Search Results

Search found 2407 results on 97 pages for 'mod jk'.

Page 34/97 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41 | Next Page >

Apache: redirect to https before AUTH for server-status

- by Putnik

I want to force https and basic auth for server-status output (mod_status). If I enable auth and user asks for http://site/server-status apache first asks for pass, then redirects to httpS, then asks for pass again. This question is similar to Apache - Redirect to https before AUTH and force https with apache before .htpasswd but I cannot get it work because we are speaking not about generic folder but Location structure. My config (shortly) is as follows: <Location /server-status> SSLRequireSSL <IfModule mod_rewrite.c> RewriteEngine on RewriteBase /server-status RewriteCond %{HTTPS} off RewriteCond %{SERVER_PORT} 80 RewriteRule ^ - [E=nossl] RewriteRule (.*) https://site/server-status} [R=301,L] </IfModule> SetHandler server-status Order deny,allow Deny from all Allow from localhost ip6-localhost Allow from 1.2.3.0/24 Allow from env=nossl AuthUserFile /etc/httpd/status-htpasswd AuthName "Password protected" AuthType Basic Require valid-user Satisfy any </Location> I assume Allow from env=nossl should allow everyone with RewriteCond %{HTTPS} off and server port 80, then force it to redirect but it does not work. Please note, I do not want force to SSL the whole site but /server-status only. If it matters the server has several sites. What am I doing wrong? Thank you.

Read the article
HOw to secure whm/cpanel centos server from javascript malacious code virus

- by Master

Recently my sites index.php code was replaced some malacious javascript virus code. I really don't know how did that entered into that page. Today when i tried to download that file via ftp then antivirus gave me the warning. So it means it was not entered from my computer. Is there any way to install some antivirus on VPS server with centos 5 , cpanel/whm so that those code should not be allowed to add. also what is mod_security . will it be helpful.

Read the article
RewriteRule Works With "Match Everything" Pattern But Not Directory Pattern

- by kgrote

I'm trying to redirect newsletter URLs from my local server to an Amazon S3 bucket. So I want to redirect from: https://mysite.com/assets/img/newsletter/Jan12_Newsletter.html to: https://s3.amazonaws.com/mybucket/newsletters/legacy/Jan12_Newsletter.html Here's the first part of my rule: RewriteEngine On RewriteBase / # Is it in the newsletters directory RewriteCond %{REQUEST_URI} ^(/assets/img/newsletter/)(.+) [NC] # Is not a 2008-2011 newsletter RewriteCond %{REQUEST_URI} !(.+)(11|10|09|08)_Newsletter.html$ [NC] ## -> RewriteRule to S3 Here <- ## If I use this RewriteRule to point to the new subdirectory on S3 it will NOT redirect: RewriteRule ^(/assets/img/newsletter/)(.+) https://s3.amazonaws.com/mybucket/newsletters/legacy/$2 [R=301,L] However if I use a blanket expression to capture the entire file path it WILL redirect: RewriteRule ^(.*)$ https://s3.amazonaws.com/mybucket/newsletters/legacy/$1 [R=301,L] Why does it only work with a "match everything" expression but not a more specific expression?

Read the article
Apache inflate application/ with mod_filter

- by BGT

I need to prevent pdf objects from being gzipped. Really, this only needs to take place if the request is from the Mozilla browser (but since I can't get something as seemingly simple as no-gzip for application/pdf, I figure it's wiser to start there). From looking at the apache documentation on mod_filter, I've got the following: <Location /> FilterDeclare gzipDeflate CONTENT_SET FilterDeclare gzipInflate CONTENT_SET FilterProvider gzipDeflate deflate req=User-Agent $Mozilla/ FilterProvider gzipInflate inflate resp=Content-Type $application/ FilterChain +gzipDeflate +gzipInflate </Location> From my testing, the gzipDeflate filter is doing its job and all the pages without the Content-Type starting with application are being gzipped. But, the gzipInflate doesn't seem to be working at all. I've inspected the response in Firebug and verified that the Content-Type being sent down is application/pdf. I'll go ahead and ask a potentially stupid question though: The response's Content-Type header in its entirety read "application/pdf; charset=Windows-1252". Does that make any sort of difference or is $application/ presumably enough to catch that? Any help is greatly appreciated. One other point, the URL that returns the pdf object does not have the .pdf extension. The pdf itself is stored in an Oracle database as a blob and appended to the page when appropriate (all the urls in the system use the same baseline). This was part of an original inquiry by a helpful member at stackoverflow who pointed me towards mod_filter and suggested I post the question here.

