; program for viewing apache connections.
http://fabletech.com/ftss
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more i
;ve never done). I'm also not entirely sure of
what TRACE and TRACK do?
Just set the TraceEnable directive to off. The rewrite rules only apply
for older versions of apache that did not support TraceEnable.
--
Justin Pasher
Distri
ect of also allowing client certificates signed by that CA.
Essentially the SSLCertificateChainFile directive allows you to break
out the intermediate CA to only apply for the server certificate and not
client certificates. I personally have never used client certificates,
so in practice there is
ersions with security
updates available. From that standpoint, I can't offer any first hand
experience (it seems like you've already done the basic checks like
verifying apache is linked to the correct OpenSSL module).
Good luck.
--
Justin Pasher
--
box, and after I looked at the back
trace, I found out it was crashing on a regex handling portion of the
PHP module. Now, once you figure this out, getting a FIX is a different
story...
|
--
Justin Pasher
-
The official Use
ink under
/etc/apache2/conf.d/mythweb.conf that points to the aforementioned file. You'll
have to tweak a few of the settings in the file to make it work for you
(database settings, some directory paths, etc), but that will probabl
]
RewriteRule . http://server/application [R=permanent]
--
Justin Pasher
I get the same looping result. (I shortened application to app because
I am too lazy to type all that!):
The requested URL
/appappappappappappappappappappappappappappappappappappappappapp was
not found on
RewriteCond %{HTTP_HOST} ^application$ [NC]
RewriteRule . http://server/application [R=permanent]
....
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.or
h all requests to the new URL?
RewriteEngine on
RewriteRule . http://survey.juicycouture.com/tellus
Otherwise, just handle the two special cases
RewriteEngine on
RewriteRule ^/$ http://survey.juicycouture.com/tellus
RewriteRule ^/tellus$ http://survey.juicycouture.com/tellus
--
Justin P
andard SSL
port, are you sure you are trying to access the site using https in the URL?
e.g.
https://www.example.com:10991/
and not
http://www.example.com:10991/
and not just
www.example.com:10991
--
Justin Pasher
-
The offici
working properly, then come back to putting it into the apache config.
There is also a chance that the escape sequences for a shell are
different than those for the apache directive. You can verify that by
starting out with a much simpler sed script, then expanding from there.
--
Justin P
or if your code itself is sucking it all up (i.e.
loading tons of data into memory from a database, a script processing a
lot of data in memory, etc).
--
Justin Pasher
-
The official User-To-User support forum of the Apa
docs state that the Timeout directive can be set within a
VirtualHost container, so that should work fine. There is no way that I
know of to verify it was set, but if the directive is within a
VirtualHost container, you should be good.
-
Error: 336027900
error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol speaking
not SSL to HTTPS port!?
Are you sure that whatever is connecting via port 443 is actually using
the HTTPS protocol? Perhaps someone tries to access
http://www.vizion2000.net:443 ?
--
Justin
Justin Pasher wrote:
gary lim wrote:
Hu justin,
1. Because its a production site, we are unable to disable the PHP
modules/script..From the log output below, we are having
difficulty to pinpoint the source of error. I just spent the last
couple of hours to run through the pages and see
suspected flaky hardware (e.g.
bad RAM), but they can't reboot the server to run memtest86 because it's
production. It won't get you any closer to a solution when you can't
test all possible avenues, especially when it's very difficult to even
replicate th
HTTP
if it doesn't start with /webmail.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-un
h only the
older version available (RHEL/CentOS?).
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubsc
ut, using the hostname in the
NameVirtualHost and directives is not recommended (DNS
lookups).
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/user
M". The directive simply checks to make
sure the module is loaded before attempting to set the directives within it.
Make sure you check your Apache logs too for any errors or notifications.
--
Justin Pasher
-
The official
about anything.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.ap
François Beaune wrote:
On Wed, Dec 16, 2009 at 7:00 PM, Justin Pasher
mailto:just...@newmediagateway.com>> wrote:
[snip]
Here is the SSLCipherSuite directive that I use on my servers to
lock out insecure ciphers:
SSLCipherSuite AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:R
within an unintentional container, such as
or . I know that on CentOS, the default config
file that has the SSL directives actually contains the SSLCipherSuite
directive within a container. That threw me off recently
when I was trying to setup apache on a CentOS
g the SSLCipherSuite directive and only offering the
ciphers you have allowed?
http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Serv
erver:8080/VirtualHostBase/https/%{SERVER_NAME}:443/. If
you try to pull up that URL using something like wget or lynx (replacing
${SERVER_NAME} accordingly), do you get a successful response? Do you
see anything in the apache error logs?
--
Jus
/$1 [L]
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
&qu
er
object.
