Search Results

Search found 3247 results on 130 pages for 'apache2'.

Page 83/130 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

• solr Security help

  - by Camran

  I have solr setup with Jetty on my Ubuntu server. On any computer now, I can type my_ip:8983/solr/ and the page will show upp to anybody. How can I disable this so that only I can access that port and the solr admin? Thanks

  Read the article

• Apache and fastcgi - How to secure an Apache server with fastcgi enabled?

  - by skyeagle

  I am running a headless server on Ubuntu 10.x. I am running Apache 2.2. I am writing a fastcgi application for deployment on the server. I remember reading a while back (I could be wrong) that running CGI (and by implication fastcgi) on a server, can provide 'backdoors' for potential attackers - or at the very least, could compromise the server if certain security measurements are not taken. My questions are: what are the security 'gotcha's that I have to be aware of if I am enabling mod_fastcgi on my Apache server? I want to run the fastcgi as a specific user (with restricted access) how do I do this?

  Read the article

• "Server not found" errors all over after Wordpress installation

  - by picardo

  I uploaded my Wordpress blog from my local machine to Slicehost and then pointed the domain name to the IP address. Then I installed the blog as normal. Once I went to wp-login.php to login, though, I started getting "Server not found" errors. That was strange because the server process was still running, and I checked many times. I can't see anything wrong in the error log, or the access log either. This doesn't only affect Wordpress. I can't access phpmyadmin either now, which was mapped to a subdirectory of the same domain address. What is going on? Can anyone help? Edit: the blog is located on a subdomain. It's still accessible from IP address. The virtual host configs are ServerName and ServerAlias, both set to blog.mysite.com. When I changed those and restarted apache, phpmyadmin came back. Edit: also it's not a propagation issue because I installed the blog from the domain name. It's only when I tried to log into the admin section, I started getting these errors.

  Read the article

• forbidden access on addon domains

  - by ehmad11

  I have one domain hosted on server domain.com, there are about 20 subdomains as addon domains there. For no good reason someone has changed (chgrp) on all files in domain.com directory to domain.com user now all websites are showing 403 forbidden access error. What should i do now to resume websites. I have tried changing php handler but no luck yet :/ php5 handler is suphp and Apache suEXEC is on....

  Read the article

• Returning "200 OK" in Apache on HTTP OPTIONS requests

  - by i..

  I'm attempting to implement cross-domain HTTP access control without touching any code. I've got my Apache(2) server returning the correct Access Control headers with this block: Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "POST, GET, OPTIONS" I now need to prevent Apache from executing my code when the browser sends a HTTP OPTIONS request (it's stored in the REQUEST_METHOD environment variable), returning 200 OK. How can I configure Apache to respond "200 OK" when the request method is OPTIONS? I've tried this mod_rewrite block, but the Access Control headers are lost. RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]

  Read the article

• One specific VirtualHost in MAMP getting all the requests

  - by julien_c

  I'm pulling my hair out over a seemingly trivial issue... I'm using MAMP 2.0 and want to configure a Virtual Host for local development. Here's my httpd-vhosts.conf: NameVirtualHost *:80 <VirtualHost *:80> DocumentRoot /Applications/MAMP/htdocs/mysite/public ServerName mysite.local </VirtualHost> As soon as I add the VirtualHost directive, every request to http://localhost gets redirected to the DocumentRoot specified by mysite.local. Why?

  Read the article

• Serving index.html from a subdirectory

  - by xbonez

  In my document root, I have to directories: home and foobar, both with their own index.html files. How can I set it up so that when someone visits my site at example.com, they see the contents on home/index.html? I tried using an index.php with a redirect in document root, as well as a .htaccess redirect, but both of them change the URL in the browser to example.com/home/, which I would like to ideally avoid.

  Read the article

• Why domain.com appears as theplant.com when hosted on hostgator?

  - by silow

  I have a script that's supposed to detect the url of its caller website. If the caller is another website, it should give something like http://callersite.com. I'm using this line of php code (though I suspect this won't matter for sysadmins) gethostbyaddr($_SERVER['REMOTE_ADDR']) I'm testing with a caller site that's hosted on hostgator. What I'm noticing though is that I don't get callersite.com, I get something like 1a.12.12ab.static.theplanet.com. I don't know what theplanet.com is and why I'm not getting caller site.com. Also what do I need to do to really get the domain of the site making a call to my script? -- Thanks for the explanation. Some have advised I use $_SERVER['HTTP_REFERER'] but it's not what I'm after. My script acts as an API. Another website makes a curl request to it and gets an output and later on presents it to the user. So http referrer gives false since the caller site.com is making a direct call to me. So any hope?

  Read the article

• can't use periods in ServerName/ServerAlias [Lion Apache installation]

  - by punchfacechamp

  I can access my host like this… http://keggyshop but can't use periods… http://keggyshop.edu here's my virtual host directive… <VirtualHost *:80> ServerName keggyshop ServerAlias keggyshop.edu DocumentRoot "~/sites/2012/keggy/web/pages/keggy/120528/sandbox/public" <Directory "~/sites/2012/keggy/web/pages/keggy/120528/sandbox/public"> Options Includes FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost>

  Read the article

• mod_proxy failing as forward proxy in simple configuration

  - by Stabledog

  (On Mac OS X 10.6, Apache 2.2.11) Following the oft-repeated googled advice, I've set up mod_proxy on my Mac to act as a forward proxy for http requests. My httpd.conf contains this: <IfModule mod_proxy> ProxyRequests On ProxyVia On <Proxy *> Allow from all </Proxy> (Yes, I realize that's not ideal, but I'm behind a firewall trying to figure out why the thing doesn't work at all) So, when I point my browser's proxy settings to the local server (ip_address:80), here's what happens: I browse to http://www.cnn.com I see via sniffer that this is sent to Apache on the Mac Apache responds with its default home page ("It works!" is all this page says) So... Apache is not doing as expected -- it is not forwarding my browser's request out onto the Internet to cnn. Nothing in the logfile indicates an error or problem, and Apache returns a 200 header to the browser. Clearly there is some very basic configuration step I'm not understanding... but what?

  Read the article

• Apache Request IP Based Security

  - by connec

  I run an Apache server on my home system that I've made available over the internet as I'm not always at my home system. Naturally I don't want all my home server files public, so until now I've simply had: Order allow, deny Deny from all Allow from 127.0.0.1 in my core configuration and just Allow from all in the htaccess of any directories I wanted publicly viewable. However I've decided a better system would be to centralise all the access control and just require authentication (HTTP basic) for requests not to 127.0.0.1/localhost. Is this achievable with Apache/modules? If so how would I go about it? Cheers.

  Read the article

• Complex Apache Logging

  - by Shishant

  Hello, I have a file hosting site and I want to know what should be the apache log format/code to log records for only filesizes above 5mb that were served as download/output bandwidth So log looks like this visitors_ip filepath(or filename) output bandwidth One more thing data should be recorded ONLY FOR COMPLETED DOWNLOADS which I believe is checked through %X I think output bandwidth is same as the filesize that was served as download if whole file is downloaded. Thank You

  Read the article

• Location Directive in a VirtualHost

  - by Yehia A.Salam

  I'm trying to add server-status location directive under one of my virtual host, however i'm getting a 403 Access Forbidden when browsing to www.mywebsite.com/server-status. Is it legal to put the Location Directive under a virtual host? Edit #1: Full vhost config <VirtualHost *:80> # Admin email, Server Name (domain name) and any aliases ServerAdmin [email protected] ServerName aumento.io ServerAlias www.aumento.io # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /home/cairocubicles/web/aumento.io/public <Directory /home/cairocubicles/web/aumento.io/public> Order Allow,Deny Allow from all Options Indexes FollowSymLinks AllowOverride All AcceptPathInfo On </Directory> <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from aumento.io </Location> # Custom log file locations LogLevel warn ErrorLog /home/cairocubicles/web/aumento.io/log/error.log </VirtualHost>

  Read the article

• CPanel has two entries for site, need to use SSL one

  - by beingalex

  I have a website that is meant to be using SSL, however there are two entries in Cpanel's httpd.conf which seem to be causing an issue. When I visit just www.website.com I require it to go to https://www.website.com. However I have to write the https:// directly for the site to work. The secure site also has a different IP. I am not meant to edit the httpd.conf directly either and am unsure as to how to change the following directives: <VirtualHost 1.1.1.1:80> ServerName website.com ServerAlias www.website.com DocumentRoot /home/websitec/public_html ServerAdmin [email protected] ## User websitec # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup websitec websitec </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup websitec websitec </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid websitec websitec </IfModule> CustomLog /usr/local/apache/domlogs/website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." CustomLog /usr/local/apache/domlogs/website.com combined ScriptAlias /cgi-bin/ /home/websitec/public_html/cgi-bin/ </VirtualHost> <VirtualHost 2.2.2.2:443> ServerName website.com ServerAlias www.website.com DocumentRoot /home/websitec/public_html ServerAdmin [email protected] UseCanonicalName Off CustomLog /usr/local/apache/domlogs/website.com combined CustomLog /usr/local/apache/domlogs/website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User websitec # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup websitec websitec </IfModule> <IfModule !mod_disable_suexec.c> <IfModule !mod_ruid2.c> SuexecUserGroup websitec websitec </IfModule> </IfModule> <IfModule mod_ruid2.c> RUidGid websitec websitec </IfModule> ScriptAlias /cgi-bin/ /home/websitec/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/www.website.com.crt SSLCertificateKeyFile /etc/ssl/private/www.website.com.key SSLCACertificateFile /etc/ssl/certs/www.website.com.cabundle CustomLog /usr/local/apache/domlogs/website.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/websitec/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/ssl/2/websitec/website.com/*.conf" </VirtualHost> As you can see there is obviously the unsecure directive before the secure one. And this is probably the issue, however if I try to change the IP for the site in WHM I get an error saying that the IP (2.2.2.2) is already in use. Which it is I guess. Any help is appreciated.

  Read the article

• Logging the client IP with Nginx/Varnish/Apache

  - by jetboy

  I have Nginx listening on port 443 as an SSL terminator, and proxying unencrypted traffic to Varnish on the same server. Varnish 3 is handling this traffic, and traffic coming in directly on port 80. All traffic is passed, unencrypted, to Apache instances on other servers in the cluster. The Apache instances use mod_rpaf to replace the logged client IP with the contents of the X-Forwarded-For header. My problem is that if the traffic is coming via Nginx, while the 'correct' client IP is getting logged in the VarnishNCSA logs, it looks as if Varnish is (understandably) replacing Nginx's X-Forwarded-For header with 127.0.0.1 downstream, and this is getting logged with Apache. Is there a nice simple way to stop Varnish rewriting X-Forwarded-For if it's already populated?

  Read the article

• REMOTE_USER not getting set?

  - by landed

  I am trying to setup LDAP Authentication in Joomla using a plugin called JMapMyLDAP (in fact 4 plugins each doing a different job). I need to pull a part of a string out of the server variable REMOTE_USER and this should be visible (we see here http://timplummer.com.au/4-how-to-integrate-joomla-3-with-active-directory-using-ldap.html) in phpinfo(); The issue is that REMOTE_USER is not set or at least not appearing. A few things to note (if you don't mind) here- conceptually I am not really understanding authentication as a whole subject it appears to be vast despite my years working in websites. Yes I used asp and built php pages to check a user is who they say they are with a token(/session?) that was given to just them and then they are identified when a stateless request is made to the server. Thats my level of understanding. This sounds different to the basic authentication in apache where a password sits in a file and a username and the user needs to login to a basic form to get access to the folder/docs this is via an .htaccess file. Ok so with the LDAP to work I need to get REMOTE_USER this sounds very reasonable as how else do we know is making the request. Thank you.

  Read the article

• htaccess filesMatch exclusion

  - by Hikari

  I have the following directive in my htaccess <filesMatch "\.(gif|jpe?g|png|js|css|swf|php|ico|txt|pdf|xml|html?)$"> FileETag None <ifModule mod_headers.c> Header unset ETag Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate" Header set Pragma "no-cache" Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT" </ifModule> </filesMatch> I copied that regex from someplace in Web months ago. It should add those headers to any HTTP Response that does NOT have those extensions. But it's not working, it's adding them to any Response. I also need to create another directive to add Header set Cache-Control "max-age=3600, public" to Responses of files that DOES have them. Could anybody help me make proper fileMatch regexes?

  Read the article

• Count requests from access log for the last 7 days

  - by RoboForm

  I would like to parse an access log file and have returned the amount of requests, for the last 7 days. I have this command cut -d'"' -f3 /var/log/apache/access.log | cut -d' ' -f2 | sort | uniq -c | sort -rg Unfortunately, this command returns the amount of requests since the creation of the file and sorts it into HTTP-code categories. I would like just a number, no categories and only for the last 7 days. Thanks.

