Re: [users@httpd] Attack on my reverse proxy server
On 12.06.12 00:42, Ruiyuan Jiang wrote: We see some attack on our apache reverse proxy server. 180.211.101.213 - - [11/Jun/2012:11:30:00 -400] POST / HTTP/1.0 301 324 201.243.47.144 - - [11/Jun/2012:11:30:00 -400] POST / HTTP/1.0 400 226 113.162.230.163 - - [11/Jun/2012:11:30:00 -400] POST / HTTP/1.0 503 323 How can we block those activities on the apache server? Thanks. if your server is accessible from the internet, such attacks _will_ come. you should make sure that such attacks won't affect its functionality. you can watch logs for that kind of activities and e.g. block source IPs in firewall (a.g. using fail2ban). There apparently are apache modules that can to something similar internally. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. A day without sunshine is like, night. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Should name based virtual hosts work when the ServerName is an IP address?
On Wed, May 30, 2012 at 3:06 PM, Eric Covener cove...@gmail.com wrote: Is there anything else I can do, like (e.g.) put the IP address as a hex constant or something in VirtualHost? Or disable this rather annoying feature? I'd suggest opening a bug report that something weird seems to happen with the literal IP address in the virtualHost arguments and that it works with *:80. On 30.05.12 22:10, Eric Covener wrote: Sorry, just catching on now that Matus nailed it. It's not so clear what the code is trying to tolerate by comparing this way. I guess that this was historic workaround for defining name-based virtual servers without defining ServerName/ServerAlias VirtualHost one.na.me # one.na.me served here /VirtualHost VirtualHost another.na.me # another.na.me /VirtualHost Since this makes creating default-only name-based virtual hosts impossible, I've had to found the workaround mentioned in my previous mail. I've been trying to solve this problem in the past, but I was only directed to the mentioned docs, I remember no explanation of why this is done. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0... - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Should name based virtual hosts work when the ServerName is an IP address?
--On 31 May 2012 07:02:57 -0400 Eric Covener cove...@gmail.com wrote: This fails because VirtualHost *:80 does not appear to set a default when you also have a VirtualHost 192.200.0.1:80. The latter always becomes the default. This is sensible/expected, the vhosts with a specific match in the incoming interface are the only candidates. On 31.05.12 12:36, Alex Bligh wrote: OK. So is there any way, in an environment where it is not possible to create DNS entries to order, where namevirtualhosts are used, to have a default vhost which is different from a vhost whose name is the IP address? btw: we use hostnames that are present in /etc/hosts. I found it more efficient to create different /etc/hosts (same name, different IP) on multiple machines than push httpd.conf through a filter that will replace hostname by IP. Just for sure: * is not acceptable (yet) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Where do you want to go to die? [Microsoft] - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Should name based virtual hosts work when the ServerName is an IP address?
--On 29 May 2012 16:02:25 +0200 Matus UHLAR - fantomas uh...@fantomas.sk wrote: This was documented feature in 1.3 and 2.0: The complete list of names in the VirtualHost directive are treated just like a ServerAlias (but are not overridden by any ServerAlias statement) if all names resolve to the same address set. Note that subsequent Listen statements for this vhost will not affect the ports assigned in the address set. It seems that in 2.2 it should work as you expect. Do you still use 2.0 or does this problem apply in 2.2 too? (I've checked now and seems it's gone in 2.2) On 29.05.12 16:40, Alex Bligh wrote: I am using 2.2 (latest from Ubuntu Lucid). I am not sure how to parse your second paragraph. There is only one Listen statement as this is a NameVirtualHost (in this case a Listen for *:80). NameVirtualHost is on 192.200.0.1:80 because there are non-namebased virtual hosts on other IP addresses. it's not mine, but from apache 1.3/2.0 docs. I think what you are saying is that in 1.3 and 2.0 the first declared virtual host not only acts as the default virtual host but also as if it had an alias defined for the IP address/port pair it is listening on. Not the on it's listening on, but the one in VirtualHost section. It means than for VirtualHost some.na.me the some.na.me becomes a hidden alias of the virtualhost. So, when you define VirtualHost 192.168.0.1 /VirtualHost VirtualHost 192.168.0.1 ServerName 192.168.0.1 /VirtualHost the second won't apply for 192.168.0.1, because 192.168.0.1 is already alias (hidden) of the first (default) virtual host. My understanding from the documentation is that this is not the intended behaviour on 2.2 - i.e. each vhost should be responding only for its defined ServerAlias and ServerName, and if none match the default should be used. That does not /appear/ to be happening, so perhaps the behaviour has not changed from the 1.3/2.0 behaviour you describe. Is that meant to be the case? If so, is there any way around this? (i.e. so an arbitrary DNS name pointing to the IP address will get the default vhost, but the IP address itself will get a different vhost). I worked around this problem by defining fake name in NameVirtualHost and VirtualHost sections # some.na.me maps to 192.168.0.1 NameVirtualHost some.na.me NameVirtualHost 192.168.0.1 # some.na.me is not resolvable from outside, so this host will ONLY get # default hosts - unspecified below VirtualHost some.na.me ServerName some.na.me /VirtualHost # This host will only process requests for 192.168.0.1 VirtualHost 192.168.0.1 ServerName 192.168.0.1 /VirtualHost -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Microsoft dick is soft to do no harm - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Should name based virtual hosts work when the ServerName is an IP address?
On 24.05.12 20:13, Alex Bligh wrote: If I use an IP address as the name of the second site like this: NameVirtualHost 192.200.0.1:80 VirtualHost 192.200.0.1:80 ServerName default.example.com ... stuff ... /VirtualHost VirtualHost 192.200.0.1:80 ServerName 192.200.0.1 ... stuff ... /VirtualHost the I would expect http://192.200.0.1/ to return the second site, not the default site. However, it seems to return the default. Is this a bug, and is there any work around? (I want the default site to be there still). This was documented feature in 1.3 and 2.0: The complete list of names in the VirtualHost directive are treated just like a ServerAlias (but are not overridden by any ServerAlias statement) if all names resolve to the same address set. Note that subsequent Listen statements for this vhost will not affect the ports assigned in the address set. It seems that in 2.2 it should work as you expect. Do you still use 2.0 or does this problem apply in 2.2 too? (I've checked now and seems it's gone in 2.2) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95 - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] I need to know the number of connections that failed by timeout
On 16.05.12 09:36, Lisandro Berardi wrote: My Apache server is limited of RAM, so I had to downloaded the number of ' MaxClients'. set MaxClients to a sane value and see how much of ram do they use to know if you can increase that number. Note that you will have to set StartServers, MinSpareServers and MaxSpareServers with prefork MPM, or StartThreads, MinSpareThreads and MaxSpareThreads with worker MPM. That is why I need to know the number of connections that fail by timeout, and if possible I need the date of each. Thanks so much! this is very hard to detect, because it's usually client who detects a timeout. server can see timeouts because of different reasons unrelated to server load. you should watch on your system how much memory it uses, which is also cryptic e.g. on linux it's second line of 'free' output (-/+ buffers/cache). PD: Sorry for my bad English... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam = (S)tupid (P)eople's (A)dvertising (M)ethod - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] cgi-bin subdirectories
On Tue, May 15, 2012 at 9:03 AM, Téssio Fechine precheca...@yahoo.com.brwrote: ScriptAlias /cgi-bin/ /var/www/cgi-bin/ Directory /var/www/cgi-bin AllowOverride None Options None Order allow,deny Allow from all /Directory And the error message I receive is this: [error] [client 192.168.56.1] script not found or unable to stat: /var/www/cgi-bin/something On 15.05.12 14:11, Igor Cicimov wrote: Include Options +ExecCGI SetHandler cgi-script in your Directory stanza. afaik this is not needed for directory aliased with ScriptAlias -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The early bird may get the worm, but the second mouse gets the cheese. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Unconditional Redirect?
On 28.04.12 17:16, Waldemar Klein wrote: I'm looking for a way to unconditionally Redirect. This is used in an If .. construct, so my condition is checked already. I use this in a (normal, forward, not reverse) Proxy configuration, which handles http and https requests. I already tried RedirectMatch .* http://my.new.url.here; which works fine for http requests, but not for https. you probably need to put that redirect to your HTTPS virtual host. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Cannot redirect or rewrite from http to https.
On 30.04.12 12:34, SEAN MCELROY wrote: I am using a httpd server to provide access to a flex app deployed on tomcat. The application must be accessed via https and I have managed to do this, however the application remains available over http. I have tried all sorts of different approaches but simply cannot rediect from http to https. what approaches? Dimply put RedirectMatch .* https://... to proper VirtualHost directive and you should've been done. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows 2000: 640 MB ought to be enough for anybody - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Inheritance of variable COLUMNS in apache2
On 23.04.12 13:45, Petr Hracek wrote: I have observed some tricky problem with environtment variable COLUMNS during the starting of apache2-2.2.21 Sometimes this variable is set to more then 80 characters and higher variable causes problems with CGI scripts which check ps output Do you have any idea why this variable is set to more then 80 characters and how to unset them? I found this to be a problem in Debian 6.0 and some Ubuntu versions, which set COLUMNS and LINES in /etc/csh.cshrc environment variables. I have filled up bugreport because that pretty sucks (bash sets COLUMNS and LINES too, but as its variables, not environment). It should be fixed already, but you may comment it on your system. To fix, use ww as option for 'ps' so it does not truncats its output. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. To Boot or not to Boot, that's the question. [WD1270 Caviar] - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Upgrade Apache 1.3.41 to 2.2.22
On 19.04.12 13:57, ithier@jdi.socom.mil wrote: Do I need to upgrade from 1.3 to 2.0, before I can upgrade to 2.2? No. Or should I start fresh with version 2.2? no problems. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie) - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Alias based on IP address
On 12.04.12 11:09, Paulo Silva wrote: Inside a virtualhost is it possible to define an Alias based on the IP of the incoming request? I think mod_rewrite can do that... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. My mind is like a steel trap - rusty and illegal in 37 states. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Conditional disabling of caching (mod_cache) based on presence of certain cookie possible ?
