Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 137/596 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >

• gzip compression good or bad?

  - by WarDoGG

  I have a server that currently does a lot of processing in my application and the target users are those who have a very good internet connection. The output that is sent from the server is always text/html and we do not use any media (audio/video) only images (static site images like logo,etc). We are experiencing severe performance issues and I wonder if turning off gzip/mod_deflate on the server so that the server would avoid compressing the output. Will this cause an improvement in performance?

  Read the article

• Resolve local subdomain on apache for paths within user dir

  - by MaoPU

  On Apache 2.2.x I've activated mod_userdir. I used the default setup, so that http://localhost/~name/ will be connect with ~name/public_html/ and a path within public_html, e.g. ~name/public_html/mySite can be reached through http://localhost/~name/mySite. How can I achieve, that the same path can be reached through http://mySite.name.localhost/? I don't want a manual approach like it is suggested in other SF questions (such as http://serverfault.com/q/133921/53624), but rather want an automatic mapping of all available paths to the corresponding URL. I think, several steps will need to be taken: Change mod_userdir configuration, so that the subdomain of localhost will be connected with all available user names on the machine. The second step would maybe include the usage of mod_rewrite, so that the subsubdomain could be matched to the path within ~name/public_html... What would be your prefered way?

  Read the article

• Lighttpd rewite url from specific client when using proxy

  - by Edu

  I need to send all CGI request to another server so I decided to use it with proxy. The problem is that I need to send the client IP to the server so I did the following configuration: $HTTP["url"] =~ "cgi" { $HTTP["remoteip"] =~ "^(.*)$" { url.rewrite-once = ("^(.*)$" => "$1?myip=%1") } proxy.server = ( "" => ( ( "host" => "XXX.XXX.XXX.XXX", "port" => 80, ) ) ) } the problem is that its not rewriting the URL.

  Read the article

• Is it necessary to change the default users and groups in VMware esxi 4.0 in order to have a secure

  - by Teevus

  By default esxi creates a number of users and groups including: daemon nfsnobody root nobody vimuser dcui How secure is this default security setup? Besides changing the root password, is it advisable to modify the default users and groups? E.g. does esxi use default passwords for the accounts or anything else that could be exploited by malicious users? My scenario is very basic and I don't require any custom users or groups as only sysadmins will ever need to administer the virtual infrastructure, and they can do so using the root account. Thanks

  Read the article

• Everything You Ever Wanted to Know about Mod_Rewrite Rules but Were Afraid to Ask?

  - by Kyle Brandt

  How can I become an expert at writing mod_rewrite rules? What is the fundamental format and structure of mod_rewrite rules? What form/flavor of regular expressions do I need to have a solid grasp of? What are the most common mistakes/pitfalls when writing rewrite rules? What is a good method for testing and verifying mod_rewrite rules? Are there SEO or performance implications of mod_rewrite rules I should be aware of? Are there common situations where mod_rewrite might seem like the right tool for the job but isn't? What are some common examples?

  Read the article

• Resources started with slash .htaccess redirection

  - by Pawka

  I have moved old version of webpage to some subdirectory: http://www.smth.com/old/. But all resources (images, css, etc.) in HTML are linked with slash symbol at the start. So browser still tries to load them from root path. For example old/test.html contains: <img src="/images/lma_logo.ico" /> <!-- not working !--> <img src="images/lma_logo.ico" /> <!-- working !--> How can I rewrite ulrs to load resources from the "old" dir if urls still starts with "/"?

  Read the article

• Redirecting traffic to a https site

  - by Saif

  In our mail server there are multiple virtual email domain hosted. User can use webmail.example.com (this is the first apache virtualhost) to check mail or they can use mail.THEIR-DOMAIN.com. If the put mail.THEIR-DOMAIN.com apache shows the webmail.example.com as it is the first virtualhost and mail.THEIR-DOMAIN.com doesn't exist. Recently we imposed https for webmail.example.com and added this mod_rewrite rule: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} But now users not getting the default webmail page as they were getting before. How can we redirect all request coming to the URL "mail.ANY-DOMAIN.com" to "https://webmail.example.com"? I've tried the following but it didn't work: RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (mail.*) https://webmail.example.com Thanks for your help in advance.

  Read the article

• Force www. on multi domain site and retain http or https [closed]

  - by John Isaacks

  I am using CakePHP which already contains an .htaccess file that looks like: <IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^$ app/webroot/ [L] RewriteRule (.*) app/webroot/$1 [L] </IfModule> I want to force www. (unless it is a subdomain) to avoid duplicate content penalties. It needs to retain http or https Also This application will have multiple domains pointing to it. So the code needs to be able to work with any domain.

  Read the article

• Apache Virtual Host with directory aliases

  - by brechtvhb

  Hi, I'm trying to set up a dynamic virtual host in apache with a directory alias pointing to a difirent path for every domain. Here's what I'm trying to achive. Say I have 2 domains: * www.domain1.com * www.domein2.com I want both to point to the same index.php file (C:/cms/index.php). Now the hard part ... I want directories or certain file types to point to a diffirent path for each domain. Example: * www.domain1.com/layout -> C:/store/www.domain1.com/layout * www.domain2.com/layout -> C:/store/www.domain2.com/layout * www.domain1.com/image.png -> C:/store/www.domain1.com/image.png * www.domain2.com/image.png -> C:/store/www.domain2.com/image.png However the admin directory should point to the same path again for all sites * www.domain1.com/admin -> C:/cms/admin * www.domain2.com/admin -> C:/cms/admin Is there a way to achieve this kind of behaviour in apache 2.2 without having to create a virtualhost entry for each new domain?

  Read the article

• rewrite map (prg:) never finishes

  - by SooDesuNe

  using Apache and a prg type rewrite map. My map looks like: #!/usr/bin/perl $| = 1; # Turn off buffering while (<STDIN>) { print "someothersite.com"; } the rewrite rule declared in httpd.conf is: RewriteMap app_map prg:/file/path/test.pl RewriteRule (\/[\w]+)(\/[^\#\s]+)?$ http://${app_map:$1}$2 [P,L] And the log files show: init rewrite engine with requested uri /a/testlink.html applying pattern '(\/[\w]+)(\/[^\#\s]+)?$' to uri '/a/testlink.html' It appears like test.pl is never giving control back to apache, when the map is successfully found I expect to see this output in the log file: map lookup OK: map=app_map key=/a -> val=someothersite.com Why is my map not returning control back to apache?

  Read the article

• How to secure a new server OS installation

  - by Pat R Ellery

  I bought (and just received) a new 1u dell poweredge 860 (got it on ebay for $35). I finished installing Ubuntu Server (Ubuntu Server 12.04.3 LTS), install apache/mariadb/memcache/php5 works great but I am scared about security. so far I am the only one using the server but eventually more people (friends, friends of friends) will use this server, use ssh etc... I want to know what can I do to secure all the information and not get hacked, both from the web or ssh or ddos and any other attack possible. Does Ubuntu Server does it for you right away? or I have to fix it my self? Thank you EDIT: I installed (so far): All dev tools ssh server LAMP I didn't install: Graphical interface

  Read the article

• Set document root for external subdomain (A Record) via htaccess

  - by 1nsane

  I have a managed server (unable to control apache settings) with the default document root of: /var/www I have a web app running in: /var/www/subdomains/app/webroot I have a dedicated domain managed by the host that has the aforementioned webroot which works perfectly. I would like to allow externally provisioned domains to point to the server/web app via A Record config. If I access the site via IP, it takes me to the index located in /var/www. I would like to configure the .htaccess in my /var/www directory to rewrite requests from the external subdomain to the /var/www/subdomains/app/webroot directory. I've done so using the following rules: RewriteCond %{HTTP_HOST} external\.domain\.com$ [NC] RewriteRule ^(.*)$ /var/www/subdomains/app/webroot/index.php?url=$1 [L,QSA] When accessing external.domain.com, the app loads properly, but the paths to things like CSS files, images, etc. are prefixed with "/subdomains/app/", causing broken links. I've tried changing the RewriteBase (both in /var/www and /var/www/subdomains/app/webroot), as I believe that's what it's designed for - but no luck. Any ideas? FYI the app is built on CakePHP. Thanks

  Read the article

• Active Directoy GPO

  - by Phillip R.

  I am looking into some weird issues with active directory and group policy. This domain has been upgraded from windows NT and has a few different administrators over the years. I am looking through the Default Domain group policy and Default Domain Controller group policy. In the security areas and I will use the log on locally area as an example, it shows SIDes that begin with asterisks and are quite long they look sort of like the following *S-1-5-21-787626... Normally, when I see something like this I would think that the User account was no longer there and this was never cleaned up. Am I wrong in my assumption? Thanks in advance

  Read the article

• Directories Throwing 404 Errors - Virtual Host Configuration and mod_rewrite

  - by nicorellius

  On my production server, things are fine: PHP extension removal and trailing slash rules are in place in my .htaccess file. But locally, this isn't working (well, partially, anyway). I'm running Apache2 with a virtual host for the site in question. I decided to not use the .htaccess file in this case and just add the rules to the httpd-vhosts.conf file instead, which, I've heard, if possible on your server, is a better way to go. The virtual host is working and the URL I use for my site is like this: devserver:9090 Here is my httpd-vhosts.conf file: NameVirtualHost *:9090 # for stuff other than this site <VirtualHost *:9090> ServerAdmin admin@localhost DocumentRoot "/opt/lampstack/apache2/htdocs" ServerName localhost </VirtualHost> # for site in question <VirtualHost *:9090> ServerAdmin admin@localhost DocumentRoot "/opt/lampstack/apache2/htdocs/devserver" ServerName devserver <Directory "/opt/lampstack/apache2/htdocs/devserver"> Options Indexes FollowSymLinks Includes AllowOverride None Order allow,deny Allow from all </Directory> <IfModule rewrite_module> RewriteEngine ON # remove PHP extension and add trailing slash # note - this doesn't work for directories, and throws 404 # TODO - fix so directories use index.php RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{THE_REQUEST} ^GET\ /[^?\s]+\.php RewriteRule (.*)\.php$ /$1/ [R=302,L] RewriteCond %{REQUEST_FILENAME} !-d RewriteRule (.*)/$ /$1.php [L] RewriteCond %{REQUEST_FILENAME}.php -f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .*[^/]$ /$0/ [R=302,L] </IfModule> # error docs ErrorDocument 404 /errors/404.php </VirtualHost> The problem I'm facing is that when I go to directories on the site, I get a 404 error. So for example, this: devserver:9090/page.php goes to devserver:9090/page/ but going to a directory (that has an index.php): devserver:9090/dir/ throws 404 error page. If I type in devserver:9090/dir/index.php I get devserver:9090/dir/index/ and the contents I want appear... Can anyone help me with my rewrite rules?

  Read the article

• apache front-end rewriting URL to different https ports?

  - by khedron

  Hi all, One of my users is having some trouble with forwarding to an internal web app from a public address. Everything worked fine for him when the situation was like this: front page: http://www.myexample.com/ public ref to internal app: http://www.example.com/app-8903/app.html secretly goes to: http://secret.example.com:8903/app-8903/app.html This is to say, my user is providing the very last URL, with the port information duplicated in the URL base, and they were using that to give a public face that hid both the port and the internal machine name. You could still read the port in the URL base if you looked, but the obvious reference and machine name were hidden. Doing it this way, he could have several different instances of the application running on secret.example.com with different ports, and on the front end it just looked like it was changing the URL directory/base. Now the user wants to do the same thing over https:, and the people helping him with apache config say it can't be done. Is that so? Without being there to tinker with the configuration myself, I'm not sure what his IT people have tried, but reading through the apache2 SSL FAQ and other docs, it seems like it should be possible to rewrite URLs to different ports and still use https:.

  Read the article

• Dynamic Virtual Hosts In Apache with www and non-www subdomains

  - by haukish

  I don't know apache very well and I've got a problem with configure mod_vhost_alias This is my httpd.conf file: UseCanonicalName Off LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <Directory /var/www/sites/> Options FollowSymLinks AllowOverride All </Directory> <VirtualHost *:80> CustomLog logs/access_log.sites vcommon ServerAlias *.domain.com UseCanonicalName Off VirtualDocumentRoot /var/www/sites/%1/ </VirtualHost> Subdomains work fine without www. but I need to make them work with www too. Here's an example: something.domain.com - site is loading www.something.domain.com - Not Found What should I do?

  Read the article

• mod_rewrite all but two files causing loop

  - by mpounsett

  I'm trying to set up a web site to allow the creation of a semaphore file to close the site. The logic I want to follow is: when the semaphore file exists and the request is not for /style.css or /favicon.icon show the content of /closed.html I have 1 and 3 working, but my exceptions for 2 result in a processing loop when style.css or favicon.ico are requested. This is my most recent attempt: RewriteEngine on RewriteCond %{REQUEST_URI} !^/style.css RewriteCond %{REQUEST_URI} !^/favicon.ico RewriteCond /usr/local/etc/site/closed -f RewriteRule ^.*$ /closed.html [L] This is in a VirtualHost block, not in a Directory. There is no .htaccess file in play. I have also recently tried this, based on an answer I found elsewhere, but with the same (looping) result: RewriteCond %{REQUEST_URI} ^/style.css [OR] RewriteCond %{REQUEST_URI} ^/favicon.ico RewriteRule ^.*$ - [L] RewriteCond /usr/local/etc/site/closed -f RewriteRule ^.*$ /closed.html [L] I expect a request for /style.css or /favicon.ico to fail to match one of the first two rewrite conditions, which should prevent the URI from being rewritten, which should stop the mod_rewrite iteration. However, mod_rewrite seems to think the URI has been rewritten in those cases, and iterates over the rules again (and again, and again). The above works properly in all cases except for style.css or favicon.ico. In those cases I exceed the loop limits. What am I missing here to cause the rewrite iteration to stop when someone requests style.css or favicon.ico? EDIT: Here's a loglevel 9 example of what happens using the first ruleset when a request arrives for /style.css. This is just the first two iterations.. it continues to loop identically until the limit is reached. 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1db0a0/initial] (2) init rewrite engine with requested uri /style.css 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1db0a0/initial] (3) applying pattern '^.*$' to uri '/style.css' 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1db0a0/initial] (4) RewriteCond: input='/style.css' pattern='!^/style.css' => not-matched 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1db0a0/initial] (1) pass through /style.css 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1dd0a0/initial] (2) init rewrite engine with requested uri /style.css 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1dd0a0/initial] (3) applying pattern '^.*$' to uri '/style.css' 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1dd0a0/initial] (4) RewriteCond: input='/style.css' pattern='!^/style.css' => not-matched 2001:4900:1044:0:145f:826e:6436:dc1 - - [29/May/2014:15:29:26 +0000] [host.example/sid#80c1c48b0][rid#80c1dd0a0/initial] (1) pass through /style.css

  Read the article

• How to secure a VM while allowing customer RDS (or equivalent) access to its desktop

  - by ChrisA

  We have a Windows Client/(SQL-)Server application which is normally installed at the customer's premises. We now need to provide a hosted solution, and browser-based isn't feasible in the short term. We're considering hosting the database ourselves, and also hosting the client in a VM. We can set all this up easily enough, so we need to: ensure that the customer can connect easily, and also ensure that we suitably restrict access to the VM (and its host, of course) We already access the host and guest machines across the internet via RDS, but we restrict access to it to only our own internal, very small, set of static IPs, and of course theres the 2 (or 3?)-user limit on RDS connections to a remote server. So I'd greatly appreciate ideas on how to manage: the security the multi-user aspect. We're hoping to be able to do this initially without a large investment in virtualisation infrastructure - it would be one customer only to start with, with perhaps two remote users. Thanks!

  Read the article

• Access Rails under /app/, not /app/public/

  - by blinry

  I'm trying to deploy Rails 2.1.2 with Apache 2.2.10 and FastCGI (yeah, bad, ancient, ugly, I know). My application can be accessed via example.com/app/public/, but I want to access it via example.com/app/. In my .htaccess-File (in the app/-directory!) I have: RewriteEngine On RewriteBase /app/ RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ public/dispatch.fcgi [QSA,L] How can I forward each request going to app/ to app/public/? Every time I try this (like, with RewriteRule ^.*$ public/$1 [QSA]) I get a routing error: No route matches "/app/" with {:method=>:get} Help?

  Read the article

• Apply rewrite rule for all but all the files (recursive) in a subdirectory?

  - by user784637

  I have an .htaccess file in the root of the website that looks like this RewriteRule ^some-blog-post-title/ http://website/read/flowers/a-new-title-for-this-post/ [R=301,L] RewriteRule ^some-blog-post-title2/ http://website/read/flowers/a-new-title-for-this-post2/ [R=301,L] <IfModule mod_rewrite.c> RewriteEngine On ## Redirects for all pages except for files in wp-content to website/read RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !/wp-content RewriteRule ^(.*)$ http://website/read/$1 [L,QSA] #RewriteRule ^http://website/read [R=301,L] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> My intent is to redirect people to the new blog post location if they propose one of those special blog posts. If that's not the case then they should be redirected to http://website.com/read. Nothing from http://website.com/wp-content/* should be redirected. So far conditions 1 and 3 are being met. How can I meet condition 2?

  Read the article

• RedirectPermanent vs RewriteRule [R]

  - by notbrain

  I currently have a perm_redirects.conf file that gets included into my apache config stack where I have lines in the format RedirectPermanent /old/url/path /new/url/path It looks like I'm required to use an absolute URL for the new path, e.g.: http://example.com/new/url/path. In the logs I'm getting "incomplete redirect target /new/url/path was corrected to http://example.com/new/url/path." (paraphrased). In the 2.2 docs for RewriteRule, at the bottom they show the following as being a valid redirect, with only the url-paths instead of an abs URL for the right hand side of the redirect: RewriteRule ^/old/url/path(.*) /new/url/path$1 [R] But I can't seem to get that format to work to replicate the functionality of the RedirectPermanent version. Is this possible?

  Read the article

• amazon ec2-medium apache requests per second terrible

  - by TheDayIsDone

  EDITED -- test running from localhost now to rule out network... i have a c1.medium using EBS. when i do an apache benchmark and i'm just printing a "hello" for the test from localhost - no database hits, it's very slow. i can repeat this test many times with the same results. any thoughts? thanks in advance. ab -n 1000 -c 100 http://localhost/home/test/ Benchmarking localhost (be patient) Completed 100 requests Completed 200 requests Completed 300 requests Completed 400 requests Completed 500 requests Completed 600 requests Completed 700 requests Completed 800 requests Completed 900 requests Completed 1000 requests Finished 1000 requests Server Software: Apache/2.2.23 Server Hostname: localhost Server Port: 80 Document Path: /home/test/ Document Length: 5 bytes Concurrency Level: 100 Time taken for tests: 25.300 seconds Complete requests: 1000 Failed requests: 0 Write errors: 0 Total transferred: 816000 bytes HTML transferred: 5000 bytes Requests per second: 39.53 [#/sec] (mean) Time per request: 2530.037 [ms] (mean) Time per request: 25.300 [ms] (mean, across all concurrent requests) Transfer rate: 31.50 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 7 21.0 0 73 Processing: 81 2489 665.7 2500 4057 Waiting: 80 2443 654.0 2445 4057 Total: 85 2496 653.5 2500 4057 Percentage of the requests served within a certain time (ms) 50% 2500 66% 2651 75% 2842 80% 2932 90% 3301 95% 3506 98% 3762 99% 3838 100% 4057 (longest request)

  Read the article

• How can I tell if a host is bridged and acting as a router

  - by makerofthings7

  I would like to scan my DMZ for hosts that are bridged between subnets and have routing enabled. Since I have everything from VMWare servers, to load balancers on the DMZ I'm unsure if every host is configured correctly. What IP, ICMP, or SNMP (etc) tricks can I use to poll the hosts and determine if the host is acting as a router? I'm assuming this test would presume I know the target IP, but in a large network with many subnets, I'd have to test many different combinations of networks and see if I get success. Here is one example (ping): For each IP in the DMZ, arp for the host MAC Send a ICMP reply message to that host directed at an online host on each subnet I think that there is a more optimal way to get the information, namely from within ICMP/IP itself, but I'm not sure what low level bits to look for. I would also be interested if it's possible to determine the "router" status without knowing the subnets that the host may be connected to. This would be useful to know when improving our security posture.

  Read the article

• Apache with mod_php high memory utilization

  - by Raj

  We have Magento application deployed on Apache with mod_php and mysql. I have observed that sometime apache server starts consuming high memory which causes memory swapping and results in high load on servers. whenever there is high load on apache server, the apache processes which are causing the high load were in sleep mode at mysql end and CLOSE_WAIT state at client side. Any help is appreciated to resolve this issue.

  Read the article

• nginx redirects and rewrites

  - by ptheofan

  I'm closing a website but want to maintain a couple of urls working plus a static html file to serve as index. All old urls should redirect to root (/) except a couple of chosen locations. Here's an example of what I need to do All should give 301 permanent to / http:://www.domain.tld/whatever/anything/realy == 301 ==> http://www.domain.tld http:://www.domain.tld/blabla == 301 ==> http://www.domain.tld http:://www.domain.tld/ == 301 ==> http://www.domain.tld except for http://www.domain.tld/special.html == serve ==> special.html root should serve the defailt file (as specificed in index) http:://www.domain.tld == serve => somefile.html

  Read the article

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >