Search Results

Search found 9816 results on 393 pages for 'named conf'.

Page 117/393 | < Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >

• Nginx + Apache + Wordpress redirects to localhost/127.0.0.1

  - by jcrcj

  Anyone know how to fix an issue with Nginx + Apache + Wordpress redirecting to localhost/127.0.0.1? I've tried a lot of different fixes, but none have worked for me. I can go to http://domain.com/wp-admin just fine and use everything there normally. But if I try to go to http://domain.com it redirects to 127.0.0.1. Everything also works fine if I just run through Apache. Here are the relevant portions of my nginx.conf: server { listen 80; server_name domain.com; root /var/www/html/wordpress; location / { try_files $uri $uri/ /index.php; } location ~ \.php$ { proxy_pass http://127.0.0.1:8080; } } Here are the relevant portions of my httpd.conf: Listen *:8080 ServerName <ip> <VirtualHost *:8080> ServerAdmin test@test DocumentRoot /var/www/html/wordpress ServerName domain.com </VirtualHost> This is what my nginx log loks like: <ip> - - [19/Jun/2012:22:35:35 +0400] "GET / HTTP/1.1" 301 0 "-" "Mozilla/5.0 This is what my httpd log looks like: 127.0.0.1 - - [19/Jun/2012:22:24:46 +0400] "GET /index.php HTTP/1.0" 301 - "-" -- WordPress Address (URL) and Site Address (URL) both have same http://domain.com

  Read the article

• How Would I Restrict a Linux Binary to a Limited Amount of RAM?

  - by Ken S.

  I would like to be able to limit an installed binary to only be able to use up to a certain amount of RAM. I don't want it to get killed if it exceeds it, only that that would be the max amount that it could use. The problem I am facing is that I am running an Apache 2.2 server with PHP and some custom code that a developer is writing for us. The problem is that somewhere in there code they launch a PHP exec call that launches ImageMagick's 'convert' to create a resized image file. I'm not privy to a lot of details to the project or the code, but need to find a solution to keep them from killing the server until they can find a way to optimize the code. I had thought that I could do this with /etc/security/limits.conf and setting a limit on the apache user, but it seems to have no effect. This is what I used: www-data hard as 500 If I understand it correctly, this should have limited any apache user process to a maximum to 500kb, however, when I ran a test script that would chew up a lot of RAM, this actually got up to 1.5GB before I killed it. Here is the output of 'ps auxf' after the setting change and a system reboot: USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 5268 0.0 0.0 401072 10264 ? Ss 15:28 0:00 /usr/sbin/apache2 -k start www-data 5274 0.0 0.0 402468 9484 ? S 15:28 0:00 \_ /usr/sbin/apache2 -k start www-data 5285 102 9.4 1633500 1503452 ? Rl 15:29 0:58 | \_ /usr/bin/convert ../tours/28786/.…. www-data 5275 0.0 0.0 401072 5812 ? S 15:28 0:00 \_ /usr/sbin/apache2 -k start Next I thought I could do it with Apache's RlimitMEM setting, but get the same result of it not getting limited. Here is what I have in my apache.conf file: RLimitMEM 500000 512000 It wasn't until many hours later that I figured out that if the process actually reached that amount that it would die with an OOM error. Would love any ideas on how to set this limit so other things could function on the server, and all of them could play together nicely.

  Read the article

• Fresh install CentOS 6.4 64b with directadmin slowly consumes all memory and crashes

  - by Coen Ponsen

  Dear server fault community, This is my first question on server fault, i'm new to server (mis)configuration so please forgive me for asking something stupid :) I'm running Directadmin on a CentOS 6.4 64b with 4GB memory and over 10000Gh virtual machine. I migrated my websites because my former vps couldn't keep up anymore. Only half of the websites from this 1GB machine were migrated jet. So the migration is still in progress and already my server crashes every day. The server performance up until that moment is perfect. The directadmin log files show nothing out of the ordinary. Yesterday only the mysql server crashed but it also crashed the entire machine before. The memory usage in DA seems to be normal: directadmin directadmin (pid 3923 22158 22159 22160 22161 22162 )8.75 MB dovecot dovecot (pid 3851 ) 47.8 MB exim exim (pid 1350 ) 1.29 MB httpd (pid 21525 21528 21529 21530 21531 21532 21546 21571 21742 21743 21744 )490.4 MB mysqld mysqld (pid 1299 ) 287.8 MB named named (pid 3807 ) 16.3 MB proftpd proftpd (pid 1481 ) 1.91 MB sshd sshd (pid 1173 21494 ) 5.16 MB Restarting services immediately frees up memory, but slowly over time the memory usage increases(about 24 hours to crash). The commands: # sync # echo 3 > /proc/sys/vm/drop_caches Will free al memory correct. I could just create a cronjob but it seems the wrong way around to me. I can't seem to pinpoint the cause. Any advices, references or tips are highly appreciated! Greetings, Coen edit: free -m : after drop_caches: total used free shared buffers cached Mem: 3830 735 3095 0 0 21 -/+ buffers/cache: 712 3117 Swap: 991 0 991 I'll post another one this evening.

