Search Results

Search found 10808 results on 433 pages for 'apache regexp'.

Page 88/433 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >

  • Port numbers appended to anchor tags

    - by glifchits
    I've built a static site. Locally, when I serve the content with python -m SimpleHTTPServer everything behaves normally, but when I copy the HTML onto the server and browse the site at the server's URL, some links will have a port number appended to the domain. For example: url.com:84/path where the correct path is url.com/path. The port number is usually different, always between 81-85. It is an Apache server. I'm not experienced with web server configuration, and I'm not the admin of the server. Let me know if there is more information that can help solve my problem. ~> cat /etc/*release* SuSE SLES-8 (i386) VERSION = 8.1 UnitedLinux 1.0 (i586) VERSION = 1.0 LSB_VERSION="1.2" DISTRIB_ID="UnitedLinux" DISTRIB_RELEASE="1.0" DISTRIB_DESCRIPTION="UnitedLinux 1.0 (i586)"

    Read the article

  • Gzip compress offline?

    - by shoosh
    I've configured my site to serve compressed content by putting this line in .htaccess AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css application/javascript application/json This works perfectly for almost all files except a few large JSON files that are above 200Kb. For some reason they are not being compressed. I see that they don't using the net tab in firebug and the Network section in chrome. So as a workaround I thought I could compress these files offline and have Apache read them compressed. What tool should I use to compress them? is the linux gzip the one? any special flags or something I should use? What should I put in .htaccess so that the server would know to serve these files with content-encoding gzip ?

    Read the article

  • Webmin - Setting up multiple virtual hosts - Subdomains

    - by Aaron
    Can someone please help me in using WEBMIN to setup virtual hosts. My current domain www.MYDOMAINLOLFAKE.com currently functions. Settings are as follows - Apache - Handles the name-based server www.MYDOMAINLOLFAKE.com on all addresses Address Any Port 80 Server Name www.MYDOMAINLOLFAKE.com Document Root /var/www/html BIND DNS Server - Master Zone MYDOMAINLOLFAKE.com ns1.mydomainlolfake.com IPHERE - works ns2.mydomainlolfake.com IPHERE - works mydomainlolfake.com IPHERE - works www.mydomainlolfake.com IPHERE -works mail.mydomainlolfake.com IPHERE - works ftp.mydomainlolfake.com IPHERE - works What I need - something.mydomainlolfake.com -- CANT GET THIS TO WORK What I tried - Create new virtual host Handles the name-based server something.mydomainlolfake.com on something.mydomainlolfake.com Address Any Port 81 Document Root: /var/www/vhosts/something What happens - I create the new VHOST and then ALL address try to go to that new Document root. I need different addresses to go to their respective folders. Can someone please give me better instructions on how to set that up using webmin? TLDR# How do I make a something.mydomainlolfake.com subdomain work in webmin on my CENTOS 6 web server?

    Read the article

  • How can I determine the trending pages on my site?

    - by Dogweather
    I'm looking to what what the "hot" pages are on one of my sites. I want to see for various timeframes, what the top-50 pages are. I'm going to create a data feed with this info which will be input to another app. I have Apache logs, and complete control of the machine to install what I want. I'm mostly wondering if there's something out there already that I can use, or if I have to implement it myself, what good algorithms or strategies might be. Thanks.

    Read the article

  • Ubuntu 12.04 LTS Desktop 64 bit user permissions or apache2 rewrite problem

    - by mtm
    have installed 12.04 Desktop 64 bit, manually installed LAMP, phpmyadmin, php5-dev,PEAR, PECL, apc, ssh, created user to own /var/www/ and transferred 3 sites to /www/. sites are in subfolders, sites - available all configured, and enabled. One site is pure html, two athers - php. Enabled curl, but phpmyadmin started at first, also php sites, than stopped working /show blank pages/ sites said Clean urls cannot be enabled. Html site still working. Where is the problem, and why the php sites stop working? In all apache .conf files Allow Override is set to ALL. php sites have .htaccess files. And this configuration worked with Ubuntu 10.04.

    Read the article

  • How to identify the client is a search robot?

