Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 115/596 | < Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122  | Next Page >

• Apache 2 proxy for Tomcat 7

  - by hsnm

  Following the how-to, I wanted to make a proxy for traffic to the address /app to be processed by Tomcat 7. I added this to my httpd.conf: LoadModule proxy_module {path-to-modules}/mod_proxy.so LoadModule deflate_module modules/mod_deflate.so ProxyPass /app http://localhost:8081 ProxyPassReverse /app http://localhost:8081 I also have this on my server.xml: <Connector port="8081" enableLookups="false" acceptCount="100" connectionTimeout="20000" proxyName="localhost" proxyPort="80"/> And I have the folder /var/lib/tomcat7/webapps/app with my application files. I restarted both Tomcat 7 and Apache 2 after doing the configurations above. Problem: When navigating to my webpage.com/app, I get the error 500. I consulted apache logs, it says: [warn] proxy: No protocol handler was valid for the URL /app. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. Update: This is running in ubuntu. I resolved this by adding LoadModule proxy_http_module modules/mod_proxy_http.so to my httpd.conf. Now I have another question: How can I make this proxy to work on SSL through port 443?

  Read the article

• iptables configuration to work with apache2 mod_proxy

  - by swdalex

  Hello! I have iptables config like this: iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --sport 443 -j ACCEPT Also, I have apache virtual host: <VirtualHost *:80> ServerName wiki.myite.com <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8901/ ProxyPassReverse / http://localhost:8901/ <Location /> Order allow,deny Allow from all </Location> </VirtualHost> My primary domain www.mysite.com is working well with this configuration (I don't use proxy redirect on it). But my virtual host wiki.mysite.com is not responding. Please, help me to setup iptables config to allow wiki.mysite.com working too. I think, I need to setup iptables FORWARDING options, but I don't know how. update: I have 1 server with 1 IP. On server I have apache2.2 on 80 port. Also I have tomcat6 on 8901 port. In apache I setup to forwarding domain wiki.mysite.com to tomcat (mysite.com:8901). I want to secure my server by disabling all ports, except 80, 22 and 443.

  Read the article

• nginx redirect to a subdomain even without trailing slashes

  - by Oliver A.

  Hi, I just installed and partially configured nginx on a dedicated server of mine. But I've got some trouble understanding the regexp. I would like to make nginx redirect www.mydomain.com/forum/ AND www.mydomain.com/forum (note the missing trailing slash; case-insensitive; same applies for "forums" instead of "forum") to forum.mydomain.com/. This is what I came up with: location ~* ^/(forum|forums) { rewrite ^/(.*)/(.*)$ http://forum.mydomain.com/$2? permanent; } ... but for some reason it works with trailing slashes only. :-/ Please help me! Thanks in advance!

  Read the article

• Local Password Management

  - by ultimazombie88

  In our office (and I am sure many others) we access various websites and tend to share one account with our team. For example, we share credentials to Ebay and change them every few weeks to maintain some sense of security. However, we know this does not allow for any type of accountability for major changes. After some discussion we want to try to manage how we distribute credentials for sites that may not offer child accounts. Is there any smart and safe way to do this? If so how do you do it?

  Read the article

• mod_jk problem: Tomcat is probably not started or is listening on the wrong port

  - by Konrad

  Hi, I am running some application on Tomcat 6.0.26. There is Apache in front of web server talking to it over mod_jk. Every few hours when I try to access application browser simply spins, and no content is retrieved. No error is reported in Tomcat logs, but I fond such errors in mod_jk log: [Sun Jul 04 21:19:13 2010][error] ajp_service::jk_ajp_common.c (1758): Error connecting to tomcat. Tomcat is probably not started or is listening on the wrong port. worker=***** failed [Sun Jul 04 21:19:13 2010][info] jk_handler::mod_jk.c (1985): Service error=0 for worker==***** [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 46 [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 46 [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 46 [Sun Jul 04 21:19:13 2010][error] ajp_get_reply::jk_ajp_common.c (1503): Tomcat is down or refused connection. No response has been sent to the client (yet) [Sun Jul 04 21:19:13 2010][error] ajp_get_reply::jk_ajp_common.c (1503): Tomcat is down or refused connection. No response has been sent to the client (yet) [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 46 [Sun Jul 04 21:19:13 2010][error] ajp_get_reply::jk_ajp_common.c (1503): Tomcat is down or refused connection. No response has been sent to the client (yet) [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 45 [Sun Jul 04 21:19:13 2010][info] ajp_connection_tcp_get_message::jk_ajp_common.c (955): Tomcat has forced a connection close for socket 46 [Sun Jul 04 21:19:13 2010][info] ajp_service::jk_ajp_common.c (1721): Receiving from tomcat failed, recoverable operation attempt=0 my worker is configured in following way: worker.admanagonode.port=8009 worker.admanagonode.host=*****.com worker.admanagonode.type=ajp13 worker.admanagonode.ping_mode=A worker.admanagonode.socket_timeout=60 worker.admanagonode.prepost_timeout=10000 worker.admanagonode.connect_timeout=10000 worker.admanagonode.connection_pool_size=200 worker.admanagonode.connection_pool_timeout=300 worker.admanagonode.retries=20 worker.admanagonode.socket_keepalive=1 worker.admanagonode.cachesize=10 worker.admanagonode.cache_timeout=600 Tomcat has same port number in Connector configuration: <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" address="*********" /> Does any of you has any ideas what i am missing? What can cause such problems? Cheers Konrad

  Read the article

• Mapping tomcat apache worker

  - by metamorpheus

  I am running an Apache2 server connected with Tomcat5.5 Workers.properties workers.tomcat_home=/usr/share/tomcat5.5 workers.java_home=/usr/lib/jvm/java-6-sun ps=/ worker.list=worker1 worker.worker1.port=8009 worker.worker1.host=127.0.0.1 worker.worker1.type=ajp13 worker.worker1.lbfactor=1 The JkMount is defined as follows LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so JkWorkersFile /etc/apache2/workers.properties JkLogFile /var/log/apache2/mod_jk.log JkLogLevel debug JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " JkMount /jsp-examples worker1 JkMount /jsp-examples/* worker1 JkMount /servlets-examples worker1 JkMount /servlets-examples/* worker1 JkMount /tcontainer worker1 JkMount /tcontainer/* worker1 If i call 127.0.0.1/servlets-examples, i get the examples displayed and executed correctly. If i call [same server as above]/tcontainer, i get the following error: The requested resource (/tcontainer) is not available. (this is an error provided by tomcat5.5) How can i define where to get the sources? i have a configuration file in /usr/share/tomcat-5.5-webapps/tcontainer.xml: <Context path="/tcontainer" docBase="/var/www/web96/html/tcontainer" debug="0" privileged="true" allowLinking="true"> </Context> What did i forget to configure or what is wrong with my definitions? Thanks

  Read the article

• mod_rewrite to capture subdomain name

  - by Ricky

  I want to write a rewrite scheme such that: user1.example.net will redirect to example.net/user/user1 user2.example.net will redirect to example.net/user/user2 vise versa this is what i have in my .htaccess code. but it always redirects to example.net RewriteCond %{http_host} ^[^.]+.example.net [NC] RewriteRule ^([^.]+).example.net(.*) http://example.net/user/$1 [R=301,L] can someone please tell me what i did wrong? thank you.

