Search Results

Search found 2349 results on 94 pages for 'webdev webserver'.

Page 82/94 | < Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >

• How to route public static IP to a virtual machine on a vmware ESXi host?

  - by Kevin Southworth

  I have 5 static IPs from my ISP (Comcast) and I have a physical machine with VMware ESXi 4.0 on it that is hosting multiple virtual machines. Right now I am just using the default vmware virtual network (vswitch0) with DHCP from the Comcast IP Gateway Router and everything is working fine. Each virtual machine can access the internet, etc. One of my virtual machines is a webserver (Windows Server 2008) and I want to assign it to 1 of my 5 static IPs so it's accessible from the public internet, while leaving the other VMs on the internal LAN still using DHCP. If I just plug my laptop directly into the Comcast IP Gateway (it has 4 ports on the back) and assign my laptop a Static IP using the windows networking dialogs, then I can hit my laptop from the public internet and it works great. However, if I try to do the same steps to set a static IP config on my Windows Server 2008 VM, it does not work. The VM cannot access the internet (open Firefox and try to visit google.com), and I cannnot see the VM from the public internet either. I'm assuming I'm missing something in the ESXi config somewhere, but I'm pretty new to ESXi and I'm not sure how to configure it to work this way.

  Read the article

• Walkthrough/guide building aplication server for multi tenant web app [on hold]

  - by Khalid Adisendjaja

  The web app will detect a subdomain such as tenant1.app.com, tenant2.app.com, etc to identify tenant environment, each tenant environment will have a different database credential (port,db name,etc) but still connecting to the same database server. Each tenant should use app.com for their main domain, using their own domain is prohibitted. Each tenant will have their own rest api endpoint such as tenant1.app.com/api/v1/xxxx, tenant2.app.com/api/v1/xxxx, tenant3.app.com/api/v1/xxxx I've come to a simple solution by setting a wildcard subdomain (*.app.com) on webserver Apache/Nginx vhost configuration file. I have googled so many concept for building a multi-tenant app server but still don't understand how to really done it, what is the right way to do it and what is actually required to do this task. So I've come to this questions, Do I need a proxy server, dns masking, etc.. How to monitor each tenants activity What about server performance, load balancing, and scalability How to setup ssl certificate for each tenant what about application cache for each tenant Is it reliable to use the setup for production etc ... I have a very litte experience on server infrastructure, so I'm looking for a DIY walkthrough, step by step guide, or sophisticate solution ready to implemented for production

  Read the article

• both ssl and non-ssl on single port

  - by Zulakis

  I would like to make my apache2 webserver serve both http and https on the same port. With the different method i tried it was either not working on http or on https.. How can I do this? Update: If I enable SSL and then visit the with http I get page like this: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://server/"><b>https://server/</b></a></blockquote></p> <hr> <address>Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny16 with Suhosin-Patch mod_ssl/2.2.9 OpenSSL/0.9.8g Server at server Port 443</address> </body></html> Because of this, it seems very much possible to have both http and https on the same port. A first step would be to change this default-page so it would present a 301-Moved header. Update2: According to this, it is possible. Now, the question is just how to configure apache to do it.

  Read the article

• SVN, Samba and Symbolic Links. How to get them all to play together?

  - by Camsoft

  I've got a website project under version control that relies on files from an unversioned directory on the same server via Symbolic Links. I'm currently storing the symbolic links in the repository. The idea is that if someone checks out a working copy on to the same server they can edit and test the working copy of the project before committing it back to the repository. When they checkout their working copy it successfully sets up the symlinks so that the entire site works when testing. The users that work on the project are Windows users, so I've set a samba shares on the server and then mapped them to network drives in Windows. People can edit their working copies directly on the server via network shares and then test them in the web browser before committing their changes back to the repository via TortoiseSVN. The Problem The problem I have is that Samba resolves the symlinks as expected but when a user tries to commit their changes back to the repository, TortoiseSVN thinks the linked files are part of the project and tries to commit the target files to the repository and not the symlinks themselves. I tried turning off symlink support in samba which means that the linked files cannot be resolved as I don't really want people to have access to the linked files nor do I want to import the linked files in the repository. The problem with this is that I get Can't stat '\webserver\projects\working\project\symlinked_file.php'. Access is denied Apart from the symlink problem everything else works 100% perfectly. Users can either checkout website projects to their machine and work on them (but can't test) or checkout them out to their space on the dev web server and work on them and fully test. So I don't want to change the workflow process, I just need a solution to the symbolic link issue. Many thanks. Originally posted on StackOverflow: http://stackoverflow.com/questions/2400917/svn-samba-and-symbolic-links-how-to-get-them-all-to-play-together

