dangers are in giving public execute permissions to the httpdocs
- by Ramji
I am new to linux webhosting services and I have question in my mind which is there any danger are in giving public execute permissions to the httpdocs
Search Results
Search found 1701 results on 69 pages for 'httpd'.
Page 15/69 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22 | Next Page >
-
-
Set nginx.conf to deny all connections except to certain files or directories
- by Ben
I am trying to set up Nginx so that all connections to my numeric ip are denied, with the exception of a few arbitrary directories and files. So if someone goes to my IP, they are allowed to access the index.php file, and the phpmyadmin directory for example, but should they try to access any other directories, they will be denied. This is my server block from nginx.conf: server { listen 80; server_name localhost; location / { root html; index index.html index.htm index.php; } location ~ \.php$ { root html; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /srv/http/nginx/$fastcgi_script_name; include fastcgi_params; } } How would I proceed? Thanks very much!Read the article
-
CentOS - Apache and SSL?
- by NeoNmaN
Hei all i have problem for my SSL setup, when i put SSL Engine to on my Apache will not start up, if i remove it, its work fine. i can't finde the Apache log, so i can find out of whats happen here, can sommen maby tell me the problem or link to the defualt log-path for Apache? here is my vhost config file. <VirtualHost *:443> # SSLEngine On SSLProtocol all SSLCertificateFile "/etc/pki/tls/schemecloud.co.uk.csr" SSLCertificateKeyFile "/etc/pki/tls/schemecloud.co.uk.key" SSLCACertificateFile "/etc/pki/tls/rapidssl.crt" ErrorLog "/var/www/error_ssl_log" <Directory /var/www/html> AllowOverride All </Directory> DocumentRoot /var/www/html/ ServerName schemecloud.co.uk </VirtualHost>Read the article
-
HTTP Caching Server that supports POST
- by Jeroen
I am hosting a REST service which is sending appropriate cache-control headers. I use Varnish as a caching server in front of my webserver. However, a limitation of varnish is that it doesn't support caching HTTP POST and HTTP PUT. Is there any alternate caching server that will be able to cache these requests? I understand that caching POST is a bit tricky because you cannot just cache based on the url as a key like for GET; it needs to actually inspect the request body. In case of multipart/form-data requests, there should probably be a limit on the size of the request body for it to be cached (so that big file uploads, etc won't be cached). Nevertheless I really want to be able to cache short HTTP POST, or at least the application/x-www-form-urlencoded ones.Read the article
-
_default_ VirtualHost overlap on port 443, the first has precedence
- by Mohit Jain
I have two ruby on rails 3 applications running on same server, (ubuntu 10.04), both with SSL. Here is my apache config file: <VirtualHost *:80> ServerName example1.com DocumentRoot /home/me/example1/production/current/public </VirtualHost> <VirtualHost *:443> ServerName example1.com DocumentRoot /home/me/example1/production/current/public SSLEngine on SSLCertificateFile /home/me/example1/production/shared/example1.crt SSLCertificateKeyFile /home/me/example1/production/shared/example1.key SSLCertificateChainFile /home/me/example1/production/shared/gd_bundle.crt SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM </VirtualHost> <VirtualHost *:80> ServerName example2.com DocumentRoot /home/me/example2/production/current/public </VirtualHost> <VirtualHost *:443> ServerName example2.com DocumentRoot /home/me/example2/production/current/public SSLEngine on SSLCertificateFile /home/me/example2/production/shared/iwanto.crt SSLCertificateKeyFile /home/me/example2/production/shared/iwanto.key SSLCertificateChainFile /home/me/example2/production/shared/gd_bundle.crt SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM </VirtualHost> Whats the issue: On restarting my server it gives me some output like this: * Restarting web server apache2 [Sun Jun 17 17:57:49 2012] [warn] _default_ VirtualHost overlap on port 443, the first has precedence ... waiting [Sun Jun 17 17:57:50 2012] [warn] _default_ VirtualHost overlap on port 443, the first has precedence On googling why this issue is coming I got something like this: You cannot use name based virtual hosts with SSL because the SSL handshake (when the browser accepts the secure Web server's certificate) occurs before the HTTP request, which identifies the appropriate name based virtual host. If you plan to use name-based virtual hosts, remember that they only work with your non-secure Web server. But not able to figure out how to run two ssl application on same server. Can any one help me?Read the article
-
Animated HTTP request visualisation on Apache
- by Simon Bennett
This is more a question to appease my memory in trying to remember what it was I saw a while ago. I remember being introduced to a realtime server visualisation tool that showed the current requests that Apache was handling in a kind of fireworks effect on screen. Each request/group of requests would be shot across the screen in varying colours. I can't for the life for me remember what is was called and hunting around here and Google has left me empty handed. Just wondering if anybody else was able to plug this gem from the memory and ease my pain! ThanksRead the article
-
password protect apache user directory using system passwords
- by Jeff
I have set up Apache to check user passwords using these modules: LoadModule authz_user_module modules/mod_authz_user.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule auth_basic_module modules/mod_auth_basic.so However, these modules require me to manually add everyone to a new password file (which requires every user to type in their password). Is there a way to have Apache check the system passwords, so that anyone who can ssh can use the same password for web login?Read the article
-
What are the minimum required modules to run WordPress
- by Mister IT Guru
Recently a 'consultant' came in to talk to bean counters at my place of employment, with regards to being more efficient with our IT infrastructure. They suggested to be more efficient we should only load the Apache modules that are required on our web servers. (This is just 1 of 1Ks of suggestions). The Bean Counters are very excited, and prepared for me to spend the time to investigate this avenue of cost cutting. I don't mind this mundane exercise, I see it as a learning experience! I guess this leads me to the actual question: How can I determine the minimum required apache modules for a PHP based application without actually going through the code, or plain old trial and error?Read the article
-
Error configuring virtual hosts
- by user148351
i Have a problem using my virtual hosts: When i try to connect to my server on direct ip adress, for example http://111.11.11.111/ in apache error log i see following error: script '/var/www/html/mmm/public/index.php' not found or unable to stat File index.php exists!!! and has correct access rights. I have virtual hosts configured <VirtualHost *:80> DocumentRoot /var/www/html/mmm/public ServerName example.com ServerAlias example.com www.example..com <Directory var/www/html/mmm/public> AllowOverride All </Directory> </VirtualHost> Why when I try to connect to ip address - it try to search index.php not in servers root directory, but in root directory of virtual host.Read the article
-
Only allow the POST method for a specific file in a directory
- by Dave Chen
I have one file that should only be accessible via the POST method. /var/www/folder/index.php The document root is /var/www/ and index.php is nested inside a folder. My configurations are as follows: <Directory "/var/www/folder"> <Files "index.php"> order deny,allow Allow from all <LimitExcept POST> Deny from all </LimitExcept> </Files> </Directory> I visit my server at 127.0.0.1/folder but I can GET and POST the file just like normal. I've also tried reversing the order, order allow,deny, require, limitexcept and limit. How can I only allow POST requests to be processed by one file in a folder?Read the article
-
turn off disable the performance cache
- by jessie
OK I run a streaming website and my CMS is giving me an error when uploading videos "Failed To Find Flength File" ok so I did some research. The answer I got from the coder was below. I did do all that, but the only thing I could not do is turn off what he refers to as performance cache, talked about in the last sentence... I am on a Cent OS Assuming the script is set up properly, you are probably dealing with some kind of write-caching. Some servers perform write-caching which prevents writing out the flength file or the entire CGITemp file during the upload. The flength file or the CGITemp file do not actually hit the disk until the upload is complete, making it worthless for reporting on progress during the upload. This may be fixed using a .htaccess file assuming your host supports them. Here is a link to an excellent tutorial on using .htaccess files. I strongly recommend giving it a quick read before attempting to install your own .htaccess file. 1. A mod_security module for Apache. To fix it just create a file called .htaccess (that's a period followed by "htaccess") and put the following lines in that file. Upload the file into the directory where the Uber-Uploader CGI ".pl" scripts resides, or in some directory above it (like your server's DOCUMENT_ROOT, i.e. the top-level of your webspace). htaccess files must be uploaded as ASCII mode, not BINARY. You may need to CHMOD the htaccess file to 644 or (RW-R--R--). # Turn off mod_security filtering. SecFilterEngine Off # The below probably isn't needed, # but better safe than sorry. SecFilterScanPOST Off If the above method does not work, try putting the following lines into the file SetEnvIfNoCase Content-Type \ "^multipart/form-data;" "MODSEC_NOPOSTBUFFERING=Do not buffer file uploads" mod_gzip_on No 2. "Performance Cache" enabled on OS X SERVER. If you're running OS X Server and the progress bar isn't working, it could be because of "performance caching." Apparently if ANY of your hosted sites are using performance caching, then by default, all sites (domains) will attempt to. The fix then is to disable the performance cache on all hosted sites.Read the article
