RE: [users@httpd] FW: mod_substitute only replaces first pattern match

2017-02-13 Thread Uwe.Poliak 
Dear Nick,

I have tried with mod_proxy_html, but the problem with this specific web 
application is (NAC Management called ARPGUARD), that
several javascripts and json files needs also some replacements because they 
have hard-coded parts of URLs included. 
I didn't find a way to handle this with mod_proxy_html. 
So I tried with mod_filter including mod_substitute. 

For getting updates etc. better handled I prefer using packages from the 
official CentOS or EPEL repositories rather than compiling them on my own. 

Regarding the mod_substitute docs I found the following:

f
The f flag causes mod_substitute to flatten the result of a substitution 
allowing for later substitutions to take place on the boundary of this one. 
This is the default.

For me this sounds that also the following occurrences of a pattern will be 
replaced. 

Kind regards Uwe
Uwe

-Original Message-
From: Nick Kew [mailto:n...@apache.org] 
Sent: Monday, February 13, 2017 6:32 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] FW: mod_substitute only replaces first pattern match

On Mon, 2017-02-13 at 12:08 +, uwe.pol...@amann.com wrote:
> Hi all,
> 
> nobody having an idea about my post from Feb 6th?

What you describe sounds unlikely, but I haven't checked the mod_substitute 
docs.

I would just point out, there are many alternatives (like mod_line_edit or 
mod_sed), and the problem you're trying to solve looks like exactly the one for 
which mod_proxy_html is the smart (markup-aware) solution.

--
Nick Kew


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] (failed)net::ERR_SSL_PROTOCOL_ERROR in Chrome and IE

2017-02-13 Thread sadguru.ch.n.v 
Thanks for the reply.

I have tried multiple options with Files, FilesMatch, Directory, Location etc, 
for everything – it is working in Mozilla Firefox as expected but facing 
problem in Chrome and IE .

Can you give some more additional details to use Virtualhost  please?

From: Eric Covener [mailto:cove...@gmail.com]
Sent: Monday, February 13, 2017 6:29 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] (failed)net::ERR_SSL_PROTOCOL_ERROR in Chrome and IE


On Fri, Feb 10, 2017 at 12:16 AM, 
> wrote:



But in chrome and IE after successful logged-in, in one of the action to search 
an item - page is not getting loaded.

Getting an error as "(failed)net::ERR_SSL_PROTOCOL_ERROR".

​Try w/ SSLVerifyClient require at virtual host scope rather than Directory?​



--
Eric Covener
cove...@gmail.com



This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise confidential information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the e-mail by you is prohibited. Where allowed by local law, electronic 
communications with Accenture and its affiliates, including e-mail and instant 
messaging (including content), may be scanned by our systems for the purposes 
of information security and assessment of internal compliance with Accenture 
policy.
__

www.accenture.com

Re: [users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Rodrigo Cunha 
Tks Adan, i want test redirections in the config file or with modules.
sory, my question not specified.

2017-02-13 17:30 GMT-02:00 Rodrigo Cunha :

> I have a question.
> This redirect is possible with rewrite module?!
>
> 2017-02-13 17:29 GMT-02:00 Rodrigo Cunha :
>
>> tks 4 all...
>>
>> 2017-02-13 17:28 GMT-02:00 Adam R. Vest 
>> :
>>
>>> Change the virtualhosts document root?
>>>
>>>- https://httpd.apache.org/docs/2.4/mod/core.html#documentroot
>>>
>>>
>>> On 02/13/2017 02:00 PM, Rodrigo Cunha wrote:
>>>
>>> Dears,
>>> i need redirect the all requestions for my website to anoter directory.
>>> My directory is: /opt/www/curso.intranet/public_html
>>> The new directory is: /opt/www/curso.intranet/st1
>>> what is better solution for this problem?
>>>
>>> I want setting this in conf or in the .htaccess.
>>>
>>> --
>>> Atenciosamente,
>>> Rodrigo da Silva Cunha
>>> São Gonçalo, RJ - Brasil
>>>
>>>
>>>
>>
>>
>> --
>> Atenciosamente,
>> Rodrigo da Silva Cunha
>> São Gonçalo, RJ - Brasil
>>
>>
>
>
> --
> Atenciosamente,
> Rodrigo da Silva Cunha
> São Gonçalo, RJ - Brasil
>
>


-- 
Atenciosamente,
Rodrigo da Silva Cunha
São Gonçalo, RJ - Brasil

Re: [users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Rodrigo Cunha 
I have a question.
This redirect is possible with rewrite module?!

2017-02-13 17:29 GMT-02:00 Rodrigo Cunha :

> tks 4 all...
>
> 2017-02-13 17:28 GMT-02:00 Adam R. Vest :
>
>> Change the virtualhosts document root?
>>
>>- https://httpd.apache.org/docs/2.4/mod/core.html#documentroot
>>
>>
>> On 02/13/2017 02:00 PM, Rodrigo Cunha wrote:
>>
>> Dears,
>> i need redirect the all requestions for my website to anoter directory.
>> My directory is: /opt/www/curso.intranet/public_html
>> The new directory is: /opt/www/curso.intranet/st1
>> what is better solution for this problem?
>>
>> I want setting this in conf or in the .htaccess.
>>
>> --
>> Atenciosamente,
>> Rodrigo da Silva Cunha
>> São Gonçalo, RJ - Brasil
>>
>>
>>
>
>
> --
> Atenciosamente,
> Rodrigo da Silva Cunha
> São Gonçalo, RJ - Brasil
>
>


-- 
Atenciosamente,
Rodrigo da Silva Cunha
São Gonçalo, RJ - Brasil

Re: [users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Rodrigo Cunha 
tks 4 all...

2017-02-13 17:28 GMT-02:00 Adam R. Vest :

> Change the virtualhosts document root?
>
>- https://httpd.apache.org/docs/2.4/mod/core.html#documentroot
>
>
> On 02/13/2017 02:00 PM, Rodrigo Cunha wrote:
>
> Dears,
> i need redirect the all requestions for my website to anoter directory.
> My directory is: /opt/www/curso.intranet/public_html
> The new directory is: /opt/www/curso.intranet/st1
> what is better solution for this problem?
>
> I want setting this in conf or in the .htaccess.
>
> --
> Atenciosamente,
> Rodrigo da Silva Cunha
> São Gonçalo, RJ - Brasil
>
>
>


-- 
Atenciosamente,
Rodrigo da Silva Cunha
São Gonçalo, RJ - Brasil

Re: [users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Adam R. Vest 
Change the virtualhosts document root?

  * https://httpd.apache.org/docs/2.4/mod/core.html#documentroot


On 02/13/2017 02:00 PM, Rodrigo Cunha wrote:
> Dears,
> i need redirect the all requestions for my website to anoter directory.
> My directory is: /opt/www/curso.intranet/public_html
> The new directory is: /opt/www/curso.intranet/st1
> what is better solution for this problem?
>
> I want setting this in conf or in the .htaccess.
>
> -- 
> Atenciosamente,
> Rodrigo da Silva Cunha
> São Gonçalo, RJ - Brasil
>

Re: [users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Eric Covener 
On Mon, Feb 13, 2017 at 2:00 PM, Rodrigo Cunha
 wrote:
> Dears,
> i need redirect the all requestions for my website to anoter directory.
> My directory is: /opt/www/curso.intranet/public_html
> The new directory is: /opt/www/curso.intranet/st1
> what is better solution for this problem?
>
> I want setting this in conf or in the .htaccess.
>

Something like this should suffice in your vhost config:

DocumentRoot /opt/www/curso.intranet/st1

  Require all granted


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Apache rewrite for redirect local directoryes

2017-02-13 Thread Rodrigo Cunha 
Dears,
i need redirect the all requestions for my website to anoter directory.
My directory is: /opt/www/curso.intranet/public_html
The new directory is: /opt/www/curso.intranet/st1
what is better solution for this problem?

I want setting this in conf or in the .htaccess.

-- 
Atenciosamente,
Rodrigo da Silva Cunha
São Gonçalo, RJ - Brasil

Re: [users@httpd] FW: mod_substitute only replaces first pattern match

2017-02-13 Thread Nick Kew 
On Mon, 2017-02-13 at 12:08 +, uwe.pol...@amann.com wrote:
> Hi all,
> 
> nobody having an idea about my post from Feb 6th?

What you describe sounds unlikely, but I haven't checked the
mod_substitute docs.

I would just point out, there are many alternatives (like
mod_line_edit or mod_sed), and the problem you're trying
to solve looks like exactly the one for which mod_proxy_html
is the smart (markup-aware) solution.

-- 
Nick Kew


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Busy Root

2017-02-13 Thread faysal7eman 
http://www.samsungapps.com/appquery/appDetail.as?appId=com.siima.busyroot=470=SM-J510FN



Sent from my Samsung Galaxy smartphone.

Re: [users@httpd] (failed)net::ERR_SSL_PROTOCOL_ERROR in Chrome and IE

2017-02-13 Thread Eric Covener 
On Fri, Feb 10, 2017 at 12:16 AM,  wrote:

>
>
> But in chrome and IE after successful logged-in, in one of the action to
> search an item - page is not getting loaded.
>
> Getting an error as "*(failed)net::ERR_SSL_PROTOCOL_ERROR*".
>

​Try w/ SSLVerifyClient require at virtual host scope rather than
Directory?​



-- 
Eric Covener
cove...@gmail.com

[users@httpd] RE: (failed)net::ERR_SSL_PROTOCOL_ERROR in Chrome and IE

2017-02-13 Thread sadguru.ch.n.v 
Could someone please check on below post and help me out here.

Thanks in advance...!


From: Ch N V, Sadguru
Sent: Friday, February 10, 2017 10:46 AM
To: users@httpd.apache.org
Subject: (failed)net::ERR_SSL_PROTOCOL_ERROR in Chrome and IE


Hi



Currently we have a setting to prompt certificate for all the URLs.

SSLVerifyClient require



Now we are trying to exclude error pages from the certificate prompt and we 
have tried something like below and it is seems to be working fine.

I don't think there is any problem with the rule





SSLVerifyClient require



SSLVerifyClient none








But in chrome and IE after successful logged-in, in one of the action to search 
an item - page is not getting loaded.

Getting an error as "(failed)net::ERR_SSL_PROTOCOL_ERROR".



Please note that this is working fine in Mozilla Firefox without any issues.



Please someone help me out here.




This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise confidential information. If you have received it in 
error, please notify the sender immediately and delete the original. Any other 
use of the e-mail by you is prohibited. Where allowed by local law, electronic 
communications with Accenture and its affiliates, including e-mail and instant 
messaging (including content), may be scanned by our systems for the purposes 
of information security and assessment of internal compliance with Accenture 
policy.
__

www.accenture.com

[users@httpd] FW: mod_substitute only replaces first pattern match

2017-02-13 Thread Uwe.Poliak 
Hi all,

nobody having an idea about my post from Feb 6th?

cu
Uwe

-8<--- cut -8<---

Hi,

I am trying a reverse proxy server based on apache httpd v2.4 on the most 
recent release of CentOS:

# httpd -version
Server version: Apache/2.4.6 (CentOS)
Server built:   Nov 14 2016 18:04:44

# uname -a
Linux hostname.domain.tld 3.10.0-514.6.1.el7.x86_64 #1 SMP Wed Jan 18 13:06:36 
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

# cat /etc/centos-release
CentOS Linux release 7.3.1611 (Core)

Within this configuration I have to use mod_substitute to rewrite URLs from 
some applications.
For this I am using mod_filter with the SUBSTITUTE Filter as follows:

  ProxyRequests Off
  ProxyPass /my-location https://my-server.domain.tld/

  
ProxyPassReverse/my-location

FilterDeclare   AGFILTER

FilterProvider  AGFILTER SUBSTITUTE "%{resp:Content-Type} =~ 
m#^text/html#"
FilterProvider  AGFILTER SUBSTITUTE "%{resp:Content-Type} =~ m#.*/css#"
FilterProvider  AGFILTER SUBSTITUTE "%{resp:Content-Type} =~ m#.*/json#"
FilterProvider  AGFILTER SUBSTITUTE "%{resp:Content-Type} =~ 
m#.*/javascript#"

FilterChain AGFILTER

Substitute  
"s#/(css|js|images|management|system|help)/(.*)#/my-location/$1/$2#fi"
  

It works fine if there is only one occurrence of the search pattern in a line 
in the html code. This occurrence will be replaced properly.
However, if there are two or more occurrences of the search pattern in one html 
line, only the first one is replaced. It looks like this example:

Re: [users@httpd] How to run secure apache

2017-02-13 Thread Daniel 
As a basic guidance for configuring you can start by checking a simple
howto at:
http://httpd.apache.org/docs/current/ssl/ssl_howto.html

For security hardening there is a quick handy recipes at:
https://cipherli.st/
or
https://mozilla.github.io/server-side-tls/ssl-config-generator/


And you can check/test the results if your url is public at:
https://www.ssllabs.com/ssltest/

2017-02-13 11:38 GMT+01:00 Hemant Chaudhary 
:

> Hi
>
> I installed apache 2.4.23 static, I have httpd-sll.conf where default
>  port number is 443. mod_sll module also loaded successfully. I want to
> test whether my secure https is working properly or not. How to check that?
>
>
> Thanks
> Hemant
>



-- 
*Daniel Ferradal*
IT Specialist

email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal

[users@httpd] How to run secure apache

2017-02-13 Thread Hemant Chaudhary 
Hi

I installed apache 2.4.23 static, I have httpd-sll.conf where default  port
number is 443. mod_sll module also loaded successfully. I want to test
whether my secure https is working properly or not. How to check that?


Thanks
Hemant

Re: [users@httpd] Reverse proxy: redirect variable by user

2017-02-13 Thread Markus Rathgeb 
Hi Nick,

> Otherwise, it would be pretty trivial to implement as a
> custom module.

Okay, I will have a look at.
I assume that is the starting point to use:
https://httpd.apache.org/docs/2.4/developer/modguide.html

>> * Dependend on the identifier (if logged in successfull) a host and
>> port should be chossen. I assume this could be realized by a simple
>> CGI script that (e.g. look into an database) and set host and port
>> session variables. That session variables should be visible (readable
>> / writable) by the server only (mod_session_dbd?).
>
> That won't work.  A CGI request is not a Proxy request.  They are
> separate backends to the server.

What won't work?
Let's assume all but a special location (e.g. /control) is proied.
The special location is handled locally.
This location could contain the login formular and CGI scripts.
The example 
"https://httpd.apache.org/docs/2.4/mod/mod_session.html#basicexamples;
seems that it is possible to inject variables.
But I assume you would point me that the server behing the proxy
cannot inject session variables to the session handled by HTTPD.
Correct?

Best regards,
Markus

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org