Search Results

Search found 19615 results on 785 pages for 'apache config'.

Page 544/785 | < Previous Page | 540 541 542 543 544 545 546 547 548 549 550 551 | Next Page >

Binding services to localhost and using SSH tunnels - can requests be forged?

- by Martin

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

Read the article
running a web server with encrypted file system (all or part of it)

- by Carlos

Hi, I need a webserver (lamp) running inside a virtual machine (#1) running as a service (#2) in headless mode (#3) with part or the whole filesystem encrypted (#4). The virtual machine will be started with no user intervention and provide access to a web application for users in the host machine. Points #1,#2 and #3 are checked and proved to be working fine with Sun VirtualBox, so my question is for #4: Can I encrypt the all filesystem and still access the webserver (using a browser) or will grub ask me for a password? If encrypting the all filesystem is not an option, can I encrypt only /home and /var/www ? will apache/php be able to use files in /home or /var/www without asking for a password or mounting these partitions manually? Thanks

Read the article
How to set Firefox to be "silent"? [closed]

- by LanceBaynes

Possible Duplicate: Turn off Mozilla Firefox warning that there are new Firefox add-ons Firefox sometimes pops-up stating that there are updates for it, or an Add-on has been updated, etc. How can make Firefox silent, so that it will only update itself/add-ons in the background, and doesn't pops-up with a message??*1 in the "about:config" app.update.silent;false setting this to true? what does it do? *1 = because non-IT people will use PCs, and they don't know what to do, when a message pops up.. p.s.: Firefox 3.6/Scientific Linux

Read the article
Reverse proxy with SSL and IP passthrough?

- by Paul

Turns out that the IP of a much-needed new website is blocked from inside our organization's network for reasons that will take weeks to fix. In the meantime, could we set up a reverse proxy on an Internet-based server which will forward SSL traffic and perhaps client IPs to the external site? Load will be light. No need to terminate SSL on the proxy. We may be able to poison DNS so original URL can work. How do I learn if I need URL rewriting? Squid/apache/nginx/something else? Setup would be fastest on Win 2000, but other OSes are OK if that would help. Simple and quick are good since it's a temporary solution. Thanks for your thoughts!

Read the article
Sun OS 5.10 not honoring .hushlogin

- by nixomose

I scp and ssh a zillion times a day, and because of our corporate policy I can't get rid of /etc/issue or /etc/motd on the destination machines. So whereas I just want to see the results of my scp or ssh, all I ever end up seeing is thousands of copies of the motd. .hushlogin doesn't seem to be honored. Any other ideas on how to get rid of the message display? Is there some sshd config setting I don't know about (though I probably couldn't change that either)? Is there some curiously sunos/solaris specific way to achieve the goal?

Read the article
Location Directive in a VirtualHost

- by Yehia A.Salam

I'm trying to add server-status location directive under one of my virtual host, however i'm getting a 403 Access Forbidden when browsing to www.mywebsite.com/server-status. Is it legal to put the Location Directive under a virtual host? Edit #1: Full vhost config <VirtualHost *:80> # Admin email, Server Name (domain name) and any aliases ServerAdmin [email protected] ServerName aumento.io ServerAlias www.aumento.io # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /home/cairocubicles/web/aumento.io/public <Directory /home/cairocubicles/web/aumento.io/public> Order Allow,Deny Allow from all Options Indexes FollowSymLinks AllowOverride All AcceptPathInfo On </Directory> <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from aumento.io </Location> # Custom log file locations LogLevel warn ErrorLog /home/cairocubicles/web/aumento.io/log/error.log </VirtualHost>

Read the article
Fix Fatal Error Condition showing system path

- by JMC

I've noticed there are a large number of servers running Magento Commerce that will return a fatal error showing the system path: Fatal error: Uncaught exception 'Exception' with message 'File '/usr/local/www/magento/data1702/media/css' does not exists.' in /usr/local/www/magento/data1702/lib/Varien/File/Transfer/Adapter/Http.php:96 Stack trace: #0 /usr/local/www/magento/data1702/get.php(205): Varien_File_Transfer_Adapter_Http->send('/usr/local/www/...') #1 /usr/local/www/magento/data1702/get.php(165): sendFile('/usr/local/www/...') #2 {main} thrown in /usr/local/www/magento/data1702/lib/Varien/File/Transfer/Adapter/Http.php on line 96 Magento as an application is generally good about supressing error messages. How can a linux server running apache be configured to avoid returning this error message since the app has problems suppressing it.

Read the article
Failover of mirrored webservice

- by eflat

We are using a webservice (over http) which has 2 mirrored servers, accessible as, say www.blah.com and www2.blah.com. Is there a software solution that would help us handle failover? Currently if one server becomes unavailable, I need to manually edit our config to point at the other server. Failover on their side is "in the works", so I don't want to do checking for server availability in code. On our side, we use a mix of linux and windows boxes, so we have both os's in the cage.

Read the article
How do I configure ubuntu server's iptables to allow java without opening the floodgates?

- by rofls

I'm new to servers, so please bear with me. I have my amateur site running. Problem is, I followed Rackspace's instructions on setting up iptables and am pretty sure that's why the java server I'm trying to use on port 8080 isn't working (it runs the script but my android test app doesn't connect to it). When I try running the same java server script on port 80 it doesn't even start. I also ran nmap on my domain and saw that indeed only port 80 and 22 (for ssh) are responding. Is it possible to run Java and apache happily on the same server? If so, how can I configure my iptables correctly. (I'm aware that I should probably do some sort of filtering in the java server itself, but will figure that out later).

Read the article
How to I test if mod_rewrite is enabled?

- by user124130

I'm setting up an environment for wordpress on apache2, on a fresh install of ubuntu 12.04. In order to get friendly URLS working, I'm trying to set up mod_rewrite. I followed some instructions I found on the net, and used a2enmod. Now. after restarting apache, I'd like to check if the module is actually loaded. The command that I've found for getting a list of loaded modules is this: apache2 -t -D DUMP_MODULES However, this returns an error: apache2: bad user name ${APACHE_RUN_USER} So, how do I actually list all loaded modules, or otherwise check to see if mod_rewrite has been enabled?

Read the article
Upgrading phpmyadmin (and other packages) on Debian Squeeze

- by westexasman

I just setup a new VM with Debian Squeeze (latest stable release, 6.0.4). I am going for a webserver, so I installed the usual... apache, php5, mysql, phpmyadmin, etc. Everything went well, everything is working. My question is about upgrading packages. I noticed the phpmyadmin version is 3.3.7... the latest is 3.4.10.1. Doing apt-get update/upgrade does not upgrade the package. How does one go about upgrading packages on a Debian Squeeze server if apt-get update/upgrade does not work? Thanks!

Read the article
.htaccess redirect not preserving http_referer header

- by CodeToaster

We're merging with another company, and we want to redirect content from their (Apache) website to our (IIS) site. When traffic arrives at our site, we inspect the HTTP_REFERER, and if the visitor was just redirected from the company's site that we just merged with, they'll be presented with a "splash" page announcing the merger. I've added the line... Redirect / http://www.oursite.com/ ...to their .htaccess, which works fine, except that when the browser is redirected it doesn't send the HTTP_REFERER header. I've tried redirecting with redirect codes 301, 302 and 307 (the default, I believe, is 302) and all have the same effect (redirects fine, but no HTTP_REFERER). Can anyone provide some insight into why HTTP_REFERER wouldn't be included?

Read the article
Super simple high performance http server

- by masylum

I´m building a url shortener web application and I would like to know the best architecture to do it in order to provide a fast and reliable service. I would like to have two separate servicies in different machines. The first machine will have the application itself with a apache, nginx, whatever.. The second one will contain the database. The third one will be the one that will be responsible to handle the short url petitions. For the third machine I just need to accept one kind of http petition (GET www.domain.com/shorturl), but it have to do it really fast and it should be stable enough. Which server do you recommend me? Thank's in advance and sorry for my english

Read the article
What is the best way to setup a heartbeat agent for failover between two VMs?

- by EGr

I have two VMs in VirtualBox that use NAT for their network adapters. They are both getting the same IP address, so I will need to reconfigure that; but knowing that, is it possible to set up a heartbeat agent to failover an apache server if one of the two VMs go down? The way I pictured it would be that the webserver would be able to be accessed externally via :80. No matter what VM was running, I would be able to access the website at that IP/port since failover would be setup. I'm running into trouble setting up IPs when the network adapters are set to NAT, and people have told me that I shouldn't be setting the IPs in this configuration. So what should I do to achieve what I'm looking for? Is it even feasible?

Read the article
Cannot connect to HTTPS port on Ubuntu

- by Simpleton

I've installed a new SSL certificate and set up Nginx to use it. But requests time out when trying to hit HTTPS on the site. When I telnet to my domain on port 80 it connects, but times out on port 443. I'm not sure if there's some defaults on Ubuntu preventing a connection. UFW status shows: 443 ALLOW Anywhere netstat -a shows: tcp 0 0 *:https *:* LISTEN nmap localhost shows: 443/tcp open https The relevant block in the Nginx config is: server { listen 443; listen [::]:80 ipv6only=on; listen 80; root /path/to/app; server_name mydomain.com ssl on; ssl_certificate /etc/nginx/ssl/ssl-bundle.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_pass http://mydomain.com; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }

Read the article
Can't use HTTPS with ServerXMLHTTP object

- by Imraan

I am supporting a Classic ASP application that connects to a payment gateway via HTTPS. Up until recently there have been no issues. A few days ago this broke without the code, IIS config or anything local changing. Its broken on at least 3 separate servers. The last run of Windows Updates was in late November, but bringing the servers' updates up date has not resolved the problem. A code snippet is below. Dim oHttp Dim strResult Set oHttp = CreateObject("MSXML2.ServerXMLHTTP") oHttp.setOption 2, 13056 oHttp.open "POST", SOAP_ENDPOINT, false oHttp.setRequestHeader "Content-Type", "application/soap+xml; charset=utf-8" oHttp.setRequestHeader "SOAPAction", SOAP_NS + "/" & SOAP_FUNCTION oHttp.send SOAP_REQUEST Below is a dump of the error object :- Number: -2147012852 Description: A certificate is required to complete client authentication Message: A certificate is required to complete client authentication I initially posted the question on Stackoverflow (http://stackoverflow.com/questions/9212985/cant-use-https-with-serverxmlhttp-object) thinking it was a code issue, but further investigation seems to point to a server issue.

Read the article
Unloading uwsgi dynamic app

- by Gevious

I have a uWSGI setup where I run dynamic mode and add applications to it. All applications are working off the same codebase, but each have their own settings file. Its working beautifully. Say for instance, i want to change a setting for one app that has already been loaded. Is there a way I can get uwsgi to reload the app, rather than restarting the whole uwsgi server? In emperor mode I could just touch the config file. How do I achieve the equivalent result in dynamic mode?

Read the article
How to allow a single domain name with iptables

- by Claw

I am looking for a way to make iptables only accept requests for my domain name and reject the others. Lately I misconfigured my apache proxy, it is now fixed, but I keep receiving a load of requests looking like that : xxxx.xx:80 142.54.184.226 - - [12/Sep/2012:15:25:14 +0200] "GET http://ad.bharatstudent.com/st?ad_type=iframe&ad_size=700x300&section=3011105&pub_url=${PUB_URL} HTTP/1.0" 200 4985 "http://www.gethealthbank.com/category/medicine/" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)" xxxx.xx:80 199.116.113.149 - - [12/Sep/2012:15:25:14 +0200] "GET http://mobile1.login.vip.ird.yahoo.com/config/pwtoken_get?login=heaven_12_&src=ntverifyint&passwd=7698ca276acaf6070487899ad2ee2cb9&challenge=wTBYIo2AEdMFr6LtdyQZPqYw9FS9&md5=1 HTTP/1.0" 200 425 "-" "MobileRunner-J2ME" which I would like to block. How can I manage this ?

Read the article
How can I access a Web server in a VM from an iPad?

- by Nick Haslam

I have a virtual machine (running Windows Server 2012, if it's relevant), on VMware Workstation. It is running an Apache Tomcat web server, and I'm wanting to access that webserver from an iPad. Is this feasible, or even possible ? I have tried running Connectify Hotspot on the host machine, but that only gets me as far as being able to access a webpage on the host machine. It doesn't look to pass the connection through to the VM as they are on different subnets. Any thoughts are gratefully received.

Read the article
How to update debian dns server? New VM with same hostname as old VM

- by opensourcechris

We run several linux VM's on our Hyper-V cluster. Our old IT manager configured the dns server to resolve the url 'devlabs.ourdomain.com' to a debian squeeze apache webserver hosted on the hyper v cluster with the hostname: devlabs. We recently created a new Ubuntu vm to replace the original squeeze vm. When we created the new Ubuntu VM we used the same hostname of 'devlabs" to name the new VM. My problem is that now I am only able to access the new Ubuntu VM by using the IP address. How can I update our DNS server to point the url 'devlabs.ourdomain.com' to the new VM?

Read the article
Chef command to create new ec2 instance with second ebs volume attached and mounted instead of the default ephemeral volume?

- by runamok

We currently use this command to create a new ec2 instance with chef: knife ec2 server create --node-name=prod-apache-1 --availability-zone us-east-1c --image ami-3d4ff254 --distro ubuntu12.04-gems --groups "default" --ssh-key foo --identity-file ~/.ssh/id_rsa --ssh-user ubuntu --flavor m1.small After this command we then run further chef commands to finish provisioning the server. I was wondering if it would be possible while first setting up the instance I wanted a 100 gb volume created and mounted at /mnt and to have the ephemeral storage mounted at /tmp or /mnt-ephemeral instead. If not what further commands in chef would you advise running? I know how to do this via the aws console and can probably figure out how to do it via the ec2 command line tools but I am knew to chef and a bit overwhelmed.

Read the article
Server IP must be a LAN IP (Port Forwarding Netgear)

- by rphello101

I'm trying to set up a server (Apache) on my computer (fairly new to it). As I understand it, for it to be accessible to other computers, I need to forward port 80. When I try to forward the port though, I get the error: Server IP must be a LAN IP. I noticed in ipconfig that my default gateway is different than my wireless router. My computer is not hardwired, not on WiFi. Furthermore, I do not, at this point, have a static IP. I read that it should still work with a dynamic IP until it changes. Any ideas on what I can do?

Read the article
what can be reasons for localhost responding super-slow the first time a page is requested?

- by frequent

Still learning my server-ways with Apache2.2/MySQL5.2/Coldfusion8 on localhost (running Windows XP) What I notice is every time I request a page for the first time after firing up Coldfusion and Apache, localhost needs forever (1+ minute to respond and send the inital page). After that all seems to run at normal loading time. I'm using require.js to pull in Jquery, Jquery Mobile and two other plugins on first page load, but loading the same page from a real server works normally, so I'm also ruling out this as a probable cause. Since it happens regardless of which page I'm loading first it shoud not be page related, so I'm looking for other clues on why this could happen. Thanks for some thought!

Read the article
SQL Server Reporting authentication not working

- by Keith

I'm not exactly sure what went wrong but our SQL Server Reporting Services authentication is no longer working correctly. When I try to load the site, it asks for a username and password, and mine doesn't work. I checked the service and it is using the NT AUTHORITY\NetworkService to logon. Since it is using NetworkService to logon, I read on Microsoft's site that I need to use these settings in the RSReportServer.config file: <AuthenticationTypes> <RSWindowsNegotiate /> </AuthenticationTypes> <EnableAuthPersistence>true</EnableAuthPersistence> Which is what I have set. It still asks for the password. When I set the Authentication to RSWindowsNTLM, it does login but everytime I click on a link, it asks for a password (the password doesn't seem to prevent anything from loading). Anyone know what is going on here? I'm not an expert to SQL Server so I may be missing something.

Read the article
Drupal7 doesn't detect MySQL on CentOS, but Wordpress3 does?

- by jyaworski

Hey guys. I'm running CentOS 5.5 here with Apache2, PHP5, and MySQL 5. My wordpress install on the same system runs perfectly, but the drupal7 install script only detects SQLite. The mysql module is enabled in php.ini, so that isn't the problem. Do you think it could be something with Drupal 7, or my PHP install? I tested it on localhost (I'm essentially running ArchLinux with Apache) and it installs just fine. I don't see a difference between my local php.ini and my server php.ini. I get this when accessing install.php on the server. SQLite The type of database your Drupal data will be stored in. Your PHP configuration only supports a single database type, so it has been automatically selected. Edit: The mysql PDO module is installed already.

Read the article

< Previous Page | 540 541 542 543 544 545 546 547 548 549 550 551 | Next Page >