Re: [users@httpd] am i hacked ?
with the current number of critters around probably yes. E On 6 February 2017 at 23:05, Wim Lewis wrote: > > On 2/6/2017 8:36 AM, Jack Swan wrote: > > What upsets me is that these two requests have statuscode 200, which > mean it was successfull. > > As Jonesy points out, it's normal for the web server to simply ignore a > request's query-string in a request where it wouldn't mean anything. So > Apache is happily returning the result of "GET /" and ignoring the > malicious probe. > > If you don't have PHP installed, you're safe from whatever this is. If the > user your webserver runs as can't write to the documentroot or > configuration directory, you're safe from whatever this is. > > > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
Re: [users@httpd] Help tracking down a weird error with Apache and local / remote connections.
I'm using EA4. I'll look into the include files, but if they're what I think they are, I had an extremely difficult time getting them to work properly last time. I couldn't find a way to redirect all traffic going to port 80 to port 443 globally using the Apache configuration file. I had to use mod_rewrite in an .htaccess file. I found away to do it, but it would only redirect them to the main domain, not the stuff after that. For example, http://www.jetbbs.com/stuff/index.html would get redirected to https://www.jetbbs.comnot https://www.jetbbs.com/stuff/index.html.I had to use mod_rewrite to accomplish that. Thanks again Yehuda for all the help! I cannot tell you how much I appreciate you helping me track down what was really happening here. On Tue, Feb 7, 2017 at 4:26 PM, Yehuda Katz wrote: > If you want to modify the cPanel-generated configuration, look at custom > config: > > If you are using EA4: https://documentation.cpanel. > net/display/EA4/Modify+Apache+Virtual+Hosts+with+Include+Files > EA3 has a similar feature, but I can't find the documentation right now. > > - Y > > On Tue, Feb 7, 2017 at 4:15 PM, Spork Schivago > wrote: > >> Thank you. >> >> I have tried running curl -4 http://www.jetbbs.com/.well-known/test.html >>and curl -6 http://www.jetbbs.com/.well-known/test.html >> >> >> I'm posting a copy of the httpd -S output. >> >> >> >> httpd -S >> VirtualHost configuration: >> 45.33.78.219:80is a NameVirtualHost >> default server 45.33.78.219 (/etc/apache2/conf/httpd.conf:240) >> port 80 namevhost 45.33.78.219 (/etc/apache2/conf/httpd.conf: >> 240) >> port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) >> port 80 namevhost cpcalendars.jetbbs.com >> (/etc/apache2/conf/httpd.conf:345) >> port 80 namevhost cpcontacts.jetbbs.com >> (/etc/apache2/conf/httpd.conf:409) >> port 80 namevhost webdisk.jetbbs.com >> (/etc/apache2/conf/httpd.conf:473) >> port 80 namevhost webmail.jetbbs.com >> (/etc/apache2/conf/httpd.conf:537) >> port 80 namevhost cpanel.jetbbs.com >> (/etc/apache2/conf/httpd.conf:601) >> port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: >> 665) >> 45.33.78.219:443 is a NameVirtualHost >> default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) >> port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) >> port 443 namevhost cpcalendars.jetbbs.com >> (/etc/apache2/conf/httpd.conf:812) >> port 443 namevhost cpcontacts.jetbbs.com >> (/etc/apache2/conf/httpd.conf:892) >> port 443 namevhost webdisk.jetbbs.com >> (/etc/apache2/conf/httpd.conf:972) >> port 443 namevhost webmail.jetbbs.com >> (/etc/apache2/conf/httpd.conf:1052) >> port 443 namevhost cpanel.jetbbs.com >> (/etc/apache2/conf/httpd.conf:1132) >> port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: >> 1212) >> [2600:3c03::f03c:91ff:fee0:11b4]:80 is a NameVirtualHost >> default server jetbbs.com (/etc/apache2/conf/httpd.conf:281) >> port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) >> port 80 namevhost cpcalendars.jetbbs.com >> (/etc/apache2/conf/httpd.conf:345) >> port 80 namevhost cpcontacts.jetbbs.com >> (/etc/apache2/conf/httpd.conf:409) >> port 80 namevhost webdisk.jetbbs.com >> (/etc/apache2/conf/httpd.conf:473) >> port 80 namevhost webmail.jetbbs.com >> (/etc/apache2/conf/httpd.conf:537) >> port 80 namevhost cpanel.jetbbs.com >> (/etc/apache2/conf/httpd.conf:601) >> port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: >> 665) >> [2600:3c03::f03c:91ff:fee0:11b4]:443 is a NameVirtualHost >> default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) >> port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) >> port 443 namevhost cpcalendars.jetbbs.com >> (/etc/apache2/conf/httpd.conf:812) >> port 443 namevhost cpcontacts.jetbbs.com >> (/etc/apache2/conf/httpd.conf:892) >> port 443 namevhost webdisk.jetbbs.com >> (/etc/apache2/conf/httpd.conf:972) >> port 443 namevhost webmail.jetbbs.com >> (/etc/apache2/conf/httpd.conf:1052) >> port 443 namevhost cpanel.jetbbs.com >> (/etc/apache2/conf/httpd.conf:1132) >> port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: >> 1212) >> *:*franklin.jetbbs.com (/etc/apache2/conf/httpd.conf: >> 260) >> ServerRoot: "/etc/apache2" >> Main DocumentRoot: "/etc/apache2/htdocs" >> Main ErrorLog: "/etc/apache2/logs/error_log" >> Mutex ssl-stapling: using_defaults >> Mutex proxy: using_defaults >> Mutex ssl-cache: dir="/run/apache2" mechanism=fcntl >> Mutex default: dir="/var/run/apache2/" mechanism=default >> Mutex mpm-accept: using_defaults >> Mutex rewrite-map: dir="/run/apache2" mechanism=fcntl >> Mutex ssl-stapling-refresh: using_defaults >> PidFi
Re: [users@httpd] Help tracking down a weird error with Apache and local / remote connections.
If you want to modify the cPanel-generated configuration, look at custom config: If you are using EA4: https://documentation.cpanel.net/display/EA4/Modify+Apache+Virtual+Hosts+with+Include+Files EA3 has a similar feature, but I can't find the documentation right now. - Y On Tue, Feb 7, 2017 at 4:15 PM, Spork Schivago wrote: > Thank you. > > I have tried running curl -4 http://www.jetbbs.com/.well-known/test.html >and curl -6 http://www.jetbbs.com/.well-known/test.html > > > I'm posting a copy of the httpd -S output. > > > > httpd -S > VirtualHost configuration: > 45.33.78.219:80is a NameVirtualHost > default server 45.33.78.219 (/etc/apache2/conf/httpd.conf:240) > port 80 namevhost 45.33.78.219 (/etc/apache2/conf/httpd.conf:240) > port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) > port 80 namevhost cpcalendars.jetbbs.com > (/etc/apache2/conf/httpd.conf:345) > port 80 namevhost cpcontacts.jetbbs.com > (/etc/apache2/conf/httpd.conf:409) > port 80 namevhost webdisk.jetbbs.com > (/etc/apache2/conf/httpd.conf:473) > port 80 namevhost webmail.jetbbs.com > (/etc/apache2/conf/httpd.conf:537) > port 80 namevhost cpanel.jetbbs.com > (/etc/apache2/conf/httpd.conf:601) > port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: > 665) > 45.33.78.219:443 is a NameVirtualHost > default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) > port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) > port 443 namevhost cpcalendars.jetbbs.com > (/etc/apache2/conf/httpd.conf:812) > port 443 namevhost cpcontacts.jetbbs.com > (/etc/apache2/conf/httpd.conf:892) > port 443 namevhost webdisk.jetbbs.com > (/etc/apache2/conf/httpd.conf:972) > port 443 namevhost webmail.jetbbs.com > (/etc/apache2/conf/httpd.conf:1052) > port 443 namevhost cpanel.jetbbs.com > (/etc/apache2/conf/httpd.conf:1132) > port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: > 1212) > [2600:3c03::f03c:91ff:fee0:11b4]:80 is a NameVirtualHost > default server jetbbs.com (/etc/apache2/conf/httpd.conf:281) > port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) > port 80 namevhost cpcalendars.jetbbs.com > (/etc/apache2/conf/httpd.conf:345) > port 80 namevhost cpcontacts.jetbbs.com > (/etc/apache2/conf/httpd.conf:409) > port 80 namevhost webdisk.jetbbs.com > (/etc/apache2/conf/httpd.conf:473) > port 80 namevhost webmail.jetbbs.com > (/etc/apache2/conf/httpd.conf:537) > port 80 namevhost cpanel.jetbbs.com > (/etc/apache2/conf/httpd.conf:601) > port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: > 665) > [2600:3c03::f03c:91ff:fee0:11b4]:443 is a NameVirtualHost > default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) > port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) > port 443 namevhost cpcalendars.jetbbs.com > (/etc/apache2/conf/httpd.conf:812) > port 443 namevhost cpcontacts.jetbbs.com > (/etc/apache2/conf/httpd.conf:892) > port 443 namevhost webdisk.jetbbs.com > (/etc/apache2/conf/httpd.conf:972) > port 443 namevhost webmail.jetbbs.com > (/etc/apache2/conf/httpd.conf:1052) > port 443 namevhost cpanel.jetbbs.com > (/etc/apache2/conf/httpd.conf:1132) > port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf: > 1212) > *:*franklin.jetbbs.com (/etc/apache2/conf/httpd.conf: > 260) > ServerRoot: "/etc/apache2" > Main DocumentRoot: "/etc/apache2/htdocs" > Main ErrorLog: "/etc/apache2/logs/error_log" > Mutex ssl-stapling: using_defaults > Mutex proxy: using_defaults > Mutex ssl-cache: dir="/run/apache2" mechanism=fcntl > Mutex default: dir="/var/run/apache2/" mechanism=default > Mutex mpm-accept: using_defaults > Mutex rewrite-map: dir="/run/apache2" mechanism=fcntl > Mutex ssl-stapling-refresh: using_defaults > PidFile: "/run/apache2/httpd.pid" > Define: DUMP_VHOSTS > Define: DUMP_RUN_CFG > Define: MODSEC_2.5 > Define: MODSEC_2.9 > User: name="nobody" id=99 > Group: name="nobody" id=99 > > > I think we figured this out. That default server 45.33.78.219 for > 45.33.78.219:80is the key. If I run curl -S > http://www.jetbbs.com/.well-known/test.html on the server running Apache, > I finally see the franklin.jetbbs.com-test file. If I run curl -S > https://www.jetbbs.com/.well-known/test.html, I see the jetbbs.com-test > file. If I run the -6, I see the jetbbs.com-test file. It seems that > default server for port 80 is only there for port 80 and not port 443. > > This is probably why I'm failing my security scan. I'm not redirecting > all traffic to port 443. I want to be. I used rewrite rules and as far > as I could tell, I was. But that default server 45.33.78.219 (IPv4) stuff > isn't getting redirected. I'm guessi
Re: [users@httpd] Help tracking down a weird error with Apache and local / remote connections.
Thank you. I have tried running curl -4 http://www.jetbbs.com/.well-known/test.html and curl -6 http://www.jetbbs.com/.well-known/test.html I'm posting a copy of the httpd -S output. httpd -S VirtualHost configuration: 45.33.78.219:80is a NameVirtualHost default server 45.33.78.219 (/etc/apache2/conf/httpd.conf:240) port 80 namevhost 45.33.78.219 (/etc/apache2/conf/httpd.conf:240) port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) port 80 namevhost cpcalendars.jetbbs.com (/etc/apache2/conf/httpd.conf:345) port 80 namevhost cpcontacts.jetbbs.com (/etc/apache2/conf/httpd.conf:409) port 80 namevhost webdisk.jetbbs.com (/etc/apache2/conf/httpd.conf:473) port 80 namevhost webmail.jetbbs.com (/etc/apache2/conf/httpd.conf:537) port 80 namevhost cpanel.jetbbs.com (/etc/apache2/conf/httpd.conf:601) port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf:665) 45.33.78.219:443 is a NameVirtualHost default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) port 443 namevhost cpcalendars.jetbbs.com (/etc/apache2/conf/httpd.conf:812) port 443 namevhost cpcontacts.jetbbs.com (/etc/apache2/conf/httpd.conf:892) port 443 namevhost webdisk.jetbbs.com (/etc/apache2/conf/httpd.conf:972) port 443 namevhost webmail.jetbbs.com (/etc/apache2/conf/httpd.conf:1052) port 443 namevhost cpanel.jetbbs.com (/etc/apache2/conf/httpd.conf:1132) port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf:1212) [2600:3c03::f03c:91ff:fee0:11b4]:80 is a NameVirtualHost default server jetbbs.com (/etc/apache2/conf/httpd.conf:281) port 80 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:281) port 80 namevhost cpcalendars.jetbbs.com (/etc/apache2/conf/httpd.conf:345) port 80 namevhost cpcontacts.jetbbs.com (/etc/apache2/conf/httpd.conf:409) port 80 namevhost webdisk.jetbbs.com (/etc/apache2/conf/httpd.conf:473) port 80 namevhost webmail.jetbbs.com (/etc/apache2/conf/httpd.conf:537) port 80 namevhost cpanel.jetbbs.com (/etc/apache2/conf/httpd.conf:601) port 80 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf:665) [2600:3c03::f03c:91ff:fee0:11b4]:443 is a NameVirtualHost default