alaska, USA - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] httpd.conf
Hello, And we have 3 Apache instance?? can we let the client see our error page when the server stop responding??? i don't know exactly but is there any way to control the issue by providing an error page to the clients like " The server busy" or " Please wait 30 minutes and reconnect to our site"...??? hope guys that there is a solution Anyway any good solution to monitor the httpd process (the Application Server)??? Regards, RN Thanks in advance guys
Re: [EMAIL PROTECTED] mod_disk_cache with mod_deflate not sending If-Modified-Since to tomcat webapp
On 13 May 2007, at 16:05, Ion Alexandru Morega wrote: Hi. I'm having trouble using mod_cache/mod_disk_cache and mod_deflate at the same time. My setup is like this: one Tomcat 5.5 webapp, Apache 2.2.3 + mod_jk 1.2.18. The intent is to cache pages generated by the webapp; as long as the page content is not changed, pages should be served from Apache's cache (communication between apache and the webapp is done through Last-Modified and If-Modified-Since HTTP headers). It works well if I don't use mod_deflate; as soon as I enable mod_deflate compression, Apache seems to ignore its cache. here is a configuration snippet: --- AddOutputFilterByType DEFLATE text/html text/plain text/xml application/x-javascript text/css CacheRoot /var/test_app/cache CacheDirLevels 1 CacheDirLength 1 CacheEnable disk /cache_test CacheIgnoreHeaders Set-Cookie Cookie Cache-Control Pragma CacheIgnoreCacheControl On CacheMaxExpire 0 --- CacheDirLevels and CacheDirLength are set to 1 to make it easier to look into the cache directory. I set CacheMaxExpire to zero because I don't want any "blind" caching of documents; each and every request must ask the Tomcat webapp whether the cached data is fresh. I'm deliberately ignoring any user agent's cache control headers because I trust my own caching mechanism to provide fresh data (I tried working with many permutations of CacheIngoreHeaders and CacheIgnoreCacheControl, including commenting out both, none worked properly with mod_deflate). Comparing the behaviour with / without mod_deflate, I've seen some interesting things. Firstly, without mod_deflate, the first request for the page causes the Tomcat webapp to generate the page, which is then stored in the cache. Any subsequent request will reach Tomcat with a "If-Modified- Since" header, containing the date that Tomcat previously sent as "Last-Modified" (and if Tomcat replies with a 304 Not Modified status, the page is served from cache). I haven't been able to get any user-agent to trick Apache into sending a request without "If- Modified-Since". Looking into the on-disk cache, I see two files generated for this page - one [hashcode].header and one [hashcode].data file. This all is, as I understand, correct behaviour. Now, with mod_deflate enabled, if the browser's request contains no "If-Modified-Since" header, Apache will not send "If-Modified- Since" either. The page is therefore generated all over again, even if it was already in the cache. Looking into the cache folder, i now see an extra [hashcode].header.vary directory, that contains different cached responses for different user-agents. Interestingly, if the user-agent request contains an "If-Modified- Since" header, it's passed on to Tomcat, and the page is not generated again (because it's cached by the browser). I have tried this configuration with apache 2.2.4 and mod_jk 1.2.22, and the problem is the same. I'm now experimenting with mod_mem_cache, which seems to work well, but it sometimes forgets to send "If-Modified-Since" headers too. Still, I'd rather use mod_disk_cache if I could. I hope this information is detailed enough; if not, I'll gladly explain more. Thanks, -- Alex Hi. Just wanted to bring up this issue again. I've ended up writing a custom cache in Java, but I'd much rather use Apache's mod_disk_cache. Thanks, -- Alex - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite
On 5/23/07, Diar Gashi <[EMAIL PROTECTED]> wrote: Joshua, thanks for the very useful info. The site is currently not opening, but I'll give it a try again later. As for the second part, there is a redirect rule: Redirect /x10 http://DOMAIN_NAME/landing/index.jsp?wfId=685 Redirect definitely is not what you want since it will ask the client to redo the request with the new url. Either use an Alias or the RewriteRule I gave in my last email. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_disk_cache with mod_deflate not sending If-Modified-Since to tomcat webapp
On 5/23/07, Ion Alexandru Morega <[EMAIL PROTECTED]> wrote: On 13 May 2007, at 16:05, Ion Alexandru Morega wrote: > Hi. > > I'm having trouble using mod_cache/mod_disk_cache and mod_deflate > at the same time. There's some patches committed to the trunk (development) version of mod_cache that fix problems with Vary-handling in the cache. This could be the issue you are seeing since mod_deflate uses Vary. But I haven't confirmed it. These changes will likely make it into the next 2.2 release. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_disk_cache with mod_deflate not sending If-Modified-Since to tomcat webapp
