Hallo,
Nach einer neuinstallation eines Netzwerks (alles Debian GNU/Linux 4.0)
mit mehreren Apache2 Servern versuchen plzoetlich ALLE auf einen Request
zu antworten.
Ich habe die Apache's folgend configuriert:
1) vserver1.irgendwas.tld
vhost1.irgendwas.tld
vhost2.irgendwas.tld
Hallo,
ich habe (fuer derzeit 43.000 User) einen Homepage-Server (derzeit noch
Apache 1.3 unter Debian 3.1) laufen der normalerweise die Homepages als
http://home.irgendws.tld/~user/
exportiert. Nun habe ich mir ein adduser Add-On geschrieben, das mir
eine vhost Datei generiert und in
Kann eine Rewrite/Redirekt Rule in /etc/apache2/vhosts.d/ nachsehen,
welche Vhosts konfiguriert sind (die Dateinamen entsprechen den $USER/
VHost Namen) und diese dann Excluden?
Evlt. irgendwas mit SetEnv in den vhosts.d/*.conf unterbringen und im
Regex auswerten?
HTH
Olaf Lautenschläger
--
* Michelle Konzack wrote:
Nun, wenn ich http://vhost8.subdom2.irgendwas.tld/ aufrufe, passiert
es ploetzlich, das vserver2.subdom1.irgendwas.tld oder
vserver1.irgendwas.tld antworten und mir melden, das die gewuenschte
Domain nicht verfuegbar ist.
Zur Erinnerung, wenn du die Addresse oben
On Fri, Nov 16, 2007 at 02:18:11PM -0800, dertown wrote:
I used the tools and there is no path or domain in the original cookie that
ican see.
I know it is encrypted under MD5 so maybe icant access the cookie and change
it.
Is there a way to hold a cookie with in the prroxy server itself?
On Sun, Nov 18, 2007 at 11:02:21AM -0500, Greg Boyington wrote:
I like the firewall approach myself, as it seems likely that anyone
with malicious intent (as distinct from the uninformed download
accelerator user, etc) should forfeit their rights to your bandwidth
regardless of protocol. But
Hi All,
I have built the apache source code for IPv6 support.
It started listening to the [::1] loop back address but not it is not
listening to the global IPv6 address.
Can somebody tell me what is the problem.
Thanks and Regards,
Ashwani Sharma
Mob: +91+9916454843
Off:
I have done rm -f * under ServerRoot/logs after apachectl stop.That has
http.pid also in that particular path.
After that I have started apache apachectl start.
I see that there is no error_log under ServerRoot/logs.Why no error_log
as well as no access_log.I see that httpd is running.(ps _ef |
Greetings folks,
The past few mornings, I've come back to load averages on my box varying
from 4 up to 29. Taking a look at top, the processes sucking all the CPU
are httpd. It ranges from two or three up to seven. It seems some child
processes are causing apache to get stuck somewhere, but
Hi.
Using Apache 2.0.52, I'd like to analyze the performance and know how
resources (memory, threads) are used during a period of time.
Do you know any tool to carry it out? Thank you very much.
-
The official User-To-User
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all.
I am a newcomer to this list, as this is the first time I am
experiencing some trouble with Apache. Greetings to the whole list.
I was trying to install the latest 2.0 series release (2.0.61) on a
machine running WinXP SP2 and I got a 1711
Hi
Whats the exact difference between Version 1.3.x, 2.0.x and 2.2.x of Apache
Web Server
Thanks and Regards
Kaushal
Kaushal Shriyan wrote:
Hi
Whats the exact difference between Version 1.3.x, 2.0.x and 2.2.x of
Apache Web Server
Thanks and Regards
Kaushal
Hmm... Oldest, older, current... Same as Win31, Win95, WinXP. I could
say RTFM... but you should digest the following:
On Nov 19, 2007 3:21 AM, Christian Folini [EMAIL PROTECTED] wrote:
Hey Greg,
could you elaborate on this? How would you prevent this
attack with mod_access?
In one case where an attack was under way but I didn't have access to
the firewall, I added something like:
Order Deny,Allow
#
On Mon, Nov 19, 2007 at 09:59:20AM -0500, Greg Boyington wrote:
to the docroot's .htaccess file. Not as effective as dropping the
packets at the border, obviously, but in this case the attacker wasn't
very bright/determined.
I see. Yes, this helps for a non-determined DoS attack.
Thanks.
Thanks. Hoped you had found the silver bullet though. :)
Nope, sadly. Although I haven't attempted it myself, I've been
wondering of late if using tcp wrappers in combination with httpd
would be effective/advisable. On our FreeBSD systems, we use a little
python script in combination with
On Mon, 19 Nov 2007 09:59:20 -0500
Greg Boyington [EMAIL PROTECTED] wrote:
On Nov 19, 2007 3:21 AM, Christian Folini [EMAIL PROTECTED]
wrote:
Hey Greg,
could you elaborate on this? How would you prevent this
attack with mod_access?
In one case where an attack was under way but I
After quite a bit of trouble I finally got the dbd mysql compiled but
now as soon as I put the DBDriver mysql directive into the httpd.conf
file I get endless Segmentation Fault messages in the error log. I set
the LogLevel to debug but that doesn't help any. Any suggestions?
Below is my
On Nov 19, 2007 10:47 AM, Nick Kew [EMAIL PROTECTED] wrote:
On Mon, 19 Nov 2007 09:59:20 -0500
Greg Boyington [EMAIL PROTECTED] wrote:
On Nov 19, 2007 3:21 AM, Christian Folini [EMAIL PROTECTED]
wrote:
Hey Greg,
could you elaborate on this? How would you prevent this
attack with
By the way the actual error message in the error_log is
[Mon Nov 19 15:55:22 2007] [notice] child pid 21426 exit signal
Segmentation fault (11)
and after a while I see
[Mon Nov 19 15:55:22 2007] [info] server seems busy, (you may need to
increase StartServers, or Min/MaxSpareServers),
- Original Message -
From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 10:52 AM
Subject: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
After quite a bit of trouble I finally got the dbd mysql compiled but now
as soon as I
- Original Message -
From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 10:55 AM
Subject: Re: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
By the way the actual error message in the error_log is
[Mon Nov 19 15:55:22 2007]
My configure opitions are:
CONFIGUREOPTS=--prefix=/usr --localstatedir=/var --enable-rewrite
--enable-http --enable-cgi --enable-so \
--enable-ssl --enable-headers --bindir=/usr/bin --sbindir=/usr/sbin
--libexecdir=/usr/libexec --datadir=/var/www \
--sysconfdir=/etc/apache --enable-dbd --with-ldap
No I have not. What is the difference?
Danie Qian wrote:
- Original Message - From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 10:55 AM
Subject: Re: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
By the way the actual
- Original Message -
From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 11:29 AM
Subject: Re: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
No I have not. What is the difference?
worker is the multi-threaded and you only
had you installed mysql driver before you compiled httpd?
- Original Message -
From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 11:29 AM
Subject: Re: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
My configure opitions are:
On Mon, 19 Nov 2007 10:52:58 -0500
Daniel Campbell [EMAIL PROTECTED] wrote:
After quite a bit of trouble I finally got the dbd mysql compiled but
now as soon as I put the DBDriver mysql directive into the
httpd.conf file I get endless Segmentation Fault messages in the
error log.
At server
Yes
Danie Qian wrote:
had you installed mysql driver before you compiled httpd?
- Original Message - From: Daniel Campbell [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Monday, November 19, 2007 11:29 AM
Subject: Re: [EMAIL PROTECTED] dbd mysql segmentation fault in 2.2.6
At server startup. Not even with any requests to it. I will install
gdb and try it out.
Nick Kew wrote:
On Mon, 19 Nov 2007 10:52:58 -0500
Daniel Campbell [EMAIL PROTECTED] wrote:
After quite a bit of trouble I finally got the dbd mysql compiled but
now as soon as I put the DBDriver
Hello every body,
i have a question about redirecting the apache server from http to https
dynamically. In fact, i proceed with the modification of the apache2.conf file,
and i force reload the server each time i want to redirect from http to https
or vice versa (sure after
Redirect 301 / https://myserver.com/ is usually easier than mod_rewrite?
Hello every body,
i have a question about redirecting the apache server from http to
https dynamically. In fact, i proceed with the modification of the
apache2.conf file, and i force reload the server each time i want to
thanks for your reply, in fact, i tried
redirect permanent / https://myserver/
Always the same result, to switching until i proceed with a refresh :s,
nizar
Michael McGlothlin [EMAIL PROTECTED] a écrit :
Redirect 301 / https://myserver.com/ is usually easier than mod_rewrite?
Hello
2007/11/18, Joshua Slive [EMAIL PROTECTED]:
See:
http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos
The standard solution is a simple firewall rule to control number of
connections per ip at some reasonable level.
I already thought about using a firewall rule. Although it could
2007/11/19, Christian Folini [EMAIL PROTECTED]:
As I understand the issue it's a very simple DoS as it neither does
require a lot of cpu nor bandwidth on the client side.
Is there a proper name for this kind of attack. I am not sure
the original question was referring to a real attack.
2007/11/19, Greg Boyington [EMAIL PROTECTED]:
On Nov 19, 2007 3:21 AM, Christian Folini [EMAIL PROTECTED] wrote:
Hey Greg,
could you elaborate on this? How would you prevent this
attack with mod_access?
In one case where an attack was under way but I didn't have access to
the firewall,
Hello all,
I enabled PHP processing of .html files by adding AddType
application/x-httpd-php .html to my httpd.conf file. Now the
mysite.com/manual page comes up blank. Any ideas?
Would someone shoot me over a link with info on how to control the
/manual page (restricting access, etc.)? I've
On Mon, 19 Nov 2007 20:19:20 +0100
Ben Macintosh [EMAIL PROTECTED] wrote:
2007/11/18, Joshua Slive [EMAIL PROTECTED]:
See:
http://httpd.apache.org/docs/trunk/misc/security_tips.html#dos
The standard solution is a simple firewall rule to control number of
connections per ip at some
On Mon, 19 Nov 2007 13:30:48 -0600
Stuart, Cory G. [EMAIL PROTECTED] wrote:
Hello all,
I enabled PHP processing of .html files by adding AddType
That's an ugly hack that was fixed in Apache 1.1 (1996).
If you found it in some post-96 guide, treat it as a warning sign.
2007/11/19, Nick Kew [EMAIL PROTECTED]:
On Mon, 19 Nov 2007 20:19:20 +0100
Ben Macintosh [EMAIL PROTECTED] wrote:
I already thought about using a firewall rule. Although it could be
quite difficult to get it right. As every malicious request blocks a
slot for 5 minutes there hasn't got to
On Mon, 19 Nov 2007 21:19:29 +0100
Ben Macintosh [EMAIL PROTECTED] wrote:
5 minutes??? Where does that come from?
That's the default timeout that a http child waits for, before closing
the connection.
Really? I thought it was something more sensible these days.
5 seconds would make much
On Nov 19, 2007 3:19 PM, Ben Macintosh [EMAIL PROTECTED] wrote:
Thanks for pointing me to the right direction - never heard about
AcceptFilter before.
Interesting, because it is specifically suggested in the link that I
sent you two days ago.
Joshua.
Hello all,
I enabled PHP processing of .html files by adding AddType
That's an ugly hack that was fixed in Apache 1.1 (1996).
If you found it in some post-96 guide, treat it as a warning sign.
Do you have any other recommendations? I don't see the need for users
browsing my pages to know
2007/11/19, Joshua Slive [EMAIL PROTECTED]:
On Nov 19, 2007 3:19 PM, Ben Macintosh [EMAIL PROTECTED] wrote:
Thanks for pointing me to the right direction - never heard about
AcceptFilter before.
Interesting, because it is specifically suggested in the link that I
sent you two days ago.
On Nov 19, 2007 6:49 PM, Nizar KHEIR [EMAIL PROTECTED] wrote:
thanks for your reply, in fact, i tried
redirect permanent / https://myserver/
Always the same result, to switching until i proceed with a refresh :s,
nizar
Have you read this:
Hy krist, and hy everybody,
In fact i think you have not understand my question.
The fact is that i'm working in an environment where my config should modify
dynamically, so in certain conditions, i want to give users access with http
(non secure), and in other circonstences, i want to
45 matches
Mail list logo