Re: [users@httpd] Redirecting based on IP

Hi, The next steps I'd like to do is to redirect anyone not in that RequireAll statement to be redirected to the production site. Is this possible? Perhaps a RewriteCond that depends upon certain IPs, then otherwise redirects to the production site? I don't think relying on the IPs is a

Re: [users@httpd] Require paramater

On 5/13/24 15:42, Chris me wrote: The Apache docs recommend dong this to setup a default deny to file locations:     Require all denied Do I do that in httpd.conf or do I add that to each entry? If you do it in httpd.conf (which I assume would be a server-wide scope for you), it

Re: [users@httpd] Redirecting based on IP

Hi, The staging site is even protected with a RequireAll statement for the DocumentRoot based on the IP, which then results in a 404 and other errors in GSC. That sound wrong. If your RequireAll was working as advertised, should it not return a 403? Yes, it does - my mistake. The next

Re: [users@httpd] Directory Trailing Slash When Behind Load Balancer

On Tue, May 14, 2024 at 6:07 PM Gavin Spomer wrote: > > Hello, > > I recently migrated my Apache web server from FreeBSD to Ubuntu Server and > found an issue with URLs that point to a directory, but don't include the > trailing slash, when going through our institution's load balancer. If I >

Re: [users@httpd] Redirecting based on IP

On Thu, May 16, 2024 at 1:15 AM Dave Wreski wrote: > > Hi, > [...] > The staging site is even protected with a RequireAll statement for the > DocumentRoot based on the IP, which then results in a 404 and other errors in > GSC. That sound wrong. If your RequireAll was working as advertised,

Re: [users@httpd] Redirecting based on IP

On 5/15/24 19:15, Dave Wreski wrote: Hi, Google insists that one of our staging sites needs to be indexed despite "disallow" in robots.txt and a half-dozen other methods for preventing Google from indexing it (including submitting it for removal from their index). The staging site is even

[users@httpd] Redirecting based on IP

Hi, Google insists that one of our staging sites needs to be indexed despite "disallow" in robots.txt and a half-dozen other methods for preventing Google from indexing it (including submitting it for removal from their index). The staging site is even protected with a RequireAll statement

RE: [users@httpd] http ok, https Forbidden

> > we have a apache 2.4.59 running on windows for an internal page. > Now we would like to use https instead of http > > Opening the url via http works, > when I use https I get > > Forbidden > You don't have permission to access this resource. > > I activated the debug level and see this

[users@httpd] http ok, https Forbidden

Hello, we have a apache 2.4.59 running on windows for an internal page. Now we would like to use https instead of http Opening the url via http works, when I use https I get Forbidden You don't have permission to access this resource. I activated the debug level and see this lines [Wed May 15

[users@httpd] Directory Trailing Slash When Behind Load Balancer

Hello, I recently migrated my Apache web server from FreeBSD to Ubuntu Server and found an issue with URLs that point to a directory, but don't include the trailing slash, when going through our institution's load balancer. If I access directly (not going through the load balancer), everything

Re: [users@httpd] Apache HTTP Server 2.4 EOL

There is no planned EOL for 2.4, but you should always be on the most recently released version - currently 2.4.59 - or possibly on a version maintained by your OS distribution to keep up with the latest security patches. On Mon, May 13, 2024 at 10:50 PM Ehmann G wrote: > i tried searching on

[users@httpd] Apache HTTP Server 2.4 EOL

i tried searching on Google for the end-of-life support information for Apache HTTP Server 2.4 but couldn't find any useful results. I also checked the Apache website but didn't find any details on this topic. Does anyone have any relevant information?

[users@httpd] Require paramater

The Apache docs recommend dong this to setup a default deny to file locations: Require all denied Do I do that in httpd.conf or do I add that to each entry?

Re: [users@httpd] Multi site SSL problems

On Fri, May 10, 2024 at 5:53 PM Tatsuki Makino wrote: > Hello. > > By the way, do you have the setting enabled to use the Host header used to > switch NameVirtualHost during TLS negotiation? > I don't know how to do that since the Japanese documentation is rarely > updated :) > Were those things

Re: [users@httpd] Multi site SSL problems

Hello. By the way, do you have the setting enabled to use the Host header used to switch NameVirtualHost during TLS negotiation? I don't know how to do that since the Japanese documentation is rarely updated :) Were those things implemented? Regards.

