Re: Problem mit SSL Re-Negotiation
Hallo Sven, im apache 2.2 wurde dies schon behoben und kann hier aber wieder eingeschaltet werden[1]. Der patch dazu für Apache 2.2. [2]. Da es leider kein backport zu 2.0 kam, hoffe ich, dass Du den patch für Dich abändern kannst. Gruß Mario [1] http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation [2] http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/CVE-2009-3555-2.2.patch -- Apache HTTP Server Mailing List users-de unsubscribe-Anfragen an users-de-unsubscr...@httpd.apache.org sonstige Anfragen an users-de-h...@httpd.apache.org --
[us...@httpd] AllowOverride: Pros and Cons
Hi All, I would like to hear your idea's of what are the pros and cons if I will set a specific directive-type for AllowOverride like AuthConfig, FileInfo,Indexes, Limit, and Options? I am just concern about security matters that will produce if I will give the user full access on .htaccess (AllowOverride All) on their webroot? Thanks. James
Re: [us...@httpd] AllowOverride: Pros and Cons
On Thu, Jul 8, 2010 at 2:28 AM, James Corteciano ja...@linux-source.orgwrote: [ ... ] I am just concern about security matters that will produce if I will give the user full access on .htaccess (AllowOverride All) on their webroot? AllowOverride All effectively allows a user who can create a .htaccess file to access any file the Web server can read, and execute any code they would like to as the Web server user. From a security perspective it's equivalent to giving the user a shell as the Web server user. That may or may not be consistent with your security objectives. Hope this helps! -Scott.
Re: [us...@httpd] AllowOverride: Pros and Cons
Hi Scott, That helps. Thanks. James On Thu, Jul 8, 2010 at 2:40 PM, Scott Gifford sgiff...@suspectclass.comwrote: On Thu, Jul 8, 2010 at 2:28 AM, James Corteciano ja...@linux-source.orgwrote: [ ... ] I am just concern about security matters that will produce if I will give the user full access on .htaccess (AllowOverride All) on their webroot? AllowOverride All effectively allows a user who can create a .htaccess file to access any file the Web server can read, and execute any code they would like to as the Web server user. From a security perspective it's equivalent to giving the user a shell as the Web server user. That may or may not be consistent with your security objectives. Hope this helps! -Scott.
[us...@httpd] still see .htaccess and .htpasswd trough virtual host
Hello list, I have become little confused and hope to get some help. I have a suse 11.2 server running Apache/2.2.10 (Linux/SUSE) with some virtual hosts. I already have the following in httpd.conf file `` AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files `` But still I can read the .htaccess and .htpasswd file through browser, when visit the virtual host. But if I add the above config at the virtual host itself, it works well. So the virtualhosts bypass the config already there in httpd.conf. Do I need to write the code for each and every virtualhost then ? Not possible to define at any common point just once ? Please let me know, Thanks - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
On Thu, 2010-07-08 at 13:40 +0530, J. Bakshi wrote: Hello list, I have become little confused and hope to get some help. I have a suse 11.2 server running Apache/2.2.10 (Linux/SUSE) with some virtual hosts. I already have the following in httpd.conf file `` AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files `` But still I can read the .htaccess and .htpasswd file through browser, when visit the virtual host. But if I add the above config at the virtual host itself, it works well. So the virtualhosts bypass the config already there in httpd.conf. Do I need to write the code for each and every virtualhost then ? Not possible to define at any common point just once ? Are you sure you're not seeing cached copies? FilesMatch ^\.ht Order allow,deny Deny from all /FilesMatch This prevents you from opening (GET /.htaccess) those files. If you want to prevent them from being seen in a directory listing, use IndexIgnore http://httpd.apache.org/docs/2.2/mod/mod_autoindex.html#indexignore Mark. -- Mark Watts BSc RHCE MBCS Senior Systems Engineer, Managed Services Manpower www.QinetiQ.com QinetiQ - Delivering customer-focused solutions GPG Key: http://www.linux-corner.info/mwatts.gpg signature.asc Description: This is a digitally signed message part
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
