Hi
Yes, we're also seeing some different behaviour since the update to 2.4.64
To us, it seems like an incomplete fix that has unwanted side effects.
This is the patch for CVE-2025-23048 ->
https://github.com/apache/httpd/commit/c4cfa50c9068e8b8134c530ab21674e77d1278a2
How to r
On Fri, 11 Jul 2025, Pavel Matěja wrote:
Hi,
I've just updated Apache to the 2.4.64 version and it's kind of strange.
I used to got proper response from Apache with multiple virtual hosts.
When I tested using
openssl s_client -connect A.B.C.D:443 -crlf -noservername
after upgrade I
Hi,
I've just updated Apache to the 2.4.64 version and it's kind of strange.
I used to got proper response from Apache with multiple virtual hosts.
When I tested using
openssl s_client -connect A.B.C.D:443 -crlf -noservername
after upgrade I got:
421 Misdirected Request
"The cli
Severity: moderate
Affected versions:
- Apache HTTP Server 2.4.17 through 2.4.63
Description:
Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP
Server.
This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63.
Users are recommended to upgrade to version
Severity: moderate
Affected versions:
- Apache HTTP Server through 2.4.63
Description:
In some mod_ssl configurations on Apache HTTP Server versions through to
2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to
hijack an HTTP session via a TLS upgrade.
Only
Severity: low
Affected versions:
- Apache HTTP Server 2.4.26 through 2.4.63
Description:
In certain proxy configurations, a denial of service attack against Apache HTTP
Server versions 2.4.26 through to 2.4.63 can be triggered by untrusted clients
causing an assertion in mod_proxy_http2
Severity: moderate
Affected versions:
- Apache HTTP Server 2.4.35 through 2.4.63
Description:
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63,
an access control bypass by trusted clients is possible using TLS 1.3 session
resumption.
Configurations are
Severity: moderate
Affected versions:
- Apache HTTP Server 2.4.0 through 2.4.63
Description:
HTTP response splitting in the core of Apache HTTP Server allows an attacker
who can manipulate the Content-Type response headers of applications hosted or
proxied by the server can split the HTTP
On Mon, Jun 9, 2025 at 5:23 PM Paul wrote:
> On 6/9/25 14:50, Bill Wiest wrote:
> > So, I have installed Apache 2.4.63 and this worked, using the default
> > httpd.conf file.
> >
> > However I have now encountered a new, but similar, error:
> >
> > C:\A
On 6/9/25 14:50, Bill Wiest wrote:
So, I have installed Apache 2.4.63 and this worked, using the default
httpd.conf file.
However I have now encountered a new, but similar, error:
C:\Apache24\bin>httpd.exe
httpd.exe: Syntax error on line 188 of C:/Apache24/conf/httpd.conf:
Cannot loa
On Mon, Jun 9, 2025 at 3:15 PM Bill Wiest wrote:
> So, I have installed Apache 2.4.63 and this worked, using the default
> httpd.conf file.
>
>
>
> However I have now encountered a new, but similar, error:
>
>
>
> C:\Apache24\bin>httpd.exe
>
> httpd.exe:
As I indicated in this thread earlier, I have installed both the x86 and x64
redistributables, as both were missing on the machine. I was getting a similar
error with loading the other modules, such as mod_actions.so until I tried the
latest version of Apache (4.63, instead of 4.62).
This is
So, I have installed Apache 2.4.63 and this worked, using the default
httpd.conf file.
However I have now encountered a new, but similar, error:
C:\Apache24\bin>httpd.exe
httpd.exe: Syntax error on line 188 of C:/Apache24/conf/httpd.conf: Cannot load
c:/PHP/php5apache2_4.dll into server:
The x86 and x64 redistributables were missing, but, after installing them and
restarting the machine I still get the same error.
From: Bill Wiest
Sent: June 9, 2025 9:28 AM
To: users@httpd.apache.org
Subject: RE: [users@httpd] Apache 2.6 Can't Find Server Root - Win 11
CAUTION: This
That may be,
I will check.
From: Eric Covener
Sent: June 9, 2025 9:22 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Apache 2.6 Can't Find Server Root - Win 11
CAUTION: This email originated from outside of the organization. Do not click
links or open attachments unles
>> httpd.exe: Syntax error on line 75 of C:/Apache24/conf/httpd.conf: Cannot
>> load modules/mod_actions.so into server: The specified module could not be
>> found.