Also, you can use this script to check which ciphers are supported by
your site.
http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh
--
Justin Pasher
-
The official User-To-User support forum of the A
cumentRoot - Single IP, assuming cert
supports all (sub)domains listed. Otherwise Multiple IP
(c) Multiple FQDN, multiple DocumentRoot - Multiple IP addresses (one
for each FQDN)
--
Justin Pasher
-
The official User-To-User suppor
the local network.
[1] http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for
t SNI). Even with a wildcard cert for
*.example.com, I don't believe that will work to example.com.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/user
), and it wants to reload both the cert and private key (private
keys SHOULD only be readable by root, if secured properly). This is all
speculation on my part though.
--
Justin Pasher
-
The official User-To-User support forum
Check out mod_limitipconn.
http://dominia.org/djao/limitipconn2.html
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe,
is-bad [R,L]
2) Try cranking up the RewriteLogLevel a bit to see the rewrites in
action, once again to make sure it's processing properly.
3) Make sure you clear your browser cache. I've seen odd instances where
a browser might cache a redi
ntext of RewriteRule?). You can just capture the results of
RewriteRule match.
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See htt
omain\.com$ [NC]
RewriteRule ^/(.*) http://%1.new-domain.com/$1 [R=301,L]
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more
can limit globally or per virtual host
(whether the "IP address pool" it tracks is virtual host specific, I'm,
not sure).
http://www.dominia.org/djao/limitipconn.html
--
Justin Pasher
-
The official User-To-Use
kingsdata/bookings_data/bookings_10/"
Something like this should get you there (untested).
RewriteRule ^/dms-bookings_([0-9]+)/(.*)
/bookingsdata/bookings_data/bookings_$1/$2
You'll have to leave the first two Alias definitions in there, since
their format is different.
--
act syntax for query string checking off the top of my head, so
this might be a little off).
RewriteCond ${QUERY_STRING} ^id=([0-9]+)$
RewriteRule ^/index.html$ /index/%1/
--
Justin Pasher
-
The official User-To-User support foru
. the timeout setting defined
by that service or daemon), the connection drops. Otherwise, it will
have to continue to wait for a response. This is critical for situations
where the connection is either very slow or is flaky and drops out
freque
o the browser (indicating the
service is unavailable).
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubsc
attack.
My question: is there possible to configure Apache HTTPd in order to
protect it against these attacks?
Check out mod_limitipconn. You can restrict the number of simultaneous
connections from individual IP addresses.
http://dominia.org/djao/limitipconn.html
--
Justin Pasher
m not too aggressive in my settings.
Going the iptables route would work too, but I think it would be much
easier to just manage it strictly on the apache side.
--
Justin Pasher
-
The official User-To-User support forum of the A
/VideoFortWorth
ServerName www.VideoFortWorth.com
I assume these are actually in containers (they don't show
in the email)?
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See htt
status" to see if it says it's enabled. You can try disabling it
temporarily by running "setenforce 0". If the problem goes away, you
have your answer. As far as how to get around it without disabling
SElinux, that would be more appropriate for an SElinux mailing list (and
bey
) versus a 302
(found) redirect shouldn't break any modern browser. Generally a 301
redirect is better in regards to search engine related redirects, but
either should work just fine.
What is the proof that the developer has that shows IE being "broken"?
-
nt file than you
expect, then the problem lies elsewhere. Try doing an "ls
/full/path/in/error/log" to see if the system itself shows the file.
Since I personally have not experienced this problem with autofs, I
can't think
f
it's producing any errors. You can also add the following directive to
your config file to avoid the warning on start-up.
NameVirtualHost 127.0.0.1:80
This will also ensure that Apache tries to server up your VirtualHost
entry when the Host: header is "DataEnv
access to
the files.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsub
be successful). Sometimes daemons
can just act up for no obvious reason.
All in all, signs point more to an autofs problem and not Apache.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server P
log and see what it says. You shouldn't
have to do anything special to make a cert work in IE7 versus IE6, Firefox,
Opera, etc.
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
ot everything
in those directories. The error message (at least one of them) seems to
indicate it is trying to include a PHP file
(/home/domain/apps/Bootstrap.php).
--
Justin Pasher
-
The official User-To-User support forum of
]
RewriteRule .* - [F]
Justin Pasher
/---Original Message---/
/*From:*/ Eric Covener <mailto:[EMAIL PROTECTED]>
/*Date:*/ 01/12/2008 18:27:25
/*To:*/ users@httpd.apache.org <mailto:users@httpd.apache.org>
/*Subject:*/ Re: [EMAIL PROTECTED] .htaccess
On Mon, Dec 1, 2008 at 11:
> On 11/14/08 4:38 PM, Justin Pasher wrote:
>> Tolga Guver wrote:
>>>
>>> Hi,
>>>
>>> I have just setup an apache server in which i want one general page
>>> linked to the users own web pages in their home directories.