On Thu, 08 Jul 2010 09:20:36 +0100 Mark Watts m.wa...@eris.qinetiq.com wrote: On Thu, 2010-07-08 at 13:40 +0530, J. Bakshi wrote: Hello list, I have become little confused and hope to get some help. I have a suse 11.2 server running Apache/2.2.10 (Linux/SUSE) with some virtual hosts. I already have the following in httpd.conf file `` AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files `` But still I can read the .htaccess and .htpasswd file through browser, when visit the virtual host. But if I add the above config at the virtual host itself, it works well. So the virtualhosts bypass the config already there in httpd.conf. Do I need to write the code for each and every virtualhost then ? Not possible to define at any common point just once ? Are you sure you're not seeing cached copies? FilesMatch ^\.ht Order allow,deny Deny from all /FilesMatch This prevents you from opening (GET /.htaccess) those files. Hello Mark, Thanks for your reply. I have just checked with another browser but same here. I can see the contents of .htpasswd as well as .htaccess Even I have added the config you have mentioned above but no luck. I am very confused now. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
Hello, please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Thank you. On 08.07.10 13:40, J. Bakshi wrote: I already have the following in httpd.conf file `` AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files `` But still I can read the .htaccess and .htpasswd file through browser, when visit the virtual host. But if I add the above config at the virtual host itself, it works well. So the virtualhosts bypass the config already there in httpd.conf. Do I need to write the code for each and every virtualhost then ? Not possible to define at any common point just once ? is this in server config or in some virtualhost or directory section? Is there any Files section of the host you are referring to? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One World. One Web. One Program. - Microsoft promotional advertisement Ein Volk, ein Reich, ein Fuhrer! - Adolf Hitler - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] setting up a reverse proxy for sakai
I have a working instance of sakai on one of our clusters.Sakai can be read here http://confluence.sakaiproject.org/display/DOC/Install+Guide+-+Binary+Install+(2.7) We would like the user to be able to reach it via Apache Reverse proxy ProxyPass /sakai http://192.1681.5:9090/portal ProxyPassReverse /sakai http://192.1681.5:9090/portal But when any one tries to reach the page from internet http://mydomain.com/sakai they are not able to reach the CSS,Java scripts ,images correctly. which should not happen and be taken care by the reverse proxy the request is not getting the correct response here are the apache headers for the problem From a client browser on internet following headers were recieved http://pastebin.com/k54kDYAB where as on LAN while accessing via IP:9080/portal the following headers were recieved http://pastebin.com/0BaEViH4 If any one can find any problem here let me know. I am right now searching for the problem in the headers. -- Tapas http://mightydreams.blogspot.com http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers -- Tapas http://mightydreams.blogspot.com http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] setting up a reverse proxy for sakai
On Thu, Jul 8, 2010 at 10:52 AM, Tapas Mishra mightydre...@gmail.com wrote: I have a working instance of sakai on one of our clusters.Sakai can be read here http://confluence.sakaiproject.org/display/DOC/Install+Guide+-+Binary+Install+(2.7) We would like the user to be able to reach it via Apache Reverse proxy ProxyPass /sakai http://192.1681.5:9090/portal ProxyPassReverse /sakai http://192.1681.5:9090/portal But when any one tries to reach the page from internet http://mydomain.com/sakai they are not able to reach the CSS,Java scripts ,images correctly. which should not happen and be taken care by the reverse proxy Your application is generating URLs like this: GET /library/skin/default/portal.css GET /portal/styles/portalstyles.css GET /library/js/jquery.js mod_proxy does not rewrite HTML, only a few specific headers, so your application must generate the correct URLs, eg /'sakai/styles/portalstyles.css'. Configure your application correctly. Cheers Tom - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Execute CGI (or FastCGI or PHP) on missing target file
Hi, Sorry if this has been coverned - tried a few searches on google and this list's archives to no avail. I'd like to move my server over to a templating system. Specifically, what I'd like to do is to be able to execute one named CGI (probably under FastCGI) where Apache cannot find an existing target file (ideally with named extensions like .html but that's not so important) after URL-path translation phase. eg /var/www/ contains: template.cgi index.tmpl shops.tmpl specialcase.html anotherspecial.php morespecial.cgi - requests to the webserver should handled thus: http(s)://webserver/index.html - template.cgi http(s)://webserver/shops.html - template.cgi http(s)://webserver/wibble.html - template.cgi http(s)://webserver/specialcase.html - specialcase.html http(s)://webserver/anotherspecial.php - anotherspecial.php http(s)://webserver/morespecial.cgi - morespecial.cgi This will allow template.cgi to look at the request and decide if the request was X.html and X.tmpl exists, to run template.cgi on X.tmpl. template.cgi will handle the error page when required. Special cases exceptions can be handled just by having the target file present. I'll also need to ideally have this work on any sub path too http(s)://webserver/wibble/index.html - template.cgi http(s)://webserver/wibble/special.html - wibble/special.html if wibble/special.html exists with an easy way to disable it en-bloc for certain paths. Sounds like a rewrite rule, but I've always struggled with those and really don't know how to attack this. Any pointers, even google for blah would be most appreciated. TIA Tim - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
Hello Mark, Thanks for your reply. I have just checked with another browser but same here. I can see the contents of .htpasswd as well as .htaccess Even I have added the config you have mentioned above but no luck. I am very confused now. Where in your configuration file(s) do you have these directives? (the Files or FilesMatch block) ? Mark. -- Mark Watts BSc RHCE MBCS Senior Systems Engineer, Managed Services Manpower www.QinetiQ.com QinetiQ - Delivering customer-focused solutions GPG Key: http://www.linux-corner.info/mwatts.gpg signature.asc Description: This is a digitally signed message part
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
On Thu, 8 Jul 2010 10:57:23 +0200 Matus UHLAR - fantomas uh...@fantomas.sk wrote: snip is this in server config or in some virtualhost or directory section? Is there any Files section of the host you are referring to? /snip Hello Mark and Matus, Thanks for your responses, the Files section is at httpd.conf .I think it would be the best if I show you two files; httpd.conf and a vhost ## httpd.conf ### -- # run under this user/group id Include /etc/apache2/uid.conf # - how many server processes to start (server pool regulation) # - usage of KeepAlive Include /etc/apache2/server-tuning.conf # ErrorLog: The location of the error log file. ErrorLog /var/log/apache2/error_log # generated from APACHE_MODULES in /etc/sysconfig/apache2 Include /etc/apache2/sysconfig.d/loadmodule.conf # IP addresses / ports to listen on Include /etc/apache2/listen.conf # predefined logging formats Include /etc/apache2/mod_log_config.conf # generated from global settings in /etc/sysconfig/apache2 Include /etc/apache2/sysconfig.d/global.conf # optional mod_status, mod_info Include /etc/apache2/mod_status.conf Include /etc/apache2/mod_info.conf # optional cookie-based user tracking # read the documentation before using it!! Include /etc/apache2/mod_usertrack.conf # configuration of server-generated directory listings Include /etc/apache2/mod_autoindex-defaults.conf # associate MIME types with filename extensions TypesConfig /etc/apache2/mime.types DefaultType text/plain Include /etc/apache2/mod_mime-defaults.conf # set up (customizable) error responses Include /etc/apache2/errors.conf # global (server-wide) SSL configuration, that is not specific to # any virtual host Include /etc/apache2/ssl-global.conf # forbid access to the entire filesystem by default Directory / Options None AllowOverride None Order deny,allow Deny from all /Directory AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files ### Virtual server configuration Include /etc/apache2/vhosts.d/*.conf ` And now here is one vhsost ``` VirtualHost example.com:80 ServerName http://www.example.com ServerAlias http://example.com ServerAdmin y...@example.com #don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts #UseCanonicalName Off DocumentRoot /srv/www/htdocs/example.com DirectoryIndex index.php ScriptAlias /cgi-bin/ /srv/www/cgi-bin/ Directory /srv/www/htdocs/example.com/ Options +FollowSymLinks -Indexes # .htaccess slows down apache; only use it when required # AllowOverride All Order allow,deny Allow from all ### Begin: Rewrite stuff ### IfModule mod_rewrite.c # Enable URL rewriting RewriteEngine On RewriteBase / # If the file/symlink/directory does not exist = Redirect to index.php # Important note: If you copy/paste this into httpd.conf instead # of .htaccess you will need to add '%{DOCUMENT_ROOT}' left to each # '%{REQUEST_FILENAME}' part. RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule .* index.php [L] ### End: Rewrite stuff ### /IfModule /Directory ScriptAlias /awstats /usr/local/awstats/wwwroot/cgi-bin/awstats.pl Location /awstats AuthType Basic AuthName awstats requires a password AuthUserFile /srv/www/htdocs/example.com/.htpasswd Require valid-user /Location /VirtualHost ` If I visit example.com; I can see the contents of both .htaccess and .htpasswd :-( - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] setting up a reverse proxy for sakai
Ohh I see.Actually I have also noticed this thing and was wondering if there is any way to do so. I will forward this message to the right people as I am not the developer of sakai. -- Tapas http://mightydreams.blogspot.com http://wiki.xensource.com/xenwiki/Xen_on_4_app_servers - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] AllowOverride: Pros and Cons
Hi All, I would like to hear your idea's of what are the pros and cons if I will set a specific directive-type for AllowOverride like AuthConfig, FileInfo,Indexes, Limit, and Options? Most security guidelines say no to Indexes. It's tolerable to do allow overrides an most things for a development box for developer convenience, but by the time a site gets to production (particularly outside-facing) pretty much anything worked out in .htaccess should be rolled into the httpd.conf. I am just concern about security matters that will produce if I will give the user full access on .htaccess (AllowOverride All) on their webroot? I would resist, or at minimum get support for not allowing it in QA and production. Something you can use for support is the CISecurity Apache Benchmark. It's downloadable for free from cisecurity.org. I just took a quick look and they recommend AllowOverride None. Sheryl Thanks. James - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] apache tuning for svn
Hi Gurus, Any advise on initial tuning values for apache MinSpareServers, MaxSpareServers, and StartServers, tcp tunings, ulimits, sysctl I'm running svn 1.6 over apache2 pre-fork. System load goes high as much as 10 during heavy usage. What would be your recommended MaxRequestsPerChild for heavy svn usage? Thanks, West - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Apache lstat performance problem
Hello All, I have a performance problem with an Apache/PHP5 Configuration under heavy load the website becomes too slow. Using strace I found what appears to me a strange behavior. The strange behavior I want point out is related to a sequence of tentative httpd does in order to read an file. In this particular case apache httpd servers tries 8 times before reach and read the file (if you want I can send the complete strace output) More strange all these tentative seems to be correctly completed because of success (0) return code for each line. For every file should be served by apache httpd, apache httpd tries to lstat all directory in path more times: lstat(/usr, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces/myspaces08, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP, {st_mode=S_IFDIR|0755, st_size=13312, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps, {st_mode=S_IFDIR|0750, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs, {st_mode=S_IFDIR|0755, st_size=2048, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content/languages, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content/languages/zh_CN.php, {st_mode=S_IFREG|0777, st_size=1312, ...}) = 0 FIRST TENTATIVE lstat(/usr, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces/myspaces08, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP, {st_mode=S_IFDIR|0755, st_size=13312, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps, {st_mode=S_IFDIR|0750, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs, {st_mode=S_IFDIR|0755, st_size=2048, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content/languages, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content/languages/zh_CN.php, {st_mode=S_IFREG|0777, st_size=1312, ...}) = 0 SECOND lstat(/usr, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local/myspaces/myspaces08, {st_mode=S_IFDIR|0777, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP, {st_mode=S_IFDIR|0755, st_size=13312, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al, {st_mode=S_IFDIR|0755, st_size=80, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace, {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0 lstat(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps, {st_mode=S_IFDIR|0750, st_size=1024, ...}) = 0 access(/usr/local/myspaces/myspaces08/NSP/wa/al/wall/webspace/siteapps/21451/htdocs/wp-content/languages/zh_CN.php, R_OK) = 0 THIRD lstat(/usr, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 lstat(/usr/local, {st_mode=S_IFDIR|0755,
Re: [us...@httpd] Apache lstat performance problem
I have a performance problem with an Apache/PHP5 Configuration under heavy load the website becomes too slow. Using strace I found what appears to me a strange behavior. The strange behavior I want point out is related to a sequence of tentative httpd does in order to read an file. This is not Apache problem please enable realpath_cache_size in your PHP config Regards, Piotr - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
any clue please ? On Thu, 8 Jul 2010 16:38:04 +0530 J. Bakshi joyd...@infoservices.in wrote: On Thu, 8 Jul 2010 10:57:23 +0200 Matus UHLAR - fantomas uh...@fantomas.sk wrote: snip is this in server config or in some virtualhost or directory section? Is there any Files section of the host you are referring to? /snip Hello Mark and Matus, Thanks for your responses, the Files section is at httpd.conf .I think it would be the best if I show you two files; httpd.conf and a vhost ## httpd.conf ### -- # run under this user/group id Include /etc/apache2/uid.conf # - how many server processes to start (server pool regulation) # - usage of KeepAlive Include /etc/apache2/server-tuning.conf # ErrorLog: The location of the error log file. ErrorLog /var/log/apache2/error_log # generated from APACHE_MODULES in /etc/sysconfig/apache2 Include /etc/apache2/sysconfig.d/loadmodule.conf # IP addresses / ports to listen on Include /etc/apache2/listen.conf # predefined logging formats Include /etc/apache2/mod_log_config.conf # generated from global settings in /etc/sysconfig/apache2 Include /etc/apache2/sysconfig.d/global.conf # optional mod_status, mod_info Include /etc/apache2/mod_status.conf Include /etc/apache2/mod_info.conf # optional cookie-based user tracking # read the documentation before using it!! Include /etc/apache2/mod_usertrack.conf # configuration of server-generated directory listings Include /etc/apache2/mod_autoindex-defaults.conf # associate MIME types with filename extensions TypesConfig /etc/apache2/mime.types DefaultType text/plain Include /etc/apache2/mod_mime-defaults.conf # set up (customizable) error responses Include /etc/apache2/errors.conf # global (server-wide) SSL configuration, that is not specific to # any virtual host Include /etc/apache2/ssl-global.conf # forbid access to the entire filesystem by default Directory / Options None AllowOverride None Order deny,allow Deny from all /Directory AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files ### Virtual server configuration Include /etc/apache2/vhosts.d/*.conf ` And now here is one vhsost ``` VirtualHost example.com:80 ServerName http://www.example.com ServerAlias http://example.com ServerAdmin y...@example.com #don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts #UseCanonicalName Off DocumentRoot /srv/www/htdocs/example.com DirectoryIndex index.php ScriptAlias /cgi-bin/ /srv/www/cgi-bin/ Directory /srv/www/htdocs/example.com/ Options +FollowSymLinks -Indexes # .htaccess slows down apache; only use it when required # AllowOverride All Order allow,deny Allow from all ### Begin: Rewrite stuff ### IfModule mod_rewrite.c # Enable URL rewriting RewriteEngine On RewriteBase / # If the file/symlink/directory does not exist = Redirect to index.php # Important note: If you copy/paste this into httpd.conf instead # of .htaccess you will need to add '%{DOCUMENT_ROOT}' left to each # '%{REQUEST_FILENAME}' part. RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule .* index.php [L] ### End: Rewrite stuff ### /IfModule /Directory ScriptAlias /awstats /usr/local/awstats/wwwroot/cgi-bin/awstats.pl Location /awstats AuthType Basic AuthName awstats requires a password AuthUserFile /srv/www/htdocs/example.com/.htpasswd Require valid-user /Location /VirtualHost ` If I visit example.com; I can see the contents of both .htaccess and .htpasswd :-( - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest:
[us...@httpd] WebDav Server and Apache
Hi All, I followed instruction give on page http://www.howtoforge.com/how-to-set-up-webdav-with-apache2-on-opensuse-11.2 to setup WebDav Server with Apache on openSuse11.2. However I am getting error while testing it with cadaver, * * *delta:/etc/apache2/vhosts.d # cadaver **http://www.example1.com/webdav/*http://www.example1.com/webdav/ * Could not access /webdav/ (not WebDAV-enabled?): 405 Method Not Allowed Connection to `**www.example1.com* http://www.example1.com/*' closed. dav:! quit* *Could someone please help ?* * * *Thanks* *Shyam.*