  Read the article

• Server getting overloaded

  - by taras

  Hi, I have 2 setups tomcat5.5.20 on Redhat and mysql 4.1.22 on another Redhat server. Recently my webserver started getting overloaded up to 80-90%. After checking i found repeating errors(each seconds) in catalina.out. Can it cause the server overload or where else can be the root of the problem ? catalina.out: DBCP object created 2010-12-22 13:33:12 by the following code was never closed: java.lang.Exception at org.apache.tomcat.dbcp.dbcp.AbandonedTrace.init(AbandonedTrace.java:96) i have to restart tomcat once a day when server load reaches 80-90%. Also catalina.out file is growing too fast which every few hours need to clear the logs. My datasource config: <bean id="myDataSource" class="org.apache.tomcat.dbcp.dbcp.BasicDataSource" destroy-method="close"> <property name="driverClassName"> <value>com.mysql.jdbc.Driver</value> </property> jdbc:mysql://XXX/XXX?autoReconnect=true 20 20 <property name="maxIdle"> <value>50</value> </property> <property name="maxActive"> <value>50</value> </property> <property name="removeAbandoned"> <value>false</value> </property> <property name="removeAbandonedTimeout"> <value>2400</value> </property> <property name="username"> <value>XXX</value> </property> <property name="password"> <value>XXX</value> </property> </bean> Thanks for any direction.

  Read the article

• IPtables: DNAT not working

  - by GetFree

  In a CentOS server I have, I want to forward port 8080 to a third-party webserver. So I added this rule: iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to-destination thirdparty_server_ip:80 But it doesn't seem to work. In an effort to debug the process, I added these two LOG rules: iptables -t mangle -A PREROUTING -p tcp --src my_laptop_ip --dport ! 22 -j LOG --log-level warning --log-prefix "[_REQUEST_COMING_FROM_CLIENT_] " iptables -t nat -A POSTROUTING -p tcp --dst thirdparty_server_ip -j LOG --log-level warning --log-prefix "[_REQUEST_BEING_FORWARDED_] " (the --dport ! 22 part is there just to filter out the SSH traffic so that my log file doesn't get flooded) According to this page the mangle/PREROUTING chain is the first one to process incomming packets and the nat/POSTROUTING chain is the last one to process outgoing packets. And since the nat/PREROUTING chain comes in the middle of the other two, the three rules should do this: the rule in mangle/PREROUTING logs the incomming packets the rule in nat/PREROUTING modifies the packets (it changes the dest IP and port) the rule in nat/POSTROUTING logs the modified packets about to be forwarded Although the first rule does log incomming packets comming from my laptop, the third rule doesn't log the packets which are supposed to be modified by the second rule. It does log, however, packets that are produced in the server, hence I know the two LOG rules are working properly. Why are the packets not being forwarded, or at least why are they not being logged by the third rule? PS: there are no more rules than those three. All other chains in all tables are empty and with policy ACCEPT.

  Read the article

• Internet explorer rejects cookies in kerberos protected intranet sites

  - by remix_tj

  I'm trying to build an intranet site using joomla. The webserver is using HTTP Kerberos authentication with mod_kerb_auth. Everything works fine, the users get authenticated and so on. But if i try to login to the administrator panel i can't because IE does not accept the needed cookies. No such problem with firefox. The intranet site is called "intranet_new" and is hosted by webintranet04, under the directory /var/www/vhosts/joomla/intranet_new/. I have my virtualhost for intranet_new containing this: <Location /> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms PROV.TV.LOCAL Krb5KeyTab /etc/apache2/HTTP.keytab require valid-user </Location> The same is for webintranet04 virtualhost, which is the default pointing to /var/www and contains: <Location /vhosts/joomla/> AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms PROV.TV.LOCAL Krb5KeyTab /etc/apache2/HTTP.keytab require valid-user </Location> the very strange problem i have is that if i open http:// webintranet04/vhosts/joomla/intranet_new/administrator IE allows me to login, accepting cookie. If i open http:// intranet_new/administrator, instead, i loop on the login page. Last, intranet_new is a CNAME record of webintranet04. This is only an IE problem. I need: - the admin interface to work with IE - the "kerberized" zone to accept cookie, because i am deploying other programs requiring cookies.

  Read the article

• Server stops responding, can't find issue?

  - by Corey W

  I've had a pretty basic server up and running CentOS with webserver/database, and have noticed that it has locked up a few times in the middle of the night. It seems to happen randomly. When it locks up I can ssh in, (although it seems to hang once connected), but can't access cpanel/whm and have to reboot the server to get everything back up. Checking the messages log I see the below like clockwork every 5minutes 1 second, and then it just stops logging anything until I reboot. I can't seem to find any log showing any issue? Is there somewhere I can check to try to figure out what is happening? Could this be caused by CPU being maxed? Nov 17 08:01:35 s1 pure-ftpd: (__cpanel__service__auth__ftpd__Q13SKrtaCJCHjBezTfU8Iqmsi@127.0.0.1) [INFO] Logout. Nov 17 08:06:36 s1 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Nov 17 08:06:36 s1 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__mxidFBSnQXmR0QzqSxlqrXLIH0CmJ0GPh9bZ5V3 is now l ogged in Nov 17 08:06:37 s1 pure-ftpd: (__cpanel__service__auth__ftpd__mxidBDaCgnqSxlqrXLIH0CmJ0GPh9bZ5V3@127.0.0.1) [INFO] Logout. Nov 17 08:11:37 s1 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Nov 17 08:11:38 s1 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__T4B7F71acf1dsdJSeJHdqKNcbOdpzNnN_GttgcM is now l ogged in Nov 17 08:11:38 s1 pure-ftpd: (__cpanel__service__auth__ftpd__T4B7F71acf1KNcbOdpzNnN_GttgcM@127.0.0.1) [INFO] Logout. Nov 17 08:16:38 s1 pure-ftpd: ([email protected]) [INFO] New connection from 127.0.0.1 Nov 17 08:16:38 s1 pure-ftpd: ([email protected]) [INFO] __cpanel__service__auth__ftpd__W5C1RzumtaNwe4cU8Lt1 is now logged in Nov 17 08:16:38 s1 pure-ftpd: ([email protected]) [INFO] Logout. Nov 17 09:10:58 s1 kernel: imklog 4.6.2, log source = /proc/kmsg started. Nov 17 09:10:58 s1 rsyslogd: [origin software="rsyslogd" swVersion="4.6.2" x-pid="1094" x-info="http://www.rsyslog.com"] (re)start Nov 17 09:10:58 s1 kernel: Initializing cgroup subsys cpuset

  Read the article

• Issues regarding internet connectivity

  - by andySF

  Hello. My problem started when Yahoo Messenger stopped connecting. I've tried to see if Internet Explorer was working but will not load any page. The diagnostics of Internet Explorer says that is something wrong with my dns(using just ip of google or yahoo or my local webserver was not working). I use Windows 7 and at the moment i've had Internet Explorer 8 and after a lot of failing updates to ie9 I've successfully install the Romanian version of IE9(now i have ie8 after a system restore). Then I installed the service pack 1. I've done a lot of things and I will try to enumerate them, but my problem persists. Settings from Yahoo Messenger and Internet Explorer are OK. I've try to reset winsock and ip from netsh. I've scanned my pc with spybot, mallwarebytes, Trojan Remover(simplysup), Loaris Trojan Remover, Avast, Nod32, Kaspersky, Bitdefender,alot of registry cleaner including CCleaner and maybe others that I cannot remember now. I reset the registry permissions using subinacl. At a moment my files permissions was set jut to "trusted installer" and I've put the permission back to files and folders using the model of other windows 7 machine. I have try so many things that now i'm stuck in a loop using different security tools to check for problems. Oh, and my virtual machines are working just fine.(I'm using VirtualBox) Please Help. PS, Reinstalling Windows is not an option. Thank you!

