Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 116/596 | < Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >

• How can i recompile the python 2.7 with enable shared option

  - by user31

  I installed 2.7 with yum. But i didn't used enable shared option so i am not to run mod_wsgi with djnago. Now i want to recompile with enable shared option. Is there any esay way to do that Although mod_wsgi will still work when compiled against a version of Python which only provides a static library, you are highly encouraged to ensure that your Python installation has been configured and compiled with the '--enable-shared' option to enable the production and use of a shared library for Python. http://code.google.com/p/modwsgi/wiki/InstallationIssues

  Read the article

• Moodle serves on IP only - will not work with mod_proxy

  - by Jon H

  I'm trying to set a moodle server up on an Ubuntu box, which already serves Plone & Trac via Apache. In my Moodle config I have $CFG-wwwroot = 'http://www.server-name.org/moodle' The configuration below works fine for the first two, but when I visit www.server-name.com/moodle I get: Incorrect access detected, this server may be accessed only through "http://xxx.xxx.xxx.xxx:8888/moodle" address, sorry It then forwards to the IP address, where Moodle functions fine. What am I missing to get the server name approach working correctly? Apache Config follows: LoadModule transform_module /usr/lib/apache2/modules/mod_transform.so Listen 8080 Listen 8888 Include /etc/phpmyadmin/apache.conf <VirtualHost xxx.xxx.xxx.xxx:8080> <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On <Location /> ProxyPass http://127.0.0.1:8082/ ProxyPassReverse http://127.0.0.1:8082/ </Location> </VirtualHost> <VirtualHost xxx.xxx.xxx.xxx:80> ServerName www.server-name.org ServerAlias server-name.org ProxyRequests Off FilterDeclare MyStyle RESOURCE FilterProvider MyStyle XSLT resp=Content-Type $text/html TransformOptions +ApacheFS +HTML TransformCache /theme.xsl /home/web/webapps/plone/theme.xsl TransformSet /theme.xsl FilterChain MyStyle ProxyPass /issue-tracker ! ProxyPass /moodle ! <Location /issue-tracker/login> AuthType Basic AuthName "Trac" AuthUserFile /home/web/webapps/plone/parts/trac/trac.htpasswd Require valid-user </Location> Alias /moodle /usr/share/moodle/ <Directory /usr/share/moodle/> Options +FollowSymLinks AllowOverride None order allow,deny allow from all <IfModule mod_dir.c> DirectoryIndex index.php </IfModule> </Directory> </VirtualHost>

  Read the article

• JBoss7 load balancing with mod_proxy_balancer - session not working

  - by Phil P.

  I am trying to set up mod_proxy_balancer for routing requests to 2 jboss7-servers. For the time being I am testing this setup on my local machine, using following config in httpd.conf: ProxyRequests Off <Proxy \*> Order deny,allow Deny from all </Proxy> ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid scolonpathdelim=On <Proxy balancer://mycluster> BalancerMember http://localhost:8080 route=node1 BalancerMember http://localhost:8081 route=node2 Order allow,deny Allow from all </Proxy> and in the standalone.xml file of each jboss I have defined the jvmRoute system property: <system-properties> <property name="jvmRoute" value="node1"/> </system-properties> At http:// localhost/myapp the application is accessible but the java-session is not build up correctly. Consequently the authentication is not working. The funny thing is, that everything is working if I turn off one JBoss-instance. As I have tried a couple of settings already, I am thankful for any further suggestions.

  Read the article

• Why are Linux-based operating systems considered safer than Windows?

  - by echoblaze

  I hear that Linux-based systems are better for security. Apparently they don't have viruses and do not need antivirus software. Even my university claims this - they refuse to have Windows on their servers, which is a real shame because we wanted to use the .NET framework to create some websites. The only reason I can see Linux being safer is because it's open-source, so bugs theoretically would get caught and fixed sooner. I know a bit about how operating systems work, but haven't really delved into how Linux and Windows implement their OS. Can someone explain the difference that makes Linux-based systems more secure?