>
>
> Windows will give this error if a dependency of the .so is not found.
> Could you be missing some redistributable runtime?
On
On Mon, Jun 9, 2025 at 9:20 AM Bill Wiest wrote:
> I have to move my Apache 2.6 installation from a Windows 10 machine to a
> Windows 11 machine.
>
>
>
> I copied the C:\Apache24 folder over to C:\Apache24 on the Win 11 machine.
>
>
>
> When I launch Apache on
I have to move my Apache 2.6 installation from a Windows 10 machine to a
Windows 11 machine.
I copied the C:\Apache24 folder over to C:\Apache24 on the Win 11 machine.
When I launch Apache on the Win 11 machine, I get this error:
C:\Apache24\bin>httpd.exe
httpd.exe: Syntax error on line 75
sting 'CGIDScriptTimeout 240' by removing the 'D', and Apache won't
start, despite lsof showing that mod_cgi.so is loaded.
Ok... so the docs actually say that CGIDScriptTimeout was introduced in
2.4.10, and CGIScriptTimeout in 2.4.59. Ubuntu 24.04.2 is on 2.4.58. My bad.
removing the 'D', and Apache won't start,
despite lsof showing that mod_cgi.so is loaded.
On Sat, May 17, 2025 at 4:00 PM EML wrote:
> This combination (22.04.2/2.4.58) defaults to mpm_prefork. I have a
> previous (working) Apache config which uses mod_cgid, and which sets
> 'CGIDScriptTimeout'. Since this is a non-threading prefork system, I'
This combination (22.04.2/2.4.58) defaults to mpm_prefork. I have a
previous (working) Apache config which uses mod_cgid, and which sets
'CGIDScriptTimeout'. Since this is a non-threading prefork system, I've
attempted to change 'CGIDScriptTimeout' to 'CGIScriptTi
On 2025-04-23 14:16, Rainer Canavan wrote:
> From: Erik Thuning
[...]
> I have an apache server running as reverse proxy for a tomcat
> application using mod_proxy_ajp. An external application pulling data
> from mine has a hard requirement to get a content-length header in the
&g
> From: Erik Thuning
[...]
> I have an apache server running as reverse proxy for a tomcat
> application using mod_proxy_ajp. An external application pulling data
> from mine has a hard requirement to get a content-length header in the
> response and won't accept trans
Hi!
I'd be grateful for any insight into what seems like it must be a simple
issue, but I can't for the life of me find any answers in the
documentation or on the wider internet.
I have an apache server running as reverse proxy for a tomcat
application using mod_proxy_ajp. A
Subject: Fortigate 301E firewall is using Apache HTTP server
Good day from Singapore,
I have discovered that Fortigate 301E firewall is using Apache HTTP server!
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individuals in Singapore
GIMP = Government-Induced Medical Problems
24 Mar
I have that line in my ssl.conf file. It was initially set to "off", but even
after I changed it to "on" I get the same results.
I actually don't think this is an apache issue exactly. I'm going to check with
the openssl group, I think that is where the refusal
On Mon, Mar 3, 2025 at 10:20 PM Schuler, Laurence wrote:
>
> It appears that the HelloClient message has the target hostname within it, so
> mod_ssl should be able to say "ok, this hostname is *not* in my server
> cert(s), I'm not going to talk to this guy. reject.
Setting "SSLStrictSNIVHostChec
On Mon, Mar 3, 2025 at 4:20 PM Schuler, Laurence (GSFC-606.4)[ADNET SYSTEMS
INC] wrote:
> I have a web server [apache 2.4.62 on a RedHat9 server] that receives an
> SSL request for the address "https://1.2.3.4/"; (with the real serevr IP),
> the server will reply by sending i
I have a web server [apache 2.4.62 on a RedHat9 server] that receives an SSL
request for the address "https://1.2.3.4/"; (with the real serevr IP), the
server will reply by sending its certificate back and then I assume the client
compares the hostname on the cert and sees that it doe
On 2025-03-02 09:43, Bo Berglund wrote:
On Sat, 1 Mar 2025 19:07:09 -0500, Frank Gingras wrote:
Side note here, avoid using other folks' domain names, it's a bit rude.
Use example.tld if you have munge the domain names.
I did not know that mydomain was a real domain
It looks like what I
On Sat, 1 Mar 2025 19:07:09 -0500, Frank Gingras wrote:
>Side note here, avoid using other folks' domain names, it's a bit rude.
>Use example.tld if you have munge the domain names.
I did not know that mydomain was a real domain
It looks like what I thought it was, a placeholder.
--
Bo Ber
On Sat, Mar 1, 2025 at 6:26 PM Bo Berglund wrote:
> On Fri, 28 Feb 2025 10:30:51 -0500, Frank Gingras
> wrote:
>
> >Moving to a modern mod_md approach might be better then, or alternatively,
> >if you want to keep using the third party letsencrypt tools, asking your
> >distro's support venues mi
On Fri, 28 Feb 2025 10:30:51 -0500, Frank Gingras wrote:
>Moving to a modern mod_md approach might be better then, or alternatively,
>if you want to keep using the third party letsencrypt tools, asking your
>distro's support venues might work.
I don't want to move to a different method right now
On Fri, Feb 28, 2025 at 5:28 AM Bo Berglund wrote:
> On Wed, 26 Feb 2025 11:30:12 -0500, Frank Gingras
> wrote:
>
> >
> >
> >Nowadays, you should use mod_md:
> >
> >https://httpd.apache.org/docs/current/mod/mod_md.html
>
> Strange, one would assume
On Fri, Feb 28, 2025 at 10:25 AM Bo Berglund wrote:
> On Fri, 28 Feb 2025 10:07:48 -0500, Frank Gingras
> wrote:
>
> >On Fri, Feb 28, 2025 at 5:28?AM Bo Berglund
> wrote:
> >
> >> Anyway, since I have moved/copied everything related to letsencrypt from
> >> the old
> >> to the new server, how c
On Fri, 28 Feb 2025 10:07:48 -0500, Frank Gingras wrote:
>On Fri, Feb 28, 2025 at 5:28?AM Bo Berglund wrote:
>
>> Anyway, since I have moved/copied everything related to letsencrypt from
>> the old
>> to the new server, how can I disable letsencrypt renewals on the old
>> server and
>> enable on
On Wed, 26 Feb 2025 11:30:12 -0500, Frank Gingras wrote:
>
>
>Nowadays, you should use mod_md:
>
>https://httpd.apache.org/docs/current/mod/mod_md.html
Strange, one would assume that mod-md is a way to tell Apache to render MarkDown
documents (filename.md), rather than hand
On Wed, Feb 26, 2025 at 11:26 AM Bo Berglund wrote:
> I have migrated my old Ubuntu server functionality to new hardware and in
> the
> process I rsynced all the Apache and letsencrypt configs etc to the new
> server.
> The new server received a fresh install of Ubuntu 24.04.1
I have migrated my old Ubuntu server functionality to new hardware and in the
process I rsynced all the Apache and letsencrypt configs etc to the new server.
The new server received a fresh install of Ubuntu 24.04.1 and then I have
reinstalled Apache, Suibversion etc and used the old server&#
Hello Team,
I am currently using Apache HTTP Server 2.4.37 on Red Hat Enterprise Linux 8.9
(Ootpa) and I am facing an issue when attempting to upload large files via HTTP
chunked transfer encoding.
Issue:
I am writing a TR143 HTTP client for upload testing using the HTTP chunked
encoding method
Apache HTTP Server 2.4.63 Released
January 23, 2025
The Apache Software Foundation and the Apache HTTP Server Project
are pleased to announce the release of version 2.4.63 of the Apache
HTTP Server ("Apache"). This version of Apache is our latest GA
rele
I suspect the problem is in our firewall:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-ERR-SSL-PROTOCOL-ERROR-when-using-Flow-based-Deep/ta-p/357555
On Mon, Nov 25, 2024 at 2:44 PM frank picabia wrote:
> I've been struggling with this issue on a couple of our Apache
I've been struggling with this issue on a couple of our Apache servers, but
not all.
In the last week or two, Chrome has updated their browser and that is when
some users
started to experience SSLProtocol error in the browser. Nothing is logged
on the server with normal warn level of loggin
On Thu, Oct 24, 2024 at 4:09 PM Bill Wiest wrote:
> Hi Frank
>
>
>
> Your suggestions resolved. I thought I’d mention, I did a search for
> AddHanler php apache and got to the below page on Apache Lounge which
> addresses this very problem:
>
>
>
> https://www
Hi Frank
Your suggestions resolved. I thought I’d mention, I did a search for AddHanler
php apache and got to the below page on Apache Lounge which addresses this
very problem:
https://www.apachelounge.com/viewtopic.php?t=9247
Thanks so much for your help!
From: Frank Gingras
Sent
, which I did not alter from using
versipn 2.4.12 of Apache – I just copied the PHP config info from the .12
httpd.conf to the .62 httpd.conf, which includes the addition of these AddTypes:
AddType application/x-httpd-php .php .html .phtml .php3 .inc .conf
AddType application/x-httpd-php-source .phps
alhost/1.php
>
>
>
> I have a few other PHP files there which all run fine. One, called 7.php
> has a PHP block at the top which echoes the word “Hi” followed by a web
> page. So, I assume there is no issue with my PHP setup, which I did not
> alter from using versipn 2.4.12 o
On Thu, Oct 24, 2024 at 12:09 PM Bill Wiest wrote:
> Hi there
>
>
>
> We currently use Apache 2.4.12 (Win32) with PHP 5.6.10 and need to
> upgrade. I am working on getting Apache 2.4.62 running but have a problem
> with the named virtual hosts which work fine under 2.4.12
Hi there
We currently use Apache 2.4.12 (Win32) with PHP 5.6.10 and need to upgrade. I
am working on getting Apache 2.4.62 running but have a problem with the named
virtual hosts which work fine under 2.4.12. The web pages for these hosts are
being placed into my Downloads folder instead of
On 14/10/24 12:48, Jack Swale wrote:
httpd: Syntax error on line 150 of /usr/local/apache2/conf/httpd.conf:
Cannot load modules/libphp.so into server: ld.so.1: httpd: fatal:
relocation error: file /usr/local/apache2/modules/libphp.so: symbol
EVP_md2: referenced symbol not found
/usr/local/apa
On Mon, Oct 14, 2024 at 6:48 AM Jack Swale
wrote:
> httpd: Syntax error on line 150 of /usr/local/apache2/conf/httpd.conf:
> Cannot load modules/libphp.so into server: ld.so.1: httpd: fatal:
> relocation error: file /usr/local/apache2/modules/libphp.so: symbol
> EVP_md2: referenced symbol not fou
httpd: Syntax error on line 150 of /usr/local/apache2/conf/httpd.conf: Cannot
load modules/libphp.so into server: ld.so.1: httpd: fatal: relocation error:
file /usr/local/apache2/modules/libphp.so: symbol EVP_md2: referenced symbol
not found
/usr/local/apache2/modules
garnet(150) $ ldd libphp.s
> Also, Apache should have reported this unclosed on restart.
Config parsing isn't file based/scoped. If you use it eats
everything until the closing even if it's from a different
Include'ed file and not
On Fri, Oct 11, 2024 at 4:32 AM Adam Mihai Gergely
wrote:
> Hello,
>
> I have a rather wierd question about Apache Directives Configuration.
>
> I am running Ubuntu Linux Server and my Apache Tree looks like this:
>
> server [/etc/apache2] # tree
> .
> ├── apache2.c
Hello,
I have a rather wierd question about Apache Directives Configuration.
I am running Ubuntu Linux Server and my Apache Tree looks like this:
server [/etc/apache2] # tree
.
├── apache2.conf
├── apache2.conf.dpkg-old
├── apache2.conf.in
├── conf-available
│ ├── charset.conf
To clarify a bit regarding what exactly the regression is:
This works in earlier Apache 2.4 versions:
AddHandler proxy:unix:/run/sockets/uwsgi-fcgi.sock|uwsgi:// .php
But with 2.4.60 and newer, this results in an error message:
AH10097: error parsing URL //: Invalid host/port
If one then
On Wed, Oct 9, 2024 at 5:31 AM Abhijith wrote:
> Thanks I understand. But can you suggest any debugging method to find out
> which file is requesting the file
>
> On Wed, 9 Oct 2024, 10:37 Frank Gingras, wrote:
>
>>
>>
>> On Tue, Oct 8, 2024 at 11:25 PM Abhijith wrote:
>>
>>> Yes, I understand
Hi,
I see that there is a regression with uwsgi when using Apache 2.4 fixes
introduced in July with Apache 2.4.60/2.4.61, this also goes for the recent
regression fixes for Apache 2.4.62 released by Debian yesterday (DSA
5729-2).
