Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 130/596 | < Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >

  • Reserve one http slot for /server-status?

    - by Stefan Lasiewski
    I have an Apache server which is hanging for some reason. When I normally want to check on the load of an Apache server, I tend to use mod_status via the URL at http://webserver1.example.org/server-status or from the commandline like service httpd fullstatus. However today, the Server is refusing all new connections. Some mysterious problem is causing connections to stall, which means that number of connections fills up all available connections (e.g. The number of connects exceeds the MaxClients setting), and therefore neither http://webserver1.example.org/server-status nor service httpd fullstatus can return anything. Is it possible to configure Apache to reserve one or two slots for the mod_status pages?

    Read the article

  • Rewrite for robots.txt and favicon.ico [closed]

    - by BHare
    I have setup some rules in which subdomains (my users) will default to where I have located the robots.txt, favicon.ico, and crossdomain.xml therefore if a user creates a site say testing.mywebsite.com and they don't make their own favicon.ico at testing.mywebsite.com/favicon.ico, then it will use the favicon.ico I have in /misc/favicon.ico This works perfect, but it doesn't work for the main website. If you attempt to go to mywebsite.com/favicon.ico it will check if "/" exists, in which it does. And then never redirects to /misc/favicon.ico How can I get it so both instances redirect to /misc/favicon.ico ? # Set all crossdomain (openpalace file) favorite icons and robots.txt doesnt exist on their # side, then redirect to site's just to have something to go on. RewriteCond %{REQUEST_URI} crossdomain.xml$ RewriteCond ^(.+)crossdomain.xml !-f RewriteRule ^(.*)$ /misc/crossdomain.xml [L] RewriteCond %{REQUEST_URI} favicon.ico$ RewriteCond ^(.+)favicon.ico !-f RewriteRule ^(.*)$ /misc/favicon.ico [L] RewriteCond %{REQUEST_URI} robots.txt$ RewriteCond ^(.+)robots.txt !-f RewriteRule ^(.*)$ /misc/robots.txt [L]

    Read the article

  • Can't copy Ilias-folder via FQDN, but via ip-address?

    - by Lars
    I have an Ilias-Installation, which is available through two virtual hosts: the FQDN and the ip-address. The first server is ssl only, the second plain http. Both configuration files look the same except for the SSL-part: SSLEngine on SSLCertificateFile /etc/apache2/ssl/ilias.pem In the Ilias-Webinterface, I can copy a folder on the plain http. But if I try to copy the same folder on the ssl virtual host, I get the notice, that the copy was started (rough german translation here), but the folder does not show up. There are no errors in the error-logs of php or the webserver and as said, no differences beside the ssl-part. The guys at an ilias-forum did not have an idea, either. Any ideas in here?

    Read the article

  • how to rewrite '%25' in url

    - by nn4l
    My website software replaces space characters with '+' characters in the URL, A proper link would look like 'http://www.schirmacher.de/display/INFO/How+to+reattach+a+disk+to+XenServer' for example. Some websites link to that article but somehow their embedded editor can't handle the encoding, so what I see in the httpd log files is actually GET /display/INFO/How%2525252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer which of course leads to a 404 error. It seems that the '+' character is encoded as '%2b' and then the '%' character is encoded as '%25' - several times. Since there are many such references to different pages from different websites, I would like to rewrite the url so that the visitors get the correct page. Here's my attempt which does not work: RewriteRule ^(.*)%25(.*)$ $1%$2 [R=301] What it is supposed to do is: take everything before the %25 string and everything after it, concat those strings with a '%' in between, then redirect. With the example input URL the rule should rewrite to /display/INFO/How%25252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer followed by a redirect, then it should rewrite to /display/INFO/How%252bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer and again to /display/INFO/How%2bto%2525252breattach%2525252ba%2525252bdisk%2525252bto%2525252bXenServer and so on. Finally, after a lot of redirects I should have left /display/INFO/How%2bto%2breattach%2ba%2bdisk%2bto%2bXenServer which is a valid url equivalent to /display/INFO/How+to+reattach+a+disk+to+XenServer. My problem is that the expression does not match at all, so it does not even replace a single occurrence of %25. I understand that there is a limit in the number of redirects and I should really use the [N] flag however I don't even get the first step right.

    Read the article

  • rewrite redirect issue in debian squeeze

    - by hd01
    My server os is debian squeeze. I have these lines to redirect non-www to www in htaccess file of my website: RewriteCond %{HTTP_HOST} !^www\.example\.com$ [NC] RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301] but it cause this error in firefox: The page isn't redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete. This problem can sometimes be caused by disabling or refusing to accept cookies. when I comment those lines in htaccess mysite appears but in non-www format. I'm sure it works well before on the Ubuntu . but I don't know why it doesn't work now. would you help me?

    Read the article

  • How to combine RewriteRule of index.php and queries rewrite and avoid Server Error 404?

    - by Binyamin
    Both RewriteRule's works fine, except when used together. 1.Remove all queries except query ?callback=.*: # /api?callback=foo has no rewrite # /whatever?whatever=foo has 301 redirect /whatever RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^?#\ ]*)\?[^\ ]*\ HTTP/ [NC] RewriteCond %{REQUEST_URI}?%{QUERY_STRING} !/api(/.*)?\?callback=.* RewriteRule .*$ %{REQUEST_URI}? [R=301,L] 2.Rewrite index.php queries api and url=$1: # /api returns data index.php?api&url= # /api/whatever returns data index.php?api&url=whatever RewriteRule ^api(?:/([^/]*))?$ index.php?api&url=$1 [QSA,L] RewriteRule ^([^.]*)$ index.php?url=$1 [QSA,L] Any valid combination to this RewriteRule's on keeping its functionality? This combination will return Server Error 404 to /api/?callback=foo: # Remove all queries except query "callback" RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /([^?#\ ]*)\?[^\ ]*\ HTTP/ [NC] RewriteCond %{REQUEST_URI}?%{QUERY_STRING} !/api(/.*)?\?callback=.* RewriteRule .*$ %{REQUEST_URI}? [R=301,L] # Rewrite index.php queries RewriteCond %{REQUEST_URI}?%{QUERY_STRING} !/api(/.*)?\?callback=.* # Server Error 404 on /api/?callback=foo and /api/whatever?callback=foo RewriteRule ^api(?:/([^/]*))?$ index.php?api&url=$1 [QSA,L] RewriteCond %{REQUEST_URI}?%{QUERY_STRING} !/api(/.*)?\?callback=.* RewriteRule ^([^.]*)$ index.php?url=$1 [QSA,L]

    Read the article

  • Apply SetEnvIf after Apache RewriteRule

    - by coneybeare
    I have a working apache rewrite rule: RewriteCond %{HTTP_HOST} ^.*foo.com RewriteRule (.*) http://bar.com$1 [R=301,QSA,L] and some working dontlog SetEnvIfs: SetEnvIf Request_URI "^/server-status$" dontlog SetEnvIf Request_URI "^/home/ping$" dontlog SetEnvIf Request_URI "^/haproxy-status$" dontlog SetEnvIf User-Agent ".*internal dummy connection.*" dontlog CustomLog /var/log/apache2/access.log combined env=!dontlog but I can't figure out how to stop the RewriteRule from logging a duplicate line. foo.com and bar.com are both on the same machine. I would expect this rule to work, but it did not: SetEnvIf Host "foo.com" dontlog I still get duplicates in the Apache Log: 10.250.18.97 - - [06/Apr/2012:16:57:12 +0000] "GET / HTTP/1.1" 200 732 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.5 Safari/534.55.3" 68.194.30.42 - - [06/Apr/2012:16:57:12 +0000] "GET / HTTP/1.1" 200 732 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/534.55.3 (KHTML, like Gecko) Version/5.1.5 Safari/534.55.3" .... where 10.250.18.97 is the server's IP. How can I prevent that RewriteRule from logging?

