Hello Everyone,
I am researching how to run PHP as CGI with Apache's Suexec module. Up to
this point we have been using PHP as an Apache mod, but are looking to move
to the more secure solution.
I am not sure this is exactly the right list top post to so if anyone knows
a better one please
, 2009 11:21 AM
Subject: [us...@httpd] Re: iFrame Injection Blocking
Grant Peel wrote:
Can this be done on the server side somehow, or is an iFrame completely
loaded by the browser (i.e. doe the content pas through the server first,
or is it cmpletely pulled by the client?).
An IFrame
Hi all,
I originally posted this to the PHP mailing list with, so far, less than
helpful results. I am not a fan of cross-posting, but I suspect there may be
a few ISP support / server admins who may be interested in this offer.
Good Morning / Afternoon,
We run several of our own servers:
-
From: Justin Pasher [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Wednesday, September 10, 2008 10:18 PM
Subject: RE: [EMAIL PROTECTED] Logs
-Original Message-
From: Grant Peel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 10, 2008 6:54 PM
To: users@httpd.apache.org
]
To: users@httpd.apache.org
Sent: Thursday, September 11, 2008 6:10 PM
Subject: Re: [EMAIL PROTECTED] Logs
Grant Peel wrote:
Hi Justin,
Thanks for the reply. FYI I am using UNIX (freebsd).
Up tp this point, I have been using an sh script to rotate logs.
The logs in question are the access_log
Hi all,
I am investigating useing apache rotatelogs pipe. My servers have about 250
virtual domains each on them, so I am curious about a couple of things:
How are people in a similar setup handling remove logs (so they dont build
up forever), say after 2 months?
Does piping the data
. [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Tuesday, July 29, 2008 11:34 PM
Subject: Re: [EMAIL PROTECTED] Here's a new one (to me).
Grant Peel wrote:
index.html = 1401 bytes.
?
Well that's good, you have to understand that without proxy module
enabled,
these are /local/ requests
to try and track down an
offending script?
-Grant
- Original Message -
From: Joshua Slive [EMAIL PROTECTED]
To: users@httpd.apache.org; Grant Peel [EMAIL PROTECTED]
Sent: Wednesday, July 30, 2008 5:40 PM
Subject: Re: [EMAIL PROTECTED] Here's a new one (to me).
On Wed, Jul 30, 2008 at 4
Hi all,
Just when you thought you'd seen it all.
On this past Saturday, my server started seeing sporadic spikes in CPU
usage. As it turns out, somehow, some bot or something somewhere is
connecting to me server and relaying messages to another server. The logs
below have been Googled
index.html = 1401 bytes.
?
-Grant
- Original Message -
From: William A. Rowe, Jr. [EMAIL PROTECTED]
To: users@httpd.apache.org
Sent: Tuesday, July 29, 2008 7:46 PM
Subject: Re: [EMAIL PROTECTED] Here's a new one (to me).
Grant Peel wrote:
On this past Saturday, my server started
Hi all,
We have been using Webalizer for a number of years now and it has been a
decent tool, but alas, seems to have stagnated from a development
standpoint.
I curious what everyone is using these days for analyzing Apache logs?
- Virtual Sites (per domain config),
- Can do incremental
Hi Guys,
I Have no plans to write any applications to Send or Receive RSS Feeds.
The (clients) who asked me about it understand the developing the xml
scripts just wanted to know if the server is capable.
That was my priginal question : Does apache (or php for that matter) need
any special
His all,
I am running apache 2.x.x on all my FreeBSD servers.
Is there anything special that needs to be done to allow users to start using
RSS feeds? (MIME Types XML etc).
-Grant
- Original Message -
From: Joshua Slive [EMAIL PROTECTED]
To: users@httpd.apache.org; Grant Peel [EMAIL PROTECTED]
Sent: Monday, March 31, 2008 7:47 AM
Subject: Re: [EMAIL PROTECTED] Logging Denied Referrers
On Sun, Mar 30, 2008 at 8:32 PM, Grant Peel [EMAIL PROTECTED] wrote
Hi all,
As mentioned in previous emails, I am trying to deny access via SetEnvIf
statements in my httpd.conf (to block smap bots / email harvesters etc.