  Read the article

• Error starting mod_wsgi

  - by Hardgood

  When I run the start-server command on mod_wsgi-experess, I get this output: Server URL : http://localhost:8000/ Server Root : /tmp/mod_wsgi-localhost:8000:0 Server Conf : /tmp/mod_wsgi-localhost:8000:0/httpd.conf Error Log : /tmp/mod_wsgi-localhost:8000:0/error_log httpd: Syntax error on line 2 of /tmp/mod_wsgi-localhost:8000:0/httpd.conf: module version_module is built-in and can't be loaded The line 2 in the httpd.conf in the tmp folder that it is referring to says the following. It was automatically created by mod_wsgi: LoadModule version_module '/usr/local/apache/modules/mod_version.so' I am running Apache 2.2.21 on CentOS 5.10. I am stumped. Any ideas how to get over this obstacle? I should mention that this is a cross-post of a StackOverflow question, after I realized that SO was probably not the best place to ask it.

  Read the article

• How do I redirect all requests to files in the root folder to point to another folder?

  - by purpletonic

  I've moved all of my files from the root of my website into a subfolder, I'd like to do an Apache redirect to point to the files without affecting the other subfolders in my site. E.g. /index.html -- redirect to -- /subfolder1/index.html /file1.html -- redirect to -- /subfolder1/index.html /subfolder2/index.html -- No redirect Can anyone help me with the redirect rule that I need to write for this. Thanks,

  Read the article

• Is email encryption practical enough?

  - by Dimitri C.

  All emails I have ever sent were sent as plain text. Like postcards, everybody on the way to the addressee could easily read and store them. This worries me. I know privacy is something of the past, but encrypting email is possible, at least in theory. However, I wonder whether it is practical enough. Is there anybody who has experience with email security? Is it easy to set up? And can you still send and receive email from all you friends and acquaintances?

  Read the article

• screensavergraceperiod not working

  - by Ralf

  Good Morning, in windows XP there is a registry setting called ScreenSaverGracePeriod which lets you set a time period between the activation of the screensaver and locking of the screen. As as result, as soon as you see the screensaver beeing activated, you have X seconds to press a key or move the mouse in order to avoid having to log in again. Unfortunately, this setting isn't working on my machine. I tried everything I could find on the net (setting the period as stirng or number), but it still does not work. Could it be that some kind of security suite (Symantec) or anything else is blocking this feature? Cheers, Ralf

  Read the article

• Apache LDAP authentication (mod_auth_ldap) on MacOS Server (10.5)

  - by Ursid

  A - Is there a LDAP authentication module (mod_auth_ldap) for the version of Apache that comes built into MacOS Server 10.5? (I'm pretty sure no, but maybe someone compiled one.) B - If not, can it be compiled into MacOS' version of Apache? (Man, that would be nice.) 3 - If I can't use the Apple version of Apache for this, what is the best way to get Apache LDAP authentication working on MacOS Server 10.5? (Preferably one that works with MacOS Servers management software)

  Read the article

• Server Directory Not Accessible

  - by GusDeCooL

  I got strange things happen on live server, but normal in local server. My local server is using mac, and my live server is linux. Consider i try to access some files http://redddor.babonmultimedia.com/assets/images/map-1.jpg This work correctly. http://redddor.babonmultimedia.com/assets/modules/evogallery/check.php Return 404, I'm pretty sure my file is in there and there is no typo mistake. How come it give me 404? There is only one .htaccess on the root server and it's configuration is like this. # For full documentation and other suggested options, please see # http://svn.modxcms.com/docs/display/MODx096/Friendly+URL+Solutions # including for unexpected logouts in multi-server/cloud environments # and especially for the first three commented out rules #php_flag register_globals Off #AddDefaultCharset utf-8 #php_value date.timezone Europe/Moscow Options +FollowSymlinks RewriteEngine On RewriteBase / <IfModule mod_security.c> SecFilterEngine Off </IfModule> # Fix Apache internal dummy connections from breaking [(site_url)] cache RewriteCond %{HTTP_USER_AGENT} ^.*internal\ dummy\ connection.*$ [NC] RewriteRule .* - [F,L] # Rewrite domain.com -> www.domain.com -- used with SEO Strict URLs plugin #RewriteCond %{HTTP_HOST} . #RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] #RewriteRule (.*) http://www.example.com/$1 [R=301,L] # Exclude /assets and /manager directories and images from rewrite rules RewriteRule ^(manager|assets)/*$ - [L] RewriteRule \.(jpg|jpeg|png|gif|ico)$ - [L] # For Friendly URLs RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] # Reduce server overhead by enabling output compression if supported. #php_flag zlib.output_compression On #php_value zlib.output_compression_level 5

  Read the article

• How can I setup apache+mod_proxy so when I connect to mod_proxy on interface X, it sends the traffic

