Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 127/596 | < Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >

  • Enabling mod_fcgid results in 403

    - by laggingreflex
    I have an EasyPHP 12.1 setup (latest) on Windows 7x64 and I'm trying to enable mod_fcgid for PHP. I have added the following in my httpd.conf Include conf/extra/httpd-vhosts.conf LoadModule fcgid_module modules/mod_fcgid.so FcgidInitialEnv PHPRC "C:\progra~2\EasyPHP-12.1\php\php546x121028092509" AddHandler fcgid-script .php FcgidWrapper "C:\progra~2\EasyPHP-12.1\php\php546x121028092509/php-cgi.exe" .php and Options ExecCGI Indexes FollowSymLinks under <Directory "${path}/www"> I've made sure the paths are all good and set permissions on the entire C:\progra~2\EasyPHP-12.1 and my www root to Everyone - Allow All. Yet I still get 403 on all server(localhost) requests. Along with Apache/2.4.2 (Win32) PHP/5.4.6 mod_fcgid/2.3.7 so I know mod_fcgid is enabled and is causing the 403. Commenting out the above lines from httpd.conf makes it work again but is slower than death (which is why I wanted mod_fcgid). What could I be doing wrong?

    Read the article

  • Apache reports a 200 status for non-existent WordPress URLs

    - by Jonah Bishop
    The WordPress .htaccess generally has the following rewrite rules: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> When I access a non-existent URL at my website, this rewrite rule gets hit, redirects to index.php, and serves up my custom 404.php template file. The status code that gets sent back to the client is the correct 404, as shown in this HTTP Live Headers output example: http://www.borngeek.com/nothere/ GET /nothere/ HTTP/1.1 Host: www.borngeek.com {...} HTTP/1.1 404 Not Found However, Apache reports the entire exchange with a 200 status code in my server log, as shown here in a log snippet (trimmed for simplicity): {...} "GET /nothere/ HTTP/1.1" 200 2155 "-" {...} This makes some sense to me, seeing as the original request was redirected to page that exists (index.php). Is there a way to force Apache to report the exchange as a 404? My problem is that bogus requests coming from Bad Guys show up as "successful requests" in the various server statistics software I use (AWStats, Analog, etc). I'd love to have them show up on the Apache side as 404s so that they get filtered out from the stat reports that get generated. I tried adding the following line to my .htaccess, but it had no effect (I'm guessing for the same reason as the previous redirect rules): ErrorDocument 404 /index.php?error=404 Does anyone have a clever way to fix this annoyance? Additional Info: OS is Debian 6.0.4, and Apache version looks to be 2.2.22-3 (hosted on DreamHost) The 404 being sent back to the client is being set by WordPress (i.e. I'm not manually calling header() anywhere)

    Read the article

  • apache url rewrite not working as expected

    - by hetaoblog
    looks as if it's working now, i'm not doing anything... stange... I want to write http://www.1024jobs.net/jobs/view/17.jhtml to http://www.1024jobs.com/jobs/view/17.jhtml so i have tried either of below rules in .htaccess RewriteRule ^jobs/view/([0-9]+)\.jhtml$ http://www.1024jobs.com/jobs/view/$1.jhtml [L,R=301] RewriteRule ^jobs/view/([^.]+).jhtml$ http://www.1024jobs.com/jobs/view/$1.jhtml [L,R=301] but it's always translating to below url http://www.1024jobs.net/jobs/view/17.jhtml to http://www.1024jobs.com/jobs/view/.jhtml however, just found below is translated correctly.... http://www.1024jobs.net/jobs/view/16.jhtml can anyone help and explain? thx