  Read the article

• Force HTTPS with AWS Elastic load balancer

  - by panos2point0

  I need to redirect all incoming HTTP traffic to HTTPS on my elastic load balancer. I tired using Apache mod_rewrite: RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R] Taking advantage of the X-Forwarded-Proto header added by the load balancer, this rule should instruct the users browser to request the HTTPS version of the same URL. So far It doesn't work (no redirection happens). What am I doing wrong? Is there a better way to do this?

  Read the article

• SVN Active Directory authentication with ProxyPass redirect in the mix

  - by Jason B. Standing

  We have a BitNami SVN stack running on a Windows machine which holds our SVN repository. It's set up to authenticate against our AD server and uses authz to control rights. Everything works perfectly if Tortoise points at http://[machine name]/svn However - we need to be able to access it from http://[domain]/svn. The domain name points to a linux environment that we're decommissioning, but until we do, other systems on that box prevent us from just re-pointing the domain record. Currently, we've got a ProxyPass record on the linux machine to forward requests through to http://[machine name]/svn - it seems to work fine, and the endpoint machine asks for credentials, then authenticates: but when that happens, the access attempt is logged as coming from the linux box, rather than from the user who has authenticated. It's almost like some element of the credentials aren't being passed through to the endpoint machine. Has anyone done this before, or is there other info I can give to try to make sense of this problem, and figure out a way to solve it? Thankyou!

  Read the article

• mod_rewrite changes case even if not matching RewriteCond?

  - by kirdie

  I have a really strange problem with my MediaWiki which I want to have articles of the form mywiki.org/MyArticle. Now I got most of it to work using the following code but it mysteriously cannot display the logo anymore. RewriteEngine On # don't rewrite valid requests to files and directories RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d # mywiki.org/MyArticle gets rewritten to mywiki.org/index.php/MyArticle RewriteRule ^/(.*)$ /index.php/$1 [L,QSA] Now when I type in mywiki.org/img/logo.jpg in my browser the adress changes to http://wiki.geoknow.eu/Img/logo.jpg (capital I) and I get to the empty article page but the image is definitely there (in my document root under the img folder): /var/www/mywiki.org$ ls img logo.jpg So far so bad. But now it gets really crazy: When I add RewriteCond %{REQUEST_URI} !^/.*\.jpg my adress still gets rewritten and my access log says - - [05/Dec/2012:16:30:21 +0100] "GET /Img/geoknow_logo.jpg HTTP/1.1" 404 509 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Firefox/17.0" Where does that capital I in Img come from? The rule is not even executed because at least one condition is definitely not met now and I also don't have any to lowercase-transformation defined anywhere. What is happening there and how can I repair this? P.S.: Now all of the sudden the problem went away (the image is displayed as it should and there is no capital replacement anymore. What can cause this and why does it spontanously appear and disappear?

  Read the article

• Apache forwarding to tomcat shows a blank page

  - by MNS

  I have an application running on tomcat at http ://www.example.com:9090/mycontext. The host name in server.xml points to www .example.com. I do not have localhost anymore. I am using apache to forward requests to tomcat using mod_proxy. Things work fine as long as the ProxyPath is /mycontext. The server name setup in virtual host is www .abc.com and http ://www.abc.com/mycontext works fine. However I would like to ignore the context path and simply use http://www.abc.com/ to forward requests to http://www.example.com:9090/mycontext. When I do this, apache shows me a blank page. What am I missing here? I have not changed anything in server.xml except the default host to www .example.com. <VirtualHost *:80> ServerName www.abc.com ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://www.example.com:9090/mycontext ProxyPassReverse / http://www.example.com:9090/mycontext </VirtualHost> Thanks

  Read the article

• why Apache with ssl but back end weblogic without ssl works?