Re: [users@httpd] Multi site SSL problems

On Fri, May 10, 2024 at 4:10 PM John wrote: > On Fri, 2024-05-10 at 15:48 -0400, Sean Conner wrote: > > It was thus said that the Great Chris me once stated: > > > I set up each entry with but when I do that, the > > > second site will complain that the cert is for site1. So if I go to > > >

Re: [users@httpd] Multi site SSL problems

On Fri, 2024-05-10 at 15:48 -0400, Sean Conner wrote: > It was thus said that the Great Chris me once stated: > > I set up each entry with but when I do that, the > > second site will complain that the cert is for site1. So if I go to > > site2.com, I get a browser error that the cert is for

Re: [users@httpd] Multi site SSL problems

It was thus said that the Great Chris me once stated: > I set up each entry with but when I do that, the > second site will complain that the cert is for site1. So if I go to > site2.com, I get a browser error that the cert is for site1. It will show > me the content for site1. On my

RE: [users@httpd] Multi site SSL problems

I found NameVirtualHost *:443 was commented out in ports.conf, I changed that. Now I am back to the ssl protocol error for the second site. From: Chris me Sent: Friday, May 10, 2024 8:40 AM To: users@httpd.apache.org Subject: RE: [users@httpd] Multi site SSL problems I set up each entry

RE: [users@httpd] Multi site SSL problems

it still apply? It does not look like mod_access_compat is listed under mods-enabled From: Frank Gingras Sent: Thursday, May 9, 2024 4:12 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Multi site SSL problems On Thu, May 9, 2024 at 6:54 PM Chris me mailto:phunct...@hotmail.com>> wro

Re: [users@httpd] Multi site SSL problems

On Thu, May 9, 2024 at 6:54 PM Chris me wrote: > Hi, I am having an issue trying to get multiple sites with their own SSL > cert. I purchased AlphaSSL certs for them. > > The strange thing, the first cert works, the second gives me an > ERR_SSL_PROTOCOL_ERROR, but only on some systems. > > > >

[users@httpd] Multi site SSL problems

Hi, I am having an issue trying to get multiple sites with their own SSL cert. I purchased AlphaSSL certs for them. The strange thing, the first cert works, the second gives me an ERR_SSL_PROTOCOL_ERROR, but only on some systems. This is what I am using now: ( Site1 is fine, Site2 gives me the

[users@httpd] Re: How to Perform stateless restarts with checkpointing enabled

Please ignore this thread, I wanted to post this to a different Apache mailing list. Apologies. On Thu, May 9, 2024 at 2:49 PM Kartikey Pant wrote: > We have a source/sink mechanism which uses checkpoints for persistence and > can operate in a minor data loss scenario. Is there a method to use

[users@httpd] How to Perform stateless restarts with checkpointing enabled

We have a source/sink mechanism which uses checkpoints for persistence and can operate in a minor data loss scenario. Is there a method to use checkpoints (to enable use of those source/sink operators) while disabling stateful recovery during restarts? Our setup uses Flink 1.16.1 alongside Flink

[users@httpd] ap_trust_cgilike_cl changes in 2.4.59

Hello. The Apache httpd docs state that ap_trust_cgilike_cl was introduced in 2.4.59. However, changelogs for that version never make a mention of the variable, and the underlying change not to trust, say, PHP scripts with Content-Length headers, effectively disabling progress events on numerous

[users@httpd] RE: proxypass to next proxy

> > > On some production environment I am using this: > > > ProxyPass http://test.example.com/test > > ProxyRemote "http://test.example.com/test " "http://proxy.local.net:5000; ProxyPass http://test.example.com/test

[users@httpd] proxypass to next proxy

On some production environment I am using this: ProxyPass http://test.example.com/test But on development I can't access test.example.com, traffic needs to be routed through another proxy on a different port. How should I rewrite this so requests for /test -> test.example.com go via

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Wed, 17 Apr 2024 at 15:36, General Email wrote: > > > Anyways, I looked more on google and I think that I have found what I was > looking for on this page: > https://gist.github.com/taoyuan/39d9bc24bafc8cc45663683eae36eb1a > Few days ago, I configured SSL and enabled HTTPS on Apache 2.4. It