  Read the article

• Apache2 return 404 for proxy requests before reaching WSGI

  - by Alejandro Mezcua

  I have a Django app running under Apache2 and mod_wsgi and, unfortunately, lots of requests trying to use the server as a proxy. The server is responding OK with 404 errors but the errors are generated by the Django (WSGI) app, which causes a high CPU usage. If I turn off the app and let Apache handle the response directly (send a 404), the CPU usage drops to almost 0 (mod_proxy is not enabled). Is there a way to configure Apache to respond directly to this kind of requests with an error before the request hits the WSGI app? I have seen that maybe mod_security would be an option, but I'd like to know if I can do it without it. EDIT. I'll explain it a bit more. In the logs I have lots of connections trying to use the server as a web proxy (e.g. connections like GET http://zzz.zzz/ HTTP/1.1 where zzz.zzz is an external domain, not mine). This requests are passed on to mod_wsgi which then return a 404 (as per my Django app). If I disable the app, as mod_proxy is disabled, Apache returns the error directly. What I'd finally like to do is prevent Apache from passing the request to the WSGI for invalid domains, that is, if the request is a proxy request, directly return the error and not execute the WSGI app. EDIT2. Here is the apache2 config, using VirtualHosts files in sites-enabled (i have removed email addresses and changed IPs to xxx, change the server alias to sample.sample.xxx). What I'd like is for Apache to reject any request that doesn't go to sample.sample.xxx with and error, that is, accept only relative requests to the server or fully qualified only to the actual ServerAlias. default: <VirtualHost *:80> ServerAdmin [email protected] ServerName X.X.X.X ServerAlias X.X.X.X DocumentRoot /var/www/default <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options FollowSymLinks AllowOverride None Order allow,deny allow from all </Directory> ErrorDocument 404 "404" ErrorDocument 403 "403" ErrorDocument 500 "500" ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> actual host: <VirtualHost *:80> ErrorDocument 404 "404" ErrorDocument 403 "403" ErrorDocument 500 "500" WSGIScriptAlias / /var/www/sample.sample.xxx/django.wsgi ServerAdmin [email protected] ServerAlias sample.sample.xxx ServerName sample.sample.xxx CustomLog /var/www/sample.sample.xxx/log/sample.sample.xxx-access.log combined Alias /robots.txt /var/www/sample.sample.xxx/static/robots.txt Alias /favicon.ico /var/www/sample.sample.xxx/static/favicon.ico AliasMatch ^/([^/]*\.css) /var/www/sample.sample.xxx/static/$1 Alias /static/ /var/www/sample.sample.xxx/static/ Alias /media/ /var/www/sample.sample.xxx/media/ <Directory /var/www/sample.sample.xxx/static/> Order deny,allow Allow from all </Directory> <Directory /var/www/sample.sample.xxx/media/> Order deny,allow Allow from all </Directory> </VirtualHost>

  Read the article

• sudo apt-get update does not work for 12.10

  - by Brian Hawi

  hey i recently installed ubuntu 12.10 but the software center does not work i tried the sudo apt-get update because that worked when i was using ubuntu 11.04.... these are the errors hawi@hawi-HP-G62-Notebook-PC:~$ sudo apt-get update [sudo] password for hawi: Err http:ke.archive.ubuntu.com quantal InRelease Err http:ke.archive.ubuntu.com quantal-updates InRelease Err http:ke.archive.ubuntu.com quantal-backports InRelease Err http:ke.archive.ubuntu.com quantal Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:ke.archive.ubuntu.com quantal-updates Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:ke.archive.ubuntu.com quantal-backports Release.gpg Unable to connect to ke.archive.ubuntu.com:http: Err http:security.ubuntu.com quantal-security InRelease Err http:security.ubuntu.com quantal-security Release.gpg Unable to connect to security.ubuntu.com:http: [IP: 91.189.92.190 80] Err http:extras.ubuntu.com quantal InRelease Err http:extras.ubuntu.com quantal Release.gpg Unable to connect to extras.ubuntu.com:http: Reading package lists... Done W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-updates/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-backports/InRelease W: Failed to fetch http:security.ubuntu.com/ubuntu/dists/quantal-security/InRelease W: Failed to fetch http:extras.ubuntu.com/ubuntu/dists/quantal/InRelease W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-updates/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:ke.archive.ubuntu.com/ubuntu/dists/quantal-backports/Release.gpg Unable to connect to ke.archive.ubuntu.com:http: W: Failed to fetch http:security.ubuntu.com/ubuntu/dists/quantal-security/Release.gpg Unable to connect to security.ubuntu.com:http: [IP: 91.189.92.190 80] W: Failed to fetch http:extras.ubuntu.com/ubuntu/dists/quantal/Release.gpg Unable to connect to extras.ubuntu.com:http: W: Some index files failed to download. They have been ignored, or old ones used instead. (note i have removed the // after http because the site does not allow me to post more than two links) what could be the issue?