  - by aspitzer

  We use a service that allots us X number of requests per IP and has allows us to setup 5 IPs with such a limit (I know.. it seems stupid they could not just up the limit 5x on one IP). Pretend I have a linux box with the following address on the internet: 66.249.90.104 - that is an Google IP and not mine... so feel free to try to hack into it :) I setup apache+mod_proxy as a forwarding proxy (ProxyRequests On). i.e. you can setup firefox to use 66.249.90.104:8080 as a proxy, and all firefox traffic comes out as 66.249.90.104. So far so good. Problem: Now I add more alias interfaces so the total looks like this: eth0: 66.249.90.104 eth0:1 66.249.90.105 eth0:2 66.249.90.106 eth0:3 66.249.90.107 eth0:4 66.249.90.108 I run apache+mod_proxy (single apache instance) which binds to all interfaces, but no matter which address I connect to use the forwarding proxy, all traffic goes out to the internet as 66.249.90.104 I have also tried running 5 different apaches, each binding to its own interface only, but that still sends the outbound request through 66.249.90.104. I was hoping to get it to work as follows: I connect to 66.249.90.108 and make a proxy request, and it goes out as 66.249.90.108. I connect to 66.249.90.107 and make a proxy request, and it goes out as 66.249.90.107. etc. Has anyone else had to deal with this issue? The fall back solution would be to just run apache on 5 separate boxes, but I would prefer it to all work on one box. Thanks!

  Read the article

• Hiding a Website from Search Engine Bots and Viewers by Disabling Default VirtualHost

  - by Basel Shishani

  When staging a website on a remote VPS, we would like it to be accessible to team members only, and we would also like to keep the search engine bots off until the site is finalized. Access control by host whether in Iptables or Apache is not desirable, as accessing hosts can vary. After some reading in Apache config and other SF postings, I settled on the following design that relies on restricting access to only through specific domain names: Default virtual host would be disabled in Apache config as follows - relying on Apache behavior to use first virtual host for site default: <VirtualHost *:80> # Anything matching this should be silently ignored. </VirtualHost> <VirtualHost *:80> ServerName secretsiteone.com DocumentRoot /var/www/secretsiteone.com </VirtualHost> <VirtualHost *:80> ServerName secretsitetwo.com ... </VirtualHost> Then each team member can add the domain names in their local /etc/hosts: xx.xx.xx.xx secrethostone.com My question is: is the above technique good enough to achieve the above said goals esp restricting SE bots, or is it possible that bots would work around that. Note: I understand that mod_rewrite rules con be used to achieve a similar effect as discussed here: How to disable default VirtualHost in apache2?, so the same question would apply to that technique too. Also please note: the content is not highly secretive - the idea is not to devise something that is hack proof, so we are not concerned about traffic interception or the like. The idea is to keep competitors and casual surfers from viewing the content before it's released, and to prevent SE bots from indexing it.

  Read the article

• JavaScript is not pointing correctly on IIS7 running behind Apache mod_proxy

  - by sohum

  So here's my setup. I've got a DynDNS account since I have a dynamic IP. I have Apache listening on port 80 and IIS7 on port 8080. I don't want users to have to enter in mydyndns.dyndns.com:8080 to get to IIS7, so I've added the following code to my Apache httpd.conf file to enable a proxy/reverse proxy: <VirtualHost *:80> ProxyPass / http://localhost:8080/myASPSite/ ProxyPassReverse / http://localhost:8080/myASPSite/ ServerName myaspsite.mydomain.com </VirtualHost> I've got a CNAME record set up on my DNS so that myaspsite.mydomain.com redirects to mydyndns.dyndns.com. When I type in myaspsite.mydomain.com into my browser, everything works beautifully... mostly. IIS7 serves up the ASPX pages and visitors to the site don't know any better. A problem arises, however, when I add Ajax Control Toolkit controls into my ASPX website, because these generate JavaScript and apparently mod_proxy_html isn't geared to handle the JS URIs properly. Sure enough, when I open up the source of my ASPX page, it has script elements as follows: <script src="/myASPSite/WebResource.axd?xyz" type="text/javascript"></script> <script src="/myASPSite/ScriptResource.axd?xyz" type="text/javascript"></script> Sure enough, these scripts are attempting to be resolved at http://myaspsite.mydomain.com/myASPSite/WebResource..., which through the proxy translates to localhost:8080/myASPSite/myASPSite/.... How can I solve this problem. The couple of websites I found suggested turning on ProxyHTMLExtended but when I tried doing that, the server did not start. I'm guessing I didn't know how to do it properly. Anyone has a handy couple of config lines that I can add to my Apache conf file to get this working as I need? I'm using Apache 2.2.11. Thanks!

