Search Results

Search found 7082 results on 284 pages for 'trs 80'.

Page 159/284 | < Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >

• Apache AliasMatch and DirectoryMatch not working?

  - by Alex

  I have the following config - please notice the Alias and Directory equivalent -- uncommented they work as expected but the dynamic/regex based versions don't - any ideas??? <VirtualHost *:80> ServerName temp.dev.local ServerAlias temp.dev.local DocumentRoot "C:\wamp\www\temp\public" <Directory "C:\wamp\www\temp\public"> AllowOverride all Order Allow,Deny Allow from all </Directory> # Alias /private/application/core/page/assets/images/ "C:/wamp/www/temp/private/application/core/page/assets/images/" # <Directory "C:/wamp/www/temp/private/application/core/page/assets/images/"> AliasMatch ^/private/application/(.*)/(.*)/assets/images/ /private/application/$1/$2/assets/images/ <DirectoryMatch "^/private/application/(.*)/(.*)/assets/images/"> Options Indexes FollowSymlinks MultiViews Includes AllowOverride None Order allow,deny Allow from all </DirectoryMatch> </VirtualHost>

  Read the article

• php server settings for restrict post queries

  - by Korjavin Ivan

  I have php script on hosting, which receive big data with ajax/post. Just now, after some works on hosting, I see that script is broken. I checked with curl: file temp1: user_avatar=&user_baner=&user_sig=.... 237 chars total, and curl -H "X-Requested-With: XMLHttpRequest" -X POST --data @temp1 'http://host/mypage.php' works perfect. But with file temp2: name=%D0%9C%D0%B5%D0%B1%%B5%D0%BB%D1%8C%D0%A4%%B0%D0%B1%D1%80%D0%B8%D0%BA%D1%8A&user_payed=0000-00-00&...positions%5B5231%5D=on total chars: 65563 curl -H "X-Requested-With: XMLHttpRequest" -X POST --data @temp2 'http://host/mypage.php' curl return nothing. Looks like a problem with apache/php/php.ini or something like that. I check .htaccess php_value post_max_size 20M Which other parameters I should check? Is it possible that %BO encode kill php/apache? Or total number of parameters (about 2800) ?

  Read the article

• How to set up Windows server 2008 to receive email?

  - by Saul

  First off apologies, I'm from a medical background not a networking one, but I've got roped into setting up a windows 2008 server. So far web server running, fixed IP address assigned (within a large private network of the National Health Service in the UK if that makes any difference) and the network team have assigned a DNS entry for me which works, so the server can be addressed as nww.myserver.nhs.uk I've only got ports open on the router for 80 and 443 (http and https) at the moment, so presume I need a different port to enable email services. My need is to be able to accept an email to the domain name like [email protected] in order to pick up a confirmation mail from an SSL issuer (Comodo) I guess to confirm that I control the domain. After that I don't actually need mail services on the server. I see lots of stuff about setting up SMTP services but thought that was about mail out and re-routing, but how do you get the server to "listen" for mail to the domain (assuming I open port xyz or whatever it is) ?

  Read the article

• nginx redirect TLD to TLD with virtual folder (example.com => example.com/test)

  - by Amund

  Im running nginx and in the config file I need to always have the domain example.com redirect to example.com/test. I tried various methods for achieving this but I always got a redirect error. What is the correct way to do this? nginx.conf snippet: server { server_name example.com www.example.com; location / { rewrite ^.+ /test permanent; } } server { listen 80; server_name www.example.com example.com; location / { root /var/www/apps/example/current/public; passenger_enabled on; rails_env production; } } Thanks!

