RE: [us...@httpd] Reverse Proxy and header manipulation
-Message d'origine-
De : Octavian Rasnita [mailto:orasn...@gmail.com]
Envoyé : dimanche 23 mai 2010 18:05
À : users@httpd.apache.org
Objet : Re: [us...@httpd] Reverse Proxy and header manipulation
From: Tomer Okavi tome...@gmail.com
Hi
I'm using apache as front end for iis servers.
I'm using mod_proxy and mod_proxy_balancer for the reverse proxy stuff
and
for load balancing requests beetween backend (IIS) servers.
the front end apache is also doing ssl, backend communication is http
(browser https apache -- http backend iis)
i'm trying to pass some env variables like SSL_SESSION_ID to the backend
servers via HTTP Headers.
i tried RequestHeader append SSL_SESSION_ID %{SSL_SESSION_ID}e with no
luck.
headers are set but with null values at the backend.
any help or pointers will be appreciated.
Thanks
Tomer.
Hi,
If you have %{SSL_SESSION_ID}e in that line, it means that you should
already have defined the environment variable SSL_SESSION_ID. Have you
defined it?
If you didn't, you could use just:
RequestHeader append SSL_SESSION_ID 1
You could create 2 virtual hosts, one that uses SSL and one that doesn't,
and send this HTTP header only in the virtualhost that uses SSL.
Octavian
Hi,
Just some ideas :
- do you have 'SSLOptions +StdEnvVars' in your config ?
- did you try with 'RequestHeader set ...' ?
Regards
Emmanuel
RE: [us...@httpd] the current queue size and number of clients
-Message d'origine- De : Damian Lęcznar [mailto:damian.lecz...@gmail.com] Envoyé : lundi 24 mai 2010 01:59 À : users@httpd.apache.org Objet : [us...@httpd] the current queue size and number of clients Hi, Is there a possibility to trace these parameters on the fly(the current queue size and number of clients)?. Because according to these parameters wanted me to do the reload server. (im using prefork MPM) Thanks damian Hi, I'm unsure of what you mean by queue size, but have you tried to enable mod_status ? (http://httpd.apache.org/docs/2.2/mod/mod_status.html) Emmanuel
Re: [us...@httpd] the current queue size and number of clients
Hi, I don't have these data available there Damian 2010/5/24 Emmanuel Bailleul emmanuel.baill...@telindus.fr -Message d'origine- De : Damian Lęcznar [mailto:damian.lecz...@gmail.com] Envoyé : lundi 24 mai 2010 01:59 À : users@httpd.apache.org Objet : [us...@httpd] the current queue size and number of clients Hi, Is there a possibility to trace these parameters on the fly(the current queue size and number of clients)?. Because according to these parameters wanted me to do the reload server. (im using prefork MPM) Thanks damian Hi, I'm unsure of what you mean by queue size, but have you tried to enable mod_status ? (http://httpd.apache.org/docs/2.2/mod/mod_status.html) Emmanuel
[us...@httpd] httpd vhost centralized logging
Hi All, I have running various web farms and I'm looking for better solution to forward all vhost logs to the centralized syslog server. How do you guys keep vhost logs? I have done googling this kind of setup but there is no result. I'm thinking to use logger tool for every httpd services running but it's not an ideal because it takes more resources in server. Let say there are 50 vhost in a server, then 100 logger apps will be running because 2 logger per vhost (ErrorLog CustomLog). Thanks. Regards, James
Re: [us...@httpd] SSL protocol limits ignored?
Which version of apache do u use... On 24 May 2010 07:06, Eric Covener cove...@gmail.com wrote: On Sun, May 23, 2010 at 8:01 PM, Dennis J. denni...@conversis.de wrote: Hi, Doesn't work. I added the lines to the virtual host and restartet Apache but I can still connect with SSLv2: openssl s_client -ssl2 -connect SERVERNAME:443 Sure you're hitting the virtualhost you're configuring? -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org -- With Regards, Sakthi Esakiappan.M Server Administrator MercuryMinds Technologies Pvt Ltd www.mercuryminds.com An E-Commerce mentor +91 44 45588587 sakthi.esakiap...@mercuryminds.com www.mercuryminds.com Disclaimer: This message is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this message in error, you are hereby notified that we do not consent to any reading, dissemination, distribution or copying of this message. If you have received this communication in error, please notify the sender immediately and destroy the transmitted information.
