Re: [users@httpd] Urgent !!! - Rewrite issue

[aparna Puram]

Hello Spliff,

Well actually to explain the complete scenario,

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://dnsname%{REQUEST_URI}

The above rewirte is set to redirect all the http requests to https request.

It is working fine when I give the http://localhostname it is rewriting
to https://dnsname

but when I type https://loacalhostname it is redirecting to https://
localhostname

I want it to be redirecting to https://dnsname as the ssl certificate CN
: is the dnsname.



On Sun, Mar 18, 2012 at 10:00 AM, SpliFF spl...@warriorhut.org wrote:

  On 18/03/12 15:02, aparna Puram wrote:

 Hello Daniel/Mathijs,

 There is only one virtual host.

 server name is :selecvcp1.sw.ericsson.se
 Dns name for that server is : select.ericsson.se

 both will redirect to the same apache

 when I use http:selectvcp1.sw.ericsson.se, I m being redirected to
 https://select.ericsson.se.
 However, When i type https://selectvcp1.sw.ericsson.se, I m still being
 in https://selectvcp1.sw.ericsson.se

 I m not sure y. Is there any other way around?


 If you expect https to redirect then your condition:

 RewriteCond  %{SERVER_PORT} !^443$

 ... is preventing that. What is the purpose of that condition if not to
 prevent https from redirecting?

Re: [users@httpd] Urgent !!! - Rewrite issue

[SpliFF]

I think you're saying you want:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^localhostname$
RewriteRule (.*) https://dnsname%{REQUEST_URI}

As long as you are checking for https or port 443 in the rewrite condition 
you're not redirecting anywhere on HTTPS
requests. If you want HTTPS to redirect then your condition is blocking that. 
The rules above send ALL requests to
the dnsname using https regardless of the scheme actually requested. That seems 
to be the behaviour you're asking for.

This all assumes you are using this rule in your port 80 and port 433 
virtualhosts.



On 18/03/12 17:45, aparna Puram wrote:
 Hello Spliff,
 
 Well actually to explain the complete scenario,
 
 RewriteEngine On
 RewriteCond %{HTTPS} off
 RewriteRule (.*) https://dnsname%{REQUEST_URI}
 
 The above rewirte is set to redirect all the http requests to https request.
 
 It is working fine when I give the http://localhostname it is rewriting to 
 https://dnsname
 
 but when I type https://loacalhostname it is redirecting to 
 https://localhostname
 
 I want it to be redirecting to https://dnsname as the ssl certificate CN : 
 is the dnsname.
 
 
 
 On Sun, Mar 18, 2012 at 10:00 AM, SpliFF spl...@warriorhut.org 
 mailto:spl...@warriorhut.org wrote:
 
 On 18/03/12 15:02, aparna Puram wrote:
 Hello Daniel/Mathijs,

 There is only one virtual host.

 server name is :selecvcp1.sw.ericsson.se 
 http://selecvcp1.sw.ericsson.se
 Dns name for that server is : select.ericsson.se 
 http://select.ericsson.se

 both will redirect to the same apache

 when I use http:selectvcp1.sw.ericsson.se 
 http://selectvcp1.sw.ericsson.se, I m being redirected to
 https://select.ericsson.se.
 However, When i type https://selectvcp1.sw.ericsson.se, I m still being 
 in https://selectvcp1.sw.ericsson.se

 I m not sure y. Is there any other way around?

 
 If you expect https to redirect then your condition:
 
 RewriteCond  %{SERVER_PORT} !^443$
 
 ... is preventing that. What is the purpose of that condition if not to 
 prevent https from redirecting?
 
 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Urgent !!! - Rewrite issue

[aparna Puram]

Hello Spliff,

The rewirtes that you have specified is performing the same.

https://localhost is not being redirected to https://dnsname

However,

http://localhost is redirected to https://dns name

Since the ssl ceritificate is installed only for the dns name, When I am
accessing https://localhost, It says ssl is installed for differncet common
name, Do you still want to access the site.

Please let me know if there is any fix to this.

On Sun, Mar 18, 2012 at 12:45 PM, SpliFF spl...@warriorhut.org wrote:

 I think you're saying you want:

 RewriteEngine On
 RewriteCond %{HTTP_HOST} ^localhostname$
 RewriteRule (.*) https://dnsname%{REQUEST_URI}

 As long as you are checking for https or port 443 in the rewrite condition
 you're not redirecting anywhere on HTTPS
 requests. If you want HTTPS to redirect then your condition is blocking
 that. The rules above send ALL requests to
 the dnsname using https regardless of the scheme actually requested. That
 seems to be the behaviour you're asking for.