-
how to optimize apache on web-server
- by Prakash
how can I optimize the server with following configuration. It takes too much time to load a page. IBM X3200 M3 Server - 1 Intel Xeon Processor with 4 GB Ram Below is my current configuration for apache: Start Servers: 5 (Default) Minimum Spare Servers: 10 Maximum Spare Servers: 20 Server Limit: 500 Max Clients: 500 Max Requests Per Child: 10000 (Default) Keep-Alive: On Keep-Alive Timeout: 5 Max Keep-Alive Requests: 100 Timeout: 200Read the article
-
Default documentroot apache does not work
- by James Wise
I have apache version 2.2 and php 5.3.15 on a single server. I configured virtual hosting and a default vhost. 0_default_.conf - goes to /var/www/default sub.domain.com.conf - goes to /var/www/sub.domain.com My question is, how could I set the default documentroot to sub.domain.com permanently? That means all request should be redirected to sub.domain.com. I try to remove 0_default_.conf but when viewing the page it display the php source code of sub.domain.com. Here is my configurations -- http://pastebin.com/4e3awUJ4 Although I can create index.php to /var/www/default and permanently redirect to sub.domain.com site but it's not viable solution for me because what if I didn't point the ip address of sub.domain.com to the server so user cannot view that subdomain. I would appreciate if anyone could share their knowledge and wisdom. Thanks. JamesWRead the article
-
.htaccess redirect root directory and subpages with parameters
- by wali
I am having difficulty trying to redirect a root directory while at the same time redirect pages in a sub directory to a different URL. For example: http://test.example.com/olddir/sub/page.php?v=one to http://test.example.com/new/one while also redirecting the any request to the root of the olddir folder. I have tried RewriteCond %{QUERY_STRING} v=one RewriteRule ^/olddir/sub/page.php /new/? [R=301] and RedirectMatch /oldir "test.example.com" RedirectMatch /olddir/sub/page.php?v=one "test.example.com/new/one" Any help at this point will be extremely appreciated...Thanks!Read the article
-
500 internal server error php long running process
- by Sabirul Mostofa
I am trying to run a long php process and it ends with the 500 internal server error. It executes fine for about 8 mins. I have rebooted the machine after changing the php settings. PHP Config: max_execution_time: 3600 After around 10 mins ps ax|grep php: 19007 ? S 0:08 /usr/bin/php /home/gypsy/public_html/index.php I have set the ignore_user_abort true. The process gets stuck at 00:08 min and isn't executed further. Apache error log shows the error: Script timed out before returning headers: index.php It seems somehow the max_execution_time isn't working. Any suggestion would be a great help.Read the article
-
Two virtual host one with Domain name one with internal ip#?
- by Abhishek
Is it possible to have two virtual host configurations for the same server - one with internal ip address and one with domain name? Something like <VirtualHost {{internal-ipaddress}}:80> ....... </VirtualHost> <VirtualHost {{domain-name}}:80> ....... </VirtualHost> Note that the internal IP address and the domain name belong to the same server or same server instance. I am asking this to restrict some URLs for external users, redirect to https all external access and allow everything for internal users(without https)..Read the article
-
Apache intermittently aborting requests
- by Adam Phillips
I have just been dealing with a problem whereby http requests are being aborted, seemingly at random. On any particular page in the website, when you opened a page, a number of the assets (img, css, etc) failed to load. If you refreshed, the page may work fine, the same set of assets may fail to load or different assets may fail to load. The net tab in firefox was returning 'Aborted' in the HTTP status code column for the failed assets, even tho in the case of images, the image previews were still working. There was nothing in any of the apache logs about the requests that failed, however since it seemed to point to an apache issue, we restarted apache. The first time we tried, it made no difference but about 10 minutes later, in the absence of a better solution we tried again. Bizarrely, the problem disappeared immeadiately. So now the site seems to be running fine again but its rather unsettling, both the intermittent nature of the problem and the lack of an explanation for its resolution. Has anyone seen anything like this before and if so did you find out the reason behind it? Many ThanksRead the article
-
Can't locate API module structure `mod_wsgi'
- by a coder
I'm working on setting up Trac to use wsgi, and am running into trouble getting mod_wsgi working. I downloaded and installed mod_sgi. [box]# apachectl configtest httpd: Syntax error on line 214 of /etc/httpd/conf/httpd.conf: Can't locate API module structure `mod_wsgi' in file /etc/httpd/modules/mod_wsgi.so: /etc/httpd/modules/mod_wsgi.so: undefined symbol: mod_wsgi Line 214 of httpd.conf: LoadModule mod_wsgi modules/mod_wsgi.so Here is mod_wsgi.so as found on the filesystem: [box]# locate mod_wsgi.so /usr/lib64/httpd/modules/mod_wsgi.so What might I be overlooking?Read the article