Re: [us...@httpd] httpd vhost centralized logging
Don't get complicated through the various loggers available, simply use logrotate the default linux application used to rotate the log files in apache. On 24 May 2010 14:46, James Corteciano ja...@linux-source.org wrote: Hi All, I have running various web farms and I'm looking for better solution to forward all vhost logs to the centralized syslog server. How do you guys keep vhost logs? I have done googling this kind of setup but there is no result. I'm thinking to use logger tool for every httpd services running but it's not an ideal because it takes more resources in server. Let say there are 50 vhost in a server, then 100 logger apps will be running because 2 logger per vhost (ErrorLog CustomLog). Thanks. Regards, James -- With Regards, Sakthi Esakiappan.M Server Administrator MercuryMinds Technologies Pvt Ltd www.mercuryminds.com An E-Commerce mentor +91 44 45588587 sakthi.esakiap...@mercuryminds.com www.mercuryminds.com Disclaimer: This message is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you have received this message in error, you are hereby notified that we do not consent to any reading, dissemination, distribution or copying of this message. If you have received this communication in error, please notify the sender immediately and destroy the transmitted information.
Re: [us...@httpd] httpd vhost centralized logging
We wanted to use syslog too, but it's very rigid (only 8 localX facility for custom logs) so we discarded this solution. We heard of scribe, the logs aggregator Facebook uses; it seems very flexible, and since FB is using it for his web servers, it's probably doing its job quite well. Sitll, we didn't have time to pilot it. Sandro On 05/24/2010 11:16 AM, James Corteciano wrote: Hi All, I have running various web farms and I'm looking for better solution to forward all vhost logs to the centralized syslog server. How do you guys keep vhost logs? I have done googling this kind of setup but there is no result. I'm thinking to use logger tool for every httpd services running but it's not an ideal because it takes more resources in server. Let say there are 50 vhost in a server, then 100 logger apps will be running because 2 logger per vhost (ErrorLog CustomLog). Thanks. Regards, James - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] the current queue size and number of clients
On Mon, May 24, 2010 at 5:01 AM, Damian Lęcznar damian.lecz...@gmail.com wrote: Hi, I don't have these data available there netstat? -- Eric Covener cove...@gmail.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Apache loadbalancer with tomcat 6
Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
[us...@httpd] How to prevent flashgot by .htaccess ?
Hello list, Can any one suggest me the signature of flashgot as seen by apache ? I need that to prevent flashgot from .htaccess. I have already tried by tail -f /var/log/apache/access.log but have not found anything which can be used to detect flashgot. Thanks -- জয়দীপ বক্সী - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] ssl certifikate mismatch
On 14.05.10 22:51, Reinhard Vicinus wrote: is the following behaviour of apache 2.2.15 (debian unstable) a feature or a bug? Listen 10.0.0.1:81 VirtualHost 10.0.0.1:81 SSLEngine on SSLCertificateFile /etc/apache2/conf/aaa.crt SSLCertificateKeyFile /etc/apache2/conf/aaa.key ServerName aaa /VirtualHost Listen 10.0.0.2:81 VirtualHost 10.0.0.2:81 SSLEngine on SSLCertificateFile /etc/apache2/conf/bbb.crt SSLCertificateKeyFile /etc/apache2/conf/bbb.key ServerName aaa /VirtualHost curl https://bbb:81 SSL: certificate subject name 'aaa' does not match target host name 'bbb' does 'bbb' point to 10.0.0.2? curl https://10.0.0.2:81 SSL: certificate subject name 'aaa' does not match target host name '10.0.0.2' you can expect this one, when accessing server via IP address. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The early bird may get the worm, but the second mouse gets the cheese. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] How to allow directory browsing to certain ip addresses only
Hello All, I'd like your help in the following scenario. I need to restrict directory browsing for everyone but several ip addresses to one folder. I want to allow the several ip addresses to be able to browse the folders. I want to prohibit the rest of the network from browsing but they should still be able to access files if they know their full name/location. IndexIgnore * seems to have achieved half of this. I would appreciate any help with this. Thanks and best regards, Bertalan This e-mail is intended only for the named person or entity to which it is addressed and contains valuable business information that is privileged, confidential and/or otherwise protected from disclosure. Dissemination, distribution or copying of this e-mail or the information herein by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. All contents are the copyright property of TBWA Worldwide, its agencies or a client of such agencies. If you are not the intended recipient, you are nevertheless bound to respect the worldwide legal rights of TBWA Worldwide, its agencies and its clients. We require that unintended recipients delete the e-mail and destroy all electronic copies in their system, retaining no copies in any media.If you have received this e-mail in error, please immediately notify us via e-mail to disclai...@tbwaworld.com. We appreciate your cooperation. We make no warranties as to the accuracy or completeness of this e-mail and accept no liability for its content or use. Any opinions expressed in this e-mail are those of the author and do not necessarily reflect the opinions of TBWA Worldwide or any of its agencies or affiliates.
[us...@httpd] Re: How to prevent flashgot by .htaccess ?
On 24-May-2010, at 06:44, J. Bakshi wrote: Hello list, Can any one suggest me the signature of flashgot as seen by apache ? Does flashgot show up in your server logs? I don't think so. I need that to prevent flashgot from .htaccess. Good luck with that. Why would you think this was possible? Flashgot uses other tools to actually download, and can even use the browsers own downloading, or cURL, wget, or many others. -- Take my hand and I'll show you what was and will be. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache loadbalancer with tomcat 6
Is the request actually reaching the Tomcat server? When using a proxy the error from the end point server will also appear in Apache logs as if Apache is misconfigured when in reality the 503 may be coming from Tomcat because of a misconfiguration there. Check both logs and see if the request is reaching Tomcat. It may point to more details on the issue. Kevin http://kevincastellow.workintel.com On Mon, May 24, 2010 at 8:00 AM, Nasir Zia nasir...@gmail.com wrote: Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
Re: [us...@httpd] Multi domain certificate and named virtual hosts
Post a question and let the community help. Kevin http://kevincastellow.workintel.com On Fri, May 21, 2010 at 7:03 AM, Chris Johnson john...@nmr.mgh.harvard.eduwrote: Hi. I really need to talk to someone offline who has multi domain certificates and named virtual hosts configured, up and running please. I'm using CentOS 4.7 and 5.4 with Apache 2.x. Help greatly appreciated. --- Chris Johnson |Internet: john...@nmr.mgh.harvard.edu Systems Administrator |Web: http://www.nmr.mgh.harvard.edu/~johnsonhttp://www.nmr.mgh.harvard.edu/%7Ejohnson NMR Center |Voice:617.726.0949 Mass. General Hospital |FAX: 617.726.7422 149 (2301) 13th Street |I'm continually amazed by mankind's seemingly Charlestown, MA., 02129 USA |infinite capacity for stupidity.Me --- The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] [Travel Assistance] - Applications Open for ApacheCon NA 2010
Sent on behalf of the Travel Assistance Committee: The Travel Assistance Committee is now taking in applications for those wanting to attend ApacheCon North America (NA) 2010, which is taking place between the 1st and 5th November in Atlanta. The Travel Assistance Committee is looking for people who would like to be able to attend ApacheCon, but who need some financial support in order to be able to get there. There are limited places available, and all applications will be scored on their individual merit. Financial assistance is available to cover travel to the event, either in part or in full, depending on circumstances. However, the support available for those attending only the barcamp is smaller than that for people attending the whole event. The Travel Assistance Committee aims to support all ApacheCons, and cross-project events, and so it may be prudent for those in Asia and the EU to wait for an event closer to them. More information can be found on the main Apache website at http://www.apache.org/travel/index.html - where you will also find a link to the online application and details for submitting. Applications for applying for travel assistance are now being accepted, and will close on the 7th July 2010. Good luck to all those that will apply. You are welcome to tweet, blog as appropriate. Regards, The Travel Assistance Committee. -- Sander Temme scte...@apache.org PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] client denied by server configuration, but sometimes works and sometimes not!
Should i open a bug ticket on apache.org ? On 23 May 2010 21:28, Mario Mol marioh...@gmail.com wrote: Hy Igor, thanks for your attention. Is this code above enough? Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory VirtualHost 174.142.53.80:80 ServerName www.gemt.com.br Alias /stats /var/www/sites/dtc/gemt.com.br/subdomains/www/logs Alias /awstats-icon /usr/share/awstats/icon DocumentRoot /var/www/sites/dtc/gemt.com.br/subdomains/www/html ServerAlias gemt.com.br php_admin_value safe_mode 0 php_admin_value sendmail_from webmas...@gemt.com.br php_value session.save_path /var/www/sites/dtc/ gemt.com.br/subdomains/www/tmp Location / php_admin_value open_basedir /var/www/sites/dtc:/usr/lib/php:/tmp:/usr/share/pear:/var/lib/dtc/etc/dtc404:/usr/share/php:/usr/local/lib/php/phplib: /Location RewriteEngine on RewriteRule ^/cgi-bin/(.*) /cgi-bin/sbox/$1 [PT] ErrorLog /var/www/sites/dtc/gemt.com.br/subdomains/www/logs/error.log LogSQLTransferLogTable gemt_com_br$www$xfer LogSQLScoreDomain gemt.com.br LogSQLScoreSubdomain www LogSQLScoreTable dtc.http_accounting DirectoryIndex index.php index.cgi index.pl index.htm index.html index.php4 /VirtualHost Thanks, On 23 May 2010 21:14, Igor Cicimov icici...@gmail.com wrote: Hi Mario, Are you running mixed http and ssl configuration? Do you have any authentications set on the directories? Any redirections maybe between http and ssl? I think the best would be to print the relevant parts of your configuration here so we can have a look. Cheers, Igor On Mon, May 24, 2010 at 9:12 AM, Mario Mol marioh...@gmail.com wrote: Hy, i didi that already, this problem some times happen and some times not. Very wierd! On 23 May 2010 20:10, Igor Cicimov icici...@gmail.com wrote: Set the file prmisions to 755 Sent from my phone On May 24, 2010 1:49 AM, Mario Mol marioh...@gmail.com wrote: Hy, this is my first message at this group, after more than 10 years using apache =) I`m using apache on a brand new server and i`ve installed a DTC to help me manage many virtual hosts. But i have a website running on this server that, some times, do not shows images (shoing that `x` of file not found). error.log: [Sun May 23 08:49:56 2010] [error] [client 189.82.133.147] client denied by server configuration: /var/www/sites/dtc/ gemt.com.br/subdomains/www/html/imagens/layout/fundo_topo.gif, referer: http://www.gemt.com.br/index.php?conteudo=noticiasmateria=13722 At apache2.conf i`ve added this to garantee: Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory What i think that this is a bug is that most of time it works but sometimes not. Any ideias? Thanks a lot! Server Version: - Linux cl-t95-371cl 2.6.26-2-amd64 #1 SMP Tue Mar 9 22:29:32 UTC 2010 x86_64 GNU/Linux - Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g - Server Built: Mar 28 2010 19:04:04
[us...@httpd] virtual host failure on SUSE
I've had this problem before and fixed it but can't remember what the fix was :( I've got a couple of virtual sites on an SUSE server which I've just updated and now what was perfectly functional is not working. fbwiki.lsces.co.uk was showing it's own site, but is just displaying the base lsces.co.uk pages. Everything looks fine, but if I swap the order of the two VirtualHost entries, then the fbwiki one becomes active. That file has not changed, so I assume something in the SUSE Apache 'crap' is rewriting something else - but I can't see what. Any ideas where to look next? As I say it was working fine this morning :( -- Lester Caine - G8HFL - Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to allow directory browsing to certain ip addresses only
The Order statement...try that with Allow and Deny commands for the directory Sent from my phone On May 25, 2010 12:12 AM, Bertalan Voros bertalan.vo...@tbwaworld.com wrote: Hello All, I'd like your help in the following scenario. I need to restrict directory browsing for everyone but several ip addresses to one folder. I want to allow the several ip addresses to be able to browse the folders. I want to prohibit the rest of the network from browsing but they should still be able to access files if they know their full name/location. IndexIgnore * seems to have achieved half of this. I would appreciate any help with this. Thanks and best regards, Bertalan This e-mail is intended only for the named person or entity to which it is addressed and contains valuable business information that is privileged, confidential and/or otherwise protected from disclosure. Dissemination, distribution or copying of this e-mail or the information herein by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. All contents are the copyright property of TBWA Worldwide, its agencies or a client of such agencies. If you are not the intended recipient, you are nevertheless bound to respect the worldwide legal rights of TBWA Worldwide, its agencies and its clients. We require that unintended recipients delete the e-mail and destroy all electronic copies in their system, retaining no copies in any media.If you have received this e-mail in error, please immediately notify us via e-mail to disclai...@tbwaworld.com. We appreciate your cooperation. We make no warranties as to the accuracy or completeness of this e-mail and accept no liability for its content or use. Any opinions expressed in this e-mail are those of the author and do not necessarily reflect the opinions of TBWA Worldwide or any of its agencies or affiliates.
Re: [us...@httpd] Apache loadbalancer with tomcat 6
Have you configured the tomcat engine with route=public1 ? I think you should put something like jvmRoute=public1 in the server.xml file Igor On Tue, May 25, 2010 at 1:08 AM, Kevin Castellow kev.castel...@gmail.comwrote: Is the request actually reaching the Tomcat server? When using a proxy the error from the end point server will also appear in Apache logs as if Apache is misconfigured when in reality the 503 may be coming from Tomcat because of a misconfiguration there. Check both logs and see if the request is reaching Tomcat. It may point to more details on the issue. Kevin http://kevincastellow.workintel.com On Mon, May 24, 2010 at 8:00 AM, Nasir Zia nasir...@gmail.com wrote: Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
Re: [us...@httpd] Re: How to prevent flashgot by .htaccess ?
On 05/24/2010 08:24 PM, LuKreme wrote: On 24-May-2010, at 06:44, J. Bakshi wrote: Hello list, Can any one suggest me the signature of flashgot as seen by apache ? Does flashgot show up in your server logs? I don't think so. No, Not at all I need that to prevent flashgot from .htaccess. Good luck with that. Why would you think this was possible? Flashgot uses other tools to actually download, and can even use the browsers own downloading, or cURL, wget, or many others. Thanks for the clue. -- জয়দীপ বক্সী - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] client denied by server configuration, but sometimes works and sometimes not!
On Tue, May 25, 2010 at 2:08 AM, Mario Mol marioh...@gmail.com wrote: Should i open a bug ticket on apache.org ? On 23 May 2010 21:28, Mario Mol marioh...@gmail.com wrote: Hy Igor, thanks for your attention. Is this code above enough? Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory VirtualHost 174.142.53.80:80 ServerName www.gemt.com.br Alias /stats /var/www/sites/dtc/gemt.com.br/subdomains/www/logs Alias /awstats-icon /usr/share/awstats/icon DocumentRoot /var/www/sites/dtc/gemt.com.br/subdomains/www/html ServerAlias gemt.com.br php_admin_value safe_mode 0 php_admin_value sendmail_from webmas...@gemt.com.br php_value session.save_path /var/www/sites/dtc/gemt.com.br/subdomains/www/tmp Location / php_admin_value open_basedir /var/www/sites/dtc:/usr/lib/php:/tmp:/usr/share/pear:/var/lib/dtc/etc/dtc404:/usr/share/php:/usr/local/lib/php/phplib: /Location RewriteEngine on RewriteRule ^/cgi-bin/(.*) /cgi-bin/sbox/$1 [PT] ErrorLog /var/www/sites/dtc/gemt.com.br/subdomains/www/logs/error.log LogSQLTransferLogTable gemt_com_br$www$xfer LogSQLScoreDomain gemt.com.br LogSQLScoreSubdomain www LogSQLScoreTable dtc.http_accounting DirectoryIndex index.php index.cgi index.pl index.htm index.html index.php4 /VirtualHost Thanks, On 23 May 2010 21:14, Igor Cicimov icici...@gmail.com wrote: Hi Mario, Are you running mixed http and ssl configuration? Do you have any authentications set on the directories? Any redirections maybe between http and ssl? I think the best would be to print the relevant parts of your configuration here so we can have a look. Cheers, Igor On Mon, May 24, 2010 at 9:12 AM, Mario Mol marioh...@gmail.com wrote: Hy, i didi that already, this problem some times happen and some times not. Very wierd! On 23 May 2010 20:10, Igor Cicimov icici...@gmail.com wrote: Set the file prmisions to 755 Sent from my phone On May 24, 2010 1:49 AM, Mario Mol marioh...@gmail.com wrote: Hy, this is my first message at this group, after more than 10 years using apache =) I`m using apache on a brand new server and i`ve installed a DTC to help me manage many virtual hosts. But i have a website running on this server that, some times, do not shows images (shoing that `x` of file not found). error.log: [Sun May 23 08:49:56 2010] [error] [client 189.82.133.147] client denied by server configuration: /var/www/sites/dtc/gemt.com.br/subdomains/www/html/imagens/layout/fundo_topo.gif, referer: http://www.gemt.com.br/index.php?conteudo=noticiasmateria=13722 At apache2.conf i`ve added this to garantee: Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory What i think that this is a bug is that most of time it works but sometimes not. Any ideias? Thanks a lot! Server Version: Linux cl-t95-371cl 2.6.26-2-amd64 #1 SMP Tue Mar 9 22:29:32 UTC 2010 x86_64 GNU/Linux Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server Built: Mar 28 2010 19:04:04 Why not try with a newer version ? It may be a bug in that release. -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Re: How to prevent flashgot by .htaccess ?
On Tue, May 25, 2010 at 8:06 AM, J. Bakshi joyd...@infoservices.in wrote: On 05/24/2010 08:24 PM, LuKreme wrote: On 24-May-2010, at 06:44, J. Bakshi wrote: Hello list, Can any one suggest me the signature of flashgot as seen by apache ? Does flashgot show up in your server logs? I don't think so. No, Not at all I need that to prevent flashgot from .htaccess. Good luck with that. Why would you think this was possible? Flashgot uses other tools to actually download, and can even use the browsers own downloading, or cURL, wget, or many others. Thanks for the clue. -- জয়দীপ বক্সী - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Why do you want to block it anyway ? -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] client denied by server configuration, but sometimes works and sometimes not!
Well, i`ve done apt-get update , so its all fresh new. Could this be related to some of security mods? For example, mod-security, qos, psad? Cheer,s On 25 May 2010 01:45, Nilesh Govindarajan li...@itech7.com wrote: On Tue, May 25, 2010 at 2:08 AM, Mario Mol marioh...@gmail.com wrote: Should i open a bug ticket on apache.org ? On 23 May 2010 21:28, Mario Mol marioh...@gmail.com wrote: Hy Igor, thanks for your attention. Is this code above enough? Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory VirtualHost 174.142.53.80:80 ServerName www.gemt.com.br Alias /stats /var/www/sites/dtc/gemt.com.br/subdomains/www/logs Alias /awstats-icon /usr/share/awstats/icon DocumentRoot /var/www/sites/dtc/gemt.com.br/subdomains/www/html ServerAlias gemt.com.br php_admin_value safe_mode 0 php_admin_value sendmail_from webmas...@gemt.com.br php_value session.save_path /var/www/sites/dtc/gemt.com.br/subdomains/www/tmp Location / php_admin_value open_basedir /var/www/sites/dtc:/usr/lib/php:/tmp:/usr/share/pear:/var/lib/dtc/etc/dtc404:/usr/share/php:/usr/local/lib/php/phplib: /Location RewriteEngine on RewriteRule ^/cgi-bin/(.*) /cgi-bin/sbox/$1 [PT] ErrorLog /var/www/sites/dtc/ gemt.com.br/subdomains/www/logs/error.log LogSQLTransferLogTable gemt_com_br$www$xfer LogSQLScoreDomain gemt.com.br LogSQLScoreSubdomain www LogSQLScoreTable dtc.http_accounting DirectoryIndex index.php index.cgi index.pl index.htm index.html index.php4 /VirtualHost Thanks, On 23 May 2010 21:14, Igor Cicimov icici...@gmail.com wrote: Hi Mario, Are you running mixed http and ssl configuration? Do you have any authentications set on the directories? Any redirections maybe between http and ssl? I think the best would be to print the relevant parts of your configuration here so we can have a look. Cheers, Igor On Mon, May 24, 2010 at 9:12 AM, Mario Mol marioh...@gmail.com wrote: Hy, i didi that already, this problem some times happen and some times not. Very wierd! On 23 May 2010 20:10, Igor Cicimov icici...@gmail.com wrote: Set the file prmisions to 755 Sent from my phone On May 24, 2010 1:49 AM, Mario Mol marioh...@gmail.com wrote: Hy, this is my first message at this group, after more than 10 years using apache =) I`m using apache on a brand new server and i`ve installed a DTC to help me manage many virtual hosts. But i have a website running on this server that, some times, do not shows images (shoing that `x` of file not found). error.log: [Sun May 23 08:49:56 2010] [error] [client 189.82.133.147] client denied by server configuration: /var/www/sites/dtc/ gemt.com.br/subdomains/www/html/imagens/layout/fundo_topo.gif, referer: http://www.gemt.com.br/index.php?conteudo=noticiasmateria=13722 At apache2.conf i`ve added this to garantee: Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory What i think that this is a bug is that most of time it works but sometimes not. Any ideias? Thanks a lot! Server Version: Linux cl-t95-371cl 2.6.26-2-amd64 #1 SMP Tue Mar 9 22:29:32 UTC 2010 x86_64 GNU/Linux Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server Built: Mar 28 2010 19:04:04 Why not try with a newer version ? It may be a bug in that release. -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to allow directory browsing to certain ip addresses only
On Mon, May 24, 2010 at 7:42 PM, Bertalan Voros bertalan.vo...@tbwaworld.com wrote: Hello All, I'd like your help in the following scenario. I need to restrict directory browsing for everyone but several ip addresses to one folder. I want to allow the several ip addresses to be able to browse the folders. I want to prohibit the rest of the network from browsing but they should still be able to access files if they know their full name/location. IndexIgnore * seems to have achieved half of this. I would appreciate any help with this. Thanks and best regards, Bertalan This e-mail is intended only for the named person or entity to which it is addressed and contains valuable business information that is privileged, confidential and/or otherwise protected from disclosure. Dissemination, distribution or copying of this e-mail or the information herein by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. All contents are the copyright property of TBWA Worldwide, its agencies or a client of such agencies. If you are not the intended recipient, you are nevertheless bound to respect the worldwide legal rights of TBWA Worldwide, its agencies and its clients. We require that unintended recipients delete the e-mail and destroy all electronic copies in their system, retaining no copies in any media.If you have received this e-mail in error, please immediately notify us via e-mail to disclai...@tbwaworld.com. We appreciate your cooperation. We make no warranties as to the accuracy or completeness of this e-mail and accept no liability for its content or use. Any opinions expressed in this e-mail are those of the author and do not necessarily reflect the opinions of TBWA Worldwide or any of its agencies or affiliates. You have some ip addresses who should be able to browse the directory and others should be able to access the files if and only if they know the full access path right ? I don't think this problem can be solved only with apache, you need some scripting stuff. -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] client denied by server configuration, but sometimes works and sometimes not!
On Tue, May 25, 2010 at 10:24 AM, Mario Mol marioh...@gmail.com wrote: Well, i`ve done apt-get update , so its all fresh new. Could this be related to some of security mods? For example, mod-security, qos, psad? Cheer,s On 25 May 2010 01:45, Nilesh Govindarajan li...@itech7.com wrote: On Tue, May 25, 2010 at 2:08 AM, Mario Mol marioh...@gmail.com wrote: Should i open a bug ticket on apache.org ? On 23 May 2010 21:28, Mario Mol marioh...@gmail.com wrote: Hy Igor, thanks for your attention. Is this code above enough? Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory VirtualHost 174.142.53.80:80 ServerName www.gemt.com.br Alias /stats /var/www/sites/dtc/gemt.com.br/subdomains/www/logs Alias /awstats-icon /usr/share/awstats/icon DocumentRoot /var/www/sites/dtc/gemt.com.br/subdomains/www/html ServerAlias gemt.com.br php_admin_value safe_mode 0 php_admin_value sendmail_from webmas...@gemt.com.br php_value session.save_path /var/www/sites/dtc/gemt.com.br/subdomains/www/tmp Location / php_admin_value open_basedir /var/www/sites/dtc:/usr/lib/php:/tmp:/usr/share/pear:/var/lib/dtc/etc/dtc404:/usr/share/php:/usr/local/lib/php/phplib: /Location RewriteEngine on RewriteRule ^/cgi-bin/(.*) /cgi-bin/sbox/$1 [PT] ErrorLog /var/www/sites/dtc/gemt.com.br/subdomains/www/logs/error.log LogSQLTransferLogTable gemt_com_br$www$xfer LogSQLScoreDomain gemt.com.br LogSQLScoreSubdomain www LogSQLScoreTable dtc.http_accounting DirectoryIndex index.php index.cgi index.pl index.htm index.html index.php4 /VirtualHost Thanks, On 23 May 2010 21:14, Igor Cicimov icici...@gmail.com wrote: Hi Mario, Are you running mixed http and ssl configuration? Do you have any authentications set on the directories? Any redirections maybe between http and ssl? I think the best would be to print the relevant parts of your configuration here so we can have a look. Cheers, Igor On Mon, May 24, 2010 at 9:12 AM, Mario Mol marioh...@gmail.com wrote: Hy, i didi that already, this problem some times happen and some times not. Very wierd! On 23 May 2010 20:10, Igor Cicimov icici...@gmail.com wrote: Set the file prmisions to 755 Sent from my phone On May 24, 2010 1:49 AM, Mario Mol marioh...@gmail.com wrote: Hy, this is my first message at this group, after more than 10 years using apache =) I`m using apache on a brand new server and i`ve installed a DTC to help me manage many virtual hosts. But i have a website running on this server that, some times, do not shows images (shoing that `x` of file not found). error.log: [Sun May 23 08:49:56 2010] [error] [client 189.82.133.147] client denied by server configuration: /var/www/sites/dtc/gemt.com.br/subdomains/www/html/imagens/layout/fundo_topo.gif, referer: http://www.gemt.com.br/index.php?conteudo=noticiasmateria=13722 At apache2.conf i`ve added this to garantee: Directory /var/www/sites/dtc Options FollowSymLinks Order Allow,Deny Allow from all /Directory What i think that this is a bug is that most of time it works but sometimes not. Any ideias? Thanks a lot! Server Version: Linux cl-t95-371cl 2.6.26-2-amd64 #1 SMP Tue Mar 9 22:29:32 UTC 2010 x86_64 GNU/Linux Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny8 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server Built: Mar 28 2010 19:04:04 Why not try with a newer version ? It may be a bug in that release. -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org No idea about that, but 2.2.9 is quite old, 2.2.15 has been released around a month ago. -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] virtual host failure on SUSE
On Tue, May 25, 2010 at 3:01 AM, Lester Caine les...@lsces.co.uk wrote: I've had this problem before and fixed it but can't remember what the fix was :( I've got a couple of virtual sites on an SUSE server which I've just updated and now what was perfectly functional is not working. fbwiki.lsces.co.uk was showing it's own site, but is just displaying the base lsces.co.uk pages. Everything looks fine, but if I swap the order of the two VirtualHost entries, then the fbwiki one becomes active. That file has not changed, so I assume something in the SUSE Apache 'crap' is rewriting something else - but I can't see what. Any ideas where to look next? As I say it was working fine this morning :( -- Lester Caine - G8HFL - Contact - http://lsces.co.uk/wiki/?page=contact L.S.Caine Electronic Services - http://lsces.co.uk EnquirySolve - http://enquirysolve.com/ Model Engineers Digital Workshop - http://medw.co.uk// Firebird - http://www.firebirdsql.org/index.php - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org Dump the configuration here -- Nilesh Govindarajan Site Server Administrator www.itech7.com - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache loadbalancer with tomcat 6
Yes i have configured the tomcat engine with jvmRoute in server.xml of tomcat On Tue, May 25, 2010 at 5:26 AM, Igor Cicimov icici...@gmail.com wrote: Have you configured the tomcat engine with route=public1 ? I think you should put something like jvmRoute=public1 in the server.xml file Igor On Tue, May 25, 2010 at 1:08 AM, Kevin Castellow kev.castel...@gmail.comwrote: Is the request actually reaching the Tomcat server? When using a proxy the error from the end point server will also appear in Apache logs as if Apache is misconfigured when in reality the 503 may be coming from Tomcat because of a misconfiguration there. Check both logs and see if the request is reaching Tomcat. It may point to more details on the issue. Kevin http://kevincastellow.workintel.com On Mon, May 24, 2010 at 8:00 AM, Nasir Zia nasir...@gmail.com wrote: Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
Re: [us...@httpd] Apache loadbalancer with tomcat 6
Request is not reaching tomcat as nothing comes in tomcat logs. only 503 error in Apache logs On Mon, May 24, 2010 at 8:08 PM, Kevin Castellow kev.castel...@gmail.comwrote: Is the request actually reaching the Tomcat server? When using a proxy the error from the end point server will also appear in Apache logs as if Apache is misconfigured when in reality the 503 may be coming from Tomcat because of a misconfiguration there. Check both logs and see if the request is reaching Tomcat. It may point to more details on the issue. Kevin http://kevincastellow.workintel.com On Mon, May 24, 2010 at 8:00 AM, Nasir Zia nasir...@gmail.com wrote: Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
Re: [us...@httpd] Apache loadbalancer with tomcat 6
I have checked 503 error comes in apache access logs while apache error logs show below error. [Tue May 25 05:06:02 2010] [error] (70007)The timeout specified has expired: proxy: AJP: attempt to connect to 10.10.1.130:8009 (77.66.1.130) failed [Tue May 25 05:06:02 2010] [error] ap_proxy_connect_backend disabling worker for (10.10.1.130) [Tue May 25 05:06:02 2010] [error] proxy: AJP: failed to make connection to backend: 10.10.1.130 [Tue May 25 05:06:03 2010] [error] (70007)The timeout specified has expired: proxy: AJP: attempt to connect to 10.10.1.130:18009 (10.10.1.130) failed [Tue May 25 05:06:03 2010] [error] ap_proxy_connect_backend disabling worker for (10.10.1.130) [Tue May 25 05:06:03 2010] [error] proxy: AJP: failed to make connection to backend: 10.10.1.130 Nothing comes in tomcat logs Nasir On Tue, May 25, 2010 at 10:24 AM, Nasir Zia nasir...@gmail.com wrote: Request is not reaching tomcat as nothing comes in tomcat logs. only 503 error in Apache logs On Mon, May 24, 2010 at 8:08 PM, Kevin Castellow kev.castel...@gmail.comwrote: Is the request actually reaching the Tomcat server? When using a proxy the error from the end point server will also appear in Apache logs as if Apache is misconfigured when in reality the 503 may be coming from Tomcat because of a misconfiguration there. Check both logs and see if the request is reaching Tomcat. It may point to more details on the issue. Kevin http://kevincastellow.workintel.com On Mon, May 24, 2010 at 8:00 AM, Nasir Zia nasir...@gmail.com wrote: Hi, I have configured Apache loadbalancer with tomcat as backend i am getting 503 error in apache logs when accessing tomcat examples context. I have start with one tomcat behind single apache on same machine Here is my httpd conf VirtualHost *:80 ServerName abc.com ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass /balancer-manager ! ProxyPass /examples balancer://mycluster/examples/ stickysession=JSESSIONID nofailover=On ProxyPassReverse /examples ajp://abc.com:8009/examples/ Proxy balancer://mycluster BalancerMember ajp://abc.com:8009/ route=public1 ProxySet lbmethod=byrequests /Proxy /VirtualHost