    Read the article

  • Python and mod_wsgi path issue

    - by jasonh
    I have an AIX 6.1 system that I've compiled and installed: Apache 2.2.21 (into /usr/local/mercurial) Python 2.7.2 (into /usr/local/bin and /usr/local/lib) mod_wsgi 3.3 (with the AIX fix #1 described here) Mercurial 2.0 (system-wide) However, when Apache starts, I get the following message in error_log: IOError: invalid Python installation: unable to open /usr/local/bin/lib/python2.7/config/Makefile (No such file or directory) See the problem? bin/lib doesn't exist. /usr/local/lib/python2.7/config/Makefile does exist though. However, I can't figure out where it's getting that path from. Here's the environment variables I've got: PYTHONHOME=/usr/local/bin PYTHONPATH=/usr/local/lib/python2.7 LIBPATH="/usr/local/mercurial/lib:$LIBPATH" PATH=/usr/local/bin:/usr/local/lib:$PATH LDR_CNTRL="MAXDATA=0x80000000" AIXTHREAD_SCOPE=S AIXTHREAD_MUTEX_DEBUG=OFF AIXTHREAD_RWLOCK_DEBUG=OFF AIXTHREAD_COND_DEBUG=OFF SPINLOOPTIME=1000 YIELDLOOPTIME=8 MALLOCMULTIHEAP=considersize,heaps:8 I've tried all sorts of combinations with and without PYTHONHOME, PYTHONLIB and PATH in envvars. My PATH, in case it matters is: /usr/bin:/etc:/usr/sbin:/usr/ucb:/usr/bin/X11:/sbin:/usr/opt/ifor/bin:/usr/local/bin:.

    Read the article

  • How to choose a web server for a Python application?

    - by Phil
    Information and prerequisites: I have a project which is, at its core, a basic CRUD application. It doesn't have long running background processes which it forks at the beginning and talks to later on, nor does it have long running queries or kept alive connection requirements. It receives a request, makes some queries to the database and then responds. In order to serve static files and cachable files fast, I am going to use Varnish in all cases. Here is my question: After reading about various Python web application servers, I have seen that they all have their "fans" for certain, usually "personal" reasons, which got me confused since each usecase differs from the next. How can I learn about the core differentiating factors of Python web servers (in order) to decide how suitable they are for my project and if one would be better than the other? What are your (technically provable) thoughts on the matter? How should I choose a Python web server? Thank you.

    Read the article

  • I am trying to write an htaccess file performs authentication and redirects authenticated users to a

    - by racl101
    This is what I have so far but I can't get the RewriteCond and RewriteRule properly. RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (\d{3})$ RewriteRule !^%1 http://subdomain.mydomain.com/%1 [R,L]. AuthName "My Domain Protected Area" AuthType Basic AuthUserFile /path/to/my/.htpasswd Require valid-user This is what I mean the ReWriteCond and RewriteRule to say: "If the REMOTE_USER has a username ending in 3 digits then capture the three digits that match and for whatever url they are trying to access if it does not start with the 3 digits captured then redirect them to the sub directory with the name equal to those captured three digits." In other words, if a user named 'johnny202' is authenticated then if he's requesting any directory other than http://subdomain.mydomain.com/202/ then he should be redirected to http://subdomain.mydomain.com/202/ The only thing I can think of that is wrong is the first instance of '%1'.

    Read the article

  • Two servers, two domains, one ip. mod_proxy beginner

    - by Gutsav
    I run two virtual web servers (both running apache2 on debian). I have just one external IP, but two domains, and I want a domain going to each of the servers. I've understood that I need a Reverse Proxy, and I enabled both the mod_proxy and the mod_proxy_http modules on the "primary server". Do I need to enable anything on the "secondary server"? I also understood that I need to write some things in a virtual host file, but what? On the primary server, I have a virtual host file for one of the domains, and some for subdomains. I want domain1.tld to go to the primary server (port 80 is forwarded to it, so that works) and domain2.tld to go to the other server (internal ip 192.168.0.x). No ports needs to be forwarded to it, right? So, what to add and in which virtual host file? Or a new one? Other questions suggest adding ProxyPass and ProxyPassReverse, but I'm lost anyway, and I just don't understand the apache documentation. Thanks in advance

    Read the article

  • How can I flush my ssh keys on power management activity?

    - by Sam Halicke
    Hi all, Using ssh-agent and private keys per the usual. Everything's working as normal. My question regards best practices on flushing keys from ssh-add on activity like sleep, suspend, hibernate, etc. I thought about writing a simple wrapper around those commands, but then wondered if are they even called? Or does the kernel initiate this activity directly? Are the PM utilities strictly userland? I would like this additional layer of security beyond locking my screen, etc. and was wondering if anyone else had solved this elegantly or has best practices to recommend. Thanks.

    Read the article

  • Apache - mod_pagespeed freezes my website

    - by Jonathan Rioux
    I have installed the mod_pagepseed module for Apache. I am using Debian so I downloaded the .deb file, and installed it successfully. I then configured some filters, and it worked like a charm for some minutes. Then after something like 10 minutes, my website no longer responded to the requests. When I was requesting for my website, it said "Waiting for www.blablabla.com" and I never got the page back from the server. I checked the processes running on my Debian box with top -d 0.5, and nothing eats up the CPU. To make my website responding to requests again, I must do a /etc/init.d/apache2 restart. And then it works again with mod_modspeed applying it's filters for a couple of minutes, and no more response again. How can I diagnose this issue? Is there some other configurations in the mod_pagespeed.conf file that I must set?

    Read the article

  • Apache: Rewrite rule to remove slashes from the permalink?

    - by javipas
    I've seen this previous question on ServerFault, and I want something similar, but I'm not sure how to accomplish it. What I want is to remove all slashes from the permalink except for the one that goes after the domain name. For example: http://www.muycomputerpro.com/Actualidad/Especiales/La-Ciudad-Eficiente-Netapp would be redirected to http://www.muycomputerpro.com/ActualidadEspecialesLa-Ciudad-Eficiente-Netapp I need it to correct some 404 errors remaining on my WordPress blog under Apache web server. So, what would be the right rewrite rule?

    Read the article

  • How to use mod_proxy to let my index of Apache go to Tomcat ROOT and be able to browse my other Apac

    - by Dagvadorj
    Hello, I am trying to use my Tomcat application (deployed at ROOT) to be viewed from Apache port 80. To do this, I used mod_proxy, since mod_jk made me try harder. I used sth like this in httpd.conf: <location http://www.example.com> Order deny,allow Allow from all PassProxy http://localhost:8080/ PassProxyReverse http://localhost:8080/ </location> <Proxy *> Order deny,allow Allow from all </Proxy> And now I can not retrieve my previous sites on Apache, which was running prior to my configuration. How can I have both running?

    Read the article

  • Is it possible to rewrite some query strings to HTTPS and keep everything else on HTTP?

    - by Matt
    I'm rewriting query strings to pretty URIs, example: index.php?q=/en/contact becomes /en/contact and all works nicely.. # httpd.conf # HANDLE THE QUERY RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] Is it even possible to rewrite single queries to force https and force everything else onto http? I've tried many different approaches that typically end in infinate loops. I could write a plugin to do this in PHP but figured it would be more effecient to handle this in the server conf. I'd be greatful for any advice. EDIT: To clarify, I'd like to be able to rewrite the non SSL http://example.com/index.php?q=/en/contact to the SSL enabled https://example.com/en/contact and every query that is not /en/contact get written to http://example.com/...

    Read the article

  • Microsoft Ergonomic Keyboards With Card Readers?

    - by Steve
    When I started working at my current job I developed tendinitis in my wrists. Luckily that cleared up when I started using a Microsoft ergonomic keyboard. The problem is that where I work is moving to more security. We will need to stick a card into a slot to log into our PCs. They bought a bunch of new keyboards with these slots built in. All regular keyboards. Is there something like the Microsoft Ergonomic keyboard that comes with such a card slot? Thanks.

    Read the article

  • Swapping root directory of a web server

    - by Austin
    One of the clients that I maintain requests a website redesign, we do all the work in a subfolder /newsite/ and they intend to make it live this instant. The /newsite/ is made in wordpress and from my understanding WP keeps all the URL's as they were initially created. Would it be easier to just create the new root dir at /newsite/ or move all contents of the root to /oldsite/ and move /newsite/ to the root? Please advise the best route, i.e. mod_rewrite.

    Read the article

  • Apache 2 UserDir for only one VirtualHost

    - by dentarg
    Is it possible to enable the UserDir Directive for just one VirtualHost rather than have it on for all and then disable it (with "UserDir disable") for each VirtualHost you don't want it on? I have tried by putting this inside a <VirtualHost> and comment out everything in the global config (/etc/apache2/conf.d/userdir.conf). No luck though. <IfModule mod_userdir.c> UserDir public.www UserDir disabled root <Directory /home/*/public.www> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> </IfModule>

    Read the article

  • "This file came from another computer..." - how can I unblock all the files in a folder without having to unblock them individually?

    - by Schnapple
    Windows XP SP2 and Windows Vista have this deal where zone information is preserved in downloaded files to NTFS partitions, such that it blocks certain files in certain applications until you "unblock" the files. So for example if you download a zip file of source code to try something out, every file will display this in the security settings of the file properties "This file came from another computer and might be blocked to help protect this computer" Along with an "Unblock" button. Some programs don't care, but Visual Studio will refuse to load projects in solutions until they've been unblocked. While it's not terribly difficult to go to every project file and unblock it individually, it's a pain. And it does not appear you can unblock multiple selected files simultaneously. Is there any way to unblock all files in a directory without having to go to them all individually? I know you can turn this off globally for all new files but let's say I don't want to do that

    Read the article

  • Django apache + mod_wsgi with virtualenv

    - by ArgsKwargs
    I have some questions running multiple Django sites on a VPS I have a server that uses openPanel to automatically create VirtualHosts within apache2. My ideal situation is that I would have multiple virtualenvs with different dependencies installed so the python dist-packages directory isn't contaminated for different Django sites. For example: /home/user/virtualenv1 /home/user/virtualenv2 My django applications reside at /var/www, so For example: /var/www/djangosite1 /var/www/djangosite2 Now I've read upon openPanel docs and figured out the best thing todo is create a django.conf file inside the mydomain.com.inc folder, which looks something like: /etc/apache2/openpanel.d/mydomain.com.inc/django.conf DocumentRoot /var/www/djangosite1/project WSGIScriptAlias / /var/www/djangosite1/project/wsgi.py WSGIDaemonProcess mydomain python-path=/home/user/virtualenv1/lib/python2.6/site-packages <Directory /var/www/djangosite1/project> Order allow,deny Allow from all </Directory> Alias /static /var/www/djangosite1/project/static-root Now my problem is that this setup seems unable to find the virtualenv site-packages thus not recognizing any dependencies available in the given virtualenv Also, commenting out this line doesn't seem to break or change a thing: WSGIDaemonProcess mydomain python-path=/home/user/virtualenv1/lib/python2.6/site-packages For example: > service apache2 start ImportError: No module named South When I install South outside the virtualenv everything works

    Read the article

  • Using Chinese Charachters With Mod_Rewrite

    - by Moak
    I'm trying to create a rule using Chinese characters #RewriteRule ^zh(.*) /???$1 [L,R=301] creates error 500 when i change the file to UTF-8 #RewriteRule ^zh(.*) /%E4%B8%AD%E6%96%87%E7%89%88$1 [L,R=301] redirects to /%25E4%25B8%25AD%25E6%2596%2587%25E7%2589%2588 (basically replacing % with %25) Anybody familiar with this problem?