The uwsgi regression is described here, but apparently has not
Thanks I understand. But can you suggest any debugging method to find out
which file is requesting the file
On Wed, 9 Oct 2024, 10:37 Frank Gingras, wrote:
>
>
> On Tue, Oct 8, 2024 at 11:25 PM Abhijith wrote:
>
>> Yes, I understand that now. That I shouldn't allow clients to access my
>> .htt
On Tue, Oct 8, 2024 at 11:25 PM Abhijith wrote:
> Yes, I understand that now. That I shouldn't allow clients to access my
> .httaccess file. I don't know why the error occuring
>
> On Tue, 8 Oct 2024, 17:47 Frank Gingras, wrote:
>
>>
>>
>> On Tue., Oct. 8, 2024, 1:13 a.m. Abhijith,
>> wrote:
>
Yes, I understand that now. That I shouldn't allow clients to access my
.httaccess file. I don't know why the error occuring
On Tue, 8 Oct 2024, 17:47 Frank Gingras, wrote:
>
>
> On Tue., Oct. 8, 2024, 1:13 a.m. Abhijith, wrote:
>
>> Hi,
>> Yes, In the the root directory there is .htaccess fil
On Tue., Oct. 8, 2024, 1:13 a.m. Abhijith, wrote:
> Hi,
> Yes, In the the root directory there is .htaccess file, the content of the
> file is
> ```
> RewriteEngine on
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteCond $1 !^(index\.php|robots\.txt|favicon\.i
Hi,
Yes, In the the root directory there is .htaccess file, the content of the
file is
```
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond $1 !^(index\.php|robots\.txt|favicon\.ico)
RewriteRule ^(.*)$ /index.php/$1 [L]
```
Since by @Eric's sugge
On Mon, Oct 7, 2024 at 7:51 AM Eric Covener wrote:
> On Mon, Oct 7, 2024 at 7:12 AM Eric Covener wrote:
> >
> > >> [Sun Oct 06 10:02:48.889047 2024] [authz_core:error] [pid 10:tid
> 131326541519672] [client 192.168.16.1:49194] AH01630: client denied by
> server configuration:
> /usr/local/apache
On Mon, Oct 7, 2024 at 7:12 AM Eric Covener wrote:
>
> >> [Sun Oct 06 10:02:48.889047 2024] [authz_core:error] [pid 10:tid
> >> 131326541519672] [client 192.168.16.1:49194] AH01630: client denied by
> >> server configuration:
> >> /usr/local/apache2/htdocs/apps/admin/public_html/.htaccess
>
> T
Thanks for the response,
There is no other config file than admin.conf.
here is the result of `apachectl -S`:
```
[Mon Oct 07 11:30:45.926201 2024] [core:trace3] [pid 102:tid
123653751024456] core.c(3469): Setting LogLevel for all modules to trace8
[Mon Oct 07 11:30:45.926287 2024] [core:trace3] [p
>> [Sun Oct 06 10:02:48.889047 2024] [authz_core:error] [pid 10:tid
>> 131326541519672] [client 192.168.16.1:49194] AH01630: client denied by
>> server configuration:
>> /usr/local/apache2/htdocs/apps/admin/public_html/.htaccess
This error means it's not filesystem permissions. Are there other
Hi all,
I’m working on Dockerizing a PHP application and configuring Apache, but
I’m encountering an issue related to `.htaccess` that I can’t seem to
resolve. I’d greatly appreciate any guidance from the community!
Here’s the setup I’m working with:
*Docker Compose File (docker-compose.yml
Thank you for pointing it out.
After turning off the ProxyRequests and making one change within the below
snippet resolved the Qualys vulnerabilities 62002 and 62054.
AllowOverride None
Options None
Require all denied
We made sure it doesn't break the integration we had with Apache
Hello,
We are using Apache HTTPD 2.4.53 for an internal content management system. It
is not customer-facing. The security solution considers the proxy vulnerable to
an "Unauthenticated/Open Web Proxy Detected" vulnerability. After many back and
forths with them to check if it
to
limit users -- are you going to maintain a htpasswd entry for each user?
Or use "require" to allow IP ranges or domains? Again, you need to be able
to test this as you go.
On Fri, Sep 27, 2024 at 7:31 AM Shinde, Pramod K
wrote:
> Hello,
>
> We are using Apache HTTPD 2.4.53
Hello Eric,
I have opened a Bug for this issue - Bug
69344<https://bz.apache.org/bugzilla/show_bug.cgi?id=69344>
Regards,
Dev
From: Eric Covener
Sent: Saturday, September 14, 2024 12:35 AM
To: users@httpd.apache.org
Subject: Re: FW: [users@httpd] rewrite rule issue with Apache 2.4
I haven't had a chance to look, please open a bug with as much detail
as you can:
https://bz.apache.org/bugzilla/enter_bug.cgi?product=Apache%20httpd-2
On Fri, Sep 13, 2024 at 2:36 PM Daiya, Devendra singh
wrote:
>
> Hey Eric,
>
>
>
> Did you get chance to review below l
@httpd] rewrite rule issue with Apache 2.4.62
Hi Eric, Looks like mail was not posted on time. Re-attempting. Kindly review.
Thanks. Regards, Dev From: Daiya, Devendra singh Sent: Tuesday, September 10, 2024 9: 45 PM To: users@
httpd. apache. org
Hi Eric,
Looks like mail was not posted on time
Hi Eric,
Looks like mail was not posted on time. Re-attempting.
Kindly review. Thanks.
Regards,
Dev
From: Daiya, Devendra singh
Sent: Tuesday, September 10, 2024 9:45 PM
To: users@httpd.apache.org
Subject: RE: FW: [users@httpd] rewrite rule issue with Apache 2.4.62
Hi Eric, Below are Traces
id#7fc5a8004f80/initial] setting
lastsub to rule with output /launchpad.html
[Thu Sep 05 06:17:05.862711 2024] [rewrite:trace2] [pid 3531713:tid 3531735]
mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - -
[xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial] forc
On Mon, Sep 9, 2024 at 1:25 PM Daiya, Devendra singh
wrote:
>
> Hi Eric, Team,
>
>
>
> We tested our application with 2.4.62 pointing to older version of
> mod_rewrite.so module (2.4.59) and application is working fine.
>
>
>
> Could you please let us know if there are any limitation defined in
To: users@httpd.apache.org
Subject: RE: FW: [users@httpd] rewrite rule issue with Apache 2.4.62
Hi Eric, For both versions, we have the same config. Below are the end-to-end
files. httpd. conf #HTTPD. CONF #TEMPLATE? ServerName xyz. hostname. com Listen
1098 LoadModule mpm_event_module modules
On Tue, 3 Sep 2024 01:04:13 -0400, Yehuda Katz wrote:
>
> I have been asked by a number of friends/colleagues why I am still on the
> HTTPD users list when people are so unfriendly.
> While this response is technically correct, and supporting a Ubuntu
> packaged version of httpd is potentially not
;> kaushalshri...@gmail.com> wrote:
>>>
>>>> I am running Ubuntu server version 24.04 LTS. Is there a way to update
>>>> Apache httpd to the latest version 2.4.62?
>>>>
>>>
>>> You can always download and compile HTTPD for yourself.
On Tue, Sep 3, 2024 at 12:56 AM x wrote:
> On Tue, Sep 3, 2024 at 12:45 AM Kaushal Shriyan
> wrote:
>
>> Are there any release notes where the security changes related to Apache
>> HTTPD version 2.4.62 have been backported to the Apache HTTPD packages
>> suppli
On Tue, Sep 3, 2024 at 12:45 AM Kaushal Shriyan
wrote:
>
>
> On Tue, Sep 3, 2024 at 9:08 AM Yehuda Katz wrote:
>
>> On Mon, Sep 2, 2024 at 11:30 PM Kaushal Shriyan
>> wrote:
>>
>>> I am running Ubuntu server version 24.04 LTS. Is there a way to update
On Tue, Sep 3, 2024 at 12:45 AM Kaushal Shriyan
wrote:
> Thanks, Yehuda, for the quick response. I really appreciate it. Are there
> any release notes where the security changes related to Apache HTTPD
> version 2.4.62 have been backported to the Apache HTTPD packages supplied
&g
On Tue, Sep 3, 2024 at 9:08 AM Yehuda Katz wrote:
> On Mon, Sep 2, 2024 at 11:30 PM Kaushal Shriyan
> wrote:
>
>> I am running Ubuntu server version 24.04 LTS. Is there a way to update
>> Apache httpd to the latest version 2.4.62?