>>> I setup
tive to the .htaccess file). You actually don't need a
RewriteBase, because the files are not under
/var/www/webacula/html/webacula. Use these rewrite rules:
Inside /var/www/webacula/html/.htaccess:
RewriteCond %{REQUEST_URI} !^/index\.php$
RewriteRule !\.(js|ico|gif|jpg|png|css)$ /index.php
-
ir in your apache config, correct? Do you by chance have any
rewrite rules in your config that might be messing with the URL?
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See
without going to old emails or the archives).
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail:
ed by RewriteLog) to see exactly how apache is
trying to rewrite it.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
ks - Request to http://foo.localhost/webacula/
Works - Request to http://foo.localhost/webacula/index.php
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist
eRule !\.(js|ico|gif|jpg|png|css)$ index.php
You might need to remove the slash at the beginning of "^/index\.php$"
(I can't recall off the top of my head how the URI will look when
defining the rules in an .htaccess file with a RewriteBase versus the
apache config).
Justin Pasher
h the NFS mount or possibly the network
connection between the server machine and client machine. You can try
checking the system logs on both machines (/var/log/syslog) to see if
anything useful shows up in there. There might also be something in
/var/log/kern.log.
-
://tdocs.travelchannel.com/teams/Login.do
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
"
ame media.domain1.com
|ProxyPassReverse /media/ https://www.domain2.com/media/|
See the documentation for more details.
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
--
Justin Pasher
-
The official User-To-User support for
l
script name or URL, I can't give definitive answers for that. I think
the %ENV hash will hold the rest of the info you need.
Justin Pasher
- Original Message
From: Justin Pasher <[EMAIL PROTECTED]>
To: users@httpd.apache.org
Sent: Tuesday, October 21, 2008 11:00:33 AM
Subject:
s exist on the server. As long as
mod_rewrite is altering the URL in some way unexpected, you're still
going to have weird anomalies.
Also, in what directory is the .htaccess file located? It is inside of a
container?
--
Justin Pasher
---
s is clear enough...
Cheers and thanks,
Erik
Unless I'm misunderstanding the task, a simple RewriteRule will
accomplish this.
RewriteRule .* /cgi-bin/helloworld.cgi [L]
--
Justin Pasher
-
The official User-To-User suppo
les (such as
redirecting a request for ANY arbitrary file that does not exist). You
can explore the "RewriteCond -f" directive to make it smarter in that case.
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewritecond
--
Justin Pasher
--
ives themselves look fine to me, and I
copied them verbatim to my server and it doesn't complain. Perhaps the
file itself is corrupted (something like Windows CRLF line endings
instead of UNIX LF)?
--
Justin Pasher
-
The
directive)?
--
Justin Pasher
- Original Message - From: "Justin Pasher"
<[EMAIL PROTECTED]>
To:
Sent: Friday, October 03, 2008 12:08 PM
Subject: Re: [EMAIL PROTECTED] Protecting a Directory
[EMAIL PROTECTED] wrote:
There still seems to be alot of discrepancy on this issue.
B] flag to work in my Apache 2.2 installation
:( (it says it's an invalid flag). Maybe you'll have better luck than me.
I'm sure there's a way do do this, but I'm not finding anything obvious
in the docs.
--
Justin Pasher
--
access file, so
you'll have to put the .htaccess file in the directory you wish to protect.
I assume you want the user to be prompted for a username/password when
they visit the directory? Basic HTTP authentication will accomplish that
for you.
http://httpd.apache.org/docs/2.2/howto/auth.ht
omain1.com and domain2.com are
completely different web site, even if they are the "same" logically.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apac
that ?
(I did not see a "DirectoryIndex none" as a possibility in the doc)
Thanks in advance
I am not finding a way in the documentation to "disable" a
DirectoryIndex that is already defined, so you might be stuck with the
hack
port 443, so you shouldn't require anything
special in the rewrite rules to accommodate for http versus https.
You might want to put the RewriteCond directive directly above
RewriteRule, for better readability.
--
Justin Pasher
Is there a way to change the RewriteCond or Rewr
in
the VirtualHost container for the NON-https host.
...
RewriteEngine On
RewriteRule ^/(.*)$ https://www.example.com/$1 [R=permanent]
--
Justin Pasher
-
The official User-To-User support forum of the Apache H
Tom
Try removing the QSA flag from the RewriteRule. It should only be needed
when you are modifying the query string (which you are not).