  Read the article

• Login error in phpMyAdmin, problem setting auth_type in config.inc.php

  - by sergiom

  I'm having a problem accessing phpMyAdmin. A few weeks ago I did succeed configuring it for auth_type = 'cookie', but I still receive an error stating that I should have to set blowfish_secret. That was strange because it was set. So I changed auth_type from cookie to http, but it didn't work. I changed it back to cookie, but it doesn't work anymore. this is the error. phpMyAdmin - Error Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly. this is my C:\wamp\apps\phpmyadmin3.2.0.1\config.inc.php <?php /* Servers configuration */ $i = 0; /* Server: localhost [1] */ $i++; $cfg['Servers'][$i]['verbose'] = 'localhost'; $cfg['Servers'][$i]['host'] = 'localhost'; $cfg['Servers'][$i]['port'] = ''; $cfg['Servers'][$i]['socket'] = ''; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['auth_type'] = 'cookie'; $cfg['Servers'][$i]['user'] = ''; $cfg['Servers'][$i]['password'] = ''; $cfg['Servers'][$i]['AllowNoPassword'] = false; $cfg['Servers'][$i]['blowfish_secret'] = 'this is my passphrase'; /* End of servers configuration */ $cfg['DefaultLang'] = 'en-utf-8'; $cfg['ServerDefault'] = 1; $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; ?> I changed the blowfish_secret, since I don't remember the old one, and I deleted the cookies in my browser and restartd all wamp services and the browser. After I enter username and password in the login page I get the error. I've tried searching into the log files, but I'm a newbie and I'm not sure I've searched the right ones. I'm using Wamp server 2.0 that has Apache Version : 2.2.11 PHP Version : 5.3.0 MySQL Version : 5.1.36 phpmyadmin : 3.2.0.1

  Read the article

• Use of backreferences in fail2ban filters possible?

  - by Izzy

  From time to time, I see collections of suspect "File not found" errors in my Apache logs, basically using the pattern File does not exist: /var/www/file, referer: http://my.server.com/file In human terms: The file was not found, though it referenced here itself. A clear hacking attempt, as that's hardly possible (and the REQUEST_URIs often enough suggest the same). In my eyes a clear case for fail2ban – if I could get backreferences to work here: failregex = ^%(_apache_error_client)s File does not exist: /var/www(.+), referer: http://.+\1$ (Justin Case: above examples assume the DIRECTORY_ROOT of that webserver being /var/www) I googled for hours, searched the fail2ban wiki up and down – but nowhere I could find a statement concerning backreferences in its filters. Are they not supported, or did I do it the wrong way? Any hints how to make it work (except from "dirty hacks" like first sending the request to another fake url using mod-rewrite, and then catching on that (if anyone is interested, I can elaborate on that approach in an answer), or doing something similar using mod-security)? as an entire log line was requested: [Fri Nov 08 14:57:28 2013] [error] [client 50.67.234.213] File does not exist: /var/www/text/files.htm++++++++++++++++++++++++++Result:+using+proxy+27.34.142.47:9090;+no+post+sending+forms+are+found;, referer: http://www.myserver.com/text/files.htm++++++++++++++++++++++++++Result:+using+proxy+27.34.142.47:9090;+no+post+sending+forms+are+found; (sorry, logs were just switched, so this long candidate was the only one left currently; minor adjustments were made for privacy reasons)

