might check out mod_security. does not scan but can help prevent in the future.
http://www.modsecurity.org/
***
Tony Guadagno
Guadagno Consulting
[EMAIL PROTECTED]
585.703.6700
***
>>> [EMAIL PROTECTED] 4/
On 4/27/06, David Zhao <[EMAIL PROTECTED]> wrote:
>
> Hi there,
>
> I'm trying to use apache (Apache/2.0.54 (Fedora) Server) to display
> directories and files, some of the files have very long file names, currently
> they show up like this:
>
>
> Parent Directory -
>
On 4/27/06, Tiago Semprebom <[EMAIL PROTECTED]> wrote:> > Hello,> > I'm working with QoS (quality of service) and I'm using
> the Apache web server to implement my QoS policy. For> that, basically I'll need to intercept all incoming> requests in Apache and after that, separate this> requests in dif
Hi there,I'm trying to use apache (Apache/2.0.54 (Fedora) Server) to display directories and files, some of the files have very long file names, currently they show up like this:
Parent Directory -
AX4870_mouseUniref10..> 25-Apr-2006 00:52 17M
AX4870_mouseUnire
Well, as far as scanners, sure they exist. I can show a log of a
personal server that gets hit about 100 in under a minute by a script or
program scanning for vulnerabilities in PHP, Apache, ASP, IIS all of it.
They try to find web pages or scripts that are exploitable, which give
them access to
Well, if you are using QoS you are using Windows, which means you want to
delve into mpm_winnt.c - the mpm flavor on that platform. Much of the
networking there is raw windows api, as opposed to using apr.
If you want to be quite thorough, and are very familiar with QoS, there
has been some mumb
Sean Conner wrote:
[2] Actually, I do know of some, but they're the software programs that
are currently trying to break in through an insecure webserver or
CGI scripts. You can check your web logfiles and see plenty of
those happening. If any of those requests are
On 4/26/06, Stefan Brandt <[EMAIL PROTECTED]> wrote:
> Hello,
>
> when using mod_rewrite in an .htaccess-file (per-directory config files)
>Apache automatically strips the directories from the request URL.
>
> Is there any configuration option to influence this behaviour?
>
> In my steup the .h
I just found a pretty effective fix. I added slashes after each entry in my "exceptions" switch:[PHP] switch ( $MyName ) { case 'About/': case 'People/': case 'Reference/': echo 'It works!'; break; default:include ($_SERVER['DOCUMENT_ROOT']."/404.php"); break; }[/PHP]Now, if I type mysite/About/ in
Hello,
when using mod_rewrite in an .htaccess-file (per-directory config files)
Apache automatically strips the directories from the request URL.
Is there any configuration option to influence this behaviour?
In my steup the .htaccess file is stored in a subdirectory (for example
/de/)of t
There is about 50 virtual servers, I can't reinstall now, need to find the
hole.
The changed file has apache.apache ownership, so I think that the hole in
web server of php.
G.
- Original Message -
From: "Sean Conner" <[EMAIL PROTECTED]>
To:
Sent: Thursday, April 27, 2006 8:24 PM
On 4/27/06, Tiago Semprebom <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I'm working with QoS (quality of service) and I'm using
> the Apache web server to implement my QoS policy. For
> that, basically I'll need to intercept all incoming
> requests in Apache and after that, separate this
> requests in
It was thus said that the Great Georgy Goshin once stated:
>
> Hello,
>
> A few of virtual hosts on my server was hacked - the content was replaced
> and I can't figure how they did it. Is there any software that will scan the
> web server and checks for known security holes?
I don't know of
I am trying to do LDAP authentication to require group membership. I can
successfully authenticate using 'require valid-user' and 'require user
' but if I use 'require group dn=ldap,ou=Groups,dc=example,dc=com' I
get an Internal Server Error. The following error is recorded in the
error_l
Hello,I'm working with QoS (quality of service) and I'm usingthe Apache web server to implement my QoS policy. Forthat, basically I'll need to intercept all incomingrequests in Apache and after that, separate thisrequests in different queues, according with theirpriority. So, some questions:1) - Wh
Well, I've been playing with my rewrite rules, my database and PHP scripts, and it looks like I've come full circle. The home page is previewing dynamic URL's correctly. I have to fix a few things before I can really test the various sections, but I can bring up "pseudo-pages" when I type in URL's
On 4/27/06, Georgy Goshin <[EMAIL PROTECTED]> wrote:
> Hello!
>
> I have a many name based virtual hosts, is it possible to make that all php
> and cgi's script and apache process itself was under specific (virtual site
> owners's) user ID and group ID - apache?
No. At least not without a config
Hello,
A few of virtual hosts on my server was hacked - the content was replaced
and I can't figure how they did it. Is there any software that will scan the
web server and checks for known security holes?
Thanks,
G.
-
T
Hello!
I have a many name based virtual hosts, is it possible to make that all php
and cgi's script and apache process itself was under specific (virtual site
owners's) user ID and group ID - apache?
Thanks,
G.
-
The off
All,
Thanks to Richard, Victor and Dustin for the pointers. I'm going
to check out load balancers and the round-robin DNS aspects.
Probably be back with more specific Apache questions in the
future! Thanks for the help!
TonyOn 4/26/06, Tony Stocker <[EMAIL PROTECTED]> wrote:
Hello,
I've spent
On 4/27/06, Shabbir bharmal <[EMAIL PROTECTED]> wrote:
>
> Joshua,
> Thank you for your response. But, it did not work. Here is a snippet from
> my httpd.conf file.
Then you'll probably need to write a custom module to do what you
want. It shouldn't be too complicated, but I don't know the detai
Joshua,
Thank you for your response. But, it did not work. Here is a snippet from my httpd.conf file.
### Start - SNIPPET FROM HTTPD.CONF##
ProxyRequests OffProxyPass / http://localhost:8081/ProxyPassReverse / http://localhost:8081/
RewriteRule .* - [E=RU:%{LA-U:REMOTE_USER}]RequestHeader set U
On 4/27/06, Shailesh Garg <[EMAIL PROTECTED]> wrote:
> I am looking for a way to find the number of successfully downloads for a
> particular file. I have noticed 2 issues :-
>
>
> 1. Even when the client cancels the download in between, log shows status
> code as 200.
>
> 2. For range downloads, m
Gioele Barabucci wrote:
> Is there a simple way to obtain this playing with the Apache
> configuration? I would like to create a chain like this:
> | request -> get.php -> validator.php -> output
> without modifying get.php.
After some more research I found this
http://www.worldwidecreations.com/ph
On 4/26/06, Shabbir bharmal <[EMAIL PROTECTED]> wrote:
> I have Apache 2.2 setup using mod_proxy, mod_headers and mod_auth
> successfully. I am using Apache as my web server and Apache Tomcat as
> my web container where my applicationis deployed.
>
> Mod_auth challenges a browser session to ent
I would like to thank all of you for you answers. I found out that if I just run " make install" instead of "check install" apache will install fine without anyproblems but then rpm won't have any records of apache being installed on your machine with you execute "rpm -q httpd". Aother thing is
I am looking for a way to find the number of successfully downloads for a particular file. I have noticed 2 issues :-
1. Even when the client cancels the download in between, log shows status code as 200.
2. For range downloads, multiple 206 enteries are logged and one 200 entry, even if the do
Hi!
I have one question.
I would like to test my modules.
[Question] How to write driver to call my_module, my_register_hook()?
Ex.
1. driver.c
main(){
/* load my_modle */
/* call my_register_hook() */
/* call my_post_config() */
}
2.my_module.c: my module
module my_module{
.
.
my_register_hooks;
Another alternative to the hardware load balancer is to build a Linux Virtual Server - http://www.linuxvirtualserver.org/.
Linux Enterprise Cluster is a good book, guiding you how to build this from scratch.-VictorOn 4/27/06, Richard de Vries <
[EMAIL PROTECTED]> wrote:At work I've built several
Hi Joe,
Thanks, for the info, I've done the update as you suggested and it's working
now.
Regards,
Conor
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.h
30 matches
Mail list logo
