Search Results

Search found 6253 results on 251 pages for 'apache2 ssl'.

Page 78/251 | < Previous Page | 74 75 76 77 78 79 80 81 82 83 84 85 | Next Page >

.htaccess authorization requiring username/password for every resource

- by webworm

I am using Apache2 on Ubuntu and I have having some "weird" user authorization issues. I am using .htaccess to control access to my directories. I have many users and have grouped them into user groups which are defined in a "group" file. I then use .htaccess within each directory to define which users have access to the directory and which do not. Here is an example .htaccess file. AuthUserFile /var/local/.htpasswd AuthGroupFile /var/local/groups AuthName "Username and Password Required" AuthType Basic require group design admin Everything is working with one exception. I added a new user to one of my groups and though they can gain access to the directory they are prompted for a username and password for every resource (i.e. image, CSS). After a while I can just keep selecting "cancel" and I will get a page with just html with no images or CSS. I would think the browser would just cache the username/password. It seems to be working well for other users. Any thoughts?

Read the article
Cannot get mod_rewrite to work on Mac OSX Mountain Lion

- by Joel Joel Binks

I have tried everything I can think of and it still doesn't work. I am trying to get the example code from Larry Ullman's Advanced PHP book to work. His instructions were a bit lacking so I had to do some research. Here is what I have configured: username.conf <Directory "/Users/me/Sites/"> Options Indexes MultiViews FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> httpd.conf LoadModule rewrite_module libexec/apache2/mod_rewrite.so DocumentRoot "/Users/me/Sites" <Directory /> Options Indexes MultiViews FollowSymLinks AllowOverride All Order deny,allow Allow from all </Directory> <Directory "Users/me/Sites"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all </Directory> .htaccess <IfModule mod_rewrite.so> RewriteEngine on RewriteBase /phplearning/ADVANCED/ch02/ # Redirect certain paths to index.php: RewriteRule ^(about|contact|this|that|search)/?$ index.php?p=$1 RewriteLog "/var/log/apache/rewrite.log" RewriteLogLevel 2 </IfModule> Nothing has worked and it won't even log to the rewrite.log file. What have I done wrong? FYI even when I set up an extremely simple rule or use the root as the rewrite base, it still fails. I have also verified the mod_rewrite module is running. I am really angry.

Read the article
How can I enable PHP5 for a site? Having problems with every single method.

- by John Stephens

I'm working on a client site that is hosted on someone's DIY Debian Linux server [Apache/1.3.33 (Debian GNU/Linux)], and I'm trying to install a script that requires PHP5. By default, the server parses .php files with PHP 4.3.10-22, which is configured at /etc/php4/apache/php.ini, according to phpinfo(). On the server I can see a config directory for PHP5 adjacent to the PHP4 directory: /etc/php5.0/apache2/php.ini. I have tried multiple methods to enable PHP5 for the document root where the site's files are hosted, including all available methods mentioned here. By far, the most common suggestion I've found is to add one or both of the following lines to the site's .htaccess file: AddHandler application/x-httpd-php5 .php AddType application/x-httpd-php5 .php Trouble is, when either or both of those lines are present, the site forces my browser to download any .php files requested, without parsing the PHP at all. All of the other methods mentioned in the above article cause a 500 Internal Server Error. There is no hosting control panel I can access in a browser to enable PHP5 for the site, but I do have shell access. When I asked the server administrator about this issue, he encouraged me to search for the answer on Google. Where could I begin to troubleshoot this issue? Are there ways to test or verify the server's specific PHP5 installation and configuration, using the command line or some other method? Do you have other suggestions to enable PHP5?

Read the article
Client authentication with RubyLDAP ldap

- by Marcelo de Moraes Serpa

Hello all, I'm trying to implement a feature that uses LDAP over SSL (SSL, not TLS), it needs to connect to a SSL-enabled LDAP server (i.e OpenLDAP), bind and then do any additional queries. It also needs to support client-authentication, and this is where things get tricky: The client is a web application written in Ruby, and we are using RubyLDAP (so far we have used it for non-SSL ldap stuff with great success). My question is: Is there a way to load a client certificate and send its data over the wire to the LDAP server when doing a LDAP::SSLConn? I haven't found anything obvious on the API docs (http://ruby-ldap.sourceforge.net/rdoc/) nor while googling around. I know I that I can prevent the server from asking for a certificate by putting the following on slapd.conf (OpenLDAP): TLSVerifyClient never However, this is not an option here. Thanks, Marcelo.

Read the article
vhost configuration for owncloud

- by Razer

I'm using apache2 for hosting owncloud. I configured a vhost file for owncloud, but every time I go on the site my browser downloads a ruby file. Here is my vhost configuration: <VirtualHost *:80> ServerAdmin webmaster@localhost ServerName http://rsserver.fritz.box DocumentRoot /var/www/owncloud/ <Directory /var/www/owncloud/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> Apache error log tells me: [Sat Jun 16 20:46:04 2012] [error] [client xx.xx.xx.xx] Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/owncloud/core/templates/403.php mod_rewrite is enabled. Where is the problem?

Read the article
How is Apache still working?

- by PJ

Recently, I decided to set up a local development environment for my work projects. I'm a PHP developer, with just enough knowledge of Linux and Apache to break things mightily. To get the local environment looking like my work environment, I had to upgrade PHP. When I did, Apache wouldn't restart. I decided I wanted to start fresh (this is where things went wrong) and that I'd reinstall Apache and PHP using MacPorts. So, I went through and tried to delete all the Apache files. Yup. I ran locate apache2 and deleted any folders that looked important. (I know, I know) Then I did a /usr/libexec/locate.updatedb to make sure everything was up to date. I even restarted my machine, just to make sure. The issue is, http://localhost still works. As does an alias I set up, http://butler. Shouldn't they not work? Now that I'm this far in, are there any tips for how to completely remove Apache so I can start over? Worst case, I have a timemachine backup, so I can always just restore that... Thanks in advance.