  Read the article

• Where does apache store initialization state for mod_proxy_balancer

  - by khoxsey

  I run apache2 on Ubuntu as a caching load-balancing reverse proxy in front of a group of application servers. I have noticed that the balancer maintains some state for some of the attributes visible in /balancer-manager such as whether an IP is enabled/disabled, load factor, etc. My site has periods of high (and low) usage, and recently as I added a new server to the working group I noticed that the load balancer picked up the new server but had it set to Disabled. I'm curious where that data is stored, and/or how it is initialized.

  Read the article

• __modver_version_show undefined error when building linux kernel 3.0.4 version

  - by Jie Liu

  I tried to build the linux kernel 3.0.4 on ubuntu 11.10 in virtualbox. Here are my steps: Download the source code tar xjvf linux-source-3.0.0.tar.bz2 cd linux-source-3.0.0 make menuconfig, changed nothing but used the default config and save to .config make Actually I think it should be 3.0.4 because from the Makefile I could see VERSION = 3 PATCHLEVEL = 0 SUBLEVEL = 4 EXTRAVERSION = Then at stage 2 which is to make modules, an error happened: ERROR: "__modver_version_show" [drivers/staging/rts5139/rts5139.ko] undefined! make[1]: *** [__modpost] Error 1 make: *** [modules] Error 2 Perhaps because 3.0.4 is a new release so that I can not find any same problem asked nor any solution to it.

  Read the article

• mod_rewrite for selectors with .html

  - by user1720607

  We have a website where the URL looks something like, www.example.com/about.smart.html ( "smart" being selector added on the app server based on the useragent if its a smart phone device) We need to redirect the page to 404 if the URL is changed by the user as like below: www.example.com/about.abc.xyz.smart.html www.example.com/about.smart.abc.html I tried with the below rule, but this redirects to 404 only for 1) and not for 2) RewriteCond %{REQUEST_URI} !^(.*)(-)\.html$ RewriteRule (.*)\.(.*).smart.html$ - [R=404,L] Any pointers on this would be of great help.

  Read the article

• How to list all my packages from command line which can show package name, license, source url, etc?

  - by YumYumYum

  How to get all the installed package list with there license, source url? Such as following only shows name of the package only. $ dpkg --get-selections acpi-support install acpid install adduser install adium-theme-ubuntu install aisleriot install alacarte install For example in Fedora/CentOS (RED HAT LINUX BRANCH), you can see that: $ yum info busybox Loaded plugins: auto-update-debuginfo, langpacks, presto, refresh-packagekit Available Packages Name : busybox Arch : i686 Epoch : 1 Version : 1.18.2 Release : 5.fc15 Size : 615 k Repo : updates Summary : Statically linked binary providing simplified versions of system commands URL : http://www.busybox.net License : GPLv2 Description : Busybox is a single binary which includes versions of a large number : of system commands, including a shell. This package can be very : useful for recovering from certain types of system failures, : particularly those involving broken shared libraries. Follow up: /var/lib/apt/lists$ ls extras.ubuntu.com_ubuntu_dists_natty_main_binary-amd64_Packages extras.ubuntu.com_ubuntu_dists_natty_main_source_Sources extras.ubuntu.com_ubuntu_dists_natty_Release extras.ubuntu.com_ubuntu_dists_natty_Release.gpg lock partial security.ubuntu.com_ubuntu_dists_natty-security_main_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_main_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_multiverse_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_multiverse_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_Release security.ubuntu.com_ubuntu_dists_natty-security_Release.gpg security.ubuntu.com_ubuntu_dists_natty-security_restricted_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_restricted_source_Sources security.ubuntu.com_ubuntu_dists_natty-security_universe_binary-amd64_Packages security.ubuntu.com_ubuntu_dists_natty-security_universe_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_main_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_main_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_multiverse_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_multiverse_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_Release us.archive.ubuntu.com_ubuntu_dists_natty_Release.gpg us.archive.ubuntu.com_ubuntu_dists_natty_restricted_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_restricted_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty_universe_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty_universe_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_main_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_main_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_multiverse_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_multiverse_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_Release us.archive.ubuntu.com_ubuntu_dists_natty-updates_Release.gpg us.archive.ubuntu.com_ubuntu_dists_natty-updates_restricted_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_restricted_source_Sources us.archive.ubuntu.com_ubuntu_dists_natty-updates_universe_binary-amd64_Packages us.archive.ubuntu.com_ubuntu_dists_natty-updates_universe_source_Sources

  Read the article

• How to stop a random ramp in FCGI Processes Killing the server

  - by Andy Main

  So got the below earlier to day... Around that time the logs show a ramp in processes(600) and associated memory (1.2g), cpu usage load average (80) untill the server gave out. Server had to be hard reset by host as there was no ssh or plesk panel access. Fast CGI is configured as below and is setup for one high use site. As I understand it FcgidMaxProcesses 20 should protect against what happen but has not. I've read many forums with differing answers and references to many different fcgi directives, but have found nothing conclusive. Any one got some definitive answers on how to stop this sort of server process ramping and subsequent server failure? If you need more info let me know. Cheers Andy  /var/log/apache2/error_log [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17651 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17650 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17649 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17644 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17643 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17638 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17633 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17627 graceful kill fail, sending SIGKILL [Thu May 17 07:40:47 2012] [warn] mod_fcgid: process 17622 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17674 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17673 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17672 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17667 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17666 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17665 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17664 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17659 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17658 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17657 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17656 graceful kill fail, sending SIGKILL [Thu May 17 07:40:51 2012] [warn] mod_fcgid: process 17651 graceful kill fail, sending SIGKILL https://docs.google.com/a/thesugarrefinery.com/open?id=0B_XbpWChge0VRmFLWEZfR2VBb2M https://docs.google.com/a/thesugarrefinery.com/open?id=0B_XbpWChge0VWTcwZEhoV2Fqejg https://docs.google.com/a/thesugarrefinery.com/open?id=0B_XbpWChge0VUUtVWWFINHZjZ0U https://docs.google.com/a/thesugarrefinery.com/open?id=0B_XbpWChge0VZEVMclh6ZUdaOUE <IfModule mod_fcgid.c> <IfModule !mod_fastcgi.c> AddHandler fcgid-script fcg fcgi fpl </IfModule> FcgidIPCDir /var/lib/apache2/fcgid/sock FcgidProcessTableFile /var/lib/apache2/fcgid/shm FcgidIdleTimeout 40 FcgidProcessLifeTime 30 FcgidMaxProcesses 20 FcgidMaxProcessesPerClass 20 FcgidMinProcessesPerClass 0 FcgidConnectTimeout 30 FcgidIOTimeout 120 FcgidInitialEnv RAILS_ENV production FcgidIdleScanInterval 10 FcgidMaxRequestLen 1073741824 </IfModule>

  Read the article

• SVN Authz - Any Subfolder permission or List contents

  - by Jaspa Jones

  Goal Basically I would like SVN users to be able to browse through a directory containing a lot of subfolders without allowing them to read its subfolders. [/] * = r [/Projects] * = # Allow viewing contents, but not reading. At least to be able to see Project1. [/Projects/Project1] my_group = rw Problem The problem is that there are a lot of projects. I could add every other project and make them disappear for the user, but that would be a lot of work to maintain. It would look like this: [/] * = r [/Projects] * = r [/Projects/Project1] my_group = rw [/Projects/Project2] * = [/Projects/Project3] * = [/Projects/Project4] * = [/Projects/Project5] * = It would be nice if I could use this: [/Projects/*] * = Any ideas? Thanks in advance, Jaspa Jones

  Read the article

• If sudo is broken, what should be used instead?

  - by ivant

  I found the following answer to a FAQ question about a security problem in Oprofile: This "problem" only occurs if you actively, and mistakenly, configure access to OProfile via sudo. OProfile uses shell scripts which have not been audited (nor is it likely to happen) for use through the broken sudo facility (anything that lets you alter root's path arbitrarily counts as horribly broken). Do not use sudo! As I see it, the author of the answer suggests that sudo is broken, so that it should not be used not only with oprofile, but for other purposes as well. Are there better alternatives to sudo in Linux?