>>
>
> You can always downlo
On Mon, Sep 2, 2024 at 11:30 PM Kaushal Shriyan
wrote:
> I am running Ubuntu server version 24.04 LTS. Is there a way to update
> Apache httpd to the latest version 2.4.62?
>
You can always download and compile HTTPD for yourself. The instructions in
the documentation are pretty cle
Hi,
I am running Ubuntu server version 24.04 LTS. Is there a way to update
Apache httpd to the latest version 2.4.62?
Please guide me. Thanks in advance.
Best regards,
Kaushal
er always set X-Xss-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
Header always set Strict-Transport-Security "max-age=63072000;
includeSubDomains;"
Header always set Content-Security-Policy "default-src https: data:
&
<mailto:devendra.s.da...@wellsfargo.com>
From: Eric Covener
Sent: Wednesday, August 28, 2024 7:17 PM
To: users@httpd.apache.org
Subject: Re: FW: [users@httpd] rewrite rule issue with Apache 2.4.62
> Is there anything we need to update in config file for Rewrite rule? I
> responded last week with follow
> Is there anything we need to update in config file for Rewrite rule?
I responded last week with followup questions.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.
Apache 2.4.62
Hi Team, We are facing issues with rewrite rule, post migrating from 2. 4. 59
to 2. 4. 62. We faced similar issues with 2. 4. 60/61 as well. We are using
below rewrite rules: Below are set in httpd. conf file: - RewriteRule
^--proto--/--error-- \ /launchpad. html
Hi Team,
We are
Hi.
This is a follow up to the issue I posted earlier with the Github
app/https://github.com/berat/waitlist-landing-page.
The app is a node app that I wanted to display via Apache/ubuntu.
I'm posting this here as a dat apoint to anyone who might search for
node/pm2/apache/reverse proxy!
(had created a thread for this a few days ago.. but it was
accidentally deleted!)
Hi Frank/list.
This is continuing on my issue of figuring out how to have a test
github/node app run from apache2.
Instead of getting the site content, I seem to get -->"403 forbidden
No matching DirectoryIndex..."
> Could you please review this case and let us know if we need to adjust any
> configuration with 2.4.62 version.
>
> 2.4.62 (failing to error.html)
>
> [Mon Aug 19 14:14:47.360450 2024] [rewrite:trace4] [pid 1177:tid 11999]
> mod_rewrite.c(505): [client :] - -
> [cci-launchpad-dev.hostname.com
Hi Team,
We are facing issues with rewrite rule, post migrating from 2.4.59 to 2.4.62.
We faced similar issues with 2.4.60/61 as well.
We are using below rewrite rules:
Below are set in httpd.conf file: -
RewriteRule ^--proto--/--error-- \
/launchpad.html [PT,L]
RewriteRule ^(--proto--/.*)-
(only x86_64 GNU/Linux)apache 2.4.62 index file download bug:
index file,file name is "CGI-SpeedyCGI-2.22-apache2.2.tar.gz",cannot download,
error_log and access_log is 200 response。
brower is chrome.
Hi,
Apache noob here. I have apache 2.4.59 setup as a reverse caching proxy in
order to cache files requested by clients from a server on the Internet. I
want to also use an upstream forward proxy that controls access to the 'net
with basic authentication. I have Squid 4.14 running on Windo
Hi;
On Wed, Jul 31, 2024 at 12:04 PM Marijn Schops | HostYou
wrote:
>
> It feels like I’m missing something very obvious, can anyone point me in the
> right direction?
Possibly https://bz.apache.org/bugzilla/show_bug.cgi?id=69203
Regards;
Yann.
---
posts here since the release and I can’t find anyone else
complaining about this. There is one serverfault post
<https://serverfault.com/questions/1163041/apache-cant-find-php-files-encoded-with-20>
, but it has been removed for reasons of moderation ☹
It feels like I’m missing something v
On Sat, Jul 27, 2024 at 6:59 PM bruce wrote:
> Hi all/Frank!
>
> I've managed to "get" 2 different test sites running separately. They
> each have different "vhost" config files. They each have different pm2
> server port addresses
>
> However, when I
> a2ensite berat_h chainsafe
> systemctl
1 - 100 of 18656 matches
Mail list logo
