-Original Message-
From: Evan Platt [mailto:e...@espphotography.com]
Sent: Wednesday, July 22, 2009 1:56 AM
To: users@httpd.apache.org
Subject: [us...@httpd] 404's to robots.txt?
So I've noticed quite a lot of connections from web spider programs.
I've had a robots.txt
-Original Message-
From: Jos Chrispijn [mailto:apa...@webrz.net]
Sent: Wednesday, July 22, 2009 1:31 AM
To: users@httpd.apache.org
Subject: [us...@httpd] Remote .htaccess
Is it possible to use a .htaccess in a folder in which I define a
htpasswd path that physically is located
We've got a machine here showing high processor usage for the Apache process.
Apache runs a few minor sites, but mainly it runs the SVN module for our SVN
setup so I'm assuming it's that.
However, is there a way in Apache that I can find out more about what module of
Apache may be responsible
* Pascal S. Clermont pas...@clermont.cc [2009-07-21 21:53]:
I want to secure some content from unauthorized access by using :
AuthType Basic
AuthName Authentication Required
AuthUserFile /etc/secret/auth.users
Require valid-user
in one of my virtualhost's
I would like to know if there
* Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com [2009-07-22 01:46]:
I am thinking of securing part of my low volume
web site with SSL. I wend to some certificate
authorities, and I was blown away by the prices.
Are there that are both cheap and widely recognized?
Jfyi: you might also try
Peter Schober wrote:
* Pascal S. Clermont pas...@clermont.cc [2009-07-21 21:53]:
I want to secure some content from unauthorized access by using :
AuthType Basic
AuthName Authentication Required
AuthUserFile /etc/secret/auth.users
Require valid-user
in one of my virtualhost's
I would like to
Peter Schober wrote:
* Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com [2009-07-22 01:46]:
I am thinking of securing part of my low volume
web site with SSL. I wend to some certificate
authorities, and I was blown away by the prices.
Are there that are both cheap and widely recognized?
Jfyi:
* André Warnier a...@ice-sa.com [2009-07-22 13:29]:
Require valid-user
Order allow,deny
Allow from 192.168.1
Satisfy Any
I don't think that this is exactly what the OP wanted.
Then maybe Jim Fox's mod_auth_location will do?
http://staff.washington.edu/fox/authlocation/
-peter
* Peter Schober peter.scho...@univie.ac.at [2009-07-22 12:29]:
Or STFW for cheap SSL certs. But you won't get below 60-80USD for a
year, I guess.
FWIW, I think GoDaddy's TurboSSL seems to be as cheap as it gets
(27USD per year, starting with 2 years). Don't know anything about
their services or
Hello all.
How can I set mod_cache to works in different ways in my different
Virtual Hosts? I just put the IfModule directive and the options inside
the VirtualHost or I must make a default config for all of them?
Att.
Fábio Jr.
Peter Schober wrote:
* Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com [2009-07-22 01:46]:
I am thinking of securing part of my low volume
web site with SSL. I wend to some certificate
authorities, and I was blown away by the prices.
Are there that are both cheap and widely recognized?
Jfyi:
Fábio Jr. fjuniorli...@gmail.com writes:
Hello all.
How can I set mod_cache to works in different ways in my different
Virtual Hosts? I just put the IfModule directive and the options
The same as most anything in an Apache config. See
http://httpd.apache.org/docs/2.2/sections.html
--
Dan
Peter Schober wrote:
* André Warnier a...@ice-sa.com [2009-07-22 13:29]:
Require valid-user
Order allow,deny
Allow from 192.168.1
Satisfy Any
I don't think that this is exactly what the OP wanted.
Then maybe Jim Fox's mod_auth_location will do?
http://staff.washington.edu/fox/authlocation/
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Nicholas Sherlock
Jfyi: you might also try free and not widely recognized,
http://cacert.org/
Won't certificates signed by them be only useful for
internally-deployed
apps? They're not a trusted root on
Boyle Owen wrote:
...
It's worth remembering what a certificate is for; it is a document,
undersigned by a third-party, that confirms that you are who you say you
are. The third-party certificate signing authority is putting their
reputation on the line and has a moral (even a legal)
André Warnier wrote:
Peter Schober wrote:
* André Warnier a...@ice-sa.com [2009-07-22 13:29]:
Require valid-user
Order allow,deny
Allow from 192.168.1
Satisfy Any
I don't think that this is exactly what the OP wanted.
Then maybe Jim Fox's mod_auth_location will do?
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, July 22, 2009 3:09 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Re: Low priced certificate?
We are a services company, and provide websites to select
customers, for
their own usage.
* Boyle Owen owen.bo...@six-group.com [2009-07-22 14:43]:
-Original Message-
From: news [mailto:n...@ger.gmane.org] On Behalf Of Nicholas Sherlock
Jfyi: you might also try free and not widely recognized,
http://cacert.org/
Won't certificates signed by them be only useful
Pascal S. Clermont wrote:
A conjunction of network based auth + SetEnvIf Remote_Addr
^192\.168\.1\.\d{1,3}$ REMOTE_USER=LOCAL_IP might be suitable for my
current needs.
That looks like a re-invention of Satisfy Any.
If you are re-inventing a wheel, kudos for NOT doing
the usual thing and
It sounds to me like you are hosting their sites... meaning you have
virtual hosts, etc.?
If I go to my bank and open a checking account... fine... it's free.
However, if I want a safe deposit box, I'll have to pay... unless...
maybe if I keep X amount of money deposit accounts with the
* Nick Kew n...@webthing.com [2009-07-22 15:41]:
Pascal S. Clermont wrote:
A conjunction of network based auth + SetEnvIf Remote_Addr
^192\.168\.1\.\d{1,3}$ REMOTE_USER=LOCAL_IP might be suitable for my
current needs.
That looks like a re-invention of Satisfy Any.
If you are
Nick Kew wrote:
Pascal S. Clermont wrote:
A conjunction of network based auth + SetEnvIf Remote_Addr
^192\.168\.1\.\d{1,3}$ REMOTE_USER=LOCAL_IP might be suitable for
my current needs.
That looks like a re-invention of Satisfy Any.
If you are re-inventing a wheel, kudos for NOT doing
the
André Warnier wrote:
Nick Kew wrote:
Pascal S. Clermont wrote:
A conjunction of network based auth + SetEnvIf Remote_Addr
^192\.168\.1\.\d{1,3}$ REMOTE_USER=LOCAL_IP might be suitable for
my current needs.
That looks like a re-invention of Satisfy Any.
If you are re-inventing a wheel,
André Warnier wrote:
.. and to explicit the question even more :
Deep down in Apache's request record for the current request, there is
a field which contains the authenticated user-id for this request, thus
available to any other Apache module (not only to cgi scripts).
I have a doubt that
Hi!
After digging hard through docs and other resources it still remains unclear to
me
how to relax access restrictions in sublocations.
From http://httpd.apache.org/docs/2.2/en/mod/core.html#require I learned how
to do this
for directories, but after some tries I get the impression this
On Wed, Jul 22, 2009 at 02:43:10PM +0200, Boyle Owen wrote:
It's worth remembering what a certificate is for; it is a document,
undersigned by a third-party, that confirms that you are who you say you
are. The third-party certificate signing authority is putting their
reputation on the line
On Wed, Jul 22, 2009 at 03:09:25PM +0200, André Warnier wrote:
While not contradicting the essence of the above, I would like to know
something for my own edification, if some expert could comment.
I don't think of myself as an expert, but I'm free with my opinions. :-)
[a desire to secure
That said, the most expensive gold-plated cert. you can buy may not be
worth much more, in your application, than one you could get for half
as much.
This is absolutely correct...except that some may appreciate the fact
that you're using the gold-plated cert.
That is, it sounds much better to
On Jul 22, 2009, at 11:40 AM, Mark H. Wood wrote:
On Wed, Jul 22, 2009 at 03:09:25PM +0200, André Warnier wrote:
While not contradicting the essence of the above, I would like to
know
something for my own edification, if some expert could comment.
I don't think of myself as an expert, but
* Joseph Morgan josephmmor...@hotmail.com [2009-07-22 17:47]:
In the cert world, your customers would likely rather see that your
certs are signed by Verisign than by
pimpmycert.com
As if they could tell the difference.
If both root CAs are in the browser's root chain, why shouldn't they
André Warnier wrote:
It is my understanding that we could set up our own certificate
authority (CA) and create our own server certificates. A customer
browser, upon the first connection, would pop up some message indicating
that it cannot verify this certificate, and offering maybe to
I've spent the last hour Googling this, without success...
Problem: is there some way to allow a directory listing which includes a
'parent' link, but *only* up to a specified top level?
In more detail, I have a site which is rooted at /var/www/html/foo.
There are some download files, which
Mike -- EMAIL IGNORED wrote:
I am thinking of securing part of my low volume
web site with SSL. I wend to some certificate
authorities, and I was blown away by the prices.
Are there that are both cheap and widely recognized?
Thanks for your help.
Mike.
So, all this education/lecturing on
Nicholas Sherlock wrote:
An attacker can use precisely the same mechanism to serve their own
certificate. Your website will have carefully trained the user in
advance to ignore all security warnings and accept the rogue
certificate. What a waste of time. The only thing you're protecting
Hi.
As Andre mentioned, the browser needs a configuration for proxy.
However, the transparent proxy allows users to access WWW without any
configuration.
In fact, I am suing Forward Proxy now and the reverse proxy seems to
be the proxy that I meant.
Am I right? Can anybody make it sure?
On
Brian Kim wrote:
Hi. All. I am a beginner. So I really need somebody's help.
I have asked a question about the transparent http apache server.
Nobody answers it yet, so I ask it again and add what I have done until now.
I haven't answered, because I'd need to look it up, and I haven't
found
For our communities' attention, this is a few day's heads up before the
applications actually open...
Original Message
Subject: Application Period for Travel Assistance to ApacheCon US 2009 Opens
Soon
Date: Wed, 22 Jul 2009 19:46:15 +1000
From: Gav... gmcdon...@apache.org
The
The big picture for my http proxy is to install it to ISP level.
It means users must not need to set up the proxy configuration
In that sense, I thought a reverse proxy seems to be the transparent proxy.
Is it right?
On Wed, Jul 22, 2009 at 1:20 PM, Nick Kewn...@webthing.com wrote:
Brian Kim
I have several VirtualHost and numerous Directory
sections that have large sets of identical directives.
If there a way to define a subroutine in httpd.config
that can be called in these sections?
Thanks for your help.
Mike.
-
* Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com [2009-07-22 20:02]:
I have several VirtualHost and numerous Directory
sections that have large sets of identical directives.
If there a way to define a subroutine in httpd.config
that can be called in these sections?
There is
You can Include the same file repeatedly:
http://httpd.apache.org/docs/2.2/mod/core.html#include
--
Dan Poirier poir...@pobox.com
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
2009/7/22 Brian Kim 09su.resea...@gmail.com:
It means users must not need to set up the proxy configuration
In that sense, I thought a reverse proxy seems to be the transparent proxy.
Is it right?
IMHO yes. To get such a transparent proxy working with mod_proxy
you'll need to work-around
If a browser with a User-Agent containing MSIE requests a .html file,
change its Content-Type to text/html (because application/xhtml+xml works
in all other browsers):
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} .*MSIE.*
RewriteCond %{REQUEST_URI} \.html$
RewriteRule .* - [T=text/html]
-
At 06:03 PM 7/21/2009, you wrote:
More than 1 docroot / log %{Host}i ?
Ahh.. I believe that's it! Thank you and the others who suggested
that, I believe that's it - I have a few subdomains I rarely use...
My current httpd.conf is:
LogFormat %h %l %u %t \%r\ %s %b \%{Referer}i
Brian Kim wrote:
The big picture for my http proxy is to install it to ISP level.
It means users must not need to set up the proxy configuration
In that sense, I thought a reverse proxy seems to be the transparent proxy.
Is it right?
Can you remind us exactly of what you want to do ? I am
dar...@chaosreigns.com wrote:
If a browser with a User-Agent containing MSIE
there seems to be a contradiction in terms here..
;-)
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
I believe I need to proxy SSL.
I have one Apache server, with SSL, and am using ProxyPass to get
https://server1/app/ to proxy to https://server2/app/ server2 is set up
to use certificate details for authorization.
I found http://httpd.apache.org/docs/2.2/mod/mod_ssl.html There are an
awful
Hi all.
The basic configuration is as follows
(1) (2) (3)(4)
Users switch (eth2 -- eth0) -- WWW
Users located in (1) will access WWW via http Apache server in (3).
For non-transparent proxy, every user across
48 matches
Mail list logo
