Re: [users@httpd] subdomain
On 26.07.11 11:24, Amira Othman wrote: I am using apache httpd-2.2.3-43.3 on centos 5.6.i have 5 virtual hosts .the server is also mail server and has mx record how can I deny access to url of mx record as it now goes to default virtual host. Any way to block using apache or I should use iptables You can use firwall rules (e.g. iptables) if the MX uses different IP. But in such case, you also can make apache not to listen on that IP. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Have you got anything without Spam in it? - Well, there's Spam egg sausage and Spam, that's not got much Spam in it. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Timeout question
On 27.07.11 08:50, Qingshan Xie wrote: according to Apache website http://httpd.apache.org/docs/2.0/mod/core.html#timeout, it says, The TimeOut directive currently defines the amount of time Apache will wait for three things: 1. The total amount of time it takes to receive a GET request. 2. The amount of time between receipt of TCP packets on a POST or PUT request. 3. The amount of time between ACKs on transmissions of TCP packets in responses. Can someone explain the 2nd point, I do not understand it fully? it apparently means that the incoming TCP packets for POST or PUT requests must come in lowert intervals, to prevent very slow clients from eating all connections to apache. Apparently aginst slowloris attack. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. We are but packets in the Internet of life (userfriendly.org) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] DH parameters
Hello! How to specify custom DH parameters for mod_ssl? When using DH ciphersuites, there are necessary DH parameters, if they are not specified explicitly, default ones are used. There is a default set of 1024bit parameters. Also, is there a way to specify ECDH parameters for ECDH ciphersuites? (This is less important than DH, though.) The FAQ of this list (http://httpd.apache.org/docs/misc/FAQ.html) is a 404. Search function for mailing list archives did not take 2 character keywords (DH), they were ignored. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] DH parameters
On Wed, Aug 10, 2011 at 12:53:29PM +0300, yyy wrote: How to specify custom DH parameters for mod_ssl? [snip] The FAQ of this list (http://httpd.apache.org/docs/misc/FAQ.html) is a 404. Search function for mailing list archives did not take 2 character keywords (DH), they were ignored. That the FAQ is missing is a major problem. Hopefully someone with access to that page can sort it out. A 2 character search term is going to produce a lot of results, even if it were acceptable to the search system. However, you can easily get around this by using a more specific search term. See for example this: http://httpd.markmail.org/search/?q=%22dh%20parameters%22 which produced a manageable set of results. Hopefully one of those will give the information you need. Best of luck, Pete -- Openstrike - improving business through open source http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107 pgpGq3YjJ5EGB.pgp Description: PGP signature
Re: [users@httpd] Directory Browsing
I want to disable directory browsing but when I add the line Options -Indexes to httpd.conf nothing changes and still I can browse directory through web page. Is there something missed to disable browsing. On Wed, Aug 3, 2011 at 9:37 AM, Amira Othman a.oth...@cairosource.com wrote: The context you make the change in matters, as it can be reset at more specific contexts and in .htaccess files. On 03.08.11 16:58, Amira Othman wrote: I added it within virtual host in directory directive and there is no htaccess used Isn't there any Directory directive mathing the directory or its parents? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I'm not interested in your website anymore. If you need cookies, bake them yourself. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] DH parameters
Wednesday, August 10, 2011, 1:08:37 PM, you wrote: On Wed, Aug 10, 2011 at 12:53:29PM +0300, yyy wrote: How to specify custom DH parameters for mod_ssl? [snip] The FAQ of this list (http://httpd.apache.org/docs/misc/FAQ.html) is a 404. Search function for mailing list archives did not take 2 character keywords (DH), they were ignored. That the FAQ is missing is a major problem. Hopefully someone with access to that page can sort it out. A 2 character search term is going to produce a lot of results, even if it were acceptable to the search system. However, you can easily get around this by using a more specific search term. See for example this: http://httpd.markmail.org/search/?q=%22dh%20parameters%22 which produced a manageable set of results. Hopefully one of those will give the information you need. Best of luck, Pete There were 166 results. Most of these results were openssl s_server (or something similar) outputs (using default DH params) and generating temp DH params some were about making FIPS compliant version, which skips generating temp DH params. These 3 groups were 95+% of results There were some source patches (at the end) and this thread (at the beginning). I know, that mod_gnutls has a directive for specifying DH parameters, but mod_gnults is not available for windows. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] AuthMySQL_Encryption_Types SHA1Sum not working
Hi, I am not able to figure why SH1Sum authentication type is not working in sql table: userid: test2 sh1sum password stored: 9054fbe0b622c638224d50d20824d2ff6782e308 I computed sha2sum password as below: $ echo test2|sha1sum 9054fbe0b622c638224d50d20824d2ff6782e308 - in apache config: AuthMySQL_Encryption_Types SHA1Sum * Apache/2.2.16 (Ubuntu) * MySQL client version: 5.1.49and it does not authenticate, i get NO error in apache error or access logs. for the user test who ha splain text password stored AuthMySQL_Encryption_Types PlainText works. so when it is working for plaintext why not for sha1sum encrypted???
Re: [users@httpd] AuthMySQL_Encryption_Types SHA1Sum not working
Echo appends a linebreak, try using echo -n instead. /Björn 10 aug 2011 kl. 17:37 skrev Rajeev Prasad rp.ne...@yahoo.commailto:rp.ne...@yahoo.com: Hi, I am not able to figure why SH1Sum authentication type is not working in sql table: userid: test2 sh1sum password stored: 9054fbe0b622c638224d50d20824d2ff6782e308 I computed sha2sum password as below: $ echo test2|sha1sum 9054fbe0b622c638224d50d20824d2ff6782e308 - in apache config: AuthMySQL_Encryption_Types SHA1Sum * Apache/2.2.16 (Ubuntu) * MySQL client version: 5.1.49 and it does not authenticate, i get NO error in apache error or access logs. for the user test who ha splain text password stored AuthMySQL_Encryption_Types PlainText works. so when it is working for plaintext why not for sha1sum encrypted???
Re: [users@httpd] AuthMySQL_Encryption_Types SHA1Sum not working
Thank you Bjorn, that fixed my issue. From: Björn Zettergren bjorn.zetterg...@basefarm.se To: users@httpd.apache.org users@httpd.apache.org; Rajeev Prasad rp.ne...@yahoo.com Cc: users@httpd.apache.org users@httpd.apache.org Sent: Wednesday, August 10, 2011 11:15 AM Subject: Re: [users@httpd] AuthMySQL_Encryption_Types SHA1Sum not working Echo appends a linebreak, try using echo -n instead. /Björn 10 aug 2011 kl. 17:37 skrev Rajeev Prasad rp.ne...@yahoo.com: Hi, I am not able to figure why SH1Sum authentication type is not working in sql table: userid: test2 sh1sum password stored: 9054fbe0b622c638224d50d20824d2ff6782e308 I computed sha2sum password as below: $ echo test2|sha1sum 9054fbe0b622c638224d50d20824d2ff6782e308 - in apache config: AuthMySQL_Encryption_Types SHA1Sum * Apache/2.2.16 (Ubuntu) * MySQL client version: 5.1.49 and it does not authenticate, i get NO error in apache error or access logs. for the user test who ha splain text password stored AuthMySQL_Encryption_Types PlainText works. so when it is working for plaintext why not for sha1sum encrypted???