Re: [users@httpd] Stripping trailing slashes (again)

erb (GET) and the version.) A possible solution that I see is to make the first '/' explicit. adding it both to the regexp and to the replacement string: RewriteRule ^/(.*)/+$ https://linuxsecurity.com/$1 [R=301,L] Alternatively, use '+' instead of '*' (meaning 1 or more ti

Re: [users@httpd] RewriteRule and priorities

they will be applied at run-time." Maybe you are missing processing flags, such as "L" or "END". Flags are documented in more details here: https://httpd.apache.org/docs/2.4/en/rewrite/flags.html Note that you can turn on logging, see https://httpd.apache.org/docs/2.4

Re: [users@httpd] Online page not affected by css

ype" header is present in the response, b) A "X-Content-Type-Options: nosniff" header is present. As such, the content type cannot be auto-detected by the browser. BTW, HTTPD 2.4.54 has been released a week ago. Best regards, Konstantin Kolinko -

Re: [users@httpd] Linking a third party library with httpd during installation

./libxxx" as the command. https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_09_01 Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Stupid question on mod_header

cs, if you read carefully, but I agree that it is subtle. https://httpd.apache.org/docs/2.4/en/mod/mod_headers.html#header Essentially, (as far as I am reading it), "onsuccess" and "always" are just names of two separate tables (lists) of headers

Re: [users@httpd] X-Frame-Options and security

t;SAMEORIGIN" > Header set X-Content-Type-Options "nosniff" > Header always set Strict-Transport-Security "max-age=63072000; > includeSubDomains" > Header set Feature-Policy "geolocation 'self'; vibrate 'none'" > Hea

Re: [users@httpd] Apache 2.4 mod_ldap does not appear to support SNI for authentication against LDAPS servers

29f9d83129db0da017e0fe5a0a27c8 Thus I guess that the answer to your question is "not yet". Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] git push to apache produces return code 22

gt; AuthGroupFile "/usr/local/etc/apache24/git-htgroup-file" > Require valid-user > =~ m#/git-receive-pack$#"> > Require group gitwrite > > 5. The "Require" directive is used twice here as well. > I am not getting anything in the apache log files. 6

Re: [users@httpd] Can't get X-Forwarded-For to be passed through to app with apache reverse proxy

st be missing some magic apache configuration setting. In case of AJP protocol, the remote IP address is transmitted as part of the protocol packet and does to require configuration at Tomcat side. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Remote_Port not recognized by SetEnvIf?

omes out empty this way ^^^ Maybe try SetEnvIfExpr directive instead of SetEnvIf? http://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvifexpr The Bugzilla ticket that introduced the REMOTE_PORT support in 2.4.26: https://bz.apache.org/bugzill

Re: [users@httpd] X-Forwarded-For header is missing

ccess Log and can be logged with %{xxx}i http://tomcat.apache.org/tomcat-8.5-doc/config/valve.html#Remote_IP_Valve (BTW, it is odd how you place your "ProxyAddHeaders On" directive at the top of the file. My expectation is that the directive should be moved below relevant "LoadModu

Re: [users@httpd] X-Forwarded-For header is missing

tive? http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyaddheaders Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] RewriteRule : Altering the current protocol

guring redirects httpd behind a TLS-terminating proxy Jan 23, 2017 2:07:13 pm Solved by configuring ServerName to include https protocol. http://httpd.apache.org/docs/2.4/mod/core.html#servername Best regards, Konstantin Kolinko -

Re: [users@httpd] How to benchmark ChaCha20-Poly1305 capable websites using Apache Benchmark (ab) tool?

the ECDHE-ECDSA-CHACHA20-POLY1305 suite. > > Any tips would be much appreciated! > > Btw, I asked the same question on superuser.com, here: > > https://superuser.com/questions/1231720/how-to-benchmark-chacha20-poly1305-capable-websites-using-apache-benchmark-ab > Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Odd Date in http2 header

uot;No other change to the httpd.conf file", what caused the difference in ETag value? 3. Overall, this is strange. If you do an HTTP/1.1 request (using curl without "--http2" flag), does it respond with a correct Date header? 4.

Re: [users@httpd] Lock down backuppc to an ip, and too ensure that an htpassword is presented

2017-03-31 13:48 GMT+03:00 Brent Clark : > Good day Guys > > Im trying to ensure a 'belt and braces' security solution for my backuppc. > > What Im trying to do is ensure a that I lock down backuppc to an ip, and > too ensure that an htpassword is presented. > > Please

Re: [users@httpd] Hiding Apache version info on the Aix server for Apache.

u spelling. Copy-paste from documentation, if possible. Try to search if other configuration files define those directives. (The files included into main httpd.conf file with "Include" directive). Best regards, Konstantin Kolinko

Re: [users@httpd] Error nghttp2 version is too old

The source code: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http2/config2.m4?revision=1779742=markup#l124 > AC_MSG_CHECKING([for nghttp2 version >= 1.2.1]) Just prints the "Checking..." message. The actual check is below - compilation of some snippet. >

Re: [users@httpd] Configuring redirects httpd behind a TLS-terminating proxy

t=13116506531=1=2 -> Implementation: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/http/http_core.c?revision=1757669=markup#l113 -> Calls r->server->server_scheme ) Best regards, Konstantin Kolinko -

Re: [users@httpd] HTTPD 2.4.25 crash in mod_proxy (ajp)

BCC: Steffen I did quick tests to verify whether shutdown issues are related to mod_proxy. They are not related. 2016-12-23 15:01 GMT+03:00 Konstantin Kolinko <knst.koli...@gmail.com>: > > 2. Oddities at shutdown that I also mentioned are still there. > > I mean the following

Re: [users@httpd] HTTPD 2.4.25 crash in mod_proxy (ajp)

rent: Child process 4356 exited successfully. ]]] The "Apache server interrupted..." line appears in the middle of the file, overwriting some of existing text. Usually I do not run HTTPD in console mode (httpd.exe -w), so I do not know whether this logging oddity is a new issue. Be

Re: [users@httpd] HTTPD 2.4.25 crash in mod_proxy (ajp)

the server. [Fri Dec 23 02:31:15.882252 2016] [mpm_winnt:notice] [pid 2484:tid 352] AH00431: Parent: Forcing termination of child process 1848 Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] HTTPD 2.4.25 crash in mod_proxy (ajp)

n looks like the following: ProxyRequests off ProxyPass ajp://127.0.0.1:8009/foo # Auth and Require directives here... ProxyPass ajp://127.0.0.1:8009/bar # Auth and Require directives here... Best regards, Konsta

[us...@httpd] Re: Apache Tomcat/httpd websites problem ?

/2.3.3 Apache/2.3.5 (Unix) mod_ssl/2.3.5 OpenSSL/0.9.7d mod_fcgid/2.3.2-dev Server at tomcat.apache.org Port 80 Apache/2.3.3 (Unix) mod_ssl/2.3.3 OpenSSL/0.9.7d mod_fcgid/2.3.2-dev Server at tomcat.us.apache.org Port 80 Best regards, Konstantin Kolinko