On 24 May 2007, at 00:56, Joshua Slive wrote: On 5/23/07, Ion Alexandru Morega <[EMAIL PROTECTED]> wrote: On 13 May 2007, at 16:05, Ion Alexandru Morega wrote: > Hi. > > I'm having trouble using mod_cache/mod_disk_cache and mod_deflate > at the same time. There's some patches committed to the trunk (development) version of mod_cache that fix problems with Vary-handling in the cache. This could be the issue you are seeing since mod_deflate uses Vary. But I haven't confirmed it. These changes will likely make it into the next 2.2 release. Joshua. Thanks, I'll try to compile the trunk, though i probably won't use that for production until the next release :) -- Alex - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Mod_headers and cgi question involving P3P/IE7/cookies
I'm running an admittedly old Apache 1.3.6 server configuration with an ecommerce website and recently attempted to resolve the problem involving cookies, IE7 and P3P Compact Headers. For any unfamiliar with the issue, IE7 browser, at the "High" privacy setting, will only allow cookies to be set or read if the site conforms completely with P3P privacy policies. Among other requirements, the page setting the cookie must have an http response header containing the P3P Compact Policy header, which matches the XML privacy policy on your site. Else an ugly icon becomes visible and cookie access is denied. Mod_headers is the vehicle prescribed to set the P3P Compact Policy header. Once enabled, mod_headers will add or adjust response headers at your command, with directives in your Apache config files or .htaccess. On my setup, mod_headers was compiled-in, as revealed by httpd -l. When I placed the appropriate header directive in .htaccess at the web root level, my static pages were delivered with the correct P3P Compact Policy headers. So far, so good. However, on pages created by my site's shopping cart cgi, the response headers look quite different and do not contain the P3P Compact Policy header. The shopping cart cgi does not appear to be using the Non Parsed Headers mode (no nph in the program names,) so I fail to understand this behavior. I expected that Apache mod_headers would add the header as directed to the cgi output before delivery. And so, the questions: 1. Shouldn't the header directive still be parsed via mod_headers, and shouldn't I expect to see the P3P Compact Policy header on the active pages prepared by the shopping cart cgi? If yes, why might this not work; and if no, why not? 2. Well, Question 1 is good enough. The shopping cart vendor has issued a patch to allow the header to be inserted in the cgi output, so that is a rough solution. But I would really like to know the why mod_headers didn't do the trick. Anybody know? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] httpd.conf
There are commercial tools from Mercury and BMC that will monitor a web sites health, but they aren't cheap. If you simply want to see if its alive, you could use an application server to send an HTTP request like GET / and test to make sure you get a response and that the status is 200 ok and if it doesnt respond or sends something other than 200 Ok the process could e-mail or page someboday. I wouldn't use the same application server that sits behind Apache to monitor apache. - Original Message From: Red al tubor <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 4:14:53 PM Subject: [EMAIL PROTECTED] httpd.conf Hello, And we have 3 Apache instance?? can we let the client see our error page when the server stop responding??? i don't know exactly but is there any way to control the issue by providing an error page to the clients like " The server busy" or " Please wait 30 minutes and reconnect to our site"...??? hope guys that there is a solution Anyway any good solution to monitor the httpd process (the Application Server)??? Regards, RN Thanks in advance guys Get the free Yahoo! toolbar and rest assured with the added security of spyware protection. http://new.toolbar.yahoo.com/toolbar/features/norton/index.php
Re: [EMAIL PROTECTED] Mod_headers and cgi question involving P3P/IE7/cookies
On 5/23/07, elwyatt <[EMAIL PROTECTED]> wrote: I'm running an admittedly old Apache 1.3.6 server configuration My guess is that the line above answers your two questions below. And so, the questions: 1. Shouldn't the header directive still be parsed via mod_headers, and shouldn't I expect to see the P3P Compact Policy header on the active pages prepared by the shopping cart cgi? If yes, why might this not work; and if no, why not? 2. Well, Question 1 is good enough. The shopping cart vendor has issued a patch to allow the header to be inserted in the cgi output, so that is a rough solution. But I would really like to know the why mod_headers didn't do the trick. Anybody know? Although I haven't personally tested it, I'm fairly sure that mod_headers will act on CGI scripts, at least in recent versions. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Probobaly Stupid
Exactly. I just got apache dl'd and installed, and i'm at a complete loss as how to open/use/edit the modules. Can someone explain this in newbie terms plz? Oh, btw, I'm running in XP Home Edition SP2. Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos & more. http://mobile.yahoo.com/go?refer=1GNXIC
Re: [EMAIL PROTECTED] Probobaly Stupid
Its a LoadModule directive. If you installed the binary from apache, simply search the httpd.conf in the conf folder for the module you are interested in and uncomment (remove the #) the LoadModule directive of interest. This tells apache to the load the module, but depending on the module there is probably some other configuration todo. The module documentation can be found at http://httpd.apache.org/docs/2.2/mod/ - Original Message From: brant martin <[EMAIL PROTECTED]> To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 7:57:48 PM Subject: [EMAIL PROTECTED] Probobaly Stupid Exactly. I just got apache dl'd and installed, and i'm at a complete loss as how to open/use/edit the modules. Can someone explain this in newbie terms plz? Oh, btw, I'm running in XP Home Edition SP2. Luggage? GPS? Comic books? Check out fitting gifts for grads at Yahoo! Search. Pinpoint customers who are looking for what you sell. http://searchmarketing.yahoo.com/
Re: [EMAIL PROTECTED] Probobaly Stupid
On 5/23/07, justin wright wrote: Its a LoadModule directive. If you installed the binary from apache, simply search the httpd.conf in the conf folder for the module you are interested in and uncomment (remove the #) the LoadModule directive of interest. This tells apache to the load the module, but depending on the module there is probably some other configuration todo. The module documentation can be found at http://httpd.apache.org/docs/2.2/mod/ - Original Message From: brant martin To: users@httpd.apache.org Sent: Wednesday, May 23, 2007 7:57:48 PM Subject: [EMAIL PROTECTED] Probobaly Stupid Exactly. I just got apache dl'd and installed, and i'm at a complete loss as how to open/use/edit the modules. Can someone explain this in newbie terms plz? Oh, btw, I'm running in XP Home Edition SP2. Luggage? GPS? Comic books? Check out fitting gifts for grads at Yahoo! Search. Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase. ehhh i've rarely had to do alot of configuring... mostly its just with my iptables config on my router... Though, if you really want to simplify things, you could go for WAMP, a pre-configured system with the Windows system service installers. Also, you could read the documentation on the Apache website for how to use the modules ... as a note: you dont edit the /modules/ you edit the modules /configuration/ for more help, read the manual AND/OR try a pre-configured install (like WAMP5 - http://www.wampserver.com/en/ ) -- Morgan gangwere "Space does not reflect society, it expresses it." -- Castells, M., Space of Flows, Space of Places: Materials for a Theory of Urbanism in the Information Age, in The Cybercities Reader, S. Graham, Editor. 2004, Routledge: London. p. 82-93. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Apache 2.0.52 - mod_auth_ldap (ldap_simple_bind_s() failed)
Hi all, I'm running Apache 2.0.52 with mod_auth_ldap on a CentOS 4.5 box. PAM is properly configured to authenticate against LDAP and I can successfully query the LDAP server. Now when I'm trying to authenticate against LDAP with mod_auth_ldap I receive the following in my error_log: [Wed May 23 23:47:26 2007] [debug] mod_auth_ldap.c(308): [client 10.8.20.2] [21819] auth_ldap authenticate: using URL ldaps://bar.foo.com/ou=staff,dc=foo,dc=com?uid [Wed May 23 23:47:26 2007] [warn] [client 10.8.20.2] [21819] auth_ldap authenticate: user sf authentication failed; URI /proto/trunk [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] Here's the relevant excerpt in my configs. First, since my LDAP server is using SSL, I have the following mod_ldap directives in httpd.conf: LDAPTrustedCA /etc/httpd/conf/ssl.crt/ca.pem LDAPTrustedCAType BASE64_FILE .. and just to verify the ca file: -r--r--r-- 1 nobody root 1354 Apr 16 17:50 /etc/httpd/conf/ssl.crt/ca.pem my virtualhost.conf has the following excerpt: ServerName svn.foo.com LogLevel debug DAV svn SVNParentPath /opt/svn/ AuthLDAPEnabled on AuthType Basic AuthName "Authorized Users ONLY!" AuthLDAPAuthoritative on AuthLDAPURL "ldaps://bar.foo.com/ou=staff,dc=foo,dc=com?uid" require valid-user Order mutual-failure Allow from 10.8.12.14/32 Satisfy any CustomLog logs/svn-access_log common Thank you kindly for any insight anyone might be able to offer me. - sf - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Apache 2.0.52 - mod_auth_ldap (ldap_simple_bind_s() failed)
Please disregard this. yum update decided to pull one of these on me: drwx-- 2 root root 4096 May 19 16:27 ssl.crt after enough greping through strace logs on apache children procs, I was able to determine that a stupid permissions issue was the root of my problems. Cheers, - sf Steve Finkelstein wrote: > Hi all, > > I'm running Apache 2.0.52 with mod_auth_ldap on a CentOS 4.5 box. PAM is > properly configured to authenticate against LDAP and I can successfully > query the LDAP server. > > Now when I'm trying to authenticate against LDAP with mod_auth_ldap I > receive the following in my error_log: > > [Wed May 23 23:47:26 2007] [debug] mod_auth_ldap.c(308): [client > 10.8.20.2] [21819] auth_ldap authenticate: using URL > ldaps://bar.foo.com/ou=staff,dc=foo,dc=com?uid > [Wed May 23 23:47:26 2007] [warn] [client 10.8.20.2] [21819] auth_ldap > authenticate: user sf authentication failed; URI /proto/trunk [LDAP: > ldap_simple_bind_s() failed][Can't contact LDAP server] > > Here's the relevant excerpt in my configs. First, since my LDAP server > is using SSL, I have the following mod_ldap directives in httpd.conf: > > LDAPTrustedCA /etc/httpd/conf/ssl.crt/ca.pem > LDAPTrustedCAType BASE64_FILE > > .. and just to verify the ca file: > > -r--r--r-- 1 nobody root 1354 Apr 16 17:50 /etc/httpd/conf/ssl.crt/ca.pem > > my virtualhost.conf has the following excerpt: > > >ServerName svn.foo.com >LogLevel debug > > DAV svn > SVNParentPath /opt/svn/ > AuthLDAPEnabled on > AuthType Basic > AuthName "Authorized Users ONLY!" > AuthLDAPAuthoritative on > AuthLDAPURL "ldaps://bar.foo.com/ou=staff,dc=foo,dc=com?uid" > require valid-user > Order mutual-failure > Allow from 10.8.12.14/32 > Satisfy any > > CustomLog logs/svn-access_log common > > > Thank you kindly for any insight anyone might be able to offer me. > > - sf > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > !DSPAM:1020,4655136625191342210631! > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED]: Can't find index.html
> -Original Message- > From: lists [mailto:[EMAIL PROTECTED] > > > > In the case that is causing problems it is > https://secure.resmaster.com/ that does not work > > but https://secure.resmaster.com/index.html works. I see that it is "working" now... What was the problem? PS - not anything to do with PHP, was it? Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > > Note that I have no trouble with http:// sites. > > > >>> I find I get a messsage wanting to save or open the home > >>> page. > > > > BO> That looks like a wrong mime-type.. Can you check the > response header > > BO> (eg, via LiveHTTPHeaders extension in FireFox)? > > > > Here is the output from LivrHTTPHeaders > > > > https://secure.resmaster.com/ > > > > GET / HTTP/1.1 > > Host: secure.resmaster.com > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; > rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 > > Accept: > text/xml,application/xml,application/xhtml+xml,text/html;q=0.9 ,text/plain;q=0.8,image/png,*/*;q=0.5 > > Accept-Language: en-us,en;q=0.5 > > Accept-Encoding: gzip,deflate > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > Keep-Alive: 300 > > Connection: keep-alive > > > > HTTP/1.x 200 OK > > Date: Wed, 23 May 2007 07:24:25 GMT > > Server: Apache > > Last-Modified: Wed, 12 Apr 2006 05:26:05 GMT > > Etag: "10a8da-4ac-1380f540" > > Accept-Ranges: bytes > > Content-Length: 1196 > > Keep-Alive: timeout=15, max=100 > > Connection: Keep-Alive > > Content-Type: application/x-httpd-php > > Do you have mod_php installed? Since this says apache is > sending a php file. > > > > > -- > > https://secure.comodo.net/trustlogo/javascript/trustlogo.js > > > > GET /trustlogo/javascript/trustlogo.js HTTP/1.1 > > Host: secure.comodo.net > > User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; > rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3 > > Accept: */* > > Accept-Language: en-us,en;q=0.5 > > Accept-Encoding: gzip,deflate > > Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 > > Keep-Alive: 300 > > Connection: keep-alive > > > > HTTP/1.x 200 OK > > Date: Wed, 23 May 2007 07:24:58 GMT > > Server: Apache > > Last-Modified: Fri, 15 Dec 2006 15:12:45 GMT > > Etag: "22678-3e3b-424a61063f540" > > Accept-Ranges: bytes > > Content-Length: 15931 > > Cache-Control: max-age=86400 > > Keep-Alive: timeout=5, max=100 > > Connection: Keep-Alive > > Content-Type: application/x-javascript > > This is saying your https is sending javascript, so index.js > is the file > it is sending. This should more commonly be text/plain for a > javascript > file, then the browser will parse the file and execute the javascript. > > > ~snip~ > > > The Directory Index directive is as follows. > > > > DirectoryIndex index.html index.html.var index.shtml > index.cgi index.php index.phtml index.php3 index.htm > home.html welcome.html > > I see index.php so I'm guessing mod_php is installed. > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