    - by Yau Leung
    I have built my entire site using AJAX (indeed it's GWT). I have also implemented AJAX crawling proposed by Google. However, after the implementation, I found that neither Yahoo , Bing, nor Baidu implemented that scheme! I'm wondering if there is a way to identify the web client is a search robot. If they are, they will be shown the HTML snapshot I created. It will be best if I can identify them in APACHE level, then I can just do a mod_rewrite. But it's still ok if I can do that in PHP or GWT.

    Read the article

  • Question about mod_rewrite rule for redirecting failing pages

    - by SimpleCoder
    I'm setting up a mod_rewrite rule that redirects failing pages to a custom Page Not Found page. This is with Wordpress. I'm using the guide here: http://httpd.apache.org/docs/2.2/rewrite/rewrite_guide_advanced.html#redirect404. My rule so far looks like this: RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.+) http://example.com/?page_id=254 [R] This works. It seems to be a combination of the first and second suggestion that worked, since the -U flag did nothing. My question is, out of curiosity why the following happens: When I change REQUEST_FILENAME to REQUEST_URI (as the second example suggests), the page loads, but none of the style sheets load. All of my formatting is gone, and this happens on every page. Can anyone think of why this might happen?

    Read the article

  • =~ (equal-sign tilde) and m" ... " in .htaccess directive

    - by Lèse majesté
    I saw this bit of code on an old forum post: SSLRequire %{HTTP_HOST} =~ m"\.secure\.powweb\.com" And I was just wondering what the =~ and m" ... " meant. I've been searching online and in the Apache documentation for any mention of the equal-sign tilde operator, but I've found no mention of it. I know that some directives can take a tilde to use a regular expression, but I've never seen the m" ... " form used before. What exactly is that m" ... " for? Where else would you see this form?

    Read the article

  • URL rewriting via forward proxy

    - by Biggroover
    I have an app that runs inside my firewall and talks out to multiple end points via HTTP/HTTPS on a non-standard port e.g. http://endpoint1.domain.com:7171, http://endpoint2.domain.com:7171 What I want to do is route these requests through a forward proxy that then rewrites the URL to something like http://allendpoints.domain.com/endpoint1 (port 80 or 443) then on the other end have a reverse proxy that unwinds what I did on the forward proxy to reach the specific endpoints. The result being that I can route existing app requests through to specific endpoints across the internet without having to change my app software. My questions are: is this even possible? is it a good idea, are their better ways to do this? Can this be done with IIS and Apache as the proxies?

    Read the article

  • How would I know if my OS is compromised?

    - by itsols
    I had opened a php folder from a friend's web host. I run it on mine to fix some bugs. Then I tried attaching the code to be emailed and GMAIL stated that the attachment was infected by a virus. Now I'm afraid if my Apache or OS (12.04) is infected. I checked the php files and found a base64 encoded set of code being 'eval'd at the top of each and every php file. Just reversing it (echo with htmlspecialchars) showed some clue that there were sockets in use and something to do with permissions. And also there were two websites referred having .ru extensions. Now I'm afraid if my Ubuntu system is affected or compromised. Any advice please! Here's my second run of rkhunter with the options: sudo rkhunter --check --rwo Warning: The command '/usr/bin/unhide.rb' has been replaced by a script: /usr/bin/unhide.rb: Ruby script, ASCII text Warning: Hidden directory found: /dev/.udev Warning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramfs'

    Read the article

  • How can I prevent people from looking at a listing of files in parent directory if I haven't uploaded index.html? [closed]

    - by LedZeppelin
    Possible Duplicate: How to restrict the download of all files in a folder? I haven't uploaded index.html or index.php to my root directory. How can I prevent people from looking at a listing of files in parent directory? http://oi56.tinypic.com/sc739e.jpg Also, is it possible for people to obtain a list of all the files in the root directory once I upload index.html? I'm currently using .htaccess and htusers to prompt someone to enter a username and password when they try to access any file in the root directory. This may sound like a weird request but would it be possible to have them come to the site (without an index.html) and just have them not see the files? All it would say on the page would be the following: Index of/ Apache Server at mysite.com Port 80

    Read the article

  • Determining if a visitor left your server

    - by Jeepstone
    We have an Apache server running a PHP website. The site is an e-commerce shop. We currently use Barclays as the payment provider but are seeing a lot of customers drop out at the point at which we transfer them to the payment gateway (hosted with Barclays) I can see specific instances in the shop where orders have been created but not paid/failed but I need to ascertain if the user has definitely left our server (or just failed to reach Barclays). Is there anything in any of the server/access logs that states when a user transferred to a different domain?

