Got an email this morning from LEt's Encrypt (perhaps their last?) that
certs were to expire soon.
Checking logs, etc. seems like certbot was working fine for quite a
while, with the last renew bring in December. Expires in March.
No problems reported by apachectl configtest or apach
On 2/9/2024 12:58:15, joe a wrote:
I have apache configured as a reverse SSL proxy.
Users connecting to the back end service are warned about the
certificate, which, when installed shows the cert has the domains of the
apache hosted site, not the proxy site. The apache hosted site/domains
On 2/8/2024 22:52:59, joe a wrote:
On 2/5/2024 14:19:24, joe a wrote:
On 2/5/2024 13:24:22, Frank Gingras wrote:
On Mon, Feb 5, 2024 at 1:20 PM joe a <mailto:joea-li...@j4computers.com>> wrote:
On 2/5/2024 11:58:55, Frank Gingras wrote:
>
>
> On Mon,
I have apache configured as a reverse SSL proxy.
Users connecting to the back end service are warned about the
certificate, which, when installed shows the cert has the domains of the
apache hosted site, not the proxy site. The apache hosted site/domains
names have their own valid
<mailto:users-unsubscr...@httpd.apache.org>
For additional commands, e-mail: users-h...@httpd.apache.org
<mailto:users-h...@httpd.apache.org>
Why are you using nginx at all in this set up?
The application, a FOSS project, provided a docker image to ease setup
for interne
On 2/5/2024 14:19:24, joe a wrote:
On 2/5/2024 13:24:22, Frank Gingras wrote:
On Mon, Feb 5, 2024 at 1:20 PM joe a <mailto:joea-li...@j4computers.com>> wrote:
On 2/5/2024 11:58:55, Frank Gingras wrote:
>
>
> On Mon, Feb 5, 2024 at 11:55 AM jo
On 2/5/2024 13:24:22, Frank Gingras wrote:
On Mon, Feb 5, 2024 at 1:20 PM joe a <mailto:joea-li...@j4computers.com>> wrote:
On 2/5/2024 11:58:55, Frank Gingras wrote:
>
>
> On Mon, Feb 5, 2024 at 11:55 AM joe a mailto:joea-li...@j4computers.com>
On 2/5/2024 11:58:55, Frank Gingras wrote:
On Mon, Feb 5, 2024 at 11:55 AM joe a <mailto:joea-li...@j4computers.com>> wrote:
In a case where there is only one available incoming IP, is there a
way,
within apache, to host different domains, each on its own internal
In a case where there is only one available incoming IP, is there a way,
within apache, to host different domains, each on its own internal
server, without requiring the external "calling browser" being any the
wiser? That is, without requiring the browser to "ask again" in
ep 28, 2023 at 4:23 PM Cox, Kim A-CTR (FAA)
mailto:kim.a-ctr@faa.gov.invalid>> wrote:
Thank you, Frank. So the Apache related software versions I listed(being older
than the current release) are fully supported on IPv6?
From: Frank Gingras mailto:thu...@apache.org>>
Sent: Thursday, S
list is really for the Apache HTTPd product; IPv6 has been fully
supported on it for a long time now.
On Thu, Sep 28, 2023 at 3:10 PM Cox, Kim A-CTR (FAA)
mailto:kim.a-ctr@faa.gov.invalid>> wrote:
Apache mail list members: I’ve searched the archives and doc for Apache
support for IP
Apache mail list members: I've searched the archives and doc for Apache
support for IPv6 on RedHat Linux 8.x without success. Can anyone comment on
support for the following Apache apps, or point me to where to find a
compatibility matrix for the Apache products and IPv6 please? Than
the Index.
Now I want a hyperlink on the Index page that will bring up Page1.
Probably not ana Apache problem; have you tried:
If that fails look in your logs and send the relevant lines to this list.
