Re: [us...@httpd] Upgrade 1.3.12 -> 2.2.16: Jserv issue ???

2010-09-09 Thread Sander Temme
On Sep 9, 2010, at 9:04 PM, Mike Schleif wrote: > > Run Apache 2.2.16 in front as reverse proxy, perhaps with mod_security to > > keep the stuff you don't want out? That would allow you to leave the > > Oracle stuff untouched. > > Wow! Thank you for a clue. > > "Run Apache 2.2.16 in front a

Re: [us...@httpd] Upgrade 1.3.12 -> 2.2.16: Jserv issue ???

2010-09-09 Thread Mike Schleif
On 9/9/2010 8:54 PM, Sander Temme wrote: > > On Sep 9, 2010, at 5:29 AM, Mike Schleif wrote: > >> OK, I understand what you're saying. However, all I'm asking is, How can I load Jserv 1.1 functionality in Apache 2.2.16? > > Mod_jserv is dead. Has been dead for a decade. Its functionality (i

Re: [us...@httpd] Upgrade 1.3.12 -> 2.2.16: Jserv issue ???

2010-09-09 Thread Sander Temme
On Sep 9, 2010, at 5:29 AM, Mike Schleif wrote: > OK, I understand what you're saying. However, all I'm asking is, How can I > load Jserv 1.1 functionality in Apache 2.2.16? Mod_jserv is dead. Has been dead for a decade. Its functionality (insofar that I remember what it once did) has been

Re: [us...@httpd] Securing handler from direct access via URL.

2010-09-09 Thread Daryl Tester
Jefferson Ogata wrote: Yes, inasmuch as you didn't clarify that you perceive the configuration as an actual vector for attack, rather than an aesthetically displeasing feature. Instead you mention that it "barfs when accessed directly", which implied to me that you didn't recognize the potenti

Re: [us...@httpd] Securing handler from direct access via URL.

2010-09-09 Thread Jefferson Ogata
On 2010-09-09 21:37, Daryl Tester wrote: Yes, again, I know it's dangerous, hence the concern of my original post. Was my subject line ambiguous? Yes, inasmuch as you didn't clarify that you perceive the configuration as an actual vector for attack, rather than an aesthetically displeasing fe

Re: [us...@httpd] Securing handler from direct access via URL.

2010-09-09 Thread Daryl Tester
Jefferson Ogata wrote: That sounds like a potentially extremely dangerous configuration. Agreed, which is why I'm asking how to not do it. All the non-mod_php examples I seem to find on the net are set up in this configuration. I cannot get "Action" to point to something other than a cgi scri

Re: [us...@httpd] Securing handler from direct access via URL.

2010-09-09 Thread Jefferson Ogata
On 2010-09-09 20:33, Daryl Tester wrote: This works as it should, but a side effect is that Action is exposing http:///cgi-bin/php5 to the outside world (which barfs when accessed directly). Access permissions on the cgi-bin directory appear to get propagated to the resources I'm trying to "hand

[us...@httpd] Securing handler from direct access via URL.

2010-09-09 Thread Daryl Tester
Howdee. I'm attempting to set up a PHP application in a chrooted FastCGI environment under Apache 2.2.14 under Ubuntu 10.04. My (abbreviated) configuration is: ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ FastCgiServer /usr/lib/cgi-bin/php5 AddHandler php-fastcgi .php DirectoryIndex i

Re: [us...@httpd] How deploy gzip to htdocs

2010-09-09 Thread Eric Covener
> You need to enable mod_deflate > (http://httpd.apache.org/docs/2.2/mod/mod_deflate.html), not zip the > content. IIRC You can serve pre-compressed content with mod_negotiation and "MultiViewsMatch any" as long as you request the resource with no extension at all. -- Eric Covener cove...@gmail

Re: [us...@httpd] How deploy gzip to htdocs

2010-09-09 Thread Joost de Heer
On 9-9-2010 4:18, srinivasan kumaran wrote: Hi, I have installed apache webserver in windows. I am new to Apache webserver. I gzipped ( .gz) all my static contents( js,html,css) and copied to htdocs folder and restarted the apache server. static contents are not getting displayed. But when i dire

[us...@httpd] mod_substitute memory problem

2010-09-09 Thread stevep
We are having a problem where a bad regex in mod_substitute goes into an endless loop and keeps allocating more memory, until all of the memory on the server is used up. At that point, telnet is frozen, new telnet sessions can not be created, and the only option is to reboot the server. Our s

Re: [us...@httpd] Upgrade 1.3.12 -> 2.2.16: Jserv issue ???

2010-09-09 Thread Mike Schleif
On 9/9/2010 1:35 AM, Joost de Heer wrote: > On Thu, September 9, 2010 01:45, Mike Schleif wrote: >>Hi, All! >> >> You may have seen my posts last week about a legacy Oracle App (8.1) >> running on Apache (1.3.12) under Windows. >> >> Trying to upgrade Apache, and we've run into a Jserv issue:

Re: [us...@httpd] Unable to load perl file

2010-09-09 Thread aparna aryan
hi I want a path to be include in @INC. Can you please tell me how to include it. because the path the files are listed and the perl tying to fetch and givving file not found is not included in @INC. Can we try to include that path in @INC. Please suggest. On Wed, Sep 8, 2010 at 10:16 PM,

[us...@httpd] Client-side SSL certificate authentication

2010-09-09 Thread Mark Wadham
Hello, I'm slowly going insane trying to get clientside SSL auth to work with Apache 2.2. I think it's mostly related to the recent openssl bug which caused ssl renegotiation to be completely disabled. Initial configuration steps were: 1. Created ca crt/key pair 2. Created apache key/crt pair 3

Re: [us...@httpd] FW: Request to a specific URL Link on one of the web applications is returning "Bad Gateway"

2010-09-09 Thread Rainer Jung
On 09.09.2010 06:54, Karthik Nanjangude wrote: Config Spec Apache 2.2.1.6 Jboss 4.2.1 mod_jk-1.2.28-httpd-2.2.3.so Linux Red Hat DB Oracle Hosted Application : 4 apps [ Independent Containers of JBOSS Server mapped to Apache ] Logs Configured : JkLogFile “/apps/logs” & JkLogLevel debug Pr