[users@httpd] Why sub-requests for /?

Apache 2.0.54-4 on Debian Sid. I have a setup with the document root with no access, but then I allow access to individual subdirectories (normally via basic auth). Say foo is one of those sub-directories and DocRoot is /var/lib/projects. So a request for: GET http://bumby:88/foo/env.cgi/ot

RE: [users@httpd] settings in /etc/init.d/httpd ?

> -Original Message- > From: Justin Conover [mailto:[EMAIL PROTECTED] > > Oh, the reason I didn't use "virtuals" is we need to be able to > start/stop specific instances. From my understanding this isn't > possible in the VirtualHost section, is that incorrect? You can achieve the effect

RE: [users@httpd] Encountering compile problems installing version 2.0.54 on HP-UX

> -Original Message- > From: McLaughlin, Brent [mailto:[EMAIL PROTECTED] > Sent: Dienstag, 7. Juni 2005 05:06 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Encountering compile problems > installing version > 2.0.54 on HP-UX > > > Hello, > I am attempting to get the lat

[users@httpd] RedirectMatch regex question.

Wondering if someone can please assist with the following two RedirectMatch regex's (My regex skills are zilch!) RedirectMatch /main.cfm?=page&content&id=946 http://www.domain.com.au/privacy.html RedirectMatch /main.cfm?page=unsubscribe http://www.domain.com.au/unsubscribe/index.html The ".", "?"

[users@httpd] Encountering compile problems installing version 2.0.54 on HP-UX

Hello, I am attempting to get the latest version of Apache installed under HP-UX. I have followed the instructions and all was well until the make. During the make a compile problem is being reported. Is anyone else encountering a compile problem in HP-UX environments for the latest ap

Re: [users@httpd] irc eggdrop exploit woes

Ivan Barrera A. wrote: Using some packaged distro (as fedora) is pretty easy rpm -VVV on each package, and reinstall the affected ones (supossing that you have some binary replaced) The eggdrop.. you can wipe it out of the disk Eben Goodman wrote: I actually know which user it got through on

Re: [users@httpd] irc eggdrop exploit woes

Using some packaged distro (as fedora) is pretty easy rpm -VVV on each package, and reinstall the affected ones (supossing that you have some binary replaced) The eggdrop.. you can wipe it out of the disk Eben Goodman wrote: > I actually know which user it got through on, it came in through an >

Re: [users@httpd] irc eggdrop exploit woes

Eben Goodman wrote: I actually know which user it got through on, it came in through an insecure php nuke application. I have since removed the nuke app, but the damage appears to be done, since this eggdrop crap is still running on the server. Is there a way to find, and remove the software

Re: [users@httpd] irc eggdrop exploit woes

Eben Goodman wrote: I recently had an irc exploit on my server running this eggdrop relay thing via apache. I was able to find the offending files and remove them and the eggdrop processes went away for awhile, but now they are back and try as I might I can't find any files that correspond to

Re: [users@httpd] irc eggdrop exploit woes

thanks for the help, found the files in /var/tmp... thanks again Eben Dan Mahoney, System Admin wrote: On Mon, 6 Jun 2005, Eben Goodman wrote: find / -user apache -print -Dan I actually know which user it got through on, it came in through an insecure php nuke application. I have since r

Re: [users@httpd] irc eggdrop exploit woes

On Mon, 6 Jun 2005, Eben Goodman wrote: find / -user apache -print -Dan I actually know which user it got through on, it came in through an insecure php nuke application. I have since removed the nuke app, but the damage appears to be done, since this eggdrop crap is still running on the se

Re: [users@httpd] irc eggdrop exploit woes

I actually know which user it got through on, it came in through an insecure php nuke application. I have since removed the nuke app, but the damage appears to be done, since this eggdrop crap is still running on the server. Is there a way to find, and remove the software once it has found it

Re: [users@httpd] irc eggdrop exploit woes

On Mon, 6 Jun 2005, Eben Goodman wrote: If you're doing multi-hosting, look into suexec. the fact that it runs CGI's as the user is kinda secondary to the fact that it shows you WHICH user uploaded the insecure script. For PHP scripts, I've had good luck running suPHP (which is not an offic

Re: [users@httpd] irc eggdrop exploit woes

Yep. It is most probably that you were hacked through PHP. Most common way of "hacking" this way, is abusing sites running PHP-Nuke, phpBB, and many other sites using "unsafe" programming techniques. If you look in the mailing archives, you can find lots of answers to this type of problems. (consi

[users@httpd] irc eggdrop exploit woes

I recently had an irc exploit on my server running this eggdrop relay thing via apache. I was able to find the offending files and remove them and the eggdrop processes went away for awhile, but now they are back and try as I might I can't find any files that correspond to this software. When

Re: [users@httpd] Problem with IE

Philippe Reynolds wrote: Greetings all, I'm currently just starting with Apache so sorry in advance if my terminology isn't the greatest. I'm creating dynamic html pages that contain forms and integrated php. Like in any form it contains a submit button. This first is the interface where

[users@httpd] client cert auth issue

1. apache 2.0.54 on Sol 8 2. I have the following in a vhost used for client auth proxy SSLProxyEngine On SSLVerifyDepth 4 SSLProxyVerify require SSLProxyCACertificateFile "/usr/local/apache/server2/ssl/CA.pem" SSLProxyMachineCertificateFile "/usr/local/apache/server2/ssl/client.

[users@httpd] Re: Newbie Qu - details of graceful restart on Windows

Hi Bill, >>[I asked this on the user list, and think it should have been asked >>here...] > No, it did belong on the users list :) Ok, thanks! And apologies. >>I'm quite new to Apache, and trying to understand what a graceful restart >>on Windows actually does. I'm running Apache with mod_jk

[users@httpd] LimitRequestBody and mod_proxy

Does mod_proxy also honor LimitRequestBody directive? we can't seem to get 2.0.52 - 2.0.54 on win2k to return a 413 when the limit is exceeded and the request is reversed proxied to a remote server. - The official User-To-Use

[users@httpd] Re: Newbie Qu - details of graceful restart on Windows

At 11:38 AM 6/6/2005, [EMAIL PROTECTED] wrote: >[I asked this on the user list, and think it should have been asked >here...] No, it did belong on the users list :) >I'm quite new to Apache, and trying to understand what a graceful restart >on Windows actually does. I'm running Apache with mod_j

Re: [users@httpd] Add Request Method by using SCRIPT / Bug?

* Peter Mayer wrote: > http://httpd.apache.org/docs/mod/mod_actions.html#script > "Prior to Apache 1.3.10, method can only be one of GET, POST, PUT, or > DELETE. As of 1.3.10, any arbitrary method name may be used. Method names > are case-sensitive, so Script PUT and Script put have two entirely

[users@httpd] Add Request Method by using SCRIPT / Bug?

Hello! I would like to add the SEARCH method to the allowed request methods - with the SCRIPT directive it should be no problem: http://httpd.apache.org/docs/mod/mod_actions.html#script "Prior to Apache 1.3.10, method can only be one of GET, POST, PUT, or DELETE. As of 1.3.10, any arbitrary m

Re: [users@httpd] Problem with IE

This is unlikely to be an apache problem. You might check out one of the php forums and see if there is a difference between firefox and IE that might explain the problem. Best o'luck Gene Philippe Reynolds wrote: Greetings all, I'm currently just starting with Apache so sorry in advance if m

[users@httpd] FW: mod_auth_pam + winbind question...

Title: Message I don't know if this message got to mailing list, so I'm resending it... -Original Message-From: Jorge Dionisio Sent: Monday, June 06, 2005 17:09To: 'users@httpd.apache.org'Subject: mod_auth_pam + winbind question... Hi all.   I have apache 2.0 configured with mod

[users@httpd] mod_auth_pam + winbind question...

Title: Message Hi all.   I have apache 2.0 configured with mod_auth_pam and winbind plugin to authenticate my users in an Active Directory but in /var/log/messeges i get: user x granted access to resource y but apache later returns me an error Access Denied, invalid credentials, can anybod

RE: [users@httpd] Large file upload problem!

Did you adjust all of your timeouts to allow for the upload? That is a lot to ask of the protocol in my opinion. You should find another way to do it. -Original Message- From: Harish Sundaram [mailto:[EMAIL PROTECTED] Sent: Monday, June 06, 2005 10:42 AM To: Apache Forum Subject: [EMAIL

Re: [users@httpd] Large file upload problem!

Hello, Apache is not meant to transfer large files. accepting 50Mb through php is already a large amount... Perhaps you should look into FTP / distributed file systems ? (ask yourself the right question, will you really upload 2GB files everyday and have it served through www ?) Harish Sun

RE: [users@httpd] Large file upload problem!

Have you checked this? http://httpd.apache.org/docs/mod/core.html#limitrequestbody Thanx Aaron N Wagner Monitoring Systems and Network Tools CCO-Command Center Operations 804.515.6298 > -Original Message- > From: Harish Sundaram [mailto:[EMAIL PROTECTED] > Sent: Monday, June 06, 2005

[users@httpd] Large file upload problem!

Hi, (B (BIs there any way by which I can upload (i.e. POST) a file greater than 2GB (Bsize to my Apache Server? If yes, how? Please suggest some browser which can (Bachieve the same. (B (BI'm using Apache 2.0.53 on HP-UX11i. Browser is MS-IE6.0 and everytime I try (Bthe same, I get the follo

Re: [users@httpd] Problem with IE

Already correctly pointed out - this is not an apache question and you should look at the code. I would like to add that the code probably has something that disables the button (maybe a javascript) which is not supported by another browser but IE and so you get the 'ding' sound. Of course, Not

Re: [users@httpd] Problems on Linux

On 6/4/05, Patrick Donker <[EMAIL PROTECTED]> wrote: > Exactly! People dont have the time to read the docs, but do have time to > subscribe to and write messages to the list asking for solutions and > wait for them. Where does that time come from then? For most people, it is much quicker to ask s

RE: [users@httpd] Problem with IE

It is highly unlikely to be apache. Look into your code, and perhaps join a group associated with this. What is the standard 'ding' sound, and what is the error? P -Original Message- From: Philippe Reynolds [mailto:[EMAIL PROTECTED] Sent: Monday, June 06, 2005 11:10 AM To: users@httpd.

[users@httpd] Problem with IE

Greetings all, I'm currently just starting with Apache so sorry in advance if my terminology isn't the greatest. I'm creating dynamic html pages that contain forms and integrated php. Like in any form it contains a submit button. This first is the interface where people can enter values et

[users@httpd] Configuring Apache2.0.54 --with-berkeley-db fails

Hi Ooops - I posted this on [EMAIL PROTECTED] - my apologies! I am desparate... My intention is to access SubVersion via Apache's WebDAV feature. I am trying to compile Apache 2.0.54 with support for BerkeleyDB 4.3. under Linux. Compilation and installation of Berkeley DB worked fine and I i

Re: [users@httpd] Re: Apache cannot connect to Tomcat in httpd.conf

* Andreas <[EMAIL PROTECTED]> [0634 23:34]: > > >Setup a log for mod_jk2. > > /usr/local/apache2/logs/error_log: > > [Thu Jun 02 01:36:24 2005] [notice] Apache/2.0.54 (Unix) configured -- > resuming normal operations > [Thu Jun 02 02:19:08 2005] [notice] caught SIGTERM, shutting down > [Thu Ju