  Read the article

• Mod_rewrite is ignoring the extension of a file

  - by ngl5000

  This is my entire mod_rewrite condition: <IfModule mod_rewrite.c> <Directory /var/www/> Options FollowSymLinks -Multiviews AllowOverride None Order allow,deny allow from all RewriteEngine On # force www. (also does the IP thing) RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} !^mysite\.com [NC] RewriteRule ^(.*)$ http://mysite.com/$1 [R=301,L] RewriteCond %{REQUEST_URI} ^system.* RewriteRule ^(.*)$ /index.php?/$1 [L] RewriteCond %{REQUEST_URI} ^application.* RewriteRule ^(.*)$ /index.php?/$1 [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.+)\.(\d+)\.(js|css|png|jpg|gif)$ $1.$3 [L] RewriteCond %{THE_REQUEST} /index\.(php|html) RewriteRule (.*)index\.(php|html)(.*)$ /$1$3 [r=301,L] RewriteCond %{REQUEST_URI} !^(/index\.php|/assets|/robots\.txt|/sitemap\.xml|/favicon\.ico) RewriteRule ^(.*)$ /index.php/$1 [L] # Block access to "hidden" directories or files whose names begin with a period. This # includes directories used by version control systems such as Subversion or Git. RewriteCond %{SCRIPT_FILENAME} -d [OR] RewriteCond %{SCRIPT_FILENAME} -f RewriteRule "(^|/)\." - [F] </Directory> </IfModule> It is suppose to allow only access to mysite.com(/index.php|/assets|/robots.txt|/sitemap.xml|/favicon.ico) The error was noticed with: mysite.com/sitemap vs mysite.com/sitemap.xml Both of these addresses are resolving to the xml file while the first url should be resolving to mysite.com/index.php/sitemap * For some reason mod_rewrite is completely ignoring the lack of an extension. It sounded like a Multiviews problem to me so I disabled Multiviews and it is still going on. ***And then a different rule will eventually take the index.php out, I am having another problem with an extra '/' being left behind when this happens. This httpd file is setting up for my codeigniter php framework

  Read the article

• Deploying Django App with Nginx, Apache, mod_wsgi

  - by JCWong

  I have a django app which can run locally using the standard development environment. I want to now move this to EC2 for production. The django documentation suggests running with apache and mod_wsgi, and using nginx for loading static files. I am running Ubuntu 12.04 on an Ec2 box. My Django app, "ddt", contains a subdirectory "apache" with ddt.wsgi import os, sys apache_configuration= os.path.dirname(__file__) project = os.path.dirname(apache_configuration) workspace = os.path.dirname(project) sys.path.append(workspace) sys.path.append('/usr/lib/python2.7/site-packages/django/') sys.path.append('/home/jeffrey/www/ddt/') os.environ['DJANGO_SETTINGS_MODULE'] = 'ddt.settings' import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler() I have mod_wsgi installed from apt. My apache/httpd.conf contains NameVirtualHost *:8080 WSGIScriptAlias / /home/jeffrey/www/ddt/apache/ddt.wsgi WSGIPythonPath /home/jeffrey/www/ddt <Directory /home/jeffrey/www/ddt/apache/> <Files ddt.wsgi> Order deny,allow Allow from all </Files> </Directory> Under apache2/sites-enabled <VirtualHost *:8080> ServerName www.mysite.com ServerAlias mysite.com <Directory /home/jeffrey/www/ddt/apache/> Order deny,allow Allow from all </Directory> LogLevel warn ErrorLog /home/jeffrey/www/ddt/logs/apache_error.log CustomLog /home/jeffrey/www/ddt/logs/apache_access.log combined WSGIDaemonProcess datadriventrading.com user=www-data group=www-data threads=25 WSGIProcessGroup datadriventrading.com WSGIScriptAlias / /home/jeffrey/www/ddt/apache/ddt.wsgi </VirtualHost> If I am correct, these 3 files above should correctly allow my django app to run on port 8080. I have the following nginx/proxy.conf file proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; Under nginx/sites-enabled server { listen 80; server_name www.mysite.com mysite.com; access_log /home/jeffrey/www/ddt/logs/nginx_access.log; error_log /home/jeffrey/www/ddt/logs/nginx_error.log; location / { proxy_pass http://127.0.0.1:8080; include /etc/nginx/proxy.conf; } location /media/ { root /home/jeffrey/www/ddt/; } } If I am correct these two files should setup nginx to take requests on the HTTP port 80, but then direct requests to apache which is running the django app on port 8080. If i go to mysite.com, all I see is Welcome to Nginx! Any advice for how to debug this?

  Read the article

• Mysterious login attempts to windows server

  - by Jim Balo

  I have a Windows 2008R2 server that is reporting failed login attempts from a number of workstations on our network. Some event log details: Event ID 4625, Status: 0xc000006d, Sub Status: 0xc0000064 Security ID: NULL SID, Account Name: joedoe, Account Domain: Acme Workstation Name: WINXP1, Source Network Address: 192.168.1.23, Source Port: 1904 Logon Process: NtLmSsp, Authentication Package: NTLM, Logon Type: 3 (network) I believe this is coming from some netbios service or similar (maybe the file explorer), keeping an inventory of its network neighborhood and also trying to authenticate. Is there a way to turn this off without having to turn off file sharing all together? In other words, clients authenticating against file servers that they use is of course no problem, but I want to eliminate clients trying to authenticate to servers that they are not using and have no business with. The above example is only one of thousands of log alerts for similar failed network authentications. What can I do to clean this up / handle this? Thanks.

  Read the article

• htaccess rewrite and auth conflict

  - by Michael

  I have 2 directories each with a .htaccess file: html/.htaccess - There is a rewrite in this file to send almost everything to url.php RewriteCond %{REQUEST_URI} !(exported/?|\.(php|gif|jpe?g|png|css|js|pdf|doc|xml|ico))$ RewriteRule (.*)$ /url.php [L] and html/exported/.htaccess AuthType Basic AuthName "exported" AuthUserFile "/home/siteuser/.htpasswd" require valid-user If I remove html/exported/.htaccess the rewriting works fine and the exported directory can be access. If I remove html/.htaccess the authentication works fine. However when I have both .htaccess files exported/ is being rewritten to /url.php. Any ideas how I can prevent it?

  Read the article

• rewrite rule does not rewrite url as expected

  - by user1708687

  I have a problem with a CMS website, that normally generates readable urls. Sometimes it happens that navigation links are shown as www.domain.com/22, which results in an error, instead of www.domain.com/contact. I have not found a solution for this yet, but the page is working if the url is www.domain.com/index.php?id=22. Therefore, I'm trying to rewrite www.domain.com/22 to www.domain.com/index.php?id=22 and I have used this rewrite rule: RewriteRule ^([1-9][0-9]*)$ index.php?id=$1 [NC] I tested it using http://htaccess.madewithlove.be and here it shows the correct result, but on the website no rewrite is happening.

  Read the article

• Using AddEncoding x-gzip .gz without actual files

  - by STATUS_ACCESS_DENIED

  With Apache (2.2 and later) how can I achieve the following. I want to transparently compress using GZip encoding (not plain Deflate) the output when a certain file is queried with its name plus the extension .gz, where the .gz version doesn't physically exist on disk. So let's say I have a file named /path/foo.bar and no file foo.bar.gz in the folder to which the URI /path maps, how can I get Apache to serve the contents of /path/foo.bar but with AddEncoding x-gzip ... applied to the (non-existing) file? The rewrite part appears to be easy, but the problem is how to apply the encoding to a non-existent item. The other way around also seems to be simple as long as the client supports the encoding. Is the only solution really a script that does this on the fly? I'm aware of mod_deflate and mod_gzip and it is not what I'm looking for - at least not alone. In particular I need an actual GZIP file and not just a deflated stream. Now I was thinking of using mod_ext_filter, but couldn't bridge the gap between rewriting the name of the (non-existent) file.gz to file on one side and the LocationMatch on the other. Here's what I have. RewriteRule ^(.*?\.ext)\.gz$ $1 [L] ExtFilterDefine gzip mode=output cmd="/bin/gzip" <LocationMatch "/my-files/special-path/.*?\.ext\.gz"> AddType application/octet-stream .ext.gz SetOutputFilter gzip Header set Content-Encoding gzip </LocationMatch> Note that the header for Content-Encoding isn't really needed by the clients in this case. They expect to see actual GZIP files, but I want to do this on-the-fly without caching (this is a test scenario).

  Read the article

• Apache, Django with mod_wsgi, and large request buffering

  - by Mukul

  In my setup of Apache 2.2 MPM worker and Django 1.3 with mod_wsgi 2.8, I need to support large POST request payloads. The problem is that when there are many such simultaneous requests, Apache uses up all the memory in the system and then crashes. It seems that Apache is buffering the requests completely in memory before executing the WSGI handler and passing it the request. Is there any way to control request buffering in Apache? The log shows the following error whenever the crash happens: [Wed Jun 29 18:35:27 2011] [error] cgid daemon process died, restarting Here's my virtual host's configuration: <VirtualHost *:8080> ServerName example.com ErrorLog /var/log/apache2/error.log WSGIScriptAlias / <path to django.wsgi> WSGIPassAuthorization on WSGIDaemonProcess example.com WSGIProcessGroup example.com XSendFileAllowAbove on XSendFile on </VirtualHost>

  Read the article

• route port 3000 to apache2 alias

  - by user223470

  I have a meteor application running on port 3000. I can successfully connect to the program with www.myurl.com:3000, but would rather connect to it via www.myurl.com/myappname. I started with the instructions on this web site: http://www.andrehonsberg.com/article/deploy-meteorjs-vhosts-ubuntu1204-mongodb-apache-proxy and I have the following Apache configuration file: <VirtualHost *:80> ServerName myurl.com ProxyRequests off <Proxy *> Order deny,allow Allow from all </Proxy> <Location /> ProxyPass http://localhost:3000/ ProxyPassReverse http://localhost:3000/ </Location> </VirtualHost> I do not know how to continue from here to get the program on www.mysite.com/myapp. In other situations, I would use an Alias within the Apache configuration file, but that doesn't seem like the right direction to go in this case. How do I configure Apache to send port 3000 to www.myurl.com/myapp?

  Read the article

• howto configure proxy.conf for mod_proxy, apache2, jetty

  - by Kaustubh P

  Hello, This is how I have setup my environment, atm. An apache2 instance on port 80. Jetty instance on the same server, on port 8090. Use-Case: When I visit foo.com, I should see the webapp, which is hosted on jetty, port 8090. If I put foo.com/blog, I should see the wordpress blog, which is hosted on apache. (I read howtos on the web, and installed it using AMP.) Below are my various configuration files: /etc/apache2/mods-enabled/proxy.conf: ProxyPass / http://foo.com:8090/ << this is the jetty server ProxyPass /blog http://foo.com/blog ProxyRequests On ProxyVia On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyStatus On /etc/apache2/httpd.conf: LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_balancer_module /usr/lib/apache2/modules/mod_proxy_balancer.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so LoadModule proxy_ajp_module /usr/lib/apache2/modules/mod_proxy_ajp.so I have not created any other files, in sites-available or sites-enabled. Current situation: If I goto foo.com, I see the webapp. If I goto foo.com/blog, I see a HTTP ERROR 404 Problem accessing /errors/404.html. Reason: NOT_FOUND powered by jetty:// If I comment out the first ProxyPass line, then on foo.com, I only see the homepage, without CSS applied, ie, only text.. .. and going to foo.com/blog gives me a this error: The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET /blog. Reason: Error reading from remote server I also cannot access /phpmyadmin, giving the same 404 NOT_FOUND error as above. I am running Debian squeeze on an Amazon EC2 Instance. Question: Where am I going wrong? What changes should I make in the proxy.conf (or another conf files) to be able to visit the blog?

  Read the article

< Previous Page | 111 112 113 114 115 116 117 118 119 120 121 122  | Next Page >