-
Apache .shared folder
- by Kevin
There are already a bunch of rules in my Apache configuration. What I want to add is the following. There are some shared folders (.shared): /var/www/.shared/ and /var/www/.include/.shared/ and /var/www/.include/(.*)/.shared/. Now when someone visits http://domain.com/test.png it first executes the existing apache rules and will (when the file/folder was not found) look in those .shared folders. So suppose I've got this filesystem: /var/www/.shared/dog.png /var/www/.shared/test.gif and /var/www/domain.com/dog.png. Now when someone visits http://domain.com/test.gif, it must load the test.gif from the .shared folder. Now when someone visits http://domain.com/dog.png it must load the dog.png from the domain.com folder (because the existing apache rules will be executed first).Read the article
-
htaccess change DirectoryIndex priotiry to php and not html
- by Jayapal Chandran
In a production server there are index.html and index.php By default index.html is getting loaded. I want index.php to be the default script to load and if index.php is not present then index.html can load. It is a shared hosting so we do not have access to the httpd.conf file So i thought of creating .htaccess file which would do the above condition. What is the directive to include in .htaccess file to do so?Read the article
-
Redirecting a subdomain to subdomain/folder
- by Johnbritto
I have linux server with plesk panel. I am running sourceforge VM in NAT mode with static ip 172.16.63.XX. In my host i have configured subdomain's (vhost.conf) with proxypass to connect with VM machine.. I can access sourceforge VM with http. I am searching for http redirecting to https. http://xxx.mydomain.com -- https://xxx.mydomain.com/sf/sfmain/do/home/ . just need to know, If I own a SSL for mydomain.com. if i redirect a xxx.mydomain.com to mydomain.com/folder will the SSL will be applied to redirected domain? i.e mydomain.com/folder?Read the article
-
MOD_REWRITE not creating correct path
- by Bill
SO I am trying to setup a RewriteRule on my server for caching static objects. the files are in this naming scheme /docroot/css/stylesheet.min.css and I have them printed in the code like /docroot/css/stylesheet.min.123438348.css (the number is example it comes from a get modified function). Note docroot is an example directory how can I have the server ignore the numbers and redirect to the stylesheet.min.css I need to do this for every css and js files (/js and /css) as well as one specific spritemap image my current attempt RewriteRule ^/(docroot)/(js|css)/(.+).(min).(.+).(js|css)$ /$1/$2/$3.$4.$6 RewriteRule ^(/docroot/images/spritemap).([0-9]+).(png)$ $1.$3 Update: Now I have the setup like this RewriteEngine on Options FollowSymLinks RewriteRule ^(.+).(min).([0-9]+).(js|css)$ $1.$2.$4 [L] This is rewriting localhost/docroot/css/stylesheet.min.12343242.css to /var/www/html/docroot/trunk/docroot/css/stylesheet.min.css so it is getting the right file how do I get apache to take off the beginning of the that the /var/www/html/docroot/trunk/Read the article
-
Overload Protection
- by Tyron
Is there a simple way how I could redirect a visitor (via .htaccess or PHP script) to a static page when the server is overloaded from too many requests? It doesn't have to be a protection against huge amounts of requests at once or protect against DoS Attacks. I think our server would be protected enough if we could prevent the standard website to be shown and instead show a single file "overloaded.html". Also how could I get a measure for a server being overloaded on a typical managed server (= non root access to a Linux server) environment?Read the article
-
Ignore Apache Default Server?
- by Jakobud
I run several vhosts on our Apache server. Whenever browse the server using either it's IP address or some other name that resolves to that address, but where a virtual host entry doesn't exist for that address I get the generic Apache test page: I want to change the server so I can specify a Virtual Host to see by default instead of the Apache Default Server page. I don't want to just modify the Default Server page either. I just need to be able to specify a Virtual Host to use instead. I added the following Virtual Host: <VirtualHost _default_:*> DocumentRoot /vhosts/default/public </VirtualHost> What I am reading is supposed to take priority over all other Virtual Hosts as the default. But this doesn't seem to take priority over the Apache Default Server/Host. What do I need to do here?Read the article
-
How do I configure apache to accept a client ssl certificate (if present) or authenticate using ldap (if the cert is absent)?
- by jmwood051
I have an Apache server that serves up mercurial repositories and it currently authenticates using ldap credentials. I want to permit a single user (to start with) to use a SSL client certificate, with all remaining users still able to use the ldap credentials authentication method. I have looked through Stack Overflow and other wider (google) searches but can not find information/guidance on how to set this up.Read the article
