Hi,
DocumentRoot should not be writeable for the uid apache uses (wwwrun in our
case, it's a suse System). That is what i read everywhere. We have a
webapplication which creates pictures on the fly for delivery with PHP.
Is there a secure way for this scenario ?
Bernd
Bernd Lentes
Helmholtz Ze
Some AIX tips for compilation here: https://wiki.apache.org/httpd/AIXPlatform
On Fri, Feb 10, 2017 at 1:20 PM,
wrote:
> Krishnachaitanya,
>
> You can set compiler flags before time to set up the build environment. You
> might also need coreutils depending on what your build server looks like.
>
Krishnachaitanya,
You can set compiler flags before time to set up the build environment. You
might also need coreutils depending on what your build server looks like. Below
are some of the options that come in handy:
export CC=/usr/vacpp/bin/xlc --- or wherever you have the compiler installed
Why does the server offers sslv3 when I Only enable SSLv3 :-s
SSL_PROTOCOL SSLv3
From: Eric Covener
To: users@httpd.apache.org
Cc: Christopher Schultz
Date: 10/02/2017 13:48
Subject:Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is
enabled
Hi Bharath/William,
I have checked for the build directory under /var/build with config.nice file.
There I could see what were the options used while compiling.
Is there a way to proceed from here? Can you please help.
I'm a newbie to Apache !!
Regards,
Krishna
-Original Message-
Fr
On Fri, Feb 10, 2017 at 3:29 AM, Sven Crul wrote:
> I cannot get the server to offer SSLV3 when TLS is enabled (Any TLS )
> when I do ssl protocol SSLv3 then sslv3 works but from the moment I add TLS
> , SSLv3 no longer works
>
​Debian compiles openssl w/o SSLv3 support. You'll need to build a
The traces have been wrapped by the mail client, which makes it hard to
read.
I posted the two traces to a pastebin here so that you can better read
or download it.
http://pastebin.com/16FpfnSy
http://pastebin.com/V39UyNZQ
On 02/10/2017 10:52 AM, Gerhard Gappmeier wrote:
> Hello,
>
> since I've
Hello,
since I've upgrade from Debian Jessie to Debian Stretch I have a weird
problem.
The server is reachable via two NICs, one internal one external.
Every morning the server is not reachable anymore from external, but
works from internal on port 443 (HTTPS).
Apache restart does not help, but af
Just tried a fresh install
allowed all ciphers (just for testing)
with
$
# options.
# Enable only secure ciphers:
SSLCipherSuite ALL:!aNULL
# SSL server cipher order preference:
# Use server priorities for cipher algorithm choice.
# Clients
Hi Jesus,
It looks like mod_log_forensic could help you
-Original Message-
From: Jesus Cea [mailto:j...@jcea.es]
Sent: 10 February 2017 04:49
To: users@httpd.apache.org
Subject: [users@httpd] Logging requests and authentication in real time, not
only when the request is done.
Apache log
at this moment i have this
But i had everything :-p
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate. See
the
# ciphers(1) man page from the openssl package for list of all
available
# options.
# Enable only secu
do you change SSLCipherSuite?, show us which one you have
2017-02-10 9:29 GMT+01:00 Sven Crul :
> Hi,
>
>
> First off all Thanks , like already said I tried about everything :-(
> nevertheless i tried all of them again ... without success.
>
> I cannot get the server to offer SSLV3 when TLS is
Hi,
First off all Thanks , like already said I tried about
everything :-( nevertheless i tried all of them again ... without success.
I cannot get the server to offer SSLV3 when TLS is enabled (Any TLS ) when
I do ssl protocol SSLv3 then sslv3 works but from the moment I add TLS ,
SSLv3 no lo
Thank a lot for the patch Yann,
I will check if this fits in.
regards,
Rashmi
On Wed, Jan 25, 2017 at 6:04 PM, Yann Ylavic wrote:
> Hi,
>
> On Wed, Jan 25, 2017 at 9:17 AM, Rashmi Srinivasan
> wrote:
>
> > We are trying to port the fix for CVE (CVE-2016-8743) to 2.4.18. Tried
> > checking th
14 matches
Mail list logo
