a simple vhost and put a RewiteRule that (for reasons that I
> don't
> know) it didn't like, then it returned a failure. When I put it back
> together,
> I'll build up httpd.config slowly.
>
> Thanks,
> Mike.
> --
> Michael D. Berger
> m.d.ber...@ieee.org
&
Was the index.html file modified in anyway? Did it call the executable? Any
rewrites or any other files added to the path index.html resided?
Sent from my iPhone
> On Jan 4, 2016, at 8:21 PM, Michael D. Berger wrote:
>
> It was not overwritten. If you looked on the
You could potentially deny legitimate users access. I limit so many
connections per second per source IP. If I knew I were getting a ton of
traffic from a University I would have to adjust it accordingly.
The setting in pfsense is Maximum new connections / per second(s) -
that's per IP. My
Truthfully, I've always limited connections from the source IP via a
firewall before the traffic is even passed to apache.
On 08/01/2013 04:39 AM, Grant wrote:
Two different things come to mind. Kingcope found an Apache
byterange
vulnerability and the PoC code he wrote for it exhausts the
Burp Suite will do exactly this.
http://portswigger.net/burp/
On 07/31/2013 06:04 AM, Robin Becker wrote:
Not sure if I am using the right terminology, but I want to create a
forward proxy that will allow me to substitute locally controlled
content for some of the requests eg a specific remote
Two different things come to mind. Kingcope found an Apache byterange
vulnerability and the PoC code he wrote for it exhausts the resources on
a server running Apache. Only 1 instance of his perl script had to be
ran. LOIC is another that could possible DoS your server from one
source.
You can always compile from source ;)
What version of Apache are you running?
On 07/29/2013 02:59 AM, Grant wrote:
Was it just an IP exhausting the apache service with too many
connections? What do you see in the access logs? I use OSSEC HIDS on
my apache servers to mitigate this.
In the
The only reason I asked was because I had done this before and had
the virtualhost created for port 443 but forgot to a2ensite on the
virtualhost.
On 07/29/2013 02:59 AM, Yuvapriya s wrote:
Yes.. I
have configured Vhosts for port 443..
On Fri, Jul 26, 2013 at 2:56
PM, Michael D. Wood m
Also, you should be able to limit simultaneous client connections with
your firewall and pass the traffic in a syn proxy state. There are
numerous ways to achieve this.
On 07/29/2013 03:18 AM, Michael D. Wood wrote:
You can always compile from source ;)
What version of Apache are you running
You wouldn't keep a syn proxy rule enabled all the time; only under a
DoS attack. You could also implement ModSecurity.
On 07/29/2013 02:07 PM, Grant wrote:
Also, you should be able to limit simultaneous client connections
with your
firewall and pass the traffic in a syn proxy state. There
Was it just an IP exhausting the apache service with too many connections?
What do you see in the access logs? I use OSSEC HIDS on my apache servers to
mitigate this.
--
Sent from my mobile device
Michael D. Wood
www.itsecuritypros.org
Grant emailgr...@gmail.com wrote:
My server has 4GB RAM
Do you have a virtual host configured for the site SSL/443?
On
07/26/2013 05:15 AM, Yuvapriya s wrote:
Hi
We had done split
deployment of apache and tomcat and we are trying to configure ssl on
apache.
Modified the httpd_ssl.conf file and uncommented the lines to
include mod_ssl.so
The new wireless router is configured the same way as your old
router was? As in, the same network configuration and I'm assuming the
server you have Apache running on has a static ip in the same network?
Not much that has to change - port forward to your server running
Apache.
What are you
13 matches
Mail list logo