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Pr
Mike Soultanian wrote:
Justin Pasher wrote:
Ahhh... Now it should actually be possible. If possible, I would
(personally) try to push all traffic to www.csulb.edu whenever they
try to pull csulb.edu. Whether or not this is possible in your
situation, I do not know. Something like this in the
Mike Soultanian wrote:
Justin Pasher wrote:
Actually, ignore everything I just said. All this time I thought that
was what apache was doing, but it's actually occurring after the
mismatched server name warning is presented. The rewrite rule will
still catch the request and redirect
Justin Pasher wrote:
Mike Soultanian wrote:
Justin Pasher wrote:
You can simplify this a bit by saying "redirect anything that is not
going to www.csulb.edu". However, you'll have to put the rewrite
directives inside the configuration for the SSL
version of the site, as the
Mike Soultanian wrote:
Justin Pasher wrote:
You can simplify this a bit by saying "redirect anything that is not
going to www.csulb.edu". However, you'll have to put the rewrite
directives inside the configuration for the SSL version
of the site, as the .htaccess file
r.
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.csulb\.edu$
RewriteRule ^/(.*)$ https://www.csulb.edu/$1 [R=permanent,L]
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See htt
uld require the apache processes to be able to
dynamically change configuration options on the fly, which sounds like
it would be extremely messy. It would also have to be defined in some
sort of "user created" container context, and KeepAlive is only support
in the global config
/mdah-live/pubs
DirectoryIndex jmh.html
UserDir disable
ServerName journalmshistory.org
ServerAlias *.journalmshistory.org
DocumentRoot /var/www/sites/mdah-live/pubs
DirectoryIndex jmh.html
UserDir disable
--
Jus
make it match the real
page you want to load.
The third rule catches the request to the root directory.
You might need/want to tweak the second rule on how much of the URL it
matches for the rewrite, since I don't know whether things under &q
getting this rule to work by
itself (which seems like it should with the change above). Then
additional rules can be added.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See ht
d.)
RewriteRule ^jahia/Jahia/(.+)$ $1 [L]
Have you tried using this?
RewriteRule ^/jahia/Jahia/(.+)$ $1 [L]
Notice the slash at the beginning.
--
Justin Pasher
-
The official User-To-User support forum of the Apache
[EMAIL PROTECTED] wrote:
On 9/17/08, André Warnier <[EMAIL PROTECTED]> wrote:
Justin Pasher wrote:
amiribarksdale wrote:
What is the "standard" way to determine whether a user is indeed logged
in to
a site and online right then? I have a web app
okie or session
information stored within your page.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-
emory usages
available here:
http://www.pixelbeat.org/scripts/ps_mem.py
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more
es into play. This is most
commonly set to public_html. The files will be pulled like so...
http://1.2.3.4/~username/ -> pulls from ->
/home/username/public_html (UserDir directive)
--
Justin Pasher
On Sep 16, 2008, at 12:50 PM, Justin Pasher wrote:
Carol Walter w
)? If so, then you
simply need to set the UserDir directive accordingly based upon your
home directory structure. Otherwise, please explain what you are trying
to do a little more.
--
Justin Pasher
-
The official User-To-User su
rewrite rules depends on whether your files or
directories are symlinks. Check the apache error log to see what what
page the browser is attempting to pull.
--
Justin Pasher
-
The official User-To-User support forum of th
t set). If you are trying to
read from the server set value, you should use
$_SERVER['DOCUMENT_ROOT']. If the file works on the other server, then
it probably means you have register_globals set to "on", which is a very
shell's globbing
functionality, which means that it will only return files that exist.
Justin Pasher
- Original Message - From: "Justin Pasher"
<[EMAIL PROTECTED]>
To:
Sent: Thursday, September 11, 2008 6:10 PM
Subject: Re: [EMAIL PROTECTED] Logs
Grant P
reate arbitrary directories/files
like that, then there is no need to worry.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
ing environment, so I didn't even think of it. If all else
fails, I find checking the apache error log can sometimes reveal things
that you may not have known were going wrong.
At any rate, it sounds like you're all set now!
--
Justin Pasher
---
.com/jasonpruim112> to p.php. Is this not
what you are seeing?
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubsc
opposed to Windows. I'm not sure about the availability on Windows.
--
Justin Pasher
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsub
Jason Pruim wrote:
On Sep 10, 2008, at 1:38 PM, Justin Pasher wrote:
Jason Pruim wrote:
Actually it is... It was something that I tried to fix the problem.
All the links refer to /mail.php though...
BEGIN LOG
192.168.0.253 - - [10/Sep/2008:13:28:26 -0400]
[purl.schreurprinting.com/sid
est. This might be
due to the differences in rewrite rules in the apache config versus
.htaccess. Do you have a RewriteBase set in the config? It looks like
%{REQUEST_FILENAME} is not being evaluated to the full path of the file.
I haven't had a chance to test myself in a VirtualHost confi
other
rewrite rules being invoked? Can you turn on the rewrite logging to see
exactly what mod_rewrite is doing?
RewriteLogLevel 3
RewriteLog /path/to/rewrite.log
--
Justin Pasher
-
The official User-To-User support forum of
1 - 100 of 109 matches
Mail list logo