Re: [users@httpd] Stripping query string except from specific URL

RewriteCond %{REQUEST_URI} !/resources/blog RewriteCond %{QUERY_STRING} ^start=\d+$ RewriteRule (.*)   /$1?    [L,R=301,QSD] [Sun Apr 28 15:40:02.614893 2024] ... rewrite 'resources/blog' -> 'index.php' [Sun Apr 28 15:40:02.614921 2024] ... internal redirect with

Re: [users@httpd] Stripping query string except from specific URL

On Sun, Apr 28, 2024 at 4:05 PM Dave Wreski wrote: > Hi, > > I'm really quite stuck and hoped you could help. > > My apologies - the output was from wget, as that's what I typically use. >> >> $ curl 'https://guardiandigital.com/resources/blog?start=48' >> >> >> 301 Moved Permanently >> >>

Re: [users@httpd] Stripping query string except from specific URL

Hi, I'm really quite stuck and hoped you could help. My apologies - the output was from wget, as that's what I typically use. $ curl 'https://guardiandigital.com/resources/blog?start=48' 301 Moved Permanently Moved Permanently The document has moved

Re: [users@httpd] Flexible Worker Configuration for Dynamic Shared Object (DSO) Deployment

On 18/04/2024 16:50, Sarkar Tarun Kumar (ETAS-SEC/XPC-Bo1) wrote: Hello, ... My requirement is treating one of the services, specifically Service4, differently. Apache should only spawn a single instance of Service4 and refrain from terminating the process until Apache server restarts.

Re: [users@httpd] Apache error logs of module "proxy_ajp" is not converting to JSON format

Hi, We have defined this pattern in httpd.conf file globally. And all other access logs and error logs are converting properly with the defined format. Only below log is not converting to JSON *[Tue Apr 16 06:06:20.902697 2024] [proxy_ajp:error] [pid 11056:tid 38644] (OS 10054)An existing

Re: [users@httpd] Stripping query string except from specific URL

On Wed, Apr 24, 2024 at 7:05 PM Dave Wreski wrote: > > 13 62.111.193.42 - - [24/Apr/2024:15:19:36 -0400] "GET /index.php >> HTTP/1.1" 200 33921 r:"-" "Wget/1.21.4" X:"SAMEORIGIN" 0/129431 >> 573/35481/33921 H:HTTP/1.1 U:/index.php gd443 s:200 >> > > It did exactly what you asked, yes. > >

Re: [users@httpd] Stripping query string except from specific URL

13 62.111.193.42 - - [24/Apr/2024:15:19:36 -0400] "GET /index.php HTTP/1.1" 200 33921 r:"-" "Wget/1.21.4" X:"SAMEORIGIN" 0/129431 573/35481/33921 H:HTTP/1.1 U:/index.php gd443 s:200 It did exactly what you asked, yes. Further, I asked you to use curl to see if you get redirected

Re: [users@httpd] Stripping query string except from specific URL

On Wed, Apr 24, 2024 at 4:58 PM Dave Wreski wrote: > Hi, > > We have a situation where we need to strip a query string from all URLs >>> except ones matching a particular pattern. However, when I try the rules >>> below, it redirects to the homepage for some reason. >>> >>> In this example, I'd

Re: [users@httpd] Stripping query string except from specific URL

Hi, We have a situation where we need to strip a query string from all URLs except ones matching a particular pattern. However, when I try the rules below, it redirects to the homepage for some reason. In this example, I'd like to strip off the query

Re: [users@httpd] Stripping query string except from specific URL

On Wed, Apr 24, 2024 at 12:43 PM Dave Wreski wrote: > Hi, > > We have a situation where we need to strip a query string from all URLs >> except ones matching a particular pattern. However, when I try the rules >> below, it redirects to the homepage for some reason. >> >> In this example, I'd

Re: [users@httpd] Stripping query string except from specific URL

Hi, We have a situation where we need to strip a query string from all URLs except ones matching a particular pattern. However, when I try the rules below, it redirects to the homepage for some reason. In this example, I'd like to strip off the query string from all URLs

Re: [users@httpd] MTLS Setup issue - Apache HTTP Server and Weblogic

On Mon, Apr 22, 2024 at 3:51 PM Daiya, Devendra singh wrote: > > SSLVerifyCLient require > SSLVerifyDepth 10 These directives apply to the client/browser connection, so you are effectively enabling mtls on the client side too, hence the error messages ("AH02008: SSL library error 1 in handshake

RE: [users@httpd] MTLS Setup issue - Apache HTTP Server and Weblogic

quot; \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 Regards, Devendra From: Frank Gingras Sent: Thursday, April 18, 2024 7:19 PM To: users@httpd.apache.org Subject: Re: [users@httpd] MTLS Setup issue - Apache HTTP Server and Weblogic On Thu, Apr

Re: [users@httpd] No more message

To unsubscribe, please follow the steps outlined here: https://httpd.apache.org/userslist.html On Sun, Apr 21, 2024 at 9:44 PM Dalibor Medvedović < dalibor.medvedo...@gmail.com> wrote: > I'm out of discussion >

[users@httpd] No more message

I'm out of discussion

[users@httpd] No more message

Thx.

Re: [users@httpd] Apache error logs of module "proxy_ajp" is not converting to JSON format

On Sun, Apr 21, 2024 at 7:57 AM Priyanshi Shah wrote: > > Hi, > > We have converted our Apache error logs to JSON format by defining the format > in httpd.conf file > > ErrorLogFormat "{"timestamp":"%{u}t", "ApacheModule": "%m", "level":"%l", > "ApacheProcessId": "%P", "ApacheThreadId": "%T",

[users@httpd] Apache error logs of module "proxy_ajp" is not converting to JSON format

Hi, We have converted our Apache error logs to JSON format by defining the format in httpd.conf file ErrorLogFormat "{"timestamp":"%{u}t", "ApacheModule": "%m", "level":"%l", "ApacheProcessId": "%P", "ApacheThreadId": "%T", "ApacheSourceFile":"%7F", "ErrorKind":"%E", "ClientIp":"%a",

Re: [users@httpd] Stripping query string except from specific URL

On Fri, Apr 19, 2024 at 11:16 AM Dave Wreski wrote: > Hi, > > We have a situation where we need to strip a query string from all URLs > except ones matching a particular pattern. However, when I try the rules > below, it redirects to the homepage for some reason. > > In this example, I'd like to

[users@httpd] Stripping query string except from specific URL

Hi, We have a situation where we need to strip a query string from all URLs except ones matching a particular pattern. However, when I try the rules below, it redirects to the homepage for some reason. In this example, I'd like to strip off the query string from all URLs except those

[users@httpd] Flexible Worker Configuration for Dynamic Shared Object (DSO) Deployment

Hello, I require a specific configuration for managing my Dynamic Shared Object (DSO) module within Apache. Currently, I have multiple services deployed on a RHEL7 Apache server, e.g. Service1, Service2, Service3, and Service4. Each service is implemented as a separate .so file: libService1.so,

Re: [users@httpd] MTLS Setup issue - Apache HTTP Server and Weblogic

On Thu, Apr 18, 2024 at 3:22 AM Daiya, Devendra singh wrote: > Hi Team, > > > > Need help in setting up MTLS between Apache HTTP server and Weblogic > server (App Server). > > > > I have gone through few links but those are not working. Post following > suggested steps I was able to start Apache

[users@httpd] MTLS Setup issue - Apache HTTP Server and Weblogic

Hi Team, Need help in setting up MTLS between Apache HTTP server and Weblogic server (App Server). I have gone through few links but those are not working. Post following suggested steps I was able to start Apache HTTP server but Application is not working. Getting below messages in the Error

Re: [users@httpd] better configtest

> What is the point of not starting httpd if there is an issue with a single > virtual host? This gives the best feedback to the user that the config couldn't be honored. - To unsubscribe, e-mail:

RE: [users@httpd] better configtest

> > > > 1. > > what is the point of having a apachectl configtest, when a restart can > still fail? It can't be to difficult to include cert checks here, can it? > This is now becoming a significant part. > > The bar is useful, not perfect. configtest checks for _syntax_ validity. > > > 2. > >

