[us...@httpd] Passing SSL client certificates via mod_proxy_ajp to Tomcat ...
Hello, is there a possibility to pass a SSL client certificate via mod_proxy_ajp to Tomcat, ideally the same way mod_jk did so Tomcat is able to extract the certificate and add it as attribute to the request? Thanks, Chris
Re: [us...@httpd] How to set up a reverse proxy for login.facebook.com
On 07.02.10 01:09, fulan Peng wrote: I am trying to set up a reverse proxy for facebook by using Apache mod_proxy and mod_proxy_html. On Sun, Feb 7, 2010 at 9:54 PM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: reverse proxy for facebook? Are you running facebook servers so you can run reverse proxy for it? On 07.02.10 22:39, fulan Peng wrote: I am not running facebook server. I just set up a reverse proxy server for it. the term reverse proxy is usually used by people who run proxies in froont of their own webservers, which is not your case. I recommend you to avois term reverse when talking about oproxy for facebook. Before, it always complain missing a file called ua_callback.php I wget it from http://m.facebook.com. It looks like a html file instead of a php file. Of course, the PHP is (usually) parsed on server and (usually) generates different content than PHP. I cannot not understand this. I have set up reverse proxy for many web sites which have php files. The browser ask for the php file, the proxy should ask for the backend server. The proxy get the results from the backend server then deliver the results to the browser. Now, error message on the proxy says the proxy is missing a php file, something is wrong. When the client asks for php file, the webserver usually processes the PHP file and sends its output (not the php file itself) to the client. Don't wander that you don't see the PHP content in it. [Sun Feb 07 08:36:58 2010] [error] [client {the browser}] File does not exist: /usr/local/www/apache22/data/ajax, referer: https://{myip}:8381/15/login.php?login_attempt=1 So I wget http://m.facebook.com/ua_callback.php, I got a ua_callback.php file which is the results to run the ua_callback.php. better do not do that. I don't know how big part of facebook is cacheable, but by caching something you should not cache you may break users' privacy and the application itself. I think you have been told in squid-users mailing list about this, so let's better close this issue. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They say when you play that M$ CD backward you can hear satanic messages. That's nothing. If you play it forward it will install Windows. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] SSL redirect browsers if weak encryption to a warning page
Dear all, I am using Apache Server version: Apache/2.2.3 on Centos 5.4 (Test environment) On Production Redhat 4 Server version: Apache/2.0.52 I have been looking for a way of: 1 - Prevent browsers with lower encryption to use my site, which I can do with the two directives below SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP 2 - Redirect them to a warning page Directory / SSLRequireSSL SSLRequire (%{SSL_PROTOCOL} != SSLv2 and %{SSL_CIPHER_USEKEYSIZE} = 128) or %{REQUEST_URI} =~ m:^/errors/: ErrorDocument 403 /errors/403-ssl.html /Directory When I use IE5 to access the site I get the following error: Forbidden You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.2.3 (CentOS) Server at secure01.grant.co.uk Port 443 Bellow is my Virtual Host: NameVirtualHost 192.168.8.40:443 VirtualHost 192.168.8.40:443 Serveradmin renato.olive...@grant.co.uk DocumentRoot /var/www/secure ServerName secure01.granted.co.uk ErrorLog logs/secure01-error_log CustomLog logs/secure01.granted.co.uk-access_log common SSLEngine on Directory / SSLRequireSSL SSLRequire (%{SSL_PROTOCOL} != SSLv2 and %{SSL_CIPHER_USEKEYSIZE} = 128) or %{REQUEST_URI} =~ m:^/errors/: ErrorDocument 403 Your Browser Does not support 128 Bit Encryption /Directory SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP SSLCertificateFile /etc/httpd/conf/certs/server.crt SSLCertificateKeyFile /etc/httpd/conf/certs/server.key /VirtualHost If anyone could help me or point to the right direction, give a clue it would be very much appreciated. I have search loads before posting this question here. Thank you very much in advance Renato Renato Oliveira Systems Administrator e-mail: renato.olive...@grant.co.uk Tel: +44 (0)1763 260811 Fax: +44 (0)1763 262410 www.grant.co.ukhttp://www.grant.co.uk/ Grant Instruments (Cambridge) Ltd Company registered in England, registration number 658133 Registered office address: 29 Station Road, Shepreth, CAMBS SG8 6GB UK P Please consider the environment before printing this email CONFIDENTIALITY: The information in this e-mail and any attachments is confidential. It is intended only for the named recipients(s). If you are not the named recipient please notify the sender immediately and do not disclose the contents to another person or take copies. VIRUSES: The contents of this e-mail or attachment(s) may contain viruses which could damage your own computer system. Whilst Grant Instruments (Cambridge) Ltd has taken every reasonable precaution to minimise this risk, we cannot accept liability for any damage which you sustain as a result of software viruses. You should therefore carry out your own virus checks before opening the attachment(s). OpenXML: For information about the OpenXML file format in use within Grant Instruments please visit our websitehttp://www.grant.co.uk/Support/openxml.html
Re: [us...@httpd] SSL redirect browsers if weak encryption to a warning page
n Tue, Feb 16, 2010 at 9:50 AM, Renato Oliveira renato.olive...@grant.co.uk wrote: Dear all, I am using Apache Server version: Apache/2.2.3 on Centos 5.4 (Test environment) On Production Redhat 4 Server version: Apache/2.0.52 I have been looking for a way of: 1 – Prevent browsers with lower encryption to use my site, which I can do with the two directives below SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP 2 – Redirect them to a warning page Directory / SSLRequireSSL SSLRequire (%{SSL_PROTOCOL} != SSLv2 and %{SSL_CIPHER_USEKEYSIZE} = 128) or %{REQUEST_URI} =~ m:^/errors/: ErrorDocument 403 /errors/403-ssl.html /Directory When I use IE5 to access the site I get the following error: Forbidden You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Don't protect the directory with your ErrorDocuments if you know the SSL connection is already forbidden. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] URL Rewrite goes into infinite loop
Hi, I have following rule RewriteMap urlspm txt:/usr/local/etc/manual_redirects.txt RewriteCond ${urlspm:%{REQUEST_URI}} ^(/.*)$ RewriteRule ^.*$ %1 [P,L] and in manual_redirects.txt i have following. /Abc-173000-b /ex/control/brandLanding?SEARCH_STRING=Abc~category_id=B173 I get following error. in firefox The page isn't redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete. * This problem can sometimes be caused by disabling or refusing to accept cookies. in google chrome The webpage at [xyzcom...] has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer. in IE it goes nowhere, i tried for half hour and it shows its processing. Now, when I change my .txt file to following(for test purpose) it works. /Abc-173000-b /ex/control/category/~category_id=B173 The entire rewrite file is RewriteEngine On RewriteRule /ex/control/main / [R=301,L] RewriteRule ^/$ [127.0.0.1...] [P,L] #for newsletters RewriteRule ^/img/spacer.gif /newsletter/img/spacer.gif [R,L] RewriteCond %{QUERY_STRING} ^N= RewriteRule ^/controller.asp(.*) /ex/control/category/~category_id=0 [R=301] RewriteMap urls txt:/usr/local/etc/ex_301.txt RewriteCond ${urls:%{REQUEST_URI}} ^(/.*)$ RewriteRule ^.*$ %1? [R=301,L] RewriteCond ${urls:%{REQUEST_URI}?%{QUERY_STRING}} ^(/.*)$ RewriteRule ^.*$ %1? [R=301,L] RewriteMap urlsp txt:/usr/local/etc/redirects.txt RewriteCond ${urlsp:%{REQUEST_URI}} ^(/.*)$ RewriteRule ^.*$ %1 [P,L] RewriteMap urlspm txt:/usr/local/etc/manual_redirects.txt RewriteCond ${urlspm:%{REQUEST_URI}} ^(/.*)$ RewriteRule ^.*$ %1 [P,L] I have a feeling that my URL request is getting into infinite loop somehow. But not sure how and where. I would appreciate the help. Thank you in advance. -- View this message in context: http://old.nabble.com/URL-Rewrite-goes-into-infinite-loop-tp27610227p27610227.html Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] SSL redirect browsers if weak encryption to a warning page
Eric, Thank you for the reply? I am sorry I don't understand it, sorry. I don't want to protect the directory, I want to have a redirect of the 403 error to a warning page. Do you mean for me to remove the Directory / directive? Thank you very much Best regards Renato Renato Oliveira Systems Administrator e-mail: renato.olive...@grant.co.uk Tel: +44 (0)1763 260811 Fax: +44 (0)1763 262410 http://www.grant.co.uk/ Grant Instruments (Cambridge) Ltd Company registered in England, registration number 658133 Registered office address: 29 Station Road, Shepreth, CAMBS SG8 6GB UK -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: 16 February 2010 15:03 To: users@httpd.apache.org Subject: Re: [us...@httpd] SSL redirect browsers if weak encryption to a warning page n Tue, Feb 16, 2010 at 9:50 AM, Renato Oliveira renato.olive...@grant.co.uk wrote: Dear all, I am using Apache Server version: Apache/2.2.3 on Centos 5.4 (Test environment) On Production Redhat 4 Server version: Apache/2.0.52 I have been looking for a way of: 1 - Prevent browsers with lower encryption to use my site, which I can do with the two directives below SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP 2 - Redirect them to a warning page Directory / SSLRequireSSL SSLRequire (%{SSL_PROTOCOL} != SSLv2 and %{SSL_CIPHER_USEKEYSIZE} = 128) or %{REQUEST_URI} =~ m:^/errors/: ErrorDocument 403 /errors/403-ssl.html /Directory When I use IE5 to access the site I get the following error: Forbidden You don't have permission to access / on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Don't protect the directory with your ErrorDocuments if you know the SSL connection is already forbidden. -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -Original Message- P Please consider the environment before printing this email CONFIDENTIALITY: The information in this e-mail and any attachments is confidential. It is intended only for the named recipients(s). If you are not the named recipient please notify the sender immediately and do not disclose the contents to another person or take copies. VIRUSES: The contents of this e-mail or attachment(s) may contain viruses which could damage your own computer system. Whilst Grant Instruments (Cambridge) Ltd has taken every reasonable precaution to minimise this risk, we cannot accept liability for any damage which you sustain as a result of software viruses. You should therefore carry out your own virus checks before opening the attachment(s). OpenXML: For information about the OpenXML file format in use within Grant Instruments please visit our http://www.grant.co.uk/Support/openxml.html - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] can't start apache
The server is windows xp pro. On Mon, Feb 15, 2010 at 2:58 PM, Daniel Reinhardt crypto...@cryptodan.netwrote: -- From: Matthew Smith chedders...@gmail.com Sent: 15 February, 2010 18:42 To: users@httpd.apache.org Subject: Re: [us...@httpd] can't start apache Ok, I figured it out. I was using a mapped drive for the document root. Maybe it is a permission issue? I have given full control to everyone, so I'm not sure what it is. On Mon, Feb 15, 2010 at 12:17 PM, Matthew Smith chedders...@gmail.com wrote: I hadn't set up the static lease on my router when I installed apache. 110 was the original ip. I have since set up the server to use 192.168.1.2. I am connecting to it through remote desktop at .2 right now. Do I need to change anywhere else because of the new ip? On Mon, Feb 15, 2010 at 11:39 AM, Jeff Trawick traw...@gmail.com wrote: On Mon, Feb 15, 2010 at 12:06 PM, Matthew Smith chedders...@gmail.com wrote: The user account I am logged in as is an admin. 192.168.1.2 is the ip address assigned to the computer. Are you sure? Do you have multiple interfaces and/or IPs? Apache retrieved 192.168.1.110 as the primary address: httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.1.110 for ServerName - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Matt, The process creates a PID on the main drive, using a shared drive wouldn't prevent httpd from listening on port 80. You need an account with administrative privileges to Run Apache. I am guessing your account doesn't have admin rights. Can you provide us with what version of Windows you are running? Thanks, Daniel - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] can't start apache
I don't think it is the router. If I set the root to a local directory, I can get apache to start and serve pages fine. It fails if I use a mapped drive. The mapped drive has permissions set to everyone full control. A side question, any way I can add a windows xp account to a windows 7 machine and vice versa? I don't like having full control for everyone. On Mon, Feb 15, 2010 at 4:37 PM, Paul McFerrin pmcfer...@columbus.rr.comwrote: Check your port forwarding on your router. It appears that the IP you got was on a router and port forwarding for port 80 is not set to 192.168.0.1. Matthew Smith wrote: Ok, i found this and tried what it said: http://www.issociate.de/board/post/474531/2.2.6_won't_start_-_The_Apache2.2_service_terminated_with_service-specific_error_1_(0x1)..html http://www.issociate.de/board/post/474531/2.2.6_won%27t_start_-_The_Apache2.2_service_terminated_with_service-specific_error_1_%280x1%29..html I had a directory error which I have resolved. Now I get : C:\Program Files\Apache Software Foundation\Apache2.2\binhttpd.exe -t Syntax OK But when I try to start the service, I still get The requested operation has failed. On Mon, Feb 15, 2010 at 11:11 AM, Matthew Smith chedders...@gmail.commailto: chedders...@gmail.com wrote: Here the conf. I commented out the vhosts and ColdFusion stuff to see if it would work but it still doesn't. Maybe someone more familiar than me will spot something? Sorry for the long post. -- # # This is the main Apache HTTP server configuration file. It contains the # configuration directives that give the server its instructions. # See URL:http://httpd.apache.org/docs/2.2 http://httpd.apache.org/docs/2.2 for detailed information. # In particular, see # URL:http://httpd.apache.org/docs/2.2/mod/directives.html http://httpd.apache.org/docs/2.2/mod/directives.html # for a discussion of each configuration directive. # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned.# # Configuration and logfile names: If the filenames you specify for many # of the server's control files begin with / (or drive:/ for Win32), the # server will use that explicit path. If the filenames do *not* begin # with /, the value of ServerRoot is prepended -- so logs/foo.log # with ServerRoot set to C:/Program Files/Apache Software Foundation/Apache2.2 will be interpreted by the # server as C:/Program Files/Apache Software Foundation/Apache2.2/logs/foo.log. # # NOTE: Where filenames are specified, you must use forward slashes # instead of backslashes (e.g., c:/apache instead of c:\apache). # If a drive letter is omitted, the drive on which httpd.exe is located # will be used by default. It is recommended that you always supply # an explicit drive letter in absolute paths to avoid confusion. # # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # Do not add a slash at the end of the directory path. If you point # ServerRoot at a non-local disk, be sure to point the LockFile directive # at a local disk. If you wish to share the same ServerRoot for multiple # httpd daemons, you will need to change at least LockFile and PidFile. # ServerRoot C:/Program Files/Apache Software Foundation/Apache2.2 # # Listen: Allows you to bind Apache to specific IP addresses and/or # ports, instead of the default. See also the VirtualHost # directive. # # Change this to Listen on specific IP addresses as shown below to # prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 http://12.34.56.78/ Listen 192.168.1.2:80 http://192.168.1.2/ # # Dynamic Shared Object (DSO) Support # # To be able to use the functionality of a module which was built as a DSO you # have to place corresponding `LoadModule' lines at this location so the # directives contained in it are actually available _before_ they are used. # Statically compiled modules (those listed by `httpd -l') do not need # to be loaded here. # # Example: # LoadModule foo_module modules/mod_foo.so # LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule asis_module modules/mod_asis.so LoadModule auth_basic_module modules/mod_auth_basic.so #LoadModule auth_digest_module modules/mod_auth_digest.so #LoadModule authn_alias_module modules/mod_authn_alias.so #LoadModule authn_anon_module modules/mod_authn_anon.so #LoadModule authn_dbd_module modules/mod_authn_dbd.so
Re: [us...@httpd] can't start apache
On 16.02.2010 19:25, Matthew Smith wrote: I don't think it is the router. If I set the root to a local directory, I can get apache to start and serve pages fine. It fails if I use a mapped drive. I don't know much about running Apache on Windows, but I wonder what user Apache is being run as. I assume it's installed as a service. Even if 'Everyone' includes the account under which Apache is being run, it's environment still might not have the drive mappings that you yourself see when you're logged in. Perhaps using \\othermachine\sharename instead of mapped drive letter will do the trick. -- Toomas - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] handling parameter in query_string with mod_rewrite
Hi All, I would need some help with mod_rewrite :-( . What I would need is to add an header to the response if the request contains a URL parameter and the value of that parameter should be used in that header. Just to clarify, if the url is: /download/files/1ytreefecsw?filename=myfile.txt I would like to return this file /download/files/1ytreefecsw setting in the response Content-disposition header with value myfile.txt: Content-disposition: attachment; filename=myfile.txt I was able to do this thing checking a request header using: SetEnvIf x-filename ^(.+)$ FILENAME=$1 Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but now i need to do similar thing using a parameter. I understand that there is not a simple way to access to the query_string and actually this is not possible using SetEnvIf and it seems the right way is using mod_rewrite but i don't find the solution. At the moment i'm trying something like: RewriteEngine on RewriteRule ^(.*)filename=(.*)$ $1 [E=FILENAME:$2] Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but it doesn't work :-(( Could you help me ? Thanks ste - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] handling parameter in query_string with mod_rewrite
RewriteRule doesn't work with the query part or the URI thus will not work in your case. You need to try RewriteCond directive combined with RewriteRule. Something like this maybe? RewriteEngine On RewriteCond %{QUERY_STRING} ^(filename=myfile.txt)$ RewriteRule .* - [E=FILENAME:%1] Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME I'm not sure though about the effect of the Header set directive, is it going to have a global effect afterwords or not? Igor On Wed, Feb 17, 2010 at 9:21 AM, Stefano Nichele stefano.nich...@gmail.comwrote: Hi All, I would need some help with mod_rewrite :-( . What I would need is to add an header to the response if the request contains a URL parameter and the value of that parameter should be used in that header. Just to clarify, if the url is: /download/files/1ytreefecsw?filename=myfile.txt I would like to return this file /download/files/1ytreefecsw setting in the response Content-disposition header with value myfile.txt: Content-disposition: attachment; filename=myfile.txt I was able to do this thing checking a request header using: SetEnvIf x-filename ^(.+)$ FILENAME=$1 Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but now i need to do similar thing using a parameter. I understand that there is not a simple way to access to the query_string and actually this is not possible using SetEnvIf and it seems the right way is using mod_rewrite but i don't find the solution. At the moment i'm trying something like: RewriteEngine on RewriteRule ^(.*)filename=(.*)$ $1 [E=FILENAME:$2] Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but it doesn't work :-(( Could you help me ? Thanks ste - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] handling parameter in query_string with mod_rewrite
Sorry this should have been like this actually RewriteEngine On RewriteCond %{QUERY_STRING} ^filename=(myfile.txt)$ RewriteRule .* - [E=FILENAME:%1] to set the FILENAME variable to myfile.txt value. Igor On Wed, Feb 17, 2010 at 10:30 AM, Igor Cicimov icici...@gmail.com wrote: RewriteRule doesn't work with the query part or the URI thus will not work in your case. You need to try RewriteCond directive combined with RewriteRule. Something like this maybe? RewriteEngine On RewriteCond %{QUERY_STRING} ^(filename=myfile.txt)$ RewriteRule .* - [E=FILENAME:%1] Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME I'm not sure though about the effect of the Header set directive, is it going to have a global effect afterwords or not? Igor On Wed, Feb 17, 2010 at 9:21 AM, Stefano Nichele stefano.nich...@gmail.com wrote: Hi All, I would need some help with mod_rewrite :-( . What I would need is to add an header to the response if the request contains a URL parameter and the value of that parameter should be used in that header. Just to clarify, if the url is: /download/files/1ytreefecsw?filename=myfile.txt I would like to return this file /download/files/1ytreefecsw setting in the response Content-disposition header with value myfile.txt: Content-disposition: attachment; filename=myfile.txt I was able to do this thing checking a request header using: SetEnvIf x-filename ^(.+)$ FILENAME=$1 Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but now i need to do similar thing using a parameter. I understand that there is not a simple way to access to the query_string and actually this is not possible using SetEnvIf and it seems the right way is using mod_rewrite but i don't find the solution. At the moment i'm trying something like: RewriteEngine on RewriteRule ^(.*)filename=(.*)$ $1 [E=FILENAME:$2] Header set Content-disposition attachment; filename=%{FILENAME}e env=FILENAME but it doesn't work :-(( Could you help me ? Thanks ste - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org