Good luck -- Paul
I have been unable to make anything work. Is Page1 in the wrong place
Dear Apache,
My story is the same as before, I would like to get my WordPress
working throughout a Windows 10 home network, but
can't seem to succeed.
I don't want to introduce the complications of bind or dns,
or any other similar facility in Windows.
Isn't there just a
builder. In Permalinks I have selected ‘Post name’. I am using the theme
‘Twenty Twenty-one’ to rely my present website on. I am operating in an
entirely Windows 10 local, home network.
I am aware that it is possible to run Apache as a webserver through a local
network only, certainly a Windows
base URL, Apache web server will decide from which
directory to serve the index file or other files. There will be a user file
where user can list which website is mapped to which directory.
For example:
abcd:com:/abcd
xyz.com:/xyz
I am not familiar with Apache web server code so can someone
On 2021-09-21 6:25 p.m., Daniel Armando Rodriguez wrote:
Here it is the curl result from the same host
[snip]
From apachectl -S I see the problem is related to what vhost is set as
default
VirtualHost configuration:
*:80 is a NameVirtualHost
default server 4
Hi Antony,
No reply to either of my unsubscribe messages was received. And yes, I did
check my spam folder. Not sure if the issue is on the Apache side or the
Hotmail side, but I appreciate your letting me know there's supposed to be a
reply and confirmation. At least now I know wher
Per the instructions in list emails, I've sent a couple emails to
users-unsubscr...@httpd.apache.org this week, but I'm still getting emails from
the list. Any idea what gives?
Thanks,
Scott
ntent-Type: text/html; charset=iso-8859-1
<
302 Found
Found
The document has moved https://{ip}/test_error_404.json";>here.
* Closing connection #0
which to me suggests potential confusion between "HTTP/1.1 302 Found"
for your test_error_404.json, but then gets a "HTML
I will quote myself on how best I recommend to deal with it:*
*
*DNFTEC* - This acronym goes all the way back to 1996. Its the original
"don't feed the trolls." DNFTEC stands for 'don't feed the energy
creatures' and a great description of what/who these
oblem.
However, Apache's rotatelogs isn't quite as feature rich as logrotate, and
logrotate has been a de-facto standard on Linux for a very long time,
I'm not sure where "rich" becomes "poor"? Been using both for a couple
of decades or more. If it ain't bro
One thing I didn't see mentioned in the replies is if the DAC on the folder is
set to world writable (and I agree with all the responses that say this is a
terrible idea) but it still LOOKS like a permissions issue (access denied or
other unexplained failures) did you check if MAC (SEL
OK, so why DOCUMENT_URI means one thing in an echo and something else is an
'if' test when inside a nested SSI is still a mystery, but I thought I'd post
my workaround in case someone finds this in the future. Basically, all I did
was set a variable inside nested.shtml and t
Greetings Apache gurus!
My attempted use case is to use Apache server side includes to adjust the
styling of a NavBar, highlighting the active page, but it’s not working. The
reason why is that in a nested SHTML file, it appears the the variable
DOCUMENT_URI, when referenced by an
Per
So, I have a setup where I have an “external” Apache httpd (CentOS 7; Apache
2.4) server that handles SSL, has CacheEnable disk “/” configured and is a
reverse proxy with a Proxy balancer object and one BalancerMember which is an
“internal” Apache httpd server running php-fpm and serving the
OK, so I figured out what’s going on, but it has opened up a whole new mystery
for me.