On 02.03.12 15:29, Soumendu Bhattacharya wrote: We use Apache + mod_cache for caching our website. Our mod_cache rule is such that it enables caching for all and then selectively certain url pattern is disabled (like some contexts). Currently the need is that if a certain cookie is present , the same url which was originally cached , should now be prevented from caching. Say I was caching xyz.com/a/b.html , but now if a certain cookie say NO-CACHE is present , the same xyz.com/a/b.html should not be served from cache. The url's which can contain NO-CACHE cookie is not limited (cannot be defined fully) and hence it looks like I need to check the presence of this cookie and then figure out a way to prevent (if the cookie is present) Apache from serving the content from cache. Why a cookie? There's Cache-Control: HTTP header designed for this, not Cookie: -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux IS user friendly, it's just selective who its friends are... - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] mod_status, disable server-status for users
On 05.03.12 14:32, Hajo Locke wrote: ist there any possibility to hide server-status page provided by mod-status for my users? every user with .htaccess is able to use sethandler and able to view complete status. I'm afraid the only way to disable this is to disable mod_status. I don't know of any other way and I that's why I don't use mod_status. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How to make Apache mod_deflate and Transfer-encoding : Chunked work together?
On 2/1/2012 3:48 AM, Matus UHLAR - fantomas wrote: Of course. But the original question was, why is chunking not used, even when Content-Length was not sent? I don't know HTTP/1.1 enough to answwer this question, do you? On 01.02.12 12:50, William A. Rowe Jr. wrote: Yes; because the entire C-L is known and the overhead for C-L plus fragment header/trailer is longer than a simple C-L header. This issue can also be handles by not sending the Content-Length and using chunking. The original question was, How do I force chunking. The answer is, you don't and can't expect to. Chunking is a hop-by-hop behavior over which you have no control by either endpoint of the intermediate servers' elections. Maybe the original question should be rephrased to How do I force chunking when sending content from mod_gzip2, so we would not discuss what chunking is for, if it collides with Content-Length and that it is hop-by-hop header, and just search for answer for why does mod_gzip not send chunked responses, if it can. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I just got lost in thought. It was unfamiliar territory. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How to make Apache mod_deflate and Transfer-encoding : Chunked work together?
On 1/27/2012 2:50 PM, sameer shah wrote: As you can see in above 2 headers chunking is working only if the compression is turned off. On 27.01.12 15:37, William A. Rowe Jr. wrote: Chunking is not a feature that the client gets to choose. Your client code is badly written if it is that fragile. On 1/31/2012 9:37 AM, Matus UHLAR - fantomas wrote: IIUC, it's not badly written client code, but a want from webserver admin, that seems not to be fullfillable with current apache/mod_deflate... On 31.01.12 11:07, William A. Rowe Jr. wrote: No. Protocols and specifications exist for a reason. Even *IF* you could force chunk behavior at the origin server, you would be incapable of producing the same results as the request travels through forward, reverse and transparent proxies outside of that administrators control. Of course. But the original question was, why is chunking not used, even when Content-Length was not sent? I don't know HTTP/1.1 enough to answwer this question, do you? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colors - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How to make Apache mod_deflate and Transfer-encoding : Chunked work together?
On 1/27/2012 2:50 PM, sameer shah wrote: As you can see in above 2 headers chunking is working only if the compression is turned off. On 27.01.12 15:37, William A. Rowe Jr. wrote: Chunking is not a feature that the client gets to choose. Your client code is badly written if it is that fragile. IIUC, it's not badly written client code, but a want from webserver admin, that seems not to be fullfillable with current apache/mod_deflate... It has to be able to tolerate either of Content-Length or Transfer-Encoding. You don't have command or control of the mechanism used if you are an HTTP/1.1 client. It is always the server's choice. On 1/30/2012 8:30 AM, Matus UHLAR - fantomas wrote: You can however send HTTP/1.0 request with which the server MUST NOT send chunked response. Looking at the original post this is just the opposite OP wants to achieve. On 30.01.12 13:06, William A. Rowe Jr. wrote: However, it need not send Content-Length either. If the C-L could not be determined, keepalives would not be honored, and you would be stuck in connection-per-request mode. I agree, using http/1.0 is not what the OP wants. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Doubt or problem with redirect - Help please.
On 25.01.12 19:03, Mathijs wrote: Some possible solutions to this, assuming www.someaddress.com has a virtualhost: Simplest way is with a redirect: VirtualHost *:80 ServerName www.someaddress.com Redirect / http://www.otheraddres.com?mode=1 /VirtualHost RedirectMatch /.* http://www.otheraddres.com?mode=1 would be safer - your example redirects http://www.someaddress.com/blah to http://www.otheraddres.com?mode=1blah - Redirect replaces strings. Instead of using ProxyPass you can use mod_rewrite as well: VirtualHost *:80 ServerName www.someaddress.com RewriteRule ^.*$ http://www.otheraddres.com?mode=1 [P] /VirtualHost This is just the same as the RedirectMatch above, just using different module (I think it's less effective). -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux IS user friendly, it's just selective who its friends are... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How to make Apache mod_deflate and Transfer-encoding : Chunked work together?
On 1/27/2012 2:50 PM, sameer shah wrote: As you can see in above 2 headers chunking is working only if the compression is turned off. On 27.01.12 15:37, William A. Rowe Jr. wrote: Chunking is not a feature that the client gets to choose. Your client code is badly written if it is that fragile. It has to be able to tolerate either of Content-Length or Transfer-Encoding. You don't have command or control of the mechanism used if you are an HTTP/1.1 client. It is always the server's choice. You can however send HTTP/1.0 request with which the server MUST NOT send chunked response. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: IE8 thinks SHTML is text.html
Content-Type: text.html On 28.01.12 12:25, Christos Jonathan Hayward wrote: Yes; I was wondering what was causing that. It turned out that ssl.conf was giving a content-type of text.html. now this is one of reasons why I think that the server config should NOT be splitted to different files unless really needed. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. To Boot or not to Boot, that's the question. [WD1270 Caviar] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Reg Apache Access log size
On 19.01.12 12:40, SSRChandra Devagupthapu wrote: Any one please suggest how to control the access_log in Apache web server. what do you mean how to control ? explain please -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Emacs is a complicated operating system without good text editor. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] SSL cipher suite modification
On 08.12.11 00:38, aparna Puram wrote: I understand from your mail that the following 2 cipher suites will work with the existing and the new clinet configurations. Kindly correct me if I m wrong. 1--!ADH:!EXPORT56:DES-CBC-SHA:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 2--!ADH:!MD5:DES-CBC-SHA:RC4+RSA:+HIGH:+MEDIUM However the first cipher suite contains MD5, which is not preferable due to security reasons. you disallow md5 due to security reasons, but allow null,export and low ciphers? :-) I use DEFAULT:!EXP:!LOW and I hope that's enough. you can excloude MD5 from those but I'd like to see your security reasons, due to paragraph above. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Consequences of https to https rewrites?
On November 10, 2011 14:41 , Nick Tkach ntk...@gmail.com wrote: RewriteRule ^https://mycom.com/specialsale https://mycom.com/content/some/url/page.html On 10.11.11 15:23, Mark Montague wrote: You're complicating things too much. In your HTTPS virtual host stanza in your web server configuration file, just put RewriteRule ^/specialsale$ /content/some/url/page.html You're complicating things much. Simple RedirectMatch should be ok instead of RewriteRule ;) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] expires review
On 12.11.11 16:10, Brent Clark wrote: Please could someone peer review the following for me. If this correct / acceptable? correct - yes, acceptable - not ;-) Why do you need such agressive expire? IfModule mod_expires.c ExpiresActive On ExpiresDefault access ExpiresByType text/javascript access plus 1 day ExpiresByType text/xml access plus 1 day ExpiresByType text/html access plus 1 day ExpiresByType text/css access plus 1 day ExpiresByType application/javascriptaccess plus 1 day ExpiresByType application/x-javascript access plus 1 day ExpiresByType application/shockwave-flash access plus 1 day ExpiresByType application/x-shockwave-flash access plus 1 day ExpiresByType application/pdf access plus 1 day ExpiresByType image/gif access plus 1 month ExpiresByType image/jpegaccess plus 1 month ExpiresByType image/jpg access plus 1 month ExpiresByType image/png access plus 1 month ExpiresByType image/x-icon access plus 1 month /IfModule -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Saving Private Ryan... Private Ryan exists. Overwrite? (Y/N) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Configuring apache to send http headers and data in two tcp ip packets
On 20.11.11 01:10, x y wrote: Please How can i configure my apache-httpd server to always send http headers and data in two tcp ip packets very hard, if at all. Why? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fighting for peace is like fucking for virginity... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Re: Server default vhost
I unsuccessfully tried numerous variations of NameVirtualHost, VirtualHost and ServerName but apache either serves www.domain.tld or 192.168.0.1 for all requests. Steve Swift wrote: Once you have your Virtualhosts setup, the first one becomes the default for any requests which do not match the ServerName/ServerAlias in any other Virtualhost. On 04.11.11 08:09, Helmut Schneider wrote: But - both www.domain.tld and 192.168.0.1 match the same vhost (at least what I observed). I want both to match different vhosts. then you must define two virtual hosts. NameVirtualHost 192.168.0.1 VirtualHost 192.168.0.1 ServerName 192.168.0.1 /VirtualHost VirtualHost 192.168.0.1 ServerName www.domain.tld /VirtualHost Note that you can not replace those two VirtualHost sections, since a feature (hidden in virtualhost matching docs) causes the string in VirtualHost be a hidden server alias for it, therefore each of those virtual hosts has a hidden alias of 192.168.0.1: VirtualHost 192.168.0.1 // means hidden ServerAlias 192.168.0.1 ... replacing those would create first (default) host with name www.domain.tld and hidden alias 192.168.0.1 which would be the default virtual hsot for IP 192.168.0.1 -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Silvester Stallone: Father of the RISC concept. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Best way to redirect within .htacces
- francois.ging...@gmail.com - http://httpd.apache.org/docs/trunk/rewrite/remapping.html#canonicalhost On 13.09.11 17:03, atanasp...@mail.bg wrote: I've already seen it, but unfortunetely I can't get the VirtualHost solution to work in .htaccess and I can't understand what's the problem. you need different virtual host with different documentroot, and put you Redirect directive there. I prefer using special modules for this, like redirtoservname or common_redirect. Unfortunately anything like UseCanonicalName force wasn't implemented in apache yet. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They say when you play that M$ CD backward you can hear satanic messages. That's nothing. If you play it forward it will install Windows. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] subdomain
On 26.07.11 11:24, Amira Othman wrote: I am using apache httpd-2.2.3-43.3 on centos 5.6.i have 5 virtual hosts .the server is also mail server and has mx record how can I deny access to url of mx record as it now goes to default virtual host. Any way to block using apache or I should use iptables You can use firwall rules (e.g. iptables) if the MX uses different IP. But in such case, you also can make apache not to listen on that IP. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Have you got anything without Spam in it? - Well, there's Spam egg sausage and Spam, that's not got much Spam in it. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Timeout question
On 27.07.11 08:50, Qingshan Xie wrote: according to Apache website http://httpd.apache.org/docs/2.0/mod/core.html#timeout, it says, The TimeOut directive currently defines the amount of time Apache will wait for three things: 1. The total amount of time it takes to receive a GET request. 2. The amount of time between receipt of TCP packets on a POST or PUT request. 3. The amount of time between ACKs on transmissions of TCP packets in responses. Can someone explain the 2nd point, I do not understand it fully? it apparently means that the incoming TCP packets for POST or PUT requests must come in lowert intervals, to prevent very slow clients from eating all connections to apache. Apparently aginst slowloris attack. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. We are but packets in the Internet of life (userfriendly.org) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Directory Browsing
I want to disable directory browsing but when I add the line Options -Indexes to httpd.conf nothing changes and still I can browse directory through web page. Is there something missed to disable browsing. On Wed, Aug 3, 2011 at 9:37 AM, Amira Othman a.oth...@cairosource.com wrote: The context you make the change in matters, as it can be reset at more specific contexts and in .htaccess files. On 03.08.11 16:58, Amira Othman wrote: I added it within virtual host in directory directive and there is no htaccess used Isn't there any Directory directive mathing the directory or its parents? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I'm not interested in your website anymore. If you need cookies, bake them yourself. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] need some thoughts on trouble shooting httpd server hangup
On 16.06.11 15:58, Zaccone, Warren wrote: I was able to reproduce with ab by requesting a php script that has an infinite loop. Running multiple copies of this script concurrently brings httpd into a hang state, that it will not recover from without manually restarting the httpd server. while (1) sleep (20); I have timeout set to 900 but it does not appear to be working. Will this timeout protect the server from such scripts or should is there something else. set max_execution_time in php.ini. for CGI and SSI executed processes, you need to set RLimitCPU -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. My mind is like a steel trap - rusty and illegal in 37 states. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] PHP Not Working
On 10.06.11 00:03, Jeroen Geilman wrote: You need to tell apache what to do with .php files. This can be implemented - as documented - by adding FilesMatch \.php$ SetHandler application/x-httpd-php /FilesMatch in your Documentroot Directory block. Since when they recomment something different than AddHandler? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] PHP Not Working
On 10.06.11 00:03, Jeroen Geilman wrote: You need to tell apache what to do with .php files. This can be implemented - as documented - by adding FilesMatch \.php$ SetHandler application/x-httpd-php /FilesMatch in your Documentroot Directory block. On 06/15/2011 10:13 PM, Matus UHLAR - fantomas wrote: Since when they recomment something different than AddHandler? On 15.06.11 22:17, Jeroen Geilman wrote: Who are they ? the PHP people apparently... The above is the recommended way on the apache httpd wiki: http://www.php.net/manual/en/install.unix.apache2.php Aha, I see: Instead of only using the Apache AddType directive, we want to avoid potentially dangerous uploads and created files such as exploit.php.jpg from being executed as PHP. We also unerringly advise it on freenode's #httpd channel. Who are we? ;) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Incomplete file downloads if Apache HTTPD is killed
So that was bad way to simulate apachectl stop just because of the above. I think with 2.2 it even is not true, because apache2 has own way to configure shutdown timeouts, the GracefulShutdownTimeout directive. On 09.05.11 16:26, Bostjan Skufca wrote: Yes, timeout is configurable, but that was the only lie there:) well, apache2ctl is here only a scripts that calls apache2 -k ... While talking about killed server and knowing that the file was transferred - It's often impossible to know. The chunked encoding or the Content-Length header are needed to know if the whole file was transfered. Chunked content encoding does not help here. Also, my experiments with few popular browsers has shown that they don't even try to support Content-Length correctly. I've been watching HTTP headers and correct Content-Length was specified, then I started a download and then killed the HTTPD child that served the download request before the download was completed. AND browsers did not even complain about failed download, they just stopped downloading with message Download complete or (if I selected to run the executable) complained about downloaded file being corrupt, but not incomplete. It does not work with gzip and Firefox too, just tried it. Download complete. So here is the question again - is there something one can do with Apache (or Linux/other OS) that will change browser's behaviour in a way that it will report incomplete download to the user? So it appears there in one, but it was reported that clients ignore it :) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT will now restart for changes to take to take effect. [OK] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Chroot a virtual host
Hello, On 20.04.11 00:47, --[ UxBoD ]-- wrote: I have noticed that when running Joomla, or in-fact any browsing capable PHP code, I am able to navigate above my virtual host document root and look at other virtual host files. How would one stop this ? I have taken a look at mod_chroot but that does not seem to work as ChrootDir can only be used in the main configuration and not in the VirtualHost directive. just a 1.5 months ago this question was asked and (imho) answered. Usually the PHP scripts are run under the same user apache runs as, so they have the same permissions. You can limit files which can a PHP script access by using PHP directives open_basedir and doc_root. You can run peruses MPM wich apathe 2.2. You can also run PHP as CGI using suexec, but that's a bit ineffective. I don't know how does FastCGI work. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. (R)etry, (A)bort, (C)ancer - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Incomplete file downloads if Apache HTTPD is killed
if a server is killed (SIGKILL) during a large static file transfer, then the client is not notified by his browser that file has not been completely downloaded. On Win it just says it is not a valid Win32 application or corrupted or sth. Now I know this is not a general problem and a graceful restart is the way to go around this, but if I do an upgrade then proper restart is required, or at least I think I remember I had problems with graceful restart in such situations. Sending a SIGKILL is an unfriendly way to end a process -- it causes the kernel to immediately terminate the process, without giving the process any chance to clean up. SIGKILL is thus not one of the signals handled specially by Apache HTTP Server. For a list of the signals that are handled specially, see http://httpd.apache.org/docs/2.2/stopping.html On 20.04.11 20:19, Bostjan Skufca wrote: Sending SIGKILL was just a way to simulate apachectl stop, which sends SIGTERM and then if after 10s some children still did not exit, parent sends SIGKILL to them. So that was bad way to simulate apachectl stop just because of the above. I think with 2.2 it even is not true, because apache2 has own way to configure shutdown timeouts, the GracefulShutdownTimeout directive. While talking about killed server and knowing that the file was transferred - It's often impossible to know. The chunked encoding or the Content-Length header are needed to know if the whole file was transfered. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #9: Out of error messages. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How do I keep Virtural hosts from seeing the others document root?
On 10.03.11 03:59, aaron...@comcast.net wrote: While the setup Jim decribes is similar to what I have setup, The issue still remains when a user uploads a PHPSHELL to there docment root and access the server through the uploaded shell they are no longer operating under the FTP user account. They are operating under the www-data account which is the account apachie operates in. By doing so when using the uploaded PHPSHELL you bypass the FTP and jail restrictions What jail restrictions? of course when running PHP under under apache, the restrictions from FTP do not apply. Therefore you must configure PHP so other restrictions apply. that prevent you from seeing other peoples document root and have access to all document roots on the system. Here is a PHPSHELL http://phpshell.sourceforge.net/ upload and configure it. give it a try it runs under the www-data account just like all other pages do. This issue would allow your PHP files to be viewed. This can be an issue due to needing to have passwords in PHP scripts to access SOL databases etc.. This issue could be resolved by making each virtualhost run under a different account and jailing each account in a different jail. read my former mail, I think I have described everything you mention. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How do I keep Virtural hosts from seeing the others document root?
An apology... On 10.03.11 03:59, aaron...@comcast.net wrote: While the setup Jim decribes is similar to what I have setup, The issue still remains when a user uploads a PHPSHELL to there docment root and access the server through the uploaded shell they are no longer operating under the FTP user account. They are operating under the www-data account which is the account apachie operates in. By doing so when using the uploaded PHPSHELL you bypass the FTP and jail restrictions What jail restrictions? of course when running PHP under under apache, the restrictions from FTP do not apply. Therefore you must configure PHP so other restrictions apply. that prevent you from seeing other peoples document root and have access to all document roots on the system. Here is a PHPSHELL http://phpshell.sourceforge.net/ upload and configure it. give it a try it runs under the www-data account just like all other pages do. This issue would allow your PHP files to be viewed. This can be an issue due to needing to have passwords in PHP scripts to access SOL databases etc.. This issue could be resolved by making each virtualhost run under a different account and jailing each account in a different jail. On 06.04.11 11:39, Matus UHLAR - fantomas wrote: read my former mail, I think I have described everything you mention. sorry for my ignorance. I forgot I'm in lag (illnes etc) and haven't seen your post before (seems due to broken threading). -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows 2000: 640 MB ought to be enough for anybody - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] mod_ssl with apach-1.3.19
On 30.03.11 21:05, satish patel wrote: I knew this is old but we can't stop production right a way! need some time to upgrade.. I am looking for small hack... After couple of changes in Makefile of mod_ssl i build libssl.so module with the help of apxs. But what if i want name like mod_ssl.so what should i do ? or just rename libssl.so to mod_ssl.so that will not work. But could you upgrade to at least apache 1.3.42 and compile it dynamically with openssl? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I just got lost in thought. It was unfamiliar territory. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] How do I keep Virtural hosts from seeing the others document root?
On 06.03.11 22:43, aaron...@comcast.net wrote: I have apache2 running virtual hosts. Ive fingered out how to jail a user that uploads files to the document root using jailkit and only allow SFTP access. What I have not fingered out is how to keep a user from reading other files on the system such as other virtual host document roots by uploading a phpshell which runs under the www-data user which is not jailed. I could jail the www-data account but this would not prevent one virtual host from seeing another using a phpshell since they would be in the same jail. what I think I need to do is run each virtural host under a different user account so I can jail each separate. How would I set this up? can virtual hosts be run with different user accounts? I think that they can by using peruser MPM but I think it's only scalable to a few hundreds/thousands of accounts. The reasoning behind this is I want to protect the PHP scripts from being viewed. run PHP as module and configure directives like open_basedir and doc_root. for CGI, you can configure all www directories to have 0750 permissions (write for owner, read for group) and run apache under user nobody but the group you give to all directories. Note that ordinary users must not belong to the group. Running under suexec, run scripts under the userid and group that doesn't have permission to read those directories. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Holmes, what kind of school did you study to be a detective? - Elementary, Watson. -- Daffy Duck Porky Pig - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] multiviews doesn't work on index pages (and DirectoryIndex properly configured)
On 09.03.11 11:29, Zhang Weiwu, Beijing wrote: Hello. Debian 5.0, apache 2 2.2.9-10. I've optioned multiviews, and it works perfectly fine for every document except index page. [...] Directory /var/www/www.realss.com.cn/htdocs/ Options FollowSymLinks MultiViews +Includes DirectoryIndex index AllowOverride All Order allow,deny allow from all AddHandler server-parsed .shtml SSITimeFormat %S XBitHack on Header append Vary cookie /Directory Have you tried using LanguagePriority and ForceLanguagePriority? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux - It's now safe to turn on your computer. Linux - Teraz mozete pocitac bez obav zapnut. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Adding RequestHeader content from script
On 12.02.11 14:37, Jakob Breivik Grimstveit wrote: I'd like to add RequestHeader content executing a script - is this possible? Do you mean, to asdd request header at the stage when script headers were already processed and pushed to the script? Maybe when apache acts as proxy server... For example: RequestHeader add MyHeader `scripts/hello.php` but not sure if this way... ... and then echo this variable content of MyHeader using the regular Header echo MyHeader If this is possible, the headers of my apache server can become ... quite interesting :-). Why do you want this? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The box said 'Requires Windows 95 or better', so I bought a Macintosh. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Named virtual host dot local [.local] tld
On 12.02.11 16:29, Richard Sergeant wrote: Deployment of the testbed.local fails. Apache is seeing the host header 'testbed.local', but it refuses to serve up that virtual host, instead giving the default site. How and where is the default site configured? And this is the NVH declaration: VirtualHost *:80 ServerName testbed.local DocumentRoot /var/www/testbed/htdocs ... /VirtualHost If I drop of the '.local' from the ServerName directive, and change (back) to using hostfiles the virtual host works as intended. Am I missing something obvious (like Apache won't wear .local as a tld), is this a 'feature/bug' or am I missing something? I think that is more a problem or correct configuration -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Enter any 12-digit prime number to continue. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] cleanest/fastest way of redirecting aliases to canonical server names
On 29.01.11 02:38, Christoph Anton Mitterer wrote: I'm having a vhost, which is reachable via one canonical name, e.g. example.org, and also via several aliases, e.g. www.example.org, example.com, etc. I want that whenever requests are made via one of the aliases, that those are redirected to the canonical name. IMHO there are about the following two ways: 1) - one vhost, which has the canonical name as ServerName, and the aliases as ServerAliases - and also has some RewriteCond+RewriteRules, making a redirect to the canonical address if HTTP_HOST is one of the aliases. 2) - two vhosts, the first having only the canonical name as ServerName (no ServerAlias) - the second, having the aliases as ServerName/ServerAliases - and also doing a Redirect / http://example.org 3) use special modules as mod_redirtoservname (debian) or mod_common_redirect (gentoo) that do this. (unfortunately, the latter bugs on ssl sites) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Despite the cost of living, have you noticed how popular it remains? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Status 3221225480 and restart
On 24.01.11 11:09, wolfgang.mi...@geigerus.com wrote: In-Reply-To: E71BAE31C16E784380444F62AFD383C306F6141AB9@EMV02-UKBR.domain1.systemhos t.net References: E71BAE31C16E784380444F62AFD383C304FF0B38AD@EMV02-UKBR.domain1.systemhos t.net AANLkTi=f+2tn2ecae2fq8zvrs6r0pp1whim1-pjsj...@mail.gmail.com E71BAE31C16E784380444F62AFD383C306F6141AB9@EMV02-UKBR.domain1.systemhos t.net To: users@httpd.apache.org From: wolfgang.mi...@geigerus.com Subject: [users@httpd] Status 3221225480 and restart Hi All, I am running Apache 2.2.17 on a Windows XP and repeatedly I get the following message: [notice] Parent: child process exited with status 3221225480 -- Restarting. And Apache restarts. What does status 3221225480 mean? Is this somehow related to the SSL problem you were replying to? If not, please stop hijacking threads - send a new mail, not a reply. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colors - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] mod_ssl, erratic performance
On 22.01.11 00:53, john.3.new...@bt.com wrote: We recently moved our production webserver from a sparc platform (T2000) to an x86/64 platform (x2270-m2) and we have noticed an erratic response time for downloads of files using SSL. This seems to randomly occur with any files about 10k or larger. For instance, I have been using a test file of 140K, and it can take 0.5 or 4.8 seconds to transfer. When using the sparc platform, it always only takes 0.5 seconds. I noticed this as we are using an external monitoring system (Gomez.com) and we started seeing these wildly varying times for transaction processing. I have tried a cut down SSL setup for testing, and examined every directive and option, and I can't make sense of the problem. I'm using the following configuration string, and I'd be happy to include the configuration setups.. I can move the bare-bones configuration between the sparc and x86 platforms and get normal response on the sparc, and irregular on the x86. random device can make a huge difference. What do you use for random data? /dev/random or /dev/urandom? If the rofmer, try the latter if it helps. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows found: (R)emove, (E)rase, (D)elete - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] RedirectMatch
On 13.01.11 11:07, Jørn wrote: I got a problem with using RedirectMatch. The following RedirectMatch line works well: RedirectMatch 301 /Foto/Album.*img_([0-9]*)\. http://www.dahl-stamnes.net/Foto/r_img.php?img=$1; But now I want to add another RedirectMatch: RedirectMatch 301 ^/Foto/show.*album\=(.*)$ http://some.other.url/album.php?album=$1; Tried to remove the backslash and quotes? But it does not match. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. You have the right to remain silent. Anything you say will be misquoted, then used against you. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] RedirectMatch
On Thu, Jan 13, 2011 at 5:07 AM, Jørn apache.u...@dahl-stamnes.net wrote: The following RedirectMatch line works well: RedirectMatch 301 /Foto/Album.*img_([0-9]*)\. http://www.dahl-stamnes.net/Foto/r_img.php?img=$1; But now I want to add another RedirectMatch: RedirectMatch 301 ^/Foto/show.*album\=(.*)$ http://some.other.url/album.php?album=$1; On 13.01.11 07:39, Eric Covener wrote: I don't think you can match against the query string It's documented in RedirectMatch docs. If it didn't, the first line wouldn't work even. -- you'll need mod_rewrite. ...please, don't use mod_rewrite for something it's not needed for, and don't advise people to do so. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I wonder how much deeper the ocean would be without sponges. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] RedirectMatch
On Monday 17 January 2011 11:27, Matus UHLAR - fantomas wrote: On 13.01.11 11:07, Jørn wrote: I got a problem with using RedirectMatch. The following RedirectMatch line works well: RedirectMatch 301 /Foto/Album.*img_([0-9]*)\. http://www.dahl-stamnes.net/Foto/r_img.php?img=$1; But now I want to add another RedirectMatch: RedirectMatch 301 ^/Foto/show.*album\=(.*)$ http://some.other.url/album.php?album=$1; Tried to remove the backslash and quotes? On 17.01.11 11:31, Jørn wrote: Yes, but the probem is that RedirectMatch only check the string to the left of the ?-sign. I must fix this by chaning the scripts. aha! So, in this case, you will have to use mod_rewrite... My apologies to Eric Coverner... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Honk if you love peace and quiet. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] kill hanging CGIs
Hello, we provide our users possibility to upload their own CGI scripts, using suexec (in a limited environment, for security reasons). I found that a user uploaded CGI that calls flock() function which sometimes makes the CGI hang for a long time (hours). Is there possibility to automatically kill such CGI processes after some time, so they won't cross eat our resources (file locks, for example)? Unfortunately this can't be done by usint RlimitCPU because the process does nothing or nearly nothing. Could mod_cgi or suexec kill the process after configured time? The apache version is 2.2.16 (gentoo linux). Thank you P.S. I know that the problem may lie outside of this problem, but I'm afraid that if processes will hang, I will just have to kill them somehow). -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. On the other hand, you have different fingers. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] New to list - Redirect, Alias or Rewrite?? Very confused...
On 04.01.11 11:59, d...@aiphone.com wrote: I am attempting to have the Apache Server 2.0 handle the following request for me: When a visitor visits http://mydomain.com/OLD_Web App/, I would like them to be automatically redirected to http://mydomain.com/New_Web App/ Both OLD and NEW Web App folders live in the same doc root and are at the same level in the folder tree - ie right off of root. I have tried both Alias commands and Redirect commands and nothing seems to work. what exactly did you try? show us the directives. Actually all those directives should work somehow, but I prefer Redirect for such cases. I have restarted Apache on each change. reload, even graceful, should be enough. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux IS user friendly, it's just selective who its friends are... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] mod_rewrite
On 09.01.11 10:27, rangeli nepal wrote: I have a very simple problem for which I am using mod_rewrite. I want to remove the certain consecutive path i.e Following is an example http://hostname/alpha/beta/theta/someuseful - http://hostname/prefix/someuseful/ I am using following rule, which works, but induces redirection on client end. I was thinking if I can reduce this unnecessary traffic. RewriteRule ^/alpha/beta/theta/(.*) /sugar/$1 [NC,L] why not use alias? Alias /alpha/beta/theta/someuseful/ /prefix/someuseful/ in the vhost section -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux is like a teepee: no Windows, no Gates and an apache inside... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 08.12.10 12:45, Tom Evans wrote: The best way to avoid this problem is not dummy vhosts, it is to not serve multiple websites from the same IP if you intend on handling SSL for any one of those websites and not the others. SSL sites that share a certificate (eg, if you have a wildcard certificate) are fine to share an IP. but when anyone points any hostname to the same address, he can ONLY process it as - the main and only host on the adress - throw and error host not configured. for the latter, he must configure one more virtual host on the same IP/port pair because apache does NOT know the host not configured error so we must create it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The early bird may get the worm, but the second mouse gets the cheese. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 08.12.2010 12:48, Tom Evans wrote: ... and serve data from the www.hosta.com vhost. On 08.12.10 13:21, b...@kanka.de wrote: .. but at this point apache knows that there is something wrong with the request or the configuration, and should throw an error instead of serving the wrong data. I am also sorry but apache does not support any host not configured error, it just uses default (first configured) vhost in such case. I'd love if apache supported the host not configured error. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I drive way too fast to worry about cholesterol. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Alias-ed directory appears on multiple virtual hosts
On 07.12.10 19:08, b...@kanka.de wrote: I've switched to a new debian server with apache 2.2.9 and installed the 'phpgadmin' tool via a debian package. This copies the php sources outside of /var/www and sets an 'alias ..' directive in /etc/apache2/conf.d/ Now what happens to my surprise is that /phppgadmin is accessible via all my virtual hosts, not just the one (base host) where it is defined. The /etc/apache2/conf.d/ directory is included from main server config (/etc/apache2/apache2.conf) and thus aliases defined there apply in all virtual hosts. This is one of reasons why I dislike this automatic way of configuring of apache in distributions. I recommend you comment out the Include /etc/apache2/conf.d/ in /etc/apache2/apache2.conf and include it only in vhosts you need them. The /etc/apache2/conf.d/security should be apparently included right from apache2.conf, the other From the same reason I removed some mods-enabled/*.conf and load it from separate virtual hosts where needed, e.g.: mods-available/alias.conf mods-available/info.conf mods-available/status.conf mods-available/userdir.conf etc. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One World. One Web. One Program. - Microsoft promotional advertisement Ein Volk, ein Reich, ein Fuhrer! - Adolf Hitler - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Can't get suexec to work on a userdir
On 29.11.10 16:10, Ken Tanzer wrote: Hi. I'm looking for some help with using suexec and userdir (2.2.15 on FC11). I have this test script running in a userdir (~test44/public_html/test.php): ?php system('whoami'); ? And it keeps reporting apache, not test44. do you run PHP scripts as CGI? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam is for losers who can't get business any other way. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Can't get suexec to work on a userdir
On 30.11.10 00:29, Ken Tanzer wrote: I _think_ that PHP is running as a module (based on this section of my php conf file: IfModule prefork.c LoadModule php5_module modules/libphp5.so /IfModule IfModule worker.c LoadModule php5_module modules/libphp5-zts.so /IfModule But not sure of the implications. Do the PHP scripts need to run as CGI in order for suexec to work? Precisely. There was mod_suphp module for apache 2.0 somewhere, you can search if it sills up your requirements, or you can try using peruser MPM. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Emacs is a complicated operating system without good text editor. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Limiting Request Body suggestion
On Thu, October 28, 2010 16:24, Tom Evans wrote: Why do you care what the status code is? (or rather, why do you want to return OK when an error occurs?) On 28.10.10 16:48, Joost de Heer wrote: To work around the Display userfriendly error messages bug^Wfeature? On Tue, Nov 9, 2010 at 2:17 AM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: Is there any need for work around this? They may come with greater limits later. Simply give them what they have chosen: bullshit error messages. Providing .reg file that removes the lame setting is the best we can do about this. sorry for being semi-OT On 09.11.10 10:14, Mohit Anchlia wrote: Doesn't work for us. We have clients who pay for our products and electronically send there information to us and it's the requirement from the client products to send them back the graceful turnaway with good error message back to the user. This is hard requirement and that's why I am stuck. I am thinking of may be writing something of my own. Do you think I can write some cgi handler? apache provides localized error messages for error codes. You can translate them and add some bullshit to them to be over 512 bytes big. But since it's the web browser, who eats those messages and shows user own versions, who can tell when will microsoft come with bigger limit for error messages? My point is, you can (and apparently do) give useful error messages, but you can't to much for clients' browsers not to sabotage it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759 - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Mod-rewrite problem
- Rudi Kramer rudi.kra...@gmail.com wrote: I am using ubunto 8.0.4 and apache 2.2.8 and I'm having some issue with mod rewrite and SSL redirection. I have two objectives. The first is to redirect http://www.site.co.za and http://site.co.za to the url https://www.site.co.za and the second is to redirect all traffic for https://site.co.za to https://www.site.co.za . There is no need for mod_rewrite. the Redirect directive can do exactly the same with less of workload. You don't need a cannon for shooting birds, do you? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One OS to rule them all, One OS to find them, One OS to bring them all and into darkness bind them - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Mod-rewrite problem
On 15 November 2010 14:40, Matus UHLAR - fantomas uh...@fantomas.sk wrote: There is no need for mod_rewrite. the Redirect directive can do exactly the same with less of workload. You don't need a cannon for shooting birds, do you? On 15.11.10 15:27, Rudi Kramer wrote: VirtualHost *:80 ServerName www.site.co.za ServerAlias site.co.za RedirectMatch ^ https://www.site.co.za/ Redirect / https://www.site.co.za/ is even more simple. /VirtualHost but I still cannot get it right to redirect the https://site.co.za redirect to https://www.site.co.za, I think it might be my lack understanding of regex though. Does this look right? RedirectMatch ^http\://bpultimateride\.co\.za https://www.bpultimateride.co.za/ no, it has to be Redirect / https://www.site.co.za in the VirtualHost section for site.co.za (yes, you need separate virtual host) I hope you have SSL certificate for www.site.co.za with alternative name site.co.za, otherwise browsers will report a mismatch. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. We are but packets in the Internet of life (userfriendly.org) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Mod-rewrite problem