  Read the article

• Nginx reverse proxy + URL rewrite

  - by jeffreyveon

  Nginx is running on port 80, and I'm using it to reverse proxy URLs with path /foo to port 3200 this way: location /foo { proxy_pass http://localhost:3200; proxy_redirect off; proxy_set_header Host $host; } This works fine, but I have an application on port 3200, for which I don't want the initial /foo to be sent to. That is - when I access http://localhost/foo/bar, I want only /bar to be the path as received by the app. So I tried adding this line: rewrite ^(.*)foo(.*)$ http://localhost:3200/$2 permanent; This causes 302 redirect (change in URL), but I want 301. What should I do?

  Read the article

• Encrypt LAN and wifi traffic on small private network

  - by Grimlockz

  I need some advice about encrypt all traffic on a small private network running wi-fi and LAN traffic on 192.168.0.x network. The network would comprise of client laptops connecting to the wi-fi router (192.168.0.254) via ethernet connection or wireless. The main purpose of the server is for the client laptops to talk to two servers on different IP's (192.168.0.200 and 192.168.0.201) on ports 80 and 433. My main concern is having packet sniffers and what not getting access to the data. The only ways I see at the moment is to have VPN running on the network or use IPSec policy's to do this. Any other ways guys?

  Read the article

• nginx is not using gzip to talk to backend servers

  - by Michael Gorsuch

  Our web servers are running IIS 7 and are configured to compress dynamic and static content. When I hit these servers directly, gzip compression works. I recently placed nginx in front of them, and gzip compression has stopped. I was able to work around this by explicitly enabling gzip compression on nginx itself, but that seems a little inefficient considering I have half a dozen backends and only one active nginx box. It appears that nginx is stripping out the Accept-Encoding header. Does anyone have any advice for how to 'correct' this behavior? A sample configuration: upstream backend { server 127.0.0.1:8080; } server { listen 80; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { proxy_pass http://backend; } }

  Read the article

• Apache: Setting up a reverse proxy configuration with SSL with url rewriting

  - by user1172468

  There is a host: secure.foo.com that exposes a webservice using https I want to create a reverse proxy using Apache that maps a local http port on a server internal.bar.com to the https service exposed by secure.foo.com Since it a web service I need to map all urls so that a path: https://secure.foo.com/some/path/123 is accessible by going to: http://internal.bar.com/some/path/123 Thanks. I've gotten this far: <VirtualHost *:80> ServerName gnip.measr.com SSLProxyEngine On ProxyPass / https://internal.bar.com/ </VirtualHost> I think this is working except for the url rewriting. Some resources I've found on this are: Setting up a complex Apache reverse proxy Apache as reverse proxy for https server

  Read the article

• wsgi - narrow user permissions.

  - by Tomasz Wysocki

  I have following Apache configuration and my application is working fine: <VirtualHost *:80> ServerName ig-test.example.com WSGIScriptAlias / /home/ig-test/src/repository/django.wsgi WSGIDaemonProcess ig-test user=ig-test </VirtualHost> But I want to protect my files from other users, so I do: chown ig-test /home/ig-test/ -R chmod og-rwx /home/ig-test/ -R And application stops working: (13)Permission denied: /home/ig-test/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable Is it possible to achieve what i'm doing with wsgi? If I have to give read permissions to some files it will be fine. But there are files I have to protect (like file with DB configuration or business logic of application).

  Read the article

• Apache rewrite redirect to https and www

  - by Jo Erlang

  I need to get mod_rewrite to do the following http://abc.com -> https://www.abc.com https://abc.com/login -> https://www.abc.com/login http://www.abc.com?x=3 -> https://www.abc.com?x=3 https://abc.com/login?x=1 -> https://www.abc.com/login?x=1 http://www.abc.com/login?x=3 -> https://www.abc.com/login I have the following, in my abc.com.conf vhost file but its not work correctly <VirtualHost *:80> ServerName abc.com ServerAlias www.abc.com RewriteCond %{HTTP_HOST} ^abc\.com RewriteRule ^(.*)$ https://www.abc.com/$1 [R=permanent,L] RewriteCond %{HTTPS} off RewriteRule (.*) https://www.abc.com/%{REQUEST_URI} </VirtualHost> <VirtualHost *:443> ServerName abc.com ServerAlias www.abc.com RewriteCond %{HTTP_HOST} ^abc\.com RewriteRule ^(.*)$ https://www.abc.com/$1 [R=permanent,L] </VirtualHost> Can anyone help me out on the rest? [edited to clarify]

