Search Results

Search found 11463 results on 459 pages for 'apache tomcat'.

Page 158/459 | < Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165 | Next Page >

Apache security for multi-user development web server.

- by mrmartinblue

I've been searching and reading through documents all morning and understand that I need to use some combination of chown and probably 'jailing' to securely give programmers access to directories on my centos webserver. Here's the situation: I have an apache web server that has any number of virtual sites located in /var/www/site1 /var/www/site2 etc.. I have different developers that need full access both ssh and vsFTP to only the site they are working on. What is the best way to create and maintain security in this scenario. My thought would be to create a new user for each coder, jail that user to the website directory they are allowed to work in, add their user to a group and set the webroot's owner to that group. Any thoughts? Good, bad, ugly? Thanks!

Read the article
How to redirect (or Alias) jump page with Apache

- by Meltemi

I'm not an Apache expert but need to make a small change to a web server. We are introducing a "jump page" URL that is different from a primary URL (for tracking reasons). /productA/index.html /productA/jump_index.html Basically i want to log that jump_index.html was requested and then return index.html. I don't want the client to wait 8 seconds or so for a redirect. How should we be handling this? Simply symlink (or alias) the file in the filesystem? Use mod_alias Alias Match (if so how exactly)? something better still? Edit: mod_rewrite in httpd.conf: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F] </IfModule>

Read the article
Apache stopping downloads part way through

- by Ben Smiley

On my site there are some digital files which can be downloaded through a PHP script. The script works fine for small files but large files i.e. 115MB cannot be downloaded successfully. The connection dies after around 15 minutes but it's not consistent - sometimes longer sometimes shorter. I don't think it's a problem with the script timing out because the download time isn't consistent. Equally it doesn't seem like a memory limit problem because the amount downloaded varies each time. Does anyone know of any Apache or PHP related settings which could cause this kind of problem?

Read the article
run tomcat server on lan

- by pravin

I am running a server on Windows XP SP2 computer . Lets call it computer_1. The ip address of computer is 192.168.1.2 Now I have another computer ( computer_2) on the lan with ip address 192.168.1.3 I want to access the site on computer_1 from computer_2. comupter_2 can ping computer_1 (ping 192.168.1.2 works) But when I type http://192.168.1.2 in the browser of computer_2, nothing happens. I want to access the site on comupter_1 from computer_2 Please help.

Read the article
Scaling up an apache server

- by pehrs

I have an Ubuntu server running apache2 which i expect to be hit by around 500-1000 (concurent) users for a limited amount of time. The server serves a mixture of custom (rather light) php pages connected to a postgresql db (around 20 Mb in size) and static content. The hardware is stable and pretty beefy: Intel Xeon E5420 @ 2.5 GHz 12 GB RAM During previous rushes on this server I have increased ServerLimit, the MaxClients for the MPM modules and decreased Timeout and KeepAliveTimeout. It has worked, but been sluggish and I have a feeling more can be done. How would you suggest configuring the Apache server to handle this kind of load?

Read the article
decrypting AES files in an apache module?

- by Tom H

I have a client with a security policy compliance requirement to encrypt certain files on disk. The obvious way to do this is with Device-mapper and an AES crypto module However the current system is setup to generate individual files that are encrypted. What are my options for decrypting files on-the-fly in apache? I see that mod_ssl and mod_session_crypto do encryption/decryption or something similar but not exactly what I am after. I could imagine that a PerlSetOutputFilter would work with a suitable Perl script configured, and I also see mod_ext_filter so I could just fork a unix command and decrypt the file, but they both feel like a hack. I am kind of surprised that there is no mod_crypto available...or am I missing something obvious here? Presumably resource-wise the perl filter is the way to go?

Read the article
Does apache/PHP has overflow problem if the developer doesn't tweak it at all?

- by apache

Is apache/PHP self secured so that developers don't need to care about it?

Read the article
Wordpress blog website apache and IIS subdirectory

- by Philippe

The issue is this : Our company has a website hosted on an IIS server. I have recently been given the task to configure a WordPress server for an eventual WordPress blog so that our social media employee could test and see how it works. This was completed successfully and easily on a new server and on a WAMP configuration. The website was published as wordpress.domain.com and works fine. HOWEVER! I have now been requested to ensure that the soon-to-go-online blog would be accessible through the address domain.com/blog. Is there a way to modify the original company website and simple redirect the /blog to the Apache WordPress website? If not, is there a way to transfer the wordpress.domain.com on the IIS server hosting the main website and keep the configuration? Is there a better solution that I haven't thought about (probably)? If so, what would you all suggest?