  Read the article

• How to I configure open_basedir parameter under my Centos VPS?

  - by deltanovember

  The parameter can be seen here http://wordswithfriends.net/test.php open_basedir /var/www/vhosts/wor.wordswithfriends.net/wordswithfriends.net/:/tmp I'm trying to add PHP pear directories /var/www/vhosts/wor.wordswithfriends.net/conf is as follows -rw-r----- 1 root apache 6461 Jan 25 08:56 12959674170.16899500_httpd.include -rw-r----- 1 root apache 6461 Jan 31 06:52 12960111810.31860800_httpd.include -rw-r----- 1 root apache 6532 Jan 31 06:55 12964785250.54523600_httpd.include -rw-r----- 1 root apache 6532 Jan 31 07:01 12964788880.47252600_httpd.include -rw-r----- 1 root apache 6532 Jan 31 15:54 12965108850.92819600_httpd.include -rw-r----- 1 root apache 6652 Jan 31 21:32 12965206700.32285200_httpd.include Currently configured as follows grep base 12965206700.32285200_httpd.include php_admin_value open_basedir /var/www/vhosts/wor.wordswithfriends.net/httpdocs/:/tmp/:/usr/share/pear/:/local/PEAR/ php_admin_value open_basedir /var/www/vhosts/wor.wordswithfriends.net/httpdocs/:/tmp/:/usr/share/pear/:/local/PEAR/ php_admin_value open_basedir /var/www/vhosts/wor.wordswithfriends.net/httpdocs/:/tmp/:/usr/share/pear/:/local/PEAR/ php_admin_value open_basedir /var/www/vhosts/wor.wordswithfriends.net/httpdocs/:/tmp/:/usr/share/pear/:/local/PEAR/ Configured vhost.conf as follows <Directory /var/www/vhosts/wor.wordswithfriends.net/wordswithfriends.net> <IfModule sapi_apache2.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts/wor.wordswithfriends.net:/tmp:/usr/share/pear/local/PEAR" </IfModule> <IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts/wor.wordswithfriends.net:/tmp:/usr/share/pear:/local/PEAR" </IfModule> </Directory> Restarted apache and the parameter is still the same. I'm not sure why my pear directories are not showing up. I'm using Plesk. Any help appreciated

  Read the article

• unicorn and nginx, went wrong

  - by achempion

  I try to deploy my app via capistrano. It was done, but when I start to nginx and show my site in the browser I see 'We're sorry, but something went wrong.' It is bad. I use unicorn. See my configs https://gist.github.com/3904032 I try to start server via rails s -e prodiction and it's work! I think that this error may be because I can't restart server root@li272-194:~# /etc/init.d/nginx restart Restarting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: still could not bind() nginx. any ideas? nginx log 2012/10/17 02:57:41 [error] 3271#0: *1 could not find named location "@myapp", client: 91.192.62.77, server: 178.79.153.194, request: "GET / HTTP/1.1", host: "178.79.153.194" 2012/10/17 02:19:08 [crit] 2448#0: *8 connect() to unix:/srv/zarcon/shared/unicorn.sock failed (2: No such file or directory) while connecting to upstream, client: 91.192.62.77, server: zarkon, request: "GET / HTTP/1.1", upstream: "http://unix:/srv/zarcon/shared/unicorn.sock:/", host: "178.79.153.194"

  Read the article

• Apache Server with memcache, varnish and php slow request times

  - by coolestdude1

  My issue is that these servers are taking rather long for request about 2 seconds on average just to serve files. When we had just one server doing everything it was noticeably faster even with the same web app (Drupal 6 and Drupal 7). I want to get this number down to a reasonable level and so I need some help getting to the bottom of why the request times are so slow. This can cause the webapp to hang on post or put and generally leads to a bad user experience on my sites. PS: I am more of a server newbie so this has confounded me for quite some time. The domains: collabornation.net nptrainingworks.com (they run off the same two webservers using vhost configs) The Gear: Two Rackspace 4 Gig servers running CentOS 6.2 Final They have a mounted file system (gluster) that is used to keep files the same on both machines. They are behind a rackspace load balancer running round robin. Mysql is run using php-pdo and php-mysql as such mysql is run on another instance running memcache on that machine with phpMyAdmin located there as well. Apache version number 2.2.15-15.el6.centos.1 (httpd.x86_64) Varnish version number 3.0.2-1.el5 (varnish.x86_64) PHP version number 5.3.14-1.el6.remi (php.x86_64) Configs Linked Below Apache Conf Vhost Conf Varnish Backends Varnish Defaults Varnish Acl PHP INI Again need some help, much appreciated!

  Read the article

• 85 Hz on old/new driver looks the same like 75 Hz on previous one?

  - by jon

  I have old philips 107T5 CRT and Nvidia graphics card. I used old Nvidia driver (but it wasn't 'legacy' one when I installed it) for few years but recently I decided to install other Linux distribution. I used 75 Hz refresh rate and 1024x768 resolution on my previous distribution. After I installed the new distribution I had to install a Nvidia driver so I downloaded one from the Nvidia site (this time only legacy supported my card so I downloaded legacy and installed it). It wasn't automatically updating xorg.conf but I had my previous xorg.conf copy and I used it. When I run X I could only choose 85 and 75 Hz, 85 was checked as default. And now what shocks me: that default 85 Hz looks identically like 75 Hz on previous driver looked (at least to me). I tried 75 Hz out of curiosity and it's too bright, hurts, etc. But on the previous driver 75 Hz wasn't hurting my eyes. Why is it different? It's the same number after all, so it should always give the same results, right? That's my first question. Second question: Is 85 Hz OK for that monitor model? Would it break it? I tried to find the optimal refresh rate for this model but couldn't find it.

  Read the article

• Apache load balancer with https real servers and client certificates

  - by Jack Scheible

  Our network requirements state that ALL network traffic must be encrypted. The network configuration looks like this: ------------ /-- https --> | server 1 | / ------------ |------------| |---------------|/ ------------ | Client | --- https --> | Load Balancer | ---- https --> | server 2 | |------------| |---------------|\ ------------ \ ------------ \-- https --> | server 3 | ------------ And it has to pass client certificates. I've got a config that can do load balancing with in-the-clear real servers: <VirtualHost *:8666> DocumentRoot "/usr/local/apache/ssl_html" ServerName vmbigip1 ServerAdmin [email protected] DirectoryIndex index.html <Proxy *> Order deny,allow Allow from all </Proxy> SSLEngine on SSLProxyEngine On SSLCertificateFile /usr/local/apache/conf/server.crt SSLCertificateKeyFile /usr/local/apache/conf/server.key <Proxy balancer://mycluster> BalancerMember http://1.2.3.1:80 BalancerMember http://1.2.3.2:80 # technically we aren't blocking anyone, but could here Order Deny,Allow Deny from none Allow from all # Load Balancer Settings # A simple Round Robin load balancer. ProxySet lbmethod=byrequests </Proxy> # balancer-manager # This tool is built into the mod_proxy_balancer module allows you # to do simple mods to the balanced group via a gui web interface. <Location /balancer-manager> SetHandler balancer-manager Order deny,allow Allow from all </Location> ProxyRequests Off ProxyPreserveHost On # Point of Balance # Allows you to explicitly name the location in the site to be # balanced, here we will balance "/" or everything in the site. ProxyPass /balancer-manager ! ProxyPass / balancer://mycluster/ stickysession=JSESSIONID </VirtualHost> What I need is for the servers in my load balancer to be BalancerMember https://1.2.3.1:443 BalancerMember https://1.2.3.2:443 But that does not work. I get SSL negotiation errors. Even when I do get that to work, I will need to pass client certificates. Any help would be appreciated.

  Read the article

• /etc/hosts: What is loghost? (fresh install of Solaris 10 update 9)

  - by cjavapro

  # # Internet host table # ::1 localhost 127.0.0.1 localhost XX.XX.XX.XX myserver loghost What is the purpose of loghost? If it was not for having loghost in there, all the /etc/hosts files on all the servers in this particular network could be identical. Edit: I looked at /etc/syslog.conf #ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */ # # Copyright (c) 1991-1998 by Sun Microsystems, Inc. # All rights reserved. # # syslog configuration file. # # This file is processed by m4 so be careful to quote (`') names # that match m4 reserved words. Also, within ifdef's, arguments # containing commas must be quoted. # *.err;kern.notice;auth.notice /dev/sysmsg *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages *.alert;kern.err;daemon.err operator *.alert root *.emerg * # if a non-loghost machine chooses to have authentication messages # sent to the loghost machine, un-comment out the following line: #auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost) mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost) # # non-loghost machines will use the following lines to cause "user" # log messages to be logged locally. # ifdef(`LOGHOST', , user.err /dev/sysmsg user.err /var/adm/messages user.alert `root, operator' user.emerg * ) Very interesting. when shutting down,, alerts go to all users probably through *.emerg * Looking at ifdef, it seems that the first parameter checks to see if current machine is a loghost, second parameter is what to do if it is and third parameter is what to do if it is not. Edit: If you want to test a logging rule you can use svcadm restart system-log to restart the logging service and then logger -p notice "test" to send a test log message where notice can be replaced with any type such as user.err, auth.notice, etc.

  Read the article

• How can I get multiple video cards to work on linux?

  - by user17943

  I installed fedora 12. I have 2 ATI cards that I used to use on windows to run 4 monitors. A recurring problem has been to get them detected in linux. Only my secondary card is picked up linux. When I manage the displays it detects the 2 monitors connected that card. What are the specific steps I should take to get the second card detected? Supposedly there is a tool system-config-xfree. I don't have it, yum can't find it. Also I heard it has something to do with editing some xorg.conf file or something to that effect. I have absolutely no idea how to find the "bus id" of my card, or lookup the horizontal refresh rates, etc.. I would probably have no problem following the documentation & editing the file if I knew a good way to find these values. Someone also suggested installing linux twice and saving the xorg.conf it generates each time (with different card each time) and then merging the two by hand. That is like killing a fly with a hammer though, when I do this again and again in the future It'd be nice to not have to take twice as long. Thanks

  Read the article

• virtual web folder served by PHP script

  - by Martin

  I am trying to configure my apache to be able to display (virtual) pages like: mywebpage.com/something1 mywebpage.com/something2 mywebpage.com/folder/something3 I would like these "somethingX" and "folder" folders to be only virtual, not physical directories. For a start it would be great to send all requests to mywebpage to one PHP script which will somehow receive the original path information (there is some SERVER array as far as I know) and call necessary PHP functions (so far I use addresses like mywebpage.com/index.php?page=blabla&otherparameters=values...). Is that possible? I am struggling with different combination, currently I am with following file in /etc/apache2/conf.d/something.conf (not working of course). What is the correct way to proceed? Thanks. <Location /myweb> SetHandler my-handler Action my-handler /srv/www/htdocs/myweb/product.php virtual </Location> My pages are in /srv/www/htdocs/myweb. I tried with Location, with Directory, with Action and SetHandler, with AddHandler... ;-) Some configurations were ignored, some caused "object not found" with nothing relevant in error log.

  Read the article

• "Network is unreachable" When pinging google, can connect to internal computers on debian VM

  - by musher

  Similar to this SU question: "Network is unreachable" when attempting to ping google, but internal addresses work Actually, it's pretty much the same base issue. I went through that thread trying to find a solution, I changed my resolv.conf: before: domain [my work domain] search [my work domain] nameserver [my gateway] nameserver [my gateway2] I changed it to: after: domain [my work domain] search [my work domain] nameserver 8.8.8.8 nameserver 8.8.4.4 However, any time I reboot the computer the resolv.conf gets overwritten to the previous version (the 'before' above). The issues began after I installed virtualbox additions, X server and (specifically) LXDE: Cat of apt history.log: Start-Date: 2014-08-21 10:03:42 Commandline: apt-get install virtualbox-guest-utils virtualbox-guest-dkms Install: x11-xkb-utils:amd64 (7.7+1, automatic), libxaw7:amd64 (1.0.12-2, automatic), xfonts-utils:$ End-Date: 2014-08-21 10:03:56 Start-Date: 2014-08-21 10:18:39 Commandline: apt-get install lxde Install: desktop-base:amd64 (7.0.3, automatic), libgoa-1.0-0b:amd64 (3.12.4-1, automatic), lxmenu-d$ End-Date: 2014-08-21 10:21:52 Start-Date: 2014-08-21 10:26:40 Commandline: apt-get upgrade Upgrade: libio-socket-ssl-perl:am ifconfig on the guest: root@Peridot:~# ifconfig eth0 Link encap:Ethernet HWaddr 08:00:27:89:c9:20 og inet addr:172.31.2.102 Bcast:172.31.2.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe89:c920/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2281 errors:0 dropped:1 overruns:0 frame:0 TX packets:463 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:266507 (260.2 KiB) TX bytes:120554 (117.7 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:240 (240.0 B) TX bytes:240 (240.0 B) The adapter in VBox is a bridged adapter directly onto my ethernet connection; as are my other 2 VMs (which work) Other SU questions I've tried: "connect: Network is unreachable" in VirtualBox VM

  Read the article

• How to write rules for persistent net names?

  - by ndemou

  I know that a process generates persistent network card names based on rules found in /lib/udev/rules.d/75-persistent-net-generator.rules. I also know how to completely disable this process with a simple echo '#' > /etc/udev/rules.d/75-persistent-net-generator.rules but I've read that I "could also write my own rules file to give the interface a name — the persistent rules generator ignores the interface if a name has already been set" (/etc/udev/rules.d/README confirms that this is possible). Do you have any pointers to documentation about how to write such rules? (I mostly care about Debian/Ubuntu and a bit less for CentOS) As a specific example of why I want to write custom rules: I have two identical servers with one onboard LAN and one PCI LAN. In case of HW failure I want to be able to move disks from HW#1 to HW#2 and it's important for eth0 to continue pointing to the onboard card and eth1 to the PCI card (no one wants to mess with cabling in the middle of a HW failure panic). My current workaround works but is a lot of work[1] so I wonder if writing custom rules would allow me to express something simple like this: cards with MAC A or B should be named eth0 cards with MAC C or D should be named eth1 follow default naming scheme for anything else [1] install the OS in HW#1 and keep a copy of /etc/udev/rules.d/70-persistent-net.rules. Move the disks to HW#2 and keep a second copy of the same file. Concatenate the two copies and manually edit the NAME="ethX" part. Replace /etc/udev/rules.d/70-persistent-net.rules with my version. Finally disable auto-creation of a new 70-persistent-net.rules using echo '#' > /etc/udev/rules.d/75-persistent-net-generator.rules

  Read the article

• Cannot configure hostname keeps on changing after reboot CentOS 6 + nginx [on hold]

  - by The Wolf

  I just finished this tutorial I found online: http://www.unixmen.com/install-lemp-nginx-with-mariadb-and-php-on-centos-6/ Now, I am having trouble making a hostname, you can see the result at: http://www.intodns.com/busilak.com here are my confs /etc/hosts 127.0.0.1 localhost.localdomain localhost localhost4.localdomain4 localhost4 # Auto-generated hostname. Please do not remove this comment. 198.49.66.204 host.busilak.com busilak.com host ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 /etc/sysconfig/network NETWORKING="yes" GATEWAYDEV="venet0" NETWORKING_IPV6="yes" IPV6_DEFAULTDEV="venet0" HOSTNAME="host.busilak.com" /etc/nginx/conf.d/default.conf server { #listen 80; #server_name host.busilak.com; #charset koi8-r; #access_log logs/host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } Question: Is there anything I should have done? I just want to use my domain: busilak.com as default domain for my server, such that when I open busilak.com it would point readily to my VPS ip address.

  Read the article

• With puppet, can you have the client ask to be a certain set of roles?

  - by Aitch

  I've recently got my puppetmaster and client up and running and have had the client correctly signed, then requested and applied simple changes, all good. I have a growing number of machines (100). They are not consistently named (historical reasons). They fall into a handful of categories (think of it like: dataserver_type1, dataserver_type2, webserver_type1, webserver_type2....). New instances of these types of machines are added weekly. I don't understand (yet) or cannot see how I can declare a "generic" node of (say) "dataserver_type1" that contains whatever modules it needs, and set something in the client puppet.conf that says "I am a dataserver_type1" without using the hostname/FQDN If I set the node name in the catalog as (say) "my-data-server-type1" - the certified hostname - it picks it up and works. I know you can use patterns for hostnames but as I said, my server names are not consistent, and I can't change them. This seems disingenuous to have to edit a file and manually add a node for each server, when they continue to grow. Edit: Digging deeper, it seems roles may be what I want. But there still seems to be an element whereby the master has contain a list of roles that a specific named server should do. Perhaps what I am asking is, how can a client say "I want to be this role", without the server having to be updated?

  Read the article

• What is my BaseDN supposed to be with the following configuration of OpenLDAP?

