Hi all,
I'm having an annoying and rather complex problem, and couldn't find any
decent answer crawling the net for hours, visiting forums, reading
FAQs/official documentation, including the very interesting article at
http://blog.stuartherbert.com/php/2007/11/21/the-challenge-with-securing-shared
Hi Frank,
thank you very much, That's it! ;-)
Michael
2009/3/26 Frank Gingras :
> Michael,
>
> Try IndexOptions ShowForbidden (2.2.x)
>
> Frank.
>
> Michael Ludwig wrote:
>>
>> Hi!
>>
>> I'm experiencing the following problem:
>> I changed the look&feel of the directory listings with mod_autoi
On Thu, Mar 26, 2009 at 2:41 PM, Octavian Râsnita wrote:
> Ok, and what happends if not a browser requests that mp3 file, but a custom
> made program that download all the files?
>
> Octavian
>
> - Original Message - From: "Jonathan Zuckerman"
>
> To:
> Sent: Thursday, March 26, 2009 8:0
Michael,
Try IndexOptions ShowForbidden (2.2.x)
Frank.
Michael Ludwig wrote:
Hi!
I'm experiencing the following problem:
I changed the look&feel of the directory listings with mod_autoindex.
Works great so far.
But the directory listing doen't list the subdirectories which are
secured with .h
Hi!
I'm experiencing the following problem:
I changed the look&feel of the directory listings with mod_autoindex.
Works great so far.
But the directory listing doen't list the subdirectories which are
secured with .htaccess-Files.
Is there a possibility to change this behaviour??
Best wishes
Mic
Ok, and what happends if not a browser requests that mp3 file, but a custom
made program that download all the files?
Octavian
- Original Message -
From: "Jonathan Zuckerman"
To:
Sent: Thursday, March 26, 2009 8:06 PM
Subject: Re: [us...@httpd] How to prevent a site to be grabbed ?
On Thu, Mar 26, 2009 at 3:00 PM, Lampa wrote:
> VirtualDocumentRoot /var/www/domain.tld/home/%-3
> Everything woks ok (installed mod PHP). Excpet that variable
> DOCUMENT_ROOT ($_SERVER['DOCUMENT_ROOT'] in php) points to /htdocs.
VirtualDocumentRoot causes files to be served from somepla
Hello,
on my one server i've compiled (first tried from packages) httpd
2.2.11 (then tried 2.2.6). With following configuration:
ServerRoot "/usr/local/httpd-2.2.6"
Listen 8080
LoadModule php5_module modules/libphp5.so
User www-data
Group www-data
HostnameLookups On
Timeout 300
KeepAlive On
Guys,
I have a strange issue going on, I have several rewrite rules that are set up
like this
RewriteRule ^/gototheweb http://www.mydomain.com/some/on/mysite/theweb
[NC,R=301]
RewriteCond %{REQUEST_URI} !^/gototheweb
The problem I got is that when users try to enter in GOTOTHEWEB, they are
We are witnessing a potential bottleneck using piped logging. Each web server
handles relative large amount of concurrent connections. It is running on
CentOS 5.x, using worker MPM. We use piped log to cronolog. We are discovering
when the web server reach ~6K concurrent connections (our reques
Use a one-time pad. Every URL to an mp3 is not an actual resource,
it's a link that is generated when the user indicates a desire to
download the mp3, and the mp3 is then copied from a protected place to
a public place. After that link is accessed one time, a script is run
which outputs the mp3 a
hugh williams writes:
>>
>>
>> This works fine in both Apache 1.3.33 and 2.2.3; however 2.2.3 also
>> send the following error warning into the error log:
>>
>> [Wed Oct 22 14:50:00 2008] [warn] [client xxx.xxx.xxx.xxx] regex
>> capture $1 refers to no regex in /users/hughw/public_html/spclhand/
Yep... my email client must have stripped them
Justin Pasher wrote:
> Joseph Morgan wrote:
>> I have somehow mangled my virtual hosts.. or so I think. I have two web
>> sites http://www.ProSportsResumes.com, and
>> http://www.VideoFortWorth.com, among others hosted on the same machine.
>> If you
Actually I take that back, this is never going to work. If the user
doesn't remain on the page sending the data until it's all sent, then
it will never work. There is no web server in the world that can do
what you want.
On Thu, Mar 26, 2009 at 10:33 AM, Jonathan Zuckerman
wrote:
> So far as I
So far as I know you would have to use ajax to get it to work the way you want.
Isn't the user interested in knowing whether their upload was a success?
On Wed, Mar 25, 2009 at 11:26 PM, Anuradha wrote:
> Hi ,
>
> One my of requirement demands me to read only initial data and send the
> response
On Thu, 2009-03-26 at 15:40 +, Andrew Hole wrote:
> By default the following instructions are commented:
>
> # Server-pool management (MPM specific)
> #Include conf/extra/httpd-mpm.conf
>
> In this case MPM is enabled ? Which are the default values?
>
The MPM is configured when the server is
On Thu, 2009-03-26 at 09:28 -0500, Joseph Morgan wrote:
> I tried just the *:80... but that didn't work at all... no web sites
> worked after that...
You should have these directives in your conf file:
Listen 80
NameVirtualHost *
ServerName www.prosportsresumes.com
# all other directives f
Dan Poirier wrote:
> It might be that since wireshark does this so well, nobody's
> felt the need to add it to Apache. Have you looked at wireshark?
Yes, I used it a few times. Actually I haven't thought to use it on
server-side, but someone else suggested that off-list. The problem is tha
On Thu, 26 Mar 2009 09:58:51 -0500, Justin Pasher
wrote:
> Joseph Morgan wrote:
>> I have somehow mangled my virtual hosts.. or so I think. I have two web
>> sites http://www.ProSportsResumes.com, and
>> http://www.VideoFortWorth.com, among others hosted on the same machine.
>> If you visit http:
> Christian Buczek wrote:
>>
>> *Von:* Joseph Morgan [mailto:josephmmor...@hotmail.com]
>> *Gesendet:* Donnerstag, 26. März 2009 03:21
>> *An:* users@httpd.apache.org
>> *Betreff:* [us...@httpd] Mangled my Virtual Hosts
>>
>> I have somehow mangled my virtual hosts.. or so I think. I have two web
Hi;
I posted this 5 months ago, and got no response. So I'm going to act
insanely (insanity: doing the same thing over and expecting different
results) and repost in hopes that some different readers are here.
Why is Apache 2.2.x throwing these warnings? I have upgraded to 2.2.9
since postin
By default the following instructions are commented:
# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf
In this case MPM is enabled ? Which are the default values?
By the way:
The number of active workers on Apache is exactly the same number of active
threads in Tomcat?
Joseph Morgan wrote:
I have somehow mangled my virtual hosts.. or so I think. I have two web
sites http://www.ProSportsResumes.com, and
http://www.VideoFortWorth.com, among others hosted on the same machine.
If you visit http://www.VideoFortWorth.com, you'll see
"ProSportsResumes" in the title, b
Florent Georges writes:
> Hi,
>
> I am looking for a way to log all the HTTP traffic, as it
> appears on the wire, including headers and entities content
> (well, it can be in another format, but I'd like to have those
> info.) I looked at mod_log_config[1] and mod_logio[2], but it
> seems t
I tried just the *:80... but that didn't work at all... no web sites
worked after that...
Only 127.0.0.1:* seems to work at the moment... but I'm going to try to
use my actual network assigned IP as suggested by Christial Buczek...
I think I have it all matching... but will check to be sure.
OK... will try that when I get back to the office... Will this IP need
to be in my hosts file as well? That is, instead of (or in addition to):
127.0.0.1 localhost
127.0.0.1 www.VideoFortWorth.com
127.0.0.1 www.ProSportsResumes.com
I should have:
127.0.0.1 localhost
192.168.x.x www.VideoFortWo
That's one of the mysteries... one of the first things I checked...
nothing in my HTML does it but ProSportsResumes is the first listing
in the virtual hosts... so I'm thinking it may have a relationship
Krist van Besien wrote:
> On Thu, Mar 26, 2009 at 3:21 AM, Joseph Morgan
> wrote:
Hi,
I am looking for a way to log all the HTTP traffic, as it
appears on the wire, including headers and entities content
(well, it can be in another format, but I'd like to have those
info.) I looked at mod_log_config[1] and mod_logio[2], but it
seems this is not supported.
Quite surpris
Hi Everybody!
I wonder if someone can help me? I'm interested in restricting access to
certain resource based on the following criteria:
The users name
Or
the users group
Standard fare so far. I'm using mod_authn_dbd to authenticate the user from
my MySQL database.
For Authoriza
On Thu, Mar 26, 2009 at 5:33 AM, Christian Buczek wrote:
>> NameVirtualHost 127.0.0.1:*
>
Careful, you need to have a literal match for these pair of arguments
to get things to work properly.
--
Eric Covener
cove...@gmail.com
---
On 26.03.09 10:46, Andrew Hole wrote:
> There are two files in DocumentRoot:
> index.php and index2.php
>
> The following directive is configured in httpd.conf
>
> DirectoryIndex index.php
>
>
> There is the following instruction inside index.php :
>window.location =localHost+"/index2.p
On 26.03.09 02:16, Tadeu Alves wrote:
> latelly i've got a nasty problem, in my webserver, when i do good amount of
> refresh (f5) my apache starts eating all the memory and if i doesn't stop
> apache it just goes on consuming the server resource (ram, swap, cpu) i
> don't know what can be...
php
Hello
Couldn't you do a $_GET or $_POST in your PHP code to check for idLang
and if nothing was specified, default the variable to 1? For example:
switch ($_SERVER['REQUEST_METHOD']) {
case "GET":
$idLang = $_GET['idLang'];
break;
case "POST":
$idLang = $_POST['idLang'
Password-protect it, and don't give the password to anyone. :-)
If someone sees a page from your site, that page was already downloaded to the
visitor's computer, and a visitor can create a program that download all the
pages which he can access using a browser.
Octavian
- Original Message
Hi guys!
There are two files in DocumentRoot:
index.php and index2.php
The following directive is configured in httpd.conf
DirectoryIndex index.php
There is the following instruction inside index.php :
window.location =localHost+"/index2.php?idLang=1";
When I invoke the URL on browser
On Thu, Mar 26, 2009 at 6:20 AM, Richard Peacock
wrote:
> Lol, good answer Krist!
>
> Although many people have tried to prevent things like right-click and
> grabbing of files from their websites, they are all bypassable in one
> way or another ;)
>
>
>
>
> -Original Message-
> From: Kris
Lol, good answer Krist!
Although many people have tried to prevent things like right-click and
grabbing of files from their websites, they are all bypassable in one
way or another ;)
-Original Message-
From: Krist van Besien [mailto:krist.vanbes...@gmail.com]
Sent: 26 March 2009 10:15
On Thu, Mar 26, 2009 at 9:57 AM, J. Bakshi wrote:
> So I'm looking a way to prevent my site to be grabbed. Could any one
> suggest any measure in apache or .htaccess ?
Don't connect your site to the internet. That will prevent is from
being grabbed.
Krist
--
krist.vanbes...@gmail.com
kr...@va
Krist van Besien wrote:
> Ad the following in your VirtualHost block:
>
> Order deny, allow
> Allow from All
>
It seems that was the answer indeed, but it worked only when I used * instead
of /*.
So everything's fine now, thanks again to both of you!
Regards,
--
Florent Georges
htt
Von: Joseph Morgan [mailto:josephmmor...@hotmail.com]
Gesendet: Donnerstag, 26. März 2009 03:21
An: users@httpd.apache.org
Betreff: [us...@httpd] Mangled my Virtual Hosts
I have somehow mangled my virtual hosts.. or so I think. I have two web
sites http://www.ProSportsResumes.com, and
http:/
Hello,
This is a very worried continuation of my previous mail "how to prevent
mp3 downloading ?"
André Warnier has already opened my eyes that wget and curl are quite
capable to bypass the .htaccess by using --user-agent option and I
myself successfully downloaded some file and folders from the m
41 matches
Mail list logo