Read the article
Apache SSL for login and NON-SSL for everything else (.htacces)

- by The Devil

Hey I've almost figured it out on my own but there's something I'm missing. I want to set a couple of directories and files to require SSL and everything else that's not related to those files and dirs to point back to http. So far I have this: RewriteEngine on RewriteBase / # Force ssl for login & admin RewriteCond %{HTTPS} !on RewriteRule ^/?(admin(.*)|login\.php)$ https://%{SERVER_NAME}/$1 [R,NC,L] # Force non-ssl for others RewriteCond %{HTTPS} on RewriteRule ^/?(admin(.*)|login\.php)$ http://%{SERVER_NAME}/$1 [R,NC,L] I'm sure I'm doing something wrong but I just can't figure it out.... The first condition works perfect - whenever I access login.php or /admin/ it points to https. But the second one doesn't... Where have I mistaken ? Thanks in advance!

Read the article
Make shortened and long urls play together on the same domain (RewriteRule).

- by Renato Renato

Long story short, I want to have both example.com/aJ5 and example.com/any-other-url working together. I'm using apache and not very good at writing regex. I have already a global RewriteRule which sends everything to the app entry point. What I need is to tell apache if length($path) is <= 5 chars then rewrite to another location. I know I can use {1,5} like syntax in regex, but don't really know if it's what I'm looking for. I'd like to implement this at web-server level rather than php level. Any help is appreciated.

Read the article
Adventures in Drupal multisite config with mod_rewrite and clean urls

- by moexu

The university where I work is planning to offer Drupal hosting to staff/faculty who want a Drupal site. We've set up Drupal multisite with clean urls and it's mostly working except for some weird redirects. If you have two sites where one is a substring of the other then you'll randomly be redirected to the other site. I tracked the problem to how mod_rewrite does path matching, so with a config file like this: RewriteCond %{REQUEST_URI} ^/drupal RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /drupal/index.php?q=$1 [last,qsappend] RewriteCond %{REQUEST_URI} ^/drupaltest RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /drupaltest/index.php?q=$1 [last,qsappend] /drupaltest will match the /drupal line and all of the links on the /drupaltest page will be rewritten to point to /drupal. If you put the end of string character ($) at the end of each rewrite condition then it will always match on the correct site and the links will always be rewritten correctly. That breaks down as soon as a user logs in though because the query string is appended to the url so just the base url will no longer match. You can also fix the problem by ordering the sites in the config file so that the smallest substring will always be last. I suggested storing all of the sites in a table and then querying, sorting, and rewriting the config file every time a Drupal site is requested so that we could guarantee the order. The system administrator thought that was kludgy and didn't address the root problem. Disabling clean urls should also fix the problem but the users really want them so I'd prefer to keep them if possible. I think we could also fix it by using an .htaccess file in each site to handle the clean url rewriting but that also seems suboptimal since it will generate a higher load on the server and the server is intended to host the majority of the university's external facing web content. Is there some magic I can do with mod_rewrite to get it to work? Would another solution be better? Am I doing something the wrong way to begin with?

Read the article
How can I enable mod_rewrite in apache on Ubuntu?

- by George Edison

How do you enable mod_rewrite with Apache in Ubuntu 10.04? I tried copying rewrite.load from /etc/apache2/mods-available to etc/apache2/mods-enabled but that didn't work.

Read the article
.htaccess redirect - Is it secure?

- by thecrandallster

This works; I'm not having trouble, but I want to be certain that this is bulletproof. I came up with a neat little .htaccess redirect, but I am not sure if it is secure; do you know? <IfModule mod_rewrite.c RewriteEngine On RewriteRule ^goto/([a-z]+)/?$ /$1/ [R] </IfModule I think as long as the server is configured correctly and the files handle authentication autonomously, then it shouldn't be a security issue. Also, being that the rewrite rule only works with characters a-z and one slash I doubt they could jump around directories by injecting stuff into the URL I think...

Read the article
Trying to install mod_proxy in Apache-Httpd-2.2.15

- by Dspace

Hello, I have spent the afternoon trying to install the mod_proxy module into apache. I have tried ./configure --prefix=/opt/apache2 --enable-proxy --enable-proxy-http ./configure --prefix=/opt/apache2 --enable-module=proxy After it finishes installing, navigating to /opt/apache2/modules only shows one file: httpd.exp. It seems that the module is not being installed. Any help is appreciated. Thanks.

Read the article
Apache: Rewrite rule to remove slashes from the permalink?