server jetbbs.com (/etc/apache2/conf/httpd.conf:732) port 443 namevhost jetbbs.com (/etc/apache2/conf/httpd.conf:732) port 443 namevhost cpcalendars.jetbbs.com (/etc/apache2/conf/httpd.conf:812) port 443 namevhost cpcontacts.jetbbs.com (/etc/apache2/conf/httpd.conf:892) port 443 namevhost webdisk.jetbbs.com (/etc/apache2/conf/httpd.conf:972) port 443 namevhost webmail.jetbbs.com (/etc/apache2/conf/httpd.conf:1052) port 443 namevhost cpanel.jetbbs.com (/etc/apache2/conf/httpd.conf:1132) port 443 namevhost whm.jetbbs.com (/etc/apache2/conf/httpd.conf:1212) *:*franklin.jetbbs.com (/etc/apache2/conf/httpd.conf:260) ServerRoot: "/etc/apache2" Main DocumentRoot: "/etc/apache2/htdocs" Main ErrorLog: "/etc/apache2/logs/error_log" Mutex ssl-stapling: using_defaults Mutex proxy: using_defaults Mutex ssl-cache: dir="/run/apache2" mechanism=fcntl Mutex default: dir="/var/run/apache2/" mechanism=default Mutex mpm-accept: using_defaults Mutex rewrite-map: dir="/run/apache2" mechanism=fcntl Mutex ssl-stapling-refresh: using_defaults PidFile: "/run/apache2/httpd.pid" Define: DUMP_VHOSTS Define: DUMP_RUN_CFG Define: MODSEC_2.5 Define: MODSEC_2.9 User: name="nobody" id=99 Group: name="nobody" id=99 I think we figured this out. That default server 45.33.78.219 for 45.33.78.219:80is the key. If I run curl -S http://www.jetbbs.com/.well-known/test.html on the server running Apache, I finally see the franklin.jetbbs.com-test file. If I run curl -S https://www.jetbbs.com/.well-known/test.html, I see the jetbbs.com-test file. If I run the -6, I see the jetbbs.com-test file. It seems that default server for port 80 is only there for port 80 and not port 443. This is probably why I'm failing my security scan. I'm not redirecting all traffic to port 443. I want to be. I used rewrite rules and as far as I could tell, I was. But that default server 45.33.78.219 (IPv4) stuff isn't getting redirected. I'm guessing that was added by cPanel. I need to find away to redirect that now to port 443. I can't just add an entry in the .htaccess file under /var/www/html because cPanel says those files can get deleted at any time. Thank you so much for helping me finally understand what's going on!!! You were correct, it's not a bug with Apache. This was a real big head scratcher for me, I really appreciate it!! On Sun, Feb 5, 2017 at 11:03 PM, Yehuda Katz wrote: > The next thing that comes to mind is your IPv6 virtual host. None of my >
RE: [users@httpd] Apache upgrade on Aix
I installed the xlc compilers on AIX to compile Apache/openssl etc. On the other hand, I compiled python 2.7.10 with gcc on AIX - 7.2 without any issues. So, if you are not sure of how the old build was built, I would try and make the gcc work on AIX as IBM compilers are very expensive. It’s the compiler and linker flags that usually differ compared to say, linux OS. Bharath Kolla -Original Message- From: William A Rowe Jr [mailto:wr...@rowe-clan.net] Sent: Tuesday, February 07, 2017 1:42 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Apache upgrade on Aix There is a wealth of information in the build/ and build-1/ (APR) subdirectories about the compiler and linker choices that were used to create a build, if they are preserved. On Tue, Feb 7, 2017 at 8:38 AM, Chunduru, Krishnachaithanya wrote: > Hi Eric, > > Thanks for your reply. > > Actually the setup was done long back with a community version by a colleague > who left the organization. > > would it be possible to know how it was installed ? > > Regards, > Krishna > > -Original Message- > From: Eric Covener [mailto:cove...@gmail.com] > Sent: Tuesday, February 07, 2017 7:06 PM > To: users@httpd.apache.org > Subject: Re: [users@httpd] Apache upgrade on Aix > > On Tue, Feb 7, 2017 at 8:09 AM, Chunduru, Krishnachaithanya > wrote: >> Can someone guide me on how to upgrade the Apache httpd from 2.4.10 >> to >> 2.4.16 or later version. I couldn’t find the proper documentation for >> doing this. Thanks. > > > It depends where your old build came from. If you compiled it yourself, > compile it again. If you downloaded a package in lpp or rpm form, hunt for a > new one. > > -- > Eric Covener > cove...@gmail.com > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. If > the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by e-mail > and delete the message and any attachments from your system. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Apache 2.2.32 failing F5 health check
Eric, Adding -clrf option at the end of openssl s_client -connect : -clrf gave a 200 OK response. Thanks a ton! Bharath Kolla -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Monday, February 06, 2017 6:43 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Apache 2.2.32 failing F5 health check On Mon, Feb 6, 2017 at 8:40 PM, wrote: > broken apache httpd version 2.2.32: > > openssl s_client -connect : -pause > > when paused input this. > > GET /login/healthcheck/content_check.wecv HTTP/1.0 > > Host: s_client doesn't send CRLF unless you pass -crlf. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache upgrade on Aix
There is a wealth of information in the build/ and build-1/ (APR) subdirectories about the compiler and linker choices that were used to create a build, if they are preserved. On Tue, Feb 7, 2017 at 8:38 AM, Chunduru, Krishnachaithanya wrote: > Hi Eric, > > Thanks for your reply. > > Actually the setup was done long back with a community version by a colleague > who left the organization. > > would it be possible to know how it was installed ? > > Regards, > Krishna > > -Original Message- > From: Eric Covener [mailto:cove...@gmail.com] > Sent: Tuesday, February 07, 2017 7:06 PM > To: users@httpd.apache.org > Subject: Re: [users@httpd] Apache upgrade on Aix > > On Tue, Feb 7, 2017 at 8:09 AM, Chunduru, Krishnachaithanya > wrote: >> Can someone guide me on how to upgrade the Apache httpd from 2.4.10 to >> 2.4.16 or later version. I couldn’t find the proper documentation for >> doing this. Thanks. > > > It depends where your old build came from. If you compiled it yourself, > compile it again. If you downloaded a package in lpp or rpm form, hunt for a > new one. > > -- > Eric Covener > cove...@gmail.com > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. If > the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by e-mail > and delete the message and any attachments from your system. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [users@httpd] Apache upgrade on Aix
Hi Eric, Thanks for your reply. Actually the setup was done long back with a community version by a colleague who left the organization. would it be possible to know how it was installed ? Regards, Krishna -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Tuesday, February 07, 2017 7:06 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Apache upgrade on Aix On Tue, Feb 7, 2017 at 8:09 AM, Chunduru, Krishnachaithanya wrote: > Can someone guide me on how to upgrade the Apache httpd from 2.4.10 to > 2.4.16 or later version. I couldn’t find the proper documentation for > doing this. Thanks. It depends where your old build came from. If you compiled it yourself, compile it again. If you downloaded a package in lpp or rpm form, hunt for a new one. -- Eric Covener cove...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Apache upgrade on Aix
On Tue, Feb 7, 2017 at 8:09 AM, Chunduru, Krishnachaithanya wrote: > Can someone guide me on how to upgrade the Apache httpd from 2.4.10 to > 2.4.16 or later version. I couldn’t find the proper documentation for doing > this. Thanks. It depends where your old build came from. If you compiled it yourself, compile it again. If you downloaded a package in lpp or rpm form, hunt for a new one. -- Eric Covener cove...@gmail.com - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache 2.2 mod_headers question
Thank your for your reply. Yes, I have already traveled down that route and talked with our DevOps guys. The system that handles SSL termination is a system they want little or no configuration on. They (DevOps) understand that this could be handled there, but they wont make the change there. That still leaves me in a position to fix this problem. Mod_headers should allow me to edit that Header, but in this specific case, for whatever reason, Mod_headers is not being invoked. Thanks, --mjk On Tue, Feb 7, 2017 at 8:00 AM, Daniel wrote: > It is perfectly normal for a backend that works with http to return > internal Location headers with http. > > If apache is the backend of some other reverse proxy it is the job of that > reverse proxy to use the correct url scheme requested by the client, that > is, to revert the location headers back to "https" where that behaviour is > needed. > > For instance, if the reverse proxy was Apache, it has a directive for that > called ProxyPassReverse which does exactly that. > > Have you tried to "address this" in the reverse proxy where SSL > termination is? > > 2017-02-07 4:40 GMT+01:00 mjk : > >> I have spent 8+hours scouring the web, reviewing the Apache Httpd >> Cookbook, the Definitive Reference, and the 2.2 documentation for >> mod_headers, mod_proxy and core. >> >> >> CONFIGURATION: >> Apache Version: >> Server version: Apache/2.2.15 (Unix) >> Server built: Jul 18 2016 15:24:00 >> >> SSL offloading happens before the requests gets to Apache, which proxies >> http traffic to Apache on port 80. >> >> The Apache VirtualHost config in question does not have a ServerName or >> ServerAlias configured, and is configured to listen on port 80. >> >> SITUATION >> I have a Rewrite rule issuing a 301 redirect which uses flags >> [NC,R=301,L] - which redirects to the correct hostname, but using http as >> the protocol. >> >> I have a mod_headers rule to try to deal with this: Header always edit >> Location ^http://(.*) https://$1 >> This rule is getting completely ignored. >> >> >> If I add a wholly new Header like:Header always add SillyHeader >> SillyHeaderValue >> the header DOES get added. >> >> >> Does anyone know why the "Header always edit" rule is getting ignored? >> >> Thank you, >> >> --mjk >> > > > > -- > *Daniel Ferradal* > IT Specialist > > email dferradal at gmail.com > linkedin es.linkedin.com/in/danielferradal >
[users@httpd] Apache upgrade on Aix
Hi All, Can someone guide me on how to upgrade the Apache httpd from 2.4.10 to 2.4.16 or later version. I couldn't find the proper documentation for doing this. Thanks. Regards, Krishna This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.
Re: [users@httpd] Apache 2.2 mod_headers question
It is perfectly normal for a backend that works with http to return internal Location headers with http. If apache is the backend of some other reverse proxy it is the job of that reverse proxy to use the correct url scheme requested by the client, that is, to revert the location headers back to "https" where that behaviour is needed. For instance, if the reverse proxy was Apache, it has a directive for that called ProxyPassReverse which does exactly that. Have you tried to "address this" in the reverse proxy where SSL termination is? 2017-02-07 4:40 GMT+01:00 mjk : > I have spent 8+hours scouring the web, reviewing the Apache Httpd > Cookbook, the Definitive Reference, and the 2.2 documentation for > mod_headers, mod_proxy and core. > > > CONFIGURATION: > Apache Version: > Server version: Apache/2.2.15 (Unix) > Server built: Jul 18 2016 15:24:00 > > SSL offloading happens before the requests gets to Apache, which proxies > http traffic to Apache on port 80. > > The Apache VirtualHost config in question does not have a ServerName or > ServerAlias configured, and is configured to listen on port 80. > > SITUATION > I have a Rewrite rule issuing a 301 redirect which uses flags [NC,R=301,L] > - which redirects to the correct hostname, but using http as the protocol. > > I have a mod_headers rule to try to deal with this: Header always edit > Location ^http://(.*) https://$1 > This rule is getting completely ignored. > > > If I add a wholly new Header like:Header always add SillyHeader > SillyHeaderValue > the header DOES get added. > > > Does anyone know why the "Header always edit" rule is getting ignored? > > Thank you, > > --mjk > -- *Daniel Ferradal* IT Specialist email dferradal at gmail.com linkedin es.linkedin.com/in/danielferradal