I have two questions:
1. My server has several hundred VirtualHost directives. When the SetEnvIf
statements are just placed in the main
Directory /
Order Allow,Deny
Allow from all
Deny from env=block_bad_bots
/Directory
-Grant
- Original Message -
From: Joshua Slive [EMAIL PROTECTED]
To: users@httpd.apache.org; Grant Peel [EMAIL PROTECTED]
Sent: Sunday, March 30, 2008 12:53 PM
Subject: Re: [EMAIL PROTECTED
Order allow,deny
Allow from all
/Directory
-Grant
- Original Message -
From: Joshua Slive [EMAIL PROTECTED]
To: users@httpd.apache.org; Grant Peel [EMAIL PROTECTED]
Sent: Sunday, March 30, 2008 5:43 PM
Subject: Re: [EMAIL PROTECTED] Logging Denied Referrers
On Sun, Mar 30, 2008 at 3
Hi all,
I am being hit with a number of spam bots (email address harvesters) and have
implimeted some deny referrers ruls as a short term fix.
Does anyone know of any permanent long term fixes?
-Grant
] Spambots
Grant Peel wrote:
Does anyone know of any permanent long term fixes?
Lift off and nuke 'em from orbit.
It's the only way to be sure.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
I have visited a few lists that help make up my current spam bot deny list.
Can anyone reccomend a list thats reliably well written and
up -to-date/updated frequently?
-Grant
- Original Message -
From: Joshua Slive [EMAIL PROTECTED]
To: users@httpd.apache.org; Grant Peel [EMAIL
eggdropp is an irc bot. You need to kill this, unless you know it is something
different. Also, check your system, you have been breached.
-Grant
- Original Message -
From: Liz Kim
To: users@httpd.apache.org
Sent: Thursday, January 03, 2008 2:30 PM
Subject: Re: [EMAIL
Hi all,
I have a client for whom I have added about 500 301 redirects in thier
VirtualHost container. The server has about 200 VirtualHosts total.
What kind of performance issues would one think all those redirects have on
the whole (Apache) server?
-Grant
Hi all,
I have asked this question before, but not with as much detail as I hope to
provide below. FOr those who have read this before, feel free to
skip/delete.
I am running:
Server version: Apache/2.2.3
Server built: Oct 27 2007 21:17:49
(Prefork)
on
FreeBSD 6.2
And am wondering which
cd /usr/ports/www/apache22
make install clean
done
-Grant
- Original Message -
From: Bhakta
To: users@httpd.apache.org
Sent: Monday, November 26, 2007 4:57 AM
Subject: [EMAIL PROTECTED] apache2.2
Hi List
How do I install apache2.2.6 in freeBSD through ports.
Hi all,
Suppose one had a server that is currently parsing all file for server side
includes, php etc, and one wanted to make it so that a .htaccess file in the
web root of a few virtual hosts parsed all files, but the rest of the
virtual hosts only parsed shtml, how would one accomplish such
: [EMAIL PROTECTED] .htaccess and Server Side Includes
-Original Message-
From: Grant Peel [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 21, 2007 4:04 PM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] .htaccess and Server Side Includes
Hi all
Hi all,
Does any one have any good tips on makeing apache lean and mean from a
memory perspective?
I am using apaceh 2.2 on FreeBSD 6.2.
Each one of my deamons is using about 1.8 - 2.5 % of available memory. (1
GB).
-Grant
Hi all,
I have a 400 MB resuorce.pag file, and a resourse.dir directory in my /tmp
folder. It appears something is accessing them as I can see the files
timestamp updated.
Are they truely Apache files? DO I need to keep them? Can I delete them?
Any answers will be appreciated.
-Grant
Hi all,
I have what I would call a moderately busy server. It processes about 10
million hits per month. It is a virtual server with about 150 domains on it.
I am seeing a pretty constant cpu load of about 0.5 - 2.0 on the UNIX CPU
(1-5-15 ave) method. At any given time, 5 - 20 domains are
Hi all,
I have a security company hounding me to turn of HTDigest.
Any idea how?
