> Why .htaccess? Security tip #1 should be 'disable .htaccess'. Performance
> tip #1 too.
I'm not running a vhost clients can control. I'm running a vhost for
production sites my dev team manages, and I don't always want my dev
team restarting Apache to make changes. Also, .htaccess is in version
I've done a few things already: blocked certain IP blocks, block know
problematic user agents. I'm trying to collect a list of Apache and
site hardening (.htaccess) methods. Please share your favorite.
Jason N
-
The official User
On 5/13/10 8:08 PM, David Banning wrote:
I am wondering how I might do a .htaccess redirect if I want to redirect
domain.com/index.php?id=606
to domain.com
Same domain (as I assume because domain.com and domain.com are the same).
First, you'll need to set up the rewrite basics.
RewriteEngin
> I know. Have any ideas why the email address is apa...@xxx.xxx?
Apache exploit? Just trying to understand.
It's Apache. I'm guessing your web server runs as "apache" so that's why
it's sending email as "apache." It doesn't mean Apache is compromised,
but it may mean you have a publicly writa
On 5/11/10 8:13 AM, Lester Caine wrote:
Malka Cymbalista wrote:
Does anyone have any statistics as to how many people still use Internet
Explorer 6? We are trying to decide whether we can stop supporting it.
The remaining problem is that W2k is still widely used, and so IE6 is
the only browse
W3C Schools publishes a data sheet. I assume it's based on good collection.
http://www.w3schools.com/browsers/browsers_stats.asp
On 5/11/10 7:31 AM, Malka Cymbalista wrote:
Does anyone have any statistics as to how many people still use
Internet Explorer 6? We are trying to decide whether we ca
On 5/9/10 10:36 AM, Eike Frost wrote:
Hi Jason,
On Sun, May 9, 2010 at 5:41 AM, Jason Nunnelley <mailto:ja...@jasonn.com>> wrote:
In our configuration of Apache we push all logs to a single file
via syslog-ng. I need to create some basic log analysis (like
AWstats sty
In our configuration of Apache we push all logs to a single file via
syslog-ng. I need to create some basic log analysis (like AWstats style)
for a single domain out of several domains that post to that file. Any
suggestions on a simple solution?
--
Jason A. Nunnelley
+1 2562971652
http://ww
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
I tend to trust the Apache wiki. It says Safari 3.2.1 on Mac OS X 10.5.6
is supported. No notes on iPhone.
IE7 on XP is not supported. There's an awful lot of XP boxes running IE7
(some still running IE6).
http://www.w3schools.com/brows
On 4/24/10 4:42 PM, Wang, Mary Y wrote:
Crypto,
Thanks for the info on SNI. I'm currently running on httpd-2.0.46, therefore,
SNI support is not there. The browsers support listed on that wiki can't
support the browser versions that are offered in the company currently. The
application is ru
On 4/22/10 1:29 PM, Wang, Mary Y wrote:
...
Apache/1.3.27 "
Apache doesn't typically misrepresent itself. I'd look into this first.
Trace the IPs and the domain and make absolutely sure your domain is
pointing the right server.
You can also go to the machine (host) and do so
Any of you Apache geniuses know how to .htaccess redirect everything BUT
a given directory path?
And, I'll add another twist: it's another URL I need to write. So, I
need local/page.html to rewrite remote/page.html in every case but
local/specified_directory.
--
Jason A. Nunnelley
+1 256297
Blah! I guess a link would be nice:
http://www.digicert.com/unified-communications-ssl-tls.htm
On 4/21/10 8:55 PM, Jason Nunnelley wrote:
There are probably competing, if not free, methods of achieving the
same end. If you need a branded cert, this is a good company. I
endorse them and I&#
There are probably competing, if not free, methods of achieving the same
end. If you need a branded cert, this is a good company. I endorse them
and I'm not a reseller :) Maybe I should be. But, they helped me out of
a bind more than once and it's a great solution for cloud or ephemeral
server
does anyone else have a better solution? besides using SNI
The fastest easiest way to do is is a shared SSL certificate. I've used
Digicert's unified cert to solve this very problem.
--
Jason A. Nunnelley
+1 2562971652
http://www.google.com/profiles/imjasonn
[Member Tekany, LLC]
--
On 4/20/10 8:06 AM, Eric Covener wrote:
On Tue, Apr 20, 2010 at 8:28 AM, Eli Mazin wrote:
Html experience see under emaz I am on the road call me if you need
something on my cel
Don't post this garbage on this mailing list.
Or, a slightly nicer way to say this - there's a "
ServerLimit and MaxClients are relatively light weight (per instance).
You need to do some math here, and it depends on your resources. The
math isn't super simple. There's a static amount of cache memory you can
calculate for each instance. Google and see what folks say about it.
When you max
The conf VirtualHost must include the hostname and the port. You could
just add * to indicate it should listen to all ports.
I'm not sure what teh 8886 port has to do with your problem - not sure
it has antyhing to do with it. You need a Listen *:80 or 192.168.1.1:80
for it to listen on port 8
mod_redirect if it's something you want to force.
On 4/12/10 3:35 PM, motty.cruz wrote:
Hello,
I have apache 2.2 running on FreeBSD. Apache is working fine but when
I go to
Machinename.domain.com defaults to http://machine.domain.com/ instead
of https://machine.domain.com/
I have look ar
On 4/10/10 10:04 AM, Ray Van Dolson wrote:
Why not use splunk.
--
Way too expensive. I think this space could use some competition. :)
(Splunk is pretty awesome however though it wouldn't help me in this
particular case really...).
I keep hearing about folks and Splunk, and would love
I'm using syslog-ng. It does the job.
A nice little rsync script is nice, but you're still storing log files
on the individual servers until you run some rsync and delete script.
This can be risky if resources are limited or machines are ephemeral.
NFS has its own issues as well. You've got t
The goal: to provide for three kinds of applications and application
structures (file structure driven here, so you don't have to understand
what the applications are or do to understand what I'm trying to
accomplish) in a single front end configuration.
All app servers share same front ends, so
22 matches
Mail list logo