  Read the article

• How to handle sh: fetch: command not found

  - by Tyler Johnson

  Okay, I'm a noobie. I know how to build and compose a website, but I have no idea what I'm doing when it comes to servers and server commands, etc. I've recently had a problem with all of my sites on our servers going down all at once and then I have to go in and reboot the server for them to come up again. At first this was annoying, but now it is becoming agonizing as it now takes 3-4 reboots for the websites to come back up. I contacted support for my hosting, but they are not being very helpful. They just keep telling me what the issue might be and basically telling me that I'm going to have to look into it and figure it out, which really isn't possible since I know nothing. Anyway, here are the things they said were possible reasons: They said I have "strange logs" in my Apache webserver log, error: sh: fetch: command not found. My php.ini memory limit is: 256M which is very high. It should be 32M or 64M. Server is reaching Max Clients, meaning we have more than 150 visitors at a time. (They supposedly "fixed" this, but the sites/server are still going down) I have some Wordpress sites with plugins getting errors like: PHP Warning: pack(): Type H: illegal hex digit G in... PHP Fatal error: Cannot use object of type stdClass as array in... PHP Fatal error: Maximum execution time of 30 seconds exceeded in... PHP Fatal error: Call to undefined function file_exists() in... PHP Parse error: syntax error, unexpected '<' I know that's a lot, but I really am at wits end and have no idea what to do now. If anyone could maybe give me some advice or point me in the right direction I would greatly appreciate it! Thanks! Oh, and here are the specs for my server: RAM: 2048MB CPU Shares: 40 Primary Disk: 50GB Data Transfer: 75GB Port Speed: 5Mbps

  Read the article

• MySQL is killing the server IO.

  - by OneOfOne

  I manage a fairly large/busy vBulletin forums (running on gigenet cloud), the database is ~ 10 GB (~9 milion posts, ~60 queries per second), lately MySQL have been grinding the disk like there's no tomorrow according to iotop and slowing the site. The last idea I can think of is using replication, but I'm not sure how much that would help and worried about database sync. I'm out of ideas, any tips on how to improve the situation would be highly appreciated. Specs : Debian Lenny 64bit ~12Ghz (6 cores) CPU, 7520gb RAM, 160gb disk. Kernel : 2.6.32-4-amd64 mysqld Ver 5.1.54-0.dotdeb.0 for debian-linux-gnu on x86_64 ((Debian)) Other software: vBulletin 3.8.4 memcached 1.2.2 PHP 5.3.5-0.dotdeb.0 (fpm-fcgi) (built: Jan 7 2011 00:07:27) lighttpd/1.4.28 (ssl) - a light and fast webserver PHP and vBulletin are configured to use memcached. MySQL Settings : [mysqld] key_buffer = 128M max_allowed_packet = 16M thread_cache_size = 8 myisam-recover = BACKUP max_connections = 1024 query_cache_limit = 2M query_cache_size = 128M expire_logs_days = 10 max_binlog_size = 100M key_buffer_size = 128M join_buffer_size = 8M tmp_table_size = 16M max_heap_table_size = 16M table_cache = 96 Other : > vmstat procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- r b swpd free buff cache si so bi bo in cs us sy id wa 9 0 73140 36336 8968 1859160 0 0 42 15 3 2 6 1 89 5 > /etc/init.d/mysql status Threads: 49 Questions: 252139 Slow queries: 164 Opens: 53573 Flush tables: 1 Open tables: 337 Queries per second avg: 61.302. Edit Additional info.

  Read the article

• How do I access my samba drive through several layers of network topology?

  - by stephenmm

  I have a new windows 7 Home Premium machine that is in a different room than my main computer area. As such I have to use a bridge and another router. Everything is working wonderfully except I cannot access the SAMBA drive with the new machine. I know that SAMBA is accessible as an older WinXP machine can access it. A picture of my network would probably be helpfull: To ISP | | +---------------------------+ | WAN | | Cable Modem | | (2WIRE678) | | | | | +---------------------------+ | +---------------------------+ | | (|) (|) +-----------+ | Belkin Router | | | | Wireless | | (F5D) |--+ +--| WinXP | | | |SAMBA USER | | | +-----------+ +---------------------------+ | | | | +------------+ | | Ubuntu | | | Apache + | | |SAMBA Server| | +------------+ | | +---------------------------+ | | | Netgear Bridge | | (XET1001) | | | +---------------------------+ # # +---------------------------+ | | | Netgear Bridge | | (XET1001) | | | +---------------------------+ | +---------------------------+ | | | D-Link Router | | (DI-524) | | | | | +---------------------------+ | | | | +-----------+ | | | Win7 | |SAMBA USER?| +-----------+ More interesting data points: 1. I can ping the SAMBA server from the Win7 machine locally (Ie. 192.168.2.2) 2. I can access the webserver from the Win7 machine locally (Ie. 192.168.2.2) 3. I followed the advice to get Win7 and SAMBA to play nice: http://www.tannerwilliamson.com/2009/09/windows-7-seven-network-file-sharing-fix-samba-smb/ Sorry for being so long winded but it is kind of complex and I am really at a loss as to how to fix it. If any of you have some suggestions I would love to hear it!

  Read the article

• Nginx : Proper use of limit_req_zone and limit_req

  - by xperator

  I have 2 website running on VPS. Their purpose is sharing music files and publishing news. Both of them use wordpress. What I am trying is that I want to prevent little hackers from flooding the webserver and putting stress on the server to make it crash. The problem is that after using limit_req_zone and limit_req my website became very slow. Browsing Wordpress control panel takes a long long time. I tried changing values but it didn't improve much. I guess the problem is Wordpress because it's the only script I am using on both front and back end. Here is the last setting which seems to be more responsive than others : limit_req_zone $binary_remote_addr zone=flood:5m rate=10r/m; location ~ \.php$ { limit_req zone=flood burst=100 nodelay; } What are the optimal values that should be used in my case (wp) ? I want the website have it's normal behavior, On the other hand stopping lifeless people from flooding. Another question, Is it safe and enough to use limit_req only on php files ?

  Read the article

• IPv6 working fine, IPv4 throws OpenSSL error

  - by jippie

  I am building a webserver ( http://blog.linformatronics.nl/ ), which functions just fine on both IPv4 and IPv6 and when using a non-SSL connection. However when I connect to it through https, IPv6 works as expected, but an IPv4 connection throws a client side error. Server side logs are empty for the IPv4/https connection. Summarized in a table: | http | https -----+-------+------------------------------------------------------- IPv4 | works | OpenSSL error, failed. No server side logging. -----+-------+------------------------------------------------------- IPv6 | works | self signed certificate warning, but works as expected Apparently the SSL tunnel isn't even set up, which accounts for the Apache logs being empty. But why does it work fine for IPv6 and fail for IPv4? My question is why is this OpenSSL error being thrown and how can I solve it? Below is some extra information about the setup. IPv6 https Command used to reproduce IPv6/https behaviour: $ wget --no-check-certificate -O /dev/null -6 https://blog.linformatronics.nl --2012-11-03 15:46:48-- https://blog.linformatronics.nl/ Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 2001:980:1b7f:1:a00:27ff:fea6:a2e7 Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|2001:980:1b7f:1:a00:27ff:fea6:a2e7|:443... connected. WARNING: cannot verify blog.linformatronics.nl's certificate, issued by `/CN=localhost': Self-signed certificate encountered. WARNING: certificate common name `localhost' doesn't match requested host name `blog.linformatronics.nl'. HTTP request sent, awaiting response... 200 OK Length: 4556 (4.4K) [text/html] Saving to: `/dev/null' 100%[=======================================================================>] 4,556 --.-K/s in 0s 2012-11-03 15:46:49 (62.5 MB/s) - `/dev/null' saved [4556/4556] IPv4 https Command used to reproduce IPv6/https behaviour: $ wget --no-check-certificate -O /dev/null -4 https://blog.linformatronics.nl --2012-11-03 15:47:28-- https://blog.linformatronics.nl/ Resolving blog.linformatronics.nl (blog.linformatronics.nl)... 82.95.251.247 Connecting to blog.linformatronics.nl (blog.linformatronics.nl)|82.95.251.247|:443... connected. OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to establish SSL connection. Notes I am on Ubuntu Server 12.04.1 LTS

  Read the article

• iptables to block non-VPN-traffic if not through tun0

  - by dacrow

  I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

  Read the article

• Get Safari to use different autocompletion on different URLs on same hostname

  - by Luke404

  I have a webserver publishing different services over the same SSL VirtualHost, the two most commonly used being PhpMyAdmin and Cacti. These (and others) use 'cookie' style authentication, asking user and password in an HTML form (thus not using HTTP Authentication). Being on the same hostname, the Safari browser didn't manage too well stored passwords: if I login to one app with user foo, and then go to app two it would propose me user foo and its password in the login form. Changing just the username to bar used to be sufficient to let Safari autocomplete the correct password in its form field. Annoying, but I could live with it - usernames are short and easy to remember when compared to the passwords we use. After the update to safari5 this seems to be no longer true: if I store in safari (actually user keychain on OSX) credentials for https://www.foobarbaz.com/app1 AND credentials for https://www.foobarbaz.com/app2 there seem to be no way for it to autocomplete both based on the url. Even editing the keychain to add the path (it will store only the hostname by default) does not help. Is there anything I can do to let it work the way I want while still keeping everything on one hostname? Modifying anything server side is of course possible, but I can't switch apps to HTTP Auth (and not every one will support it anyway) to use different 'realms'.

  Read the article

• MySQL getting stuck, eating up disk i/o

  - by bonez05

  Hi all, Using mySQL 5.0.51 on Solaris . At intermittent times it looks like MySQL is getting 'stuck' . The disk usage on the server spikes to 98% busy from reads. I used dtrace (specifically DTrace toolkit - iosnoop) to track down what processes was using all the reads. Mysql was calling tablename.TDM hundreds of times per second. There was no more than average load on the webserver that could account for this. There were no cronjobs running, and no other utilities like mysqldump or anything. It is a master / slave replication setup. As a jury-rigged fix, I altered the mysql table from 'tablename' to 'tablename2' and then back to 'tablename' This fixed the problem temporarily, and "unsticks" mysql. The disk usage goes back down and dtrace is no longer showing hundreds of reads to 'tablename.TDM' / second. A couple ideas I had are: 1. MySQL version bug 2. Infinite loop somewhere in my application (which i'm not sure how likely this is) 3. ?? Has anybody seen this before or have any insight? Thanks

  Read the article

• What performance degradation to expect with Nginx over raw Gunicorn+Gevent?

  - by bouke

  I'm trying to get a very high performing webserver setup for handling long-polling, websockets etc. I have a VM running (Rackspace) with 1GB RAM / 4 cores. I've setup a very simple gunicorn 'hello world' application with (async) gevent workers. In front of gunicorn, I put Nginx with a simple proxy to Gunicorn. Using ab, Gunicorn spits out 7700 requests/sec, where Nginx only does a 5000 request/sec. Is such a performance degradation expected? Hello world: #!/usr/bin/env python def application(environ, start_response): start_response("200 OK", [("Content-type", "text/plain")]) return [ "Hello World!" ] Gunicorn: gunicorn -w8 -k gevent --keep-alive 60 application:application Nginx (stripped): user www-data; worker_processes 4; pid /var/run/nginx.pid; events { worker_connections 768; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; upstream app_server { server 127.0.0.1:8000 fail_timeout=0; } server { listen 8080 default; keepalive_timeout 5; root /home/app/app/static; location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://app_server; } } } Benchmark: (results: nginx TCP, nginx UNIX, gunicorn) ab -c 32 -n 12000 -k http://localhost:[8000|8080]/ Running gunicorn over a unix socket gives somewhat higher throughput (5500 r/s), but it still does't match raw gunicorn's performance.

  Read the article

• IIS 6 Windows Authentication in ASP.Net app fails

  - by Kjensen

  I am trying to install an ASP.Net app on an IIS6 webserver. The site requires the user to authenticate with windows, and this works on several other apps on the same server. In IIS I have enabled anonymous access and windows authentication. In web.config, authentication is set to: <authentication mode="Windows"/> and authorization...: <authorization> <allow roles="Users"/> <deny users="*"/> </authorization> Ie. allow all users in role "Users" and deny everybody else. This is the approach that is working with several other apps on the same server. If I run the site, I am prompted for username and password. If I remove the line: <deny users="*"/> I can access the site and everything works - but the user credentials are not passed to the site (Page.User.Identity.Name returns a blank string in ASP.Net). The site has identical (inherited) file permissions as other working sites on the server. The only difference in authentication/authorization between this site and the other working sites is, that this runs Asp.Net 4 (but there are other working asp.net 4 sites on the server as well). What am I missing here? Where should I look?

  Read the article

• Apache server rewrite rules: how to avoid "implicitly forcing redirect (rc=302)"?

  - by Olivier Pons

  Hi! I've got a very annoying problem: our webserver handles 2 (more actually but let's say 2 for a simpler example): pretassur.fr pretassuragentimmobilier.fr Here's what I want to do: change (whatever1).pretassuragentimmobilier.fr(/whatever2) to (whatever1).pretassur.fr(/whatever2)?theme=agentimmobilier So here's my rewriterule: RewriteCond %{SERVER_NAME} (([a-z]+\.)*)pretassuragentimmobilier.(fr|com) RewriteRule ^(.+) http://%1pretassur.fr$1 [E=THEME:pretassur_agent,QSA] # if THEME not empty, set it : RewriteCond %{ENV:THEME} ^(.+)$ RewriteRule (.*) $1?IDP=%{ENV:THEME} [QSA] The big (huge) problem is: let's have a look at the rewrite logs: [pretassurmandataireimmo.com] (5) => setting env variable 'THEME' to 'pretassur_mandataire' [pretassurmandataireimmo.com] => (2) implicitly forcing redirect (rc=302) with http://pretassur.fr/ Aaaaaaaaarg! "implicitly forcing redirect" = I don't want that ! I want to internally redirect to pretassur.fr, not to make a real redirect! Now if you type: http://pretassurmandataireimmo.com it is redirected to http://pretassur.fr/?IDP=pretassur_mandataire (try it) I don't want that! I want to display this page http://pretassur.fr/?IDP=pretassur_mandataire but without touching the original host! Any idea? Thanks a lot!

  Read the article

• PHP files are downloaded, not executed in UserDir on Apache

  - by Fabian

  We're running a webserver using Debian 6.0.3 with Apache 2, we recently upgraded from Debian 5 to 6. Since then php scripts in the user directories (using mod_userdir) have stopped working, they are downloaded instead of being executed. There is also a website using php outside of the user directories, and that one continues to work fine, so PHP seems to generally work on the server. I tested it with several PHP files, among the a simple phpinfo file that works fine on the main site, but is just downloaded when copying it to one of the user directories. The php files and the directory containing them are executable for everyone. The option in the Apache php5.conf that by default disables PHP in the user directories, is commented out, so the php5.ini looks like this: <IfModule mod_php5.c> <FilesMatch "\.ph(p3?|tml)$"> SetHandler application/x-httpd-php </FilesMatch> <FilesMatch "\.phps$"> SetHandler application/x-httpd-php-source </FilesMatch> # To re-enable php in user directories comment the following lines # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it # prevents .htaccess files from disabling it. #<IfModule mod_userdir.c> # <Directory /home/*/public_html> # php_admin_value engine Off # </Directory> #</IfModule> </IfModule> We restarted Apache after changing this. I'm running out of ideas now what the problem could be, and I don't know how I could really determine which problem is preventing those php files from being executed. Any ideas on how I can solve this? Update: Strangely, PHP seems to work fine in subfolders of user directories, so if I copy a PHP file from /home/user/public_html/ to /home/user/public_html/test/ it suddenly works.

  Read the article

• Why is this setting for Name-based Virtual Host settings not working?

  - by Kave

  I have two domains (siteA.com & SiteB.com) that point to the same webserver and I would like to show different web pages for each. The steps I have taken so far are: Copy the default site (siteA) to siteB 1) sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/siteB 2) sudo vim /etc/apache2/sites-available/siteB <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/siteB <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/siteB> Options Indexes FollowSymLinks MultiViews AllowOverride FileInfo Indexes Order allow,deny allow from all </Directory> </VirtualHost *:80> Then I created under /var/www/siteB and created a sample index.html in there. However when I load my domain siteB.com I still get directed to /var/www/siteA. Why is that? Do I have to rename the /etc/apache2/sites-available/default to /etc/apache2/sites-available/siteA as well? UPDATE: Thanks to the answer below it seems I had forgotten next to enabling the site also another entry: <VirtualHost *:80> ServerAdmin [email protected] ServerName siteB.com ServerAlias www.siteB.com </VirtualHost *:80> in order to include all subdomains as well then do: <VirtualHost *:80> ServerAdmin [email protected] ServerName siteB.com ServerAlias *.siteB.com </VirtualHost *:80> Same goes for siteA.

  Read the article

• iptables to block VPN-traffic if not through tun0

  - by dacrow

  I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

  Read the article

< Previous Page | 78 79 80 81 82 83 84 85 86 87 88 89  | Next Page >