  - by huangli

      Hello everyone. my question is very simple . The link below is a picture about my architecture. https://docs.google.com/open?id=0BxSXbpgYIZVOR212RVk4ZDN1Sm8.      The pic above shows the architecture right now and it works correctly ! which means I could visit apache with url https//apchehost:8080, could not visit the web app with https served by weblogic but I could visit these app with https served by Apache(Apache is proxy server).      My question is why the Apache is configured with ssl but weblogic without ssl works ? I think weblogic should also configured with ssl . If this works , what about security level ? Is the ssl really works if only Apache configured with ssl but Weblogic without it ? Thanks . condition: Apache 2.2.17 with weblogic module mod_wl_22.so Weblogic: 10.3 OS: Windows server 2003

  Read the article

• Apache RewriteEngine, redirect sub-directory to another script

  - by Niklas R

  I've been trying to achieve this since about 1.5 hours now. I want to have the following transformations when requesting sites on my website: homepage.com/ => index.php homepage.com/archive => index.php?archive homepage.com/archive/site-01 => index.php?archive/site-01 homepage.com/files/css/main.css => requestfile.php?css/main.css The first three transformations can be done by using the following: RewriteEngine on RewriteRule ^/?$ index.php RewriteRule ^/?(.*)$ index.php?$1 However, I'm stuck at the point where all requests to the files subdirectory should be redirected to requestfile.php. This is one of the tries I've done: RewriteEngine on RewriteRule ^/?$ index.php RewriteRule ^/?files/(.+)$ requestfile.php?$1 RewriteRule ^/?(.*)$ index.php?$1 But that does not work. I've also tried to put [L] after the third line, but that didn't help as I'm using this configuration in .htaccess and sub-requests will transform that URL again, etc. I fuzzed with the RewriteCond command but I couldn't get it to work. How needs the configuration to look like to achieve what I desire?

  Read the article

• passenger and apache memory usage

  - by Brent Faulkner

  On a "CentOS release 6.2 (Final)" server (with Ruby 1.9.3 and Rails 3.2), and using more memory than expected. Looking at passenger-memory-stats I see a couple of HUGE httpd processes... any thoughts on how I can figure out what's going on and reduce the memory usage? Stats are included here... thanks! ---------- Apache processes ----------- PID PPID VMSize Private Name --------------------------------------- 1371 1 202.1 MB 0.1 MB /usr/sbin/httpd 4573 1371 210.2 MB 5.0 MB /usr/sbin/httpd 4778 1371 202.5 MB 0.6 MB /usr/sbin/httpd 4780 1371 217.6 MB 9.4 MB /usr/sbin/httpd 4781 1371 217.1 MB 9.1 MB /usr/sbin/httpd 4856 1371 202.4 MB 0.5 MB /usr/sbin/httpd 4863 1371 204.1 MB 2.1 MB /usr/sbin/httpd 5027 1371 202.4 MB 0.5 MB /usr/sbin/httpd 5043 1371 202.4 MB 0.4 MB /usr/sbin/httpd 5044 1371 205.5 MB 2.7 MB /usr/sbin/httpd 5072 1371 202.4 MB 0.5 MB /usr/sbin/httpd 5084 1371 202.4 MB 0.5 MB /usr/sbin/httpd 32111 1371 1297.0 MB 246.5 MB /usr/sbin/httpd 32579 1371 1914.3 MB 215.5 MB /usr/sbin/httpd ### Processes: 14 ### Total private dirty RSS: 493.42 MB -------- Nginx processes -------- ### Processes: 0 ### Total private dirty RSS: 0.00 MB ----- Passenger processes ----- PID VMSize Private Name ------------------------------- 4180 280.5 MB 24.4 MB Passenger ApplicationSpawner: /var/www/apps/people/current 4345 309.5 MB 53.4 MB Rack: /var/www/apps/people/current 4800 300.2 MB 55.2 MB Rack: /var/www/apps/people/current 4808 297.8 MB 52.5 MB Rack: /var/www/apps/people/current 4815 297.4 MB 52.4 MB Rack: /var/www/apps/people/current 4822 302.7 MB 55.6 MB Rack: /var/www/apps/people/current 22780 209.0 MB 0.0 MB PassengerWatchdog 22783 991.5 MB 1.3 MB PassengerHelperAgent 22785 113.4 MB 1.1 MB Passenger spawn server 22788 144.6 MB 0.0 MB PassengerLoggingAgent 22911 310.4 MB 64.0 MB Rack: /var/www/apps/people/current 22939 311.6 MB 53.5 MB Rack: /var/www/apps/people/current 26175 304.1 MB 55.8 MB Rack: /var/www/apps/people/current 26182 310.4 MB 44.0 MB Rack: /var/www/apps/people/current ### Processes: 14 ### Total private dirty RSS: 513.24 MB

  Read the article

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >