I can almost guarantee that the problem is a broken sendfile implementation
and
EnableSendfile Off
will fix it.
I can almost guarantee that you are correct. :-)
Armed with that information (which did resolve the problem) I did some more
searching and found that a colleague had also
sounds like you could benefit from logging incoming request payloads. Consider
mod security to sanitize requests and log, if you can't modify your perl script
to do it, how do you modify the textarea data before doing the INSERT? Do you
know what the perl script has been doing? Have you ensured
Quoting Fayland Lam [EMAIL PROTECTED]:
hi list.
we are in attack I think. our Perl script is taking 2G to process one
request.
8: 18940 1567M 5.9M 1567M 1121M W 0.000s 0.000s 459 1.2.3.4
www.xxsite.com POST /comment/post HTTP/1.0
that's from vmonitor.
I'm wondering is there someone
On Tue, May 20, 2008 at 10:56 PM, Scott Moseman [EMAIL PROTECTED] wrote:
I'm trying to hide the /portal/ path for a website behind the scenes
using mod_proxy. I had to use the RewriteEngine because the website
(not under rmy control) uses some absolute URL references in the code,
and if I
Jie Gao wrote:
Quoting Fayland Lam [EMAIL PROTECTED]:
hi list.
we are in attack I think. our Perl script is taking 2G to process one
request.
8: 18940 1567M 5.9M 1567M 1121M W 0.000s 0.000s 459 1.2.3.4
www.xxsite.com POST /comment/post HTTP/1.0
that's from vmonitor.
I'm wondering is
Assume you meant server OS
Fedoracore 6 (linux 2.6.9-023stab044.11-smp)
PHP (5.1.6-3.7.fc6)
Apache 2.2.6
Out of all ideas on this one!
Will try setting SendBufferSize and ReceiveBufferSize (although have already
tried SendBufferSize.
Graham
-Original Message-
From: Tom Donovan
[EMAIL PROTECTED] wrote:
sounds like you could benefit from logging incoming request payloads. Consider
mod security to sanitize requests and log, if you can't modify your perl script
to do it, how do you modify the textarea data before doing the INSERT? Do you
know what the perl script has
Hi,
i want to ask about internal dummy connections in apache 2.2.8. I see in
the logs records like this:
::1 - - [21/May/2008:13:22:39 +0200] OPTIONS * HTTP/1.0 200 - -
Apache/2.2.8 (EL) (internal dummy connection)
In server-status page i see that these connections take server
connections.
Hi all,
System environment:
1. apache (as a load balancer using mode_proxy_balancer)
2. tomcat 1
3. tomcat 2
I am using sticky session = true.
I am following steps: (All servers are running)
1. login in at tomcat 1 (then goes to my web app page)
2. down tomcat 1
3. again goes to 'my web
On Wed, May 21, 2008 at 7:37 AM, Ali Nebi [EMAIL PROTECTED] wrote:
Hi,
i want to ask about internal dummy connections in apache 2.2.8. I see in
the logs records like this:
::1 - - [21/May/2008:13:22:39 +0200] OPTIONS * HTTP/1.0 200 - -
Apache/2.2.8 (EL) (internal dummy connection)
In
Hi,
I believe that my server was compromised through Apache 2.2!
A few months ago I started having problems with Apache where in it wouldnt
accept connections and pages would just not load. Apon investigating, I
would find the following Commands Running on my server:
apache 30689 0.0 0.1 3748
On Wed, May 21, 2008 at 10:00 AM, Netdynamix [EMAIL PROTECTED] wrote:
Hi,
I believe that my server was compromised through Apache 2.2!
There's no sign the compromise was through Apache, only that whoever
compromised your system later installed an IRC bot in a path that
resembled an Apache
Hi,
Our webservers sit behind proxy servers. One one of the web servers,
I'm trying to use mod_proxy to proxy content from outside of our
network. Can mod_proxy be made aware of the actual proxy servers we
have?
I'm trying to proxy secure content over https and have the following in
my
Narendra Verma wrote:
Hi all,
System environment:
1. apache (as a load balancer using mode_proxy_balancer)
2. tomcat 1
3. tomcat 2
I am using sticky session = true.
I am following steps: (All servers are running)
1. login in at tomcat 1 (then goes to my web app page)
2. down tomcat
Compiling Apache 2.0.63 as DSO with OpenSSL 0.9.8g (among other modules.
Compiling completes sucessfully, but the runtime fails. This is being compiled
on solaris. Interestingly enough, we do not have the
same issue with AIX.
Here is the output of the error_log with the failure:
[Tue May 20
Chris Franks wrote:
Hi,
Our webservers sit behind proxy servers. One one of the web servers,
I'm trying to use mod_proxy to proxy content from outside of our
network. Can mod_proxy be made aware of the actual proxy servers we
have?
I'm trying to proxy secure content over https and have the
On Wed, May 21, 2008 at 10:41 AM, Chris Franks
[EMAIL PROTECTED] wrote:
Hi,
Our webservers sit behind proxy servers. One one of the web servers,
I'm trying to use mod_proxy to proxy content from outside of our
network. Can mod_proxy be made aware of the actual proxy servers we
have?
I'm
It seems to me that the problem might be with the network connection, not with
the Apache server configuration. Image and Flash files are usually larger than
web pages: perhaps there's some limit or timeout that's being reached? Of
course, this doesn't account for css files, so there's an
what is the Timeout value in your configuration?
- Original Message -
From: Frank Huddleston
To: users@httpd.apache.org
Sent: Wednesday, May 21, 2008 11:46 AM
Subject: Re: [EMAIL PROTECTED] incomplete graphics downloads
It seems to me that the problem might be with the
Hi,
No those are not configured for replicating sessions.
Thanks
Narendra
-Original Message-
From: Eric Bowman [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 21, 2008 7:57 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Apache issue?
Narendra Verma wrote:
Hi all,
System
Narendra Verma wrote:
Hi,
No those are not configured for replicating sessions.
That's the problem, then. Tomcat needs to replicate the session in order
for sticky sessions to mean anything.
Apache will send requests to the other server, but unless the session
was replicated, the
[EMAIL PROTECTED] wrote:
Compiling Apache 2.0.63 as DSO with OpenSSL 0.9.8g (among other modules.
Compiling completes sucessfully, but the runtime fails. This is being compiled
on solaris. Interestingly enough, we do not have the
same issue with AIX.
Here is the output of the error_log with
Hey all,
Quick question about a vulnerability that was already fixed. I'm
specifically talking about the mod_autoindex UTF-7 XSS vulnerability that is
fixed in Apache 2.2.6. You can find it discussed under the Security Reports
for Apache 2.2 (
Tom Donovan [EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
Compiling Apache 2.0.63 as DSO with OpenSSL 0.9.8g (among other modules.
Compiling completes sucessfully, but the runtime fails. This is being
compiled on solaris. Interestingly enough, we do not have the
same issue
Figured this one out: the third-party module was hacked by a previous colleague
who was oh so kind to not document it, so the issue was not related to anything
Apache/mod_ssl/openssl related.
Thanks,
Flaffer
[EMAIL PROTECTED] wrote:
Compiling Apache 2.0.63 as DSO with OpenSSL 0.9.8g
Intriguing - when I right-click (actually left as I reverse buttons!) and
select 'view image' the image appears perfectly, selecting back then shows
the original page and ALL the images refresh to perfectly!
I'll check with my sat provider although strangely enough my current client
is also on
Hi Danie - not sure what you mean? What timeout how would I check {I'm
fairly new at Apache]
Graham
_
From: Danie Qian [mailto:[EMAIL PROTECTED]
Sent: 21 May 2008 17:55
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] incomplete graphics downloads
what is the
graham.hays wrote:
Intriguing – when I right-click (actually left as I reverse buttons!)
and select ‘view image’ the image appears perfectly, selecting back then
shows the original page and ALL the images refresh to perfectly!
I’ll check with my sat provider although strangely enough my
Hello,
I have been trying since long to configure my httpd.conf file (v2.2)
so as to get a directory listing of contents when an directory index
file (like index.html) is not found, but I haven't been successful as
of yet. I did make sure that I follow all the instructions given over
at
Hi,
I am pretty new to Apache, and cannot seem to find a lot of
documentation on this online.
I am trying to set up Apache as a provisioning server for telephones.
The telephones request configuration files, and then use the PUT
method to upload log files once they have booted.
I can see in the
For apache 2.2.x, it is in conf/extra/httpd-default.conf from the httpd root
folder. but since you dont known about it it is probably still the default 300
seconds. Setting it too small will break(reset) http connections when idle time
of downloading is too long, more likely to hapeen over
Hi all,
Is there a way to get apache2 to tell you what modules have been
successfully loaded ?
Cheers
Dave
--
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html
Greetings Dave,
I think you will find this post helpful:
http://www.ducea.com/2006/05/30/managing-apache2-modules-the-debian-way/
But I think the direct answer to your question is:
apache2 -l
If you are looking to list the installed modules; however, I think you may
be looking to enable modules
2008/5/21 Craig Huffstetler [EMAIL PROTECTED]:
Greetings Dave,
I think you will find this post helpful:
http://www.ducea.com/2006/05/30/managing-apache2-modules-the-debian-way/
But I think the direct answer to your question is:
apache2 -l
If you are looking to list the installed modules;
Robert McNaught wrote:
I can see in the access log what the phone is trying to do, but cannot
figure out how to allow the PUT method, which from what I gather is
pretty uncommon. I have tried making permissions 777 for the
directory the phone is trying to upload to incase that was the issue.
Good idea but unlikely in this setup -- the server is not on my sat
connection - it's a 11 server in a Czech data warehouse - the only time the
sat link comes into it is when I call up a website (I'm in rural spain and
my internet connection is by sat)
Graham
-Original Message-
From:
Dan
Just checked and in my httpd.conf file there is an item 'timeout' with a
value of 120 .. changed it to 300 + restart .. no change so set it back to
120
_
From: Danie Qian [mailto:[EMAIL PROTECTED]
Sent: 21 May 2008 21:09
To: users@httpd.apache.org
Subject: Re: [EMAIL
do a quick test to see if you get any packet loss:
ping -t www.your-server-name.com
- Original Message -
From: graham.hays
To: users@httpd.apache.org ; 'Danie Qian'
Sent: Wednesday, May 21, 2008 3:52 PM
Subject: RE: [EMAIL PROTECTED] incomplete graphics downloads
Dan
Danie Qian wrote:
do a quick test to see if you get any packet loss:
ping -t http://www.your-server-name.comwww.your-server-name.com
End original message. -
Considering that many servers these days are configured to not
respond to ICMP echo requests, that
Do you have a firewall installed? If yes check timeouts on idle connections
there.
Do you have keepalive enabled? What is the timeout there? Sometimes reducing
it might help.
On Wed, May 21, 2008 at 1:10 PM, Dragon [EMAIL PROTECTED] wrote:
Danie Qian wrote:
do a quick test to see if you get
Thanks Daniel,
This is starting to make sense.
Maybe you or someone else can tell me if this is possible with HTTP/apache:
Is it possible to define username and password in the http string and
have a machine login automatically to that web directory, just like
you can with FTP, eg
Hi,
I am setting up apache to reverse proxy to an app server. The app server is
incorrectly sending back Set-Cookie headers for every path visited. I was
looking for a way to get httpd to correct this by making the path always be
/. In other words, something like:
ProxyPassReverseCookiePath
No lost packets but quite a variation in ping time - minimum 604mS, average
759mS (I'd say mean around 630mS) but maximum of 3429mS [about every 10th
ping was over 1200mS]
_
From: Danie Qian [mailto:[EMAIL PROTECTED]
Sent: 21 May 2008 21:57
To: users@httpd.apache.org
Subject: Re:
looks like you have a network level issue - the latency is too big. Try run
tracert www.your-server-name.com to see where the biggest part it.
- Original Message -
From: graham.hays
To: users@httpd.apache.org ; 'Danie Qian'
Sent: Wednesday, May 21, 2008 6:11 PM
Subject: RE:
Hi - I am new here, and this is a very elementary question I know. Have
already read the thread about it, have read the FAQ on Permissions Denied
(13) and have done all the permission corrections suggested (directories and
.cgi scripts all 755, files all 644) but I still get the You do not have
Hi,
But I don't want to replicate sessions among tomcats.
When I down any tomcat then what I want that the related page's link shouldn't
go to another tomcat because sticky session has been marked as true. Other wise
if it will go to another tomcat than what's the meaning of sticky session?
46 matches
Mail list logo
