Re: [users@httpd] Possible DOS Attack

On Fri, May 20, 2016 at 8:54 PM, Kent Frazier wrote: > The abuse email address for 191.96.249.52 is ab...@dmzhost.co > (though most ISPs don't seem to care whether one of their systems has been > hacked or not) > I see that my system was attacked by that address three

Re: [users@httpd] Possible DOS Attack

The abuse email address for 191.96.249.52 is ab...@dmzhost.co (though most ISPs don't seem to care whether one of their systems has been hacked or not) On 5/20/16 4:00 PM, Roman Gelfand wrote: > In the last 2 days we have received roughly 1milion of the following > requests. Just to confirm, is

Re: [users@httpd] Possible DOS Attack

> Date: Friday, May 20, 2016 23:36:14 + > From: Richard > >> Date: Friday, May 20, 2016 16:09:58 -0700 >> From: Kurtis Rader >> >> On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand >> wrote: >> >>> In the last 2 days we have received roughly

Re: [users@httpd] Possible DOS Attack

> Date: Friday, May 20, 2016 16:09:58 -0700 > From: Kurtis Rader > > On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand > wrote: > >> In the last 2 days we have received roughly 1milion of the >> following requests. Just to confirm, is this a DOS

Re: [users@httpd] Possible DOS Attack

On Fri, May 20, 2016 at 4:00 PM, Roman Gelfand wrote: > In the last 2 days we have received roughly 1milion of the following > requests. Just to confirm, is this a DOS attack? > > 191.96.249.52 - - [20/May/2016:18:19:22 -0400] "POST /xmlrpc.php HTTP/1.0" > 500 251 "-"

[users@httpd] Possible DOS Attack

In the last 2 days we have received roughly 1milion of the following requests. Just to confirm, is this a DOS attack? 191.96.249.52 - - [20/May/2016:18:19:22 -0400] "POST /xmlrpc.php HTTP/1.0" 500 251 "-" "Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)" 191.96.249.52 - -

Re: [users@httpd] old solaris box (but heavily used)

On Thu, 2016-05-19 at 11:03 -0500, james pruett wrote: > Hi, > > > My boss wants us to provide a redirect page for use during > site-maintanance. > > > I assume this means I need to add mod_rewrite. Nothing remotely so complex! Just put your maintenance page somewhere, and start the server

RE: [users@httpd] old solaris box (but heavily used)

Well (as my last email for today), I would stick to the Apache 2.0 instance that you have. Use your "LoadModule" command in that (Apache 2.0) config file -- and make sure it's mod_alias.so that you are loading, not mod_rewrite.so (although that doesnt hurt to have). Test the configuration

Re: [users@httpd] old solaris box (but heavily used)

Honestly - since you asked such an open-ended question: since you would have to recompile, upgrade to a more recent version. Is this machine also SunOS 5.10? I think you should be able to go all the way up to 2.4. - Y On Fri, May 20, 2016 at 4:40 PM, james pruett wrote: >

Re: [users@httpd] old solaris box (but heavily used)

so, what would you do? thanks for the help. I really appreciate it. jim On Fri, May 20, 2016 at 3:33 PM, Scott Birl wrote: > Read the error more carefully: Invalid command 'LoadModule' > > It's not complaining about missing modules, it's complaining about the > Apache

RE: [users@httpd] old solaris box (but heavily used)

Read the error more carefully: Invalid command 'LoadModule' It's not complaining about missing modules, it's complaining about the Apache directive itself "LoadModule", and now I see why... Your output here differs from your earlier output Most recent post:

Re: [users@httpd] old solaris box (but heavily used)

Your original email said you were using HTTPD 2.0.63. Your last email says you are using HTTPD 1.3.37. In 1.3 you needed to have mod_so loaded in order to use LoadModule which would require recompiling since you don't already have it. - Y On Fri, May 20, 2016 at 4:20 PM, james pruett

Re: [users@httpd] old solaris box (but heavily used)

It can't find it. I tried all of these one at a time, and they all error as shown -httpd.conf--- # Example: # LoadModule foo_module libexec/mod_foo.so LoadModule rewrite_module libexec/apache2/mod_rewrite.so LoadModule rewrite_module libexec/mod_rewrite.so LoadModule

RE: [users@httpd] old solaris box (but heavily used)

It should be similar to the grep example you had earlier, so: LoadModule rewrite_module libexec/mod_rewrite.so From: james pruett [mailto:gpscru...@gmail.com] Sent: Friday, May 20, 2016 1:57 PM Cc: users@httpd.apache.org Subject: Re: [users@httpd] old solaris box (but heavily

Re: [users@httpd] old solaris box (but heavily used)

Thanks for continued help! Do I add this or this? LoadModule rewrite_module modules/mod_rewrite.so LoadModule rewrite_module libexec/mod_rewrite.so mod_rewrite.so exists in both places already--- mktpricing:/usr % find -L apach* -name mod_rewrite.so | xargs

RE: [users@httpd] old solaris box (but heavily used)

James: https://httpd.apache.org/docs/2.0/mod/mod_alias.html#redirect mod_alias for Redirect or RedirectMatch And since you have dynamic loading of modules enabled, yes, you can "turn on" the alias module without the need of re-compiling Apache from scratch. From: james pruett

Re: [users@httpd] Fwd: old solaris box (but heavily used)

If you have the correct mod_rewrite.so file available you don't need to compile anything. If you need to make changes to the server configuration, you will need to restart the server process. If you are making the rewrite changes in an htaccess file, you don't need to restart anything (as long as

[users@httpd] Fwd: old solaris box (but heavily used)

Hi, How do I provide a redirect page during site maintenance? Is anyone available for some help? Thanks Jim Pruett

[users@httpd] event MPM documentation

Looking at the event MPM and MaxRequestWorkers documentation it looks like it has been updated a bit to me. More informative. Thanks for doing that