    Read the article

  • How can I use fetchmail (or another email grabber) with OSX keychain for authentication?

    - by bias
    Every fetchmail tutorial I've read says putting your email account password clear-text in a config file is safe. However, I prefer security through layers (since, if my terminal is up and someone suspecting such email foolery slides over and simply types "grep -i pass ~/.*" then, oops, all my base are belong to them!). Now, with msmtp (as opposed to sendmail) I can authenticate using the OSX keychain. Is there an email 'grabber' that lets me use Keychains (specifically the OSX keychain) or at least, that lets me MD5 the password? This is a duplicate of my unanswered question on serverfault. I've put it on superuser because I'm doing this on a personal computer (viz. with OSX) so it's more of a superuser question.

    Read the article

  • how to separate a network for traffic

    - by Student_CVO
    At the moment our all computers in one big LAN, it is the intention to separate the admin and edu (it's in a school) especially for traffic and less for security. How do this best? I have a drawing, but can't post it (a can send it in a mail) Firewall?, VLAN?, IPCop (no two green zones)?, pfsense? ... Should there be two scopes on the dhcp server (WIN 2008 R2), one for admin and one for edu or is one scope enough? I would like your advice, I am a student in training with this task as a project. Thanks

    Read the article

  • Jenkins projects not visible even though user has all privleges

    - by Frank Rosario
    We want to lock down Jenkins and specific jobs to certain personnel. I have my account with all global privileges granted with project based matrix security. A coworker has a similar account and has been granted all the same privileges. When I log in with my account, I can see all of the projects we have setup. When my coworker whom has the exact same privileges logs in, none of the projects are visible. I've double and triple checked the permissions matrix to make sure we have the same global privileges; we do. Some of the projects have project specific privileges setup as well, but again; I've confirmed that both of us have the same access to these projects as well. So why can I see all the projects and my coworker is unable to see any of the projects?

    Read the article

  • Use subpath internal proxy for subdomains, but redirect external clients if they ask for that subpath?

    - by HostileFork
    I have a VirtualHost that I'd like to have several subdomains on. (For the sake of clarity, let's say my domain is example.com and I'm just trying to get started by making foo.example.com work, and build from there.) The simplest way I found for a subdomain to work non-invasively with the framework I have was to proxy to a sub-path via mod_rewrite. Thus paths would appear in the client's URL bar as http://foo.example.com/(whatever) while they'd actually be served http://foo.example.com/foo/(whatever) under the hood. I've managed to do that inside my VirtualHost config file like this: ServerAlias *.example.com RewriteEngine on RewriteCond %{HTTP_HOST} ^foo\.example\.com [NC] # <--- RewriteCond %{REQUEST_URI} !^/foo/.*$ [NC] # AND is implicit with above RewriteRule ^/(.*)$ /foo/$1 [PT] (Note: It was surprisingly hard to find that particular working combination. Specifically, the [PT] seemed to be necessary on the RewriteRule. I could not get it to work with examples I saw elsewhere like [L] or trying just [P]. It would either not show anything or get in loops. Also some browsers seemed to cache the response pages for the bad loops once they got one... a page reload after fixing it wouldn't show it was working! Feedback welcome—in any case—if this part can be done better.) Now I'd like to make what http://foo.example.com/foo/(whatever) provides depend on who asked. If the request came from outside, I'd like the client to be permanently redirected by Apache so they get the URL http://foo.example.com/(whatever) in their browser. If it came internally from the mod_rewrite, I want the request to be handled by the web framework...which is unaware of subdomains. Is something like that possible?

    Read the article

  • Forwarding 80 to 443 on Nagios woes

    - by Ethabelle
    I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL. So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right? So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule; RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://our.server.org/$1 [R,L] This does absolutely nothing. Does nada. Whhhyy.. Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ... I'm a baddie :(

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 123 124 125 126 127 128 129 130 131 132 133 134  | Next Page >