Search Results

Search found 44 results on 2 pages for 'sv1'.

Page 1/2 | 1 2  | Next Page >

  • Blocking a distributed, consistent spam attack? Could it be something more serious?

    - by mattmcmanus
    I will do my best to try and explain this as it's strange and confusing to me. I posted a little while ago about a sustained spike in mysql queries on a VPS I had recently setup. It turned out to be a single post on a site I was developmenting. The post had over 30,000 spam comments! Since the site was one I was slowly building I hadn't configured the anti-spam comment software yet. I've since deleted the particular post which has given the server a break but the post's url keeps on getting hit. The frustrating thing is every hit is from a different IP. How do I even start to block/prevent this? Is this even something I need to worry about? Here are some more specific details about my setup, just to give some context: Ubuntu 8.10 server with ufw setup The site I'm building is in Drupal which now has Mollom setup for spam control. It wasn't configured before. The requests happen inconsistently. Sometimes it's every couple seconds and other times it's a an or so between hits. However it's been going on pretty much constantly like that for over a week. Here is a sample of my apache access log from the last 15 minutes just for the page in question: dev.domain-name.com:80 97.87.97.169 - - [28/Mar/2010:06:47:40 +0000] "POST http://dev.domain-name.com/comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 202.149.24.193 - - [28/Mar/2010:06:50:37 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 193.106.92.77 - - [28/Mar/2010:06:50:39 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 194.85.136.187 - - [28/Mar/2010:06:52:03 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 220.255.7.13 - - [28/Mar/2010:06:52:14 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 195.70.55.151 - - [28/Mar/2010:06:53:41 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 71.91.4.31 - - [28/Mar/2010:06:56:07 +0000] "POST http://dev.domain-name.com/comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 98.209.203.170 - - [28/Mar/2010:06:56:10 +0000] "POST http://dev.domain-name.com/comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 24.255.137.159 - - [28/Mar/2010:06:56:19 +0000] "POST http://dev.domain-name.com/comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 77.242.20.18 - - [28/Mar/2010:07:00:15 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 94.75.215.42 - - [28/Mar/2010:07:01:34 +0000] "POST /comment/reply/3 HTTP/1.0" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 89.115.2.128 - - [28/Mar/2010:07:03:20 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 75.65.230.252 - - [28/Mar/2010:07:05:05 +0000] "POST http://dev.domain-name.com/comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 206.251.255.61 - - [28/Mar/2010:07:06:46 +0000] "POST /comment/reply/3 HTTP/1.0" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" dev.domain-name.com:80 213.194.120.14 - - [28/Mar/2010:07:07:22 +0000] "POST /comment/reply/3 HTTP/1.1" 404 5895 "http://dev.domain-name.com/blog/2009/11/23/another" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" I understand this is an open ended question, but any help or insight you could give would be much appreciated.

    Read the article

  • How to install php-devel under CentOS 6.3 x64?

    - by Jeremy Dicaire
    I'm trying to install php-devel on my CentOS 6.3 VPS and get a failed dependencies test. From phpinfos(): SYSTEM Linux 2.6.32-279.5.2.el6.x86_64 #1 x86_64 NTS error: Failed dependencies: php(x86-64) = 5.4.6-1.el6.remi is needed by php-devel-5.4.6-1.el6.remi.x86_64 I've tried the following RPM packages: php54w-devel-5.4.6-1.w6.x86_64.rpm php-devel-5.4.6-1.el6.remi.i686.rpm php-devel-5.4.6-1.el6.remi.x86_64.rpm One of the above package gave me this: root@sv1 [/tmp]# rpm -Uvh php-devel-5.4.6-1.el6.remi.i686.rpm warning: php-devel-5.4.6-1.el6.remi.i686.rpm: Header V3 DSA/SHA1 Signature, key ID 00f97f56: NOKEY error: Failed dependencies: php(x86-32) = 5.4.6-1.el6.remi is needed by php-devel-5.4.6-1.el6.remi.i686 libbz2.so.1 is needed by php-devel-5.4.6-1.el6.remi.i686 libcom_err.so.2 is needed by php-devel-5.4.6-1.el6.remi.i686 libcrypto.so.10 is needed by php-devel-5.4.6-1.el6.remi.i686 libedit.so.0 is needed by php-devel-5.4.6-1.el6.remi.i686 libgmp.so.3 is needed by php-devel-5.4.6-1.el6.remi.i686 libgssapi_krb5.so.2 is needed by php-devel-5.4.6-1.el6.remi.i686 libk5crypto.so.3 is needed by php-devel-5.4.6-1.el6.remi.i686 libkrb5.so.3 is needed by php-devel-5.4.6-1.el6.remi.i686 libncurses.so.5 is needed by php-devel-5.4.6-1.el6.remi.i686 libssl.so.10 is needed by php-devel-5.4.6-1.el6.remi.i686 libstdc++.so.6 is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2 is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2(LIBXML2_2.4.30) is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2(LIBXML2_2.5.2) is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2(LIBXML2_2.6.0) is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2(LIBXML2_2.6.11) is needed by php-devel-5.4.6-1.el6.remi.i686 libxml2.so.2(LIBXML2_2.6.5) is needed by php-devel-5.4.6-1.el6.remi.i686 libz.so.1 is needed by php-devel-5.4.6-1.el6.remi.i686 I don't know how to fix this error and download all the dependencies. Thank you. Edit 1 (for quanta): Here is "yum repolist": root@sv1 [/tmp]# yum repolist Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: mirror.atlanticmetro.net * epel: mirror.cogentco.com * extras: mirror.atlanticmetro.net * rpmforge: mirror.us.leaseweb.net * updates: centos.mirror.choopa.net repo id repo name status base CentOS-6 - Base 5,980+366 epel Extra Packages for Enterprise Linux 6 - x86_64 6,493+1,272 extras CentOS-6 - Extras 4 rpmforge RHEL 6 - RPMforge.net - dag 2,123+2,310 updates CentOS-6 - Updates 499+29 repolist: 15,099 root@sv1 [/tmp]# rpm -qa | grep php didn't return any result. I forgot to mention I'm using cPanel/WHM Edit 2 after adding the Remi repo: >root@sv1 [/etc/yum.repos.d]# yum clean all Loaded plugins: fastestmirror, presto Cleaning repos: base epel extras remi remi-test rpmforge updates Cleaning up Everything Cleaning up list of fastest mirrors 1 delta-package files removed, by presto >root@sv1 [/etc/yum.repos.d]# yum repolist Loaded plugins: fastestmirror, presto Determining fastest mirrors epel/metalink | 12 kB 00:00 * base: centos.mirror.nac.net * epel: mirror.symnds.com * extras: centos.mirror.choopa.net * remi: remi-mirror.dedipower.com * remi-test: remi-mirror.dedipower.com * rpmforge: mirror.us.leaseweb.net * updates: centos.mirror.nac.net base | 3.7 kB 00:00 base/primary_db | 4.5 MB 00:00 epel | 4.3 kB 00:00 epel/primary_db | 4.7 MB 00:00 extras | 3.0 kB 00:00 extras/primary_db | 6.3 kB 00:00 remi | 2.9 kB 00:00 remi/primary_db | 330 kB 00:00 remi-test | 2.9 kB 00:00 remi-test/primary_db | 85 kB 00:00 rpmforge | 1.9 kB 00:00 rpmforge/primary_db | 2.5 MB 00:00 updates | 3.5 kB 00:00 updates/primary_db | 2.3 MB 00:00 repo id repo name status base CentOS-6 - Base 5,980+366 epel Extra Packages for Enterprise Linux 6 - x86_64 6,493+1,272 extras CentOS-6 - Extras 4 remi Les RPM de remi pour Enterprise Linux 6 - x86_64 96+564 remi-test Les RPM de remi en test pour Enterprise Linux 6 - x86_64 25+139 rpmforge RHEL 6 - RPMforge.net - dag 2,123+2,310 updates CentOS-6 - Updates 499+29 repolist: 15,220 >root@sv1 [/etc/yum.repos.d]# yum install php-devel Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: centos.mirror.nac.net * epel: mirror.symnds.com * extras: centos.mirror.choopa.net * remi: remi-mirror.dedipower.com * remi-test: remi-mirror.dedipower.com * rpmforge: mirror.us.leaseweb.net * updates: centos.mirror.nac.net Setting up Install Process No package php-devel available. Error: Nothing to do >root@sv1 [/etc/yum.repos.d]#