Read the article
Help with Apache rewriteengine rules

- by Vinay

Hello - I am trying to write a simple rewrite rule using the rewriteengine in apache. I want to redirect all traffic destined to a website unless the traffic originates from a specific IP address and the URI contains two specific strings. RewriteEngine On RewriteLog /var/log/apache2/rewrite_kudithipudi.log RewriteLogLevel 1 RewriteCond %{REMOTE_ADDR} ^199\.27\.130\.105 RewriteCond %{REQUEST_URI} !/StringOne [NC, OR] RewriteCond %{REQUEST_URI} !/StringTwo [NC] RewriteRule ^/(.*) http://www.google.com [R=302,L] I put these statements in my virtual host configuration. But the rewriteengine seems to be redirect all requests, whether they match the condition or not. Am I missing something? Thank you. Vinay.

Read the article
AJAX response not valid in C++ but Apache

- by fehergeri

I want to make a server written in C++ to power my game. I learned the basics of sockets and wrote a basic chat program that worked well. Now I want to create an HTTP server like Apache, but only for the AJAX request-response part. I think just for the beginning i copied one Apache response text, and i sent the exact response with the C++ server program. The problem that is that the browser (Firefox) connnects to the apache and everything works fine, except all of the requests get a correct response. But if i send this with the C++ client, then FireBug tells me that the response status is OK (200) but there is no actual response text. (How is this possible?) This response-text is exactly the same what apache sends. I made a bit-bit comparison and they were the same. The php file wich is the original response <?php echo "AS";echo rand(0,9); ?> And the origional source code: Socket.h http://pastebin.com/bW9qxtrR Socket.cpp http://pastebin.com/S3c8RFM7 main.cpp http://pastebin.com/ckExuXsR index.html http://pastebin.com/mcfEEqPP < this is the requester file. ajax.js http://pastebin.com/uXJe9hVC benchmark.js http://pastebin.com/djSYtKg9 jQuery is not needed. The main.cpp there is lot of trash code like main3 and main4 functions, these do not affect the result. I know that the response stuff in the C++ code is not really good because the connection closing is not the best; I will fix that later now I want to send a success response first. UPDATE: now i tested today a lot again and i find out there is no problem with the socket. I used the fiddler program to capture the the good answer and to capture the bad. They were the same. After this i turned off my socket application, and forced fiddler to auto respond, and the answer from the 'bad' answer still bat. So after that i replaced the bad with the good and nothing happedned. The bad answer with the good text still bad on the :8888 port but the other on the original :80 port was good, but they were absolutly the same and the same program sended it (fiddler) i think there is something missing if the response is not on the same server address (even not the same port). UPDATE: oh my god! i cant send ajax request to a remote server. now i know this.

Read the article
Access JBOSS Tomcat Web Application from Remote Computer

- by Rod

Hi, I just deployed a web application on JBOSS 4.2. It can be accessed locally only (http://localhost:8080/myApp). I cant access it from remote computer by typing its domain: (www.hostname.com:8080/myApp). I added Port 8080 as Exception in Windows Firewall. Note that the host (www.hostname.com) is reachable from remote computers via IIS on port 80. Thanks, Rod

Read the article
Writing to a comet stream using tomcat 6.0

- by user301247

Hey I'm new to java servlets and I am trying to write one that uses comet so that I can create a long polling Ajax request. I can successfully start the stream and perform operations but I can't write anything out. Here is my code: public class CometTestServlet extends HttpServlet implements CometProcessor { /** * */ private static final long serialVersionUID = 1070949541963627977L; private MessageSender messageSender = null; protected ArrayList<HttpServletResponse> connections = new ArrayList<HttpServletResponse>(); public void event(CometEvent cometEvent) throws IOException, ServletException { HttpServletRequest request = cometEvent.getHttpServletRequest(); HttpServletResponse response = cometEvent.getHttpServletResponse(); //final PrintWriter out = response.getWriter(); if (cometEvent.getEventType() == CometEvent.EventType.BEGIN) { PrintWriter writer = response.getWriter(); writer.println("<!doctype html public \"-//w3c//dtd html 4.0 transitional//en\">"); writer.println("<head><title>JSP Chat</title></head><body bgcolor=\"#FFFFFF\">"); writer.println("</body></html>"); writer.flush(); cometEvent.setTimeout(10 * 1000); //cometEvent.close(); } else if (cometEvent.getEventType() == CometEvent.EventType.ERROR) { log("Error for session: " + request.getSession(true).getId()); synchronized(connections) { connections.remove(response); } cometEvent.close(); } else if (cometEvent.getEventType() == CometEvent.EventType.END) { log("End for session: " + request.getSession(true).getId()); synchronized(connections) { connections.remove(response); } PrintWriter writer = response.getWriter(); writer.println("</body></html>"); cometEvent.close(); } else if (cometEvent.getEventType() == CometEvent.EventType.READ) { //handleReadEvent(cometEvent); InputStream is = request.getInputStream(); byte[] buf = new byte[512]; do { int n = is.read(buf); //can throw an IOException if (n > 0) { log("Read " + n + " bytes: " + new String(buf, 0, n) + " for session: " + request.getSession(true).getId()); } else if (n < 0) { //error(cometEvent, request, response); return; } } while (is.available() > 0); } } Any help would be appreciated.

Read the article
Apache + Bind Problems

- by Gabriel

Hello, I am using VirtualMin on Debian-50-lenny-64-LAMP (Debian Linux 5.0). I've upgraded some packages including "bind". Since the upgrade, both Apache and Bind stopped working. Here's the errors I get: Blockquote Starting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 78.46.92.11 for ServerName (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs failed! and Failed to start BIND : Unknown error I am sure that some files were changed after the upgrade and this is a simple problems to solve, but unfortunately, it's the first time I am in this situation and I just couldn't find a solution. I've Googled about the errors but still couldn't make it work. Now I am sorry I did the update. I usually make updates to have the latest versions of the packages that are installed in the server. Any ideas?

Read the article
Apache 410 Gone instructions not working with mod_alias nor mod_rewrite

- by Peter Boughton

Apache 2.2 seems to be ignoring instructions to return a 410 status. This happens for both mod_alias's Redirect (using 410 or gone) and mod_rewrite's RewriteRule (using [G]), being used inside a .htaccess file. This works: Redirect 302 /somewhere /gone But this doesn't: Redirect 410 /somewhere That line is ignored (as if it had been commented) and the request falls through to other rules (which direct it to an unrelated generic error handling script). Similarly, trying to use a RewriteRule with a [G] flag doesn't work, but the same rule rewriting to a script that generates a 410 does - so the rules aren't the problem and it seems instead to be something about 410/gone that isn't behaving. I can workaround it by having a script sending the 410, but that's annoying and I don't get why it's not working. Any ideas?

Read the article
Thoughts on Apache log file sizes?

- by Nathan Long

Do you place any limits on the size of Apache log files - access.log and error.log? Specifically, can you give: Reasons to limit log file sizes Disk space Any other? Reasons NOT to limit log file sizes Research into performance issues or security breaches Any other? Methods of doing so Cron job that periodically deletes the file, or the first N lines? Any other? Anything you might salvage before deleting For example, grep out how many times a file was downloaded before deleting the access logs I'd like get the thoughts of experienced sysadmins before I do anything. (Marking as community wiki since this may be a matter of opinion.)

Read the article
server host name and server ip address redirect (Debian, Apache)

- by Matthias Reisner

I have the following folder structure on my apache! .../var/www/www.x.tt/htdocs .../var/www/www.y.tt/htdocs I have defined a virtual host for each. So if I type in www.x.tt in my browser I get to the www.x.tt site. And the same for www.y.tt. But now my question! If I type in the server address or the server host name I get to the ../var/www directory but I want that the user will be redirected to the www.x.tt site! Do I have to create a new virtual host for this problem or is it also possible only to add a .htaccess Rule?! Thanks!

Read the article
Apache - mod_pagespeed freezes my website

- by Jonathan Rioux

I have installed the mod_pagepseed module for Apache. I am using Debian so I downloaded the .deb file, and installed it successfully. I then configured some filters, and it worked like a charm for some minutes. Then after something like 10 minutes, my website no longer responded to the requests. When I was requesting for my website, it said "Waiting for www.blablabla.com" and I never got the page back from the server. I checked the processes running on my Debian box with top -d 0.5, and nothing eats up the CPU. To make my website responding to requests again, I must do a /etc/init.d/apache2 restart. And then it works again with mod_modspeed applying it's filters for a couple of minutes, and no more response again. How can I diagnose this issue? Is there some other configurations in the mod_pagespeed.conf file that I must set?