 This all assumes you are using this rule in your port 80 and port 433
 virtualhosts.



 On 18/03/12 17:45, aparna Puram wrote:
  Hello Spliff,
 
  Well actually to explain the complete scenario,
 
  RewriteEngine On
  RewriteCond %{HTTPS} off
  RewriteRule (.*) https://dnsname%{REQUEST_URI}
 
  The above rewirte is set to redirect all the http requests to https
 request.
 
  It is working fine when I give the http://localhostname it is
 rewriting to https://dnsname
 
  but when I type https://loacalhostname it is redirecting to https://
 localhostname
 
  I want it to be redirecting to https://dnsname as the ssl certificate
 CN : is the dnsname.
 
 
 
  On Sun, Mar 18, 2012 at 10:00 AM, SpliFF spl...@warriorhut.org mailto:
 spl...@warriorhut.org wrote:
 
  On 18/03/12 15:02, aparna Puram wrote:
  Hello Daniel/Mathijs,
 
  There is only one virtual host.
 
  server name is :selecvcp1.sw.ericsson.se 
 http://selecvcp1.sw.ericsson.se
  Dns name for that server is : select.ericsson.se 
 http://select.ericsson.se
 
  both will redirect to the same apache
 
  when I use http:selectvcp1.sw.ericsson.se 
 http://selectvcp1.sw.ericsson.se, I m being redirected to
  https://select.ericsson.se.
  However, When i type https://selectvcp1.sw.ericsson.se, I m still
 being in https://selectvcp1.sw.ericsson.se
 
  I m not sure y. Is there any other way around?
 
 
  If you expect https to redirect then your condition:
 
  RewriteCond  %{SERVER_PORT} !^443$
 
  ... is preventing that. What is the purpose of that condition if not
 to prevent https from redirecting?
 
 

[users@httpd] httpd crashes with segmentation fault: Incompatible libpng version in application and library

[Lenin]

Hi,

I've compiled httpd 2.2.21 and php 5.3.10, the version of libpng I used is
1.5.7, and I installed all the three packages under a custom path under
/opt.

The OS is CentOS 6.2, which contains an official distribution of libpng,
the version is 1.2.46.

When I start the server and visit programs hosted on it, the error.log
keeps being appended with the following messages:

*libpng warning: Application was compiled with png.h from libpng-1.5.7
libpng warning: Application  is  running with png.c from libpng-1.2.46
gd-png:  fatal libpng error: Incompatible libpng version in application and
library*

I know the reason is that the version running with is not the one compiled
with. But setting the environment variable LD_LIBRARY_PATH won't solve the
problem.

Can anybody tell me how to fix this ? I know removing the old version of
libpng or recompile the server using the old version may be ok, but there
are some other potential problems, so I just want to run my application
server with the new version of libpng compiled by my self.

Thanks

[users@httpd] Re: site loads correctly using lan ip, but not from other computers on same lan

[Joon Lee]

Hi Serge, thanks for the reply!

Have you read into AllowCONNECT
I've tried adding it for ports  and .

does your URL change when you visit the pages.
Since I'd expect proxypass and proxypassreverse to refer to the same url
I've changed the setting for ProxyPassReverse to match ProxyPass

so now my vhost setting for the webapp looks like this with AllowConnect
added and ProxyPassReverse edited:

VirtualHost *:
ServerAdmin ad...@example.com
ServerName www.example.com
ServerAlias example.com

# Indexes + Directory Root.
DirectoryIndex index.php
DocumentRoot /var/www/html/example.com/wordpress

ProxyRequests Off
AllowConnect  
Proxy *
Order deny,allow
Allow from all
/Proxy
ProxyPass / http://localhost:/
ProxyPassReverse / http://localhost: http://www.example.com:/
#ProxyPassReverseCookieDomain localhost: www.example.com:/
ProxyPassReverseCookiePath / /

/VirtualHost

Have you read the logs and could you post any relevant entries
After the changes, the behavior is the same, and both the access and error
logs don't show any entries for attempts to access 192.168.1.5: from
other computers on the network, only for the attempts made from 192.168.1.5
itself.

Any other ideas?


-Daniel Lee

Re: [users@httpd] [RHEL6.2] SSL handshake failure

[Aubrey Li]

Here is what I got when I put the loglevel to debug in httpd.conf
===
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1866): OpenSSL:
Handshake: start
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1874): OpenSSL:
Loop: before/accept initialization
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
read 11/11 bytes from BIO#7fa4600011a0 [mem: 7fa460006ac0] (BIO dump
follows)
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):
+-+
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 16
03 00 00 2d 01 00 00-29 03-...).   |
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0011 - SPACES/NULS
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):
+-+
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
read 39/39 bytes from BIO#7fa4600011a0 [mem: 7fa460006acb] (BIO dump
follows)
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):
+-+
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 4f
66 66 ec 02 5d 92 3d-4d db ee c7 10 f5 d5 43  Off..].=M..C |
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0010: 3e
16 87 86 7b c9 a0 88-db 60 5a c8 f1 46 10 8f  ...{`Z..F.. |
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0020: 00
00 02 00 04 01..   |
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0039 - SPACES/NULS
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):
+-+
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1884): OpenSSL:
Write: SSLv3 read client hello C
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
Exit: error in SSLv3 read client hello C
[Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
Exit: error in SSLv3 read client hello C
[Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] SSL library error
1 in handshake (server www.example.com:443)
[Mon Mar 19 06:51:12 2012] [info] SSL Library Error: 336109761
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher Too
restrictive SSLCipherSuite or using DSA server certificate?
[Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] Connection closed
to child 2 with abortive shutdown (server www.example.com:443)
==
quite strange, openssl s_client command can pass the SSL handshake while
this java application cannot.

openssl version is 0.9.8u

Welcome any inputs!

Thanks,
-Aubrey


On Fri, Mar 16, 2012 at 1:50 AM, Mark Montague m...@catseye.org wrote:
 On March 15, 2012 13:31 , Aubrey Li aubrey...@gmail.com wrote:

 Thanks for your reply. here is the output of httpd -V. [...]


  -D HTTPD_ROOT=/export/bench/benchmarks/apache2
  -D SUEXEC_BIN=/export/bench/benchmarks/apache2/bin/suexec
  -D DEFAULT_PIDLOG=logs/httpd.pid
  -D DEFAULT_SCOREBOARD=logs/apache_runtime_status
  -D DEFAULT_ERRORLOG=logs/error_log
  -D AP_TYPES_CONFIG_FILE=conf/mime.types
  -D SERVER_CONFIG_FILE=conf/httpd.conf

 I built httpd-2.2.22 on a RHEL6.2 system with SSL enabled. Then I made a
 client
 to create a connection to httpd but received a handshake failure report.

 [...]

 When I connect the client to the server(RHEL6.2), there is no
 access_log, no err_log,
 nothing added in /var/log/messages, it's very weird.


 So you are saying that you have a file at
 /export/bench/benchmarks/apache2/conf/httpd.conf that contains all of the
 correct directives to configure SSL, logging, and appropriate virtual hosts?

 And you are saying that no logs are appearing at
 /export/bench/benchmarks/apache2/logs/error_log nor at the location that you
 specify in your ErrorLog directive in
 /export/bench/benchmarks/apache2/conf/httpd.conf ?

 In this case, what user are you starting httpd as?  What are the values for
 the User and Group directives in
 /export/bench/benchmarks/apache2/conf/httpd.conf ? Do that user and group
 have write access to the place you are telling this version of httpd to
 write its error logs?

 Is this system running any Mandatory Access Control system such as SELinux,
 AppArmor, Tomoyo, or grsecurity that could be interferring with what this
 version of httpd is trying to do or where it is trying to do it?   If so,
 then check the log files for the Mandatory Access Control system that you
 are running to find out what the problem is.

 Hopefully other people on this list will have additional, and better,
 suggestions of things to check.

 --
  Mark Montague
  m...@catseye.org


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org

Re: [users@httpd] site loads correctly using lan ip, but not from other computers on same lan

[Igor Cicimov]

Drop the cookie thing and replace localhost with 192.168.1.5 in the proxy
lines
 On Mar 18, 2012 1:12 PM, Serge Fonville serge.fonvi...@gmail.com wrote:

 Also,

 does your URL change when you visit the pages.

 Since I'd expect proxypass and proxypassreverse to refer to the same url

 Kind regards/met vriendelijke groet,

 Serge Fonville

 http://www.sergefonville.nl

 Convince Google!!
 They need to add GAL support on Android (star to agree)
 http://code.google.com/p/android/issues/detail?id=4602



 2012/3/18 Serge Fonville serge.fonvi...@gmail.com:
  Hi,
 
  Two things:
 
  Have you read into AllowCONNECT
  Have you read the logs and could you post any relevant entries
 
  HTH
  Kind regards/met vriendelijke groet,
 
  Serge Fonville
 
  http://www.sergefonville.nl
 
  Convince Google!!
  They need to add GAL support on Android (star to agree)
  http://code.google.com/p/android/issues/detail?id=4602
 
 
 
  2012/3/18 Joon Lee jundo...@gmail.com:
  Hi, I've got a configuration using ProxyPass for a webapp running on
  localhost to be accessible from example.com: and a wordpress blog
 on
  example.com:80. the httpd.conf vhost setting like this:
 
 
  VirtualHost *:
  ServerAdmin ad...@example.com
  ServerName www.example.com
  ServerAlias example.com
 
  # Indexes + Directory Root.
  DirectoryIndex index.php
  DocumentRoot /var/www/html/example.com/wordpress
 
  ProxyRequests Off
  Proxy *
  Order deny,allow
  Allow from all
  /Proxy
  ProxyPass / http://localhost:/
  ProxyPassReverse / http://www.example.com:/
  #ProxyPassReverseCookieDomain localhost: www.example.com:/
  ProxyPassReverseCookiePath / /
 
  /VirtualHost
  VirtualHost *:80
  ServerAdmin ad...@example.com
  ServerName www.example.com
  ServerAlias example.com
 
  # Indexes + Directory Root.
 
  DirectoryIndex index.php
  DocumentRoot /var/www/html/example.com/wordpress
  /VirtualHost
 
 
  the computer (192.168.1.5) running apache itself is trying to serve
  wordpress from the standard example.com and proxy a localhost app on
 port
   (example.com:) to the internet. the wordpress site works from
  192.168.1.5 from anywhere on the network (on port 80), but the
 localhost app
  proxy on 192.168.1.5: works on 192.168.1.5 itself but not on other
  computers within the network. why would it only work on the originating
  server and not its peers?

 Als

 -
 To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
 For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] [RHEL6.2] SSL handshake failure

[Igor Cicimov]

[Mon Mar 19 06:51:12 2012] [info] SSL Library Error: 336109761
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_ HELLO:no shared cipher Too
restrictive SSLCipherSuite or using DSA server certificate?

Check the SSLCipherSuite directive in your SSL host as the error says it
might be too restrictive. Try adding more options.
 On Mar 19, 2012 2:00 AM, Aubrey Li aubrey...@gmail.com wrote:

 Here is what I got when I put the loglevel to debug in httpd.conf
 ===
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1866): OpenSSL:
 Handshake: start
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1874): OpenSSL:
 Loop: before/accept initialization
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
 read 11/11 bytes from BIO#7fa4600011a0 [mem: 7fa460006ac0] (BIO dump
 follows)
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):
 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 16
 03 00 00 2d 01 00 00-29 03-...).   |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0011 -
 SPACES/NULS
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):
 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
 read 39/39 bytes from BIO#7fa4600011a0 [mem: 7fa460006acb] (BIO dump
 follows)
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):
 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 4f
 66 66 ec 02 5d 92 3d-4d db ee c7 10 f5 d5 43  Off..].=M..C |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0010: 3e
 16 87 86 7b c9 a0 88-db 60 5a c8 f1 46 10 8f  ...{`Z..F.. |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0020: 00
 00 02 00 04 01..   |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0039 -
 SPACES/NULS
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):
 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1884): OpenSSL:
 Write: SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
 Exit: error in SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
 Exit: error in SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] SSL library error
 1 in handshake (server www.example.com:443)
 [Mon Mar 19 06:51:12 2012] [info] SSL Library Error: 336109761
 error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher Too
 restrictive SSLCipherSuite or using DSA server certificate?
 [Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] Connection closed
 to child 2 with abortive shutdown (server www.example.com:443)
 ==
 quite strange, openssl s_client command can pass the SSL handshake while
 this java application cannot.

 openssl version is 0.9.8u

 Welcome any inputs!

 Thanks,
 -Aubrey


 On Fri, Mar 16, 2012 at 1:50 AM, Mark Montague m...@catseye.org wrote:
  On March 15, 2012 13:31 , Aubrey Li aubrey...@gmail.com wrote:
 
  Thanks for your reply. here is the output of httpd -V. [...]
 
 
   -D HTTPD_ROOT=/export/bench/benchmarks/apache2
   -D SUEXEC_BIN=/export/bench/benchmarks/apache2/bin/suexec
   -D DEFAULT_PIDLOG=logs/httpd.pid
   -D DEFAULT_SCOREBOARD=logs/apache_runtime_status
   -D DEFAULT_ERRORLOG=logs/error_log
   -D AP_TYPES_CONFIG_FILE=conf/mime.types
   -D SERVER_CONFIG_FILE=conf/httpd.conf
 
  I built httpd-2.2.22 on a RHEL6.2 system with SSL enabled. Then I
 made a
  client
  to create a connection to httpd but received a handshake failure
 report.
 
  [...]
 
  When I connect the client to the server(RHEL6.2), there is no
  access_log, no err_log,
  nothing added in /var/log/messages, it's very weird.
 
 
  So you are saying that you have a file at
  /export/bench/benchmarks/apache2/conf/httpd.conf that contains all of the
  correct directives to configure SSL, logging, and appropriate virtual
 hosts?
 
  And you are saying that no logs are appearing at
  /export/bench/benchmarks/apache2/logs/error_log nor at the location that
 you
  specify in your ErrorLog directive in
  /export/bench/benchmarks/apache2/conf/httpd.conf ?
 
  In this case, what user are you starting httpd as?  What are the values
 for
  the User and Group directives in
  /export/bench/benchmarks/apache2/conf/httpd.conf ? Do that user and group
  have write access to the place you are telling this version of httpd to
  write its error logs?
 
  Is this system running any Mandatory Access Control system such as
 SELinux,
  AppArmor, Tomoyo, or grsecurity that could be interferring with 

Re: [users@httpd] Issue with trailing slashes after rewrite

[Nala Gnirut]

After adapting to my folder structure it should look like

RewriteCond %{HTTP_HOST} ^(.*)\.(.*)\.(.*)$
RewriteRule ^/(.*) /%1/$1 [P]

Unfortunately neither your original suggestion nor my version seem to cause
any redirection.

On Sat, Mar 17, 2012 at 3:09 PM, Igor Cicimov icici...@gmail.com wrote:

 Correction


 RewriteCond %{HTTP_HOST} ^(.*)\.(.*)\.com$
 RewriteRule ^/(.*) /%2/%1/$1 [P,L]

Re: [users@httpd] Issue with trailing slashes after rewrite

[Eric Covener]

On Sun, Mar 18, 2012 at 5:56 PM, Nala Gnirut nala.gni...@gmail.com wrote:
 After adapting to my folder structure it should look like

 RewriteCond %{HTTP_HOST} ^(.*)\.(.*)\.(.*)$
 RewriteRule ^/(.*) /%1/$1 [P]

 Unfortunately neither your original suggestion nor my version seem to cause
 any redirection.

The P flag is explicitly used to proxy. If you want to redirect,
substitute a full URL and use the R flag instead.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Issue with trailing slashes after rewrite

[Nala Gnirut]

On Sun, Mar 18, 2012 at 11:16 PM, Eric Covener cove...@gmail.com wrote:

 The P flag is explicitly used to proxy. If you want to redirect,
 substitute a full URL and use the R flag instead.


I need to dynamically change DocumentRoot for some subdomains pointing to
the same local path.

This rule works (almost) as expected, but has an issue with links to
subfolders without trailing slash:

RewriteCond %{HTTP_HOST} ^foo\.domain\.com$
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule .* /foo%{REQUEST_URI}  [QSA,L]

That is

http://foo.domain.com/bar/ works, while

http://foo.domain.com/bar is redirected to a wrong local path (/foo/foo/bar
instead of /foo/bar)

[users@httpd] Re: Apache 2.2 on Windows refuses to process more than 5 requests from one client concurrently

[Yakov Shapiro]

Hello there,

A coworker of mine was able to find the solution on Google. if you add

PerlInterpMax 20

to the httpd.conf, then all 20 concurrent requests will get processed
simultaneously. The default value for PerlInterpMax is 5, which means
that Apache will not run more than 5 Perl interpreters at the same
time.

I hope this answer helps someone who runs into the same problem later.

Yakov Shapiro

On Sun, Mar 4, 2012 at 6:19 PM, Yakov Shapiro yshapir...@gmail.com wrote:
 Hello,

 I have been trying to configure Apache 2.2 running on Windows to
 simultaneously handle a large number - say, a hundred - of incoming
 web requests from a single UNIX machine. I have already raised
 ThreadsPerChild on the Apache server to 128. To isolate the problem, I
 also wrote a short Perl script for Windows, goodnight.pl. It sleeps
 for 3 seconds, prints a message and exits. I wrote a second scrpit,
 testharness.pl, to run on UNIX. It forks off 20 processes that each
 send a single web request to goodnight.pl using Curl.

 Since my ThreadsPerChild is well above 20, and nobody else is using my
 Apache server, I expect it to handle all 20 requests to goodnight.pl
 at once. So testharness.pl should complete in 3 seconds (give or take
 a little time to establish the connection). If I modify testharness.pl
 to fork off only one process and send one web request, then it does
 exit in 3 seconds. However, with 20 simultaneous requests, the test
 harness takes 12 seconds to finish. The Apache access log (see end of
 this message) shows that all 20 requests arrive at the same second,
 but the first five take 3 seconds to process, the next five, 6
 seconds, the next five, 9 seconds and the last five, 12 seconds. As
 far as I can tell, this slowness is not caused by goodnight.pl (which
 does nothing except sleep, print and exit). If I add benchmarking to
 goodnight.pl to log the script start time, then the logs show the last
 five instances of the script are started 9 seconds after the request
 is received by Apache.

 I have also ran tcpdump on UNIX to see if this slowness is caused by
 network issues. It does not appear to be: Apache instantly confirms
 that it has received the request, but then takes longer than expected
 (12 seconds instead of 3) to send back a response. I have also checked
 the load on the Windows machine, using Task Manager. The memory and
 CPU usage stay well below 75% through my test.

 Is there anything I can do (or check) to change that behavior, and
 make all 20 requests process at once? My access log and error log are
 below. My httpd.conf is attached to this e-mail. My Windows OS is
 Windows Server Standard, Service Pack 2. It is running Apache HTTP
 Server 2.2 and ActivePerl version 5.8.8, build 817.

 I would greatly appreciate any help with this issue.

 Yakov Shapiro

 P.S. Below is my Apache error log. To my eye it looks normal:

 [Sun Mar 04 17:36:06 2012] [notice] Apache/2.2.15 (Win32)
 mod_perl/2.0.4-dev Perl/v5.10.1 configured -- resuming normal
 operations
 [Sun Mar 04 17:36:06 2012] [notice] Server built: Mar  4 2010 11:27:46
 [Sun Mar 04 17:36:06 2012] [notice] Parent: Created child process 2684
 [Sun Mar 04 17:36:06 2012] [debug] mpm_winnt.c(487): Parent: Sent the
 scoreboard to the child
 [Sun Mar 04 17:36:06 2012] [info] Parent: Duplicating socket 228 and
 sending it to child process 2684
 [Sun Mar 04 17:36:06 2012] [debug] mpm_winnt.c(605): Parent: Sent 1
 listeners to child 2684
 [Sun Mar 04 17:36:06 2012] [notice] Child 2684: Child process is running
 [Sun Mar 04 17:36:06 2012] [debug] mpm_winnt.c(408): Child 2684:
 Retrieved our scoreboard from the parent.
 [Sun Mar 04 17:36:06 2012] [debug] mpm_winnt.c(564): Child 2684:
 retrieved 1 listeners from parent
 [Sun Mar 04 17:36:06 2012] [notice] Child 2684: Acquired the start mutex.
 [Sun Mar 04 17:36:06 2012] [notice] Child 2684: Starting 128 worker threads.
 [Sun Mar 04 17:36:06 2012] [notice] Child 2684: Starting thread to
 listen on port 80.

 Here is my Apache access log. It shows the problem: the requests to
 the same script are taking progressively longer to process (the first
 few are done in 3 seconds, the last few take 12 seconds).

 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=2 HTTP/1.1 200 26 3 300
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=1 HTTP/1.1 200 26 3 300
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=12 HTTP/1.1 200 26 3 300
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=10 HTTP/1.1 200 26 3 3015625
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=3 HTTP/1.1 200 26 3 3031250
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=4 HTTP/1.1 200 26 5 5984375
 172.25.122.29 - - [04/Mar/2012:17:39:04 -0500] GET
 /perl/goodnight.pl?requestnumber=6 HTTP/1.1 200 26 6 600
 

Re: [users@httpd] httpd crashes with segmentation fault: Incompatible libpng version in application and library

[Igor Cicimov]

Two things that come to my mind atm:

1. Link the existing “libpng.so” installed to the one you compiled
or
2. Try using FileLoad directive in the httpd.conf to load the correct
libpng.so file

Igor

On Sun, Mar 18, 2012 at 10:24 PM, Lenin lenin@gmail.com wrote:

 Hi,

 I've compiled httpd 2.2.21 and php 5.3.10, the version of libpng I used is
 1.5.7, and I installed all the three packages under a custom path under
 /opt.

 The OS is CentOS 6.2, which contains an official distribution of libpng,
 the version is 1.2.46.

 When I start the server and visit programs hosted on it, the error.log
 keeps being appended with the following messages:

 *libpng warning: Application was compiled with png.h from libpng-1.5.7
 libpng warning: Application  is  running with png.c from libpng-1.2.46
 gd-png:  fatal libpng error: Incompatible libpng version in application
 and library*

 I know the reason is that the version running with is not the one compiled
 with. But setting the environment variable LD_LIBRARY_PATH won't solve the
 problem.

 Can anybody tell me how to fix this ? I know removing the old version of
 libpng or recompile the server using the old version may be ok, but there
 are some other potential problems, so I just want to run my application
 server with the new version of libpng compiled by my self.

 Thanks

Re: [users@httpd] httpd crashes with segmentation fault: Incompatible libpng version in application and library

[Lenin]

Thanks for your reply.

I've tried he first method before, no luck.

For the second one, I cannot find any useful information about the
'FileLoad' directive, neither from Google nor the official documentation.

Are you sure you didn't misspell the directive ?

2012/3/19 Igor Cicimov icici...@gmail.com

 Two things that come to my mind atm:

 1. Link the existing “libpng.so” installed to the one you compiled
 or
 2. Try using FileLoad directive in the httpd.conf to load the correct
 libpng.so file

 Igor


 On Sun, Mar 18, 2012 at 10:24 PM, Lenin lenin@gmail.com wrote:

 Hi,

 I've compiled httpd 2.2.21 and php 5.3.10, the version of libpng I used
 is 1.5.7, and I installed all the three packages under a custom path under
 /opt.

 The OS is CentOS 6.2, which contains an official distribution of libpng,
 the version is 1.2.46.

 When I start the server and visit programs hosted on it, the error.log
 keeps being appended with the following messages:

 *libpng warning: Application was compiled with png.h from libpng-1.5.7
 libpng warning: Application  is  running with png.c from libpng-1.2.46
 gd-png:  fatal libpng error: Incompatible libpng version in application
 and library*

 I know the reason is that the version running with is not the one
 compiled with. But setting the environment variable LD_LIBRARY_PATH won't
 solve the problem.

 Can anybody tell me how to fix this ? I know removing the old version of
 libpng or recompile the server using the old version may be ok, but there
 are some other potential problems, so I just want to run my application
 server with the new version of libpng compiled by my self.

 Thanks





-- 
初从文，三年不第。遂习武，校场发一矢，中鼓吏，逐之出。后学医，有所成，自撰一良方，服之，卒。

Re: [users@httpd] httpd crashes with segmentation fault: Incompatible libpng version in application and library

[Igor Cicimov]

LoadFile

On Mon, Mar 19, 2012 at 12:27 PM, Lenin lenin@gmail.com wrote:

 Thanks for your reply.

 I've tried he first method before, no luck.

 For the second one, I cannot find any useful information about the
 'FileLoad' directive, neither from Google nor the official documentation.

 Are you sure you didn't misspell the directive ?


 2012/3/19 Igor Cicimov icici...@gmail.com

 Two things that come to my mind atm:

 1. Link the existing “libpng.so” installed to the one you compiled
 or
 2. Try using FileLoad directive in the httpd.conf to load the correct
 libpng.so file

 Igor


 On Sun, Mar 18, 2012 at 10:24 PM, Lenin lenin@gmail.com wrote:

 Hi,

 I've compiled httpd 2.2.21 and php 5.3.10, the version of libpng I used
 is 1.5.7, and I installed all the three packages under a custom path under
 /opt.

 The OS is CentOS 6.2, which contains an official distribution of libpng,
 the version is 1.2.46.

 When I start the server and visit programs hosted on it, the error.log
 keeps being appended with the following messages:

 *libpng warning: Application was compiled with png.h from libpng-1.5.7
 libpng warning: Application  is  running with png.c from libpng-1.2.46
 gd-png:  fatal libpng error: Incompatible libpng version in application
 and library*

 I know the reason is that the version running with is not the one
 compiled with. But setting the environment variable LD_LIBRARY_PATH won't
 solve the problem.

 Can anybody tell me how to fix this ? I know removing the old version of
 libpng or recompile the server using the old version may be ok, but there
 are some other potential problems, so I just want to run my application
 server with the new version of libpng compiled by my self.

 Thanks





 --
 初从文，三年不第。遂习武，校场发一矢，中鼓吏，逐之出。后学医，有所成，自撰一良方，服之，卒。

Re: [users@httpd] [RHEL6.2] SSL handshake failure

[Aubrey Li]

Thanks a ton, Igor!

I copied SSLCiperSuite in the conf file of httpd_2.2.21, and it works!

Cheers,
-Aubrey

#SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

On Mon, Mar 19, 2012 at 5:50 AM, Igor Cicimov icici...@gmail.com wrote:
 [Mon Mar 19 06:51:12 2012] [info] SSL Library Error: 336109761
 error:1408A0C1:SSL routines:SSL3_GET_CLIENT_ HELLO:no shared cipher Too
 restrictive SSLCipherSuite or using DSA server certificate?

 Check the SSLCipherSuite directive in your SSL host as the error says it
 might be too restrictive. Try adding more options.

 On Mar 19, 2012 2:00 AM, Aubrey Li aubrey...@gmail.com wrote:

 Here is what I got when I put the loglevel to debug in httpd.conf
 ===
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1866): OpenSSL:
 Handshake: start
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1874): OpenSSL:
 Loop: before/accept initialization
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
 read 11/11 bytes from BIO#7fa4600011a0 [mem: 7fa460006ac0] (BIO dump
 follows)
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):

 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 16
 03 00 00 2d 01 00 00-29 03                    -...).       |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0011 -
 SPACES/NULS
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):

 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1897): OpenSSL:
 read 39/39 bytes from BIO#7fa4600011a0 [mem: 7fa460006acb] (BIO dump
 follows)
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1830):

 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | : 4f
 66 66 ec 02 5d 92 3d-4d db ee c7 10 f5 d5 43  Off..].=M..C |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0010: 3e
 16 87 86 7b c9 a0 88-db 60 5a c8 f1 46 10 8f  ...{`Z..F.. |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1869): | 0020: 00
 00 02 00 04 01                                ..           |
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1873): | 0039 -
 SPACES/NULS
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_io.c(1875):

 +-+
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1884): OpenSSL:
 Write: SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
 Exit: error in SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [debug] ssl_engine_kernel.c(1903): OpenSSL:
 Exit: error in SSLv3 read client hello C
 [Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] SSL library error
 1 in handshake (server www.example.com:443)
 [Mon Mar 19 06:51:12 2012] [info] SSL Library Error: 336109761
 error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher Too
 restrictive SSLCipherSuite or using DSA server certificate?
 [Mon Mar 19 06:51:12 2012] [info] [client 10.2.1.2] Connection closed
 to child 2 with abortive shutdown (server www.example.com:443)
 ==
 quite strange, openssl s_client command can pass the SSL handshake while
 this java application cannot.

 openssl version is 0.9.8u

 Welcome any inputs!

 Thanks,
 -Aubrey


 On Fri, Mar 16, 2012 at 1:50 AM, Mark Montague m...@catseye.org wrote:
  On March 15, 2012 13:31 , Aubrey Li aubrey...@gmail.com wrote:
 
  Thanks for your reply. here is the output of httpd -V. [...]
 
 
   -D HTTPD_ROOT=/export/bench/benchmarks/apache2
   -D SUEXEC_BIN=/export/bench/benchmarks/apache2/bin/suexec
   -D DEFAULT_PIDLOG=logs/httpd.pid
   -D DEFAULT_SCOREBOARD=logs/apache_runtime_status
   -D DEFAULT_ERRORLOG=logs/error_log
   -D AP_TYPES_CONFIG_FILE=conf/mime.types
   -D SERVER_CONFIG_FILE=conf/httpd.conf
 
  I built httpd-2.2.22 on a RHEL6.2 system with SSL enabled. Then I
  made a
  client
  to create a connection to httpd but received a handshake failure
  report.
 
  [...]
 
  When I connect the client to the server(RHEL6.2), there is no
  access_log, no err_log,
  nothing added in /var/log/messages, it's very weird.
 
 
  So you are saying that you have a file at
  /export/bench/benchmarks/apache2/conf/httpd.conf that contains all of
  the
  correct directives to configure SSL, logging, and appropriate virtual
  hosts?
 
  And you are saying that no logs are appearing at
  /export/bench/benchmarks/apache2/logs/error_log nor at the location that
  you
  specify in your ErrorLog directive in
  /export/bench/benchmarks/apache2/conf/httpd.conf ?
 
  In this case, what user are you starting httpd as?  What are the values
  for
  the User and Group directives in