    Read the article

  • Ubuntu Desktop or Ubuntu Server?

    - by Twinborn
    Hello everyone. I'm new to Linux and Ubuntu is my first distribution. I have chosen Ubuntu because I want to learn more about Linux. I'm under time constraints and need to setup a server as soon as possible. I have Ubuntu Desktop and Ubuntu Server setup via VMWare Fusion on my MacBook Pro. I installed everything I need on the server edition, but it feels way over my head. I have no experience with CLI. Can I just use Ubuntu Desktop to run my Web server for the time being while I learn CLI? I basically need to run Apache, PHP, MySQL, phpMyAdmin, Python and Django. Should I be using MAMP? Thanks.

    Read the article

  • How to get my localhost with a different directory to my index working)?

    - by blade19899
    I can't get my apache configuration to open my index.html I edited my /etc/apache2/apache2.conf and added the following at the bottom. <VirtualHost *:80> DocumentRoot /media//DATA/directory/to/my/index-file/ ServerName host-test.com </VirtualHost> Then I restarted my entire pc, but when I open localhost I get the: It works! This is the default web page for this server. The web server software is running but no content has been added, yet. Page and not the code written in my index.html? How to get my localhost with a different directory to my index working in Ubuntu 12.10(amd64)?

    Read the article

  • org.apache.http.impl.cookie.BasicClientCookie not serializable???

    - by Misha Koshelev
    Dear All: I am quite confused... I am reading here and BasicClientCookie clearly implements Serializable per JavaDoc: http://hc.apache.org/httpcomponents-client/httpclient/apidocs/org/apache/http/impl/cookie/BasicClientCookie.html However, my simple Groovy script: #!/usr/bin/env groovy @Grapes( @Grab(group='org.apache.httpcomponents', module='httpclient', version='4.0.1') ) import org.apache.http.impl.cookie.BasicClientCookie import java.io.File def cookie=new BasicClientCookie("name","value") println cookie instanceof Serializable def f=new File("/tmp/test") f.withObjectOutputStream() { oos-> oos.writeObject(cookie) } outputs: false Caught: java.io.NotSerializableException: org.apache.http.impl.cookie.BasicClientCookie at t$_run_closure1.doCall(t.groovy:12) at t.run(t.groovy:11) I have checked and I have no other versions of HttpClient anywhere in classpath (if I take Grapes statement out it cannot find file). Thank you! Misha Koshelev

    Read the article

  • PHP and Apache environment variables

    - by Simon
    Hello, I want to pass an environment variable in linux to apache on start up. export MYVAR=5 --I define my environment variable on the command line PassEnv MYVAR --set apache to import the variable in apache config file apachectl restart --when I restart apache I don't get an error message. However I have noticed that if I do not create the environment variable in my first step, I get a warning message, so must be working here echo $_SERVER['MYVAR'] --i try to access the environment variable within PHP but it is not defined I've observed that if I try to PassEnv an environment variable that already exits (one that I havn't created myself) it works fine. The SetEnv directive also works fine. I'd really like to pass an environment variable to apache on the fly without writing it in a file. Help much appreciated. I'm using CentOS, PHP5 and Apache2. Thanks.

    Read the article

  • How to disable SSLCompression on Apache httpd 2.2.15?

    - by Stefan Lasiewski
    I read about the CRIME attack against TLS Compression (CRIME is a successor to the BEAST attack against ssl & tls), and I want to protect my webservers against this attack by disabling SSL Compression, which was added to Apache 2.2.22 (See Bug 53219). I am running Scientific Linux 6.1, which ships with httpd-2.2.15. Security fixes for upstream versions of httpd 2.2 should be backported to this version. # rpm -q httpd httpd-2.2.15-15.sl6.1.x86_64 # httpd -V Server version: Apache/2.2.15 (Unix) Server built: Feb 14 2012 09:47:14 Server's Module Magic Number: 20051115:24 Server loaded: APR 1.3.9, APR-Util 1.3.9 Compiled using: APR 1.3.9, APR-Util 1.3.9 I tried SSLCompression off in my configuration, but that results in the following error message: # /etc/init.d/httpd restart Stopping httpd: [ OK ] Starting httpd: Syntax error on line 147 of /etc/httpd/httpd.conf: Invalid command 'SSLCompression', perhaps misspelled or defined by a module not included in the server configuration [FAILED] Is it possible to disable SSLCompression with this version of Apache Webserver?