    Read the article

  • HTACCESS Rewrite problem

    - by TiuTalk
    I have this folder structure: /var/www/mysite/abc/ /var/www/mysite/def/ /var/www/mysite/fgh/ /var/www/mysite/ijk/ /var/www/mysite/portal/ /var/www/mysite/wyz/ Today's my server is redirecting all requests of www.mydomain.com to www.mydomain.com/portal and that's ok... But I want to modify this behavior and keep www.mydomain.com acessing the /var/www/mysite/portal/ folder on background while www.mydomain.com/abc/ still acessing the /var/www/mysite/abc/ folder as before. That's what i've tried without sucess on my htaccess: IndexIgnore * Options +FollowSymlinks <IfModule mod_rewrite.c> RewriteEngine On #This doesn't work!!! #RewriteCond %{REQUEST_URI} !^abc #Neither this :\ #RewriteCond %{REQUEST_URI} !^/abc RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^$ /portal/index.php [L] RewriteRule . /portal/index.php [L] </IfModule> All requests keep goin to www.mydomain.com/portal/ when I use this .htaccess (with or without the commented lines)

    Read the article

  • Apache trailing slash added to files problem

    - by Francisc
    Hello! I am having a problem with Apache. What it does is this: Take /index.php file containing an code with src set to relative path myimg.jpg, both in the root of my server. So, www.mysite.com would show the image as would www.mysite.com/index.php. However, if I access www.mysite.com/index.php/ (with a trailing slash) it does the odd thing of executing index.php code as it would be inside an index.php folder (e.g. /index.php/index.php), thus not showing the image anymore. This is a simple example that's easy to solve with absolte addressing etc, the problem I am getting from this a security one that's not so easily fixed. So, how can I get Apache to give a 403 or 404 when files are accessed "as folders"? Thank you.

    Read the article

  • Apache rewrite rule to remove index.php and direct certain areas to https

    - by Stephen Martin
    I have a codeignitor application running on Apache2, I have managed to remove the index.php from the urls with this .htaccess RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php/$0 [PT,L] now I want to make certain parts of the site redirect to https, I tried this: RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php/$0 [PT,L] RewriteRule ^/?cpanel/(.*) https://%{SERVER_NAME}/cpanel/$1 [R,L] RewriteRule ^/?login/(.*) https://%{SERVER_NAME}/cpanel/$1 [R,L] But it doesn't work. I have to say when it comes to Apache rewrites im a noob. I can't find any tutorials on how to remove index.php and rewrite/redirect certain parts of the site to https. Any ideas, Thanks.

    Read the article

  • What rights does an employer have to the employee's computer?

    - by Terrence Brannon
    What access rights should an employee grant an employer for a work computer? For instance, let's assume that the business people come to the IT lab late at night for discussions with the CIO and they use my computer for reading email and general web surfing. In a sense, this means that they are taking full or partial responsibility for any security issues that crop up that get traced back to the employee's machine. Perhaps the proper way to provide a computer to an employee is to give him full and exclusive use of it while employed. Only supervised access (such as hardware/software maintenance) should be acceptable.

    Read the article

  • Lighttpd mod_rewrite conversion from .htaccess format

    - by hoball
    Hello, I am using lighttpd as webserver and is having an issue about mod_rewrite. Currently I have a set of Apache .htaccess rewrite rules from a PHP script: RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-l RewriteRule ^(.*)$ index.php [QSA,L] In my understanding, if the requested URI is not a file/directory/sym-link, append it to index.php eg. www.a.com/hello/world --> www.a.com/index.php/hello/world I attempted to convert to lighttpd specification: url.rewrite-if-not-file = ( "^(.*)$" = "index.php/$1" ) However, it doesn't work. I suspect that is due to misuse of $1. I tried to use $0/%0 or something else but they fail. Would you please provide me a hint on making the syntax work? Thank you!

    Read the article

  • Enabling the Power State Change Beep

    - by digitxp
    I have a Thinkpad T430s. I found on other Thinkpads there's a beep when you plug or unplug the AC cord. While I hear a lot of people say it's annoying it seems like a very useful security feature. However, when I go into the Power Manager the option to beep on plugging/unplugging ("Power State Change Beep") isn't there, even though it's in the help file already. I know it would be easy to rig a software solution to this event, but it would kind of defeat the purpose if it doesn't beep when it's in sleep. Is there a way to get this beep on my laptop?

    Read the article

  • Redirect Root Directory to Subdirectory using mod_rewrite

    - by manyxcxi
    I am trying to redirect /folder to / using .htaccess but all am I getting is the Apache HTTP Server Test Page. My root directory looks like this: / .htaccess -/folder -/folder2 -/folder3 My .htaccess looks like this: RewriteEngine On RewriteCond %{REQUEST_URI} !^/folder/ RewriteRule (.*) /folder/$1 What am I doing wrong? I checked my httpd.conf (I'm running Centos) and the mod_rewrite library is being loaded. As a side note, my server is not a www server, it's simply a virtual machine so it's hostname is centosvm.

    Read the article

  • Setup Apache + mod_wsgi: incorrect function

    - by TiagoOliveira
    I'm trying to setup an apache http server with mod_wsgi on a windows machine, but when I start the service, it fails to launch. In the Windows Event Log I get the following message: The Apache2 service terminated with the following service-specific error: Incorrect function. In running a Windows 8 - 64 bits machine, with Apache 2.0.64 32 bits Python 2.7.8 32 bits mod_wsgi 3.5 32 bits I looked around the web, but all the problem but everywhere says that it's a problem with the architecture of the software, but I already installed them all with the 32 bits version.

    Read the article

  • Empty rewrite.log on Windows, RewriteLogLevel is in httpd.conf

    - by ripper234
    I am using mod_rewrite on Apache 2.2, Windows 7, and it is working ... except I don't see any logging information. I added these lines to the end of my httpd.conf: RewriteLog "c:\wamp\logs\rewrite.log" RewriteLogLevel 9 The log file is created when Apache starts (so it's not a permission problem), but it remains empty. I thought there might be a conflicting RewriteLogLevel statement somewhere, but I checked and there isn't. What else could cause this? Could this be caused by Apache not flushing the log file? (I closed it by hitting CTRL-C on the httpd.exe command ... this caused the access logs to be flushed to disk, but still nothing in rewrite.log) My (partial) httpd-vhosts.conf: <VirtualHost *:80> ServerAdmin webmaster@localhost ServerName my.domain.com DocumentRoot c:\wamp\www\folder <Directory c:\wamp\www\folder> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule . everything-redirects-to-this.php [L] </IfModule> </Directory> </VirtualHost>

    Read the article

  • SSLVerifyClient optional with location-based exceptions

    - by Ian Dunn
    I have a site that requires authentication in order to access certain directories, but not others. (The "directories" are really just rewrite rules that all pass through /index.php) In order to authenticate, the user can either login with a standard username/password, or submit a client-side x509 certificate. So, Apache's vhost conf looks something like this: SSLCACertificateFile /etc/pki/CA/certs/redacted-ca.crt SSLOptions +ExportCertData +StdEnvVars SSLVerifyClient none SSLVerifyDepth 1 <LocationMatch "/(foo-one|foo-two|foo-three)"> SSLVerifyClient optional </LocationMatch> That works fine, but then large file uploads fail because of the behavior documented in bug 12355. The workaround for that is to set SSLVerifyClient require (or optional) as the default, so now the conf looks like this SSLCACertificateFile /etc/pki/CA/certs/redacted-ca.crt SSLOptions +ExportCertData +StdEnvVars SSLVerifyClient optional SSLVerifyDepth 1 <LocationMatch "/(bar-one|bar-two|bar-three)"> SSLVerifyClient none </LocationMatch> That fixes the upload problem, but the SSLVerifyClient none doesn't work for bar-one, bar-two, etc. Those directories are still prompted to present a certificate. Additionally, I also need the root URL to accessible without the user being prompted for a certificate. I'm afraid that will cancel out the workaround, though.

    Read the article

  • Flush mod_pagespeed cache in Debian

    - by Ivar
    I need a way to flush the mod_pagespeed cache while developing. According to mod_pagespeed documents, I should run the following command: sudo touch /var/mod_pagespeed/cache/cache.flush In Debian it's "su" instead of "sudo". However, it doesn't work for me; there's no "touch" command, nor is there any "cache.flush" file in the defined directory. Have I missed something? You kick-ass Linux users, please be humble - I'm pretty new to these stuff. Thank you in advance!

    Read the article

  • RewriteRule in htaccess in subdirectory

    - by Jay
    Windows server, running Apache. In my Apache conf, I have AllowOverride None for the root of a site and then I have a subdirectory set to AllowOverride All: <Directory /> AllowOverride None </Directory> <Directory "/safe/"> AllowOverride All </Directory> However, when I try to set up a rewrite rule in the subdirectory's htaccess file, nothing happens, I just get a 404 page not found error. Example: RewriteEngine On RewriteRule (.*) /blah?test=$1 [R=302,NC,NE,L] Rwewriting URLs are working fine from the root via the Apache conf. I don't understand why the rule is ignored. I don't want to do the URL re-writing within the conf because for this case I may need to be changing the redirects constantly and don't want to reload the server every time a change is made. I also don't want to affect server performance by enabling htaccess files site-wide, just in the subdirectory I need it.

    Read the article

  • Why does Windows Firewall show "Unidentified network" as one of my "Active public networks"?

    - by MousePad
    I have a machine that has wifi and ethernet. I have wifi active, and am not using ethernet. My Windows firewall shows two active networks, one is the wifi network I connect to, and the other is "Unidentified network". What is this unidentified network? I can't seem to be able to get rid of it because I can't find where it is even defined. How can you detect this and know whether this is just something appropriate or possibly a security problem? I am on Windows 7 64bit.

    Read the article

  • Help on using mod_rewrite to serve I18N static site

    - by Guandalino
    My static site www.example.com is translated in different languages and files are organized in this hierarchy: / /de index.html seite-1.html /en index.html page-1.html /it index.html pagina-1.html The root contains no files, just one subdirectory for each language the site is translated in, while subdirectories contain pages translated (both content and file name are) in the language corresponding to subdirectory name, de, en, it, etc. The question is: how to configure mod_rewrite so that when a client visits www.example.com it is taken to the correct version of the site, falling back to english version if the required locale is not supported (i.e. Accept-Language header doesn't exist or specifies a language for which the site is not available, e.g. fr)? Thanks for any pointer, I'm here to provide further details or feedback! Best regards

    Read the article

  • Is it secure to store the cert/key on a private AMI?

    - by Phillip Oldham
    Are there any major security implications to bundling a private AMI which contains the private key/certificate & environment variables? For resiliency I'm creating an EC2 image which should be able to boot and configure itself without any intervention. After boot it will attempt to: Attach & mount specific EBS volume(s) Associate a specific Elastic IP Start issuing backups of the EBS volume(s) to S3 However, to do this it will need the private key/pem files and will need certain environment variables to be available on start-up. Since this is a private AMI I'm wondering if it will be "safe" to store these variables/files directly in the image so that I don't need to specify any user-data information and can therefore start a new instance remotely (from my iPhone, if needed) should the instance be terminated for any reason.

    Read the article

  • Redirect Web Subfolder to Root (/folder to /)

    - by manyxcxi
    I am trying to redirect /folder to / using .htaccess but all am I getting is the Apache HTTP Server Test Page. My root directory looks like this: / .htaccess -/folder -/folder2 -/folder3 My .htaccess looks like this: RewriteEngine On RewriteCond %{REQUEST_URI} !^/folder/ RewriteRule (.*) /folder/$1 What am I doing wrong? I checked my httpd.conf (I'm running Centos) and the mod_rewrite library is being loaded. As a side note, my server is not a www server, it's simply a virtual machine so it's hostname is centosvm. Addition: My httpd.conf looks like so: <VirtualHost *:80> ServerName taa.local DocumentRoot /var/www/html SetEnv APPLICATION_ENV "dev" Alias /taa /var/www/html/taa/public <Directory /var/www/html/taa/public> DirectoryIndex index.php AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost>

    Read the article

  • Avoid Apache's mod_status being exposed by Varnish

    - by Peteris Caune
    An Ubuntu 9.04 box running Apache on 8080 and Varnish on 80. Recently set up Munin and was wondering why Apache graphs are empty. Saw from the logs that Munin is accessing /server-status?auto and getting 403 Forbidden back. So I edited /etc/apache2/monds-enabled/status.conf to allow access from 127.0.0.1. But doing this actually made /server-status public, since requests coming through Varnish appear to come from 127.0.0.1 too. So the question is, how do I configure mod_status to be accessible only by munin-node and not by Varnish?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 126 127 128 129 130 131 132 133 134 135 136 137  | Next Page >