On 15 November 2010 17:17, Matus UHLAR - fantomas uh...@fantomas.sk wrote: Redirect / https://www.site.co.za in the VirtualHost section for site.co.za (yes, you need separate virtual host) I hope you have SSL certificate for www.site.co.za with alternative name site.co.za, otherwise browsers will report a mismatch. On 15.11.10 19:37, Rudi Kramer wrote: I think I see the problem here. I have two virtual host files, one for non-ssl and one for ssl. VirtualHost *:80 ServerName www.site.co.za ServerAlias site.co.za RedirectMatch ^ https://www.site.co.za/ put here simply: Redirect / https://www.site.co.za/ /VirtualHost VirtualHost *:443 ServerName www.site.co.za ServerAlias site.co.za RedirectMatch ^http\://site\.co\.za https://www.site.co.za/ This will never match, Redirect only sees local path, no http/https. Yes, the destination may contain http/https. SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/apache2/ssl/site.co.za/server.crt SSLCertificateKeyFile /etc/apache2/ssl/site.co.za/server.key /VirtualHost As far as I can tell the ssl encryption means that Apache can't do the redirect Apache _can_ do the redirect. But you don't read documentation and apparently neither our recommendations. and the cliet only has a valid cert for the https://www.site.co.zaand not https://site.co.za which is why I was trying to get the redirect working.. The redirection has nothing to do with the certificate. Actually, the server doesn't care about certificates... However, you must either have _two_ virtual hosts and redirect requests from one to another, or have third-party apache module that redirects request to the servername if an alias is specified. I know of mod_comon_redirect (available in gentoo linux) and mod_redirtoservname (debian) Unfortunately, mod_common_redirect doesn't seem to work within SSL virtual host. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux IS user friendly, it's just selective who its friends are... - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Indexes with Require group
On 01.11.10 08:39, Andrew Simpson wrote: I would like to only allow directory Indexes to certain AuthGroupFile groups. you mean, that authorized users could see directory listings, others would get an error? Is this possible via basic configuration? afaik it's not. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. You have the right to remain silent. Anything you say will be misquoted, then used against you. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Limiting Request Body suggestion
On Thu, October 28, 2010 16:24, Tom Evans wrote: Why do you care what the status code is? (or rather, why do you want to return OK when an error occurs?) On 28.10.10 16:48, Joost de Heer wrote: To work around the Display userfriendly error messages bug^Wfeature? Is there any need for work around this? They may come with greater limits later. Simply give them what they have chosen: bullshit error messages. Providing .reg file that removes the lame setting is the best we can do about this. sorry for being semi-OT -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT will now restart for changes to take to take effect. [OK] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Re: possible to add multiple locations for the document root
On 21/10/2010, e-letter inp...@gmail.com wrote: Alias /localhost/target /usr/local/phppgadmin/phppgadmin On 25.10.10 14:57, Joost de Heer wrote: Alias /target /usr/local/phppgadmin/phppgadmin Ehm... Alias /target/ /usr/local/phppgadmin/phppgadmin/ trailing slashes DO have a meaning. without them, the /target-test would get mapped to /usr/local/phppgadmin/phppgadmin-test no matter if the directory exists. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. He who laughs last thinks slowest. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Re: [announce] Apache HTTP Server 2.2.17 and 2.0.64 Released
On 19.10.10 11:27, William A. Rowe Jr. wrote: * SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org) Fix two buffer over-read flaws in the bundled copy of expat which could cause httpd to crash while parsing specially-crafted XML documents. On 10/20/2010 1:44 AM, Matus UHLAR - fantomas wrote: does this mean that if I have apache compiled with external apr-util-1.3.10 and external expat, I am safe? On 20.10.10 15:05, William A. Rowe Jr. wrote: From these two flaws? Only if your external expat is also up-to-date, refer that question to the expat community. I see. Unfortunately, I haven't seen bundled expat version in the announce. And luckily, my version is patched. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They say when you play that M$ CD backward you can hear satanic messages. That's nothing. If you play it forward it will install Windows. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Re: [announce] Apache HTTP Server 2.2.17 and 2.0.64 Released
On 19.10.10 11:27, William A. Rowe Jr. wrote: Subject: [announce] Apache HTTP Server 2.2.17 and 2.0.64 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.17 of the Apache HTTP Server (Apache). This version of Apache is principally a bug fix release, and a security fix release of the APR-util 1.3.10 dependency; * SECURITY: CVE-2010-1623 (cve.mitre.org) Fix a denial of service attack against apr_brigade_split_line(). * SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org) Fix two buffer over-read flaws in the bundled copy of expat which could cause httpd to crash while parsing specially-crafted XML documents. does this mean that if I have apache compiled with external apr-util-1.3.10 and external expat, I am safe? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Where do you want to go to die? [Microsoft] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] SSL vulnerability question
- Denise Edwards denise.edwa...@bowne.com wrote: Received security can results which had two issues: 1-SSL Server Supports Weak Encryption Vulnerability 2-SSL Server Has SSLv2 Enabled Vulnerability [...] - SSLCipherSuite property includes high, medium, low and SSLv2 On 18.10.10 17:25, Igor Galić wrote: And that's your problem. SSLProtocol TLSv1 SSLv3 SSLCipherSuite RC4-SHA:AES256-SHA:ALL:!ADH:!MD5 I use: SSLCipherSuite DEFAULT:!EXP:!LOW you can list those by issuing: openssl ciphers -v 'cipherlist' -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache homepage not coming after deployin application on tomcat
On 28.09.10 04:03, Amol Puglia wrote: I would like to know how to get apache home page. the home page is a bit misleading. I have set htdocs as my document root in my apache web server. When i am accessing url http:\\webserver_name/index.html. I am not getting page. Have you tried http://webserver_name/index.html ? Have you tried http://webserver_name/ ? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Question about expires headers + php images returned without file extensions
On 13.09.10 14:12, David Favor wrote: I was just noticing the return of phpinfo returns .gif .jpg images by way of this syntax: http://$domain.$tld/index.php?=$objectid as in this: http://highvibenation.com/index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 Firefox picks up the correct Content-Type looking at output from Live HTTP Headers and for the life of me I've been unable to come up with an expires.conf file syntax to set a far future header for objects returned like this. I'd have thought something like this would work: expiresbytype image/gif access plus 1 years expiresbytype image/png access plus 1 years expiresbytype image/jpeg access plus 1 years expiresbytype image/jpg access plus 1 years Or at least this would work: ExpiresDefault access plus 1 years phpinfo() is just a function, it does not set http headers. The page above generates many headers to prevent caching, I'd search what is causing that. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I drive way too fast to worry about cholesterol. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to redirect ?
On 20.08.10 12:14, Mark Smits wrote: This is going to be a vey very dumb question, so apologies up front. Using WinAMP with Apache 2.2.11. winamp? Don't you mean wamp? I need redirections based on host name. Host1, host2 and host3 all are the same server host1 should be staying at host1 at the same port host2 should be redirected to host2 but different port host3 should be redirceted to host3 but antoher different port. well, just define three virtual hosts where host2 and host3 will have redirect directive in VirtualHost section, or in .htaccess in DocumentRoot. So for example http://host2/ http://host2:6405/InfoViewApp/logon.jsp VirtualHost IP ServerName host2 Redirect temp / http://host2:6405/InfoViewApp/logon.jsp /VirtualHost and if those hosts share the same IP, you must have NameVirtualHost IP directive in your config. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] rewrite redirect advise
On 20.08.10 15:16, Norman Khine wrote: i have a drupal site within which there is a folder with wordpress so http://mysite/blog loads the wordpress. i want to take this out completely so the http://blog.mysite is in its own vhost is it possible in for the http://mysite to add a rewirite so that if a user types http://mysite.com/blog it is rewritten to http://blog.mysite.com I think that simple directive should work: Redirect temp /blog http://blog.mysite.com/ Well, if you expect people put anything after the /blog, this will redirect /blogger to blog.mysite.comger , to avoid this you can use: RedirectMatch temp ^/blog$ http://blog.mysite.com/ RedirectMatch temp ^/blog/(.*) http://blog.mysite.com/$1 I hope it's clear enough. i have this: # Various rewrite rules. IfModule mod_rewrite.c RewriteCond %{HTTP_HOST} ^mysite\.com\/blog$ [NC] the HTTP Host: will NEVER contain the /blog part. RewriteRule ^(.*)$ http://blog.mysite.com$1 [L,R=301] is this correct way to do this? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. If Barbie is so popular, why do you have to buy her friends? - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] nested Require group?
On 18.08.10 11:23, Andrew Schulman wrote: I have outer and inner directories that I want to protect with different Require groups directives: Directory /var/www/html Require group outer /Directory Directory /var/www/html/inner Require group inner /Directory My hope was that the inner Require directive would override the outer one, allowing me to protect the inner directory with the more restrictive inner group. Or equivalently, that the two Require group directives would be ANDed together. Instead, it appears that the two directives are being ORed together, resulting in a *less* restrictive policy for the inner directory - the opposite of what I wanted. Anyone in either the outer *or* the inner is allowed access to inner. There is no AND and no OR here. In the /var/www/html/inner only the Require group inner applies. Does this seem right? Does anyone know of a way to AND Require group directives? No. And note you must use different realms by specifying different AuthName directives, otherwise it may confuse browsers. The access privileges to the same realm (same AuthName) should be the same within whole realm. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. You have the right to remain silent. Anything you say will be misquoted, then used against you. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache - Client Max Out
On 05.08.10 09:47, Himanshu Raina wrote: To: uh...@fantomas.sk this is a mailing list, please avoid private copies. please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Nginx (working as a frontend server) proxying requests to apache. Since increasing apache MaxClient value to something higher isn't a good idea (esp when static and dynamic content have been separated), I'm wondering what are my options. What is the best way to debug such a problem. The logs contain the usual information. Could netstat be of any help here ? I'm just looking for ways and means to tackle this situation. if the logs only contain usual informations, your server is apparently used much, and you have no other options than increase limits. You even have proxy that should offload it. You may also check if the served content is cacheable (mostly the dynamic one) and if the scripts serving it are effective enough. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] failing to determine servers fully qualified doamin name
On 27.07.10 21:28, Tapas Mishra wrote: We have changed our settings no more Apache. Lighttpd. good news for us. bad news for the lighttpd users lists/forums. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Boost your system's speed by 500% - DEL C:\WINDOWS\*.* - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] failing to determine servers fully qualified doamin name
On 15.07.10 17:45, Tapas Mishra wrote: I do not have access to a DNS. I have a machine on which apache2 is installed on Ubuntu10.04 I have 2 domain names (both internal) site1.domain.com and site2.domain.com and 2 vhost files for both of them. configuration of site1.domain.com is http://pastebin.com/6yzMzUbS and configuration of site2.domain.com is http://pastebin.com/9iE8gG1b in /etc/hosts I have 192.168.1.5 site1.domain.com site2.domain.com now when I am restarting apache2 I am getting following apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.1.5 for ServerName ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 192.168.1.5 for ServerName What do I need to check ? Simply: put directives: ServerName site1.domain.com and ServerName site2.domain.com to virtualhost definitions. apache does NOT take care of /etc/hosts. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Have you got anything without Spam in it? - Well, there's Spam egg sausage and Spam, that's not got much Spam in it. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] a chain of proxy servers
On 15.07.10 19:29, James Godrej wrote: I am looking for an example of use of Proxvia directive given here http://httpd.apache.org/docs/2.0/mod/mod_proxy.html#proxyvia the example is just there. What more you want? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Linux - It's now safe to turn on your computer. Linux - Teraz mozete pocitac bez obav zapnut. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] about unsubscribing
On 23.07.10 11:00, Yves wrote: Sorry to have to send this to the group but I do not seem to have alternatives here I am trying to unsubscribe but for some reasons when I reply to the robot that send the confirmation I get my mail bounced off Hi. This is the qmail-send program at smtpoutwbe07.prod.mesa1.secureserver.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. users-uc.1279687783.kmmmlhcclfkdhcbachei-yvesbodson=sfr...@httpd.apache.org: 192.87.106.230 failed after I sent the message. Remote host said: 552 spam score (5.7) exceeded threshold your reply was tagged as spam. --- Below this line is a copy of the message. [...] From:y...@ybdigitals.com To:users-uc.1279687783.kmmmlhcclfkdhcbachei-yvesbodson=sfr...@httpd.apache.org Subject: unsubscribe Date: Tue, 20 Jul 2010 22:11:40 -0700 Mime-Version: 1.0 htmlbodyspan style=3Dfont-family:Verdana; color:#00; font-size:10= pt;divbr/divdivbr/divdiv=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3DbrbrWelcome to my ga= llery:bra href=3Dhttp://www.ybdigitals.com;http://www.ybdigitals.com/= abrand photo gallery:bra href=3Dhttp://www.pbase.com/yves;http://ww= w.pbase.com/yves/a/div/span/body/html Welcome to my gallery: ? What are you sending to the list unsubscribe address? send plaintext unsubscribe to the admin address and reply the configurmation request with empty mail body. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. We are but packets in the Internet of life (userfriendly.org) - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Apache - Client Max Out
Hello, please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Thank you. On 23.07.10 18:06, Himanshu Raina wrote: What are the possible reasons for apache to max out ? How can this be diagnosed ? I am running a webserver with MaxClients of 200. On some occasions the http hits the ceiling and starts rejecting connection. The chances of it happening are as high as once a day. Could it be a result of bad coding or is there something wrong with my apache. I'm using apache(2.0.55) with php (5.2.6). Any help / suggestion in this regard is appreciated. apparently your server is being used. Check logs if it's not being abused (e.g. if you don't have an open proxy). -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I'm not interested in your website anymore. If you need cookies, bake them yourself. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] still see .htaccess and .htpasswd trough virtual host
Hello, please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Thank you. On 08.07.10 13:40, J. Bakshi wrote: I already have the following in httpd.conf file `` AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # Files ~ ^\.ht Order allow,deny Deny from all /Files `` But still I can read the .htaccess and .htpasswd file through browser, when visit the virtual host. But if I add the above config at the virtual host itself, it works well. So the virtualhosts bypass the config already there in httpd.conf. Do I need to write the code for each and every virtualhost then ? Not possible to define at any common point just once ? is this in server config or in some virtualhost or directory section? Is there any Files section of the host you are referring to? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. One World. One Web. One Program. - Microsoft promotional advertisement Ein Volk, ein Reich, ein Fuhrer! - Adolf Hitler - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Connection attempts - mod_proxy
On 29.06.10 16:52, Michel Bulgado wrote: Reviewing the messages I found Logwatch who have tried to use my server through the same mod_proxy to connect to other servers or sites. Connection attempts using mod_proxy: [...] the question is, should I be alarmed, because I fail to interpret if they could use mod_proxy to connect to these sites? there are many hacked, misowned machines on internet who repeatedly try to find any holes. You can ignore them, block the, or notify IP space maintainers but you shouldn't care unless they succeed, in which case it means you have to close a security hole... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] PHP error logs to centralized syslog
On 30.06.10 11:39, James Corteciano wrote: I know this is out of topic here in mailing list but I couldn't get into php mailing list. good luck trying. Did you try to contact php in other ways to find out why didn't you get to their mailing list? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The box said 'Requires Windows 95 or better', so I bought a Macintosh. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Add new site
On 23.06.10 10:38, Josu Lazkano wrote: Hello, this is my first post on this mail-list. I search on the web for questions and I got different solution, so I decided to write here to have best opinion about it. I have a Debian Lenny server with apache2 stable package installed, it works great. I want to add the Monit web interface to my server on host/monit directory. By default Monit comes on host:2812, and I want to change it to 80 port. Where I must config it? /etc/apache2/apache2.conf? /etc/apache2/sites-available/? apparently you can use both. Otoh, you should ask in debian mailing list and I guess you should create new config file in /etc/apache2/sites-available/ Note that you should put only the VirtualHost definition there, not any general directives. Finally I dislike the way of splitting apache's config file to many parts, since that makes imho the configuration much harder, not easier and the apache configuration system is not made to be maintained in man files, no matter how different SW distribution administrators want it. (well, I guess they know it and they have hard work to do the configuration easier) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Depression is merely anger without enthusiasm. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] default server serving to change
On Thu, Jun 17, 2010 at 5:15 PM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: the ReWriteRule in vhost of site1.mydomain.com as follows why rewrite rule when you can issue redirect by redirect directive? Redirect / http://sice.mydomain.com/ ops, had to be site. On 17.06.10 22:21, Tapas Mishra wrote: Site1.mydomain.com and mydomain.com are on same Physical machine while rest are on different ones. this completely does not matter I could not understand your reply. It seems that you are trying to redirect access to one or more addresses to different address. You can do that with Recirect directive, you don't need to play with mod_rewrite. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Save the whales. Collect the whole set. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Disabling the SNI functionality?
On 17.06.10 11:27, Hintz, Dan wrote: When I use an application on Windows Vista that communicates with our server (using Apache 2.2.13 and OpenSSL 0.9.8k), it succeeds if I use the IP address of the server, but it fails when I use the FQDN of the server. fail in what way? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. A day without sunshine is like, night. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] DNS lookup cached
On 18.06.10 14:54, Diego Trombetta wrote: I'm using Apache as reverse proxy to redirect request inside a LAN. I'm trying to dynamically change the address to which forward request through Apache. In my configuration file I use something like: location /dynlocation/ ProxyPass http://dynlocation/ ProxyPassReverse / /location The DNS lookup is resolved reading the hosts file (it's a window system). 10.0.0.1 dynlocation I thought that chancing the hosts file at runtime would have made the trick, i.e. writing: 10.0.0.2 dynlocation but it seems that Apache is caching the IP and keeps on sending requests to 10.0.0.1 I cannot restart Apache every time I need a different IP. Does anybody know how to clean that DNS cache or has a different idea to solve this problem? I doubt apache caches the IP. I guess it's windows who is caching the IP, check that possibility first. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. On the other hand, you have different fingers. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Can not access one page from other than localhost - but can access another ok from lan...what's up?
Hello, please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Thank you. On 19.06.10 23:53, Ninja wrote: I have just installed nagios and ninja (monitoring apps) on CentOS 5.4 and all appears to have gone ok, however I have an issue when I try to log in from the LAN, ie not the CenOS machine(localhost). On the local host, I can open a browser and go to http://192.168.0.11/ninja or http://localhost/ninjaI enter my userid and pass and I am in. No problems. However, on another machine on the LAN if I go to http://192.168.0.11/ninja it loadshttp://192.168.0.11/ninja/index.php/default/show_login, I enter my (same) userid and pass and it just reloads the login screen. No message,no error, but no login! The odd thing is that I can log into http://192.168.0.11/nagios from the LAN no problems. But not to /ninja, that only works on the localhost ...I need your help to track the cause. check if it is not the ninja who cares where do you connect from. even if apache allows access, PHP scripts may refuse it. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I just got lost in thought. It was unfamiliar territory. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] rewrite rule tutorial on ask apache I could not understand syntax
On 15.06.10 18:12, Tapas Mishra wrote: http://http://www.askapache.com/htaccess/crazy-advanced-mod_rewrite-tutorial.html is a link to a tutorial which mentions following use of ReWriteRule is wrong. RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} !^www\.askapache\.com$ [NC] RewriteRule .+ http://www.askapache.com%{REQUEST_URI} I could not understand what is the mistake in the above rule? Can some one point what is the error which the tutorial is trying to tell. can you tell usa what are you trying to do? Seems as another attempt to do simple HTTP redirect to www.askapache.com if host is not www.askapache.com. This can be done by using third party plugins that can redirect to canonical name (mod_redirtoservname or mod_common_redirect), or by using name-based virtual hosting, with the first (default) virtual host redirecting to second one, with ServerName www.askapache.com and no ServerAlias. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Your mouse has moved. Windows NT will now restart for changes to take to take effect. [OK] - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] default server serving to change
On 14.06.10 11:56, Tapas Mishra wrote: I have 5 websites running on a webserver. I read Apache docs Apache serves the vhost file in alphabetical order of name of vhost file. I have a few subdomains on main domain http://mydomain.com as follows http://site1.mydomain.com http://site2.mydomain.com http://site3.mydomain.com http://site4.mydomain.com in one of them which is served by default I want to redirect to correct http://mydomain.com so I added in http://site1.mydomain.com the ReWriteRule in vhost of site1.mydomain.com as follows why rewrite rule when you can issue redirect by redirect directive? Redirect / http://sice.mydomain.com/ (note the trailing slash, it should be there) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Trying to use one index file for all files in a directory
On 10.06.10 11:46, Jeffrey Schmitz wrote: That said, I have searched for a way to use the index.php file that I have created to be the default for all folders nested in a top level Documents folder. Directory /.../Documents DirectoryIndex /.../index.php /Directory It basicly searches whatever directory it is being called from to find any images/pdfs contained and produce a gallery based on them. I could copy this index.php to each of the nested folders but it seems to me there must be a more efficient way to do this in Apache. I found that a .htaccess file can be placed in a top level directory to call directives on all sub folders, but I can't figure out a directive that would achieve this goal. you can put the DirectoryIndex (providing full path) in .htaccess, you don't need Directory then. But make sure .htaccess is used and you may override the DirectoryIndex (see AllowOverride in apache's config). Not using .htaccess is a bit more effective. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Posli tento mail 100 svojim znamim - nech vidia aky si idiot Send this email to 100 your friends - let them see what an idiot you are - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] hide web content
On 11.06.10 15:42, Duleep Dissanayaka wrote: i'm developing a web system using php on linux server. Now I faced some problem with download function I developed. I want to give permission to download files only for register users on my system. I developed that part but problem is if anyone knows the download link file can be downloaded without any restrictions. I want to stop that kind of download using the web link. Can you give me some help to resolve that problem please. put the file out of WWW space, make it accessible only through script that will check whether the user has right to access the file. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. - Holmes, what kind of school did you study to be a detective? - Elementary, Watson. -- Daffy Duck Porky Pig - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] 301 redirect
On 19.05.10 00:02, Piotr Kloc wrote: Can I set the redirect 301 not in .htaccess but in apache conf ? I have tried to set this RewriteEngine on RewriteRule ^webmail/(.*)$ http://somedomain.com/webmail/$1 [R=301,L] Redirect permanent /webmail/ http://somedomain.com/webmail/ you even don't need mod_rewrite for this. (many people use mod_rewrite where simple redirect is enough). and it doesnt work as was mentioned (just for sure) - URL always starts with '/'. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Support bacteria - they're the only culture some people have. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Is /etc/resolve.conf being Used for Apache 2?
Hello, please configure your mailer to wrap lines below 80 characters per line. 72 to 75 is usually OK. Thank you. On 18.05.10 19:05, Wang, Mary Y wrote: Well.. I'm just trying to make sure that I cover all ends to make sure that a DNS alias (a CNAME) is working correctly like I expected. I've having some Virtual Host problem... You can see my previous posts with this subject title Struggle with Named Virtual Host - The Second Named Virtual Host Always Returns 404 File Not Found Error.. apache only resolves hostnames(*) when a name is used in VirtualHost hostname section. You apparently need to look how ServerName, ServerAlias and NameVirtualHost directives work. (*) - yes, it sometimes resolves hostnames in logfiles and when proxy is used, but it's irelavant here. I'm kind of giving up the idea of working from the httpd.conf that was provided by the system. I'm in the process of just using my Apache 1.3.27 httpd.conf and manually migrate it to work Apache 2.0. Maybe that would be easier...Sigh... I believe you could answer Eric's question much better... -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Why do you suspect it doesn't? What problem do you have? What makes you think there's problem with DNS? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam is for losers who can't get business any other way. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] 301 redirect
On Tue, May 25, 2010 at 8:20 AM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: On 19.05.10 00:02, Piotr Kloc wrote: Can I set the redirect 301 not in .htaccess but in apache conf ? I have tried to set this RewriteEngine on RewriteRule ^webmail/(.*)$ http://somedomain.com/webmail/$1 [R=301,L] and it doesnt work as was mentioned (just for sure) - URL always starts with '/'. On 25.05.10 08:24, Eric Covener wrote: For RewriteRule in .htaccess, the string you compare to never start with a / does mod_rewrite strip it in .htaccess? (good to know although not needed now) However I was able to use Redirect /.../ in .htaccess too, it only may not apply if we specify wrong path. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Emacs is a complicated operating system without good text editor. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] httpd vhost centralized logging
On 24.05.10 11:45, Sandro Tosi wrote: We wanted to use syslog too, but it's very rigid (only 8 localX facility for custom logs) so we discarded this solution. you can use one local facility and zillions of program names to distinguish between different logs. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. How does cat play with mouse? cat /dev/mouse - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] ssl certifikate mismatch
On 14.05.10 22:51, Reinhard Vicinus wrote: is the following behaviour of apache 2.2.15 (debian unstable) a feature or a bug? Listen 10.0.0.1:81 VirtualHost 10.0.0.1:81 SSLEngine on SSLCertificateFile /etc/apache2/conf/aaa.crt SSLCertificateKeyFile /etc/apache2/conf/aaa.key ServerName aaa /VirtualHost Listen 10.0.0.2:81 VirtualHost 10.0.0.2:81 SSLEngine on SSLCertificateFile /etc/apache2/conf/bbb.crt SSLCertificateKeyFile /etc/apache2/conf/bbb.key ServerName aaa /VirtualHost curl https://bbb:81 SSL: certificate subject name 'aaa' does not match target host name 'bbb' does 'bbb' point to 10.0.0.2? curl https://10.0.0.2:81 SSL: certificate subject name 'aaa' does not match target host name '10.0.0.2' you can expect this one, when accessing server via IP address. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. The early bird may get the worm, but the second mouse gets the cheese. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] htaccess format howto question
On 13.05.10 21:08, David Banning wrote: I am wondering how I might do a .htaccess redirect if I want to redirect domain.com/index.php?id=606 to domain.com I have been pouring over many apache how-to's and have not been able to find an answer as yet. I think that RedirectMatch /index.php(?.*) / could do that. While rewrites may wor, I prefer easier solutions. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] modssl integration with apacheserver
On 09.03.10 11:27, snigdhamukher...@bel.co.in wrote: I have to add a custom built SSL library in place of OpenSSL. Can some one suggest how to integrate a SSL library with mod-ssl for apache web server?? is it patched SSL, compatible with SSL, or something completely new? first tho should be linkable with apache, another one apparently needs new or at least patched version of mod_ssl or similar apache module. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Support bacteria - they're the only culture some people have. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] different php.ini for virtual host on apache2 with mod_php5
On 16.03.10 11:50, Станислав Сметанин wrote: To: users@httpd.apache.org I want to disable mail() function in the one of virtual hosts' that use PHP(I use mod_php for apache2), and regarding to the http://www.php.net/manual/en/ini.core.php#ini.disable-functions I can't use directives like php_value, etc, because value of disable_functions can be set only in php.ini, but I don't want to disable mail() on the all of my virtual hosts, just on one. the question: Can I use different php.ini for virtual hosts, in my case I want to use php.ini for one host, where disable_functions = mail will be. This is apache mailing list, and your question belongs to PHP list/forum etc. You can also search PHP docs on http://www.php.net/ -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Emacs is a complicated operating system without good text editor. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] IfModule mod_rewrite.c issue in debian lenny.
On 03/04/2010 05:53 PM, Dan Poirier wrote: Or just don't use IfModule in your own configuration. The only real reason to use it is in example configurations for other people, where you don't know if a given module has been loaded. If you're configuring your own server, presumably you intend for that module to be loaded. Better to have the server fail to start if you've left out the LoadModule than appear to be working but completely ignoring all the configuration inside IfModule. On 05.03.10 10:45, J. Bakshi wrote: But I have faced problem in debian where it does not sense the configuration if it is not under IfModule. Otherwise I would be happy to configure without IfModule. What? If the directive is not in IfModule, it's always used. The IfModule causes it be used only if the specified module is loaded. It means, that if you use a directive without IfModule and the module is not loaded, apache reports an error in config file. The fscking complicated IfModule syntax used in some SW distributions are Pain-In-The-Ass. Unless you want only some small changes, it's always better to create own apache's config. Yes, it's not that easy to maintain from the distributions' point of view (automatically), but it's MUCH easier to understand and maintain manually. playing with IfModule is especially hard with things like DirectoryIndex. iirc RedHat tried to add directives like AddDirectoryIndex and ClearDirectoryIndex but without big success here. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Silvester Stallone: Father of the RISC concept. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] How to set up a reverse proxy for login.facebook.com
On 07.02.10 01:09, fulan Peng wrote: I am trying to set up a reverse proxy for facebook by using Apache mod_proxy and mod_proxy_html. On Sun, Feb 7, 2010 at 9:54 PM, Matus UHLAR - fantomas uh...@fantomas.sk wrote: reverse proxy for facebook? Are you running facebook servers so you can run reverse proxy for it? On 07.02.10 22:39, fulan Peng wrote: I am not running facebook server. I just set up a reverse proxy server for it. the term reverse proxy is usually used by people who run proxies in froont of their own webservers, which is not your case. I recommend you to avois term reverse when talking about oproxy for facebook. Before, it always complain missing a file called ua_callback.php I wget it from http://m.facebook.com. It looks like a html file instead of a php file. Of course, the PHP is (usually) parsed on server and (usually) generates different content than PHP. I cannot not understand this. I have set up reverse proxy for many web sites which have php files. The browser ask for the php file, the proxy should ask for the backend server. The proxy get the results from the backend server then deliver the results to the browser. Now, error message on the proxy says the proxy is missing a php file, something is wrong. When the client asks for php file, the webserver usually processes the PHP file and sends its output (not the php file itself) to the client. Don't wander that you don't see the PHP content in it. [Sun Feb 07 08:36:58 2010] [error] [client {the browser}] File does not exist: /usr/local/www/apache22/data/ajax, referer: https://{myip}:8381/15/login.php?login_attempt=1 So I wget http://m.facebook.com/ua_callback.php, I got a ua_callback.php file which is the results to run the ua_callback.php. better do not do that. I don't know how big part of facebook is cacheable, but by caching something you should not cache you may break users' privacy and the application itself. I think you have been told in squid-users mailing list about this, so let's better close this issue. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They say when you play that M$ CD backward you can hear satanic messages. That's nothing. If you play it forward it will install Windows. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org