Words of wisdom ... please.
-Grant
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
Understood,
BUT suexec will not allow a script to be written to outside the users home
directory ... right?
-Grant
- Original Message -
From: Joshua Slive
To: users@httpd.apache.org ; Grant Peel
Sent: Monday, October 22, 2007 11:12 AM
Subject: Re: [EMAIL PROTECTED] php
Hi all,
I recently installed mod_security and noticed that it would not write to the
server logs (the main server logs in /var/log), until I gracefully restarted
apache. After reviewing that, I noticed that none of the other files were
being written to as well (httpd-access.log,
Hi again all,
Has anyone on this had succees setting up php to use (apache) suexec?
If I am reading things right, it appears that php must be run as CGI and
then it will use the built in (Apache2) suexec wrapper in the same fassion
as perl does.
If the above is correct I am looking for a
, it does not do that. PLEASE correct me if I am wronge!
-Grant
- Original Message -
From: Matthew A. Bockol
To: users@httpd.apache.org ; Grant Peel
Sent: Monday, October 22, 2007 10:29 AM
Subject: Re: [EMAIL PROTECTED] php and suexec
Hi Grant,
You might also consider
Hi all,
I installed mod_security yesterday on one server and am in the process of
debugging.
Along with mod_security itself, I have installed a number of rules, most of
which are not causing any issues. The two below are causing some problems
though:
Number one seems to do its job too well as
- Original Message -
From: Tony Guadagno
To: users@httpd.apache.org ; Grant Peel
Sent: Sunday, June 24, 2007 10:37 PM
Subject: Re: [EMAIL PROTECTED] Mod Deflate and PDF
Grant,
I don't know why, but I can confirm that it does break pdf's I have had to
exclude them, I have had
Hi all,
It seems mod deflate may be causing some older versions of windows (98, 2000)
to cracsh when pdf's are accessed.
Does any one know of this and any patches/workarounds that might help?
I am running FreeBSD 6.2 and apache 2.2.3.
Mime types pehaps?
-Grant
)$ no-gzip dont-vary
Any ideas why the logs appear broken?
-Grant
- Original Message -
From: Grant Peel
To: users@httpd.apache.org
Sent: Sunday, June 24, 2007 12:42 PM
Subject: [EMAIL PROTECTED] Mod Deflate and PDF
Hi all,
It seems mod deflate may be causing some
part of what the point of certificates is (along with encypting data) is to
ensure you are connecting to the domain for which the cert was issued.
mydomain.com is NOT the same in ssl as www.mydomain.com.
The data (assuming the users says 'yes, continue to the site' in thier browser
(when they
Josh, + all
Here are the ones in Intend on removing, please see comments below and let me
know if my logic is flawed.
- Original Message -
Virtual Hosting - about 250 domains
PHP, mostly x-cart, and Forums Invision Board and phpBB
MySQL (accessed mostly via PHP)
static html
Hi all,
my server has been running at a rather high load lately, as well as swapping a
bit.
I was thinking its time to consider removing some of the DSO entries. (See list
of loading modules below).
Here is what the server is used for:
Virtual Hosting - about 250 domains
PHP, mostly x-cart,
- Original Message -
From: Joshua Slive
To: users@httpd.apache.org ; Grant Peel
Sent: Monday, May 14, 2007 10:04 AM
Subject: Re: [EMAIL PROTECTED] Leaner httpd
On 5/14/07, Grant Peel [EMAIL PROTECTED] wrote:
Hi all,
my server has been running at a rather high
Hi all,
I have added mod_gzip to my apache config a few weeks back.
Yesterday, the server pretty much locked up due to no disk space left on the
root filesystem.
It appears that with mod_gzip turned on, hundreds of *.wrk files are left in
the /tmp dir, eventually filling it up.
Does anyone
] mod_gzip
On 1 May 2007, at 19:28, Grant Peel wrote:
Does anyone know of a fix for this?
Yes. Upgrade to Apache 2.
You're using a 1998 server. Things have moved on since then.
Like, a clean compression architecture that eliminates the need
for crap like tempfiles.
--
Nick Kew
44 matches
Mail list logo