  Read the article

• Mac won't boot into safe mode

  - by Stephen

  Mac boots fine normally, except when in safe mode. Holding down shift when booting gets me to the progress bar on the grey screen. Progress bar gets about half way before mac reboots. I modified nvram boot-args to get a better look: sudo nvram boot-args="-x -v" It definitely gets through fsck, skips loading kernel extensions (since it's in safe mode), does something with the network interfaces, then this is the last thing it wips through... Aug 22 11:56:21 Crockpot com.apple.SecurityServer[15]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/UserEventAgent' [10] for authorization created by '/usr/libexec/UserEventAgent' [10] (100012,0) Aug 22 11:56:22 Crockpot fseventsd[37]: event logs in /.fseventsd out of sync with volume. destroying old logs. (1 174 330) Aug 22 11:56:22 Crockpot fseventsd[37]: log dir: /.fseventsd getting new uuid: 5C379650-26FA-428F-B81F-4FE4349D50B3 Aug 22 11:56:23 Crockpot mDNSResponder[39]: mDNSResponder mDNSResponder-379.27 (Jun 20 2012 15:40:55) starting OSXVers 12 Aug 22 11:56:23 Crockpot systemkeychain[35]: done file: /var/run/systemkeychaincheck.done Aug 22 11:56:23 Crockpot configd[17]: network changed: DNS* Aug 22 11:56:24 --- last message repeated 1 time --- Aug 22 11:56:24 Crockpot mDNSResponder[39]: D2D_IPC: Loaded Aug 22 11:56:24 Crockpot mDNSResponder[39]: D2DInitialize succeeded Aug 22 11:56:24 Crockpot mDNSResponder[39]: Adding registration domain 273025955.members.btmm.icloud.com. Aug 22 11:56:24 Crockpot kernel[0]: MacAuthEvent en1 Auth result for: 00:23:69:35:dc:fe MAC AUTH succeeded Aug 22 11:56:24 Crockpot kernel[0]: MacAuthEvent en1 Auth result for: 00:23:69:35:dc:fe Unsolicited Auth Aug 22 11:56:24 Crockpot kernel[0]: wlEvent: en1 en1 Link UP virtIf = 0 Aug 22 11:56:24 Crockpot kernel[0]: AirPort: Link Up on en1 Aug 22 11:56:24 Crockpot kernel[0]: en1: BSSID changed to 00:23:69:35:dc:fe Aug 22 11:56:24 Crockpot kernel[0]: en1::IO80211Interface::postMessage bssid changed Aug 22 11:56:24 Crockpot kernel[0]: AirPort: RSN handshake complete on en1 Aug 22 11:56:25 Crockpot cfprefsd[19]: CFPreferences failed to read preferences data. Errno was 21 Aug 22 11:56:25 --- last message repeated 1 time --- Aug 22 11:56:25 Crockpot airportd[30]: _doAutoJoin: Already associated to “burnum”. Bailing on auto-join. Aug 22 11:56:25 Crockpot com.apple.kextd[11]: Can't load IOBluetoothSerialManager.kext - ineligible during safe boot. Aug 22 11:56:25 Crockpot com.apple.kextd[11]: Load com.apple.iokit.IOBluetoothSerialManager failed; removing personalities from kernel. Aug 22 11:56:25 Crockpot cfprefsd[19]: CFPreferences: error renaming file blued.plist.HXuEmQn to blued.plist. Aug 22 11:56:27 Crockpot awacsd[52]: Starting awacsd connectivity-77 (Jun 20 2012 15:40:49) Aug 22 11:56:27 Crockpot com.apple.SecurityServer[15]: Succeeded authorizing right 'system.services.systemconfiguration.network' by client '/System/Library/Frameworks/SystemConfiguration.framework/Versions/A/Resources/SCHelper' [54] for authorization created by '/usr/sbin/awacsd' [52] (100003,0) Aug 22 11:56:27 --- last message repeated 1 time --- Aug 22 11:56:27 Crockpot awacsd[52]: Configuring lazy AWACS client: 273025955.p04.members.btmm.icloud.com. Aug 22 11:56:28 Crockpot apsd[55]: CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102) Aug 22 11:56:32 --- last message repeated 1 time --- Aug 22 11:56:32 Crockpot awacsd[52]: KV HTTP 0 Aug 22 11:56:38 --- last message repeated 1 time --- Aug 22 11:56:38 Crockpot apsd[55]: CGSLookupServerRootPort: Failed to look up the port for "com.apple.windowserver.active" (1102) Aug 22 11:56:47 Crockpot awacsd[52]: KV HTTP 0 Aug 22 11:56:49 Crockpot configd[17]: subnet_route: write routing socket failed, Network is unreachable Aug 22 11:56:51 Crockpot configd[17]: network changed: v4(en1+:169.254.80.161) DNS* Proxy+ SMB Aug 22 11:56:51 Crockpot UserEventAgent[10]: Captive: en1: Not probing 'burnum' (protected network) Aug 22 11:56:51 Crockpot configd[17]: network changed: v4(en1:169.254.80.161) DNS Proxy SMB Aug 22 11:57:07 Crockpot awacsd[52]: KV HTTP 0 Aug 22 11:57:23 Crockpot fseventsd[37]: Logging disabled completely for device:1: /Volumes/Recovery HD Aug 22 11:57:25 Crockpot kernel[0]: Kext loading now disabled. Aug 22 11:57:25 Crockpot kernel[0]: Kext unloading now disabled. Aug 22 11:57:25 Crockpot mDNSResponder[39]: mDNSResponder mDNSResponder-379.27 (Jun 20 2012 15:40:55) stopping Aug 22 11:57:25 Crockpot com.apple.SecurityServer[15]: Killing auth hosts Aug 22 11:57:25 Crockpot UserEventAgent[10]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Aug 22 11:57:25 Crockpot configd[17]: dnssd_clientstub read_all(26) failed 0/28 0 Aug 22 11:57:25 Crockpot configd[17]: [0x7fb025119ff0] SCNetworkReachability _llq_callback w/error=-65563 Aug 22 11:57:25 Crockpot UserEventAgent[10]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Aug 22 11:57:25 Crockpot mDNSResponder[39]: D2D_IPC: Terminated Aug 22 11:57:25 Crockpot mDNSResponder[39]: D2DTerminate succeeded Aug 22 11:57:25 Crockpot awacsd[52]: dnssd_clientstub read_all(4) failed 0/28 0 Aug 22 11:57:25 Crockpot UserEventAgent[10]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Aug 22 11:57:25 --- last message repeated 2 times --- Aug 22 11:57:25 Crockpot apsd[55]: dnssd_clientstub read_all(4) failed 0/28 0 Aug 22 11:57:25 Crockpot configd[17]: SCNC: stop, triggered by configd, type PPPSerial, reason Terminated All Aug 22 11:57:25 Crockpot configd[17]: _d2dCallback: D2D connection to mDNSResponder lost Aug 22 11:57:25 Crockpot UserEventAgent[10]: dnssd_clientstub DNSServiceProcessResult called with DNSServiceRef with no ProcessReply function Aug 22 11:57:25 --- last message repeated 4 times --- Aug 22 11:57:25 Crockpot kernel[0]: Kext autounloading now disabled. Aug 22 11:57:25 Crockpot kernel[0]: Kernel requests now disabled. ... before rebooting in the middle of the safe mode startup sequence. Aug 22 12:01:10 localhost bootlog[0]: BOOT_TIME 1345662070 0 Aug 22 12:01:32 localhost kernel[0]: PMAP: PCID enabled Aug 22 12:01:32 localhost kernel[0]: Darwin Kernel Version 12.0.0: Sun Jun 24 23:00:16 PDT 2012; root:xnu-2050.7.9~1/RELEASE_X86_64 Any ideas what's causing the safe mode boot to fail? System Info MacBook Pro 8,2 2.2 Ghz Core i7 4 GM Ram Mountain Lion 10.8 500GB TOSHIBA MK5065GSXF Serial-ATA rotational disk

  Read the article

• Apache in front of tomcat on Railo proxy with ajp

  - by user1468116

  I'm trying to setup apache in front of the tomcat embedded in railo. I have this settings: <VirtualHost *:80> DocumentRoot "/var/www/myapp" ServerName www.myapp.test ServerAlias www.myapp.test ProxyRequests Off ProxyPass /app ! <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPassReverse / ajp://%{HTTP_HOST}:8009/ RewriteEngine On # If it's a CFML (*.cfc or *.cfm) request, just proxy it to Tomcat: RewriteRule ^(.+\.cf[cm])(/.*)?$ ajp://%{HTTP_HOST}:8009/$1$2 [P] My server.xml : <Host name="www.myapp.test" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Context path="" docBase="/var/www/myapp" /> <Alias>myapp.test</Alias> </Host> The index is loaded, but if I try to load some internal page I got: The proxy server could not handle the request GET /report/myreportname. Reason: DNS lookup failure for: localhost:8009report Could you help me?

  Read the article

• Java application server behind IIS 7.5 on Windows Server 2008

  - by perissf

  I have a Java application server (GlassFish, indeed, but the problem is the same for any other application server, I guess), running on port 8080. And I have IIS 7.5 listening on port 80 as by default configuration. I want to avoid people typing the port because it's unprofessional. So I want that when somebody types http://myserver the traffic is directed to IIS. And this is how it already works now. But I also want that when somebody types http://myserver/java the traffic is directed to port 8080 and consequently my GlassFish splash screen is displayed. If I have deployed an application on GlassFish under context root app1, typing http://myserver/java/app1 should access the application. How can I do this? I have tried with adding some rules with the URL Rewrite utility from IIS7.5 UI, but this shows the port after the rule has rewritten the url, and I want to avoid it.

  Read the article

• 802.11 Capture Frame

  - by ALi

  I am using wireshark in monitor mode to capture all the frame. I buffered all the QosData in order to calculate the biterate of each station on the network. I calculate the biterate but it is not an accurate value. what i need to know is when the station use the network alone and when it uses it with another station? i know if two station with different wifi card for exemple ( st1 802.11g 54 Mb/s, st2 802.11n 300 Mb/s) if st1 uses alone the line the biterate used is 28 MB/s and if st2 uses alone the network the bit rate increase to approximately 150Mb/s but if the two station use the network at the same time the st1 lost about 80% of its bit rate because of the st1 wifi card thx in advance

  Read the article

• SNMPD timeout yet netcat shows port as open

  - by Kirill Gordeenko

  SNMPD config (I have this config working on a different server): com2sec readonly default public group MyROGroup v1 readonly group MyROGroup v2c readonly group MyROGroup usm readonly view all included .1 80 access MyROGroup "" any noauth exact all none none syslocation <LOCATION> syscontact <CONTACT> When I check the port from remote machine: » nc -zvu xx.xx.xx.xx 161 Connection to xx.xx.xx.xx 161 port [udp/snmp] succeeded! This also works locally (I get all the right stats): snmpwalk -v 2c -c public localhost Yet when I try same command locally or remotely with external IP: Timeout: No Response from xx.xx.xx.xx IPTables are disabled on both machines. /etc/sysconfig/snmpd looks like this: OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid" -a /etc/default/snmpd is empty.

  Read the article

• Configuring a Unified Communications Certificate for many virtual hosts running in Jetty

  - by rrc7cz

  I have a single IP with Jetty serving up X sites on port 80. Basically you can sign up for our service, then point your domain www.mycompany.com to that IP, and Jetty will serve up your custom site. I would like to add SSL support for all sites. To simplify things, I've looked at getting a single Unified Communications Certificate to plug into Jetty and have it work for all sites. Is this possible? Has anyone done this before? Does Jetty only support traditional, single-domain certs? What issues might I run in to compared to a single-domain cert?

  Read the article

• .htaccess https redirect best method

  - by Douglas Cottrell

  I have searched through all the redirects posted buy others and cant quite find the answer to my problem. I have a website with over 3000 pages and we are getting duplication issues within google. We want to keep everything in the parent directory to be http except our contact.php and login.php page. We then have 3 folders that must be secured. admin, clients, customers I have tried using the following code in seperate .htaccess files for each folder, but I keep getting a conflict when I try and I am still trying to find a good solution for the home directory. RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} admin RewriteRule ^(.*)$ https://www.website.com/$1 [R,L] Any help would be greatly appreciated.

  Read the article

• nginx: php-fastcgi running but php files not executing

  - by Daniel

  I have recently set up a nginx server with PHP running as FastCGI process. The server is running with HTML files however PHP files are downloading instead of displaying and PHP code is not processed. This is what I have in nginx.conf: server { listen 80; server_name pubserver; location ~ \.php$ { root /usr/share/nginx/html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name; include fastcgi_params; } } The command netstat -tulpn | grep :9000 displays the following which indicates php-fastcgi is running and listening on port 9000: tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 2663/php-cgi If it's if any importance my server is running on CentOS 6 and I installed nginx and PHP using the repositories from The Fedora Project.

  Read the article

• Limit HTTP VERBS on Apache2

  - by user72295

  I am trying to limit the use of certain HTTP verbs on my site. I entered the following into my VirtualHost config file within the Directory element: <Limit GET POST HEAD> Allow from all </Limit> <Limit PUT DELETE OPTIONS> Deny from all </Limit> This seemed to work but with unexpected results: I ran the following telnet/HTTP commands before and after this change, open server 80 OPTIONS server/abs_path HTTP/1.1 User-Agent: Telnet/1.0 Host: server before the change I received a successful response with the Allowed headers. After the change, however, I was expecting to receive a 405 'Method not allowed' response but rather I received a 403 'Access Forbidden' response. What do I need to change in apache to return the 405 HTTP response? Many thanks

  Read the article

• Different Apache log file for each subdomain?

  - by consolibyte

  Is it possible to configure Apache to use a different log file for each subdomain, even if all of the subdomains are within the same VirtualHost container? So, I have only one VirtualHost: <VirtualHost *:80> ServerName example.com ServerAlias test1.example.com test2.example.com test3.example.com </VirtualHost> And I want to end up with the following log files: /var/log/httpd-access_test1.log /var/log/httpd-access_test2.log /var/log/httpd-access_test3.log I know I can probably do this with a custom log format and split-logs, but I was wondering if there's a way to just have Apache do it for me.

  Read the article

• mod_proxy failing as forward proxy in simple configuration

  - by Stabledog

  (On Mac OS X 10.6, Apache 2.2.11) Following the oft-repeated googled advice, I've set up mod_proxy on my Mac to act as a forward proxy for http requests. My httpd.conf contains this: <IfModule mod_proxy> ProxyRequests On ProxyVia On <Proxy *> Allow from all </Proxy> (Yes, I realize that's not ideal, but I'm behind a firewall trying to figure out why the thing doesn't work at all) So, when I point my browser's proxy settings to the local server (ip_address:80), here's what happens: I browse to http://www.cnn.com I see via sniffer that this is sent to Apache on the Mac Apache responds with its default home page ("It works!" is all this page says) So... Apache is not doing as expected -- it is not forwarding my browser's request out onto the Internet to cnn. Nothing in the logfile indicates an error or problem, and Apache returns a 200 header to the browser. Clearly there is some very basic configuration step I'm not understanding... but what?

  Read the article

• File and Printer Sharing Port issue in Windows 7 64 bit

  - by Mohit

  So, This is totally weird and I could not find any way to fix it. In simple words after the diagnosis this what is happening. On a windows 7 64 bit box, Whenever I am trying to access a server using file share. It is trying to connect to port 80 http on the place of 445. I observed that using WireShark. Telnet to 445 works. Any clue how to fix this. Scanned the machine using Malware bytes, Symantec and MS live essentials . I dont want to recreate the whole machine again. Please help me here. Regards Mohit Thakral

  Read the article

• FreeBSD high load loopback interface

  - by user1740915

  I have a problem with a FreeBSD server. There is a FreeBSD 9.0 amd64, two network cards em1 (internet), em0 (local network) configured firewall ipfw, natd, squid (not transparent), the server acts as a gateway for access to the Internet. Next problem: upload via squid is very low. At this moment I see next: natd, dhcpd load the cpu at that time when uploading through squid and there are a lot of traffic through the loopback interface. ipfw show output 0100 655389684 36707144666 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00400 0 0 deny ip from any to ::1 00500 0 0 deny ip from ::1 to any 00600 4 292 allow ipv6-icmp from :: to ff02::/16 00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 1 76 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1 01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136 01100 1615 76160 deny ip from 192.168.1.1 to any in via em1 01200 0 0 deny ip from 199.69.99.11 to any in via em0 01300 46652 3705426 deny ip from any to 172.16.0.0/12 via em1 01400 3936404 345618870 deny ip from any to 192.168.0.0/16 via em1 01500 4 336 deny ip from any to 0.0.0.0/8 via em1 01600 4129 387621 deny ip from any to 169.254.0.0/16 via em1 01700 0 0 deny ip from any to 192.0.2.0/24 via em1 01800 917566 33777571 deny ip from any to 224.0.0.0/4 via em1 01900 147872 22029252 deny ip from any to 240.0.0.0/4 via em1 02000 1132194739 1190981955947 divert 8668 ip4 from any to any via em1 02100 3 248 deny ip from 172.16.0.0/12 to any via em1 02200 35925 2281289 deny ip from 192.168.0.0/16 to any via em1 02300 1808 122494 deny ip from 0.0.0.0/8 to any via em1 02400 3 174 deny ip from 169.254.0.0/16 to any via em1 02500 0 0 deny ip from 192.0.2.0/24 to any via em1 02600 0 0 deny ip from 224.0.0.0/4 to any via em1 02700 0 0 deny ip from 240.0.0.0/4 to any via em1 02800 960156249 1095316736582 allow tcp from any to any established 02900 64236062 8243196577 allow ip from any to any frag 03000 34 1756 allow tcp from any to me dst-port 25 setup 03100 193 11580 allow tcp from any to me dst-port 53 setup 03200 63 4222 allow udp from any to me dst-port 53 03300 64 8350 allow udp from me 53 to any 03400 417 24140 allow tcp from any to me dst-port 80 setup 03500 211 10472 allow ip from any to me dst-port 3389 setup 05300 77 4488 allow ip from any to me dst-port 1723 setup 05400 3 156 allow ip from any to me dst-port 8443 setup 05500 9882 590596 allow tcp from any to me dst-port 22 setup 05600 1 60 allow ip from any to me dst-port 2000 setup 05700 0 0 allow ip from any to me dst-port 2201 setup 07400 4241779 216690096 deny log logamount 1000 ip4 from any to any in via em1 setup proto tcp 07500 21135656 1048824936 allow tcp from any to any setup 07600 474447 35298081 allow udp from me to any dst-port 53 keep-state 07700 532 40612 allow udp from me to any dst-port 123 keep-state 65535 1990638432 1122305322718 allow ip from any to any systat -ifstat when uploading via squid Load Average ||| Interface Traffic Peak Total tun0 in 79.507 KB/s 232.479 KB/s 42.314 GB out 2.022 MB/s 2.424 MB/s 59.662 GB lo0 in 4.450 MB/s 4.450 MB/s 43.723 GB out 4.450 MB/s 4.450 MB/s 43.723 GB em1 in 2.629 MB/s 2.982 MB/s 464.533 GB out 2.493 MB/s 2.875 MB/s 484.673 GB em0 in 240.458 KB/s 296.941 KB/s 442.368 GB out 512.508 KB/s 850.857 KB/s 416.122 GB top output PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 66885 root 1 92 0 26672K 2784K CPU3 3 528:43 65.48% natd 9160 dhcpd 1 45 0 31032K 9280K CPU1 1 7:40 32.96% dhcpd 66455 root 1 20 0 18344K 2856K select 1 119:27 1.37% openvpn 16043 squid 1 20 0 44404K 17884K kqread 2 0:22 0.29% squid squid.conf cat /usr/local/etc/squid/squid.conf # # Recommended minimum configuration: # acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy http_access deny all # Squid normally listens to port 3128 http_port 192.168.1.1:3128 # Uncomment and adjust the following to add a disk cache directory. #cache_dir ufs /var/squid/cache 100 16 256 # Leave coredumps in the first cache dir coredump_dir /var/squid/cache I understand that the traffic passes through the SQUID several times. But can not find why.

  Read the article

• suphp how disable ls /

  - by Pol Hallen

  Using suphp, I set a php.ini to every virtual host. In php.ini I also setted: open_basedir = /home/site1 php script runs, but if I ve a script with ls / I can see whole root directory. How can disable this hole security? <VirtualHost *:80> ServerName site1 ServerAlias www.site1.com DirectoryIndex index.html index.htm DocumentRoot /home/site1/ suPHP_Engine on AddHandler x-httpd-php .php .php3 .php4 .php5 suPHP_AddHandler x-httpd-php # THIS READ php.ini suPHP_ConfigPath /home/site1/ <Directory /home/site1/> Options -Includes -Indexes -FollowSymLinks -ExecCGI -MultiViews AllowOverride none Order allow,deny Allow from all </Directory> </VirtualHost>

  Read the article

• Apache NameVirtualHost on port 443 ignores ServerAlias

  - by Ryan

  I've got a name-based virtual host setup on port 443 such that requests on host 'apple.fruitdomain' are proxied to the apple-app and requests on host 'orange.fruitdomain' are proxied to orange-app. This is working, but I'd like to add a ServerAlias for each such that requests on host 'apple' are proxied to apple-app and requests on host 'orange' are proxied to the orange-app. If I simply add a ServerAlias directive to the virtual host it doesn't work. ssl.conf below: Listen 443 NameVirtualHost *:443 <VirtualHost *:443> ServerName apple.fruitdomain ServerAlias apple SSLProxyEngine on ProxyPass /apple-app https://localhost:8181/apple-app ProxyPassReverse /apple-app https://localhost:8181/apple-app ... </VirtualHost> <VirtualHost *:443> ServerName orange.fruitdomain ServerAlias orange SSLProxyEngine on ProxyPass /orange-app https://localhost:8181/orange-app ProxyPassReverse /orange-app https://localhost:8181/orange-app ... </VirtualHost> Interestingly if I do a similar setup but with port 80 then the ServerAlias works...

  Read the article

< Previous Page | 155 156 157 158 159 160 161 162 163 164 165 166  | Next Page >