    Read the article

  • What does it mean when a User-Agent has another User-Agent inside it?

    - by Erx_VB.NExT.Coder
    Basically, sometimes the user-agent will have its normal user-agent displayed, then at the end it will have teh "User-Agent: " tag displayed, and right after it another user-agent is shown. Sometimes, the second user-agent is just appended to the first one without the "User-Agent: " tag. Here are some samples I've seen: The first few contain the "User-Agent: " tag in the middle somewhere, and I've changed its font to make it easier to to see. Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506) Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; MRA 5.10 (build 5339); User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727) Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152) Here are some without the "User-Agent: " tag in the middle, but just two user agents that seem stiched together. Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 3.5.30729) Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6; IPMS/6568080A-04A5AD839A9; TCO_20090713170733; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); InfoPath.2) Now, just to add a few notes to this. I understand that the "User-Agent: " tag is normally a header, and what follows a typical "User-Agent: " string sequence is the actual user agent that is sent to servers etc, but normally the "User-Agent: " string should not be part of the actual user agent, that is more like the pre-fix or a tag indicating that what follows will be the actual user agent. Additionally, I may have thought, hey, these are just two user agents pasted together, but on closer inspection, you realize that they are not. On all of these dual user agent listings, if you look at the opening bracket "(" just before the "compatible" keyword, you realize the pair to that bracket ")" is actually at the very end, the end of the second user agent. So, the first user agents closing bracket ")" never occurs before the second user agent begins, it's always right at the end, and therefore, the second user agent is more like one of the features of the first user agent, like: "Trident/4.0" or "GTB6" etc etc... The other thing to note that the second user agent is always MSIE 6.0 (Internet Explorer 6.0), interesting. What I had initially thought was it's some sort of Virtual Machine displaying the browser in use & the browser that is installed, but then I thought, what'd be the point in that? Finally, right now, I am thinking, it's probably soem sort of "Compatibility View" type thing, where even if MSIE 7.0 or 8.0 is installed, when my hypothetical the "Display In Internet Explorer 6.0" mode is turned on, the user agent changes to something like this. That being, IE 8.0 is installed, but is rendering everything as IE 6.0 would. Is there or was there such a feature in Internet Explorer? Am I on to something here? What are your thoughts on this? If you have any other ideas, please feel free to let us know. At the moment, I'm just trying to understand if these are valid User Agents, or if they are invalid. In a list of about 44,000 User Agents, I've seen this type of Dual User Agent about 400 times. I've closely inspected 40 of them, and every single one had MSIE 6.0 as the "second" user agent (and the first user agent a higher version of MSIE, such as 7 or 8). This was true for all except one, where both user agents were MSIE 8.0, here it is: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 8.0; Win32; GMX); GTB0.0) This occured once in my 40 "close" inspections. I've estimated the 400 in 44,000 by taking a sample of the first 4,400 user agents, and finding 40 of these in the MSIE/Windows user agents, and extrapolated that to estimate 40. There were also similar things occuring for non MSIE user agents where there were two Mozilla's in one user agent, the non MSIE ones would probably add another 30% on top of the ones I've noted. I can show you samples of them if anyone would like. There we have it, this is where I'm at, what do you guys think?

    Read the article

  • How can I block a specific type of DDoS attack?

    - by Mark
    My site is being attacked and is using up all the RAM. I looked at the Apache logs and every malicious hit seems to simply be a POST request on /, which is never required by a normal user. So I thought and wondered if there's any sort of solution or utility that will monitor my Apache logs and block every IP that performs a POST request on the site root. I'm not familiar with DDoS protection and searching didn't seem to give me an answer, so I came here. Thanks. Example logs: 103.3.221.202 - - [30/Sep/2012:16:02:03 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 122.72.80.100 - - [30/Sep/2012:16:02:03 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11" 122.72.28.15 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)" 210.75.120.5 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0" 122.96.59.103 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" 122.96.59.103 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (Linux; U; Android 2.2; fr-fr; Desire_A8181 Build/FRF91) App3leWebKit/53.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" 122.72.124.3 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:13.0) Gecko/20100101 Firefox/13.0.1" 122.72.112.148 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.1" 302 485 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1" 190.39.210.26 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.0" 302 485 "-" "Mozilla/5.0 (Windows NT 6.0; rv:13.0) Gecko/20100101 Firefox/13.0.1" 210.213.245.230 - - [30/Sep/2012:16:02:04 +0000] "POST / HTTP/1.0" 302 485 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)" 101.44.1.25 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 101.44.1.28 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 101.44.1.28 - - [30/Sep/2012:16:02:14 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 103.3.221.202 - - [30/Sep/2012:16:02:13 +0000] "POST / HTTP/1.1" 302 466 "-" "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 211.161.152.104 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 101.44.1.25 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11" 101.44.1.25 - - [30/Sep/2012:16:02:11 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11" 211.161.152.105 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6" 211.161.152.105 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)" 211.161.152.105 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)" 101.44.1.25 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11" 101.44.1.25 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 211.161.152.108 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 101.44.1.28 - - [30/Sep/2012:16:02:13 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 211.161.152.106 - - [30/Sep/2012:16:02:11 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0.1) Gecko/20100101 Firefox/5.0.1" 103.3.221.202 - - [30/Sep/2012:16:02:13 +0000] "POST / HTTP/1.1" 302 466 "-" "Mozilla/5.0 (iPad; CPU OS 5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B206 Safari/7534.48.3" 101.44.1.28 - - [30/Sep/2012:16:02:11 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 211.161.152.105 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MRA 5.8 (build 4157); .NET CLR 2.0.50727; AskTbPTV/5.11.3.15590)" 211.161.152.104 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 211.161.152.104 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" 211.161.152.105 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6" 101.44.1.25 - - [30/Sep/2012:16:02:10 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11" 122.72.124.2 - - [30/Sep/2012:16:02:17 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 122.72.124.2 - - [30/Sep/2012:16:02:11 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 122.72.124.2 - - [30/Sep/2012:16:02:17 +0000] "POST / HTTP/1.1" 302 522 "-" "Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1" 210.213.245.230 - - [30/Sep/2012:16:02:12 +0000] "POST / HTTP/1.0" 302 522 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)" iptables -L: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination - bui@debian:~$ sudo iptables -I INPUT 1 -m string --algo bm --string 'Keep-Alive: 300' -j DROP iptables: No chain/target/match by that name. bui@debian:~$ sudo iptables -A INPUT -m string --algo bm --string 'Keep-Alive: 300' -j DROP iptables: No chain/target/match by that name.

    Read the article

  • Solr Facet Search spring-data-solr

    - by sv1
    I am new to Solr and we are using Spring-data for Solr I have a question may be its too simple but I am unable to comprehend. Basically I need to search on any field but I have a "zip" field as one of the facet fields. I have a Solr repository . (Am not sure if the annotations on the Repository are correct.) public interface MyRepository extends SolrCrudRepository<MyPOJO, String> { @Query(value = "*:*") @Facet(fields={"zip"}) public FacetPage<MyPOJO> findByQueryandAnno(String searchTerm,Pageable page); } In my Service class I am trying to call this methods by Injecting MyRepository like below public class MyService { @Inject MyRepository solrRepo; @Inject SolrTemplate solrTemplate; public FacetPage<MyPOJO> tryFacets(String searchString){ //Here is where I am struggling SimpleFacetQuery query = new SimpleQuery(new SimpleStringCriteria(searchString)); query.setFacetOptions(new FacetOptions("zip")); //Not sure how to get the Pageable object. //But the repository doesnt accept without it. return solrTemplate.queryForPage(query,{Pageable Instance to be passed here}) } From my jUnit I am loading context files needed for Solr and Spring //In jUnit the test method looks like this service.tryFacets("some value"); and it fails with - method not found in the service class at the call to the repository method. *********EDIT**************** As per ChristophStrobl's advice created a copyfield called multivaluedCopyField and the searchString argument works good. But the facet still isnt working...Now my code looks like this. I get the MyPOJO object as response but the facetcount and the faceted values are missing. public interface MyRepository extends SolrCrudRepository<MyPOJO, String> { @Query(value = "*:*") @Facet(fields={"zip"}) public FacetPage<MyPOJO> findByQueryandAnno(String searchTerm,Pageable page); } My service class looks like public class MyService { @Inject MyRepository solrRepo; public FacetPage<MyPOJO> tryFacets(String searchString){ //Here is where I am struggling SimpleFacetQuery query = new SimpleQuery(new SimpleStringCriteria(searchString)).setPageRequest new PageRequest(0,5)); query.setFacetOptions(new FacetOptions("zip")); FacetPage<MyPOJO> facetedPOJO= solrRepo.findByQueryandAnno(searchString,query.getPageRequest()); return facetedPOJO; } My jUnit method call is like service.tryFacets("some value");

    Read the article

  • IIS 6 404 error calling on localhost

    - by Paleta
    I'm kinda desperate here I have a Windows 2003 Server and when I try to call http://localhost I get a 404 error I have localhost configured to c:\inetpub\wwwroot\ and whatever file I create there it always shows a 404 This is what I see on the log file 2010-07-22 14:54:06 W3SVC1 127.0.0.1 GET / - 80 - 127.0.0.1 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+SV1;+.NET+CLR+1.1.4322;+.NET+CLR+2.0.50727;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) 404 0 3 I tried restarting IIS with no luck, the eventvwr shows no error whatsoever. Please any light will be appeciated

    Read the article

  • Repeated calls with random Javascript append to the URL

    - by cjk
    I keep getting calls to my server where there is random Javascript appended on the end of lots of the calls, e.g.: /UI/Includes/JavaScript/).length)&&e.error( /UI/Includes/JavaScript/,C,!1),a.addEventListener( /UI/Includes/JavaScript/),l=b.createDocumentFragment(),m=b.documentElement,n=m.firstChild,o=b.createElement( /UI/Includes/JavaScript/&&a.getAttributeNode( /UI/Includes/JavaScript/&&a.firstChild.getAttribute( /UI/Includes/JavaScript/).replace(bd, /UI/Includes/JavaScript/)),a.getElementsByTagName( The user agent is always this: Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727) I have jQuery, Modernizr and other JS and originally thought that some browser was messing up it's JS calls, however this particular IP address hasn't requested any images so I'm wondering if it is some kind of attack. Is this a common occurence?

    Read the article

  • nginx+php-fpm help optimize configs

    - by Dmitro
    I have 3 servers. First server (CPU - model name: 06/17, 2.66GHz, 4 cores, 8GB RAM) have nginx as load balancer with next config upstream lb_mydomain { server mydomain.ru:81 weight=2; server 66.0.0.18 weight=6; } server { listen 80; server_name ~(?!mydomain.ru)(.*); client_max_body_size 20m; location / { proxy_pass http://lb_mydomain; proxy_redirect off; proxy_set_header Connection close; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_header Set-Cookie; proxy_pass_header P3P; proxy_pass_header Content-Type; proxy_pass_header Content-Disposition; proxy_pass_header Content-Length; } } And configs from nginx.conf: user www-data; worker_processes 5; # worker_priority -1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 5024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; default_type application/octet-stream; #tcp_nopush on; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; # PHP-FPM (backend) upstream php-fpm { server 127.0.0.1:9000; } include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } And config php-fpm: listen = 127.0.0.1:9000 ;listen.backlog = -1 ;listen.allowed_clients = 127.0.0.1 ;listen.owner = www-data ;listen.group = www-data ;listen.mode = 0666 user = www-data group = www-data pm = dynamic pm.max_children = 80 ;pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 ;pm.max_requests = 500 pm.status_path = /status ping.path = /ping ;ping.response = pong request_terminate_timeout = 30s request_slowlog_timeout = 10s slowlog = /var/log/php-fpm.log.slow ;rlimit_files = 1024 ;rlimit_core = 0 ;chroot = chdir = /var/www ;catch_workers_output = yes ;env[HOSTNAME] = $HOSTNAME ;env[PATH] = /usr/local/bin:/usr/bin:/bin ;env[TMP] = /tmp ;env[TMPDIR] = /tmp ;env[TEMP] = /tmp ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected] ;php_flag[display_errors] = off ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M In top I see 20 php-fpm processes which use from 1% - 15% CPU. So it's have high load averadge: top - 15:36:22 up 34 days, 20:54, 1 user, load average: 5.98, 7.75, 8.78 Tasks: 218 total, 1 running, 217 sleeping, 0 stopped, 0 zombie Cpu(s): 34.1%us, 3.2%sy, 0.0%ni, 37.0%id, 24.8%wa, 0.0%hi, 0.9%si, 0.0%st Mem: 8183228k total, 7538584k used, 644644k free, 351136k buffers Swap: 9936892k total, 14636k used, 9922256k free, 990540k cached Second server(CPU - model name: Intel(R) Xeon(R) CPU E5504 @ 2.00GHz, 8 cores, 8GB RAM). Nginx configs from nginx.conf: user www-data; worker_processes 5; # worker_priority -1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 5024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; default_type application/octet-stream; #tcp_nopush on; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; # PHP-FPM (backend) upstream php-fpm { server 127.0.0.1:9000; } include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } And config of php-fpm: listen = 127.0.0.1:9000 ;listen.backlog = -1 ;listen.allowed_clients = 127.0.0.1 ;listen.owner = www-data ;listen.group = www-data ;listen.mode = 0666 user = www-data group = www-data pm = dynamic pm.max_children = 50 ;pm.start_servers = 20 pm.min_spare_servers = 5 pm.max_spare_servers = 35 ;pm.max_requests = 500 ;pm.status_path = /status ;ping.path = /ping ;ping.response = pong ;request_terminate_timeout = 0 ;request_slowlog_timeout = 0 ;slowlog = /var/log/php-fpm.log.slow ;rlimit_files = 1024 ;rlimit_core = 0 ;chroot = chdir = /var/www ;catch_workers_output = yes ;env[HOSTNAME] = $HOSTNAME ;env[PATH] = /usr/local/bin:/usr/bin:/bin ;env[TMP] = /tmp ;env[TMPDIR] = /tmp ;env[TEMP] = /tmp ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected] ;php_flag[display_errors] = off ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M In top I see 50 php-fpm processes which use from 10% - 25% CPU. So it's have high load averadge: top - 15:53:05 up 33 days, 1:15, 1 user, load average: 41.35, 40.28, 39.61 Tasks: 239 total, 40 running, 199 sleeping, 0 stopped, 0 zombie Cpu(s): 96.5%us, 3.1%sy, 0.0%ni, 0.0%id, 0.0%wa, 0.0%hi, 0.4%si, 0.0%st Mem: 8185560k total, 7804224k used, 381336k free, 161648k buffers Swap: 19802108k total, 16k used, 19802092k free, 5068112k cached Third server is server with database postgresql. Also i try ab -n 50 -c 5 http://www.mydomain.ru/ And I get next info: Complete requests: 50 Failed requests: 48 (Connect: 0, Receive: 0, Length: 48, Exceptions: 0) Write errors: 0 Total transferred: 9271367 bytes HTML transferred: 9247767 bytes Requests per second: 1.02 [#/sec] (mean) Time per request: 4882.427 [ms] (mean) Time per request: 976.486 [ms] (mean, across all concurrent requests) Transfer rate: 185.44 [Kbytes/sec] received Please advise how can I make lower level of load average?

    Read the article

  • Password for iis after installing

    - by zapping
    After installing IIS on my dev system, window xp professional, its asking for username and password while trying to access http://localhost. Can you please help me out. Tried googling and tried may things but could not resolve the issue. Anonymous access is enabled iusr_ is given full access to the wwwroot folder asp.net2.0 has been registered etc. But still not working. :( EDIT: Now the password issue has gone off and shows this: Error Type: Microsoft VBScript runtime (0x800A0046) Permission denied: 'GetObject' /localstart.asp, line 40 Browser Type: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Page: GET /localstart.asp

    Read the article

  • Password for iis after installing

    - by zapping
    After installing IIS on my dev system, window xp professional, its asking for username and password while trying to access http://localhost. Can you please help me out. Tried googling and tried may things but could not resolve the issue. Anonymous access is enabled iusr_ is given full access to the wwwroot folder asp.net2.0 has been registered etc. But still not working. :( EDIT: Now the password issue has gone off and shows this: Error Type: Microsoft VBScript runtime (0x800A0046) Permission denied: 'GetObject' /localstart.asp, line 40 Browser Type: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Page: GET /localstart.asp

    Read the article

  • Blocking apache access via user agent string

    - by Tchalvak
    I've got a scripter who is using a proxy to attack a website I'm serving. I've noticed that they tend to access the site via software with a certain common user agent string (i.e. http://www.itsecteam.com/en/projects/project1_page2.htm "Havij advanced sql injection software" with a user_agent string of Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) Havij). I'm aware that any cracking software worth it's salt will probably be able to modify it's user agent string, but I'm fine with the scripter having to deal with that feature at some point. So, is there any software out there for automatically blocking access & permanently blacklisting by matching user agent strings?

    Read the article

  • Disabling compression for IE pre SP2 with Apache mod_rewrite

    - by Ra y Mon
    I am trying to replicate this fix ( http://sebduggan.com/posts/ie6-gzip-bug-solved-using-isapi-rewrite ) with Apache mod_rewrite, but with no success... Can somebody help me translate those ISAPI rules to APACHE mod_rewrite? I don't know how to 'translate' those rules... My objective is to avoid sending compressed css and js when the user has an XP version prior to SP2, since there is a bug that prevents IE6&7 under SP1 to read the gzipped CSSs of my website BuscoUnViaje.com The rules I am trying to 'translate' to Apache mod_rewrite: RewriteCond %{HTTP:User-Agent} MSIE\ [56] RewriteCond %{HTTP:User-Agent} !SV1 RewriteCond %{REQUEST_URI} \.(css|js)$ RewriteHeader Accept-Encoding: .* $1 Thanks in advance...

    Read the article

  • What IE configuration contains "MSIE 8" and "MSIE 6"?

    - by mfn
    Anyone knows what kind of configuration leads to MSIE 8 report a string which also contains MSIE 6 (stripped down version to minimums)? Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) It's no problem to workaround (sniffing education is not necessary, I'm aware of the evilness), but I'm interested in getting some background what's possibly causing this. I've seen on this on a co-workers home machine too and we couldn't figure out what would cause this.

    Read the article

  • php curl: how can i emulate a get request exactly like a web browser?

    - by ufk
    Hi. there are websites that when i open specific ajax request on browser i get the resulted page, but when i try to load them with curl, i receive an error from the server. how can i properly emulate a get request to the server that will simulate a browser ? that's what i'm doing: $url="https://new.aol.com/productsweb/subflows/ScreenNameFlow/AjaxSNAction.do?s=username&f=firstname&l=lastname"; ini_set('user_agent', 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)'); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); $result=curl_exec($ch); print $result;

    Read the article

  • how to click on a button in python

    - by Ciobanu Alexandru
    Trying to build some bot for clicking "skip-ad" button on a page. So far, i manage to use Mechanize to load a web-driver browser and to connect to some page but Mechanize module do not support js directly so now i need something like Selenium if i understand correct. I am also a beginner in programming so please be specific. How can i use Selenium or if there is any other solution, please explain details. This is the inner html code for the button: <a id="skip-ad" class="btn btn-inverse" onclick="open_url('http://imgur.com/gallery/tDK9V68', 'go'); return false;" style="font-weight: bold; " target="_blank" href="http://imgur.com/gallery/tDK9V68"> … </a> And this is my source so far: #!/usr/bin/python # FILENAME: test.py import mechanize import os, time from random import choice, randrange prox_list = [] #list of common UAS to apply to each connection attempt to impersonate browsers user_agent_strings = [ 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1468.0 Safari/537.36', 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1', 'Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14', 'Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; fr) Presto/2.9.168 Version/11.52', 'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:23.0) Gecko/20131011 Firefox/23.0', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; Media Center PC 6.0; InfoPath.3; MS-RTC LM 8; Zune 4.7', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)', 'Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)', 'Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; InfoPath.1; SV1; .NET CLR 3.8.36217; WOW64; en-US)', 'Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.4; InfoPath.2; SV1; .NET CLR 3.3.69573; WOW64; en-US)' ] def load_proxy_list(target): #loads and parses the proxy list file = open(target, 'r') count = 0 for line in file: prox_list.append(line) count += 1 print "Loaded " + str(count) + " proxies!" load_proxy_list('proxies.txt') #for i in range(1,(len(prox_list) - 1)): # depreceated for overloading for i in range(1,30): br = mechanize.Browser() #pick a random UAS to add some extra cover to the bot br.addheaders = [('User-agent', choice(user_agent_strings))] print "----------------------------------------------------" #This is bad internet ethics br.set_handle_robots(False) #choose a proxy proxy = choice(prox_list) br.set_proxies({"http": proxy}) br.set_debug_http(True) try: print "Trying connection with: " + str(proxy) #currently using: BTC CoinURL - Grooveshark Broadcast br.open("http://cur.lv/4czwj") print "Opened successfully!" #act like a nice little drone and view the ads sleep_time_on_link = randrange(17.0,34.0) time.sleep(sleep_time_on_link) except mechanize.HTTPError, e: print "Oops Request threw " + str(e.code) #future versions will handle codes properly, 404 most likely means # the ad-linker has noticed bot-traffic and removed the link # or the used proxy is terrible. We will either geo-locate # proxies beforehand and pick good hosts, or ditch the link # which is worse case scenario, account is closed because of botting except mechanize.URLError, e: print "Oops! Request was refused, blacklisting proxy!" + str(e) prox_list.remove(proxy) del br #close browser entirely #wait between 5-30 seconds like a good little human sleep_time = randrange(5.0, 30.0) print "Waiting for %.1f seconds like a good bot." % (sleep_time) time.sleep(sleep_time)

    Read the article

  • Rails 2 and Ngnix: https pages can't load css or js (but will load graphics)

    - by Max Williams
    ADMISSION: i've posted this same question on stackoverflow, before realising it's probabaly better suited to superuser, but it kind of depends on the answer: If it turns out to be a problem in my nginx config, it's definitely superuser. If it turns out to be a problem in my Rails config (or code) then it's arguably stackoverflow. I'm adding some https pages to my rails site. In order to test it locally, i'm running my site under one mongrel_rails instance (on 3000) and nginx. I've managed to get my nginx config to the point where i can actually go to the https pages, and they load. Except, the javascript and css files all fail to load: looking in the Network tab in chrome web tools, i can see that it is trying to load them via an https url. Eg, one of the non-working file urls is https://cmw-local.co.uk/stylesheets/cmw-logged-out.css?1383759216 I have these set up (or at least think i do) in my nginx config to redirect to the http versions of the static files. This seems to be working for graphics, but not for css and js files. If i click on this in the Network tab, it takes me to the above url, which redirects to the http version. So, the redirect seems to be working in some sense, but not when they're loaded by an https page. Like i say, i thought i had this covered in the second try_files directive in my config below, but maybe not. Can anyone see what i'm doing wrong? thanks, Max Here's my nginx config - sorry it's a bit lengthy! I think the error is likely to be in the first (ssl) server block: server { listen 443 ssl; keepalive_timeout 70; ssl_certificate /home/max/work/charanga/elearn_container/elearn/config/nginx/certs/max-local-server.crt; ssl_certificate_key /home/max/work/charanga/elearn_container/elearn/config/nginx/certs/max-local-server.key; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; ssl_protocols SSLv3 TLSv1; ssl_ciphers RC4:HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; server_name elearning.dev cmw-dev.co.uk cmw-dev.com cmw-nginx.co.uk cmw-local.co.uk; root /home/max/work/charanga/elearn_container/elearn; # ensure that we serve css, js, other statics when requested # as SSL, but if the files don't exist (i.e. any non /basket controller) # then redirect to the non-https version location / { try_files $uri @non-ssl-redirect; } # securely serve everything under /basket (/basket/checkout etc) # we need general too, because of the email/username checking location ~ ^/(basket|general|cmw/account/check_username_availability) { # make sure cached copies are revalidated once they're stale add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # this serves Rails static files that exist without running # other rewrite tests try_files $uri @rails-ssl; expires 1h; } location @non-ssl-redirect { return 301 http://$host$request_uri; } location @rails-ssl { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_read_timeout 180; proxy_next_upstream off; proxy_pass http://127.0.0.1:3000; expires 0d; } } #upstream elrs { # server 127.0.0.1:3000; #} server { listen 80; server_name elearning.dev cmw-dev.co.uk cmw-dev.com cmw-nginx.co.uk cmw-local.co.uk; root /home/max/work/charanga/elearn_container/elearn; access_log /home/max/work/charanga/elearn_container/elearn/log/access.log; error_log /home/max/work/charanga/elearn_container/elearn/log/error.log debug; client_max_body_size 50M; index index.html index.htm; # gzip html, css & javascript, but don't gzip javascript for pre-SP2 MSIE6 (i.e. those *without* SV1 in their user-agent string) gzip on; gzip_http_version 1.1; gzip_vary on; gzip_comp_level 6; gzip_proxied any; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; #text/html # make sure gzip does not lose large gzipped js or css files # see http://blog.leetsoft.com/2007/7/25/nginx-gzip-ssl gzip_buffers 16 8k; # Disable gzip for certain browsers. #gzip_disable "MSIE [1-6].(?!.*SV1)"; gzip_disable "MSIE [1-6]"; # blank gif like it's 1995 location = /images/blank.gif { empty_gif; } # don't serve files beginning with dots location ~ /\. { access_log off; log_not_found off; deny all; } # we don't care if these are missing location = /robots.txt { log_not_found off; } location = /favicon.ico { log_not_found off; } location ~ affiliate.xml { log_not_found off; } location ~ copyright.xml { log_not_found off; } # convert urls with multiple slashes to a single / if ($request ~ /+ ) { rewrite ^(/)+(.*) /$2 break; } # X-Accel-Redirect # Don't tie up mongrels with serving the lesson zips or exes, let Nginx do it instead location /zips { internal; root /var/www/apps/e_learning_resource/shared/assets; } location /tmp { internal; root /; } location /mnt{ root /; } # resource library thumbnails should be served as usual location ~ ^/resource_library/.*/*thumbnail.jpg$ { if (!-f $request_filename) { rewrite ^(.*)$ /images/no-thumb.png break; } expires 1m; } # don't make Rails generate the dynamic routes to the dcr and swf, we'll do it here location ~ "lesson viewer.dcr" { rewrite ^(.*)$ "/assets/players/lesson viewer.dcr" break; } # we need this rule so we don't serve the older lessonviewer when the rule below is matched location = /assets/players/virgin_lesson_viewer/_cha5513/lessonViewer.swf { rewrite ^(.*)$ /assets/players/virgin_lesson_viewer/_cha5513/lessonViewer.swf break; } location ~ v6lessonViewer.swf { rewrite ^(.*)$ /assets/players/v6lessonViewer.swf break; } location ~ lessonViewer.swf { rewrite ^(.*)$ /assets/players/lessonViewer.swf break; } location ~ lgn111.dat { empty_gif; } # try to get autocomplete school names from memcache first, then # fallback to rails when we can't location /schools/autocomplete { set $memcached_key $uri?q=$arg_q; memcached_pass 127.0.0.1:11211; default_type text/html; error_page 404 =200 @rails; # 404 not really! Hand off to rails } location / { # make sure cached copies are revalidated once they're stale add_header Cache-Control "public, must-revalidate, proxy-revalidate"; # this serves Rails static files that exist without running other rewrite tests try_files $uri @rails; expires 1h; } location @rails { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_read_timeout 180; proxy_next_upstream off; proxy_pass http://127.0.0.1:3000; expires 0d; } }

    Read the article

  • Proxy to either Rails app or Node.js app depending on HTTP path w/ Nginx

    - by Cirrostratus
    On Ubuntu 11, I have Nginx correctly serving either CouchDB or Node.js depending on the path, but am unable to get Nginx to access a Rails app via it's port. server { rewrite ^/api(.*)$ $1 last; listen 80; server_name example.com; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:3005/; } location /ruby { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:9051/; } location /_utils { proxy_pass http://127.0.0.1:5984; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffering off; # buffering would break CouchDB's _changes feed } gzip on; gzip_comp_level 9; gzip_min_length 1400; gzip_types text/plain text/css image/png image/gif image/jpeg application/x-javascript text/xml application/xml application/x ml+rss text/javascript; gzip_vary on; gzip_http_version 1.1; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; } / and /_utils are working bu /ruby gives me a 403 Forbidden

    Read the article

  • nginx: how do I add new site/server_name in nginx?

    - by Neo
    I'm just starting to explore Nginx on my Ubuntu 10.04. I installed Nginx and I'm able to get the "Welcome to Nginx" page on localhost. However I'm not able to add a new server_name, even when I make the changes in site-available/default file. Tried reloading/restarting Nginx, but nothing works. One interesting observation. "http://mycomputername" in browser works. So somehow there is a command like 'server_name $hostname' somewhere over-riding my rule. File: sites-available/mine.enpass server { listen 80; server_name mine.enpass ; access_log /var/log/nginx/localhost.access.log; location / { root /var/www/nginx-default; index index.html index.htm; } } File: nginx.confg user www-data; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_comp_level 2; gzip_proxied any; gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; }

    Read the article

  • Location directive in nginx configuration

    - by ryan
    I have an nginx server setup to act as a fileserver. I want to set the expires directive on images. This is how a part of my config file looks like. http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; location ~* \.(ico|jpg|jpeg|png)$ { expires 1y; } include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } I get the following error when I reload config - "Location directive not allowed here". Can someone tell me what the right syntax for this is? Thanks in advance. EDIT : Found the answer myself. Added it in a comment. Closing this.

    Read the article

  • Requests per second slower when using nginx for load balancing

    - by Ed Eliot
    I've set up nginx as a load balancer that reverse proxies requests to 2 Apache servers. I've benchmarked the setup with ab and am getting approx 35 requests per second with requests distributed between the 2 backend servers (not using ip_hash). What is confusing me is that if I query either of the backend servers directly via ab I get around 50 requests per second. I've experimented with a number of different values in ab the most common being 1000 requests with 100 concurrent connections. Any idea why traffic distributed across 2 servers would result in fewer requests per second than hitting either directly? Additional info: I've experimented with worker_processes values of between 1 and 8, worker_connections between 1024 and 8092 and have also tried keepalive 0 and 65. My main conf currently looks like this: user www-data; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; worker_rlimit_nofile 8192; events { worker_connections 2048; use epoll; } http { include /etc/nginx/mime.types; sendfile on; keepalive_timeout 0; tcp_nodelay on; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } I've got one virtual host (in sites available) that redirects everything under / to 2 backends across a local network.

    Read the article

  • How to save webpage to string with cookies support (httpWebRequest)

    - by Maciej
    I need to read webpage and store its content in string for further processing. Sounds simply but I have problem with cookies support. Opened page says I need browser supporting cookies (or turned on). I've made method trying do that via httpWebRequest - which normally works to me but I've come to a standstill with those unfortunate cookies... Any idea how to make it working? Here is my method: string ReadHtml (string address, string encoding) { Uri url = new Uri(address); CookieContainer cookieContainer = new CookieContainer(); HttpWebRequest httpWebRequest = (HttpWebRequest)HttpWebRequest.Create(url); httpWebRequest.AllowAutoRedirect = true; httpWebRequest.KeepAlive = true; httpWebRequest.CookieContainer = cookieContainer; httpWebRequest.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"; httpWebRequest.Method = "GET"; HttpWebResponse webResponse = (HttpWebResponse)httpWebRequest.GetResponse(); // Code Page Encoding enc = Encoding.GetEncoding(encoding); // Read content StreamReader loResponseStream = new StreamReader(webResponse.GetResponseStream(),enc); string lcHtml = loResponseStream.ReadToEnd(); webResponse.Close(); loResponseStream.Close(); return lcHtml; }

    Read the article

  • Padding is invalid and cannot be removed

    - by Ajay
    I have hosted an asp.net 2.0 site. Everyday, i am getting an error "Padding is invalid and cannot be removed" 2-3 times. Backend used is sql server 2005. the site is controlled via plesk 9.2 CP. Pooling is enabled with timeout as 120 Minutes, in IIS. Can it be the reason for this? I have not used any encryption except for the stored passwords(MD5) The error message is : " Base Exception = : Padding is invalid and cannot be removed. - Source : System.Web - TargetSite :Void ThrowError(System.Exception, System.String, System.String, Boolean)Message : Validation of viewstate MAC failed. If this application is hosted by a Web Farm or cluster, ensure that configuration specifies the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. " & System Log (Application) says " Event code: 4009 Event message: Viewstate verification failed. Reason: The viewstate supplied failed integrity check. Event detail code: 50203 ViewStateException information: Exception message: Invalid viewstate. Port: 31235 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) " I have hosted it in a dedicated server and not in a web farm. Will keeping a static machine key help resolve this issue? Please guide me on this.

    Read the article

  • "The given key was not present in the dictionary" ASP.NET error on IIS7

    - by eugeneK
    Hi, i have this error on one of my sites. Searched thought all project found no Dictionary of some kind. Read somewhere it could be caused by Url Rewrite module on IIS 7 which i'm using for certain redirects. Error appears on all pages thought the site, 99% sure only on pages that use Url Rewriting This is error's stack at System.ThrowHelper.ThrowKeyNotFoundException() at System.Collections.Generic.Dictionary`2.get_Item(TKey key) at System.Data.DataView.System.Collections.IList.get_Item(Int32 recordIndex) at System.Web.UI.WebControls.ListViewPagedDataSource.EnumeratorOnIList.get_Current() at System.Web.UI.WebControls.ListView.CreateItemsWithoutGroups(ListViewPagedDataSource dataSource, Boolean dataBinding, InsertItemPosition insertPosition, ArrayList keyArray) at System.Web.UI.WebControls.ListView.CreateChildControls(IEnumerable dataSource, Boolean dataBinding) at System.Web.UI.WebControls.ListView.PerformDataBinding(IEnumerable data) at System.Web.UI.WebControls.DataBoundControl.OnDataSourceViewSelectCallback(IEnumerable data) at System.Web.UI.WebControls.DataBoundControl.PerformSelect() at System.Web.UI.WebControls.ListView.PerformSelect() at System.Web.UI.WebControls.BaseDataBoundControl.EnsureDataBound() at System.Web.UI.WebControls.ListView.CreateChildControls() at System.Web.UI.Control.EnsureChildControls() at System.Web.UI.Control.PreRenderRecursiveInternal() at System.Web.UI.Control.PreRenderRecursiveInternal() at System.Web.UI.Control.PreRenderRecursiveInternal() at System.Web.UI.Control.PreRenderRecursiveInternal() at System.Web.UI.Control.PreRenderRecursiveInternal() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)HTTP_CONNECTION:Keep-Alive HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-icq, / HTTP_ACCEPT_LANGUAGE:en HTTP_COOKIE:__utma=248870149.1673016949.1252234176.1276449788.1276595165.49; __utmz=248870149.1276595165.49.55.utmcsr=search|utmccn=(organic)|utmcmd=organic|utmctr=???%20??; wooTracker=C1T8MWMAZWQVHJXWROHB25SO4S0B7UO0; __utmb=248870149.6.10.1276595165; __utmc=248870149; wooTracker=C1T8MWMAZWQVHJXWROHB25SO4S0B7UO0; machine-id=87.69.44.154%3A1253914747956; wooMeta=ODAwMzkmMSYxJjc1MDE5JjEyNTUyMTQwODEwMjkmMTI1NTIxNDE1NjA0OCYmMTAwJiYzMDAyODQmJiYm; _csoot=1267959625296; _csuid=X4c1ef311c39a67; ASP.NET_SessionId=zzdn5b45uqyhw145ptqhxe20 HTTP_HOST:**** HTTP_REFERER:***** HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6) HTTP_X_CEPT_ENCODING:gzip, deflate ***** Is anyone familiar with fix or at least where to look for one ?

    Read the article

  • Rails with passenger only runs in development

    - by Ignace
    Hey, I have a problem on one of our webservers. I'll try to explain it as clear as possible, but I'm not 100% aware of all the configuration of the server. There are 2 sites running next to eachother (blcc_preprod and blcc_prod), so in the 'sites-enabled' of apache this i have a file 'blcc' like this: <VirtualHost *:80> DocumentRoot /opt/dn/blcc/www RailsBaseURI /blcc_preprod RailsBaseURI /blcc_prod RailsEnv production </VirtualHost> My config/environments/production.log (from both) looks like this(I removed all comments, because it messes with the layout) config.cache_classes = true config.action_controller.consider_all_requests_local = false config.action_controller.perform_caching = true config.action_view.cache_template_loading = true config.log_level = :debug The weird thing is, that my production log dates from months ago, so something is really wrong. Could someone help? If you need more info, just ask. Thanks! Edit: Error.log from apache show the normal output for a event to the server (the situation here is that the webserver plugs in to another business (java) server via a framework) Access.log is empty Content from other_vhosts_access.log after we surf to ip/blcc_preprod is the following blcc.localdomain:80 192.168.21.194 - - [25/May/2010:08:33:04 +0200] "GET/ blcc_preprod HTTP/1.1" 500 594 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"

    Read the article

  • How to start nginx via different port(other than 80)

    - by Zhao Peng
    Hi I am a newbie on nginx, I tried to set it up on my server(running Ubuntu 4), which already has apache running. So after I apt-get install it, I tried to start nginx. Then I get the message like this: Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) [emerg]: bind() to 0.0.0.0:80 failed (98: Address already in use) That makes sense as Apache is using port 80. Then I tried to modify nginx.conf, I reference some articles, so I changed it like so: server { listen 8080; location / { proxy_pass http://94.143.9.34:9500; proxy_set_header Host $host:8080; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Via "nginx"; } After saving this and try to start nginx again, I still get the same error as previously. I cannot really find a related post about this, could any good people shred some light? Thanks in advance :) ========================================================================= I should post all the content in conf here: user www-data; worker_processes 1; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; events { worker_connections 1024; # multi_accept on; } http { include /etc/nginx/mime.types; access_log /var/log/nginx/access.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; server { listen 81; location / { proxy_pass http://94.143.9.34:9500; proxy_set_header Host $host:81; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Via "nginx"; } } } mail { See sample authentication script at: http://wiki.nginx.org/NginxImapAuthenticateWithApachePhpScript auth_http localhost/auth.php; pop3_capabilities "TOP" "USER"; imap_capabilities "IMAP4rev1" "UIDPLUS"; server { listen localhost:110; protocol pop3; proxy on; } server { listen localhost:143; protocol imap; proxy on; } } Basically, I changed nothing except adding the server part.

    Read the article

1 2  | Next Page >