2 solutions
as you’ve tried before RewriteCond & RewriteRule is one solution, another is
limit & limitExcpet. and please note that even disabling the specific method(s)
in these directives will not remove that method from the Supported Methods
line (allow) in an OPTIONS request.
Tks & b.rgds
>
> Do you also have the corresponding LoadModule directives in your config
> file?
> (shared modules need it to be effectively loaded).
Affirmative:
[root@uszwsls00015la apache2]# egrep "status_module|authz_host"
conf/httpd.conf
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule
On Thu, Mar 19, 2015 at 9:51 PM, Tim Dunphy wrote:
>> mod_status loaded?
>
>
> Yep!
>
> [root@uszwsls00015la apache2]# apachectl -M | grep status
> status_module (shared)
>
> And so are mod_authz_host:
>
> [root@uszwsls00015la apache2]# apachectl -M | grep authz_host
> authz_host_module (shared)
Hello Kees,
Thanks for that suggestion. Not sure if I understood you correctly, but
this is what I tried:
#Mod_status config
ExtendedStatus on
ServerAdmin webmas...@nbcuni.com
DocumentRoot/opt/apache2/htdocs/hcphp.nbc.com
ServerName hcphp.nbc.com
ServerAlias
On Thu, 19 Mar 2015 16:26:28 -0400, you wrote:
>This is what I'm seeing in the error logs:
>
>[Thu Mar 19 13:22:34.274686 2015] [authz_core:error] [pid 56979:tid
>140005409228544] [client 216.178.108.232:63636] AH01630: client denied by
>server configuration: /opt/apache2/htdocs/hcphp.nbc.com/serv
>
> mod_status loaded?
Yep!
[root@uszwsls00015la apache2]# apachectl -M | grep status
status_module (shared)
And so are mod_authz_host:
[root@uszwsls00015la apache2]# apachectl -M | grep authz_host
authz_host_module (shared)
So it's a litle puzzling..
On Thu, Mar 19, 2015 at 4:39 PM, Eric
On Thu, Mar 19, 2015 at 2:35 PM, Cathy Fauntleroy
wrote:
> OpenSSL 0.9.8 supports TLS1.1 but, apparently, not TLS 1.2. At least not
> easily because I am running 0.9.8 and have TLS1.1 protocol enabled. I am
> trying to enable TLS 1.2 with NO luck. I have Apache 2.2.25 installed. Any
> ideas
On Thu, Mar 19, 2015 at 4:26 PM, Tim Dunphy wrote:
> I'm still not sure why this is happening. Any help/clues would be
> appreciated!
mod_status loaded?
--
Eric Covener
cove...@gmail.com
-
To unsubscribe, e-mail: users-unsubs
I misspoke. OpenSSL 0.9.8 does NOT support TLSv1.1. My apologies...
Thanks…
Cathy Fauntleroy, Security+
Van Dyke Technology Group
Email: cathy.fauntle...@vdtg.com
Office: (443) 832-4768
-Original Message-
From: Cathy Fauntleroy [mailto:cathy.fauntle...@vdtg.com]
Sent: Thursday, Marc
This is what I'm seeing in the error logs:
[Thu Mar 19 13:22:34.274686 2015] [authz_core:error] [pid 56979:tid
140005409228544] [client 216.178.108.232:63636] AH01630: client denied by
server configuration: /opt/apache2/htdocs/hcphp.nbc.com/server-status
But that error seems to be referencing ano
>
> How about using this within a Directory entry:
> Order deny,allow
> Deny from all
> # Private IP ranges
> Allow from 127.0.0.1/32
> Allow from 10.0.0.5/32
> And then add the server status are under that Directory...
>
> On 3/19/2015 1:24 PM, Daniel wrote:
>
>
>
> 2015-03-19 18:06 GMT+01:00 Robert Webb :
>
>> I don't agree with your analysis.
>>
>> healthcheck.php is an href
>> inside an html page that does nothing until clicked on by the client.
>>
>> This is all assuming that the access denied he is getting
How about using this within a Directory entry:
Order deny,allow
Deny from all
# Private IP ranges
Allow from 127.0.0.1/32
Allow from 10.0.0.5/32
And then add the server status are under that Directory...
Wouldn't that
OpenSSL 0.9.8 supports TLS1.1 but, apparently, not TLS 1.2. At least not
easily because I am running 0.9.8 and have TLS1.1 protocol enabled. I am
trying to enable TLS 1.2 with NO luck. I have Apache 2.2.25 installed. Any
ideas?
Thanks…
Cathy Fauntleroy, Security+
Van Dyke Technology Group
2015-03-19 18:06 GMT+01:00 Robert Webb :
> I don't agree with your analysis.
>
> healthcheck.php is an href
> inside an html page that does nothing until clicked on by the client.
>
> This is all assuming that the access denied he is getting is from http://
> $(hostname>>-i)/server-status and "se
I don't agree with your analysis.
healthcheck.php is an href
inside an html page that does nothing until clicked on by the client.
This is all assuming that the access denied he is getting is from
http://$(hostname>>-i)/server-status and "server-status" is the html page of
the code he poste
2015-03-19 17:41 GMT+01:00 Tim Dunphy :
> Hey all,
>
> I'm attempting to setup the server-status module and limit access to it
> by IP.
>
> So I have this block in my apache configuration file:
>
> #Mod_status config
> ExtendedStatus on
>
> SetHandler server-status
> Require ip 10.10
Hey all,
I'm attempting to setup the server-status module and limit access to it by
IP.
So I have this block in my apache configuration file:
#Mod_status config
ExtendedStatus on
SetHandler server-status
Require ip 10.10.10.5 127.0.0.1
And if I do a GET by IP, I'm getting permiss
Hi Apache,
I have the below vulnerability:
CONNECT Method Allowed in HTTP Server Or HTTP Proxy Server Vulnerability:
Tried solutions:
a. Commented the connect module in httpd.conf file : LoadModule
proxy_connect_module modules/mod_proxy_connect.so
b. Changed in httpd-ssl.conf f
What version of OpenSSL are you running. I don't believe OpenSSL 0.9.8
supports TLS 1.1 or 1.2.
Robert
On Thu, 19 Mar 2015 12:02:01 +0530
Sailaja Gadireddy wrote:
Hello Team,
Currently my Apache server supports SSLV2, V3, TLSV1.
The client requirement is to enalbe TLSV1.1 or above on t
On Mar 19, 2015, at 01:11 , el kalin wrote:
[…]
> my guess is that the "dummy" connections (since they don't have their own
> process attached to them) are there because some of the other processes that
> do show in ps ask for those at various stages. is it true? how would i know
> which one
Thank you for the update..!
My client requirement is to have only TLS1.1. Even TLS1.0 have to be
disabled.
I would like to know is there a way to use just TLS 1.1 for the older
versions. Or if I upgrade Apache to latest version then will it be possible?
Please do let me know for further details.
Greetings,
For httpd version 2.2.22 and older, only specify TLSv1. This is treated as
a wildcard for all TLS versions.
SSLProtocol TLSv1
Thanks,
Otis
23 matches
Mail list logo
