Search Results

Search found 10640 results on 426 pages for 'apache2 module'.

Page 100/426 | < Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >

How to use chain.p7b with Apache?

- by Debianuser

I wanted to setup a SSL website on Apache and applied for a certificate from my local ISP. All they sent me was a single file named chain.p7b. I have always used certificates from other vendors without any issues but they usually provide two files to be configured as SSLCertificateFile and SSLCertificateChainFile in Apache. Following instructions from several online resources, I opened the p7b file in Windows and extracted 4 certificates from the file. I then tried configuring Apache with one of the files and it worked, but shows a warning: The certificate is not trusted because no issuer chain was provided. I though I have to use remaining 3 files as SSLCertificateChainFile and/or SSLCACertificateFile. I tried that but it didn't work so I am assuming it might be something completely different. Anyone faced this issue before? The following page http://www-01.ibm.com/support/docview.wss?uid=swg21458997 talks about using a keystore but is that relevant to Apache?

Read the article
Configure New Server for .htaccess

- by Phil T

I have a new LAMP CENTOS 5 server I am setting up and trying to copy the configuration from another web server I have. I am stuck with what I think is a mod_rewrite problem. If I go to http://old-server.com/any_page_name.php it correctly routes through some handling code in index.php and shows me a graceful "Page Cannot Be Displayed" message. But if I go to http://new-server.com/any_page_name.php I get an ugly Apache 404 Not Found error message. I looked in both httpd.conf files and they both have only one reference to mod_rewrite. LoadModule rewrite_module modules/mod_rewrite.so So it seems like that should be fine. At the bottom of httpd.conf I have the code: <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/html ServerName new-server.com ErrorLog logs/new-server.com-error_log CustomLog logs/new-server.com-access_log common </VirtualHost> Then in the root of /var/www/html I have the exact same .htaccess file that looks like this: RewriteEngine on Options +FollowSymlinks RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] ErrorDocument 404 /page-unavailable/ <files ~ "\.tpl$"> order deny,allow allow from none deny from all </files> So I don't see why the page load at old-server.com works fine while new-server.com doesn't route through index.php like I want it to do. Thanks.

Read the article
REMOTE_USER not getting set?

- by landed

I am trying to setup LDAP Authentication in Joomla using a plugin called JMapMyLDAP (in fact 4 plugins each doing a different job). I need to pull a part of a string out of the server variable REMOTE_USER and this should be visible (we see here http://timplummer.com.au/4-how-to-integrate-joomla-3-with-active-directory-using-ldap.html) in phpinfo(); The issue is that REMOTE_USER is not set or at least not appearing. A few things to note (if you don't mind) here- conceptually I am not really understanding authentication as a whole subject it appears to be vast despite my years working in websites. Yes I used asp and built php pages to check a user is who they say they are with a token(/session?) that was given to just them and then they are identified when a stateless request is made to the server. Thats my level of understanding. This sounds different to the basic authentication in apache where a password sits in a file and a username and the user needs to login to a basic form to get access to the folder/docs this is via an .htaccess file. Ok so with the LDAP to work I need to get REMOTE_USER this sounds very reasonable as how else do we know is making the request. Thank you.

Read the article
How to set original error message for apache 2.2

- by ffffff

Apache 2.2 default 414 message is Request-URI Too Large The requested URL's length exceeds the capacity limit for this server. I wanna set custom message so I set http.conf ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var But I do not get along well How to set original error message for apache 2.2

Read the article
Apache SMTP connection times out

- by Kaivosukeltaja

A web server that has successfully sent mail using the hosting providers's SMTP server before seems to suddenly have lost connection to the SMTP server. [Wed Nov 28 09:51:27 2012] [error] [client 10.250.11.81] PHP Warning: fsockopen(): unable to connect to smtp.ourprovider.net:25 (Connection timed out) in /var/www/(....)/phpmailer/class.smtp.php on line 105, referer: http://oursite.net/sendmessage.php# If I telnet to the SMTP server's port 25 manually from the web server, I'm able to connect and send mail with no problems whatsoever. The web server is running RHEL 6.3 and Apache 2.2.15. The SE boolean httpd_can_network_connect is on. Our PHP version is 5.3.3. Where should I start looking to fix this?

Read the article
forbidden access on addon domains

- by ehmad11

I have one domain hosted on server domain.com, there are about 20 subdomains as addon domains there. For no good reason someone has changed (chgrp) on all files in domain.com directory to domain.com user now all websites are showing 403 forbidden access error. What should i do now to resume websites. I have tried changing php handler but no luck yet :/ php5 handler is suphp and Apache suEXEC is on....

Read the article
Apache's htcacheclean doesn't scale: How to tame a huge Apache disk_cache?

- by flight

We have an Apache setup with a huge disk_cache (500.000 entries, 50 GB disk space used). The cache grows by 16 GB every day. My problem is that the cache seems to be growing nearly as fast as it's possible to remove files and directories from the cache filesystem! The cache partition is an ext3 filesystem (100GB, "-t news") on an iSCSI storage. The Apache server (which acts as a caching proxy) is a VM. The disk_cache is configured with CacheDirLevels=2 and CacheDirLength=1, and includes variants. A typical file path is "/htcache/B/x/i_iGfmmHhxJRheg8NHcQ.header.vary/A/W/oGX3MAV3q0bWl30YmA_A.header". When I try to call htcacheclean to tame the cache (non-daemon mode, "htcacheclean-t -p/htcache -l15G"), IOwait is going through the roof for several hours. Without any visible action. Only after hours, htcacheclean starts to delete files from the cache partition, which takes a couple more hours. (A similar problem was brought up in the Apache mailing list in 2009, without a solution: http://www.mail-archive.com/[email protected]/msg42683.html) The high IOwait leads to problems with the stability of the web server (the bridge to the Tomcat backend server sometimes stalls). I came up with my own prune script, which removes files and directories from random subdirectories of the cache. Only to find that the deletion rate of the script is just slightly higher than the cache growth rate. The script takes ~10 seconds to read the a subdirectory (e.g. /htcache/B/x) and frees some 5 MB of disk space. In this 10 seconds, the cache has grown by another 2 MB. As with htcacheclean, IOwait goes up to 25% when running the prune script continuously. Any idea? Is this a problem specific to the (rather slow) iSCSI storage? Should I choose a different file system for a huge disk_cache? ext2? ext4? Are there any kernel parameter optimizations for this kind of scenario? (I already tried the deadline scheduler and a smaller read_ahead_kb, without effect).

Read the article
CPanel has two entries for site, need to use SSL one

- by beingalex

I have a website that is meant to be using SSL, however there are two entries in Cpanel's httpd.conf which seem to be causing an issue. When I visit just www.website.com I require it to go to https://www.website.com. However I have to write the https:// directly for the site to work. The secure site also has a different IP. I am not meant to edit the httpd.conf directly either and am unsure as to how to change the following directives: <VirtualHost 1.1.1.1:80> ServerName website.com ServerAlias www.website.com DocumentRoot /home/websitec/public_html ServerAdmin [email protected] ## User websitec # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup websitec websitec </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup websitec websitec </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid websitec websitec </IfModule> CustomLog /usr/local/apache/domlogs/website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." CustomLog /usr/local/apache/domlogs/website.com combined ScriptAlias /cgi-bin/ /home/websitec/public_html/cgi-bin/ </VirtualHost> <VirtualHost 2.2.2.2:443> ServerName website.com ServerAlias www.website.com DocumentRoot /home/websitec/public_html ServerAdmin [email protected] UseCanonicalName Off CustomLog /usr/local/apache/domlogs/website.com combined CustomLog /usr/local/apache/domlogs/website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User websitec # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup websitec websitec </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup websitec websitec </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid websitec websitec </IfModule> ScriptAlias /cgi-bin/ /home/websitec/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/www.website.com.crt SSLCertificateKeyFile /etc/ssl/private/www.website.com.key SSLCACertificateFile /etc/ssl/certs/www.website.com.cabundle CustomLog /usr/local/apache/domlogs/website.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/websitec/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/ssl/2/websitec/website.com/*.conf" </VirtualHost> As you can see there is obviously the unsecure directive before the secure one. And this is probably the issue, however if I try to change the IP for the site in WHM I get an error saying that the IP (2.2.2.2) is already in use. Which it is I guess. Any help is appreciated.

Read the article
Proxy service likes Apache Http

- by Aptos

Currently I try to simulate my app as distributed servers, so I let them run on localhost:9000 and localhost:9001, i tried using apache load balancer but it is really hard to config on mac, my idea is the second server localhost:9001 will be kept ideal and the requests only be redirected to them when the first server is downed. Is there any good free program can do that ? (except Apache httpd). Extra functions: my application is written in java and maintain an in-memory object, is there any service that can synchronize that object between 2 servers so they can keep uptodate status of other (the second one takes state of the first one)? Is there any app can support that? Thank you very much.

Read the article
Apache and fastcgi - How to secure an Apache server with fastcgi enabled?

- by skyeagle

I am running a headless server on Ubuntu 10.x. I am running Apache 2.2. I am writing a fastcgi application for deployment on the server. I remember reading a while back (I could be wrong) that running CGI (and by implication fastcgi) on a server, can provide 'backdoors' for potential attackers - or at the very least, could compromise the server if certain security measurements are not taken. My questions are: what are the security 'gotcha's that I have to be aware of if I am enabling mod_fastcgi on my Apache server? I want to run the fastcgi as a specific user (with restricted access) how do I do this?

Read the article
Securing phpmyadmin: non-standard port + https

- by elect

Trying to secure phpmyadmin, we already did the following: Cookie Auth login firewall off tcp port 3306. running on non-standard port Now we would like to implement https... but how could it work with phpmyadmin running already on a non-stardard port? This is the apache config: # PHP MY ADMIN <VirtualHost *:$CUSTOMPORT> Alias /phpmyadmin /usr/share/phpmyadmin <Directory /usr/share/phpmyadmin> Options FollowSymLinks DirectoryIndex index.php <IfModule mod_php5.c> AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_flag register_globals Off php_value include_path . </IfModule> </Directory> # Disallow web access to directories that don't need it <Directory /usr/share/phpmyadmin/libraries> Order Deny,Allow Deny from All </Directory> <Directory /usr/share/phpmyadmin/setup/lib> Order Deny,Allow Deny from All </Directory> # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/phpmyadmin.log combined </VirtualHost>

Read the article
Apache LocationMatch throws 500 and AddOutputFilterByType does nothing

- by tackleberry

I need to add below directives to apache. But I get 500 when I add these lines. <LocationMatch "^/assets/.*$"> Header unset ETag FileETag None # RFC says only cache for 1 year ExpiresActive On ExpiresDefault "access plus 1 year" </LocationMatch> Additionally response is not gzipped when I add: AddOutputFilterByType DEFLATE text/html text/css application/javascript application/x-javascript Apache version is: Server version: Apache/2.2.22 (Unix) App: rails 3.2 app When I checked response&request for gzip problem, I see that browser requested gzip: Accept-Encoding gzip, deflate but response not gzipped.

Read the article
erratic response times with Apache 2.0.52 on redhat 4.

- by Kevin

Under load, we've noticed response times from Apache vary greatly for the same 7k image. It can range anywhere from .01 seconds to 25 seconds or greater. Unfortunately, due to corporate policy constraints we are pretty much stuck on Apache 2.0.52. I'm at best an Apache novice so I'm in over my head with this problem. My focus recently has turned to our choice of MPM modules. We use the worker model on a dual core hyper threaded blade. It doesn't appear that swapping is an issue, and I don't see any signs of a hardware problem. I've read that worker is optimal on hardware with many CPU's where prefork it more suitable for our specific hardware profile. I can see conceptually how choosing the wrong MPM could result in this erratic behavior, but I'm not confident that it's the root cause here. Has anyone else seen this type of range in your response times for simple static content? What else should I be looking into here?

Read the article
Single domain name potentially resolving to multiple servers

- by Jace

first time here at Server Fault, and I apologize in advance that this domain stuff is not really my strength. Any and all suggestions are much appreciated. I am completely lost and incredibly tired! I've inherited an incredibly convoluted system from my predecessor, and I'm trying to find a way to solve it - or I need to be told that it just isn't possible. I've got an old site on ServerA (some kind of Linux distribution), with the domain SomeDomain.com There is a new site sitting on ServerB (Ubuntu), with the intention of having SomeDomain.com to serve it in the future (it is replacing the old site) ServerA also has a web app that is currently in use by other departments within the company (accessible at SomeDomain.com/web-app/) The goal: To have SomeDomain.com and all extensions of this domain name (sub-domains, URL's etc.) serve the new site on ServerB. BUT, the URL SomeDomain.com/web-app/ must serve the Web App on ServerA. The Catch: The ServerA is a shared server with a hosting company with VERY limiting restrictions in place - I cannot adjust DNS settings (apart from Name servers - but cannot set A records or anything, I have full access to ServerB to do as I wish). Therefore the web-app MUST be served from SomeDomain.com/web-app/ and not from a sub-domain or anything. These limitations make migrating the web-app from Server A to Server B rather undesirable, AND this web-app will be replaced in the near future, so it isn't worth the effort right now. Therefore, ultimately I will want 1 domain name to resolve to Server B's IP address most of the time, but in the event that the URL is SomeDomain.com/web-app/, it should resolve to Server A's IP. Note: The domain names don't, technically, have to resolve to one IP or another - but ultimately the URL's must stay consistent Some things I have tried: I've looked into mod_rewrite and .htaccess to try and achieve this effect, but it doesn't look like it's going to work for me - but I may have done it wrong (On Server B, I just checked if the request URI was /web-app/ and tried to serve the /web-app/ folder on Server A) I do have the ability to modify the name servers on both servers I am not able to make a sub domain on Server A that points back to Server A (I assume because the hosting company's servers use the URL to determine what site the serve). I figured this could be good as I'd could set an A record on Server B to point to the web app on Server A - but alas, Server A requires SomeDomain.com. If there is any more information I can give, please let me know. I need a nudge in the right direction, ideas or a solution.

Read the article
Installing a wiki on Snow Leopard

- by JPCF

Hi... I want to install twiki on my mac and serve it from ~/Sites/. Because the wiki has code to be run, I have to modify the user and group of wiki's files and directories, but I'm not sure about the following: 1) It is secure to change the user and group of the directory to the web server's group? If not, what can I do having into account that I'll not put 777 permissions on those files? 2) How are named apache and web user groups? Thanks

Read the article
solr Security help

- by Camran

I have solr setup with Jetty on my Ubuntu server. On any computer now, I can type my_ip:8983/solr/ and the page will show upp to anybody. How can I disable this so that only I can access that port and the solr admin? Thanks

Read the article
Returning "200 OK" in Apache on HTTP OPTIONS requests

- by i..

I'm attempting to implement cross-domain HTTP access control without touching any code. I've got my Apache(2) server returning the correct Access Control headers with this block: Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "POST, GET, OPTIONS" I now need to prevent Apache from executing my code when the browser sends a HTTP OPTIONS request (it's stored in the REQUEST_METHOD environment variable), returning 200 OK. How can I configure Apache to respond "200 OK" when the request method is OPTIONS? I've tried this mod_rewrite block, but the Access Control headers are lost. RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]

Read the article
Reducing memory for worker MPM in Apache

- by ShyM

I've moved from the prefork MPM to the worker MPM due to a process limit I was hitting on my VPS. However, memory usage increased after switching over (which is odd since the worker MPM is supposed to have a smaller memory footprint?). Most of them belong to php-cgi processes. Is there something I'm doing wrong? I have around 20 sites on it, each with a different fcgi wrapper script. Could that be a reason?

Read the article
Count requests from access log for the last 7 days

- by RoboForm

I would like to parse an access log file and have returned the amount of requests, for the last 7 days. I have this command cut -d'"' -f3 /var/log/apache/access.log | cut -d' ' -f2 | sort | uniq -c | sort -rg Unfortunately, this command returns the amount of requests since the creation of the file and sorts it into HTTP-code categories. I would like just a number, no categories and only for the last 7 days. Thanks.

Read the article
Some $_SERVER parameters missing when accessing PHP script via Cron

- by Jakobud

I have a script that I need to run with PHP via cron. The original author of the script made a lot of user of certain $_SERVER parameters (like REQUEST_URI). But it appears that certain variables don't exist when running PHP via command line or via CRON. For example, there is no request uri, so it makes sense that the REQUEST_URI parameter wouldn't be available. Is there any way around this other than to completely rewrite the script in order to avoid using special $_SERVER parameters that aren't universally available?

Read the article
Is there a way of disabled byte-range requests in Apache?

- by Sam Minnée

I have a web page with a link to a PDF file (target="_blank"). If I click the link, the PDF reader just shows a grey screen within the Firefox browser. If I copy that link and manually open it in a new tab, the PDF will display correctly, and subsequent requests made by clicking the original link now work, suggesting that the problem occurs when loading the file into the cache. It appears as though the Adobe PDF reader plugin is making byte-range requests (I see lots of 206 responses) and I suspect that this may be the cause of the issue. I am running an Apache webserver. Has anyone had problems with Apache and Adobe's byte-range requests? Are there any workarounds? Perhaps a way of configuring Apache to ignore byte-range requests on PDFs?

Read the article
Apache, logerror and logrotate: what is the best method?

- by OlivierDofus

Here's a vhost example of my sites: <VirtualHost *:80> DocumentRoot /datas/web/woog ServerName woog.com ServerAlias www.woog.com ErrorLog "|/httpd-2.2.8/bin/rotatelogs /logs/woog/error_log 86400" CustomLog "|/httpd-2.2.8/bin/rotatelogs /logs/woog/access_log 86400" combined DirectoryIndex index.php index.htm <Location /> Allow from All </Location> <Directory /*> Options FollowSymLinks AllowOverride Limit AuthConfig </Directory> </VirtualHost> I've got 12 sites running now. This gives something like: [Shake]:/sources/software/mod_log_rotate# ps x | grep rotate /httpd-2.2.8/bin/rotatelogs /logs/[hidden siteweb]/error_log 86400 /httpd-2.2.8/bin/rotatelogs /logs/[hidden siteweb]/error_log 86400 [snap (as many error_log as virtual hosts)] /httpd-2.2.8/bin/rotatelogs /logs/[hidden siteweb]/access_log 86400 /httpd-2.2.8/bin/rotatelogs /logs/[hidden siteweb]/access_log 86400 [snap (as many access_log as virtual hosts)] grep rotate [Shake]:/sources/software/mod_log_rotate# !!! I've been looking everywhere but I've only found mod_log_rotate. The "little" problem is that the author (very good C developper) explains: "Unfortunately Apache error logs are handled in such a way that we can't work the same log rotation magic on them. Like transfer logs they support piped logging though so you can still use rotatelogs for them. " So my question is: what would be the best way to handle multiple logs? If I just do a very classical log and I use the system's "logrotate" program couldn't this be a good deal? How would/do you deal with that? Thank you!

Read the article
Logging the client IP with Nginx/Varnish/Apache

- by jetboy

I have Nginx listening on port 443 as an SSL terminator, and proxying unencrypted traffic to Varnish on the same server. Varnish 3 is handling this traffic, and traffic coming in directly on port 80. All traffic is passed, unencrypted, to Apache instances on other servers in the cluster. The Apache instances use mod_rpaf to replace the logged client IP with the contents of the X-Forwarded-For header. My problem is that if the traffic is coming via Nginx, while the 'correct' client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1 downstream, and this is getting logged with Apache. Is there a nice simple way to stop Varnish rewriting X-Forwarded-For if it's already populated?

Read the article
proxy pass redirection

- by zam

I am struggling with a redirection rule. I am now running my Redmine in webrick in port 3000 and proxy-pass it. The URL of my Redmine is xyz.example.com. I also want to redirect the Redmine using the URL: abc.example.com. I added the server alias but no redirection taking place. Here is my configuration: <VirtualHost *:80> ServerName xyz.example.com ServerAlias abc.examle.com ProxyPass / h://local:3000/ ProxyPassReverse / h://local:3000/ </VirtualHost>

Read the article
Obfuscating a Magento module

- by Elzo Valugi

I've been asked to protect a Magento module through obfuscation. I never used PHP obfuscation packages but I know how they work and I forsee some issues in obfuscating a module that is very string and xml dependant: /etc/config.xml registers harcoded class names and paths auto-loading is heavily used I cannot imagine how to automatically obfuscate a class name that will be called later by Mage::getModel('my/module'). Any recommendations?

Read the article

< Previous Page | 96 97 98 99 100 101 102 103 104 105 106 107 | Next Page >