Read the article
Apache virtualhost - Mac OSX 10.7.3

- by Rakan

After upgrading to Lion, all my virtualhosts stopped working. They redirect to "It works" main apache page on my device for some weird reason. Example: /etc/hosts: 127.0.0.1 myhost.com <VirtualHost *:80> DocumentRoot "/Library/WebServer/Documents/testproj/" ServerName myhost.com <Directory "/Library/WebServer/Documents/testproj/"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory> ErrorLog "/private/var/log/apache2/testproj-error_log" CustomLog "/private/var/log/apache2/testproj-access_log" common </VirtualHost> Did anyone else face the same issue? How can I fix this?

Read the article
how can i use apache log files to recreate usage scenario

- by daigorocub

Recently i installed a website that had too many requests and it was too slow. Many improvements have been made to the web site code and we've also bought a new server. I want to test the new server with exactly the same requests that made the old server slow. After that, i will double the requests, make new tests and so on. These requests are logged in the apache log files. So, I can parse those files and make some kind of script to make the same requests. Of course, in this case, the requests will be made only by my computer against the server, but hey, better than nothing. Questions: - is there some app that does this already? - would you use wget? ab? python script? Thanks!

Read the article
apache returning "The connection was reset"

- by usjes

One of my dedicated servers had some network issue today and the data center has to replace some router. Since then the sites on that server returns "The connection was reset" error most of the time. I tried installing nginx and it opens better, but it still shows the error sometimes. Everything in the config seems normal, what could be causing this error? UPDATE: Just noticed that in whm apache status there are always only 1 requests currently being processed, 8 idle workers. I know for sure the server received thousands of requests per minute. What could be limiting this to such a low number?

Read the article
How to make Apache Common Logging Write to Specific Disc Log File

- by Yan Cheng CHEOK

I am using Apache Common Logging in Desktop Application. private static final Log log = LogFactory.getLog(Utils.class); How can I direct, Apache Common Logging to write to disc log file, when I perform log.error(null, exp); Thanks.

Read the article
Webmin apache on CentOS 6.3 results in 403 forbidden, permissions are OK

- by Mario De Schaepmeester

First of all, I will mention that the permissions are fine for the document root directory, which is /webapps/nimbus/www/public_html The www directory contains a PHP application. PHP is a problem for later if it doesn't work, as I've tested it with a plain html file (does not work either) I just get 403 forbidden responses. The permissions are 755 on webapps and all subdirectories. I've checked other questions here and on the internet, but it was all about those permissions. Whatever info you still need, just ask, I don't know what's relevant as it's the first time ever I'm using webmin or configuring apache.

Read the article
W3c Markup Validator on Windows 2003 with Apache

- by rihatum

Hi All, OS = Windows 2003 (latest sp / hotfixes etc) Perl = Active Perl 5.8.9 Build 825 Apache 2.2.11 Followed the following How-To: http://validator.w3.org/docs/install_win.html Facing the following errors : (had an html error too, but I used Perl Package manager to upgrade the required package. Now, the Package manager isn't showing any update of the following package and some others too : SGML::Parser::OpenSP version 0.991 required--this is only version 0.99 at C:/www/validator/httpd/cgi-bin/check line 61. Q : How can I download the latest package for OpenSP ? Q : Would It be just a matter of click and install the package? If someone can provide a step by step that would be very helpful, I am not fluent with building perl packages. Thanks and Regards

Read the article
Apache will not start after IP change

- by Doron

I'm running CentOS 5.8 and I had to change my server's IP address. Afterwards, I'm unable start Apache. I am also running virtualmin. The error I'm receiving is: Failed to start service Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 184.106.146.125 for ServerName (99) Cannot assign requested address: make_sock: could not bind to address 50.56.33.100:8080 no listening sockets available, shutting down Unable to open logs I edited my httpd.conf to point to the new IP address like such: #Listen 12.34.56.78:80 Listen 184.106.146.125:80 And looking at the error it still seems to be referring to the old ip address (50.*).

Read the article
Secure Apache PHP vhost configuration

- by jsimmons

I'm looking to secure some websites running under apache using suexec. At the moment php is executed with the user/group of the file being executed. This seems to me, not secure enough. It stops vhosts interfering with each other, but does not stop malicious code writing anywhere in the vhost being used. I was thinking that a possibility would be to run scripts as nobody/vhost group, that way the vhost user could still have full access to the vhost directories, but executing php would only be able to write to files with g+w, and to execute files with g+x. This I think should stop arbitrary writing in the web dir from compromised php. Just wondering if this is crazy, ridiculous, stupid? Of course this would be done on top of existing security measures.

Read the article

< Previous Page | 154 155 156 157 158 159 160 161 162 163 164 165 | Next Page >