Re: [users@httpd] Re: Using an older version of PHP with Apach2

2016-04-25 Thread Tobias Adolph 

Am 22.04.2016 um 22:17 schrieb Good guy:
Or if there is an option then use Windows to host multiple php 
versions.  I use them all the time on my development machine that is 
running Windows 10 and IIS.  you just need to make sure you have the 
correct VC++ run time libraries.  You can download them from Microsoft 
Website (VC9, VC10, VC11/12, VC14).


This, as other comments given, does not answer the OP's question. IMHO, 
the comment to the OP's question should have been only:



I agree, the old code should to be migrated to run on latest PHPs.


If someone is really interested in helping he or she should write about 
how the OP could accomplish his original task (PHP 5.2, CentOS, Apache 
2.4.6).
No doubt there are plenty of solutions for the OP's problem, like 
sticking to the Windows world or lots of shiny Linux tech stuff and - no 
doubt - they all have their pros and cons.
But without inert knowledge of the requirements of the project at hand 
you don't know, whether your suggestions are helpful or pointless.
(I guess he migrates from Windows to CentOS for a reason and I guess 
that he also has his reason to use PHP 5.2).


Please don't missunderstand me: I share the opinion that a solution with 
up-to-date and supported software would be the way to go in a perfect 
world. Alas - ours isn't one.


As to the question: You can always build your favorite version of your 
open source software, well, from the sources (which means: Not using the 
PHP of your distribution but building your own binaries).
But - the older your targeted version is and the bigger the gap between 
the devel-libraries of your current OS and the targeted version is, the 
bigger will your pain be. This means: A lot of work.


In this answer I totally ignore security issues at hand - you'll have to 
deal with them, but you should know from the comments of the others, 
that there is a considerable risk in running non-patched software that 
is long out of support.


You could consult this article if you really want to stick to your 
requirements and if you consider compilation as an alternative: 
http://www.phpinternalsbook.com/build_system/building_php.html - this is 
no guarantuee that its contents will comply with the rather old 
PHP-version (Disclaimer: Its the articles' google rank that made me 
recommend it, I just skimmed it, didn't read it).


Depending what your further requirements are you have to decide how you 
want to "connect" httpd and php, your choices are mod_php (which is fine 
if you only use it for one purpose) or any sort of fcgi-Module (I guess 
mod_fcgid is your best bet). Fcgi is better if separation of rights 
(multiple concurrent php-applications which should be separated from 
each other) is of a concern. Otherwise you should stick to mod_php which 
is easier to implement and configure ("easy fcgi" from the php side is 
only possible if you use php-fpm which is only supportet in php 5.3 and 
above). Whether CentOS has these modules in their package repositories 
is unknown to me, but if not, you can still compile httpd from the 
sources with your own flavor of version support and modules (which will 
be even more work for you).


Alternatively you could search whether some unofficial repo provides php 
5.2 for CentOS. But this also has considerable risks (the software is 
probably not up to date or the provider hasn't to be trusworthy).


Maybe this gives you some ideas how to proceed (i.e. what to google next).

Kind Regards,
Tobias

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Please help with cofig httpd

2016-01-19 Thread Tobias Adolph 

Hi,

you will have a much better chance to get help on this list if you 
specify your exact problem in the following way:


* What (minimal) configuration have you used so far to achieve your goal?
* What problems did you encounter? (e.g.: what error-logs did you find? 
Which kind of unintended Behaviour did you face?)


After answering these two questions please recheck your mail and 
consider whether you did everything possible to make an answer of some 
list member easy:


* Have I included all necessary information (which means: not to few and 
not to much)?
* Have I found some information on the web I did not understand and 
which could be pasted in your mail for reference?


After that it is very likely someone will review your configuration. 
Otherwise you won't succeed.


Kind regards,
Tobias



Am 19.01.2016 um 09:38 schrieb Subhendu mohanty:


Still struggling with configuration
Https --- Apache ---http --- weblogic
Above is what I want to achieve
Please help with example httpd file
Regds
Sm

On 15 Jan 2016 5:16 pm, "Subhendu mohanty" > wrote:


Thanks

On 15 Jan 2016 5:09 pm, "Stefan Eissing"
> wrote:

Unfortunately, I am not familiar with google searches for
apache windows problems. You probably have to do your own search.

> Am 15.01.2016 um 12:36 schrieb Subhendu mohanty
>:
>
> Iink is for http Apache I guess I am need of help for windows
>
> On 15 Jan 2016 4:52 pm, "Stefan Eissing"
> wrote:
> Sure, 1st link on the search:

https://docs.oracle.com/middleware/1212/webtier/PLGWL/apache.htm#PLGWL395
guides you step-by-step.
>
> > Am 15.01.2016 um 12:17 schrieb Subhendu mohanty
>:
> >
> > Thanks could you please help with a example config file
> >
> > On 15 Jan 2016 4:32 pm, "Stefan Eissing"
> wrote:
> > Sure, please have a look:

https://www.google.de/search?q=apache+https+http+welogic=utf-8=utf-8_rd=cr=f9GYVrL-AoP0Uuawl9gO
> >
> > > Am 15.01.2016 um 11:53 schrieb Subhendu mohanty
>:
> > >
> > > Can we configure Apache with https and weblogic on http
> > > Please help with example configuration file httpd
> > > Regds
> > > Sm
> > >
> >
> >
> >
-
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org

> > For additional commands, e-mail:
users-h...@httpd.apache.org 
> >
>
>
>
-
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org

> For additional commands, e-mail: users-h...@httpd.apache.org

>


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org

For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Enhancing apache server for LMS environments

2016-01-19 Thread Tobias Adolph 

Hi Carlos,

Am 19.01.2016 um 15:50 schrieb Carlos Gonzalez Galera:

What i really need to know  if exists some recommended configuration to the 
apache server for this specific environment(LMS systems): recommended modules, 
changes on the default configuration and so on, in order to improve the 
performance. I am using apache 2.2 in a context of 10.000 users with 30-45 
concurrent users. Any help is welcome.
Thanks.

this answer will be - as Eric Covener pointed out - kind of generic.

Since Moodle is PHP-based the most important question IMHO is how you 
connect Apache with PHP. In 2.2 there are two possibilities AFAIK 
mod_php and mod_fcgid. Since mod_php is not multi-client capable (it 
runs under the ID of the apache) and separation of instances should be 
an issue for you (there are some sensible data in LMS, such as marks 
etc.) mod_fcgid is most probably your best choice.


If it is an option for you to upgrade to Apache  2.4 you could also use 
mod_proxy_fcgi.


But since your question is specific to a web-application, maybe you'll 
get a better answer asking the moodle community: 
https://moodle.org/course/ (My search query with the keyword "Apache" 
had 19985 results, "Apache" and "2.2" still got 2305 results).


Hope this helps.

Tobias

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Blocking of users [was: Apache Server Access]

2016-01-11 Thread Tobias Adolph 

Hi list,

can't Mr "IdealGourmet" be blocked from the list? His "replies" are 
somewhat annoying and could be intimidating for newbies.


If I will feed the troll with this message, I apologize in advance.

Regards,
Tobias

Am 11.01.2016 um 13:47 schrieb IdealGourmet:


DON’T SEND MORE EMAIL HERE!

*De:*Faisal Gillani [mailto:faisal.gill...@akesp.org]
*Enviado el:* lundi 11 janvier 2016 13:30
*Para:* users@httpd.apache.org
*Asunto:* [users@httpd] Apache Server Access

Hello there

This is my first message to this list. Actually I have an Apache 
server hosting an application on my LAN, it came preconfigured the 
problem is that I can’t access it with its IP address or an alias I 
just have to use it with the name xyz in order to access the 
application. Also it is only listening to one network IP scheme which 
is 192.168.1.0.


I want to  change this, I want to access it with its IP address as 
well as alias names, also I want IP scheme from internet to be able to 
access it. How can I do it ? attached is my config file please help. I 
am running a windows version of apache.


Regards

Faisal



--
#######
# Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###

Re: [users@httpd] Blocking of users [was: Apache Server Access]

2016-01-11 Thread Tobias Adolph 

Hi,

Am 11.01.2016 um 14:07 schrieb Yehuda Katz:


It's unfortunate that people can't figure out how to unsubscribe from 
a mailing list that they subscribed to in the first place.




Maybe the person yelling isn't the same who subscribed to the list... 
i...@idealgourmet.es sounds not like an address that is dedicated to one 
person only. Maybe an employee subscribed a long time ago and now the 
person currently responsible for the inbox is just unable to cope with 
all this - in his or her eyes - weird tech stuff.


Therefore my proposal to manually remove/block the address. But it seems 
that this has happened.


Kind regards,
Tobias

Re: [users@httpd] Help with Apache configuration

2015-12-29 Thread Tobias Adolph 

Hi Jain,

did you configure those in the same virtualhost-Block?

Am 18.12.2015 um 14:35 schrieb chetan jain:

#For app-1

   RewriteRule ^/app1$ /app1/ [R]
   RewriteRule ^/app1/(.*) /app/WebObjects/app.woa/$1 [P]
   ProxyPass /app/WebObjects/app.woa/ 
http://host_name1:app1_port/app/WebObjects/app.woa/
   ProxyPassReverse /app/WebObjects/app.woa/ 
http://host_name1:app1_port/app/WebObjects/app.woa/


# For app-2

   RewriteRule ^/app2$ /app2/ [R]
   RewriteRule ^/app2/(.*) /app/WebObjects/app.woa/$1 [P]
   ProxyPass /app/WebObjects/app.woa/ 
http://host_name2:app2_port/app/WebObjects/app.woa/
   ProxyPassReverse /app/WebObjects/app.woa/ 
http://host_name2:app2_port/app/WebObjects/app.woa/


If this the case try to encapsulate the two blocks in separate 
Location-Blocks (like  etc..


Kind regards,
Tobias Adolph

--
###
# Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###

Re: [users@httpd] Help with Apache configuration

2015-12-29 Thread Tobias Adolph 

HI Chetan,

you could place them in different virtual-Host-Container (which means 
different domains) or you could alter the url-part 
(/app/WebObjects/app.woa) to another string (like 
/app/webObjects/app1|2.woa) that is different for each backend.


Regards,
Tobias

Am 29.12.2015 um 14:43 schrieb chetan jain:

Thanks Tobias,

The problem with that would be, I won't be able to ProxyPass with path 
in Location bock.


--Chetan

On Tue, Dec 29, 2015 at 4:03 PM, Tobias Adolph <tobias.ado...@lrz.de 
<mailto:tobias.ado...@lrz.de>> wrote:


Hi Jain,

did you configure those in the same virtualhost-Block?

Am 18.12.2015 um 14:35 schrieb chetan jain:

#For app-1

   RewriteRule ^/app1$ /app1/ [R]
   RewriteRule ^/app1/(.*) /app/WebObjects/app.woa/$1 [P]
   ProxyPass /app/WebObjects/app.woa/
http://host_name1:app1_port/app/WebObjects/app.woa/
   ProxyPassReverse /app/WebObjects/app.woa/
http://host_name1:app1_port/app/WebObjects/app.woa/

# For app-2

   RewriteRule ^/app2$ /app2/ [R]
   RewriteRule ^/app2/(.*) /app/WebObjects/app.woa/$1 [P]
   ProxyPass /app/WebObjects/app.woa/
http://host_name2:app2_port/app/WebObjects/app.woa/
   ProxyPassReverse /app/WebObjects/app.woa/
http://host_name2:app2_port/app/WebObjects/app.woa/


If this the case try to encapsulate the two blocks in separate
Location-Blocks (like  etc..

Kind regards,
Tobias Adolph

-- 
###

    # Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###




--
#######
# Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###

Re: [users@httpd] authn_core_module: apache 2.4 : Invalid command 'AuthLDAPBindDN'

2015-08-07 Thread Tobias Adolph 

Hi Rahul,

Am 07.08.2015 um 12:45 schrieb Rahul R:

Hello All,

I have apache 2.2 working fine with multiple ldap aliases. Recently i
installed apache 2.4 and copied the ldap configs and followed the below
link.

http://httpd.apache.org/docs/2.4/mod/mod_authn_core.html.

But when I start apache, this is what I am getting as an error.

*AH00526: Syntax error on line 484 of /home/apache2/conf/httpd.conf:*
*Invalid command 'AuthLDAPBindDN', perhaps misspelled or defined by a
module not included in the server configuration*

I am of course loading the module.

LoadModule authn_core_module modules/mod_authn_core.so

Any help to fix this would be much appreciated. Below is the config.


did you load the authnz_ldap_module?
Try:
LoadModuleauthnz_ldap_module modules/mod_authnz_ldap.

From 2.2 to 2.4 authorization and authentication have quite changed a 
bit, so you should consider studying this link:

http://httpd.apache.org/docs/2.4/howto/auth.html

Kind regards,
Tobias Adolph

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Deny, Allow with Apache 2.4

2015-07-30 Thread Tobias Adolph 

Hi Chris,

Am 30.07.2015 um 00:04 schrieb ScuzzyEye:
I'm having a difficult time figuring out how to convert an Apache 2.2 
access rule to 2.4.


What I'm doing in 2.2 is pretty simple:

order deny,allow
deny from 192.168.1.0/24
deny from 192.168.2.0/24
allow from 192.168.1.12

So denying some sub-nets, but allowing one IP in that range, and the 
rest of the world.




Try this one:

RequireAny
Require ip 192.168.1.12
RequireAll
Require all granted
Require not ip 192.168.1.0/24
Require not ip 192.168.2.0/24
/RequireAll
/RequireAny

Kind regards,
Tobias Adolph



-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Strange Apache behavior

2015-07-22 Thread Tobias Adolph 

Hi John,

I think the described behaviour is normal.

Apache makes a lookup whether it has a vhost with the requested 
hostname, if not it delivers the document root of the first vhost loaded 
which on Debian based systems (including Ubuntu) this conf file is  
000-default (the files are loaded via numeric ordering, hence the 
000 to safeguard that this file is loaded first). You should not 
change the setup by your OS, read the documentation to understand the 
symlinking.


If you want to change this behavior, you could adapt your default.conf 
with a RewriteRule using wild-card -mappings.


Untested (you should'nt try this out on a productive server, please test 
first)

RewriteCond %{HTTP_HOST} ^.*mysite-1.com$
RewriteRule /(.*) http://www.mysite-1.com/$1

Or you could display a Oops-site if the given hostname is not 
configured in the default-directory and give the user a hint that he had 
made a typo.


Kind regards,
Tobias Adolph


Am 21.07.2015 um 20:12 schrieb John Fisher GM:
We're running Apache 2.2 on Debian 7 (Wheezy). We run approximately 24 
vhosts, mostly small sites but also one large site. Some sites are 
Drupal, some are Wordpress and some are handcoded going back to 1995.


Our structure generally is:

/home
/home/mysite-1/public_html/index.html
/home/mysite-2/public_html/index.html
/home/mysite-3/public_html/index.html
and so on...

We prefer this structure rather than the Debian norm /var/www

Here's the problem(s):

On all of the sites calls to mysite-1.com/index.html works properly. 
Things also work with the cname www as that is explicitly defined as 
ServerAlias www.mysite-1.com in the vhost file under 
sites-available. So calls to www.mysite-1.com/index.html also work.


But when someone mistypes the URL, things go wrong.

For example, typing ww1.mysite-1.com takes us to the /home directory, 
up two levels and displays a directory listing of everything under /home.


I made a quick fix by adding a dummy file at /home/index.html

Without that plug, a directory of all sites under /home displays, 
allowing access to files above the public_html directory on all our 
sites.


But even with the /home/index.html file, one can just type a URL such as:

http://ww1.mysite-1.com/mysite-2/ and view anything in 
mysite-2 above public_html.


I probably could restrict directory access using .htaccess, but I'd 
prefer to find the cause of the issue.


I spent some time simplifying the files under sites-available to 
remove anything that might cause these errors. (hence my questions 
yesterday about /share/doc and cgi-bin).


I considered that the problem might have been something in the 
apache2.conf file. But I looked closely there and found nothing.


I suspect the problem is in the sites-available/default vhost file 
and the symlink /sites-enabled/000-default and might have to do with 
our changing the /var/www entry to /home.


Is the default file and 000-default symlink needed? If so, why is that?

But I could use some guidance on all this.

Here's a typical vhost file:


VirtualHost *:80
ServerAdmin webmaster@localhost
ServerName mysite-1.com
ServerAlias www.mysite-1.com
DocumentRoot /home/mysite-1/public_html/

Directory /
Options FollowSymLinks
AllowOverride None
/Directory

Directory /home/mysite-1/
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
/Directory

ErrorLog ${APACHE_LOG_DIR}/mysite-1.error.log
CustomLog ${APACHE_LOG_DIR}/mysite-1.access.log combined

# Possible values include: debug, info, notice, warn, error, 
crit, alert, emerg.

LogLevel warn

/VirtualHost 


and here is the default file:


VirtualHost *:80
ServerAdmin webmaster@localhost
DocumentRoot /home/

Directory /
Options FollowSymLinks
AllowOverride None
/Directory

Directory /home/
Options Indexes FollowSymLinks MultiViews
Allowoverride Indexes
Order allow,deny
allow from all
/Directory

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Directory /usr/lib/cgi-bin
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
/Directory

ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, 
crit,

# alert, emerg.
LogLevel warn

CustomLog ${APACHE_LOG_DIR}/access.log combined

Alias /doc/ /usr/share/doc/
Directory /usr/share/doc/
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
/Directory

/VirtualHost

Re: [users@httpd] require valid-user with ldap

2014-11-26 Thread Tobias Adolph 

Hi,

do you have an other authorization modules (like mod_shib for 
shibboleth-authentication)?


We had an issue concerning require valid-user, too. I guess that if 
several authorization handlers are active require valid-user 
directives asks each of them for approval. At least mod_shib shows this 
behaviour. The fact that if you give the specific user (which determines 
the specific authorization authority) or a require-directive specific to 
an authorization module supports this assumption.


Hope this helps.

Kind regards
Tobias

Am 24.11.2014 um 12:13 schrieb Marc Patermann:

Hi,

I using the following .htaccess

AuthBasicProvider ldap file
AuthType Basic
AuthzLDAPAuthoritative off
Authname ...
AuthUserFile /srv/www/.htusers-mf
AuthLDAPURL 
ldap://ldapserver/ou=humans,ou=foo,c=de?mail??(mail=*@ofd-*.foo.de)

Limit PROPFIND OPTIONS GET
 #Require ldap-group ou=Benutzer-Opst,ou=gruppen,ou=humans,ou=foo,c=de
 #Require user k1-st-01
 Require valid-user
/Limit
...

The require valid-user does not work for ldap users. I get the 
following message in error_log:


/var/log/apache2/error_log:[Thu Nov 21 09:40:48 2014] [error] [client 
10.49.64.85] access to /documents/ failed, reason: user 'u...@foo.de' 
does not meet 'require'ments for user/valid-user to be allowed access


Apache is version 2.2.10

If I set it to require ldap-user u...@foo.de or require ldap-group 
... it is all fine, so the ldap part does it's thing.



Marc

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



--
###
# Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Is it possible to evaluate .htaccess before proxying requests? (Apache 2.4.9)

2014-05-27 Thread Tobias Adolph 

Hello everybody,

isn't there any solution?

Am 19.05.2014 13:30, schrieb Tobias Adolph:


Is there any way to enable Proxying to a fcgi-daemon listening on a 
unix domain socket

using RewriteRule?



Thanks in advance!

Kind regards,
Tobias Adolph


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Is it possible to evaluate .htaccess before proxying requests? (Apache 2.4.9)

2014-05-19 Thread Tobias Adolph 


Am 16.05.2014 18:47, schrieb Eric Covener:
You could try mod_rewrite in directory context. 


This configuration worked in our environment, .htaccess-files are evaluated
(thanks a lot to Eric Covener for his suggestion):
Directory /path/to/htdocs 
Rewrite Engine On
RewriteRule ^(.*\.php)$ fcgi://127.0.0.1:4000/path/to/htdocs/$1 [P]
/Directory

We hadn't had success with unix domain sockets though
RewriteRule ^(.*\.php)$ 
unix:/var/run/php-fpm.sock|fcgi://localhost/path/to/htdocs/$1 [P]


This is logged in the error log file:

No protocol handler was valid for the URL /info.php. If you are using a 
DSO version
of mod_proxy, make sure the proxy submodules are included in the 
configuration

using LoadModule.

Since
1) the first RewriteRule above worked but the second didn't
2) and this worked (outside Directory context, of course):

LocationMatch .*\.php$ 
ProxyPass 
unix:/var/run/php-fpm.sock|fcgi://localhost/path/to/htdocs

/LocationMatch

I assume that there is no issue loading the correct module. Maybe the 
communication

between mod_rewrite and mod_proxy using UDS is buggy?

Is there any way to enable Proxying to a fcgi-daemon listening on a unix 
domain socket

using RewriteRule?

Thanks for your help!

Kind regards
Tobias Adolph

--
###
# Tobias Adolph   # 
# Leibniz-Rechenzentrum   #
# Zimmer I.2.019  #
# Boltzmannstraße 1   # 
# 85748 Garching bei München  # 
###


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Is it possible to evaluate .htaccess before proxying requests? (Apache 2.4.9)

2014-05-14 Thread Tobias Adolph 

Hi all,

is the intended behaviour of ProxyPass(Match)-Directives to ignore 
.htaccess files?

And is there any way to change this?

Version used: Apache httpd 2.4.9
Operating System: SUSE Linux Enterprise Server 11.3 (x86_64)

Context:
PHP is enabled via mod_proxy(_fcgi), but using this configuration-
snippet in vhost-context

LocationMatch .*\.php$ 
ProxyPass unix:/var/run/php-fpm.sock|fcgi://localhost/
/LocationMatch

with the following .htaccess-Directive in the DocumentRoot

Require all denied

results in the following situation:

Access to php-files isn't denied - they are served - but non-PHP-ressources
like css- or js-files aren't served ( = strange output).

Same Problem when proxying is realized via ip-adress or rewrites:
RewriteRule (.*\.php)$ fcgi://localhost:9000/$1 [P]

Please Note:
I know I can configure stuff like access control in 
Location(Match)-context in the
server configuration. And I know .htaccess files have performance, 
security, and

management downsides (cit. Mark Montague).
The problem: Non-privileged users (~1200) who are only allowed to modify 
their
.htaccess-files for rewrites or access controls. Even if they had access 
to their
vhost context the migration effort grows exponentially since 
htaccess-files are status

quo...

Thanks in advance for your effort.

Kind regards,
Tobias Adolph