- On Dec 17, 2020, at 5:19 PM, Daniel Ferradal dferra...@apache.org wrote:
> Hey Bernd,
>
> I remember my first head scratches with regex, they can be so
> confusing and difficult to understand.
>
> Although I remember preciously the day https://regexone.com/ opened my
> eyes. It just
- On Dec 11, 2020, at 4:13 PM, Eric Covener cove...@gmail.com wrote:
> On Fri, Dec 11, 2020 at 10:06 AM Lentes, Bernd
> wrote:
>>
>> - On Dec 9, 2020, at 6:02 PM, Eric Covener cove...@gmail.com wrote:
>>
>> Hi Eric,
>>
>> thanks for your answ
- On Dec 9, 2020, at 6:02 PM, Eric Covener cove...@gmail.com wrote:
Hi Eric,
thanks for your answer.
Now i'm struggling with RewriteRule
^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
Most is clear. The content of the parentheses () like build, tests .. is
or-conjuncted by
Hi,
i just setup a Nextcloud instance in conjunction with OnlyOffice.
NC makes heavy use of mod_rewrite and i try to understand it.
mod_rewrite isn't easy, so i have some questions and hope for help:
1. Is a RewriteCond just valid for the consequent rule or for all consequent
rules ?
2.
- On Nov 27, 2020, at 4:58 PM, Stefan Eissing stefan.eiss...@greenbytes.de
wrote:
> If your client cannot connect, maybe it is old and wants to talk SSLv3 which
> is
> no longer supported?
>
Hi Stefan,
thanks for your answer.
That's what i assume. Isn't it possible to adapt the
Dear all,
in 20 years administrating linux hosts i always avoided it successfully to
change the SSlCipherSuite, hoping the default from Suse or Ubuntu would be fine
and secure.
But now i'm in the situation that i have to touch it for the first time, and
afraid of opening a big door because of
Hi,
i get each E-Mail to this list twice or even three times.
Do you have the same problem ?
Does anyone know what to do ?
Contact the list-admin ?
Bernd
--
Bernd Lentes
Systemadministration
Institute for Metabolism and Cell Death (MCD)
Building 25 - office 122
HelmholtzZentrum München
- On Sep 1, 2020, at 1:32 PM, Martin Drescher dresc...@inter.net wrote:
> Hi Bernd,
>
> very short answer to 1.:
> Yes, you want to write data there. Hence you need rite privileges. Make sure,
> privileges of www-data are restricted to that directory, you will be fine.
>
> Off topic
Hi,
i'm planning to install Nextcloud on an Ubuntu 20.04 with Apache.
But the recommendations from Nextcloud to configure Apache don't appeal to me.
1.
https://docs.nextcloud.com/server/19/admin_manual/installation/source_installation.html#installation-wizard
The recommendation is to change the
Hi,
DocumentRoot should not be writeable for the uid apache uses (wwwrun in our
case, it's a suse System). That is what i read everywhere. We have a
webapplication which creates pictures on the fly for delivery with PHP.
Is there a secure way for this scenario ?
Bernd
Bernd Lentes
Helmholtz
- On Feb 6, 2017, at 8:22 PM, Bernd Lentes
bernd.len...@helmholtz-muenchen.de wrote:
>> OK. I think i understand most of it.
>> First the attacker sets some values appropriate for him. Then he tries to
>> create
>> a file webconfig.txt.php and to write
>> in it.
>> Fortunately wwwrun
> OK. I think i understand most of it.
> First the attacker sets some values appropriate for him. Then he tries to
> create
> a file webconfig.txt.php and to write
> in it.
> Fortunately wwwrun can't write in /sr/www ... , following
> http://httpd.apache.org/docs/2.2/misc/security_tips.html
- On Feb 6, 2017, at 6:32 PM, Bernd Lentes
bernd.len...@helmholtz-muenchen.de wrote:
> - On Feb 6, 2017, at 5:54 PM, Jack Swan john.s...@oracle.com wrote:
>
>> The first line is trying to create the file webconfig.txt.php in your
>> DOCUMENT_ROOT directory, with the contents of the
- On Feb 6, 2017, at 5:54 PM, Jack Swan john.s...@oracle.com wrote:
> The first line is trying to create the file webconfig.txt.php in your
> DOCUMENT_ROOT directory, with the contents of the file being:
>
>
>
> I didn't decode the remaining lines. I think they're just trying to do the
>
> The first line is trying to create the file webconfig.txt.php in your
> DOCUMENT_ROOT directory, with the contents of the file being:
>
>
>
> I didn't decode the remaining lines. I think they're just trying to do the
> same
> thing.
>
Fortunately there is no webconfig.txt.php. And all
- On Feb 6, 2017, at 5:45 PM, Daniel dferra...@gmail.com wrote:
> Actually now that I re-read the requests it also looks as shellshock succesful
> attempt.
> Operative system software not updated recently either?
> 2017-02-06 17:42 GMT+01:00 Daniel < dferra...@gmail.com > :
>> Have you
- On Feb 6, 2017, at 5:14 PM, Bernd Lentes
bernd.len...@helmholtz-muenchen.de wrote:
> Hi,
>
> just in the moment i found two very weird entries in may access_log:
>
> 91.200.12.33 - - [06/Feb/2017:16:43:26 +0100] 236 "GET
>
Hi,
just in the moment i found two very weird entries in may access_log:
91.200.12.33 - - [06/Feb/2017:16:43:26 +0100] 236 "GET
Hi,
i'd like to use mod_rewrite, but i have some problems in understanding it.
- RewriteRule pattern subtitution [flags]:
Is substitution always an URL ? Also in cases when pattern is matched against
the filesystem path ?
Is a RewriteRule always applied to an URL, meaning the URL will change
Hi,
we have a problem. We want to test perlscripts in apache with two different
perl versions. The two versions don't have to exist concurrently, a manual
switching between them is sufficient.
Any ideas ?
Bernd
--
Bernd Lentes
Systemadministration
Institut für Entwicklungsgenetik
Gebäude
Jeffrey E Burgoyne wrote:
I think i've been the victim of a DOS, realised with a SYN
Flood. I'm
not sure, but if yes, that's the first time.
Currently i try to understand what happened. I have an entry in
error_log which hit me on that idea:
[Sat Apr 23 15:19:02 2011] [error] server
Jeffrey E Burgoyne wrote:
Actually I think the behavior is the same, but the entry
in the logs
is different. I know in 1.3 it was chronological, which
leads me to
believe it was actually the finish time not the end time.
Where is the difference between the finish time and the
Hi,
we have an Apache 1.3.27. Some entries in the access_log are not chronological,
e.g.:
146.107.x.x - - [23/Apr/2011:22:01:03 +0200] GET / HTTP/1.0 200 1456
146.107.x.x - - [23/Apr/2011:22:01:03 +0200] GET / HTTP/1.0 200 1456
146.107.x.x - - [23/Apr/2011:22:01:03 +0200] GET / HTTP/1.0 200
Jeffrey E Burgoyne wrote:
The time listed is the time the request was received and the
order is based on the time it finished is the most likely
culprit. Requests taking longer will cause this.
You can verify by adding %T parameter to your logging as that
gives you the time it took to
Jeffrey E Burgoyne wrote:
Actually I think the behavior is the same, but the entry in
the logs is different. I know in 1.3 it was chronological,
which leads me to believe it was actually the finish time not
the end time.
Where is the difference between the finish time and the end time ?
hello,
we created a website with content which should be presented differently,
according to group-membership.
We did this with AuthGroupFile in a .htaccess.
For static html-pages it worked fine. We want now to generate dynamic content.
In php it's possible to find the username with
hello ML,
i'm new to Apache. We have an apache 2.0.50 running on a SuSE 9.2 box.
The problem is, that the partition on which htdocs resides has very
little diskspace left. But we have to put a lot of webpages online.
There is space left (enough) on other partitions.
What is better, espacially
hello,
the easist solution is always the best.
I will do that.
Thanks.
Bernd
-Original Message-
From: Tony Stevenson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 13, 2007 1:13 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] symlink or alias - what is safer ?
hello ML,
i have an apche 2.0.50 running, which stopped logging. For me without
any clear reason.
First i thought about problems with logrotate, but logrotate runs at
4.15 am, and logging stopped at 16.28 pm. I'm sure that logging stopped,
because i have a tool running on another box checking
29 matches
Mail list logo