    Read the article

  • Apache port forwarding with ZTE ZXV10 W300 router (provider specific firmware)

    - by dannote
    I'm trying to configure port forwarding for Apache 2.2 installed on Windows XP SP3 with ZTE ZXV10 W300 router. The computer has a static IP 192.168.1.2. Port forwarding is configured as following: Enable true Name Apache Protocol TCP (also tried TCP and UPD) WAN Host Start IP Address empty WAN Host End IP Address empty WAN Connection stream WAN Start Port 8080 WAN End Port 8080 LAN Host IP Address 192.168.1.2 LAN Host Start Port 8080 LAN Host End Port 8080 Port 8080 is open for both TCP and UPD in Windows Brandmauer. Apache configuration: Listen 192.168.1.2:8080 Router Firmware: Hardware Version V1.0.01 Software Version V8.0.02T03_CFA Boot Loader Version V1.1.2 The provider is COMSTAR. I'm not sure but it's said they flash routers with modified firmware. I have also tried to set up Bitcomet port forwarding on port 13514 and failed.

    Read the article

  • Apache 2.4.3 php-fpm mod_fast_cgi and mod_cache

    - by Anjia
    Did anybody successfully configured mod_cache in apache 2.4 with php-fpm and fastcgi? my cgi config: <IfModule mod_fastcgi.c> Alias /php5.fastcgi /var/www/fastcgi/php5.fastcgi AddHandler php-script .php FastCGIExternalServer /var/www/fastcgi/php5.fastcgi -socket /mnt/tmp/fast/php-fpm.sock -idle-timeout 1600 -pass-header Authorization Action php-script /php5.fastcgi virtual My php-fpm config is standard and I am loading mod_cache and mod_disk_cache in Apache. However the Apache does not seems to cache any content. The debug log file: Fri Sep 07 23:22:59.691333 2012] [cache:debug] [pid 35623:tid 123613201929984] mod_cache.c(161): [client 10.0.0.22:21938] AH00750: Adding CACHE_SAVE filter for /index.html [Fri Sep 07 23:22:59.691345 2012] [cache:debug] [pid 35623:tid 123613201929984] mod_cache.c(171): [client 10.0.0.22:21938] AH00751: Adding CACHE_REMOVE_URL filter for /index.html [Fri Sep 07 23:23:01.326598 2012] [cache:debug] [pid 35623:tid 123613185144576] cache_storage.c(626): [client 10.0.0.110:5414] AH00698: cache: Key for entity /index.html?(null) is `http://10.0.1.16:8080/index.html?`

    Read the article

  • Accessing apache in ubuntu 10 virtualbox guest from ubuntu 10 host

    - by Francis L
    I did the following: installed VirtualBox 3.1.6 OSE in ubuntu 10 desktop. installed ubuntu 10 server on a virtual machine in VirtualBox. select "LAMP server" and "OpenSSH server" options during the ubuntu server installation. leave network "adapter 1" of virtual machine as "NAT". use "VBoxManage" described in manual to setup port forwarding on the host (Protocol: TCP, GuestPort: 80, HostPort: 8080). verify "ExtraDataItem" have been added to "ubuntuServer1.xml" (my virtual machine name) correctly. run command "pgrep apache" in ubuntu server in virtual machine to ensure apache is running. Everything went well. But, when I try to access the apache from the browser on the host with "http://localhost:8080/", it just continue fetching with no response. Now, I'm struck! Please help! Many many thanks in advance!

    Read the article

  • Cannot access Tomcat application remotely, but can access Apache applications

    - by David Keaveny
    I am installing Atlassian's Confluence 4.2 on a clean Ubuntu 12.04 server. Confluence runs on Tomcat 6, and uses PostgreSQL 9.1 as its datastore. I've installed and configured phpPgAdmin to manage PostgreSQL, and Zentyal to manage the server generally. Both these applications use Apache. The problem that I am experiencing is that while I can access phpPgAdmin and Zentyal without problem from a remote PC, I can only access Confluence when running locally (either specified by localhost, IP address or host name). Instead I get an HTTP 502 Connection Failed error. By way of experimentation, I also installed Ajenti, which appears to use lighttpd rather than Apache or Tomcat, and it too works fine when connected to locally, but gives me the same HTTP 502 error when connected to remotely. So applications served from Apache work fine, but applications served from other services do not - does that ring a bell with anyone? It's been over 10 years since I last sysadmin'ed a Linux box, so I'm more than a little rusty!

    Read the article

  • Getting apache to use ldap group and filesystem group information

    - by Angelo
    We have an Apache server which serves out of a particular directory, and just supplies a listing of files. From this directory, each subdirectory is owned by a certain group of users (at the filesystem level). User groups are determined by a posixGroup in ldap. Is there any simple way I can tell Apache to authorize access based on filesystem permissions, just like if the users were to access the filesystem from a shell? I would like to be able to simply add users/groups/directories without having to add another Directory or Location directive in Apache's conf?

    Read the article

  • Can't enable apache mod on emerge

    - by ranisalt
    I want to add mod_proxy and mod_proxy_http to Apache server on my Gentoo, but apparently some file with high priority on the system is disabling the mods and preventing me to install. I am currently editing /usr/portage/profiles/base/make.defaults file, but it gets updated (and changes lost) every time I update the system. I have to edit it every time I update the system/reinstall Apache. Besides that, I have already added dependencies to the /etc/portage/package.use file: www-servers/apache proxy proxy_http What other files do I have do change or should check flags so I can enable proxy and do not have to edit files again every time?

    Read the article

  • Macports Apache Slow to Start/Stop

    - by moranjk
    I am running OSX 10.8.5 (Mountain Lion) with Apache2 from MacPorts for local development, and just recently I noticed it is taking almost a minute to restart Apache. I wouldn't think anything of it except it normally would restart in less than a second. I had all but given up Googling when I noticed that if I turned off the WiFi (I haven't tried hardwire yet) Apache would restart just as it use to. What would cause Apache to take longer to start when I am connected to the LAN? What can be done to mitigate this issue?

    Read the article

  • Disable .htaccess from apache allowoverride none, still reads .htaccess files

    - by John Magnolia
    I have moved all of our .htaccess config into <Directory> blocks and set AllowOverride None in the default and default-ssl. Although after restarting apache it is still reading the .htaccess files. How can I completely turn off reading these files? Update of all files with "AllowOverride" /etc/apache2/mods-available/userdir.conf <IfModule mod_userdir.c> UserDir public_html UserDir disabled root <Directory /home/*/public_html> AllowOverride FileInfo AuthConfig Limit Indexes Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory> </IfModule> /etc/apache2/mods-available/alias.conf <IfModule alias_module> # # Aliases: Add here as many aliases as you need (with no limit). The format is # Alias fakename realname # # Note that if you include a trailing / on fakename then the server will # require it to be present in the URL. So "/icons" isn't aliased in this # example, only "/icons/". If the fakename is slash-terminated, then the # realname must also be slash terminated, and if the fakename omits the # trailing slash, the realname must also omit it. # # We include the /icons/ alias for FancyIndexed directory listings. If # you do not use FancyIndexing, you may comment this out. # Alias /icons/ "/usr/share/apache2/icons/" <Directory "/usr/share/apache2/icons"> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory> </IfModule> /etc/apache2/httpd.conf # # Directives to allow use of AWStats as a CGI # Alias /awstatsclasses "/usr/share/doc/awstats/examples/wwwroot/classes/" Alias /awstatscss "/usr/share/doc/awstats/examples/wwwroot/css/" Alias /awstatsicons "/usr/share/doc/awstats/examples/wwwroot/icon/" ScriptAlias /awstats/ "/usr/share/doc/awstats/examples/wwwroot/cgi-bin/" # # This is to permit URL access to scripts/files in AWStats directory. # <Directory "/usr/share/doc/awstats/examples/wwwroot"> Options None AllowOverride None Order allow,deny Allow from all </Directory> Alias /awstats-icon/ /usr/share/awstats/icon/ <Directory /usr/share/awstats/icon> Options None AllowOverride None Order allow,deny Allow from all </Directory> /etc/apache2/sites-available/default-ssl <IfModule mod_ssl.c> <VirtualHost _default_:443> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl # Client Authentication (Type): # Client certificate verification type and depth. Types are # none, optional, require and optional_no_ca. Depth is a # number which specifies how deeply to verify the certificate # issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth 10 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details. #<Location /> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> # SSL Engine Options: # Set various options for the SSL engine. # o FakeBasicAuth: # Translate the client X.509 into a Basic Authorisation. This means that # the standard Auth/DBMAuth methods can be used for access control. The # user name is the `one line' version of the client's X.509 certificate. # Note that no password is obtained from the user. Every entry in the user # file needs this password: `xxj31ZMTZzkVA'. # o ExportCertData: # This exports two additional environment variables: SSL_CLIENT_CERT and # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the # server (always existing) and the client (only existing when client # authentication is used). This can be used to import the certificates # into CGI scripts. # o StdEnvVars: # This exports the standard SSL/TLS related `SSL_*' environment variables. # Per default this exportation is switched off for performance reasons, # because the extraction step is an expensive operation and is usually # useless for serving static content. So one usually enables the # exportation for CGI and SSI requests only. # o StrictRequire: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even # under a "Satisfy any" situation, i.e. when it applies access is denied # and no other module can change it. # o OptRenegotiate: # This enables optimized SSL connection renegotiation handling when SSL # directives are used in per-directory context. #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> # SSL Protocol Adjustments: # The safe and default but still SSL/TLS standard compliant shutdown # approach is that mod_ssl sends the close notify alert but doesn't wait for # the close notify alert from client. When you need a different shutdown # approach you can use one of the following variables: # o ssl-unclean-shutdown: # This forces an unclean shutdown when the connection is closed, i.e. no # SSL close notify alert is send or allowed to received. This violates # the SSL/TLS standard but is needed for some brain-dead browsers. Use # this when you receive I/O errors because of the standard approach where # mod_ssl sends the close notify alert. # o ssl-accurate-shutdown: # This forces an accurate shutdown when the connection is closed, i.e. a # SSL close notify alert is send and mod_ssl waits for the close notify # alert of the client. This is 100% SSL/TLS standard compliant, but in # practice often causes hanging connections with brain-dead browsers. Use # this only for browsers where you know that their SSL implementation # works correctly. # Notice: Most problems of broken clients are also related to the HTTP # keep-alive facility, so you usually additionally want to disable # keep-alive for those clients, too. Use variable "nokeepalive" for this. # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 # MSIE 7 and newer should be able to use keepalive BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost> </IfModule> /etc/apache2/sites-available/default <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options -Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> Alias /delboy /usr/share/phpmyadmin <Directory /usr/share/phpmyadmin> # Restrict phpmyadmin access Order Deny,Allow Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> /etc/apache2/conf.d/security # # Disable access to the entire file system except for the directories that # are explicitly allowed later. # # This currently breaks the configurations that come with some web application # Debian packages. # #<Directory /> # AllowOverride None # Order Deny,Allow # Deny from all #</Directory> # Changing the following options will not really affect the security of the # server, but might make attacks slightly more difficult in some cases. # # ServerTokens # This directive configures what you return as the Server HTTP response # Header. The default is 'Full' which sends information about the OS-Type # and compiled in modules. # Set to one of: Full | OS | Minimal | Minor | Major | Prod # where Full conveys the most information, and Prod the least. # #ServerTokens Minimal ServerTokens OS #ServerTokens Full # # Optionally add a line containing the server version and virtual host # name to server-generated pages (internal error documents, FTP directory # listings, mod_status and mod_info output etc., but not CGI generated # documents or custom error documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of: On | Off | EMail # #ServerSignature Off ServerSignature On # # Allow TRACE method # # Set to "extended" to also reflect the request body (only for testing and # diagnostic purposes). # # Set to one of: On | Off | extended # TraceEnable Off #TraceEnable On /etc/apache2/apache2.conf # # Based upon the NCSA server configuration files originally by Rob McCool. # # This is the main Apache server configuration file. It contains the # configuration directives that give the server its instructions. # See http://httpd.apache.org/docs/2.2/ for detailed information about # the directives. # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # # The configuration directives are grouped into three basic sections: # 1. Directives that control the operation of the Apache server process as a # whole (the 'global environment'). # 2. Directives that define the parameters of the 'main' or 'default' server, # which responds to requests that aren't handled by a virtual host. # These directives also provide default values for the settings # of all virtual hosts. # 3. Settings for virtual hosts, which allow Web requests to be sent to # different IP addresses or hostnames and have them handled by the # same Apache server process. # # Configuration and logfile names: If the filenames you specify for many # of the server's control files begin with "/" (or "drive:/" for Win32), the # server will use that explicit path. If the filenames do *not* begin # with "/", the value of ServerRoot is prepended -- so "foo.log" # with ServerRoot set to "/etc/apache2" will be interpreted by the # server as "/etc/apache2/foo.log". # ### Section 1: Global Environment # # The directives in this section affect the overall operation of Apache, # such as the number of concurrent requests it can handle or where it # can find its configuration files. # # # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE! If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation (available # at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>); # you will save yourself a lot of trouble. # # Do NOT add a slash at the end of the directory path. # #ServerRoot "/etc/apache2" # # The accept serialization lock file MUST BE STORED ON A LOCAL DISK. # LockFile ${APACHE_LOCK_DIR}/accept.lock # # PidFile: The file in which the server should record its process # identification number when it starts. # This needs to be set in /etc/apache2/envvars # PidFile ${APACHE_PID_FILE} # # Timeout: The number of seconds before receives and sends time out. # Timeout 300 # # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. # KeepAlive On # # MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance. # MaxKeepAliveRequests 100 # # KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection. # KeepAliveTimeout 4 ## ## Server-Pool Size Regulation (MPM specific) ## # prefork MPM # StartServers: number of server processes to start # MinSpareServers: minimum number of server processes which are kept spare # MaxSpareServers: maximum number of server processes which are kept spare # MaxClients: maximum number of server processes allowed to start # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_prefork_module> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 500 </IfModule> # worker MPM # StartServers: initial number of server processes to start # MaxClients: maximum number of simultaneous client connections # MinSpareThreads: minimum number of worker threads which are kept spare # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadLimit: ThreadsPerChild can be changed to this maximum value during a # graceful restart. ThreadLimit can only be changed by stopping # and starting Apache. # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_worker_module> StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 </IfModule> # event MPM # StartServers: initial number of server processes to start # MaxClients: maximum number of simultaneous client connections # MinSpareThreads: minimum number of worker threads which are kept spare # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves <IfModule mpm_event_module> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> # These need to be set in /etc/apache2/envvars User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} # # AccessFileName: The name of the file to look for in each directory # for additional configuration directives. See also the AllowOverride # directive. # AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. # <Files ~ "^\.ht"> Order allow,deny Deny from all Satisfy all </Files> # # DefaultType is the default MIME type the server will use for a document # if it cannot otherwise determine one, such as from filename extensions. # If your server contains mostly text or HTML documents, "text/plain" is # a good value. If most of your content is binary, such as applications # or images, you may want to use "application/octet-stream" instead to # keep browsers from trying to display binary files as though they are # text. # DefaultType text/plain # # HostnameLookups: Log the names of clients or just their IP addresses # e.g., www.apache.org (on) or 204.62.129.132 (off). # The default is off because it'd be overall better for the net if people # had to knowingly turn this feature on, since enabling it means that # each client request will result in AT LEAST one lookup request to the # nameserver. # HostnameLookups Off # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> # container, error messages relating to that virtual host will be # logged here. If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # ErrorLog ${APACHE_LOG_DIR}/error.log # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel warn # Include module configuration: Include mods-enabled/*.load Include mods-enabled/*.conf # Include all the user configurations: Include httpd.conf # Include ports listing Include ports.conf # # The following directives define some format nicknames for use with # a CustomLog directive (see below). # If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i # LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %O" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent # Include of directories ignores editors' and dpkg's backup files, # see README.Debian for details. # Include generic snippets of statements Include conf.d/ # Include the virtual host configurations: Include sites-enabled/

    Read the article

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95  | Next Page >