I took a look at the back-end server logs and for everything that was “working”
I found that, for a config line like this:
ProxyPassMatch "^/login$" balancer://webfarm/login.php
A reques
I’m configuring a reverse proxy in stages. Initially, I just wanted to see if
the proxying would work, so In a virtual server, I set up a Proxy
balancer://webfarm with a couple BalancerMembers inside and an lbmethod of
byrequests. Then I used a:
ProxyPass / balancer://webfarm
to make sure I
IMHO, Web Sockets aren't going to get you any real benefit here. The primary
point of web sockets is to keep a bidirectional conversation open for the long
term during a visitor's session which makes it super beneficial to something
like an infinite scroll, but it sounds like your pr
Sounds like a job for AJAX, but before throwing out the baby with the bath
water I'd seriously consider turning up logging with timestamps on your
existing CGI and seeing if SSI is a loser in its entirety or if it's one
specific part of the process that is tanking your page load time
Did you load mod_authz_core? The Require directive is not included in the core
module and which additional modules are loaded is controlled either by your
distro or by your choices during build. I found this out while locking down a
web server to the minimal needed modules.
https
Interesting. I'd have to maintain a list of files I "disabled" but it may end
up being worth it. Although, commenting or emptying the files when I'm
initially building my template may be less effort in the long run. I'll have
to think about it. Thanks for
I'll check with the CentOS crew. Thanks very much. 🙂
Scott
From: Frank
Sent: June 11, 2020 6:54 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] How to permanently disable default config files
On 10/06/20 05:29 PM, Scott A. Wozny wrote:
>
d settings.
Then I did a yum update to httpd. The disable files were still there, but the
installer replaced the "missing" .conf file which kept my instance from loading
(I have disabled modules necessary for some of the config lines in these conf
files).
Is there a "standard"
(relatively trustworthy!) on the
filesystem to drop publications, documentations e.g. which are
referenced by a database as path+filename to the files. php then
produces with this database information www-pages with html-links to
these files.
If people drop *.php files as documentation for the source
Looks like it's not enabled on your listener. The global setting is not
correctly
inherited (and can lead to crashes because the merging is not handled
correctly
either.) I'd explicitly enable it in the first instance of each
you
are configuring.
The fix is non-trivial, feel free to
ther the listener accepts
TLS 1.2 handshakes, or it does not, it won't look at SNI until the handshake
is in flight with the respective TLS handshake.
This points out the possibility of multi-homing the box with one IP which
accepts TLS 1.2+ and a different IP listening with TLS 1.3 only.
On Thu, Oct 17, 2019 at 9:04 AM David Tkacik <
dtka...@healthcoachinstitute.com> wrote:
>
> But when I try to connect I’m getting 400 Bad Request
>
Change your Apache LogLevel to 'debug' and repeat the attempt, examine the
error log and feel free to quote it here for further guidance.
og Formats section of the mod_ssl documentation says "these formats even work
without setting the StdEnvVars option of the SSLOptions directive", so that was
the last area I thought I would need it for. It's probably not a MONUMENTAL
hit generating these, but if I can avoid it, I&#x
Does anyone know if the balancer manager page in Apache 2.4 has any
documentation? If you choose to edit balancer settings for a balancer, two of
the available options are Failover Attempts and Disable Failover, but I can't
find anything that explains exactly how those features work. A
att wrote:
> I have tried everything and I can't get Apache (2.4.39) to pass the
> X-Forwarded-For header to my tomcat (8.5) instance.
>
> I have apache listening on port 8081 and bound to the public IP address as
> a reverse proxy to a backend tomcat instance which is also bo
While progressively disabling modules I don't need for my application, I found
an issue with apachectl configtest returning Syntax OK, but the restart of
httpd failing.
When I comment out:
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
And do a sudo apachectl configtest I get
Hi Dino,
This looks interesting. I'll definitely need to do some more studying of a
number of directives I'm not familiar with. I will dig further.
Thanks very much for your reply,
Scott
From: d...@tuxweb.it
Sent: September 22, 2019 4:45 AM
Hi Yann,
That's a great article. I read it while I was researching this topic and it
was great about discussing how mod_proxy, mod_proxy_fcgi and PHP-FPM
interrelate, but I was still left unclear on whether or not that stack still
relied upon basic mod_cgi as it's backbone or not.
Dearest Apache Gurus,
Do mod_cgi and mod_cgid have any sort of dependency relationship to
mod_proxy_fcgi? I only want to use CGI as a means to execute PHP code so,
mod_proxy, mod_proxy_fcgi and PHP-FPM sounds like the stack I need, but I
wanted to confirm that “classic” mod_cgi(d) is not
Greetings Apache Gurus,
I am presently trying to form a content compression strategy for a new Apache
2.4 httpd server and have been looking at the mod_brotli and mod_deflate
modules. The first thing I noticed about them, comparatively, is how very
similar they are in terms of functionality
gt;
> and I do see messages going to logs/error_log such as start/stop and
> certain types of errors such as access denied, but something simple like
> a file not found error is not getting logged outside of certain scripts
> not being found associated with SriptAlias definiti
between
requests?
On Tue, Aug 27, 2019 at 10:20 PM kishore wrote:
> Hi,
> Upon further investigation we found there is a memory leak which is
> causing increase in usage of swap memory. Once the swap memory runs out of
> space one of the child process generates a core file.
> T
On Wed, Jul 31, 2019 at 7:27 PM Nigel B. Peck wrote:
>
> Setting up LD_LIBRARY_PATH in the envvars seems the best way to go in my
> case then, with the need to avoid a system-wide install. Good to have
> understood the options better.
>
w.r.t. Apache httpd, there is an installe
mod_fastcgi is long abandoned and was not a part of the httpd project. A
derivative work mod_fcgid is maintained (lethargicly) by the project as a
separate download ... https://httpd.apache.org/mod_fcgid/ and a new *core*
module was introduced, mod_proxy_fcgi that is part of the standard
he version
> number stable within an OS release. I.e., RH-7 will maintain the
> 2.4.6 httpd version number. You need to look at the number after that
> (currently 2.4.6-89) to see the incremental change numbering. You can
> look up the CVEs against RH's change log and/or update ann
On Mon, Jun 3, 2019 at 11:08 PM Geoff Russell
wrote:
> Hi Douglas,
>
> Thanks for your help. I've spent about 6 hours on this problem and it
> has just vanished ...
>
> I tried elinks as a substitute for telnet ... telnet does succeed in the
> socket handshake, to i
You need to build OpenLDAP against the OpenSSL in use (this is also true of
curl for mod_md.) Every bit including APR-util are all going to need to
agree on the flavor of OpenSSL in use.
On Fri, May 3, 2019, 14:12 ken edward wrote:
> Hello,
>
> I successfully built a FIPS open
On Wed, Apr 17, 2019 at 4:08 PM Rose, John B wrote:
> Why would ssl.conf certificate settings override the certificate settings
> in a specific virtual host config file?
>
The concept is inheritance. Picture all the #include'ed .conf files
flattened at the global scope, unless y
On Wed, Apr 10, 2019 at 7:30 PM Du Hao wrote:
> Is Apache HTTP Server going to drop TLSv1.2 support in near future? If
> not, it is a bug that affects user who voluntarily choose to not use
> TLSv1.3.
>
Because 2.4 dates all the way back to the now-unsupported 0.9.8 lifecycle,
it se
On Wed, Apr 10, 2019 at 10:48 AM Du Hao wrote:
>
> I suspect there is a bug involved in the SSL client verification type
> changing and the re-negotiation flow. While I admit it may be a corner case
> but the original use case is very crucial to my current user base. I
> checked t
In general, problems which stretch back to the initial 2.4.1 or commonly
deployed 2.4.3 might also affect 2.2.x or 2.0.x. As users have had almost a
decade to adjust and these versions are EOL, the project seems unlikely to
care, and notices are everywhere that the old flavors are no longer
The requests processed asked to GET and POST to / in HTTP/1.1 protocol.
Why do you suppose your server should reject a request for the content '/'?
Seems like a very strange concern.
Depending on the handler charged with processing '/', the remaining '?'
query args
On Tue, Apr 2, 2019 at 2:35 AM Steffen
wrote:
> The ASF HTTPD project did not mention security vulnerabilities fixed in
> the initial changelog 2.4.39.
To be 100% accurate, the ASF HTTP Server project had not announced the
release of 2.4.39. It had concluded a vote, but only th
On Tue, Jan 29, 2019, 14:16 Jerry Malcolm On 1/29/2019 12:31 PM, William A Rowe Jr wrote:
>
> On Tue, Jan 29, 2019 at 12:27 PM Jerry Malcolm
> wrote:
>
>> I'm running a very recent version of WAMP x64. I inherited an 'ancient'
>> php app that requires php
On Tue, Jan 29, 2019 at 12:27 PM Jerry Malcolm
wrote:
> I'm running a very recent version of WAMP x64. I inherited an 'ancient'
> php app that requires php 5.2 and no higher. I went through the
> process of adding php 5.2 to WAMP, and I copied php5apache2_4.dll from
header. It would be nonsense to compress all
such 1mb content on the fly, so instead you provision all three files
alongside one another. E.g. index.html.nc, index.html.gz and index.html.br
reside in the same directory, and the request comes in for index.html
triggering a search for the best match
On Tue, Jan 8, 2019 at 10:48 AM wrote:
>
> I have migrated a user module mod_example from 1.3 to 2.4. But when I try
> to start the apache it is giving a segmentation fault and creating a core.
>
> Following is the stacktrace while debug:
> t@1 (l@1) signal SEGV (no mapping at
u shouldn't ever need
to send signals to any process except the parent. There are four signals
that you can send the parent: TERM, USR1, HUP, andWINCH, which will be
described in a moment."
So what you seek to do is, effectively undocumented/unsupported. Debug mode
is not a supported operating mode, as I mentioned earlier.
On Fri, Nov 30, 2018 at 1:40 PM Jack M. Nilles wrote:
> # http redirect
>>>
>>>
>>>
>>>
>> Note you have an error there, the incoming request will be matched to
only one list of matching VirtualHosts, host1.com alone on the first,
and host2 alone on the second list. You surely meant these to sh
ote:
> Hi,
>
> I am trying to cache the requests coming on my Apache web server using the
> mod_socache_redis module. After loading the module, I am sending a request
> from Apache to my redis server in the following format-
> SSLSessionCache redis://localhost:4321
> 4321 is the por
Graceful shutdown is a WINCH signal.
In -X mode you don't have a parent -> children relationship with httpd,
just the worker process. It isn't for normal operation.
On Thu, Nov 22, 2018 at 7:28 AM Hemant Chaudhary <
hemantdude.chaudh...@gmail.com> wrote:
> Hi,
>
&g
You are absolutely right, there is a NULL quadword at the expected position
of the module signature. How this happened is the question.
Could it be possible that you are still compiling against httpd 1.3 include
files? The ordering of the module structure has changed. If the -I include
paths are
d up your exercise; it
is most
direct to get 2.4 going.
> In 2.4 itself the error is same.
>
> The signature created turns out to be . I could not understand
> this part. I have gone through the internet and there are always some
> definite signature is available but in my ca
On Mon, Nov 12, 2018 at 10:38 AM wrote:
>
> I have installed and set up httpd 2.0.65 version of apache server on
Solaris 11
Speaking for most readers of this list, we wonder why... what would lead
you to such a silly act? Is this in the syllabus/exercises inflicted by a
cruel
teaching ass
ow if specific revision can be ported to fix
> CVE-2016-4975
>
This particular CVE is easily addressed by a patch to encode the mod_userdir
inputs. Not using mod_userdir external redirects is equally simple and
similarly
solves the issue . Avoiding mod_alias as well as mod_rewrite is quite
It is a confusing message. Your mail server is rejecting some messages sent
to you by the list server, perhaps because it detects spam, perhaps because
there was a short window the server was down/in maintenance.
On Sat, Nov 3, 2018, 08:26 Leland Your messages are the only ones being bounced
not apr_unescape_urlencoded. Perhaps it
> is apr_unescape_url and there is some fun with the naming. Looking at
> the tests, they do not seem as rigorous. A brief look at
> encoding/apr_escape.c and I see x2c and c2x. I want to ask you all as
> the docs mention
> http://www.w3.org/TR/html401/int
A number of regressions are fixed in 2.4.35, please retest against that
version.
On Fri, Oct 12, 2018, 15:27 Schettler, Marty L. <
martin.l.schett...@leidos.com> wrote:
> My reverse proxy config doesn’t work with SSL any more as I try to upgrade
> from 2.4.29 to 2.4.34.
>
I've looked at the httpd and apr code, what source package were you using
which started from a default MAX_IOVEC_TO_WRITE (APR_MAX_IOVEC_SIZE?) of 6?
TIA,
Bill
On Thu, Sep 27, 2018 at 11:59 AM Hemant Chaudhary <
hemantdude.chaudh...@gmail.com> wrote:
> Hi,
>
> I have s
libcrypt has nothing to do with libcrypto/libssl of openssl. They can be
loaded in parallel. Because crypt was implemented in triple DES 156 bit,
proven to convey only 112 bits of encryption strength, that cipher is no
longer a part of openssl. But the system library for crypt'ed passwords
re
that optional apr_crypto_openssl module is triggered before httpd
loads mod_ssl, it may resolve the wrong library, so you may want to get
the appropriate -R path into the apr-util build.
Also, apr-util can load one of many different keyed or relational DB
or ldap providers, most of which have linkages to a c
duler) via browser, even after
successfully authenticating with the product, I am unable to access it. In
Internet Explorer, I receive a blank white page, and in Firefox I receive the
following error dialog "Firefox has detected that the server is redirecting the
request for this address in
ectives?
>
The syntax of SSL_CMD_ALL(CipherSuite, TAKE1, ...) states that only a
single token is permitted (confirmed in 2.4.current).
It will consider each token individual arguments, and only one is
permitted. Placing the space-seperated tokens within double quotes causes
httpd to treat it as a
The proxy response input is dechunked as it is retrieved from the back end.
Any chunking to the client is introduced by httpd after filtering.
It may be that the request deflate and inflate filters have comingled a
zlib stream context?
On Tue, Sep 4, 2018, 12:43 Maarten Boekhold wrote:
>
-info page we have activated to ensure that
> the LimitRequestFieldSize was high enough (curently set at ~40k)
>
>
> 129: LimitRequestBody 52428800
> 130: LimitRequestFields 50
> 131: LimitRequestFieldsize 40960
> 132: LimitRequestLine 40960
>
These settings are g
A good argument for following httpd documented convention.
If you want to continue exploring, you would want to quote the cipher
string, since httpd would take apart unquotes, space separated tokens as
different httpd directive arguments, and you surely don't want that.
On Sat, Aug 25, 201
ns of other posts asking the same question.
It's an entirely reasonable extension of FTP, which if it existed,
mod_proxy_ftp could be enhanced to support.
On Jul 25, 2018 23:34, "William A Rowe Jr" wrote:
If I understand your question, mod_proxy_ftp does not speak ftp to the
ine for me using release 2.4.25 to
> send urls matching a pattern to a proftpd server running on the same
> system. I have noticed that the source IP address in the ftpd log is the
> same as the httpd running the mod_proxy_ftp module. Am I correct in
> assuming that neither mod_remotei
ctory is read-protected.
>
Likely answered elsewhere.
> http requests yield eroor 400:
> Bad request!
> Your browser (or proxy) sent a request that this server could not
> understand.
>
That is straightforward, your *client*, not httpd, has been sending bad
requests. Those might have
On 06/22/2018 12:35 AM, Michael A. Peters wrote:
*snip*
Okay looks like a difference between what is actually in Apache and what
websites idicate.
Seems with the code in Apache, for the filter BROTLI_COMPRESS is correct
- not BROTLI.
Not sure about setting compression level and window size
oCase Request_URI \.txt$ no-br
then apache won't start:
[alice@localhost ~]$ apachectl -M
AH00526: Syntax error on line 4 of /etc/httpd/conf.d/brotli.conf:
Invalid command 'BrotliCompressionLevel', perhaps misspelled or defined
by a module not included in the server configuratio
On 06/10/2018 06:04 AM, Paul Gardiner wrote:
I have just installed openSUSE Leap 15.0 on a server including Apache
2.4.33 and php 7.2.5.
If I attempt to access .php files, I'm offered them as downloads,
although renaming them to .php3 makes them work fine. I have this file
amongst my a
.
> >> Please send me to the appropriate mailing list. Thanks.
> >
> > What's the context? Given where you asked, I'll guess you're writing
> > a module for your web server, in which case, there's a modules-dev list
> > for the next question.
&
Your next thing to test, from a vanilla/completely reset browser, would be
to load up these corresponding cert+key and ca chain files into that blank
slate, and ensure that these credentials actually work against your backend;
* SSLProxyMachineCertificateFile
D:\sys-projects\aaa\Apache24
e noticed is that I'm not a
> native speaker of Traditional Chinese, for Taiwan people they might feel a
> little weird(though they can understand it).
> On the other hand, I did a lot checking to make sure translations contains
> little mistakes(if any). A reviewer would be hel
of the holy grail in cryptography.
Not just allows PFS, so does TLS 1.2 and with TLS 1.2 PFS cyphers are
all I ever use. TLS 1.3 *mandates* PFS so you don't accidentally enable
a cipher that does not have it, and that i
Yes, I only use ciphers that implement forward secrecy.
On 02/18/2018 01:58 PM, David Mehler wrote:
Hi,
Thanks. Are these ciphers pfs friendly?
Thanks.
Dave.
On 2/18/18, Michael A. Peters wrote:
On 02/18/2018 09:00 AM, David Mehler wrote:
Hello,
I'm looking for recommendations
;t need Tumblr to be able to scrape the OpenGraph data
(Tumblr seems to use a buggy version of libcurl that doesn't tolerate
ECDSA certs) I use the following:
SSLCipherSuite "EECDH+CHACHA20 EECDH+AES256 -SHA"
For sites that I need to be social media friendly, I use RSA cert wi
The whole point of virtual hosts is you can have multiple of them - that
is the whole way Apache configuration works to have multiple sites being
served from the same server... currently I have servers with 20+
virtualhost configurations.
Having a single virtual host is OK - but if you have
The easiest way to do this is to make sure you have the correct hostname
in the virtual host - the one that matches your certificate and another
virtual host which has no hostname in it to catch all the other requests.
return a forbidden response for all requests!
RewriteEngine On
Hi Sharan,
it's usually more efficient to ask the community directly about
project-specific
asks. I've gone ahead and forwarded your note to the users and dev lists
where we are more likely to find the right resources. I personally
know at least
a half dozen httpd committers proficient
According to my notes, that is 2.2.15.
As noted previously, turn to RH for support. The EOL was back in July and
we will stop making public comments or security advisories once we have
fewer than three active project members attending to this legacy version.
On Nov 28, 2017 06:47, "chetan jain"
st Regards,
> Craig
>
> On 10/25/17, 1:05 PM, "Development Manager"
> wrote:
>
> The 2.4.29 changes document doesn't reference any CVE articles, though
> the announcement indicates that this is a security release. Are any
On Mon, Oct 23, 2017 at 11:53 AM, William A Rowe Jr wrote:
> On Mon, Oct 23, 2017 at 11:45 AM, Jim Jagielski wrote:
>> Apache HTTP Server 2.4.29 Released
>>
>> October 23, 2017
>>
>> The Apache Software Foundation and the Apache HTTP Server Proje
1 - 100 of 1460 matches
Mail list logo