- by javipas

I've seen this previous question on ServerFault, and I want something similar, but I'm not sure how to accomplish it. What I want is to remove all slashes from the permalink except for the one that goes after the domain name. For example: http://www.muycomputerpro.com/Actualidad/Especiales/La-Ciudad-Eficiente-Netapp would be redirected to http://www.muycomputerpro.com/ActualidadEspecialesLa-Ciudad-Eficiente-Netapp I need it to correct some 404 errors remaining on my WordPress blog under Apache web server. So, what would be the right rewrite rule?

Read the article
Can you please explain substitution in RewriteRule

- by Scott

I have the following statements in an .htaccess file RewriteCond %{HTTP_HOST} ^myOldDomain\.com$ [NC] RewriteRule ^(.*)$ https://myNewDomaink.com/$1 [R=301,L] It works fine. I basically found some sample code and modified it to my specific purpose. What I don't quite understand is: Why does $1 refer to the the portion of the supplied url after the hostname - where is the documentation for this? There is no backreference in the RewriteCond.

Read the article
Own server, multiple website: most secure PHP setup

- by plua

Hi there, We have a company server with a variety of websites. They are maintained by different people from within our company. All websites are public. The server access is limited to our company only. This is NOT a shared hosting environment. We are looking into securing the server, currently analyzing the risk related to permissions of files. We feel the highest risk is when files are uploaded and then opened/executed by the public. This should not happen, but an error in a script might allow people to do so (there are image uploaders, file uploaders, etc). Uploader scripts use PHP. So the question is: what is the best way of setting / organizing permissions of files and processes? There seem to be several options to run PHP (and Apache), and setting the permissions. What should we take into consideration? Any tips? We are considering mod_php and FastCGI, but perhaps given our situation other solutions are preferred?

Read the article
Redhat | error in mod_swgi installation

- by MMRUSer

I'm getting the following error when I try to install mod_wsgi ./configure checking for apxs2... no checking for apxs... /usr/sbin/apxs checking Apache version... 2.2.3 configure: creating ./config.status config.status: creating Makefile make /usr/sbin/apxs -c -I/usr/local/include/python2.6 -DNDEBUG mod_wsgi.c -L/usr/local/lib -L/usr/local/lib/python2.6/config -lpython2.6 -lpthread -ldl -lutil -lm /apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables -fno-strict-aliasing -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE -pthread -I/usr/include/httpd -I/usr/include/apr-1 -I/usr/include/apr-1 -I/usr/local/include/python2.6 -DNDEBUG -c -o mod_wsgi.lo mod_wsgi.c && touch mod_wsgi.slo sh: /apr-1/build/libtool: No such file or directory apxs:Error: Command failed with rc=8323072 . make: *** [mod_wsgi.la] Error 1 mod_wsgi 3.2 Apache 2.2 Python 2.6 apr-1.2.7-11 Is this error because of a missing package.. or else how do I solve this issue?

Read the article
Windows + Django + mod_wsgi = "DLL load failed"

- by Kyle MacFarlane

For a long time I was using Python 2.5 to do all this fine but recently upgraded to 2.7 since building stuff for 2.5 is a real pain. I also updated mod_wsgi to 3.3 for Python 2.7. Everything is working fine with Apache + mod_wsgi on CentOS and also in the Django runserver on both Windows and CentOS, but not with Apache + mod_wsgi on Windows. Whenever I try to access a page in my Django app I get the following (note that Apache starts fine): ImportError at / DLL load failed: The specified module could not be found. Which is caused by things like: from Crypto.Cipher import AES Etree and others cause the exact same error and it is not limited to any specific packages. Anything with pyd files fails. Googling around suggests reinstalling Python "for all users", but the installer doesn't give you that option anymore anyway. For good measure I've tried reinstalling Python 2.7 as an administrator and also told it to register itself as the default version of Python but neither helped. I think the solution might have something to do with: The fact that I have 2.5, 2.6 and 2.7 installed on this machine and mod_wsgi might be loading the DLLs for 2.5 instead of 2.7. Something to do with WSGIPythonPath, which I usually don't need to set.

Read the article
Apache 2 UserDir for only one VirtualHost

- by dentarg

Is it possible to enable the UserDir Directive for just one VirtualHost rather than have it on for all and then disable it (with "UserDir disable") for each VirtualHost you don't want it on? I have tried by putting this inside a <VirtualHost> and comment out everything in the global config (/etc/apache2/conf.d/userdir.conf). No luck though. <IfModule mod_userdir.c> UserDir public.www UserDir disabled root <Directory /home/*/public.www> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> </IfModule>

Read the article
mod_rpaf problems with Nginx front, Apache back-end after Ubuntu upgrade

- by Kenn

I'm running an Nginx front-end for static files, and proxying to an Apache backend for PHP and Passenger, using Apache's mod_rpaf to set the correct remote IP address on the backend. Everything worked fine until I upgraded to Ubuntu 12.04 (Precise). Now Apache reports all connections coming from 127.0.0.1. Here's the relevant configuration. Nothing here changed with the upgrade. Nginx: proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; mod_rpaf: <IfModule mod_rpaf.c> RPAFenable On RPAFsethostname On RPAFproxy_ips 127.0.0.1 ::1 RPAFheader X-Forwarded-For </IfModule> I'm using %{X-Forwarded-For}i in my Apache LogFormat directive and the access logs are showing the correct remote address, so I know Nginx is passing the address along properly. In a phpinfo() test, HTTP_X_FORWARDED_FOR is showing the correct remote address, but REMOTE_ADDR is 127.0.0.1. This is reflected in PHP applications as well, such as WordPress comments. I've tried switching Nginx and mod_rpaf to X-Real-IP with no effect. Did something change that I missed? Relevant version info, everything installed from the Ubuntu repository: Nginx 1.1.19 Apache 2.2.22 mod_rpaf 0.6

Read the article
mod_rewrite rules in httpd configuration

- by wag2639

How and where do I put my mod_rewrite rules in the httpd configuration so that they're only parsed once at startup instead of each time a file in my web directory is read. Additional info: assuming all scripts work in .htaccess file RHEL4 running Apache 2.0.52 multiple sub/domains on the the machine Thanks

Read the article
FreeBSD Server .htaccess issues

- by Will Ayers

Server Details: FreeBSD PHP Version 4.3.11 Apache Appache Modules: mod_throttle, mod_php4, mod_speedycgi, mod_ssl, mod_setenvif, mod_so, mod_unique_id, mod_headers, mod_expires, mod_auth_db, mod_auth_anon, mod_auth, mod_access, mod_rewrite, mod_alias, mod_actions, mod_cgi, mod_dir, mod_autoindex, mod_include, mod_info, mod_status, mod_negotiation, mod_mime, mod_mime_magic, mod_log_config, mod_define, mod_env, mod_vhost_alias, mod_mmap_static, http_core The issue I am having is when ever I write any kind of code in the .htaccess file, it throws a 500 Internal error I am simply trying to rewrite url's and am using the exact code that wordpress creates for me and even tried custom code used before on previous servers and it still does not work. WordPress created code: # BEGIN WordPress <IfModule mod_rewrite.c> RewriteEngine On RewriteBase /lobster-tail-blog/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /lobster-tail-blog/index.php [L] </IfModule> # END WordPress And even a simple thing like this throws the error: <IfModule mod_rewrite.c> RewriteEngine On </IfModule> Anyone know of any fixes or why this is causing this error? I have the mod_rewrite module loaded

Read the article
Apache htaccess with mod_expires Not Working for certain directories

- by keyboarddrummer

I have a Joomla site that I am trying to enable caching using mod_expires. I have the .htaccess in the root of the site and have added the options as found on the page http://www.pactsoftware.nl/tools/joomla-optimization.html Using the PageSpeed extension in Chrome, prior to adding this in my .htaccess, my site scores a 55 (Caching is at the top, and lists a lot of images, CSS, and JS files). After these directives, it scores 70, with caching in the yellow, but still lists some image files (some are two directories deep and the rest are four). I checked for any other .htaccess files in the Joomla root, but none are between those folders and the root. It is almost as if htaccess only works in that one directory, not the subfolders. I have tried putting a .htaccess in each affected subdirectory, but it does not work. Does anyone have any ideas?

Read the article
Enabling mod_fcgid results in 403

- by laggingreflex

I have an EasyPHP 12.1 setup (latest) on Windows 7x64 and I'm trying to enable mod_fcgid for PHP. I have added the following in my httpd.conf Include conf/extra/httpd-vhosts.conf LoadModule fcgid_module modules/mod_fcgid.so FcgidInitialEnv PHPRC "C:\progra~2\EasyPHP-12.1\php\php546x121028092509" AddHandler fcgid-script .php FcgidWrapper "C:\progra~2\EasyPHP-12.1\php\php546x121028092509/php-cgi.exe" .php and Options ExecCGI Indexes FollowSymLinks under <Directory "${path}/www"> I've made sure the paths are all good and set permissions on the entire C:\progra~2\EasyPHP-12.1 and my www root to Everyone - Allow All. Yet I still get 403 on all server(localhost) requests. Along with Apache/2.4.2 (Win32) PHP/5.4.6 mod_fcgid/2.3.7 so I know mod_fcgid is enabled and is causing the 403. Commenting out the above lines from httpd.conf makes it work again but is slower than death (which is why I wanted mod_fcgid). What could I be doing wrong?

Read the article
How to change .htaccess file to work right in localhost?

- by Manolo Salsas

I have this snippet code in my .htaccess file to prevent users from hotlinking the server's images: RewriteEngine On RewriteCond %{HTTP_REFERER} ^$ [OR] RewriteCond %{HTTP_REFERER} !^http://(www.)?itransformer.es/.*$ [NC] RewriteRule \.(gif|jpe?g|png|wbmp)$ http://itransformer.es [R,L] Of course, it is not working in my localhost, but don't know how to achieve it. My guess is that I should change the domain name with any wildcard. Any idea? Update I've finally found out the answer thanks to @Chris solution: RewriteCond %{HTTP_REFERER} ^$ [OR] RewriteCond %{HTTP_REFERER} ^https?://%{HTTP_HOST}/.*/usuarios/.*$ [NC] RewriteRule \.(gif|jpe?g|png|wbmp)$ http://%{HTTP_HOST} [R=301,L] The /usuarios/ directory is because I only want to deny direct access to files inside this directory. Update2 For some reason, it doesn't work again. Finally I think that I found out a better solution: RewriteCond %{REQUEST_FILENAME} .*/usuarios/.*$ [NC] RewriteRule \.(gif|jpe?g|png|wbmp)$ http://%{HTTP_HOST} [R=301,L] I say better solution because what I want to deny is direct access to a file (image). Update3 Well, after a while I discovered above wasn't exactly what I wanted, so the next is definitive: RewriteCond %{HTTP_REFERER} ^$ [OR] RewriteCond %{HTTP_REFERER} !^https?://itransformer.*$ [NC] RewriteRule /usuarios/.*\.(gif|jpe?g|png|wbmp)$ - [R=404,L] Just two doubts: If I change the above to: RewriteCond %{HTTP_REFERER} ^$ [OR] RewriteCond %{HTTP_REFERER} !^https?://%{HTTP_HOST}.*$ [NC] RewriteRule /usuarios/.*\.(gif|jpe?g|png|wbmp)$ - [R=404,L] it doesn't work. I don't understand why, because %{HTTP_HOST} is equal to itransformer in my localhost, and it should work. The second doubt is why is shown the default 404 page and not my custom page (that is shown in all other 404 responses).

Read the article
Add a trailing slash mod_rewrite

- by Conner Stephen McCabe

just wondering how I add a trailing slash at the end of my URL's using Mod_Rewrite? This is my .htaccess file currently: RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^([^/]*)$ index.php?pageName=$1 My URL show like so: wwww.**.com/pageName I want it to show like so: wwww.**.com/pageName/ The URL is holding a GET request internally, but I want it to look like a genuine directory.

Read the article
Mod_rewrite to eliminate query strings

- by Greg Frommer

Hi everyone, I have been working on this for a while but I'm not finding exactly what I am looking for. I am writing a webapp to let my users create and publish pieces of HTML content in a domain and URL folder structure of their choosing. All of the content and requested URL structures are stored in a database. I have all of the code in my index.php (in the root folder) to access the database content, and based on the server name (and hopefully folder structure) will pick out the proper content from the DB and display it to the end-users browser. So my situation looks like this: www.test.com/index.php?id=123234345 ... will display the proper page, but I want my users to be able to define a unique "page name" instead of using the numeric index (also I want to hide the /index.php part) so what I would like the end-user to see is: www.test.com/arbitrary-unique-keyword/keyword2/keyword3 which will invoke the index.php page in the root folder. Then I will use the PHP $_SERVER['PATH_INFO'] variable to match the requested folder structure up with the proper content in my database and display that. All the material I have found so far expects me to hard code parts of the folder structure into the rules.... but I think I want something simpler (perhaps). So the question in a nutshell: How do I use mod_rewrite to allow all "non-existent" folder paths be passed through to a main index.php residing in the root folder? (For all paths that DO exist, like for calls to images... I want those to succeed and not be directed to the index.php obviously) Thanks everyone, please let me know if I can clear anything up.

Read the article
proxy_ajp wildcards

- by The Digital Ninja

I need to setup apache so that any site.com/ANYTHING/servlet/ANYTHING goes over ajp into tomcat, but regular files will go through apache still. I have been messing around with this to no avail <LocationMatch "./*/servlet/*"> Order Allow,Deny Allow from all ProxyPass ajp://localhost:8009/ ProxyPassReverse / </LocationMatch> This works at directing everything to our tomcat insance. ProxyPass / ajp://localhost:8009/

Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41 | Next Page >