[us...@httpd] apache 2.2 and ldap group authentication
I have been trying to implement group-based authentication using LDAP. But have yet to find the secret. I have been able to implement individual authentication using the “require ldap-user [username]” directive successfully. Some background information: I am using FreeBSD 7.2, Apache 2.2, and OpenLDAP 2.4. Initially I set up 3 directories for my research and verified that I reached the targeted documents successfully before beginning to implement authentication. Then I implemented the ldap-user authentication successfully on one directory. Back to my challenge with group authentication: Here is the output of the LDAP search “ldapsearch -x -W -D 'cn=Manager,dc=my,dc=mydomain,dc=com' -v -b 'ou=groups,dc=my,dc=mydomain,dc=com' # extended LDIF # # LDAPv3 # base ou=groups,dc=my,dc=mydomain,dc=com with scope subtree # filter: (objectclass=*) # requesting: ALL # # groups, my.mydomain.com dn: ou=groups,dc=my,dc=mydomain,dc=com ou: groups description: my.mydomain groups objectClass: organizationalUnit # SuperTeam, groups, my.mydomain.com dn: cn=SuperTeam,ou=groups,dc=my,dc=mydomain,dc=com ou: groups description: People who are employees of Super Team uniqueMember: uid=jeffshearer,dc=my,dc=mydomain,dc=com uniqueMember: uid=maeshearer,dc=my,dc=mydomain,dc=com objectClass: groupOfUniqueNames cn: SuperTeam # SuperGroup, groups, my.mydomain.com dn: cn=SuperGroup,ou=groups,dc=my,dc=mydomain,dc=com ou: groups description: People who are employees of Super Group uniqueMember: uid=jacksonshearer,dc=my,dc=mydomain,dc=com uniqueMember: uid=larryfordham,dc=my,dc=mydomain,dc=com uniqueMember: uid=spamimoron,dc=my,dc=mydomain,dc=com objectClass: groupOfUniqueNames cn: SuperGroup # search result search: 2 result: 0 Success # numResponses: 4 # numEntries: 3 I have tried a number of configurations for group authenticaiton, all without success. Following is the current iteration of my apache configuration for the superteam.docs directory: Directory /files/superteam.docs AuthType basic AuthName Super Team Members Only AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com AuthLDAPBindPassword secret AuthLDAPGroupAttribute uniqueMember AuthLDAPGroupAttributeIsDN off AuthLDAPURL ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?; Require ldap-group cn=SuperTeam,ou=groups AllowOverride None Order allow,deny Allow from all Options +Includes XbitHack on /Directory Not that I have an alias for /superteam to /files/superteam.docs Thanks - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Userid and reverse proxy
Hi I want to do something like this: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequestsOff ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? Best Regards Dag Efjestad, Norway - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Userid and reverse proxy
Try using a group rather than a list of users. See http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin for a discussion. Efjestad, Dag wrote: Hi I want to do something like this: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequestsOff ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? Best Regards Dag Efjestad, Norway - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] PHP ping and exec() hangs apache
Hi, I stuck with strange error. I have following code: ? echo 'BEFORE'; echo exec(ping -c1 -w1 1.1.25.38); echo 'AFTER'; ? Address doesn't exist. When execute script from command line everything works fine. But when I go to the file by Firefox it hangs out and apache need to be restart. This is a Virtual Server with PHP Version 5.2.6-pl222-gentoo. When address exists it works fine. Only problem is when it doesn't respond and apache hangs. I copy file to apache at my local apache and everything works fine. My apache is with Version 5.3.0alpha3-dev at windows XP. At old server with php4 everything works fine. I suspect that something wrong is with apache configuration but I don't know it for sure and couldn't find it. Thank you, Kamil Walas - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Userid and reverse proxy
Dear Sorry but i think that the post is not relevant to the original thread. You may want to create a new thread for this matter. Thank you. Regards, Jeff Shearer wrote: Try using a group rather than a list of users. See http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin for a discussion. Efjestad, Dag wrote: Hi I want to do something like this: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequestsOff ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? Best Regards Dag Efjestad, Norway - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -- View this message in context: http://www.nabble.com/Unable-to-run-.-configure-when-install-apache-http-server.Error%3A-decision-on-anonymous-shared-memory-allocation-method-failed-tp23702056p23739049.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] apache 2.2 and ldap group authentication
* Jeff Shearer j...@shearer-family.org [2009-05-27 08:43]: dn: cn=SuperTeam,ou=groups,dc=my,dc=mydomain,dc=com ou: groups description: People who are employees of Super Team uniqueMember: uid=jeffshearer,dc=my,dc=mydomain,dc=com uniqueMember: uid=maeshearer,dc=my,dc=mydomain,dc=com objectClass: groupOfUniqueNames cn: SuperTeam [...] I have tried a number of configurations for group authenticaiton, all without success. Following is the current iteration of my apache configuration for the superteam.docs directory: Directory /files/superteam.docs AuthType basic AuthName Super Team Members Only AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com AuthLDAPBindPassword secret AuthLDAPGroupAttribute uniqueMember AuthLDAPGroupAttributeIsDN off AuthLDAPURL ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?; Require ldap-group cn=SuperTeam,ou=groups AllowOverride None Order allow,deny Allow from all Options +Includes XbitHack on /Directory First, AuthLDAPGroupAttributeIsDN should be on, since obviously your (unique)member values *are* DNs. (Btw, unless you require the addtional distinguishing values uniqueMember allows for -- and from your example you certainly don't -- you can just as well use the 'member' attribute. Both 'member' and 'uniquemember' need their values to be unique.) Second, your Require ldap-group is somehow truncated, it should be the full DN of that group (is there some documentation that implies you can just leave away the baseDN or something?) cheers, -peter - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] Userid and reverse proxy
Jeff, I think you have misunderstood the problem. The problem is that I different web pages for different users. /dag -Opprinnelig melding- Fra: Jeff Shearer [mailto:j...@shearer-family.org] Sendt: 27. mai 2009 09:07 Til: users@httpd.apache.org Emne: Re: [us...@httpd] Userid and reverse proxy Try using a group rather than a list of users. See http://httpd.apache.org/docs/2.2/howto/auth.html#lettingmorethanonepersonin for a discussion. Efjestad, Dag wrote: Hi I want to do something like this: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequestsOff ProxyPass/kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? Best Regards Dag Efjestad, Norway - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Unable to start Apache - Fail to Install libapreq2
On Tue, 26 May 2009 20:56:29 -0700 (PDT) ragwho rag...@gmail.com wrote: Can't load '/usr/perl5/site_perl/5.8.4/sun4-solaris-64int/auto/APR/Request/Request.so' for module APR::Request: ld.so.1: httpd: fatal: libgcc_s.so.1: open failed: No such file or directory at Are you trying to mix an Apache built with sunstudio and a Perl built with gcc? -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/ - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] apache 2.2 and ldap group authentication
* Peter Schober peter.scho...@univie.ac.at [2009-05-27 12:33]: I have tried a number of configurations for group authenticaiton, all without success. Following is the current iteration of my apache configuration for the superteam.docs directory: Directory /files/superteam.docs AuthType basic AuthName Super Team Members Only AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPBindDN cn=Manager,dc=my,dc=mydomain,dc=com AuthLDAPBindPassword secret AuthLDAPGroupAttribute uniqueMember AuthLDAPGroupAttributeIsDN off AuthLDAPURL ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?cn=SuperTeam?; Require ldap-group cn=SuperTeam,ou=groups AllowOverride None Order allow,deny Allow from all Options +Includes XbitHack on /Directory First, AuthLDAPGroupAttributeIsDN should be on, since obviously your (unique)member values *are* DNs. (Btw, unless you require the addtional distinguishing values uniqueMember allows for -- and from your example you certainly don't -- you can just as well use the 'member' attribute. Both 'member' and 'uniquemember' need their values to be unique.) Second, your Require ldap-group is somehow truncated, it should be the full DN of that group (is there some documentation that implies you can just leave away the baseDN or something?) Third, the AuthLDAPURL doesn't seem to be right (see RFC 4516 for the specs and examples). After the DN (which identifies the base object of the LDAP search or the target of a non-search operation.) come the attributes you request, if you want all you'd still need to supply the '?' with no parameter, otherwise the only one you're interested here is (unique)member. Then comes the scope (limit the search to the base of the object given as the DN of the URL; to one level below the base object, or to a subtree search, starting from and including the base object), and only then comes the filter (which you give as cn=SuperTeam). And with that filter (which is not interpretefd as a filter, because it's in the wrong part, which you would see in your slapd.log) you'd only ever find the group cn=SuperTeam, which is not wrong, but superfluos, since you're 'require'ing the desired group below anyway with an apache directive (once the syntax is corrected, see my point two). I don't think just leaving all the parts after the DN away (so their defaults get to be used) will help, since the scope defaults to base, and you'll need at least 'one' or 'sub', unless you specify the exact name of the required group in the DN of that AuthLDAPURL (which I douldn't do, since you'd have to mess with AuthLDAPURL for every directory; same with the group name in the filter, see above). So I guess a correct LDAP URL for your setup should be something like this: AuthLDAPURL ldap://192.168.0.92:389/ou=groups,dc=my,dc=mydomain,dc=com?uniquemember?sub?(objectclass=groupOfUniqueNames) (The port defaults to 389 so that could be left out as well, I suppose.) You could then reuse this AuthLDAPURL for all resources on your server, adjusting only the require ldap-group directive for the resource at hand. And two rather generic hints wrt security: Note that unless your directory server is on the same box or you consider your network to be secure, you should not connect to your slapd without securing at least the transport. For that you'd need to configure your slapd to allow for TLS/SSL connections and supply STARTTLS at the end of the LDAP URL (seperated by whitespace). Instead of the STARTTLS parameter you could use ldaps:// for the scheme, but note that there is no formal specification for LDAPS (in contrast to LDAP+STARTTLS, see RFC 4513). So this is deprecated and should not be used. Also you really should not ever use the rootdn (I guess that is what your cn=manager object really is) for anything else but directory administration. Instead create another DN in your DIT and give this DN the required permission (ACLs) to search and read group objects. There are no limits to what the rootdn can do, ACLs are not even evaluated for the rootdn (it's the rootdn, after all ;) so you can't limit the power of this DN -- and it's password is in your httpd.conf in the clear! cheers, -peter - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Userid and reverse proxy
2009/5/27 Efjestad, Dag dag.efjes...@solvea.no: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequests Off ProxyPass /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? you can try with mod_rewrite and [P]: RewriteEngine On RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [P,L] bye, -- Stefano Sasso stesa...@gmail.com http://www.gnustile.net/ - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Rewrite doesn't work !!
Hi, I have a web cluster and use mod_rewrite to forward request to cluster, according with type of request. There is a external program in directive RewriteMap to classify requests. My external program: ... while(1) { fscanf(stdin, %s, input); // read input --- format = /1, or /2, /3 ... sscanf(strchr(input,'/') + 1, %d, number); // extract only number of format switch(number) { case 1: fputs(192.168.1.11, stdout); break; case 2: fputs(192.168.1.22); break; default: fprintf(stdout, /bad_url); break; } fputc('\n', stdout); fflush(stdout); My http.conf: RewriteEngine on RewriteLog /usr/local/apache2/logs/rewrite_log RewriteLogLevel 5 RewriteLock /usr/local/apache2/logs/file.lock RewriteMap prgmap prg:/usr/local/apache2/admControl RewriteCond ${prgmap:$1} !=/bad_url RewriteRule ^/(.*) http://${prgmap:$1}/ [P] RewriteRule ^(.*) - [F] My problem is, don't proxy request to cluster. See log file: (2) init rewrite engine with requested uri /1 (3) applying pattern '^/(.*)' to uri '/1' (5) map lookup OK: map=prgmap key=1 - val= (4) RewriteCond: input='' pattern='!=/bad_url' = matched (5) map lookup OK: map=prgmap key=1 - val= (2) rewrite '/1' - 'http:///' (2) forcing proxy-throughput with http:/// (1) go-ahead with proxy request proxy:http:/// [OK] What's happen ??? Why mod_rewrite doesn't proxy requests to ip address ??? Thank you Ricardo -- View this message in context: http://www.nabble.com/Rewrite-doesn%27t-work-%21%21-tp23743331p23743331.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] Userid and reverse proxy
Thanks but I tried that. The problem is that the value of REMOTE_USER has no value. I use apache version 2.2 Here are the configuration: Location /kongsberg AuthType basic AuthName LOS AuthUserFile conf/LOSbasicauth.sec Require user u1 u2 u3 /Location RewriteCond %{REMOTE_HOST} (.*) RewriteRule ^/kongsberg/(.*) http://aeoas02/LOS/kongsberg/%1/$1 [QSA,P,L] In the access_log I get: IPADDRESS - u1 [27/May/2009:16:03:25 +0200] GET /kongsberg/ HTTP/1.1 404 343 - Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618; InfoPath.2; MS-RTC LM 8) In the rewrite log I get: IPADDRESS - - applying pattern '^/kongsberg/(.*)' to uri '/kongsberg/' IPADDRESS - - RewriteCond: input='' pattern='(.*)' = matched IPADDRESS - - rewrite '/kongsberg/' - 'http://krsoastest01/test/kongsberg//' IPADDRESS - - forcing proxy-throughput with http://aeoas02/kongsberg// I can't see the username in the rewrite log. I tried several options but no value in remote_user. Tnx, Dag -Opprinnelig melding- Fra: Stefano Sasso [mailto:stesa...@gmail.com] Sendt: 27. mai 2009 13:14 Til: users@httpd.apache.org Emne: Re: [us...@httpd] Userid and reverse proxy 2009/5/27 Efjestad, Dag dag.efjes...@solvea.no: Location /kongsberg AuthType basic AuthName Requierd users AuthUserFile conf/basicauth.sec Require user user1 user2 user3 /Location ProxyRequests Off ProxyPass /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% ProxyPassReverse /kongsberg/ http://aeoas02/kongsberg/%AuthenticatedUserId% The variabel %AuthenticatedUserId% should contain user1, user2 or user3. Anyone know a way of solving this problem? you can try with mod_rewrite and [P]: RewriteEngine On RewriteRule ^/kongsberg(.*) http://aeoas02/kongsberg/%{LA-U:REMOTE_USER}$1 [P,L] bye, -- Stefano Sasso stesa...@gmail.com http://www.gnustile.net/ - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] sharing data between two different apache modules
Thanks Nick for the pointer. Let me try this out in my boxes. On Wed, May 27, 2009 at 4:09 AM, Nick Kew n...@webthing.com wrote: On 26 May 2009, at 22:37, Atanu wrote: - The user will still type http://foo.com. This time a mod_proxy handler will display a login page. In fact this my own authentication handler written in mod_perl. It authenticates using a back end system by accepting username and password from the login page. This is all fairly standard, and you probably don't really need mod_perl. I want the mod_proxy to ProxyPass to the url in the following format http://bar.com/bar.pl?sid=APACHE_SESSIONu=UserName Since you're using mod_perl, it would be fairly painless to append the query string in Perl. The alternative is to use RewriteRule with [P] in place of proxypass. -- Nick Kew - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Rewrite doesn't work !!
sscanf(strchr(input,'/') + 1, %d, number); // extract only number RewriteRule ^/(.*) http://${prgmap:$1}/ [P] (5) map lookup OK: map=prgmap key=1 - val= Decide whether your passing in something with a slash or not. Does your program do the right thing when run outside of Apache? -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
I installed Apache as a service as normal, then tried to run it. It ran...but it won't read the httpd.conf file. Even changing the service to call httpd.exe -k runservice -f (path to conf file) *does not work*. I can only run httpd manually, from the command prompt, with the -f parameter, and get it to read the conf file. Why??? FYI, nothing shows up in the error log to explain this. Also, apparently the registry key pointing to the proper path IS set (HKLM\SOFTWARE\Apache Software Foundation\Apache\2.2.11 ServerRoot) but isn't being used. Damon Casale - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. I banged my head against the wall for 2 days, and pieced together a lot of confused emails... WHY do apache developers not go the extra half foot and publish a doc. They will develop code out the gazoo, but then not tell anyone HOW to use it and people wonder why open source software is gradually being flushed down the toliet by the Oracle corp's of the world!! From: j.zucker...@gmail.com Date: Tue, 26 May 2009 19:13:15 -0700 To: users@httpd.apache.org Subject: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?! On Tue, May 26, 2009 at 12:44 PM, Sam theman xray...@hotmail.com wrote: Hello, Can anyone supply the step-by-steps for building apache with FIPS 140-2 openssl? Sam Insert movie times and more without leaving Hotmail®. See how. hotmail ads? lol - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org _ Hotmail® goes with you. http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
On Wed, May 27, 2009 at 2:44 PM, Sam theman xray...@hotmail.com wrote: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. I banged my head against the wall for 2 days, and pieced together a lot of confused emails... Quite sorry that nobody stepped up to collect and summarize the old emails for you. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
Sam, Since you're 'theman', I guess we assumed you'd manage on your own. Seriously, however, no one is forcing you to use this software. Go ahead and use commercial software, we won't mind. Frank Sam theman wrote: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. I banged my head against the wall for 2 days, and pieced together a lot of confused emails... WHY do apache developers not go the extra half foot and publish a doc. They will develop code out the gazoo, but then not tell anyone HOW to use it and people wonder why open source software is gradually being flushed down the toliet by the Oracle corp's of the world!! From: j.zucker...@gmail.com Date: Tue, 26 May 2009 19:13:15 -0700 To: users@httpd.apache.org Subject: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?! On Tue, May 26, 2009 at 12:44 PM, Sam theman xray...@hotmail.com wrote: Hello, Can anyone supply the step-by-steps for building apache with FIPS 140-2 openssl? Sam Insert movie times and more without leaving Hotmail®. See how. hotmail ads? lol - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org _ Hotmail® goes with you. http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
* Sam theman xray...@hotmail.com [2009-05-27 20:45]: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. On a more constructive note: docs get written when someone does the work and puts them together. Find a stable place for your notes and publish them, so others can find them. -peter - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
My .htaccess contains following ReWrite rule: IfModule mod_rewrite.c RewriteEngine On RewriteBase / RewriteRule ^acp/([\/-_a-z0-9\.]*)/index.php/acp/$1 [NC,QSA,L] RewriteRule ^news/([\/-_a-z0-9\.]*)/index.php/news/$1[NC,QSA,L] /IfModule It works fine when I visit pages like: http://URL.com/acp/components/ http://URL.com/acp/components/index.do http://URL.com/acp/components/index.do?arg=value http://URL.com/acp/components/register2.do etc. However, 403 is issued when I try URL's such as these: http://URL.com/acp/components/register.do http://URL.com/acp/components/2register.do http://URL.com/acp/components/getregister.do And when I go to: http://URL.com/acp/components/Register.do I get redirected by 301 here: http://URL.com/acp/index..do IN ALL of my Apache conf files, there are no Aliases, VHosts or anything else related to the keyword register. I had this problem with some other keywords as well, in the past, but I am afraid I don't remember them at this moment. I posted this issue in Bugzilla, but was redirected here to discuss it with the fellow users here. https://issues.apache.org/bugzilla/show_bug.cgi?id=47273 I still don't know what is the ReWrite Log, since my XAMPP Apache, and Fedora Apache, both only happen to have access_log and error_log, thats all. My access_log has lines like these: shehi-pc - - [27/May/2009:19:28:31 +0300] GET /acp/components/register2.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:29:11 +0300] GET /acp/components/while.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:29:20 +0300] GET /acp/components/if.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:29:27 +0300] GET /acp/components/2register.do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:29:47 +0300] GET /acp/components/getregister.do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:30:06 +0300] GET /acp/components/geTregister.do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:30:18 +0300] GET /acp/components/Register.do HTTP/1.1 301 547 shehi-pc - - [27/May/2009:19:30:18 +0300] GET /acp/index..do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:30:33 +0300] GET /acp/components/asregister.do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:30:41 +0300] GET /acp/components/egister.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:30:47 +0300] GET /acp/components/Register.do HTTP/1.1 301 547 shehi-pc - - [27/May/2009:19:30:47 +0300] GET /acp/index..do HTTP/1.1 403 1123 shehi-pc - - [27/May/2009:19:32:18 +0300] GET /acp/components/send.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:32:25 +0300] GET /acp/components/members.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:32:28 +0300] GET /acp/components/member.do HTTP/1.1 200 261 shehi-pc - - [27/May/2009:19:32:31 +0300] GET /acp/components/users.do HTTP/1.1 200 261 Nothing inside error_log though [I thought 404, 403 and alike are considered to be errors, guess they are not :) ]. ANY help, support, tip, suggestion to solve, or at least identify this problem is welcome! Shehi
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
Not the best answers. But it was not a good question neither. Can anyone supply the step-by-steps for building apache with FIPS 140-2 openssl? is NOT a good question. There is a guide you should have readed before, about how to ask good questions. Because the answer is: Yes. I'm almost sure somebody can do it. Community answers are not always right to the point. You are not paying. The good thing about open source is that now that you know the answer, YOU can publish it. And you should have asked: subject: building an apache with openssl fips 140-2 I have made this, this and this. I have problems with THIS. Later I will do that other thing. which documentation should I read? I use 'alfa' linux, with apache version x.y.z, and openssl version H. El mié 27-may-09, Frank Gingras francois.ging...@gmail.com escribió: De: Frank Gingras francois.ging...@gmail.com Asunto: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?! Para: users@httpd.apache.org Fecha: miércoles, 27 de mayo de 2009, 3:51 pm Sam, Since you're 'theman', I guess we assumed you'd manage on your own. Seriously, however, no one is forcing you to use this software. Go ahead and use commercial software, we won't mind. Frank Sam theman wrote: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. I banged my head against the wall for 2 days, and pieced together a lot of confused emails... WHY do apache developers not go the extra half foot and publish a doc. They will develop code out the gazoo, but then not tell anyone HOW to use it and people wonder why open source software is gradually being flushed down the toliet by the Oracle corp's of the world!! From: j.zucker...@gmail.com Date: Tue, 26 May 2009 19:13:15 -0700 To: users@httpd.apache.org Subject: Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?! On Tue, May 26, 2009 at 12:44 PM, Sam theman xray...@hotmail.com wrote: Hello, Can anyone supply the step-by-steps for building apache with FIPS 140-2 openssl? Sam Insert movie times and more without leaving Hotmail®. See how. hotmail ads? lol - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org _ Hotmail® goes with you. http://windowslive.com/Tutorial/Hotmail/Mobile?ocid=TXT_TAGLM_WL_HM_Tutorial_Mobile1_052009 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org ¡Viví la mejor experiencia en la web! Descargá gratis el nuevo Internet Explorer 8 http://downloads.yahoo.com/ieak8/?l=ar - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Userid and reverse proxy
2009/5/27 Efjestad, Dag dag.efjes...@solvea.no: I tried several options but no value in remote_user. did you try with LA-U? from apache mod_rewrite docs: For instance, to rewrite according to the REMOTE_USER variable from within the per-server context (httpd.conf file) you must use %{LA-U:REMOTE_USER} - this variable is set by the authorization phases, which come after the URL translation phase (during which mod_rewrite operates). bye, -- Stefano Sasso stesa...@gmail.com http://www.gnustile.net/ - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
What happens when you remove rewrite from the equation and just send the requests through your index.php? IOW, is the 403 issued by the PHP code? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] Unable to run ./configure when install apache http server.Error: decision on anonymous shared memory allocation method failed
Well, the log you have got is not complete, in that the crucial work is delegated to a subshell that is not being logged. What is interesting here is the preceding line starting with a '+'. You have snipped that one, unfortunately. Try changing ac_configure and friends to '/bin/sh -x ...'; you shall have to figure out where it is defined and how to tweak it. I suggest setting SHELL to '/bin/sh -x'. Also, bash has a way to set command-line options through an environment variable; if everything else fails, you can also use this method. And remember to start clean each time! BTW, there are free bulletin board (Web clipboard) services that allow you to paste clipboard text for instant viewing via HTTP. Most IRC channels link to such a service. You could use one of them as well. Chris -Original Message- From: Nguyen Tien Duong [mailto:duong...@fsoft.com.vn] Sent: Wednesday, May 27, 2009 6:29 AM To: users@httpd.apache.org Subject: RE: [us...@httpd] Unable to run ./configure when install apache http server.Error: decision on anonymous shared memory allocation method failed Dear Thanks a lot for your suggestion. I have done as instructed and got more information. However looking at the data printed on the screen, i have not quite got the cause of the problem. That is no code that checks for size of or the content of generated conftest.c I copy the content of the log, I am sorry for the inconvenient of the long chunk of data since the network policy at the company does not allow Upload file feature. Step to perform sh -x configure --prefix=/home1/apache --enable-so --with-included-apr Output ... checking for mmap that can map /dev/zero... no decision on anonymous shared memory allocation method... 4.4BSD-style mmap() via MAP_ANON decision on namebased memory allocation method... mmap() via POSIX.1 [snip] + eval 'ac_val=$BASH' ++ ac_val=/bin/sh + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_ARGC' ++ ac_val=3 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_ARGV' ++ ac_val=--with-included-apr + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_LINENO' ++ ac_val=0 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_SOURCE' ++ ac_val=configure + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_VERSINFO' ++ ac_val=3 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$BASH_VERSION' ++ ac_val='3.2.25(1)-release' + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$CATALINA_HOME' ++ ac_val=/home1/tomcat + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$COLORTERM' ++ ac_val=gnome-terminal + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DBUS_SESSION_BUS_ADDRESS' ++ ac_val=unix:abstract=/tmp/dbus-GXbh0B8HqR,guid=0c501b4abca3bd3810fd6fb6a6704 000 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DESKTOP_SESSION' ++ ac_val=default + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DESKTOP_STARTUP_ID' ++ ac_val= + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DIRSTACK' ++ ac_val='~/setups/apache_2.2.11/linux/httpd-2.2.11/srclib/apr' + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DISPLAY' ++ ac_val=:0.0 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$DUALCASE' ++ ac_val=1 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$ECHO_C' ++ ac_val= + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$ECHO_N' ++ ac_val=-n + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$ECHO_T' ++ ac_val= + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$EUID' ++ ac_val=0 + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$GDMSESSION' ++ ac_val=default + case $ac_val in + for ac_var in '`(set) 21 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`' + eval 'ac_val=$GDM_XSERVER_LOCATION' ++ ac_val=local + case $ac_val in + for ac_var in
Re: [us...@httpd] Rewrite doesn't work !!
Hi, I run the program outside of Apache, and it works perfeclty (How I would like). When typed 'http://localhost/1' in browser, the variable number is assigned value 1. Why mod_rewrite doesn't rewrite URL ??? I'm writing IP address to output program. Thank You Ricardo On Wed, May 27, 2009 at 3:04 PM, Eric Covener cove...@gmail.com wrote: sscanf(strchr(input,'/') + 1, %d, number); // extract only number RewriteRule ^/(.*) http://${prgmap:$1}/ [P] (5) map lookup OK: map=prgmap key=1 - val= Decide whether your passing in something with a slash or not. Does your program do the right thing when run outside of Apache? -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -- Muito Obrigado Ricardo
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
hi again eric, i thought about that... i am coding cms, so redirections made by code are traceable. no, software [php that is] is not doing this. why would it do that only with one word [register in this case] anyway? As you said, I accessed pages through index.php, like: http://URL.com/index.php/acp/components/register.do interestingly got 403 again? But why? Its 100% not PHP, or my code [since I am able to mark all redirections and identify them]... Why I can't access [403]: http://URL.com/index.php/acp/components/register.do or http://URL.com/index.php/acp/components/getregister.do or http://URL.com/index.php/acp/components/2312register.do whereas I can access everything else like http://URL.com/index.php/acp/components/registerasdasd.do http://URL.com/index.php/acp/components/register2.do http://URL.com/index.php/acp/components/foobar.do http://URL.com/index.php/acp/components/while.do I even can access these [200]: http://URL.com/index.php/acp/register http://URL.com/index.php/acp/Register.do Again but not these: http://URL.com/index.php/acp/register.do [403] http://URL.com/index.php/acp/Register.do [301] But again, forget 301's... Code only does 301. Why 403's do occur?! I realize this is not mod-rewrite related now :) Shehi - Original Message - From: Eric Covener cove...@gmail.com To: users@httpd.apache.org Sent: Wednesday, May 27, 2009 10:24 PM Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?! What happens when you remove rewrite from the equation and just send the requests through your index.php? IOW, is the 403 issued by the PHP code? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
k...@redshift.com wrote: I installed Apache as a service as normal, then tried to run it. It ran...but it won't read the httpd.conf file. Even changing the service to call httpd.exe -k runservice -f (path to conf file) *does not work*. I can only run httpd manually, from the command prompt, with the -f parameter, and get it to read the conf file. Why??? Not enough info for anyone to give you an answer. Some thoughts; don't mess with the HKLM\Services key ever, always use httpd.exe -k config. Another thought - using UAC? If you don't understand how it can hide file changes and keep them private to your login, disable it. You changed the run-as user of the httpd service? Perhaps it doesn't have write access to the logs directory. Perhaps you broke permissions on the volume for the SYSTEM (aka LocalSystem) account? It needs list and read directory permission all the way from the root to all of the files it uses or serves. FYI, nothing shows up in the error log to explain this. Also, apparently the registry key pointing to the proper path IS set (HKLM\SOFTWARE\Apache Software Foundation\Apache\2.2.11 ServerRoot) but isn't being used. Note early startup errors are recorded to the Application Event Log. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
Ok, let me make this easier for you guys: http://www.audith.net/acp/components/index.do is our example page. If you are using some sniffer program, or header reader [like FF extension LiveHTTP headers. ], you can see that pages my code produces, have this header : X-Powered-By: Audith CMS codename Persephone. So, as you can see, URL like http://www.audith.net/acp/components/register2.do is mine, an expected result - whereas http://www.audith.net/acp/components/register.do is not. Shehi - Original Message - From: Shahriyar Shehi Imanov sh...@imanov.name To: users@httpd.apache.org Sent: Wednesday, May 27, 2009 10:41 PM Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?! hi again eric, i thought about that... i am coding cms, so redirections made by code are traceable. no, software [php that is] is not doing this. why would it do that only with one word [register in this case] anyway? As you said, I accessed pages through index.php, like: http://URL.com/index.php/acp/components/register.do interestingly got 403 again? But why? Its 100% not PHP, or my code [since I am able to mark all redirections and identify them]... Why I can't access [403]: http://URL.com/index.php/acp/components/register.do or http://URL.com/index.php/acp/components/getregister.do or http://URL.com/index.php/acp/components/2312register.do whereas I can access everything else like http://URL.com/index.php/acp/components/registerasdasd.do http://URL.com/index.php/acp/components/register2.do http://URL.com/index.php/acp/components/foobar.do http://URL.com/index.php/acp/components/while.do I even can access these [200]: http://URL.com/index.php/acp/register http://URL.com/index.php/acp/Register.do Again but not these: http://URL.com/index.php/acp/register.do [403] http://URL.com/index.php/acp/Register.do [301] But again, forget 301's... Code only does 301. Why 403's do occur?! I realize this is not mod-rewrite related now :) Shehi - Original Message - From: Eric Covener cove...@gmail.com To: users@httpd.apache.org Sent: Wednesday, May 27, 2009 10:24 PM Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?! What happens when you remove rewrite from the equation and just send the requests through your index.php? IOW, is the 403 issued by the PHP code? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
BLOODY HELL, I can't believe my dumbness :D I prepended my .htaccess with PERISHABLE PRESS 4G BLACKLIST for protection purposes, and it was the reason. Removed it and everything was fixed. I apologize guys for wasting your time here, and Eric, sorry for the earlier one :D. Thanks everyone for help. Matt, I will think about your go for simple suggestion, thanks. Their code is as follows: ### PERISHABLE PRESS 4G BLACKLIST ### # ESSENTIALS RewriteEngine on ServerSignature Off Options All -Indexes Options +FollowSymLinks # FILTER REQUEST METHODS IfModule mod_rewrite.c RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC] RewriteRule ^(.*)$ - [F,L] /IfModule # BLACKLIST CANDIDATES Limit GET POST PUT Order Allow,Deny Allow from all Deny from 75.126.85.215 # blacklist candidate 2008-01-02 = admin-ajax.php attack Deny from 128.111.48.138 # blacklist candidate 2008-02-10 = cryptic character strings Deny from 87.248.163.54 # blacklist candidate 2008-03-09 = block administrative attacks Deny from 84.122.143.99 # blacklist candidate 2008-04-27 = block clam store loser Deny from 210.210.119.145 # blacklist candidate 2008-05-31 = block _vpi.xml attacks Deny from 66.74.199.125 # blacklist candidate 2008-10-19 = block mindless spider running Deny from 203.55.231.100 # 1048 attacks in 60 minutes Deny from 24.19.202.10# 1629 attacks in 90 minutes /Limit # QUERY STRING EXPLOITS IfModule mod_rewrite.c RewriteCond %{QUERY_STRING} \.\.\/[NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} tag\= [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\:[NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|||'||;|\?|\*).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC] RewriteRule ^(.*)$ - [F,L] /IfModule # CHARACTER STRINGS IfModule mod_alias.c # BASIC CHARACTERS RedirectMatch 403 \, RedirectMatch 403 \: RedirectMatch 403 \; RedirectMatch 403 \= RedirectMatch 403 \@ RedirectMatch 403 \[ RedirectMatch 403 \] RedirectMatch 403 \^ RedirectMatch 403 \` RedirectMatch 403 \{ RedirectMatch 403 \} RedirectMatch 403 \~ RedirectMatch 403 \ RedirectMatch 403 \$ RedirectMatch 403 \ RedirectMatch 403 \ RedirectMatch 403 \| RedirectMatch 403 \.\. RedirectMatch 403 \/\/ RedirectMatch 403 \%0 RedirectMatch 403 \%A RedirectMatch 403 \%B RedirectMatch 403 \%C RedirectMatch 403 \%D RedirectMatch 403 \%E RedirectMatch 403 \%F RedirectMatch 403 \%22 RedirectMatch 403 \%27 RedirectMatch 403 \%28 RedirectMatch 403 \%29 RedirectMatch 403 \%3C RedirectMatch 403 \%3E RedirectMatch 403 \%3F RedirectMatch 403 \%5B RedirectMatch 403 \%5C RedirectMatch 403 \%5D RedirectMatch 403 \%7B RedirectMatch 403 \%7C RedirectMatch 403 \%7D # COMMON PATTERNS RedirectMatch 404 wp\_ Redirectmatch 403 \_vpi RedirectMatch 403 \.inc Redirectmatch 403 xAou6 Redirectmatch 403 db\_name Redirectmatch 403 select\( Redirectmatch 403 convert\( Redirectmatch 403 \/query\/ RedirectMatch 403 ImpEvData Redirectmatch 403 \.XMLHTTP Redirectmatch 403 proxydeny RedirectMatch 403 function\. Redirectmatch 403 remoteFile Redirectmatch 403 servername Redirectmatch 403 \rptmode\= Redirectmatch 403 sys\_cpanel RedirectMatch 403 db\_connect RedirectMatch 403 doeditconfig RedirectMatch 403 check\_proxy Redirectmatch 403 system\_user Redirectmatch 403 \/\(null\)\/ Redirectmatch 403 clientrequest Redirectmatch 403 option\_value RedirectMatch 403 ref\.outcontrol # SPECIFIC EXPLOITS RedirectMatch 403 errors\. RedirectMatch 403 config\. RedirectMatch 403 include\. RedirectMatch 403 display\. RedirectMatch 403 register\. Redirectmatch 403 password\. RedirectMatch 403 maincore\. RedirectMatch 403 authorize\. Redirectmatch 403 macromates\. RedirectMatch 403 head\_auth\. RedirectMatch 403 submit\_links\. RedirectMatch 403 change\_action\. Redirectmatch 403 com\_facileforms\/ RedirectMatch 403 admin\_db\_utilities\. RedirectMatch 403 admin\.webring\.docs\. Redirectmatch 403 Table\/Latest\/index\. /IfModule
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
We can all be dumb as you saw from my mistakes!! Sometimes the - in a regular expression gets interpreted as a range identifier, sometimes rewritebase can lead to non portability. And annoyingly once you have all this stuff set up, optimisation (of headers) can get thrown, see yahoo performance blog to see how much complexity you will have to add to your index.php controller if you are including files from the file system to create your CMS. Basically you are writing you own server piggybacking on apache and probably all for the sake of search engine friendly URLs! Good luck with it though, next stop meta data and Lucene indexing via Zend eh Matt Sent from my BlackBerry® wireless device -Original Message- From: Shahriyar \Shehi\ Imanov sh...@imanov.name Date: Wed, 27 May 2009 23:18:56 To: users@httpd.apache.org Subject: Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?! BLOODY HELL, I can't believe my dumbness :D I prepended my .htaccess with PERISHABLE PRESS 4G BLACKLIST for protection purposes, and it was the reason. Removed it and everything was fixed. I apologize guys for wasting your time here, and Eric, sorry for the earlier one :D. Thanks everyone for help. Matt, I will think about your go for simple suggestion, thanks. Their code is as follows: ### PERISHABLE PRESS 4G BLACKLIST ### # ESSENTIALS RewriteEngine on ServerSignature Off Options All -Indexes Options +FollowSymLinks # FILTER REQUEST METHODS IfModule mod_rewrite.c RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC] RewriteRule ^(.*)$ - [F,L] /IfModule # BLACKLIST CANDIDATES Limit GET POST PUT Order Allow,Deny Allow from all Deny from 75.126.85.215 # blacklist candidate 2008-01-02 = admin-ajax.php attack Deny from 128.111.48.138 # blacklist candidate 2008-02-10 = cryptic character strings Deny from 87.248.163.54 # blacklist candidate 2008-03-09 = block administrative attacks Deny from 84.122.143.99 # blacklist candidate 2008-04-27 = block clam store loser Deny from 210.210.119.145 # blacklist candidate 2008-05-31 = block _vpi.xml attacks Deny from 66.74.199.125 # blacklist candidate 2008-10-19 = block mindless spider running Deny from 203.55.231.100 # 1048 attacks in 60 minutes Deny from 24.19.202.10# 1629 attacks in 90 minutes /Limit # QUERY STRING EXPLOITS IfModule mod_rewrite.c RewriteCond %{QUERY_STRING} \.\.\/[NC,OR] RewriteCond %{QUERY_STRING} boot\.ini [NC,OR] RewriteCond %{QUERY_STRING} tag\= [NC,OR] RewriteCond %{QUERY_STRING} ftp\: [NC,OR] RewriteCond %{QUERY_STRING} http\:[NC,OR] RewriteCond %{QUERY_STRING} https\: [NC,OR] RewriteCond %{QUERY_STRING} mosConfig [NC,OR] RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|||'||;|\?|\*).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%22|%27|%3C|%3E|%5C|%7B|%7C).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(globals|encode|config|localhost|loopback).* [NC,OR] RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare|drop).* [NC] RewriteRule ^(.*)$ - [F,L] /IfModule # CHARACTER STRINGS IfModule mod_alias.c # BASIC CHARACTERS RedirectMatch 403 \, RedirectMatch 403 \: RedirectMatch 403 \; RedirectMatch 403 \= RedirectMatch 403 \@ RedirectMatch 403 \[ RedirectMatch 403 \] RedirectMatch 403 \^ RedirectMatch 403 \` RedirectMatch 403 \{ RedirectMatch 403 \} RedirectMatch 403 \~ RedirectMatch 403 \ RedirectMatch 403 \$ RedirectMatch 403 \ RedirectMatch 403 \ RedirectMatch 403 \| RedirectMatch 403 \.\. RedirectMatch 403 \/\/ RedirectMatch 403 \%0 RedirectMatch 403 \%A RedirectMatch 403 \%B RedirectMatch 403 \%C RedirectMatch 403 \%D RedirectMatch 403 \%E RedirectMatch 403 \%F RedirectMatch 403 \%22 RedirectMatch 403 \%27 RedirectMatch 403 \%28 RedirectMatch 403 \%29 RedirectMatch 403 \%3C RedirectMatch 403 \%3E RedirectMatch 403 \%3F RedirectMatch 403 \%5B RedirectMatch 403 \%5C RedirectMatch 403 \%5D RedirectMatch 403 \%7B RedirectMatch 403 \%7C RedirectMatch 403 \%7D # COMMON PATTERNS RedirectMatch 404 wp\_ Redirectmatch 403 \_vpi RedirectMatch 403 \.inc Redirectmatch 403 xAou6 Redirectmatch 403 db\_name Redirectmatch 403 select\( Redirectmatch 403 convert\( Redirectmatch 403 \/query\/ RedirectMatch 403 ImpEvData Redirectmatch 403 \.XMLHTTP Redirectmatch 403 proxydeny RedirectMatch 403 function\. Redirectmatch 403 remoteFile Redirectmatch 403 servername Redirectmatch 403 \rptmode\= Redirectmatch 403 sys\_cpanel RedirectMatch 403 db\_connect RedirectMatch 403 doeditconfig RedirectMatch 403 check\_proxy Redirectmatch 403 system\_user Redirectmatch 403 \/\(null\)\/ Redirectmatch 403 clientrequest Redirectmatch 403 option\_value RedirectMatch 403 ref\.outcontrol # SPECIFIC EXPLOITS RedirectMatch 403 errors\. RedirectMatch 403 config\. RedirectMatch 403 include\. RedirectMatch 403 display\. RedirectMatch 403 register\.
Re: [us...@httpd] Rewrite doesn't work !!
Great Eric, You're right !!! The problem was the slash in RewriteRule (RewriteRule ^/(.*) http://${prgmap:$1}/ [P] ). Now, I have one more doubt. My external program forward request with URL with final /1, or /2 and others URL (for example, /3, /4, /5, etc...) I would like drop. The external program drops request rewriting URL to /bad_url. My httpd.conf has these directive and It means for me: RewriteCond ${prgmap:$1} =/bad_url # if (prgmap == /bad_url) RewriteRule (.*) - [F] # drop request RewriteRule ^(.*) http://${prgmap:$1}/ [P] # else forward to machine with IP address But, When external program rewrite to /bad_url then happen it. (2) init rewrite engine with requested uri /1 (3) applying pattern '${prgmap:$1}' to uri '/1' (3) applying pattern '^(.*)' to uri '/1' (5) map lookup OK: map=prgmap key=/1 - val=/bad_url (2) rewrite '/1' - 'http:///bad_url/' (2) forcing proxy-throughput with http:///bad_url/ (1) go-ahead with proxy request proxy:http:///bad_url/ [OK] How I drop request instead forward to cluster ??? Thank you Ricardo On Wed, May 27, 2009 at 4:29 PM, ricardo figueiredo ricardoogra...@gmail.com wrote: Hi, I run the program outside of Apache, and it works perfeclty (How I would like). When typed 'http://localhost/1' in browser, the variable number is assigned value 1. Why mod_rewrite doesn't rewrite URL ??? I'm writing IP address to output program. Thank You Ricardo On Wed, May 27, 2009 at 3:04 PM, Eric Covener cove...@gmail.com wrote: sscanf(strchr(input,'/') + 1, %d, number); // extract only number RewriteRule ^/(.*) http://${prgmap:$1}/ [P] (5) map lookup OK: map=prgmap key=1 - val= Decide whether your passing in something with a slash or not. Does your program do the right thing when run outside of Apache? -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -- Muito Obrigado Ricardo -- Muito Obrigado Ricardo
Re: [us...@httpd] mod-rewrite: ReWrite failure due to a reserved word?!
Lol yea, you guessed quite right. Until recently I was a PEAR user, but switched to Zend FW recently. Although Zend Db's Zend_Db_Select is a pain in ass, I managed to port everything to my existing Db handlers. Optimization is the concern at the moment, but I am sure it won't be hard to overcome those. I generally try to write RDBMS-independent system you know. For search I plan to use Zend_Search_Lucene, although its completely new concept for me. I was kinda go easy guy, was planning to use plain MYSQL FULL TEXT search, but as Da Vinci says: “Simplicity is the ultimate sophistication.” :D Plus FULL TEXT idea wouldn't work on other RDBMS's. So, guess I will have to use sophisticated tools after all. Thanks again for everything. Shehi
Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
k...@redshift.com wrote: I installed Apache as a service as normal, then tried to run it. It ran...but it won't read the httpd.conf file. Even changing the service to call httpd.exe -k runservice -f (path to conf file) *does not work*. I can only run httpd manually, from the command prompt, with the -f parameter, and get it to read the conf file. Why??? Not enough info for anyone to give you an answer. Some thoughts; don't mess with the HKLM\Services key ever, always use httpd.exe -k config. httpd.exe -k config output: C:\Program Files\Apache Software Foundation\Apache2.2\binhttpd.exe -k config Reconfiguring the Apache2.2 service The Apache2.2 service is successfully installed. Testing httpd.conf Errors reported here must be corrected before the service can be started. But no errors are output, and nothing shows up in the error log or the application event log either. Another thought - using UAC? If you don't understand how it can hide file changes and keep them private to your login, disable it. You changed the run-as user of the httpd service? Perhaps it doesn't have write access to the logs directory. Perhaps you broke permissions on the volume for the SYSTEM (aka LocalSystem) account? It needs list and read directory permission all the way from the root to all of the files it uses or serves. 1) I disabled UAC. Doesn't help (although I much prefer a lot fewer warning dialogs!) 2) Didn't change the run-as user of httpd. It HAS write access to the log file, because when I try to access a file in my browser when running httpd as a service, I get this in the log file: [Wed May 27 17:30:04 2009] [error] [client 127.0.0.1] File does not exist: C:/Program Files/Apache Software Foundation/Apache2.2/htdocs/test.html In httpd.conf, I have the document root pointing to a different folder, so that's how I know it's not reading httpd.conf. FYI, nothing shows up in the error log to explain this. Also, apparently the registry key pointing to the proper path IS set (HKLM\SOFTWARE\Apache Software Foundation\Apache\2.2.11 ServerRoot) but isn't being used. Note early startup errors are recorded to the Application Event Log. Nothing in there either. Hlp... Damon - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
Well, I solved it even though I have no idea what was going on. After disabling UAC, I happened to glance at the httpd.conf again and it was back to the default. I edited it AGAIN to set the correct configuration and lo and behold, now I can run httpd as a service. Did UAC do that? If it did, it's just plain evil... Damon - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Reverse proxy+Certs
Hi there We have successfully install apache as normal reverse proxy, but now as a new requirement, real servers uses PKI for authenticate a site (mainly certificates) instead of using plain or digest. Of course, apache as we have fails. Does anyone has a guide of what should we do in this case? Best Regards, LD - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
Damon, UAC is likely to revert changes to config files, yes, without warning. Evil it is. Frank k...@redshift.com wrote: Well, I solved it even though I have no idea what was going on. After disabling UAC, I happened to glance at the httpd.conf again and it was back to the default. I edited it AGAIN to set the correct configuration and lo and behold, now I can run httpd as a service. Did UAC do that? If it did, it's just plain evil... Damon - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista
k...@redshift.com wrote: k...@redshift.com wrote: I installed Apache as a service as normal, then tried to run it. It ran...but it won't read the httpd.conf file. Even changing the service to call httpd.exe -k runservice -f (path to conf file) *does not work*. I can only run httpd manually, from the command prompt, with the -f parameter, and get it to read the conf file. Why??? Not enough info for anyone to give you an answer. Some thoughts; don't mess with the HKLM\Services key ever, always use httpd.exe -k config. httpd.exe -k config output: C:\Program Files\Apache Software Foundation\Apache2.2\binhttpd.exe -k config Reconfiguring the Apache2.2 service The Apache2.2 service is successfully installed. Testing httpd.conf Errors reported here must be corrected before the service can be started. defaults to; C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf you moved httpd.conf? Then you must httpd.exe -k config -d ServerRootDir -f PathTohttpd.conf In httpd.conf, I have the document root pointing to a different folder, so that's how I know it's not reading httpd.conf. on the local drive or on the network? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
It sure would be great if Sam the man would publish his notes so others wouldn't suffer the same learning frustration as Sam. Peter Schober wrote: * Sam theman xray...@hotmail.com [2009-05-27 20:45]: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. On a more constructive note: docs get written when someone does the work and puts them together. Find a stable place for your notes and publish them, so others can find them. -peter - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How do you build a FIPS 140-2 apache ?!?!?!
On May 27, 2009, at 6:37 PM, Jeff Shearer wrote: I was able to build a FIPS 140-2 apache, thanks to nobody at the apache users list. On a more constructive note: docs get written when someone does the work and puts them together. Find a stable place for your notes and publish them, so others can find them. It sure would be great if Sam the man would publish his notes so others wouldn't suffer the same learning frustration as Sam. Or this nobody character. Perhaps s/he should help write some docs for us. Doug Bell -- Senior Developer, Plain Black Corp. [ http://plainblack.com ] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Where to put .htpassd on CentOS?
Hi All, Where is the proper place to put .htpasswd on CentOS 5.3 so I can password protect directories in /var/www/html? /etc/httpd/run? -Jason - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How does Prefork work?
Can anyone explain me how exactly prefork works? StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 ServerLimit 16 I think I got confused between the terms - server, process and thread. If prefork is a single thread process, what does that ThreadsPerChild mean for prefork? Lets say, I wan't to support 250 active sessions logged into my site, what would be a tentative settings to meet the load? -- View this message in context: http://www.nabble.com/How-does-Prefork-work--tp23754946p23754946.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] Userid and reverse proxy
Yes I tried LA-U without any luck :-( -Opprinnelig melding- Fra: Stefano Sasso [mailto:stesa...@gmail.com] Sendt: 27. mai 2009 21:20 Til: users@httpd.apache.org Emne: Re: [us...@httpd] Userid and reverse proxy 2009/5/27 Efjestad, Dag dag.efjes...@solvea.no: I tried several options but no value in remote_user. did you try with LA-U? from apache mod_rewrite docs: For instance, to rewrite according to the REMOTE_USER variable from within the per-server context (httpd.conf file) you must use %{LA-U:REMOTE_USER} - this variable is set by the authorization phases, which come after the URL translation phase (during which mod_rewrite operates). bye, -- Stefano Sasso stesa...@gmail.com http://www.gnustile.net/ - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org