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Wed, Apr 17, 2024, 3:27 PM General Email < general.email.12341...@gmail.com> wrote: > > >> > If people are asking for advice on PHP then advise them on PHP or don't >> say anything. >> > Don't start advising them about Java. >> >> Please... I am not even making remarks about you asking openssl

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > So, is this wrong forum for asking about openssl commands required > for generating certificates for enabling https on apache? > Mostly you will be notified. The only thing you need to add to your virtual host for https is this: SSLEngine on SSLCertificateFile

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> I don't know what you are trying to prove by your points + you are > insulting people for no reason. I am insulting no one, mostly stating what is common. > If you insult people, they may insult you back. > > Russia attacked Ukraine and Ukraine/NATO hit Russia back. I think you are the only

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > > If people are asking for advice on PHP then advise them on PHP or don't > say anything. > > Don't start advising them about Java. > > Please... I am not even making remarks about you asking openssl questions > at httpd. > So, is this wrong forum for asking about openssl commands required

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Wed, Apr 17, 2024, 1:17 PM Marc wrote: > > > > > http is an insecure protocol. I don't want my website to run on > > http. So, I am hardcoding https in links in my website that refer to > > pages in my website. > > > > > > Now, I know that you will write why not redirect http to

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > http is an insecure protocol. I don't want my website to run on > http. So, I am hardcoding https in links in my website that refer to > pages in my website. > > > Now, I know that you will write why not redirect http to https by > default. No because that is not relevant to me

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

I have always had issues with OpenSSL on Windows, so I gave up and started using xca (https://hohnstaedt.de/xca/). I created a root certificate that I imported into the Windows trust store and I create new certificates for each website in my dev environment. - Y On Tue, Apr 16, 2024 at 9:26 PM

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> This is also not relevant to what I am stating. If you develop, do it > regardless of http/https that is convenient for everyone. It will be to > your own benefit. If you have to host the application on your own server, > so be it. It will be easier with choosing your https solution. You could >

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > On Tuesday 16 April 2024 at 18:42:09, Marc wrote: > > > This is more about the ability to host an application regardless if it > is > > on http or https. How https is enforced/applied is up to the manager of > > the server, why would you even care as a developer of an application? > > I

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Tuesday 16 April 2024 at 18:57:13, Marc wrote: > 15 years ago people were not writing about gays. > > Maybe it takes another 15 years to be allowed to write about idiots. Don't be silly. Gay people identify themselves as gay, and talking about them as such is not a pejorative term. If you

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > > > But should your development be not protocol independent? If > your > > code works on http it should also work on https. I am getting > sick of > > these wordpress idiots where they still have hardcoded links > everywhere > > and I can't even convert a

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Tuesday 16 April 2024 at 18:42:09, Marc wrote: > This is more about the ability to host an application regardless if it is > on http or https. How https is enforced/applied is up to the manager of > the server, why would you even care as a developer of an application? I often develop

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > Pardon me- have 443 redirect to 80 of the environment variable is true. > Alternatively, have a completely different 443 vhost declared for > development purposes > > On Tue, Apr 16, 2024 at 11:30 AM Will Fatherley > wrote: > > > > But should

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

Pardon me- have 443 redirect to 80 of the environment variable is true. Alternatively, have a completely different 443 vhost declared for development purposes On Tue, Apr 16, 2024 at 11:30 AM Will Fatherley wrote: > > But should your development be not protocol independent? If your code >>

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> But should your development be not protocol independent? If your code > works on http it should also work on https. I am getting sick of these > wordpress idiots where they still have hardcoded links everywhere and I > can't even convert a website from http to https. > TLS is not in the

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Tue, Apr 16, 2024 at 11:11 AM Marc wrote: > > > > > > But should your development be not protocol independent? If your > > code works on http it should also work on https. I am getting sick of > > these wordpress idiots where they still have hardcoded links everywhere > > and I can't

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

On Tuesday 16 April 2024 at 16:07:09, Marc wrote: > A developer should just do developing. Some people, especially in smaller organisations, have to be multi-skilled. > A dentist is also not telling an ophthalmologist what to do. No, but a dentist might have some valuable advice on diet.

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > > But should your development be not protocol independent? If your > code works on http it should also work on https. I am getting sick of > these wordpress idiots where they still have hardcoded links everywhere > and I can't even convert a website from http to https. > > > > Are

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > Here’s a possible SO question that might help you: > > https://stackoverflow.com/questions/10175812/how-to-generate-a-self-signed-ssl-certificate-using-openssl > Thanks Will. I will look look into it.

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> But should your development be not protocol independent? If your code > works on http it should also work on https. I am getting sick of these > wordpress idiots where they still have hardcoded links everywhere and I > can't even convert a website from http to https. > Are you saying that I am

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> Can someone please give me exact openssl command(s) to use. > Command parameters can vary, and encryption technology is regulated by national laws. You should consult with your IT security staff on this matter if possible. What you are probably looking for is “how to self-sign my TLS public

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > Windows is my development environment. Later the website will be hosted > on linux and the linux hosting provider will provide SSL certificate. > But should your development be not protocol independent? If your code works on http it should also work on https. I am getting sick of these

Re: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> I think you need to search for setting up your own CA and sign certs. Windows is my development environment. Later the website will be hosted on linux and the linux hosting provider will provide SSL certificate. I had looked at

RE: [users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

> > I was looking for openssl command(s) to generate server side certificate > and key so that https start working on my apache 2.4 web server on > windows. > > I looked on Internet but found few commands but they all used different > arguments to openssl. > > Can someone please give me exact

[users@httpd] openssl comand(s) for https mode on apache 2.4 on windows.

Hi, I was looking for openssl command(s) to generate server side certificate and key so that https start working on my apache 2.4 web server on windows. I looked on Internet but found few commands but they all used different arguments to openssl. Can someone please give me exact openssl

Re: [users@httpd] better configtest

On Tue, Apr 16, 2024 at 4:42 AM Marc wrote: > > > With the forced upon us 90 day certificate renewal crap, my httpd was down > today although I have a 'restart procedure' that verifies a bit for errors > with apachectl configtest. > > 1. > what is the point of having a apachectl configtest,

Re: [users@httpd] better configtest

Hi, Marc wrote: > With the forced upon us 90 day certificate renewal crap, my httpd > was down today although I have a 'restart procedure' that verifies > a bit for errors with apachectl configtest. Regardless of the certificate duration I would recommend to use some monitoring tool to check

[users@httpd] better configtest

With the forced upon us 90 day certificate renewal crap, my httpd was down today although I have a 'restart procedure' that verifies a bit for errors with apachectl configtest. 1. what is the point of having a apachectl configtest, when a restart can still fail? It can't be to difficult to

RE: [users@httpd] RE: pipe logs to somethings that resembles a curl post

> > > > [1] > > https://httpd.apache.org/docs/current/mod/mod_log_config.html > > > > [2] > > https://httpd.apache.org/docs/current/mod/mod_log_config.html#formats > > You could also use > https://httpd.apache.org/docs/current/mod/mod_lua.html#luahooklog to > split up your logs or discard/silence

Re: [users@httpd] RE: pipe logs to somethings that resembles a curl post

On 4/10/24 07:22, Marc wrote: Oops I was mislead by some old posts. GlobalLog[1] does this for everything. However I have not found what value[2] has the requested virtual host name. [1] https://httpd.apache.org/docs/current/mod/mod_log_config.html [2]

[users@httpd] RE: pipe logs to somethings that resembles a curl post

%v sorry for polluting this list PS. If it is any consolation, I have registered myself at a retirement home > -Original Message- > From: Marc > Sent: Wednesday, 10 April 2024 14:22 > To: users@httpd.apache.org > Subject: [users@httpd] RE: pipe logs to somethings that r

[users@httpd] RE: pipe logs to somethings that resembles a curl post

Oops I was mislead by some old posts. GlobalLog[1] does this for everything. However I have not found what value[2] has the requested virtual host name. [1] https://httpd.apache.org/docs/current/mod/mod_log_config.html [2] https://httpd.apache.org/docs/current/mod/mod_log_config.html#formats

[users@httpd] RE: pipe logs to somethings that resembles a curl post

Currently I have modified some rust application that does this to satisfaction. But piping to a 60MB binary for quite a few virtual hosts does not really seem efficient to me. Is there not some apache module that can offer a "global" access to logging and 'clones' all logging to some tcp

[users@httpd] pipe logs to somethings that resembles a curl post

I was wondering how I could use piped logs to redirect some logs, comparable to curl post requests. [1] https://httpd.apache.org/docs/current/logs.html

RE: [users@httpd] Re: Apache server v2.4.58 - suexec issue

2.4.59 was released a few days ago to address these... Jim -Original Message- From: "Christophe JAILLET" Sent: Monday, April 8, 2024 13:26 To: users@httpd.apache.org, "Abdullah Adnan" Subject: [users@httpd] Re: Apache server v2.4.58 - suexec issue Le 07/04/20

[users@httpd] Re: Apache server v2.4.58 - suexec issue

Le 07/04/2024 à 19:55, Abdullah Adnan a écrit : Good day dears, Recently we have installed Apache server v2.4.58 in our CentOS 9, when make vulnerability scan with Nessus on the server the Nessus shows this vulnerability: The remote host appears to be running Apache and is potentially

[users@httpd] Request for Assistance: Apache mod_slotmem_shm POC

Dear Members, I hope this email finds you well. I am currently working on a Proof of Concept (POC) project where I aim to utilize Apache's mod_slotmem_shm module for caching data in the shared memory of Apache and subsequently accessing this cached data across all Apache workers. However, I

[users@httpd] Apache server v2.4.58 - suexec issue

Good day dears, Recently we have installed Apache server v2.4.58 in our CentOS 9, when make vulnerability scan with Nessus on the server the Nessus shows this vulnerability: The remote host appears to be running Apache and is potentially affected by the following vulnerabilities: - Multiple

Re: [users@httpd] CVE-2023-38709: Apache HTTP Server: HTTP response splitting

any information herein. If you have received this message in error, > please advise the sender immediately by reply e-mail and delete this > message. Thank you for your cooperation. > > > > *From:* Eric Covener > *Sent:* Thursday, April 4, 2024 8:57 AM > *To:* annou...@a

RE: [users@httpd] CVE-2023-38709: Apache HTTP Server: HTTP response splitting

he.org; users@httpd.apache.org Subject: [users@httpd] CVE-2023-38709: Apache HTTP Server: HTTP response splitting Affected versions: - Apache HTTP Server through 2. 4. 58 Description: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to spli

[users@httpd] CVE-2024-24795: Apache HTTP Server: HTTP Response Splitting in multiple modules

Severity: low Affected versions: - Apache HTTP Server 2.4.0 through 2.4.58 Description: HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack.

[users@httpd] CVE-2023-38709: Apache HTTP Server: HTTP response splitting

Affected versions: - Apache HTTP Server through 2.4.58 Description: Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. Credit: Orange Tsai (@orange_8361)

[users@httpd] CVE-2024-27316: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

Severity: moderate Affected versions: - Apache HTTP Server 2.4.17 through 2.4.58 Description: HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to

Re: [users@httpd] HTTPD Github latest release

Sounds good. I'll ignore it. On Wed, Apr 3, 2024 at 10:08 AM Eric Covener wrote: > > On Wed, Apr 3, 2024 at 1:06 PM Aditya Shastri > wrote: > > > > Hello, > > > > One of my pipelines triggered when the github apache httpd tags were > > created for 2.4.59-rc1-candidate (the next one on the list

Re: [users@httpd] HTTPD Github latest release

On Wed, Apr 3, 2024 at 1:06 PM Aditya Shastri wrote: > > Hello, > > One of my pipelines triggered when the github apache httpd tags were > created for 2.4.59-rc1-candidate (the next one on the list after the > previous 2.4.59) and 2.4.55. > > I wonder if there was an issue with the 2.4.55 release

[users@httpd] HTTPD Github latest release

Hello, One of my pipelines triggered when the github apache httpd tags were created for 2.4.59-rc1-candidate (the next one on the list after the previous 2.4.59) and 2.4.55. I wonder if there was an issue with the 2.4.55 release or if it was created accidentally? The repo in question:

[users@httpd] Out-Of-Office

Hello, I will be OOO traveling from 03/28 to 05/06 returning back on 06/07. Please expect delays in my email responses. Please contact Aurus support prodsupp...@aurusinc.com / Yogesh Baviskar ybavis...@aurusinc.com for any support needs. Thanks Siva Polepalli +1 575-404-3272

  1   2   3   4   5   6   7   8   9   10   >