Read the article
Apache restart does not load new php.ini

- by Tiffany Walker

Never had this problem till updated CPanel today? Maybe that is part the problem? I only have the one php.ini file # /usr/local/bin/php --info | grep php.ini Configure Command => './configure' '--disable-cgi' '--disable-fileinfo' '--enable-bcmath' '--enable-calendar' '--enable-exif' '--enable-ftp' '--enable-gd-native-ttf' '--enable-libxml' '--enable-magic-quotes' '--enable-mbstring' '--enable-pdo=shared' '--enable-soap' '--enable-sockets' '--enable-zip' '--prefix=/usr/local' '--with-bz2' '--with-config-file-path=/usr/local/lib' '--with-config-file-scan-dir=/usr/local/lib/php.ini.d' '--with-curl=/opt/curlssl/' '--with-curlwrappers' '--with-freetype-dir=/usr' '--with-gd' '--with-imap=/opt/php_with_imap_client/' '--with-imap-ssl=/usr' '--with-jpeg-dir=/usr' '--with-kerberos' '--with-libdir=lib64' '--with-libexpat-dir=/usr' '--with-libxml-dir=/opt/xml2' '--with-libxml-dir=/opt/xml2/' '--with-mcrypt=/opt/libmcrypt/' '--with-mysql=/usr' '--with-mysql-sock=/var/lib/mysql/mysql.sock' '--with-mysqli=/usr/bin/mysql_config' '--with-openssl=/usr' '--with-openssl-dir=/usr' '--with-pcre-regex=/opt/pcre' '--with-pdo-mysql=shared' '--with-pdo-sqlite=shared' '--with-pic' '--with-png-dir=/usr' '--with-pspell' '--with-sqlite=shared' '--with-tidy=/opt/tidy/' '--with-xmlrpc' '--with-xpm-dir=/usr' '--with-xsl=/opt/xslt/' '--with-zlib' '--with-zlib-dir=/usr' '--with-gettext' Configuration File (php.ini) Path => /usr/local/lib Loaded Configuration File => /usr/local/lib/php.ini Scan this dir for additional .ini files => /usr/local/lib/php.ini.d # /usr/bin/php --info | grep php.ini <tr><td class="e">Configure Command </td><td class="v"> './configure' '--disable-fileinfo' '--enable-bcmath' '--enable-calendar' '--enable-exif' '--enable-ftp' '--enable-gd-native-ttf' '--enable-libxml' '--enable-magic-quotes' '--enable-mbstring' '--enable-pdo=shared' '--enable-soap' '--enable-sockets' '--enable-zip' '--prefix=/usr' '--with-bz2' '--with-config-file-path=/usr/local/lib' '--with-config-file-scan-dir=/usr/local/lib/php.ini.d' '--with-curl=/opt/curlssl/' '--with-curlwrappers' '--with-freetype-dir=/usr' '--with-gd' '--with-imap=/opt/php_with_imap_client/' '--with-imap-ssl=/usr' '--with-jpeg-dir=/usr' '--with-kerberos' '--with-libdir=lib64' '--with-libexpat-dir=/usr' '--with-libxml-dir=/opt/xml2' '--with-libxml-dir=/opt/xml2/' '--with-mcrypt=/opt/libmcrypt/' '--with-mysql=/usr' '--with-mysql-sock=/var/lib/mysql/mysql.sock' '--with-mysqli=/usr/bin/mysql_config' '--with-openssl=/usr' '--with-openssl-dir=/usr' '--with-pcre-regex=/opt/pcre' '--with-pdo-mysql=shared' '--with-pdo-sqlite=shared' '--with-pic' '--with-png-dir=/usr' '--with-pspell' '--with-sqlite=shared' '--with-tidy=/opt/tidy/' '--with-xmlrpc' '--with-xpm-dir=/usr' '--with-xsl=/opt/xslt/' '--with-zlib' '--with-zlib-dir=/usr' </td></tr> <tr><td class="e">Configuration File (php.ini) Path </td><td class="v">/usr/local/lib </td></tr> <tr><td class="e">Loaded Configuration File </td><td class="v">/usr/local/lib/php.ini </td></tr> <tr><td class="e">Scan this dir for additional .ini files </td><td class="v">/usr/local/lib/php.ini.d </td></tr> everytime I restart apache I still seem to be running the old one. Nothing changes. I removed phpinfo() and ini_set() from the php.ini but I still can't use them. # service httpd -k restart [Fri Oct 26 15:27:10 2012] [warn] module hostinglimits_module is already loaded, skipping [Fri Oct 26 15:27:10 2012] [warn] NameVirtualHost 127.0.0.1:8081 has no VirtualHosts There is also no php.ini files under the vhosts or .htaccess. # /usr/bin/php -v PHP 5.3.15 (cgi-fcgi) (built: Aug 4 2012 21:33:58) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with the ionCube PHP Loader v4.2.2, Copyright (c) 2002-2012, by ionCube Ltd., and with Zend Guard Loader v3.3, Copyright (c) 1998-2010, by Zend Technologies with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH and # /usr/local/bin/php -v PHP 5.3.15 (cli) (built: Aug 4 2012 21:34:27) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator with the ionCube PHP Loader v4.2.2, Copyright (c) 2002-2012, by ionCube Ltd., and with Zend Guard Loader v3.3, Copyright (c) 1998-2010, by Zend Technologies with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH Nothing shows up in the error logs either. The only errors we get are under the vhost's with error_log saying phpinfo and ini_set are disabled. EDIT: Both php binaries use the same php.ini file EDIT: Running php as mod_fgcid.so with suexec EDIT: From SSH I see the correct values for PHP from the php.ini file being loaded from both binaries When using php from apache [26-Oct-2012 20:25:34 UTC] PHP Warning: phpinfo() has been disabled for security reasons in /home/jake/public_html/phpinfo.php on line 1 EDIT: /usr/bin/php is the correct PHP file. Forgot to mention. It is the one in the wrapper script.

Read the article
Server extremely lags and logs bunch of 'internal dummy connection'

- by Dmitry

Having a web-server (don't know actually whoset it up, it's my heritage). Few hours ago it started working very (extremely!) slow, mysqld oftenly fails requests. /var/log/mysqld.log is empty (well, it says, mysqld started, and so on, but nothing regarding today) /var/log/apache2/access_log is full of such lines: ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" ::1 - - [30/Nov/2011:10:15:05 +0100] "GET / HTTP/1.0" 200 1 "-" "Apache/2.2.3 (Linux/SUSE) (internal dummy connection)" Guys, what's that? How to heal this? I read internal dummy connections happen sometimes, but sending internal requests at 1000/sec frequency isn't freaking normal!How to find out the reason of this?

Read the article
Setting SVN permissions with Dav SVN Authz

- by Ken

There seems to be a path inheritance issue which is boggling me over access restrictions. For instance, if I grant rw access one group/user, and wish to restrict it some /../../secret to none, it promptly spits in my face. Here is an example of what I'm trying to achieve in dav_svn.authz [groups] grp_W = a, b, c, g grp_X = a, d, f, e grp_Y = a, e, [/] * = @grp_Y = rw [somerepo1:/projectPot] @grp_W = rw [somerepo2:/projectKettle] @grp_X = rw What is expected: grp_Y has rw access to all repositories, while grp_W and grp_X only have access to their respective repositories. What occurs: grp_Y has access to all repositories, while grp_W and grp_X have access to nothing If I flip the access ordering where I give everyone access and restrict it in each repository, it promply ignores the invalidation rule (stripping of rights) and gives everyone the access granted at the root level. Forgoing groups, it performs the same with user specific provisions; even fully defined such as: [/] a = rw b = c = d = e = f = g = rw [somerepo1:/projectPot] a = rw b = rw c = rw d = e = rw f = g = rw [somerepo2:/projectKettle] a = rw b c d = rw e = rw f = rw g Which yields the exact same result. According to the documentation I'm following all protocols so this is insane. Running on Apache2 with dav_svn

Read the article
mod_cache not working

- by Pistos

I have a PHP site that has many dynamically generated pages. I'm trying to turn to mod_cache to help boost performance, because in most cases, content does not change in a given day. I have configured mod_cache as best I could, following examples around the web, including the mod_cache page on apache.org. When I set LogLevel debug, I see a bit of information about the caching that is [not] happening. There are plenty of pairs of lines like this: [Fri Jun 01 17:28:18 2012] [debug] mod_cache.c(141): Adding CACHE_SAVE filter for /foo/bar [Fri Jun 01 17:28:18 2012] [debug] mod_cache.c(148): Adding CACHE_REMOVE_URL filter for /foo/bar Which is fine, because I've set CacheEnable disk /foo, to indicate that I want everything under /foo cached. I'm new to mod_cache, but my understanding about these lines is that it just means that mod_cache has acknowledged that the URL is supposed to be cached, but there are supposed to be more lines indicating that it is saving the data to cache, and then later retrieving them on subsequent hits to the same URL. I can hit the same URL till I'm blue in the face, whether with F5 refreshing, or not, or with different browsers, or different computers. It's always that pair of lines that shows in the logs, and nothing else. When I set CacheEnable disk /, then I see more activity. But I don't want to cache the entire site, and there are many, many different subpaths to the site, so I don't want to have to modify code to set no-cache headers in all the necessary places. I'll mention that mod_rewrite is in use here, rewriting /foo/bar to something like index.php?baz=/foo/bar, but my understanding is that mod_cache uses the pre-rewrite URL, not the post-rewrite URL. As far as I can tell, I have the response headers not getting in the way of caching. Here's an example from one hit: Cache-Control:must-revalidate, max-age=3600 Connection:Keep-Alive Content-Encoding:gzip Content-Length:16790 Content-Type:text/html Date:Fri, 01 Jun 2012 21:43:09 GMT Expires:Fri, 1 Jun 2012 18:43:09 -0400 Keep-Alive:timeout=15, max=100 Pragma: Server:Apache Vary:Accept-Encoding mod_cache config is as follows: CacheRoot /var/cache/apache2/ CacheDirLevels 3 CacheDirLength 2 CacheEnable disk /foo What is getting in the way of mod_cache doing its job of caching?

Read the article
Domain to apache, subdomain or subdirectory to tomcat

- by hofmeister

I set up an Apache2.2 and Tomcat7 Windows Server. Now I would like to use the domain for the apache and a subdomain or a subdirectory for the tomcat webapps. But I don’t know how to configure the httpd.conf. At the moment the httpd.conf looks like: <IfModule !mod_jk.c> LoadModule jk_module modules/mod_jk.so </IfModule> <IfModule mod_jk.c> JkWorkersFile conf/workers.jetty.properties JkLogFile logs/mod_jk.log JkLogLevel info JkLogStampFormat "[%a %b %d %H:%M:%S %Y]" JkOptions +ForwardKeySize +ForwardURICompat </IfModule> <VirtualHost servername:*> ServerName servername ServerAdmin [email protected] JkMount /* jetty </VirtualHost> My idea was to change the VirtualHost to sub.servername:* but this doesn’t work. How could I use a subdomain or directory for the webapps? At the moment, every call will me directed tomcat. My tomcat runs on the port 8081. Maybe edit the server.xml from tomcat? It would be awesome, if someone could help me. Greetz.

Read the article
authorizet.net local testing and ssl certificate

- by Funky Dude

hi i am integrating authorize.net AIM api into my shopping cart. i have a developer account from auth.net and i am working locally. when i do auth.net api call, i get SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed i assume it's because i dont have ssl on my local machine. how do i get over this so i can test on my local machine? thank you

Read the article
cannot commit svn with dav on ubuntu

- by hiddenkirby

So there are several similar questions on serverfault ... but the solution is still eluding me. I am running subversion on ubuntu 9.04 .. through apache2.2.x .... i get Commit failed (details follow): Can't make directory '/home/kirb/svn/dav/activities.d': Permission denied when i attempt to commit. It is deffinitely a permissions issue... but how to fix it is still eluding me. my repository is in /home/kirb/svn. http://serverfault.com/questions/61573/svn-commit-error says to chgrp .. but i dont seem to be able to. all the apache dav stuff seems to be working though. I can access my repository just fine through a browser. apologies if i am missing something simple here. Thanks in advance, Kirb additional edit: i am not able to sudo chgrp on the directory at all sudo chgrp -R www-data /home/kirb/svn; chmod -R g+rwx /home/kirb/svn [sudo] password for kirb: chmod: changing permissions of/home/kirb/svn': Operation not permitted chmod: changing permissions of /home/kirb/svn/format': Operation not permitted chmod: changing permissions of/home/kirb/svn/conf': Operation not permitted chmod: cannot read directory /home/kirb/svn/conf': Permission denied chmod: changing permissions of/home/kirb/svn/locks': Operation not permitted chmod: cannot read directory /home/kirb/svn/locks': Permission denied chmod: changing permissions of/home/kirb/svn/db': Operation not permitted chmod: cannot read directory /home/kirb/svn/db': Permission denied chmod: changing permissions of/home/kirb/svn/README.txt': Operation not permitted chmod: changing permissions of /home/kirb/svn/hooks': Operation not permitted chmod: cannot read directory/home/kirb/svn/hooks': Permission denied`

Read the article
Using Varnish (only) for DDoS mitigation

- by Martin Kanters

My VPS is suffering from a (D)DoS doing a SYN flood with spoofed IPs. I'm right now searching from ways how to be able to defend (at least a bit) against it. It's running a DirectAdmin apache2 webserver. Mainly used for serving PHP and MySQL. We are using CloudFlare, which are saying that they are able to mitigate (D)DoS at some level, now the attacker knows our real IP address, so CloudFlare isn't helping a bit. I've done some searching on the net and found out about enabling SYN cookies, to defend against it. I've checked my settings and it seems it was enabled all along. I've also read about that Varnish is able to defend against SYN flooding and Slowloris attacks, now I'm pretty interested in using that. The thing is that CloudFlare is already caching a lot from us, and I don't wish to spend too much resources on Varnish. Is it possible and smart to set up Varnish only for the better handling of requests? Are there perhaps better ways which I've missed? Thanks in advance, Martin

Read the article
Using proxy.pac to access Apache 2 with a hostname?

- by leeand00

Note that I do not have a DNS on my network, and that is why I am resorting to using a proxy.pac file. I would like to be able to access my development Apache 2 server using a name instead of an ip without setting up a full blown DNS. I am aware of setting names in the C:\Windows\System32\drivers\etc\hosts file and the /etc/hosts files, however I cannot edit the hosts file on all of the devices that I am testing the site on. I've added a proxy.pac file to my Apache2 server and pointed my browsers settings to it at: http://192.168.2.221/proxyutils/proxy.pac ...where 192.168.2.221 is thehostname's ip address. I set the above URL in Firefox in the following manner: From the menubar selecting "Edit-Preferences" In the resulting "Firefox Preferences" window clicking the "Advanced" tab. Clicking the "Network" tab Clicking the "Settings" button. Selecting the "Automatic proxy configuration URL:" radio button. Entering http://192.168.2.221/proxyutils/proxy.pac and pressing OK. The contents of the proxy.pac file on the Apache server function FindProxyForURL(url, host) { if( dnsDomainIs(host, "thehostname") ) return "PROXY 192.168.2.221:80"; return "DIRECT"; } In Firefox I then access the following URL: http://thehostname/wp-blog/ And instead of the development version of the Wordpress blog I am trying to access I get a URL of http://thehostnamehttp/thehostname/wp-blog/ in my address bar and a 404 Not Found page in the browser window. Looking over proxy.pac, it seems like calling dnsDomainIs shouldn't work considering I don't have a DNS setup on my network, but I've also tried just comparing the host argument with the string "hostname" and it yielded the same result, even after modifying the proxy.pac file and clicking the reload button near the proxy settings. This could also be a Wordpress problem, since I've noticed that directories without Wordpress seem to function perfectly normally. (see cross post here) Is there any way I can modify my configuration so that I can access the site using http://thehostname/wp-blog/ ?

Read the article
How to serve pages through multiple frameworks/template engines efficiently

- by Leftium

I would like to render a file that has both PHP tags and Web2Py tags mixed together. To do this, I would like the web server to pass the file through Web2Py, then PHP. I found a method to call PHP from Web2py via Python (based on this method for running PHP on top of django), but this method loses the benefits of any server optimizations from mod_php or FastCGI like caching and multi-threaded operation. A new process is created for each PHP request, which is very slow. Is there a better way to efficiently render pages with both Web2Py(Python) and PHP tags in the same file? Note I am not looking for methods of serving PHP-only and Web2Py-only files from the same server/domain. I prefer solutions for Apache2 or Cherokee. I'm open to using other web servers, though. Background info: I prefer to develop in Web2Py, but we have this pre-existing system written in PHP. I would like to augment the PHP system with some of Web2Py's features like auth authentication/user management and the T() internationalization object. Also it would make it much easier to port the PHP project to Web2Py if it could be done piecemeal. Since the PHP project consists of many files, it would greatly help if they did not need modification.

Read the article
Apache 2.2 + mod_fcgid + PHP 5.4: (104) Connection reset by peer

- by Michele Piccirillo

On a Debian 6 VPS, I'm running PHP 5.4 via mod_fcgid on a couple of different virtual hosts, managed by Virtualmin GPL. At random, I get 500 Internal Server Errors; restarting Apache brings everything back to normality. Examining the logs, I find messages of this kind: [Thu Oct 04 15:39:35 2012] [warn] [client 173.252.100.117] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server [Thu Oct 04 15:39:35 2012] [error] [client 173.252.100.117] Premature end of script headers: index.php Any ideas about what is happening? UPDATE: I found a similar question and the author reported to have solved the problem disabling APC. I tried following the advice, but I'm still getting the same errors. VirtualHost configuration SuexecUserGroup "#1000" "#1000" ServerName example.com DocumentRoot /home/example/public_html ScriptAlias /cgi-bin/ /home/example/cgi-bin/ DirectoryIndex index.html index.htm index.php index.php4 index.php5 <Directory /home/example/public_html> Options -Indexes +IncludesNOEXEC +FollowSymLinks +ExecCGI allow from all AllowOverride All AddHandler fcgid-script .php AddHandler fcgid-script .php5 FCGIWrapper /home/example/fcgi-bin/php5.fcgi .php FCGIWrapper /home/example/fcgi-bin/php5.fcgi .php5 </Directory> <Directory /home/example/cgi-bin> allow from all </Directory> RemoveHandler .php RemoveHandler .php5 IPCCommTimeout 61 FcgidMaxRequestLen 1073741824 php5.fcgi #!/bin/bash PHPRC=$PWD/../etc/php5 export PHPRC umask 022 export PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=99999 export PHP_FCGI_MAX_REQUESTS SCRIPT_FILENAME=$PATH_TRANSLATED export SCRIPT_FILENAME exec /usr/bin/php5-cgi Package versions webmin-virtual-server/virtualmin-universal 3.94.gpl-2 apache2/squeeze 2.2.16-6+squeeze8 libapache2-mod-fcgid/squeeze 1:2.3.6-1+squeeze1 php5 5.4.7-1~dotdeb.0 php5-apc 5.4.7-1~dotdeb.0

Read the article
Mac OS X Lion Apache Server not Found

- by Burak Erdem

After upgrading to Lion 10.7.2 today, Apache virtual hosts are not working anymore. When I go to http://XYZ.localhost, it say "server not found". I am using Apache on my Mac OS X Lion and until today, it was working fine. I can access http://localhost but I can't access http://XYZ.localhost My /etc/hosts file is like below; 127.0.0.1 XYZ.localhost My /etc/apache2/extra/httpd-vhosts.conf file is like below; <VirtualHost *:80> ServerName XYZ.localhost DocumentRoot /Library/WebServer/Documents/XYZ <Directory /Library/WebServer/Documents/XYZ> DirectoryIndex index.php AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> I think I once had this problem too, after another OS X update, but I can't remember how I solved it. Is it a user permission issue? Or is there something wrong with Apache or any other setting? EDIT: It seems like my /etc/hosts file is not working correctly. Even if I add something like 127.0.0.1 apple.com it still goes to the real apple.com. Maybe this might help to solve the problem.

Read the article
Wildcard SSL and Apache configuration

- by Nitai

Hi all, I'm pulling my hard on this configuration, which probably is simply. I have a wildcard ssl certificate which is working. I have the website setup to run on domain.com under SSL. Now, I'm in need to run many subdomains (*.domain.com) on the same server with the same SSL certificate. Shouldn't be that hard, right? Well, I can't get it going. Point is, that the first config is another Tomcat server that serves another site and listens to domain.com and www.domain.com. The other config listens to *.domain.com and pulls the content from another Tomcat server. I already tried this whole setup with mod_rewrite, but simply don't see what I'm doing wrong. Any help very much appreciated. Here is my conf in Apache 2.2: <VirtualHost *:443> SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... SSLCertificateChainFile ... ServerName domain.com ServerAlias www.domain.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://localhost:8010/ ProxyPassReverse / ajp://localhost:8010/ </VirtualHost> <VirtualHost *:443> SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... SSLCertificateChainFile ... ServerName domain.com ServerAlias *.domain.com ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://localhost:8009/ ProxyPassReverse / ajp://localhost:8009/ </VirtualHost> Thanks.

Read the article
mod_rpaf with apache error_log

- by Camden S.

I'm using mod-rpaf with Apache 2.4 and it's working properly (showing the real client IP's) in my Apache access_log... but not in my error_log. My error log just shows the client IP address of the proxy server (my load balancer in this case) Here's an example of what I see in my error_log where 123.123.123.123 is the IP of my load balancer/proxy. == /usr/local/apache2/logs/error_log <== [Tue Jun 05 20:24:31.027525 2012] [access_compat:error] [pid 9145:tid 140485731845888] [client 123.123.123.123:20396] AH01797: client denied by server configuration: /wwwroot/private/secret.pdf The exact same request produces the following in my access_log where 456.456.456.456 is a real client IP (not the IP of the load balancer). 456.456.456.456 - - [05/Jun/2012:20:24:31 +0000] "GET /wwwroot/private/secret.pdf HTTP/1.1" 403 228 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20100101 Firefox/12.0" Here's my httpd.conf entry: # RPAF LoadModule rpaf_module modules/mod_rpaf-2.0.so RPAFenable On RPAFproxy_ips 127.0.0.1 123.123.123.123 RPAFsethostname On RPAFheader X-Forwarded-For What do I need to do to get the real IP addresses showing in my Apache error_log?

Read the article
apache using mod_auth_kerb always asks for the password twice

- by DrStalker

(Debian Squeeze) I'm trying to set apache up to use Kerberos authentication to allow AD users to log in. It is working, but prompts the user twice for a username and password, with the first time being ignored (no matter what is put it in.) Only the second prompt includes the AuthName string from the config (i.e.: the first windows is a generic username/password one, the second includes the title "Kerberos Login") I'm not worried about integrated windows authentication working at this stage, I just want users to be able to login with their AD account so we don't need to set up a second repository of user accounts. How do I fix this to eliminate that first useless prompt? The directives in the apache2.conf file: <Directory /var/www/kerberos> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms ONEVUE.COM.AU.LOCAL Krb5KeyTab /etc/krb5.keytab KrbServiceName HTTP/[email protected] require valid-user </Directory> krb5.conf: [libdefaults] default_realm = ONEVUE.COM.AU.LOCAL [realms] ONEVUE.COM.AU.LOCAL = { kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL master_kdc = SYD01PWDC01.ONEVUE.COM.AU.LOCAL admin_server = SYD01PWDC01.ONEVUE.COM.AU.LOCAL default_domain = ONEVUE.COM.AU.LOCAL } [login] krb4_convert = true krb4_get_tickets = false The access log when accessing the secured directory (note the two seperate 401's) 192.168.10.115 - - [24/Aug/2012:15:52:01 +1000] "GET /kerberos/ HTTP/1.1" 401 710 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - - [24/Aug/2012:15:52:06 +1000] "GET /kerberos/ HTTP/1.1" 401 680 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" 192.168.10.115 - [email protected] [24/Aug/2012:15:52:10 +1000] "GET /kerberos/ HTTP/1.1" 200 375 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.83 Safari/537.1" And one line in error.log [Fri Aug 24 15:52:06 2012] [error] [client 192.168.0.115] gss_accept_sec_context(2) failed: An unsupported mechanism was requested (, Unknown error)

Read the article
localhost/127.0.0.1 not working, "Unable to connect"

- by redconservatory

I am running some pretty basic php sites on Snow Leopard. Usually I just go to my browser and type anything like: localhost http://localhost 127.0.0.1 mycomputername.local But suddenly, after installing a gem file (compass) none of this is working. I tried sudo apachectl restart Thinking that I just needed to restart apache, but no luck. My error log looks like: [Mon Mar 26 09:39:08 2012] [warn] child process 45443 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45223 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45043 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45438 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45049 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45439 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45224 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45440 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45441 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45442 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:10 2012] [warn] child process 45443 still did not exit, sending a SIGTERM [Mon Mar 26 09:39:11 2012] [notice] caught SIGTERM, shutting down I also tried sudo apachectl -k start And I got the error: Syntax error on line 182 of /private/etc/apache2/httpd.conf: Illegal option When I look at the code around that line, I see: <Directory /> Options Indexes MultiViews + FollowSymLinks AllowOverride All Order allow, deny Allow from all </Directory>

Read the article
iphone: is there any secure way to establish 2-way SSL from an application

- by pmilosev

Hi I need to establish a HTTPS 2-way SSL connection from my iPhone application to the customer's server. However I don't see any secure way to deliver the client side certificates to the application (it's an e-banking app, so security is really an issue). From what I have found so far the only way that the app would be able to access the certificate is to provide it pre-bundeled with the application itself, or expose an URL from which it could be fetched (http://stackoverflow.com/questions/2037172/iphone-app-with-ssl-client-certs). The thing is that neither of this two ways prevent some third party to get the certificate, which if accepted as a risk eliminates the need for 2-way SSL (since anyone can have the client certificate). The whole security protocol should look like this: - HTTPS 2-way SSL to authenticate the application - OTP (token) based user registration (client side key pair generated at this step) - SOAP / WSS XML-Signature (requests signed by the keys generated earlier) Any idea on how to establish the first layer of security (HTTPS) ? regards

Read the article
chrooted sftp user with write permissions to /var/www

- by matthew

I am getting confused about this setup that I am trying to deploy. I hope someone of you folks can lend me a hand: much much appreciated. Background info Server is Debian 6.0, ext3, with Apache2/SSL and Nginx at the front as reverse proxy. I need to provide sftp access to the Apache root directory (/var/www), making sure that the sftp user is chrooted to that path with RWX permissions. All this without modifying any default permission in /var/www. drwxr-xr-x 9 root root 4096 Nov 4 22:46 www Inside /var/www -rw-r----- 1 www-data www-data 177 Mar 11 2012 file1 drwxr-x--- 6 www-data www-data 4096 Sep 10 2012 dir1 drwxr-xr-x 7 www-data www-data 4096 Sep 28 2012 dir2 -rw------- 1 root root 19 Apr 6 2012 file2 -rw------- 1 root root 3548528 Sep 28 2012 file3 drwxr-x--- 6 www-data www-data 4096 Aug 22 00:11 dir3 drwxr-x--- 5 www-data www-data 4096 Jul 15 2012 dir4 drwxr-x--- 2 www-data www-data 536576 Nov 24 2012 dir5 drwxr-x--- 2 www-data www-data 4096 Nov 5 00:00 dir6 drwxr-x--- 2 www-data www-data 4096 Nov 4 13:24 dir7 What I have tried created a new group secureftp created a new sftp user, joined to secureftp and www-data groups also with nologin shell. Homedir is / edited sshd_config with Subsystem sftp internal-sftp AllowTcpForwarding no Match Group <secureftp> ChrootDirectory /var/www ForceCommand internal-sftp I can login with the sftp user, list files but no write action is allowed. Sftp user is in the www-data group but permissions in /var/www are read/read+x for the group bit so... It doesn't work. I've also tried with ACL, but as I apply ACL RWX permissions for the sftp user to /var/www (dirs and files recursively), it will change the unix permissions as well which is what I don't want. What can I do here? I was thinking I could enable the user www-data to login as sftp, so that it'll be able to modify files/dirs that www-data owns in /var/www. But for some reason I think this would be a stupid move securitywise.

Read the article
Debug HTTPS errors

- by Murkin

Hello everyone, When accessing my site, the SSL session is successful while the page loads. A few seconds after the page loaded FireFox shows that SSL is no longer available. I am guessing its some script (all I have is Google Analytics and Facebook). How can I see what caused FireFox (or IE/Chrome) to drop the SSL and why ?

Read the article

< Previous Page | 74 75 76 77 78 79 80 81 82 83 84 85 | Next Page >