On Sat, Feb 18, 2012 at 4:30 PM, Steve Swift swi...@swiftys.org.uk wrote:
I get entries like this in my error log. They are extremely sporadic, and
because the access rate is low on our server, it is easy to find the CGI
script that was being accessed. In all cases, it is one which hasn't
Hi again. Here we are again
Sorry, but I don't understand that dns error, because i'm connecting
to ip interface. I'm not connecting to dns name to simplify the issue.
And i can connect from proxy to backend ok to https port. the problem
seems to be when virtual host proxypass the request,
Hi,
What are your best practices against Cross-Site Request Forgery?
According to owasp.org a CSRFToken should be generated and added as a
hidden form value.
Does Apache Httpd support this out-of-the-box (incl. validation of the
token for each subsequent request until the session expires)?
m, i've configured on other machine, other apache 2.2 as reverse
proxy and i've forwarded request to https://www.ingdirect.es, and the
error is the same
This is a very strange cuestion but, do you know if these
configurations should work?, is it necessary to make any strange
configuration?
Do you have
Listen 8443
at all in your config?
On Feb 20, 2012 10:28 PM, Andres Aguado andriu@gmail.com wrote:
m, i've configured on other machine, other apache 2.2 as reverse
proxy and i've forwarded request to https://www.ingdirect.es, and the
error is the same
This is a very
Ah, but the sh error means that my code never starts executing. If the
very first line of my code were to get executed, then the error message
would come from the error handlers in my code, but nothing in my code
executes under these circumstances.
So, without a single byte of my code changing
On Mon, Feb 20, 2012 at 1:16 PM, Steve Swift swi...@swiftys.org.uk wrote:
Ah, but the sh error means that my code never starts executing. If the
very first line of my code were to get executed, then the error message
would come from the error handlers in my code, but nothing in my code
Yes, into httpd-ssl.conf
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: Listen [::]:443 and Listen 0.0.0.0:443
#
Listen 8443
2012/2/20 Igor Cicimov icici...@gmail.com:
Do you have
Listen 8443
at all in your config?
On Feb 20, 2012
On February 20, 2012 5:50 , Henrik Strand henrik.str...@axis.com wrote:
What are your best practices against Cross-Site Request Forgery?
Use of a CSRF token as described on the OWASP page you lined in your
original message.
Does Apache Httpd support this out-of-the-box (incl. validation
Thank you for your persistence, which has paid off, and conquered my
obtuseness.
So, apache doesn't invoke sh. Neither does my code, explicitly. But when
my script invokes a host command, the interpreter just hands the command to
the default execution environment, which in this case is sh.
I
On Mon, Feb 20, 2012 at 2:26 PM, Mark Montague m...@catseye.org wrote:
On the other hand, I could see providing CSRF protection at the web server
level as being useful, since you then would not need to trust each web
application author to both completely impelment CSRF protection and to
Does anyone know of ANY web server that
provides
CSRF protection at the web server level? I'm curious.
Take a look at mod_security that provides CSRF prevention mechanism by means of
JS injection.
smime.p7s
Description: S/MIME cryptographic signature
On Mon, Feb 20, 2012 at 8:54 AM, Tom Evans tevans...@googlemail.com wrote:
On Mon, Feb 20, 2012 at 1:16 PM, Steve Swift swi...@swiftys.org.uk wrote:
Ah, but the sh error means that my code never starts executing. If the
very first line of my code were to get executed, then the error message
On Sun, Feb 19, 2012 at 9:41 PM, Igor Cicimov icici...@gmail.com wrote:
Thats what Require valid-user doing. Try with Require any
Tried it and it is still not letting me use the kerberos ticket,
only username+passwd.
On Sun, Feb 19, 2012 at 9:23 AM, Mauricio Tavares
On Mon, Feb 20, 2012 at 11:22 AM, Mauricio Tavares raubvo...@gmail.com wrote:
On Sun, Feb 19, 2012 at 9:41 PM, Igor Cicimov icici...@gmail.com wrote:
Thats what Require valid-user doing. Try with Require any
Tried it and it is still not letting me use the kerberos ticket,
only
Do any of the GET requests in your access log correspond with CGI scripts
which might run for a long time? I presume that the access log entry
corresponds to when the script starts, not when it ends. The sh error
messages may thus occur minutes after the corresponding GET entry in the
access log.
I have the following architecture: a JSP page with JavaScript client code, the
backend is a JAVA class that gets data from an Oracle database. The whole app
runs on a WebLogic 10 server. It works fine in my development environment and
also on the client's internal network. However, the client
Forgot to mention that they use Apache server in tandem with Windows IIS.
-Original Message-
From: Lou Vasilev [mailto:lvasi...@powercosts.com]
Sent: Monday, February 20, 2012 10:37 AM
To: users@httpd.apache.org
Subject: [users@httpd] Very slow Apache proxy server under IE
I have the
On Mon, Feb 20, 2012 at 4:16 PM, Phil Smith philbo...@gmail.com wrote:
On Mon, Feb 20, 2012 at 8:54 AM, Tom Evans tevans...@googlemail.com wrote:
On Mon, Feb 20, 2012 at 1:16 PM, Steve Swift swi...@swiftys.org.uk wrote:
Ah, but the sh error means that my code never starts executing. If the
Thanks for responding. After sleep and more debugging this turned out to
be a mod_python session problem and unrelated to Apache operation.
Apologies for wasting anyone's bandwidth.
On 19/02/12 21:20, Jeff Trawick wrote:
As a diagnostic step, set KeepAlive Off and see if the problem
I just want to revisit this on-list again. Yehuda has help tremendously, thank
you Yehuda. I have the front end server set for proxy(reverse) in the httpd
file:
VirtualHost ifolder.teknerds.net:443
ServerName ifolder.electrichendrix.com
ProxyPass /ifolder https://192.168.123.4/ifolder
On Mon, Feb 20, 2012 at 9:49 PM, Chris Arnold
carn...@electrichendrix.comwrote:
I just want to revisit this on-list again. Yehuda has help tremendously,
thank you Yehuda. I have the front end server set for proxy(reverse) in the
httpd file:
VirtualHost ifolder.teknerds.net:443
ServerName
On Feb 20, 2012, at 10:04 PM, Yehuda Katz yeh...@ymkatz.net wrote:
On Mon, Feb 20, 2012 at 9:49 PM, Chris Arnold carn...@electrichendrix.com
wrote:
I just want to revisit this on-list again. Yehuda has help tremendously,
thank you Yehuda. I have the front end server set for proxy(reverse)
On 20/02/12 10:13 PM, Chris Arnold wrote:
On Feb 20, 2012, at 10:04 PM, Yehuda Katz yeh...@ymkatz.net
mailto:yeh...@ymkatz.net wrote:
On Mon, Feb 20, 2012 at 9:49 PM, Chris Arnold
carn...@electrichendrix.com mailto:carn...@electrichendrix.com wrote:
I just want to revisit this on-list
24 matches
Mail list logo