[users@httpd] How to get the module_index for ap_log_rerror?
Hi Everyone, I'm trying to log a few errors in a Apache 2.4 module using ap_log_error and ap_log_rerror. I have access to the request_rec struct. One of the arguments to the functions is module_index. * https://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__LOG.html#ga83397d991e162cb611864767c1bc0c54 * https://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__LOG.html#ga7b7009cfaad5a84be316e523d7ef1236 I don't know how to obtain module_index. How do I obtain the module_index for my module? Thanks in advance. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] What is a request for dash ("-")?
On Sun, Apr 26, 2020 at 7:26 AM Yann Ylavic wrote:
>
> On Sun, Apr 26, 2020 at 3:43 AM Jeffrey Walton wrote:
> >
> > What is this request I see in the logs:
> >
> > 186.222.62.229 - - [25/Apr/2020:21:35:18 -0400] "-" 408 -
> > 186.222.62.229 - - [25/Apr/2020:21:35:18 -0400] "-" 408 -
>
> If you are using the default LogFormat (i.e. "common"), the "-" here
> is the request line ("%r" format).
> A dash means not available (n/a), and 408 means timeout (request line
> not received within the configure Timeout).
>
> >
> > The reason I ask is, we have a MediaWiki attached to Apache. It gets
> > quite a bit of spam attempts. If it is not a legitimate request, then
> > I'd like to ban the host. I suspect it is some kind of probe, but I'd
> > like to know for sure before I take action.
>
> I don't think you should ban users for a timeout, while it can be
> malicious (a try to exhaust resources on your server), it's more
> likely a network issue (anywhere between the user and you server). In
> any case it's not spam, you'd need some kind on content analysis to
> detect spam, but here there is no content to look at.
> If there is a need to limit resources usage caused by timeouts or
> (maliciously-)slow clients, you should have a look at AcceptFilter
> ([1]) and/or mod_reqtimeout ([2]).
Thanks Yann.
It sounds like I should leave it alone. The miscreants will show their
head in other ways. I'll wait for another sign of their shenanigans.
Jeff
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] What is a request for dash ("-")?
Hi,
On Sun, Apr 26, 2020 at 3:43 AM Jeffrey Walton wrote:
>
> What is this request I see in the logs:
>
> 186.222.62.229 - - [25/Apr/2020:21:35:18 -0400] "-" 408 -
> 186.222.62.229 - - [25/Apr/2020:21:35:18 -0400] "-" 408 -
If you are using the default LogFormat (i.e. "common"), the "-" here
is the request line ("%r" format).
A dash means not available (n/a), and 408 means timeout (request line
not received within the configure Timeout).
>
> The reason I ask is, we have a MediaWiki attached to Apache. It gets
> quite a bit of spam attempts. If it is not a legitimate request, then
> I'd like to ban the host. I suspect it is some kind of probe, but I'd
> like to know for sure before I take action.
I don't think you should ban users for a timeout, while it can be
malicious (a try to exhaust resources on your server), it's more
likely a network issue (anywhere between the user and you server). In
any case it's not spam, you'd need some kind on content analysis to
detect spam, but here there is no content to look at.
If there is a need to limit resources usage caused by timeouts or
(maliciously-)slow clients, you should have a look at AcceptFilter
([1]) and/or mod_reqtimeout ([2]).
Regards,
Yann.
[1] https://httpd.apache.org/docs/2.4/mod/core.html#acceptfilter
[2] https://httpd.apache.org/docs/2.4/en/mod/mod_reqtimeout.html
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] What search permissions are missing from where?
On Sun, Apr 26, 2020 at 6:17 AM Jeffrey Walton wrote: > > As far as I can tell, the search permissions are present. Apache has > access to the file: > > # ls -Al /var > ... > drwxr-xr-x. 4 root apache 33 Apr 26 00:00 www > # ls -Al /var/www/ > ... > drwxr-xr-x. 2 root apache 24 Apr 21 11:20 html > # ls -Al /var/www/html > -rw-r--r--. 1 root apache 104 Apr 21 11:20 index.html > > How do I find out what search permissions are mission from which > directory or directories? Probably selinux ones, adding -Z to `ls` command could help. IIRC, on RHEL/centos, you need selinux context "httpd_sys_content_t" for read access, `chcon` command may be your friend here. Regards, Yann. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Only allow reverse proxy traffic with mod_remoteip
Is there a way to display an error with a different message than the 403
Forbidden page configured with "ErrorDocument 403"?
This would improve the privacy, otherwise if a website displays a 403 error
on an admin login page restricted by IP address, someone trying to bypass
the reverse proxy will see the same error page and could know that a domain
name is used on the IP address.
On Sat, 25 Apr 2020 at 18:16, baptx wrote:
> It worked when using Require in a location, thanks!
>
>
> On Sat, 25 Apr 2020 at 13:41, Yann Ylavic wrote:
>
>> On Sat, Apr 25, 2020 at 1:24 PM baptx wrote:
>> >
>> > @Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
>> %{CONN_REMOTE_ADDR}":
>> > I want to restrict access on some virtualhosts only because I want to
>> use some domain names without Cloudflare.
>> > It looks like your previous solution with mod_rewrite is better in my
>> case, since Require does not work in virtualhosts (I got the error:
>> "Require not allowed in context").
>>
>> Ah yes, correct, it should be enclosed in a location like:
>>
>>
>> ...
>> RemoteIP...
>>
>> Require expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
>>
>> ...
>>
>>
>> >>>
>> >>> Thanks Yann, it worked.
>>
>> Great!
>>
>> Regards,
>> Yann.
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