  - by fuzzy lollipop

  I have the following in my OpenLDAP configuration. Using the latest version OpenLDAP on Centos 5.3. Installed using yum. From my /etc/openldap/slapd.conf database bdb suffix "dc=company,dc=com" rootdn "cn=Manager,dc=company,dc=com" From my /etc/openldap/ldap.conf BASE dc=company,dc=com I have successfully added an entry with ldapadd and retrieved it with ldapsearch from a local bash shell on the box. Now I am trying to get a Graphical Editor to connect to this server remotely so I can enter people from my laptop. But I am having no luck. I tried JXplorer, and it connects with Anonymous bind without me having to specify a BaseDN but I can't edit anything that way. If I try and give it a user name and password, using Manager and my rootpw I have in clear text just for testing, every GUI Client on my remote laptop complains about my BaseDN not being the correct format when I enter dc=company,dc=com and I tried cn=Manager,dc=company,dc=com. Error opening connection: [LDAP: error code 34 - invalid DN] I have tried multiple clients and all of them connect as anonymous, none let me connect authenticated where I can actually create or edit anything. I am using Manager as my username and the password from rootpw, is that correct?

  Read the article

• allow spoofing when using tun

  - by Johnny

  I have a working openvpn setup with a server and a number of clients. How would i go around allowing IP spoofing through the openvpn server? (to demonstrate security concepts)? A normal ping from client to server goes through all right: root@client: hping3 10.8.0.1 HPING 10.8.0.1 (tun0 10.8.0.1): NO FLAGS are set, 40 headers + 0 data bytes len=40 ip=10.8.0.1 ttl=64 DF id=0 sport=0 flags=RA seq=0 win=0 rtt=124.7 ms root@server:/etc/openvpn# tcpdump -n -i tun0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes 10:17:51.734167 IP 10.8.0.6.2146 > 10.8.0.1.0: Flags [], win 512, length 0 But when spoofing a packet, it does not arrive at the openvpn server: root@client: hping3 -a 10.0.8.120 10.8.0.1 HPING 10.8.0.1 (tun0 10.8.0.1): NO FLAGS are set, 40 headers + 0 data bytes root@server:/etc/openvpn# tcpdump -n -i tun0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes My current config files server.conf local X.Y.Z.P port 80 proto tcp dev tun ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" keepalive 10 120 comp-lzo persist-key persist-tun persist-local-ip status openvpn-status.log verb 3 client.conf client dev tun proto tcp remote MYHOST..amazonaws.com 80 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server comp-lzo verb 3

  Read the article

• Apache2 doesn't serve PHP-scripts correctly [closed]

  - by cmbrnt

  I've run into a problem with my Apache 2.2.16 configuration, running on Debian Squeeze. The problem is that it stopped serving PHP5-scripts completely. When I try to access the sites with Google Chrome, it instead downloads a file called "download", which contains the contents of the script. This is of course not a good thing. It does serve common html-files perfectly... I've been at this for quite a while now, and after all the googling and troubleshooting, I thought it would be a good time to ask you guys. Here's what I've got: The php5 and libapache2-mod-php5 packages are installed /etc/apache2/mods-available contains both php5.load and php5.conf, and these are symlinked from the mods-enabled directory The /etc/php5/ directory is left untouched since the installation. Here's the contents of /etc/apache2/mods-available/php.load: LoadModule php5_module /usr/lib/apache2/modules/libphp5.so And /etc/apache2/mods-available/php.conf: <IfModule mod_php5.c> <FilesMatch "\.ph(p3?|tml)$"> SetHandler application/x-httpd-php </FilesMatch> <FilesMatch "\.phps$"> SetHandler application/x-httpd-php-source </FilesMatch> <IfModule mod_userdir.c> <Directory /home/*/public_html> php_admin_value engine Off </Directory> </IfModule> </IfModule> What am I missing? This is a server with modified virtual hosts and the like, so I might have changed some settings which causes this problem, but simply purging and reinstalling is not an option so far, since the configuration is quite extensive. Any help would be great. Thanks.

  Read the article

• Limited connections to Ubuntu 12.04 server

  - by Luis M. Valenzuela

  I'm having a weird problem with my server. The server is inside my network, connected to a 3com switch which is connected to the router that handles the internet connection. The main purpose of the server is to host a php application. What's happening is that user 1 to 15 in the private network have no problems connecting to the server, when user 16 tries to connect a time out comes out and is unable to connect to the server. It's not just to the php application, but to any service from the server. When the 15 users are using the application, the server doesn't even answer to ping. I haven't set any special limit in Apache's ini file or MySql and the firewall is being turned off because the server is only to give service to the internal network. Is there a parameter in any of the network's card conf. files that might me causing this ? Or should I suspect from the router's or switches configuration ? UPDATE. Tomorrow, I'm gonna do some test on the server modifying two kernel params in : /etc/sysctl.conf The settings are: net.core.somaxconn which has the limit on simultaneous network connections to the server and kernel.shmmax which controls the amount of memory the system can use for managing connections.

  Read the article

• Unnamed, hidden partitions on my 500 GB HD, HP Pavilion dm4 Laptop

  - by emotionull

  I have multiple doubts here. Its a Seagate 500GB 7200RPM HD. I had installed it few months back after my original Laptop HD stopped working. The current drives on my latop, as shown by the Windows Disk Management are: After installing the new HD, I had done a complete clean install of Windows 7 and I didn't create any parition myself, manually. So there are 4 drives. Even previously, before I installed this new HD, my laptop had 4 Partitions. But the there were no un-named partitions like the two in this case. The other two were HP tools and Recovery or something. It was pre-configured, Factory installed Windows. Also, now when I right cick on the unnamed Drives from Disk Management, all the options are greyed out (see image) except the delete partition image. So how do I know what's inside those partitions? Will it be ok if I delete them? I want install Ubuntu and dual boot it with my current windows installation. I cannot do it in current setup as there are already 4 partitions of my HD and if I will try to make a new partition, it will be a logical one (correct me if I am wrong here). So can I delete the un-named, hidden partitions and use them for Ubuntu? A bit unrelated question. As a backup option, can I use the Windows 7's Backup and Restore facility to keep a complete backup of all the drivers and system softwares.

  Read the article

• error 503: Can't deploy rails 3 app with apache + thin (bitnamy ruby stack)

  - by Pacu

  As you'll notice, I'm a bit of a noob on Rails. Here's the thing I have a EC2 Bitnami RubyStack AMI running. I'm trying to deploy the sample project to be sure I'm doing the right thing, but I'm not getting anywhere at all. I just get a 503 error I'm following bitnami's docs on thin + apache Here are my files: the httpd.conf I include in the main httpd.conf Alias /sample "/home/bitnami/stack/projects/sample/public" <Directory "/home/bitnami/stack/projects/sample/public"> AllowOverride None Order allow,deny Allow from all </Directory> ProxyPass /sample balancer://appcluster ProxyPassReverse /sample balancer://appcluster <Proxy balancer://appcluster> BalancerMember http://127.0.0.1:3001/sample BalancerMember http://127.0.0.1:3002/sample BalancerMember http://127.0.0.1:3003/sample BalancerMember http://127.0.0.1:3004/sample </Proxy> the thin.yml file chdir: /opt/bitnami/projects/sample environment: production address: 127.0.0.1 port: 3000 timeout: 30 log: log/thin.log pid: tmp/pids/thin.pid max_conns: 1024 max_persistent_conns: 512 require: [] wait: 30 servers: 5 prefix: /sample daemonize: true I'm able to start and stop apache, but thin does not stop correctly though. When I try to stop thin, I get this output /opt/bitnami/projects/sample$ sudo thin -C config/thin.yml stop Stopping server on 127.0.0.1:3000 ... Can't stop process, no PID found in tmp/pids/thin.3000.pid Stopping server on 127.0.0.1:3001 ... Can't stop process, no PID found in tmp/pids/thin.3001.pid Stopping server on 127.0.0.1:3002 ... Can't stop process, no PID found in tmp/pids/thin.3002.pid Stopping server on 127.0.0.1:3003 ... Can't stop process, no PID found in tmp/pids/thin.3003.pid Stopping server on 127.0.0.1:3004 ... Can't stop process, no PID found in tmp/pids/thin.3004.pid I've tried to use nginx as well, without any luck unfortunately. Thank you for your time and help!

  Read the article

• Is this a legitimate registry key? (windows 7)

  - by Keyes

  In hkey_local_machine/software/classes I found some registry keys named msime.taiwan, msime.japan and a couple others with similar names, except with a number at the end of, so there was 4 keys altogether. From what I know itmcoulc be associated with a thing in windows that lets you write japanese characters or whatever. I also found a macaffee page, , which seemed dated but it said the key is created by a virus named w32 virut. Just wondering is this a legit key? I found it on another pc and both pcs show when exported to a .txt show it was last written to in 2009. Here is the reg query for the 4 keys. (added lines to differentiate them.) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan (Default) REG_SZ Microsoft IME (Japanese) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan\CLSID (Default) REG_SZ {6A91029E-AA49-471B-AEE7-7D332785660D} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan\CurVer (Default) REG_SZ MSIME.Japan.11 HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan.11 (Default) REG_SZ Microsoft IME (Japanese) HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Japan.11\CLSID (Default) REG_SZ {6A91029E-AA49-471B-AEE7-7D332785660D} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan\CLSID (Default) REG_SZ {F407D01A-0BCB-4591-9BD6-EA4A71DF0799} HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan\CurVer (Default) REG_SZ MSIME.Taiwan.8 HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan.8 (Default) REG_SZ IMTCCORE HKEY_LOCAL_MACHINE\Software\Classes\MSIME.Taiwan.8\CLSID (Default) REG_SZ {F407D01A-0BCB-4591-9BD6-EA4A71DF0799}

  Read the article

• DNS caching server config problem

  - by Alex

  I have a Bind DNS caching-only server setup that is working. I am bringing up a new AD domain controller that will also be a DNS server for that AD but I don't want it responding to any DNS queries except those that are AD related. So, my goal is to leave this caching server as the primary DNS server for stations on the network and have it forward requests for the AD domain to the domain controller. My understanding is that I just need a forward zone for that domain pointing to the domain controller. However it does not seem to be working. So that leaves me to think that my caching server is not forwarding properly. For example, this AD is going to have a naming convention of hostname.mydomain.local. If I do an nslookup and specify the domain controller's IP address as the server, I can query addresses that exist in DNS on that server, such as dc1.mydomain.local. However, queries to my caching server times out (I get a response from the caching server if I query mydomain.local but none of the objects in that domain). Any suggestions? Here is my named.conf file: options { directory "/var/named"; listen-on { 192.168.0.14; 127.0.0.1; }; forwarders { ; ; }; forward first; }; zone "." in { type hint; file "db.cache"; }; zone "0.0.127.in-addr.arpa" in { type master; file "db.127.0.0"; }; //forward zone for mydomain.local zone "mydomain.local" { type forward; forwarders { 192.168.1.21; }; };

  Read the article

• Puppet: is it ok to "force" certname when you expect to shuffle nodes around?

  - by Luke404

  We all know (good example on SF) that Puppet hostname detection could be... fun. At our company (and I guess we're not alone at this) we usually pre-configure servers at our offices and test them before bringing the gear to a remote datacenter and rack them. Of course the reverse dns will change when doing that, even if we don't change the actual hostname of the system. We're slowly drafting our puppet setup and I'd like to be sure those moves won't create problems. My idea is to explicitly configure the desired full FQDN of the system as certname in puppet.conf at server provision time (before the very first puppet run). My process would look something like this: basic o.s. installation basic network configuration, enough to reach the internet and resolve dns install puppet and set up certname start puppet and let him manage the whole configuration test, fix problems in config (via puppet), re-test, and so on... manually stop puppet set up new network configuration for the datacenter network move the machine to DC turn it on puppet should automatically start and keep on doing its job The process is supported by detecting the environment in puppet's manifests (eg. based on subnet, like they do at Wikimedia) and modify configuration as needed (eg. resolv.conf contents appropriate for each network). Each node's certname will never change for the whole system life cycle. Is there any problem with this approach? Could it be improved?

  Read the article

• How do I connect remotely to SQL Server from Windows client?

  - by humble_coder

  Hi All, Having a bit of an issue connecting to SQL SERVER remotely from Windows. I've verified that all of my settings are correct via SQL SERVER MANAGEMENT STUDIO EXPRESS and SQL SERVER CONFIGURATION MANAGER. I can connect remotely using ODBC drivers from other OSes (e.g. OS X, Linux, etc). However, when I connect with the same credentials from a remote Windows machine using "SQL SERVER" as the driver I am told that the system cannot connect. I've tried creating an ODBC Data Source and I get the same error: Connection failed: SQLState: '01000' SQL Server Error: 14 [Microsoft][ODBC SQL Server Driver][TCP/IP Sockets]ConnectionOpen(InvalidInstance()). Connection failed: SQLState: '08001' SQL Server Error: 14 [Microsoft][ODBC SQL Server Driver][TCP/IP Sockets]Invalid Connection From the non-windows machines I can use the IP address of the SQL Server just fine. However, on the remote Windows machine, neither IP address nor named instance works. FYI, I can create an ODBC Data Source using the named instance on the machine actually running the SQL Server (but this is, of course, nothing special -- just proof that it isn't completely hosed). One interesting note: If I use SQL STUDIO 2005 from a Windows client machine, I can use the IP address to connect remotely. Still, the whole reason I bring this up is because I need to use a software package I've written to connect to SQL Server remotely from Windows machines as well. Previously the solution was only needed to xfer data from SQL Server into a PostGRES or MySQL database on non-Windows machines (due to DBA preference). However, now they also want to move the data from the legacy software to MySQL even on Windows. Any assistance would be most appreciated. Feel free to provide a full example connection string. Best

  Read the article

< Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >