Greetings,
For httpd version 2.2.22 and older, only specify TLSv1. This is treated as
a wildcard for all TLS versions.
SSLProtocol TLSv1
Thanks,
Otis
Thank you for the update..!
My client requirement is to have only TLS1.1. Even TLS1.0 have to be
disabled.
I would like to know is there a way to use just TLS 1.1 for the older
versions. Or if I upgrade Apache to latest version then will it be possible?
Please do let me know for further
Hello Team,
Currently my Apache server supports SSLV2, V3, TLSV1.
The client requirement is to enalbe TLSV1.1 or above on the webserver.
Current Version of Apache: Apache V2.2.16
When I tried to Add SSLProtocol All TLSv1.1 TLSv1.2. Server has thrown the
error saying Illegal Protocol.
Please
Hello Kees,
Thanks for that suggestion. Not sure if I understood you correctly, but
this is what I tried:
#Mod_status config
ExtendedStatus on
VirtualHost *
ServerAdmin webmas...@nbcuni.com
DocumentRoot/opt/apache2/htdocs/hcphp.nbc.com
ServerName hcphp.nbc.com
On Thu, 19 Mar 2015 16:26:28 -0400, you wrote:
This is what I'm seeing in the error logs:
[Thu Mar 19 13:22:34.274686 2015] [authz_core:error] [pid 56979:tid
140005409228544] [client 216.178.108.232:63636] AH01630: client denied by
server configuration:
Do you also have the corresponding LoadModule directives in your config
file?
(shared modules need it to be effectively loaded).
Affirmative:
[root@uszwsls00015la apache2]# egrep status_module|authz_host
conf/httpd.conf
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule
On Thu, Mar 19, 2015 at 9:51 PM, Tim Dunphy bluethu...@gmail.com wrote:
mod_status loaded?
Yep!
[root@uszwsls00015la apache2]# apachectl -M | grep status
status_module (shared)
And so are mod_authz_host:
[root@uszwsls00015la apache2]# apachectl -M | grep authz_host
authz_host_module
Hi Apache,
I have the below vulnerability:
CONNECT Method Allowed in HTTP Server Or HTTP Proxy Server Vulnerability:
Tried solutions:
a. Commented the connect module in httpd.conf file : LoadModule
proxy_connect_module modules/mod_proxy_connect.so
b. Changed in httpd-ssl.conf
On Mar 19, 2015, at 01:11 , el kalin ka...@el.net wrote:
[…]
my guess is that the dummy connections (since they don't have their own
process attached to them) are there because some of the other processes that
do show in ps ask for those at various stages. is it true? how would i know
What version of OpenSSL are you running. I don't believe OpenSSL 0.9.8
supports TLS 1.1 or 1.2.
Robert
On Thu, 19 Mar 2015 12:02:01 +0530
Sailaja Gadireddy sailaja.gadire...@gmail.com wrote:
Hello Team,
Currently my Apache server supports SSLV2, V3, TLSV1.
The client requirement is to
2 solutions
as you’ve tried before RewriteCond RewriteRule is one solution, another is
limit limitExcpet. and please note that even disabling the specific method(s)
in these directives will not remove that method from the Supported Methods
line (allow) in an OPTIONS request.
Tks b.rgds
--
2015-03-19 18:06 GMT+01:00 Robert Webb rw...@ropeguru.com:
I don't agree with your analysis.
ullia href=healthcheck.php healthcheck.php/a/li is an href
inside an html page that does nothing until clicked on by the client.
This is all assuming that the access denied he is getting is from
On 3/19/2015 1:24 PM, Daniel wrote:
2015-03-19 18:06 GMT+01:00 Robert Webb rw...@ropeguru.com:
I don't agree with your analysis.
ullia href=healthcheck.php healthcheck.php/a/li is an href
inside an html page that does nothing until clicked on by the client.
This is all assuming that
How about using this within a Directory entry:
Order deny,allow
Deny from all
# Private IP ranges
Allow from 127.0.0.1/32
Allow from 10.0.0.5/32
And then add the server status are under that Directory...
Wouldn't that
How about using this within a Directory entry:
Order deny,allow
Deny from all
# Private IP ranges
Allow from 127.0.0.1/32
Allow from 10.0.0.5/32
And then add the server status are under that Directory...
I don't agree with your analysis.
ullia href=healthcheck.php healthcheck.php/a/li is an href
inside an html page that does nothing until clicked on by the client.
This is all assuming that the access denied he is getting is from
http://$(hostname-i)/server-status and server-status is the
2015-03-19 17:41 GMT+01:00 Tim Dunphy bluethu...@gmail.com:
Hey all,
I'm attempting to setup the server-status module and limit access to it
by IP.
So I have this block in my apache configuration file:
#Mod_status config
ExtendedStatus on
Location /server-status
SetHandler
OpenSSL 0.9.8 supports TLS1.1 but, apparently, not TLS 1.2. At least not
easily because I am running 0.9.8 and have TLS1.1 protocol enabled. I am
trying to enable TLS 1.2 with NO luck. I have Apache 2.2.25 installed. Any
ideas?
Thanks…
Cathy Fauntleroy, Security+
Van Dyke Technology Group
This is what I'm seeing in the error logs:
[Thu Mar 19 13:22:34.274686 2015] [authz_core:error] [pid 56979:tid
140005409228544] [client 216.178.108.232:63636] AH01630: client denied by
server configuration: /opt/apache2/htdocs/hcphp.nbc.com/server-status
But that error seems to be referencing
I misspoke. OpenSSL 0.9.8 does NOT support TLSv1.1. My apologies...
Thanks…
Cathy Fauntleroy, Security+
Van Dyke Technology Group
Email: cathy.fauntle...@vdtg.com
Office: (443) 832-4768
-Original Message-
From: Cathy Fauntleroy [mailto:cathy.fauntle...@vdtg.com]
Sent: Thursday,
On Thu, Mar 19, 2015 at 4:26 PM, Tim Dunphy bluethu...@gmail.com wrote:
I'm still not sure why this is happening. Any help/clues would be
appreciated!
mod_status loaded?
--
Eric Covener
cove...@gmail.com
-
To unsubscribe,
On Thu, Mar 19, 2015 at 2:35 PM, Cathy Fauntleroy
cathy.fauntle...@vdtg.com wrote:
OpenSSL 0.9.8 supports TLS1.1 but, apparently, not TLS 1.2. At least not
easily because I am running 0.9.8 and have TLS1.1 protocol enabled. I am
trying to enable TLS 1.2 with NO luck. I have Apache 2.2.25
mod_status loaded?
Yep!
[root@uszwsls00015la apache2]# apachectl -M | grep status
status_module (shared)
And so are mod_authz_host:
[root@uszwsls00015la apache2]# apachectl -M | grep authz_host
authz_host_module (shared)
So it's a litle puzzling..
On Thu, Mar 19, 2015 at 4:39 PM, Eric
Hey all,
I'm attempting to setup the server-status module and limit access to it by
IP.
So I have this block in my apache configuration file:
#Mod_status config
ExtendedStatus on
Location /server-status
SetHandler server-status
Require ip 10.10.10.5 127.0.0.1
/Location
And if I do
24 matches
Mail list logo