  Read the article

• Apache mod_rewrite redirect with prefix

  - by Marc

  I am newbie with Apache's mod_rewrite and I'm having some difficulties getting it to do what I want. In my static directory, I have some javascript files (.js) with 2 kind of filename: xxxx.js which is the standard file name AT_xxxx.js (with prefixed filename) which has been duplicated from previous standard file name but also contains my customizations I would like to parse requests for each standard requested javascript file (xxxx.js) to check if a customized file exists (AT_xxxx.js) including all sub-directories. Then, in this case, use the custom file instead of the standard file (perhaps by internal redirect). I tried to figure this out for hours but something is still wrong. Note: Also, I don't know how to find custom files in sub-directories. DocumentRoot "/data/apps/dev0/custom/my_static" <filesMatch "\\.(js)$"> Options +FollowSymLinks RewriteEngine on RewriteCond %{DOCUMENT_ROOT}/AT_$1.js -f RewriteRule ^(.*[^/])/?$ %{DOCUMENT_ROOT}/AT_$1.js [QSA,L] </filesMatch>

  Read the article

• Rewriting URLs from subdomain to domain in Apache

  - by Nazgulled

  Hi, My webserver is running Plesk and part of my site structure goes like this: / /httpdocs (domain root folder, URL: http://www.domain.com) /subdomains /subdomains/blog/httpdocs (blog root folder, URL: http://blog.domain.com) I have a WordPress installation in the domain root folder and WP is configured to display a static page when accessing www.domain.com and to display the blog when accessing www.domain.com/blog. However, I want to redirect (using mod_rewrite) all requests from http://blog.domain.com/ to http://www.domain.com/blog/. A few examples: Accessing http://blog.domain.com/archives should access http://www.domain.com/blog/archives/ Accessing http://blog.domain.com/tag/abc should access http://www.domain.com/blog/tag/abc/ Accessing http://blog.domain.com/some-post-title should access http://www.domain.com/blog/some-post-title All this should be transparent to the user, the address shouldn't be changed on the browser's address bar. In better words, I want a URL rewrite and not a URL redirect. Is this achievable with mod_rewrite? Can anyone help me with the .htaccess? All my attempts on doing so have failed...

  Read the article

• mod_rewrite "Request exceeded the limit of 10 internal redirects due to probable configuration error."

  - by Shoaibi

  What i want: Force www [works] Restrict access to .inc.php [works] Force redirection of abc.php to /abc/ Removal of extension from url Add a trailing slash if needed old .htaccess : Options +FollowSymLinks <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / ### Force www RewriteCond %{HTTP_HOST} ^example\.net$ RewriteRule ^(.*)$ http://www\.example\.net/$1 [L,R=301] ### Restrict access RewriteCond %{REQUEST_URI} ^/(.*)\.inc\.php$ [NC] RewriteRule .* - [F,L] #### Remove extension: RewriteRule ^(.*)/$ /$1.php [L,R=301] ######### Trailing slash: RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_URI} !(.*)/$ RewriteRule ^(.*)$ http://www.example.net/$1/ [R=301,L] </IfModule> New .htaccess: Options +FollowSymLinks <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / ### Force www RewriteCond %{HTTP_HOST} ^example\.net$ RewriteRule ^(.*)$ http://www\.example\.net/$1 [L,R=301] ### Restrict access RewriteCond %{REQUEST_URI} ^/(.*)\.inc\.php$ [NC] RewriteRule .* - [F,L] #### Remove extension: RewriteCond %{REQUEST_FILENAME} \.php$ RewriteCond %{REQUEST_FILENAME} -f RewriteRule (.*)\.php$ /$1/ [L,R=301] #### Map pseudo-directory to PHP file RewriteCond %{REQUEST_FILENAME}\.php -f RewriteRule (.*) /$1.php [L] ######### Trailing slash: RewriteCond %{REQUEST_FILENAME} -d RewriteCond %{REQUEST_FILENAME} !/$ RewriteRule (.*) $1/ [L,R=301] </IfModule> errorlog: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer: http://www.example.net/ Rewrite.log: http://pastebin.com/x5PKeJHB

  Read the article

• path problem with mod_rewrite, XDebug, PDT, XAMPP and Windows XP

  - by Delirium tremens

  My mod_rewrite turns accounts/create into index.php?folder=accounts&action=create, but pdt ignores it, so when I try to start a PHP Script debug session, I have to type a folder location in the file field and pdt doesn't accept. When PDT auto generates the URL for the PHP Web Page debug session, I go to http://localhost/myframe/index.php?XDEBUG%5FSESSION%5FSTART=ECLIPSE%5FDBGP&KEY=12569067976875, but myframe is in the frameworks folder, so I get a 404 error. When I check a breakpoint, uncheck Auto Generate, add frameworks before myframe in URL, set Start Debug from http://localhost/frameworks/myframe/accounts/create in Advanced and click Debug, the debugger doesn't stop at the breakpoint.

  Read the article

• Why doesn't apache2 consistently load template fragments from memcached?

  - by Hobhouse

  I run a webserver on an ubuntu box in the rackspacecloud with django 1.0x, apache2/WSGI and memcached 1.2.2. Some of my templates make use of template fragment caching: {% load cache %} {% cache 604800 keyname %} <!-- cache: {% now "H:i, j. b" %} --> {{ my_content }} {% endcache %} When I reload apache2 everything is fine. If keyname is not set, my_content is generated and keyname is set in memcached. After that, my_content is served from memcached. My problem is that after some hours (notably less time than 604800 seconds ), apache2 seems to stop talking to memcached, and my_content is generated from scratch everytime. When this happens I can still set and get keys from memcached from my python shell. Memcached also has more than enough memory to store keys. But to get apache2 to start talking to memcached again I have to restart apache2, and then it will once again start to get the now several hours old keys from memcached. What can be the reason for this behaviour, and how do I fix it?

  Read the article

• Cannot get mod_rewrite to work on Mac OSX Mountain Lion

  - by Joel Joel Binks

  I have tried everything I can think of and it still doesn't work. I am trying to get the example code from Larry Ullman's Advanced PHP book to work. His instructions were a bit lacking so I had to do some research. Here is what I have configured: username.conf <Directory "/Users/me/Sites/"> Options Indexes MultiViews FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> httpd.conf LoadModule rewrite_module libexec/apache2/mod_rewrite.so DocumentRoot "/Users/me/Sites" <Directory /> Options Indexes MultiViews FollowSymLinks AllowOverride All Order deny,allow Allow from all </Directory> <Directory "Users/me/Sites"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory> .htaccess <IfModule mod_rewrite.so> RewriteEngine on RewriteBase /phplearning/ADVANCED/ch02/ # Redirect certain paths to index.php: RewriteRule ^(about|contact|this|that|search)/?$ index.php?p=$1 RewriteLog "/var/log/apache/rewrite.log" RewriteLogLevel 2 </IfModule> Nothing has worked and it won't even log to the rewrite.log file. What have I done wrong? FYI even when I set up an extremely simple rule or use the root as the rewrite base, it still fails. I have also verified the mod_rewrite module is running. I am really angry.

  Read the article

• How can I get more pages with mod_rewrite

  - by wesszzel

  I use the mod_rewrite on my website, but some things arent working. I want four pages. Index Contact News Portfolio But all my links end up linking to Index! How do I change this? I use this code: <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> Thank you!!

  Read the article

• Mindtouch with fcgid - Fast CGI apache worker thread.

  - by Stephan Kristyn

  Anyone got Dekiwiki / Mindtouch running with fcgid-module? I get 504 and 500 all the time. mod_fcgid: can't apply process slot for /var/www/html/dekiwiki/index.php [Tue Dec 28 06:14:03 2010] [warn] (104)Connection reset by peer: mod_fcgid: read data from fastcgi server error. [Tue Dec 28 06:14:03 2010] [error] [client 92.75.107.53] Premature end of script headers: index.php I'm currently fiddling with SuExec and fast-cgi wrapper directory permissions, because I also employ a chrooted SFTP jail. Sometimes the first line about the process slot does not appear now. I found a solution in german and will work it through now. http://debianforum.de/forum/viewtopic.php?f=8&t=122758&start=15

  Read the article

• Oracle buys Secerno

  - by Paulo Folgado

  Adds Heterogeneous Database Firewall to Oracle's Industry-leading Database Security SolutionsRedwood Shores, CA - May 20, 2010News FactsOracle has agreed to acquire Secerno, a provider of database firewall solutions for Oracle and non-Oracle databases.Organizations require a comprehensive security solution which includes database firewall functionality to prevent sophisticated attacks from reaching databases.Secerno's solution adds a critical defensive layer of security around databases, which blocks unauthorized activity in real-time.Secerno's products are expected to augment Oracle's industry-leading portfolio of database security solutions, including Oracle Advanced Security, Oracle Database Vault and Oracle Audit Vault to further ensure data privacy, protect against threats, and enable regulatory compliance.The combination of Oracle and Secerno underscores Oracle's commitment to provide customers with the most comprehensive and advanced security offering that helps reduce the costs and complexity of securing their information throughout the enterprise.The transaction is expected to close before end of June 2010. Financial details of the transaction were not disclosed.Supporting Quote:"The Secerno acquisition is in direct response to increasing customer challenges around mitigating database security risk," said Andrew Mendelsohn, senior vice president, Oracle Database Server Technologies. "Secerno's database firewall product acts as a first line of defense against external threats and unauthorized internal access with a protective perimeter around Oracle and non-Oracle databases. Together, Oracle's complete set of database security solutions and Secerno's technology will provide customers with the ability to safeguard their critical business information.""As a provider of database firewall solutions that help customers safeguard their enterprise databases, Secerno is a natural addition to Oracle's industry-leading database security solutions," said Steve Hurn, CEO Secerno. "Secerno has been providing enterprises and their IT Security departments strong assurance that their databases are protected from attacks and breaches. We are excited to bring Secerno's domain expertise to Oracle, and ensure continuity and success for our current customers, partners and prospects."Support Resources:About Oracle and SecernoGeneral PresentationFAQCustomer LetterPartner Letter

  Read the article

• Mod_rewrite (CakePHP routing functionality) forbidden after Snow Leopard upgrade

  - by Ryan Ballantyne

  Hello ServerFault, I am using the standard Apple-provided installations of PHP 5.3 and Apache 2 to do web development on a Mac Pro that I just upgraded to Mac OS X 10.6 (Snow Leopard). The upgrade went well enough, if I ignore the fact that it destroyed my ability to get work done. ;) After the update, the CakePHP application I was developing started giving me 403 Forbidden errors when accessed. Based on the errors in the log file, I've determined that Apache is choking on the mod_rewrite rules in Cake's .htaccess file. Here's the file, in its entirety: <IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L] </IfModule> It's not that the rules themselves are wrong, but that Apache is forbidding the use of mod_rewrite altogether. All other pages on the machine work fine, and the 403 errors go away if I comment out the .htaccess file (but nothing works, of course). In my httpd.conf file, I've tried changing this: <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> To this: <Directory /> Options FollowSymLinks AllowOverride All Order deny,allow Allow from all </Directory> ...which has no effect. I don't know much about Apache configuration files, and I'm quite stuck on this. In fact, I know little enough that I'm not sure which information about my setup is needed to enable people to provide useful answers. I'm just using the vanilla OS X setup, nothing fancy. Googling has yielded no fruits for me this time, so I'm turning to you. Any ideas?

  Read the article

• (Serving PHP) Does Apache2 will create new thread on every connection?

  - by apasajja

  Based on many online sources, in serving static files, Apache2 will create new thread on every different connection... results in resource hungry But how about serving PHP through Apache2 (mod_php, MPM worker, etc)? Does apache will also open new thread like serving static files? (AFAIK, in nginx php-fpm, we can set the max thread, but I dont know how many connection per thread) I'm planning to use Apache2 in serving PHP, and hope it will be same as nginx PHP-FPM or even better in resource usage and performance.

  Read the article

• Detecting Request that uses invalid Encoding using Modsecurity

  - by Ali Ahmad

  I am trying write a virtual patch using modsecurity for my hosted web application using following rule i.e. <Location /index.php> SecDefaultAction phase:2,t:none,log,deny # Validate parameter names SecRule ARGS_NAMES "!^(articleid)$" \ "msg:'Unknown parameter: %{MATCHED_VAR_NAME}'" # Expecting articleid only once SecRule &ARGS:articleid "!@eq 1" \ "msg:'Parameter articleid seen more than once'" # Validate parameter articleid SecRule ARGS:articleid "!^[0-9]{1,10}$" \ "msg:'Invalid parameter articleid'" </Location> The problem is how can i reject requests that use invalid encoding as a global WAF configuration so that this patch cannot be circumvented.

  Read the article

< Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >