Search Results

Search found 10300 results on 412 pages for 'apache httpcomponents'.

Page 72/412 | < Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >

  • 403 Forbidden for web root on Apache on Mac OS X v10.7, but can access user directories

    - by philosophistry
    When I access http://localhost/ I get 403 Forbidden, but if I access http://localhost/~username it serves up pages. Things I've tried: Checking error logs Swapping out with original httpd conf files Changing DocumentRoot to my user directory (after all that should work if I can access ~username) I've seen 30 plus Q&A sites that all point to people having trouble with user directories being forbidden. I have the opposite problem, and so I'm tearing my hair out here.

    Read the article

  • Redirect an URL to another URL with Apache and WAMP?

    - by user1719496
    I was wondering how to make a simple redirection, I've got WAMP installed on my computer and I wish I could do that: When I go to abc.com it redirects to xyz.com. I did this in the httpd.conf file, but it isn't working. It seems to work now, but only when I go to localhost. However, what I want is that when I go to abc.com it goes to xyz.com, and I can't do that. Here is my conf : <VirtualHost *:80 > ServerName abc.com Redirect permanent / http://www.xyz.com/ </VirtualHost>

    Read the article

  • Password-protect a directory, but not that directory's files? [Apache]

    - by Onion
    Hi, I was just wondering if it was possible to protect a directory with a username/password combination using .htaccess and .htpasswd files, but not protect the files within. i.e. One is able to link, say, images within that directory to friends, but browsing the directory itself would not be allowed without a username/password. Thanks to all in advance.

    Read the article

  • How to properly deny Railo directory access through Apache

    - by Sn3akyP3t3
    I've been battle tested on this and failed to achieve my goal which is to deny all access to all directories except the Public directory and only allow access to all all other directories with specific IP addresses. To get Railo+Apache+Tomcat installed I pretty much followed this script: https://github.com/talltroym/Railo-Ubuntu-Installer-Script then verified settings with this tutorial: http://blog.nictunney.com/2012/03/railo-tomcat-and-apache-on-amazon-ec2.html From the installation script these mods are enabled: sudo a2enmod ssl sudo a2enmod proxy sudo a2enmod proxy_http sudo a2enmod rewrite sudo a2ensite default-ssl Outside of the script I copied the sites-available to sites-enabled then reloaded Apache. I have a directory created for Railo cmfl located at /var/www/Railo/ Navigating the browser to http ://Server_IP_Address/Railo forces ssl and relocates to https ://Server_IP_Address/Railo which shows off index.cfm. Not providing index.cfm and omitting https indicates that the DirectoryIndex directive and RewriteCond of Apache appears to be working for the sites-enabled VirtualHost. The problem I'm encountering is that I cannot seem to deny access to all directories except Public. My directory structure is rather simple and looks like this: Railo error Public NotPublic Sandbox These are my sites-enabled configurations: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www #Default Deny All to prevent walking backwards in file system Alias /Railo/ "/var/www/Railo/" <Directory ~ ".*/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html index.cfc RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R] </VirtualHost> and <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www Alias /Railo/ "/var/www/Railo/" <Directory ~ "/var/www/Railo/(?!Public).*"> Order Deny,Allow Deny from All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown DirectoryIndex index.cfm index.cfml default.cfm default.cfml index.htm index.html #Proxy .cfm and cfc requests to Railo ProxyPassMatch ^/(.+.cf[cm])(/.*)?$ http://127.0.0.1:8888/$1 ProxyPassReverse / http://127.0.0.1:8888/ #Deny access to admin except for local clients <Location /railo-context/admin/> Order deny,allow Deny from all # Allow from <Omitted> # Allow from <Omitted> Allow from 127.0.0.1 </Location> </VirtualHost> </IfModule> The apache2.conf includes the following: # Include the virtual host configurations: Include sites-enabled/ <IfModule !mod_jk.c> LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkMount /*.cfm ajp13 JkMount /*.cfc ajp13 JkMount /*.do ajp13 JkMount /*.jsp ajp13 JkMount /*.cfchart ajp13 JkMount /*.cfm/* ajp13 JkMount /*.cfml/* ajp13 # Flex Gateway Mappings # JkMount /flex2gateway/* ajp13 # JkMount /flashservices/gateway/* ajp13 # JkMount /messagebroker/* ajp13 JkMountCopy all JkLogFile /var/log/apache2/mod_jk.log </IfModule> I believe I understand most of this except the jk_module inclusion which I've noticed has an error that shows up in the logs that I can't sort out: [warn] No JkShmFile defined in httpd.conf. Using default /etc/apache2/logs/jk-runtime-status I've checked my Regular expression against the paths of the directories with RegexBuddy just to be sure that I wasn't correct. The problem doesn't appear to be Regex related although I may have something incorrect in the Directory directive. The Location directive seems to be working correctly for blocking out Railo admin site access.

    Read the article

  • htaccess correct, Apache logs still showing the evil visitors with 200 code

    - by bulgin
    I hope someone can help me. Please take a look at the following snippet of Apache logs: 95-169-172-157.evilvisitor.com - - [12/Nov/2012:09:46:02 -0500] "GET /the-page-I-dont-want-to-deliver.html HTTP/1.1" 200 9171 "http://hackers.ru/" "Mozilla/4.0 (MSIE 6.0; Windows NT 5.1; Search)" I have the following included in my .htaccess for the root directory of the website and there are no other .htaccess files anywhere that would affect this: RewriteEngine On Options +FollowSymLinks ServerSignature Off ErrorDocument 403 "Nothing Interesting Here" order allow,deny deny from evilvisitor.com deny from hackers.ru deny from anonymouse.org allow from all I also have GeoIP functioning properly and have this included there: #for stuff from different countries RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^(UA|TR|RU|RO|LV|CZ|IR|HR|KR|TW|NO|NL|NO|IL|SE) RewriteRule ^(.*)$ [R=F,L I know this works because whenever I attempt to access the website from a proxy in say, Spain, I get the error message. I also know it works because when accessing the website from anonymouse.org, the proper error code page is displayed. So then why am I still getting these visitors who successfully access the page I don't want them to see with an Apache 200 code when it should be an error code?

    Read the article

  • Does Apache need to be stopped to edit "/etc/apache2/sites-available/default"?

    - by webworm
    I am attempting to edit the "default" file located at .. "/etc/apache2/sites-available/default" on my Ubuntu machine running Apache 2.2.8. I want to do this in order to enable the use of .htaccess files. I have downloaded the "default" file and edited it and now I am trying to upload it back to the server via SFTP. I keep getting permission denied errors. Could it be because Apache is running and making use of the file? I am an admin on the machine so I would expect to be able to overwrite the file. Thanks for any assistance.

    Read the article

  • deploying war on tomcat fails to start

    - by Asghar
    i have a java application which uses JAX_WS when i deployed on my tomcat5 server . it is deployed successfully. but it fails to start SEVERE: WSSERVLET11: failed to parse runtime descriptor: java.lang.IllegalArgumentException: prefix cannot be "null" when creating a QName java.lang.IllegalArgumentException: prefix cannot be "null" when creating a QName at javax.xml.namespace.QName.<init>(xml-commons-apis-1.3.02.jar.so) at gnu.xml.stream.XMLParser.getAttributeName(libgcj.so.7rh) at com.sun.xml.ws.util.xml.XMLStreamReaderFilter.getAttributeName(XMLStreamReaderFilter.java:228) at com.sun.xml.ws.streaming.XMLStreamReaderUtil$AttributesImpl.<init>(XMLStreamReaderUtil.java:355) at com.sun.xml.ws.streaming.XMLStreamReaderUtil.getAttributes(XMLStreamReaderUtil.java:198) at com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:204) at com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147) at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:124) at org.apache.catalina.core.StandardContext.listenerStart(catalina-5.5.23.jar.so) at org.apache.catalina.core.StandardContext.start(catalina-5.5.23.jar.so) at org.apache.catalina.manager.ManagerServlet.start(catalina-manager-5.5.23.jar.so) at org.apache.catalina.manager.HTMLManagerServlet.start(catalina-manager-5.5.23.jar.so) at org.apache.catalina.manager.HTMLManagerServlet.doGet(catalina-manager-5.5.23.jar.so) at javax.servlet.http.HttpServlet.service(tomcat5-servlet-2.4-api-5.5.23.jar.so) at javax.servlet.http.HttpServlet.service(tomcat5-servlet-2.4-api-5.5.23.jar.so) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(catalina-5.5.23.jar.so) at org.apache.catalina.core.ApplicationFilterChain.doFilter(catalina-5.5.23.jar.so) at org.apache.catalina.core.StandardWrapperValve.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.core.StandardContextValve.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.core.StandardHostValve.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.valves.ErrorReportValve.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.core.StandardEngineValve.invoke(catalina-5.5.23.jar.so) at org.apache.catalina.connector.CoyoteAdapter.service(catalina-5.5.23.jar.so) at org.apache.coyote.http11.Http11Processor.process(tomcat-http-5.5.23.jar.so) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(tomcat-http-5.5.23.jar.so) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(tomcat-util-5.5.23.jar.so) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(tomcat-util-5.5.23.jar.so) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(tomcat-util-5.5.23.jar.so) at java.lang.Thread.run(libgcj.so.7rh)

    Read the article

  • Add HttpOnly flag to cookies on the fly with Apache?

    - by Zack
    So I have a java webapp that uses tomcat with an apache proxy layer. I'm looking to make all cookies set from the app have the httpOnly flag. The problem with this is that tomcat is responsible for setting the flag from the application side and its default (in servlet api 2.5) is false. I was hoping I could set this flag for all cookies on the fly using apache. I've been trying different combinations and the closest I have gotten is setting the last cookie passed to httpOnly which is of course wrong: Header append Set-Cookie "; HttpOnly" I have no way of knowing what cookies/values are going to be passed from the app. Is this even possible?

    Read the article

  • BeanCreationException in Spring Framework .WAR deploy to Tomcat 6 on Ubuntu 9.10

    - by JediPotPie
    I am in the process of switching from a Windows box to Ubunutu and I want to run my own local instance of Tomcat 6. I have installed Tomcat 6 without any basic issues. When I try to deploy a .war file that I had running on the Tomcat 6 instance on my Windows box I am getting the following error.... Apr 26, 2010 3:30:27 PM org.apache.catalina.core.ApplicationContext log INFO: Initializing Spring root WebApplicationContext Apr 26, 2010 3:30:27 PM org.apache.catalina.core.StandardContext listenerStart SEVERE: Exception sending context initialized event to listener instance of class org.springframework.web.context.ContextLoaderListener org.springframework.beans.factory.CannotLoadBeanClassException: Cannot find class [com.ameren.eam.ldap.LdapDAONovellImpl] for bean with name 'testNovellDao' defined in ServletContext resource [/WEB-INF/applicationContext.xml]; nested exception is java.lang.ClassNotFoundException: com.ameren.eam.ldap.LdapDAONovellImpl at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1173) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.predictBeanType(AbstractAutowireCapableBeanFactory.java:479) at org.springframework.beans.factory.support.AbstractBeanFactory.isFactoryBean(AbstractBeanFactory.java:787) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:393) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:736) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:369) at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:199) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:45) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3934) at org.apache.catalina.core.StandardContext.start(StandardContext.java:4429) at org.apache.catalina.manager.ManagerServlet.start(ManagerServlet.java:1249) at org.apache.catalina.manager.HTMLManagerServlet.start(HTMLManagerServlet.java:612) at org.apache.catalina.manager.HTMLManagerServlet.doGet(HTMLManagerServlet.java:136) at javax.servlet.http.HttpServlet.service(HttpServlet.java:617) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:616) at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:269) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAsPrivileged(Subject.java:537) at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:301) at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:283) at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:56) at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:189) at java.security.AccessController.doPrivileged(Native Method) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:185) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454) at java.lang.Thread.run(Thread.java:636) Caused by: java.lang.ClassNotFoundException: com.ameren.eam.ldap.LdapDAONovellImpl at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1399) at org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1245) at org.springframework.util.ClassUtils.forName(ClassUtils.java:230) at org.springframework.beans.factory.support.AbstractBeanDefinition.resolveBeanClass(AbstractBeanDefinition.java:381) at org.springframework.beans.factory.support.AbstractBeanFactory.resolveBeanClass(AbstractBeanFactory.java:1170) ... 40 more The class that is not being found is located at /WEB-INF/classes/com/ameren/eam/ldap/LdapDAONovellImpl.class relative to /WEB-INF/applicationContext.xml. I cannot figure out why it cannot find the class? Any ideas would be great.

    Read the article

  • Does Apache allow to authorize an HTTP request based on a result of a subrequest?

    - by Jan Wrobel
    I'm looking for an equivalent of nginx http auth request module but for Apache. For each incoming HTTP requests, the module sends a subrequests to authentication/authorization back-end. Th auth request carries a path and all headers of the original request. Based on the result of the auth request, the original requests is allowed (HTTP code 200), denied (HTTP code 403) or login is requested (HTTP code 401). Such a generic mechanism allows to build really flexible authentication and authorization schemes. Is something like this possible in Apache (likely with a help of some third party module)?

    Read the article

  • How do I password protect IIS in a method analogous to Apache's AuthType / AuthUserFile mechanism?

    - by Matt
    I'm used to doing basic password protection for Apache w/ the following method in Apache config files: AuthType Basic AuthName "By Invitation Only" AuthUserFile /path/to/.htpasswd Require valid-user However, I've been asked to put some protection on a subdirectory of a site running ColdFusion on top of IIS6, and I'm unfamiliar with how to do this. How is this done? What should I look out for? I just need to password protect an administrative subdirectory, so I don't need a full user login system - just something that limits who can access the section of the site.

    Read the article

  • What causes Apache Environment Variable set using mod_rewrite to have "redirect_" appended to name?

    - by trowel
    I am trying to set Apache environment variables (for use in PHP) with the [E=VAR:VAL] flag on RewriteRule rules in an .htaccess file. I have already discovered the variables are accessed in PHP as server variables $_SERVER rather than $_ENV (which makes a certain amount of sense). However, my problem is for some rules the [E=VAR:VAL] flag works as expected and I end up with a variable $_SERVER['VAR'] but for other rules I end with a variable $_SERVER['REDIRECT_VAR'] or $_SERVER['REDIRECT_REDIRECT_VAR'], etc A. What causes an Environment Variable set in Apache using the [E=VAR:VAL] flag to get renamed by having "REDIRECT_" appended to the front of the variable name? B. What can I do to make sure I end up with an Environment Variable with an unchanged name so I can access it in PHP as $SERVER['VAR'] without having to resort to checking for variations of the variable name having one of more instances of "REDIRECT" appended to the front of it?

    Read the article

  • Is it possible to log the first line of the response in apache?

    - by Jeppe Mariager
    Hey, We have an Tomcat server where we're trying to log the HTTP version which the response is sent with. We've seen a few times that it seems to be HTTP/0.9, which kills the content (not supported I guess?). We would like to get some stats on this by using the access log in apache. However, since the header line for this isn't prefixed by anything, we cannot use the %{xxx}o logging. Is there a way to get this? An example: Response is: HTTP/1.1 503 This application is not currently available Server: Apache-Coyote/1.1 Content-Type: text/html;charset=utf-8 Content-Length: 1090 Date: Wed, 12 May 2010 12:53:16 GMT Connection: close And we'd like the catch HTTP/1.1 (alternatively, HTTP/1.1 503 This application is not currently available. Is this possible? We do not have access to the application being served, so we need to do this either as a Java filter, or in the tomcat access log - Preferably in the access log.

    Read the article

  • Performance Tuning Tips for Apache

    Apache is one of the most successful open source projects of our times. A big advantage of this popularity is that over the years people have spent a great deal of time fine tuning the software for better performance. Read on to learn more.

    Read the article

  • How to remove 'ApacheMonitor.exe' from notification area

    - by ekaj
    For some reason I had 2 instances of Apache running, and I have no idea how. I also had two instances of ApacheMonitor.exe showing in the "Notification Area Icons" place when you right click on your taskbar and go to properties. To fix the multiple instance issue, I deleted Apache completely and uninstalled the service (I did not use the .msi, I install from a .zip). Anyways, Everything from Apache is gone except the two things in the Notification Area Icon page. Does anyone know how to remove these two icons? I have completely uninstalled Apache, cleaned my registry with CCleaner, and rebooted. Does anyone have any other suggestions? Despite what the picture says, I do NOT have Apache installed, and it is not running.

    Read the article

  • Why is my WordPress installation unable to create a directory?

    - by Ankur
    I am a new user of Ubuntu 12.04 64 bit and I want to test WordPress on my local PC installation. I've only installed LAMP and the latest version of WordPress for now. Further actions were creating a directory www in /home, i.e /home/www install wordpress in it. changed Apache to use /home/www instead of /var/www Apache is running smoothly & wordpress seems to be so as well. However, if try to change my background of my wordpress blog it throws an error Unable to create directory wp-content/uploads/2012/12. Is its parent directory writable by the server? Plese help me to resolve my problem.

    Read the article

  • LAMP Stack Location

    - by Artem Moskalev
    I have installed the LAMP stack on Ubuntu 12.04 LTS using the tasksel command. I checked - it works. But I cant find the location of the installaton, I worked with WAMP - there you have a separate folder for Apache, for PHP and for mysql. Now I cant even find where to put the documents I create. Which folder is used to contain my web projects? How to start MySQL console and where to look for its installation directory? Which directories are PHP and Apache installed in? how to erase LAMP stack? I found out that some of the parts of the stack are installed in the root/var and root/etc directories: How can I install the whole LAMP stack in /home?

    Read the article

  • Unable to install Apache 2.2.22 in Ubuntu 12.04

    - by Martin Betz
    I am not able to install Apache 2.2 in Ubuntu 12.04. Here is a snippet from my console log (sorry, it is in German): apache2 : Hängt ab von: apache2-mpm-worker (= 2.2.22-1ubuntu1) soll aber nicht installiert werden oder apache2-mpm-prefork (= 2.2.22-1ubuntu1) aber 2.2.22-1ubuntu1.1 soll installiert werden ... That means like: apache2 depends from apa..worker, but that should not get installed OR from ap...prefork..ubuntu1, but ap...prefork..ubuntu1.1 should get installed. I have no idea how to tackle that issue..

    Read the article

  • Apache could not reliably determine server

    - by frqcuse
    Apache cannot fully determine domain name when I tried restarting after install. I get this error; sudo /etc/init.d/apache2 restart *Restarting web server config apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName. Why I'm I seeing 127.0.1.1 I have tried saving ServerName localhost into my /etc/init.d/apache2 but it keeps redirecting me to google search page everytime I type phpmyadmin. Will appreciate an expert help?

    Read the article

< Previous Page | 68 69 70 71 72 73 74 75 76 77 78 79  | Next Page >