Hello,
Have come across a security issue and one of the reason is Apache allowing
serving of request with incorrect HOST header.
Question in short:
Is there an Apache Directive which will reject request with incorrect or
missing HOST header ? I mean if my Apache is serving one.xyz.com, rejec
Hi,
Can anyone help me on apache best practice?
What is the recommended permission of the DocumentRoot?
What is the recommended permission on the files and directories within
the DocumentRoot?
BTW my application is running on LAMP.
Current permission settings:
600 for files
700 for directorie
Not sure if this is possible with a single apache server instance, so
I'm curious if anyone has done this. We want apache to be configured to
be single public entry point into our private web services.
Additionally, we want users to be able to login based on a user/pass or
a client certificate. T
You want the Timeout directive (documentation covers it here:
http://httpd.apache.org/docs/2.0/mod/core.html). It may already be in your
httpd.conf file, the default value is 300 (seconds).
Charles
On Mon, Sep 8, 2008 at 12:30 AM, Arnab Ganguly <[EMAIL PROTECTED]> wrote:
> Hi All,
> Just wante
We found the cause of this problem. It seems that the directory creation
was failing when the mod_disk_cache was trying to create the
subdirectory structure to store the header and data content . The reason
this failed was because mod_disk_cache had already created a large
number of directori
Not sure if this is possible with a single apache server instance, so I'm
curious if anyone has done this. We want apache to be configured to be
single public entry point into our private web services. Additionally, we
want users to be able to login based on a user/pass or a client certificate.
On Sep 8, 2008, at 7:32 AM, Jason Pruim wrote:
On Sep 8, 2008, at 7:12 AM, Eric Covener wrote:
On Mon, Sep 8, 2008 at 6:09 AM, Jason Pruim <[EMAIL PROTECTED]>
wrote:
Locally it works great.. Once.. As soon as the web page is loaded
and you
attempt to refresh or go to a different page,
On Sep 8, 2008, at 7:12 AM, Eric Covener wrote:
On Mon, Sep 8, 2008 at 6:09 AM, Jason Pruim <[EMAIL PROTECTED]>
wrote:
Locally it works great.. Once.. As soon as the web page is loaded
and you
attempt to refresh or go to a different page, it says "Forbidden
you do not
have permission t
On Mon, Sep 8, 2008 at 2:32 AM, sh_santosh <[EMAIL PROTECTED]> wrote:
>
> Dear all,
>
> I am getting this exception while invoking(web services) or accessing
> through java code.
>
> The URL which i try to access is secured using Certificate.
> Please see the exception -
>
> javax.net.ssl.SSLHandsh
On Mon, Sep 8, 2008 at 7:00 AM, Markus Mayer <[EMAIL PROTECTED]> wrote:
> Does anyone have any suggestions as to how I can pinpoint this problem? Is
> there any way I can log requests before they are fully served by apache, as
> this might help the next time this shows up.
Run pstack against all
On Mon, Sep 8, 2008 at 6:09 AM, Jason Pruim <[EMAIL PROTECTED]> wrote:
> Locally it works great.. Once.. As soon as the web page is loaded and you
> attempt to refresh or go to a different page, it says "Forbidden you do not
> have permission to access /jasonpruim112 on this server"
Is there an
Hi,
I have an apache 2.0.61 with PHP 5.2.6 and the sunosin patches on Solaris 10,
Sun V440 with 4 x 1.6GHz CPU's, 16Gb ram and 16Gb swap. once or twice a year
it hangs with hundreds of child processes. The serverlimit is set to 512,
and all the child processes are busy with some request that
Good morning everyone,
I am breaking into new territory in my knowledge, and I've hit a bit
of a speed bump that searching and trial/error has not been able to
fix for me. Here's some details:
I am running Apache 1.3
PHP 5.2
I have setup a virtual host... http://purl.schreurprinting.com/ja
On Thu, Sep 4, 2008 at 9:47 PM, Justin Pasher
<[EMAIL PROTECTED]> wrote:
> Andrew Hall wrote:
>>
>> Hi there.
>>
>> I'd like to allow directory indexes for certain clients but not for
>> others.
>>
>> Specifically to allow our internal network to view them but external
>> connections to be refused.
14 matches
Mail list logo
