RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite
Hello, The configuration of virtual host https://login is the same: Listen ip-address:443 ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://login-internal/ ProxyPassReverse / http://login-internal/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://login/$1 [R,L] And this is working Webserver1 is indeed a typo. I thought $1 is the rest of the parameters. So https://webserver/test supposed to be forwarded to http://webserver-internal/test and will be rewritten back to https://webserver/test I am probably wrong, but please enlighten me... Greetings, Herwarth -Original Message- From: Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 08:55 To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite What is the configuration of the virtual host for https://login/ ??? What did you intend that the following line would do ? RewriteRule ^/$ https://webserverl/$1 [R,L] What host is it supposed to redirect to? Is "webserverl" (_l_) a typo?? If it is a typo and you intended to make it "webserver" then you would get a eternal loop between the server and the client. What about the $1 ? What is that supposed to make reference to? Try removing your rewrite rule and see what happens. -ascs From: Heitmann, Herwarth [mailto:[EMAIL PROTECTED] Sent: Thursday, June 23, 2005 5:24 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite hello, i have some difficulties using apache webserver as a reverse proxy. i am sure it has to do something with url rewriting. the situation is as follows. - at our company we have some external ip address accessible via the internet. these ip addresses has to be assigned to the external ethernet card of the apache machine. we want to terminate ssl connections on the reverse proxy so we are using ip based virtual hosting which works great. - on the second ethernet card we have a connection to the actual websites. internet multiple ip's -reverse proxy---multiple websites we have a complex application running on the reverse proxy and it does authentication to another website using the same reverse proxy https://webserver reverse proxy -- http://webserver-internal (application redirects to https://login/?return=https://webserver) https://login --- reverse proxy --- http://login-internal (application does authentication) https://webserver reverse proxy -- http://webserver-internal httpd conf for virtual host: Listen ip-address:443 ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://webserver-internal/ ProxyPassReverse / http://ip-address-internal/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://webserverl/$1 [R,L] it is strange because i get a http 302 return in the browser and does not continue it reaches webserver-internal with statement found 302 and then it stops it terminates ssl as expected... what am i doing wrong? greetings, herwarth === De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email. The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email. === - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.a
[users@httpd] Process environment
Hello everybody, I use httpd 2.0.51 together with PHP5 module. Httpd is started as root. The child processes are then started less privileged (User, Group). When I run a PHP script that executes a program on the server, this program would like to access data in the users home directory. To get the directory's location, the program evaluates $HOME environment variable. But $HOME now does not point to the home directory of the less privileged user that httpd switched to, it points to '/root', which is the home directory of the user that _initially_ started httpd. The result is a less privileged process trying to access root's home directory, which does not work. Running a PHP script executing 'phpinfo()' and looking at section 'Environment' (not 'Apache environment') also shows $HOME to be equal to '/root'. Can I change anything in httpd's configuration so the environment variables get the values for the less privileged user or is this something to change at compile time or even in PHP? many thanks, - Felix - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
I'm using the standard gcc that comes with freebsd: # gcc -v Using built-in specs. Configured with: FreeBSD/i386 system compiler Thread model: posix gcc version 3.4.2 [FreeBSD] 20040728 Thanks - Original Message - From: "Boyle Owen" <[EMAIL PROTECTED]> To: Sent: Thursday, June 23, 2005 11:40 PM Subject: RE: [EMAIL PROTECTED] syntax error before '*' token -Original Message- From: Gustavo A. Baratto [mailto:[EMAIL PROTECTED] Sent: Freitag, 24. Juni 2005 02:32 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] syntax error before '*' token Does anybody know what is this error all about? I got the same error in all combinations of these: - freebsd 5.3 and 5.4. - apache 2.0.53 and 2.0.54 - freebsd make and gmake What's your C-compiler? Best if it's gcc Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. gmake[4]: Entering directory `/home/admin2/src/httpd-2.0.54/server/mpm/prefork' /home/admin2/src/httpd-2.0.54/srclib/apr/libtool --silent --mode=compile cc -g -O2-D_REENTRANT -D_THREAD_SAFE -DAP_HAVE_DESIGNATED_INITIALIZER -I/home/admin2/src/httpd-2.0.54/srclib/apr/include -I/home/admin2/src/httpd-2.0.54/srclib/apr-util/include -I/usr/local/include -I. -I/home/admin2/src/httpd-2.0.54/os/unix -I/home/admin2/src/httpd-2.0.54/server/mpm/prefork -I/home/admin2/src/httpd-2.0.54/modules/http -I/home/admin2/src/httpd-2.0.54/modules/filters -I/home/admin2/src/httpd-2.0.54/modules/proxy -I/home/admin2/src/httpd-2.0.54/include -I/home/admin2/src/httpd-2.0.54/modules/generators -I/usr/include/openssl -I/home/admin2/src/httpd-2.0.54/modules/dav/main -prefer-non-pic -static -c prefork.c && touch prefork.lo prefork.c:103: error: syntax error before '*' token prefork.c:103: warning: data definition has no type or storage class gmake[4]: *** [prefork.lo] Error 1 gmake[4]: Leaving directory `/home/admin2/src/httpd-2.0.54/server/mpm/prefork' Thanks - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite
OK Here is the deal: Your rewriterule is unnecessary. That's probably what caused the 302. What your rewriterule does is to send a redirect to https://webserver/ in response to a request for the root path https://webserver/ (or a redirect to https://login/ in response to a request for the root path https://login/). To me the ProxyPass and ProxyPassReverse directives are sufficient for what you want to achieve. RewriteRule take precedence on ProxyPass. Remove the RewriteRule and it will work. -ascs -Original Message- From: Heitmann, Herwarth [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 10:01 AM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite Hello, The configuration of virtual host https://login is the same: Listen ip-address:443 ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://login-internal/ ProxyPassReverse / http://login-internal/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://login/$1 [R,L] And this is working Webserver1 is indeed a typo. I thought $1 is the rest of the parameters. So https://webserver/test supposed to be forwarded to http://webserver-internal/test and will be rewritten back to https://webserver/test I am probably wrong, but please enlighten me... Greetings, Herwarth - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
* Gustavo A. Baratto <[EMAIL PROTECTED]> [0632 01:32]: > Does anybody know what is this error all about? > > I got the same error in all combinations of these: > - freebsd 5.3 and 5.4. > - apache 2.0.53 and 2.0.54 > - freebsd make and gmake Why don't you just use the ports tree? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports.html -- 'TAKE your dustbin to the supermarket with you so that you can see which items you have recently run out of.' -- Top Tips Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite
Ok I made a mistake in the initial question When someone goes to https://webserver it has to be redirected to http://webserver-internal/dealer/start You were right on https://login it has no subdirectory redirect and this works without the rewrite... I got the following 302 found error from the browser (with header display tool) HTTP/1.1 302 Found Date: Fri, 24 Jun 2005 10:43:25 GMT Server: Apache/1.3.26 (Unix) Location: http://webserver-internal/dealer/sso/login;DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002 Set-Cookie: DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002; path=/dealer Content-Type: text/plain; charset=UTF-8 Connection: close Transfer-Encoding: chunked So it goes to the right server but it ends at dealer/sso With the following rewrite rule in the virtual host webserver: ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://webserver-internal/ ProxyPassReverse / http://ip-address/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://webserver/dealer/start [R,L] -Original Message- From: Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 12:04 To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite OK Here is the deal: Your rewriterule is unnecessary. That's probably what caused the 302. What your rewriterule does is to send a redirect to https://webserver/ in response to a request for the root path https://webserver/ (or a redirect to https://login/ in response to a request for the root path https://login/). To me the ProxyPass and ProxyPassReverse directives are sufficient for what you want to achieve. RewriteRule take precedence on ProxyPass. Remove the RewriteRule and it will work. -ascs -Original Message- From: Heitmann, Herwarth [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 10:01 AM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite Hello, The configuration of virtual host https://login is the same: Listen ip-address:443 ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://login-internal/ ProxyPassReverse / http://login-internal/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://login/$1 [R,L] And this is working Webserver1 is indeed a typo. I thought $1 is the rest of the parameters. So https://webserver/test supposed to be forwarded to http://webserver-internal/test and will be rewritten back to https://webserver/test I am probably wrong, but please enlighten me... Greetings, Herwarth - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] === De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email. The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email. === - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PR
RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite
HTTP 302 is not an error: it is a redirection. The thing which is wrong with that is the Location header which makes a reference to a server which is not known to the clients: webserver-internal. In other words, the backend server tells the browser to make a request for http://webserver-internal/dealer/sso/login. The browser tries to reach webserver-internal but fails to do so. In order for the Location header in the response to be rewritten, you need to add the following line to your configuration: ProxyPassReverse / http://webserver-internal/ Then, when the 302 response reaches the browser, the Location header will contain http://webserver/dealer/sso/login. You can probably remove the line ProxyPassReverse / http://ip-address/ although it probably does not hurt to leave it. -ascs -Original Message- From: Heitmann, Herwarth [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 1:01 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite Ok I made a mistake in the initial question When someone goes to https://webserver it has to be redirected to http://webserver-internal/dealer/start You were right on https://login it has no subdirectory redirect and this works without the rewrite... I got the following 302 found error from the browser (with header display tool) HTTP/1.1 302 Found Date: Fri, 24 Jun 2005 10:43:25 GMT Server: Apache/1.3.26 (Unix) Location: http://webserver-internal/dealer/sso/login;DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002 Set-Cookie: DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002; path=/dealer Content-Type: text/plain; charset=UTF-8 Connection: close Transfer-Encoding: chunked So it goes to the right server but it ends at dealer/sso With the following rewrite rule in the virtual host webserver: ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://webserver-internal/ ProxyPassReverse / http://ip-address/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://webserver/dealer/start [R,L] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Hi,
I would like to use mod_rewrite to overwrite the environment variable
REMOTE_ADDR with the value of HTTP_X_FORWARDED_FOR because I am using Apache
2 in a reverse / forward proxy scenario where the original IP address of the
client is not passed on to the internal Apache server:
Inet -> Server (public IP, Apache 2) -> Internal Server (same system, virtual
server using Linux vserver - private IP address, Apache 2)
I have posted this several weeks ago but all the solutions did not work for
me. So I tried this mod_rewrite rule:
RewriteEngine On
RewriteRule ^(.*) [env=REMOTE_ADDR:%{HTTP_X_FORWARDED_FOR}]
What's wrong with them? Whenever I activate them I get a "Bad request"
response from my web server.
Any input is greatly appreciated. Thanks a lot.
All the best & thanks,
Werner.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Samba share related 404's
Hi, I've been getting errors like these for a long time and was hoping someone could suggest the cause, and possibly the cure: [Fri Jun 24 08:23:02 2005] [error] [client 192.168.0.1] File does not exist: /usr/local/apache/htdocs/look [Fri Jun 24 08:23:03 2005] [error] [client 192.168.0.1] File does not exist: /usr/local/apache/htdocs/web The client IP is my workstation/gateway and the 2 lines above are from the httpd error log on another server on my LAN. The referenced path up to /htdocs/ is the default apache path on that server as the manual was installed there, but not the path for any websites I've set up on that box. And 'look' and 'web' are the names of two samba shares I've set up for the box with the server on it. Hope this makes sense, hoping there's a way to unclutter the log. Thanks in advance. Marty Marty Landman, Face 2 Interface Inc. 845-679-9387 Search & Sort Easily: http://face2interface.com/Products/FormATable.shtml Web Installed Formmail: http://face2interface.com/formINSTal - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] Samba share related 404's
> -Original Message- > From: Marty Landman [mailto:[EMAIL PROTECTED] > Sent: Freitag, 24. Juni 2005 14:48 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Samba share related 404's > > > Hi, > > I've been getting errors like these for a long time and was > hoping someone > could suggest the cause, and possibly the cure: > > [Fri Jun 24 08:23:02 2005] [error] [client 192.168.0.1] File does not > exist: /usr/local/apache/htdocs/look > [Fri Jun 24 08:23:03 2005] [error] [client 192.168.0.1] File does not > exist: /usr/local/apache/htdocs/web Someone or somehting is issuing requests for http://server/look and http://server/web. Use the timestamps to cross-reference the error messages with the requests in teh access log to see who's making the requests. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > The client IP is my workstation/gateway and the 2 lines above > are from the > httpd error log on another server on my LAN. The referenced > path up to > /htdocs/ is the default apache path on that server as the manual was > installed there, but not the path for any websites I've set > up on that box. > > And 'look' and 'web' are the names of two samba shares I've > set up for the > box with the server on it. > > Hope this makes sense, hoping there's a way to unclutter the log. > > Thanks in advance. > > Marty > > > Marty Landman, Face 2 Interface Inc. 845-679-9387 > Search & Sort Easily: > http://face2interface.com/Products/FormATable.shtml > Web Installed Formmail: http://face2interface.com/formINSTal > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
On 6/24/05, Werner Schalk <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I would like to use mod_rewrite to overwrite the environment variable
> REMOTE_ADDR with the value of HTTP_X_FORWARDED_FOR because I am using Apache
> 2 in a reverse / forward proxy scenario where the original IP address of the
> client is not passed on to the internal Apache server:
> I have posted this several weeks ago but all the solutions did not work for
> me. So I tried this mod_rewrite rule:
I already explained to you that you can't do this:
http://mail-archives.apache.org/mod_mbox/httpd-users/200506.mbox/[EMAIL
PROTECTED]
Is there some part of that you didn't understand?
>
> RewriteEngine On
> RewriteRule ^(.*) [env=REMOTE_ADDR:%{HTTP_X_FORWARDED_FOR}]
This is broken because it is trying to rewrite to the URL "[env...".
You need a dash after the patter to indicate that no rewriting will
occur. But as I've already told you, it won't work anyway.
Joshua.
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] apache 2.0 as reverse proxy using mod_rewrite
Thanks The ProxyPassReverse was the issue... It works Greetings, Herwarth -Original Message- From: Axel-Stéphane SMORGRAV [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 13:31 To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite HTTP 302 is not an error: it is a redirection. The thing which is wrong with that is the Location header which makes a reference to a server which is not known to the clients: webserver-internal. In other words, the backend server tells the browser to make a request for http://webserver-internal/dealer/sso/login. The browser tries to reach webserver-internal but fails to do so. In order for the Location header in the response to be rewritten, you need to add the following line to your configuration: ProxyPassReverse / http://webserver-internal/ Then, when the 302 response reaches the browser, the Location header will contain http://webserver/dealer/sso/login. You can probably remove the line ProxyPassReverse / http://ip-address/ although it probably does not hurt to leave it. -ascs -Original Message- From: Heitmann, Herwarth [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 1:01 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] apache 2.0 as reverse proxy using mod_rewrite Ok I made a mistake in the initial question When someone goes to https://webserver it has to be redirected to http://webserver-internal/dealer/start You were right on https://login it has no subdirectory redirect and this works without the rewrite... I got the following 302 found error from the browser (with header display tool) HTTP/1.1 302 Found Date: Fri, 24 Jun 2005 10:43:25 GMT Server: Apache/1.3.26 (Unix) Location: http://webserver-internal/dealer/sso/login;DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002 Set-Cookie: DAX_SESSION_COOKIE=C7kFPYZikF3EPG3aKAHBhK2F8JTlnu3lZPk1pcX6A22NluGlzkFK!398064258!175689490!8000!7002; path=/dealer Content-Type: text/plain; charset=UTF-8 Connection: close Transfer-Encoding: chunked So it goes to the right server but it ends at dealer/sso With the following rewrite rule in the virtual host webserver: ServerAdmin [EMAIL PROTECTED] ServerName webserver ProxyPass / http://webserver-internal/ ProxyPassReverse / http://ip-address/ SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/webserver.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/webserver.key ErrorLog logs/error_log_webserver TransferLog logs/access_log_webserver RewriteEngine On RewriteRule ^/$ https://webserver/dealer/start [R,L] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] === De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt, wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft genomen om virussen in deze email of attachments te voorkomen, dient u ook zelf na te gaan of virussen aanwezig zijn aangezien Orange niet aansprakelijk is voor computervirussen die veroorzaakt zijn door deze email. The information contained in this message may be confidential and is intended to be only for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. Although Orange has taken steps to ensure that this email and attachments are free from any virus, you do need to verify the possibility of their existence as Orange can take no responsibility for any computer virus which might be transferred by way of this email. === - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Reverse Proxy Query
Hi, I would like to know whether Apache when used as Reverse Proxy server has scripting option so that it would redirect requests to a web server (which is down due to some reason) to another backup web server. If so, can you please tell me the version of Apache where this is supported and also on the steps to do this. Thanks & Rgds, SK Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
Re: [users@httpd] Reverse Proxy Query
I don't know if Apache has such a module, but I think it can be done by running a script at cron that tests someway your server is up. If it is not, the script might change the configuration file regarding that server and reload Apache. That's a workaround, not an homologated functionality, but... myabe it can work. I had not tested it. But I don't think it could be an issue. Seeya, Miguel, A Administrador de sistemas e-mail: [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, I would like to know whether Apache when used as Reverse Proxy server has scripting option so that it would redirect requests to a web server (which is down due to some reason) to another backup web server. If so, can you please tell me the version of Apache where this is supported and also on the steps to do this. Thanks & Rgds, SK Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you - The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Hi,
well apologies for bringing this issue up again but none of the suggested
solutions actually does work. I tried the following output filter:
ExtFilterDefine proxy_hack mode=output intype=text/html outtype=text/html
cmd="/bin/sed 's/HTTP_X_FORWARDED_FOR/REMOTE_ADDR/g'"
Enabling this output filter in the appropriate vhost leads phpinfo to
displaying the variable REMOTE_ADDR twice and containing both the private (IP
of the internal Apache server) as well as the public IP address (which was
forwarded by the proxy server). I wasn't sure about the order of
HTTP_X_FORWARDED_FOR and REMOTE_ADDR so I tried this as well:
ExtFilterDefine proxy_hack mode=output intype=text/html outtype=text/html
cmd="/bin/sed 's/REMOTE_ADDR/HTTP_X_FORWARDED_FOR/g'"
This will remove REMOTE_ADDR completely. I also tried to use mod_headers but
that did not work at all:
Header unset REMOTE_ADDR
Header set REMOTE_ADDR %{HTTP_X_FORWARDED_FOR}e
That doesn't change REMOTE_ADDR at all like.
So I still don't have a solution. Any input is still greatly
appreciated...Thanks for your helo guys!
Thanks and bye,
Werner
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
On 6/24/05, Werner Schalk <[EMAIL PROTECTED]> wrote: > Hi, > > well apologies for bringing this issue up again but none of the suggested > solutions actually does work. I'm not sure how many ways I can say this: There is no way to do what you want with the included apache modules, and I don't know of any third party modules that do it either. You need to either write a custom apache module, hack the existing code, or program around it in your CGI/php scripts. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Hi Joshua, thanks for your help. In your last email you agreed upon the suggestions David Adams had (e.g. using sed a an output filter). I have tried this and it does not work. Thanks anyway. All the best & bye, Werner. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
On 6/24/05, Werner Schalk <[EMAIL PROTECTED]> wrote: > Hi Joshua, > > thanks for your help. In your last email you agreed upon the suggestions David > Adams had (e.g. using sed a an output filter). I have tried this and it does > not work. Now I understand your confusion. His suggestion was to perform this sed on the source code of the scripts, not on their output. In other words, he is telling you to edit your scripts to reference the correct variable. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Werner Schalk <[EMAIL PROTECTED]> writes: > Hi, > > well apologies for bringing this issue up again but none of the suggested > solutions actually does work. I tried the following output filter: Why do you need to solve it exactly this way? Can't you instruct your code or your Apache to simply consult HTTP_X_FORWARDED_FOR instead of or in addition to REMOTE_ADDR? It looks like your application is in PHP. Can't you simply set the environment variables how you want them when your code starts running, perhaps using a library if you need to do it many places? ScottG. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Hi, well of course I could use HTTP_X_FORWARDED_FOR instead of REMOTE_ADDR in all my scripts but the problem is that I have some customers and their scripts are relying on REMOTE_ADDR so I don't want to ask them to change their scripts... Thanks. Bye, Werner - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR (follow-up)
Hi, just a quick follow-up: Thanks to Thomas Eibner, it got it working: > I believe this module does it already: > http://stderr.net/apache/rpaf/ Yeah! All the best and thanks again, Werner. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] mod_rewrite: Overwriting REMOTE_ADDR with HTTP_X_FORWARDED_FOR
Werner Schalk <[EMAIL PROTECTED]> writes: > Hi, > > well of course I could use HTTP_X_FORWARDED_FOR instead of REMOTE_ADDR in all > my scripts but the problem is that I have some customers and their scripts > are relying on REMOTE_ADDR so I don't want to ask them to change their > scripts... Ah. Is everything you're concerned about written in PHP? If so, perhaps PHP has some mechanism for running a bit of code before each PHP file is loaded; I believe this is possible with mod_perl, for example. Maybe the PHP folks would have some useful ideas. Otherwise it sounds like you're stuck writing a small Apache module, or hiring somebody to write one for you. Sounds like a hassle, but at least a moderately interesting hassle. :) ScottG. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] OpenSSL? ModSSL? How?
Pardon my newbie question. I have Mandrake installation with the default Apache 1.3.27 server installed. I want to be able to have some websites that should support SSL. How do I do about doing that? What are the advantages or differences between OpenSSL and ModSSL? Or am I taking about Apples and Oranges? Thank you all for your generous help. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
Thanks for the hint, but although I do use ports for most things, I found that for apache and php the ports dont give me as much flexibility. And particularly the apache port is much more difficult to use than a simple "./configure --tons --of --args ;make; make install"... I actually tried to hack The thing is that I have always compiled apache from source in freebsd... First time I see this error. Any hint? - Original Message - From: "Dick Davies" <[EMAIL PROTECTED]> To: Sent: Friday, June 24, 2005 3:20 AM Subject: Re: [EMAIL PROTECTED] syntax error before '*' token * Gustavo A. Baratto <[EMAIL PROTECTED]> [0632 01:32]: Does anybody know what is this error all about? I got the same error in all combinations of these: - freebsd 5.3 and 5.4. - apache 2.0.53 and 2.0.54 - freebsd make and gmake Why don't you just use the ports tree? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports.html -- 'TAKE your dustbin to the supermarket with you so that you can see which items you have recently run out of.' -- Top Tips Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] OpenSSL? ModSSL? How?
On 6/24/05, Henry Ortega <[EMAIL PROTECTED]> wrote: > Pardon my newbie question. > > I have Mandrake installation with the default Apache 1.3.27 > server installed. I want to be able to have some websites that > should support SSL. How do I do about doing that? > What are the advantages or differences between OpenSSL > and ModSSL? Or am I taking about Apples and Oranges? More like apples and apple cores. OpenSSL is the crypto library used by the apache SSL modules. For 1.3, you have two choices of apache modules: mod_ssl and Apache-SSL. Google should locate them for you. In either case, you will need OpenSSL. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] Samba share related 404's
Is the client making typos when trying to get to the samba share? I.e. typing "blah.blah.com/share" instead of \\blah.blah.com\share? -Original Message- From: Boyle Owen [mailto:[EMAIL PROTECTED] Sent: Friday, June 24, 2005 8:54 AM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] Samba share related 404's > -Original Message- > From: Marty Landman [mailto:[EMAIL PROTECTED] > Sent: Freitag, 24. Juni 2005 14:48 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] Samba share related 404's > > > Hi, > > I've been getting errors like these for a long time and was > hoping someone > could suggest the cause, and possibly the cure: > > [Fri Jun 24 08:23:02 2005] [error] [client 192.168.0.1] File does not > exist: /usr/local/apache/htdocs/look > [Fri Jun 24 08:23:03 2005] [error] [client 192.168.0.1] File does not > exist: /usr/local/apache/htdocs/web Someone or somehting is issuing requests for http://server/look and http://server/web. Use the timestamps to cross-reference the error messages with the requests in teh access log to see who's making the requests. Rgds, Owen Boyle Disclaimer: Any disclaimer attached to this message may be ignored. > > > The client IP is my workstation/gateway and the 2 lines above > are from the > httpd error log on another server on my LAN. The referenced > path up to > /htdocs/ is the default apache path on that server as the manual was > installed there, but not the path for any websites I've set > up on that box. > > And 'look' and 'web' are the names of two samba shares I've > set up for the > box with the server on it. > > Hope this makes sense, hoping there's a way to unclutter the log. > > Thanks in advance. > > Marty > > > Marty Landman, Face 2 Interface Inc. 845-679-9387 > Search & Sort Easily: > http://face2interface.com/Products/FormATable.shtml > Web Installed Formmail: http://face2interface.com/formINSTal > > > - > The official User-To-User support forum of the Apache HTTP > Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a private and personal nature. It is not related to the exchange or business activities of the SWX Group. Le présent e-mail est un message privé et personnel, sans rapport avec l'activité boursière du Groupe SWX. This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Chroot question.
Hey all, I have setup apache 1.3.33 on Solaris 9 in a chroot environment and just wanted to ask a simple question. If there is a /proc directory in the jail should the apache processes be in the real root /proc directory or in the jail /proc directory. This is the first time I have ever setup a chroot jail so I just want to be sure. Sorry if this OT. Thanks, Sam Gold - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Re: mod_rewrite and mod_auth ordering issue
Stephen Shirley said: > Morning, > I want to use mod_auth for apache2 to restrict access to a directory on > a website. I also want to use mod_rewrite to force such authentication > to be over https. One way to do this: use a RedirectPermanent to the https-site in the http-vhost, and put the authentication part in the https-vhost. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] https redirect
> We now see the need to move the non-secure site to it's own server. So I > need apache to redirect all the non-secure traffic from the old server to > the new server, and all the secure traffic from the new server to the old > server. I have accomplished the non-secure traffic of the old server to > be > redirected, but I can't get the new server secure traffic to be > redirected. > > is this even possible? If I get this correct: Current situation: http://domain and https://domain both point to the current machine New situation: http://domain to the new machine, https://domain to the current machine. Possible solution: have DNS point 'domain' to the current machine, and use reverse proxying to pass the http-requests to the new machine. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
Gustavo A. Baratto said: > I'm using the standard gcc that comes with freebsd: Are you sure? >>> gmake[4]: Entering directory >>> `/home/admin2/src/httpd-2.0.54/server/mpm/prefork' >>> /home/admin2/src/httpd-2.0.54/srclib/apr/libtool --silent >>> --mode=compile >>> cc -g -O2-D_REENTRANT -D_THREAD_SAFE >>> -DAP_HAVE_DESIGNATED_INITIALIZER [] That's 'cc' and not 'gcc'. I don't have access to my freebsd machine atm, but cc and gcc could be completely different compilers. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Re: Dynamic refreshing of Proxy Rules
> It would be nice to have Apache reload proxy rules at regular > (configurable) intervals w/o the need to bounce the webserver. apachectl graceful in the crontab? > Another thing, I desire in mod_proxy is the ability to specify a Failover > backend (remote) host, in case one host does not respond or is too busy. > Ideally it would be great to have some kind of load-balancing proxy (with > failover) solution so that we do not have to rely on external > load-balancers. reverse-proxy to a DNS-name, and let DNS do the load balancing. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
Not really. They are the same: # md5 /usr/bin/cc MD5 (/usr/bin/cc) = 13df95e5e0f1dbf3fc538e83b01dc1c2 # md5 /usr/bin/gcc MD5 (/usr/bin/gcc) = 13df95e5e0f1dbf3fc538e83b01dc1c2 Even if I add CC=gcc in the environment, I get the same error. - Original Message - From: "Joost de Heer" <[EMAIL PROTECTED]> To: "Gustavo A. Baratto" <[EMAIL PROTECTED]> Cc: Sent: Friday, June 24, 2005 2:17 PM Subject: Re: [EMAIL PROTECTED] syntax error before '*' token Gustavo A. Baratto said: I'm using the standard gcc that comes with freebsd: Are you sure? gmake[4]: Entering directory `/home/admin2/src/httpd-2.0.54/server/mpm/prefork' /home/admin2/src/httpd-2.0.54/srclib/apr/libtool --silent --mode=compile cc -g -O2-D_REENTRANT -D_THREAD_SAFE -DAP_HAVE_DESIGNATED_INITIALIZER [] That's 'cc' and not 'gcc'. I don't have access to my freebsd machine atm, but cc and gcc could be completely different compilers. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] 2 Gig Apache File Size Limit...
Hello, I'm running apache 2.0.46 on RHEL AS3 and I have some image files that are over the 2gig file size limit, is there anything I can do to increase this to 4 or more gigs? Thanks, - Charles - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] mod_rewrite not applied to default files?
Hi,
I'm using mod_rewrite to send .html files as application/xhtml+xml for
agents that say they accept it, and text/html for all others, using
mod_rewrite.
At the moment I simply have a .htaccess file with
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} \.html$
RewriteCond %{HTTP_ACCEPT} application/xhtml\+xml
RewriteRule .* - [T=application/xhtml+xml]
This works fine on, for example,
http://chrisseaton.skylis.net/index.html, but it does not work on, for
example, http://chrisseaton.skylis.net/. mod_rewrite doesn't seem to be
applied when serving a default file for a directory.
I tested this by modifying my .htaccess to read
RewriteEngine on
RewriteRule .* - [T=application/xhtml+xml]
With this every file should be served as application/xhtml+xml, and they
all were, apart from the default file for the directory - which still
went out as the .html default of text/html.
I'm using Mozilla HTTP live headers to check the MIME type returned by
the server.
Can anyone help? Thanks a lot.
Chris Seaton
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] 2 Gig Apache File Size Limit...
I think this was discussed about 6 months back. If I recall you need to first make sure the filesystem can support files larger than 2gb. I think this was the problem that they had. Gary > -Original Message- > From: Charles Heizer [mailto:[EMAIL PROTECTED] > Sent: Friday, June 24, 2005 3:16 PM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] 2 Gig Apache File Size Limit... > > Hello, > I'm running apache 2.0.46 on RHEL AS3 and I have some image files that are > over the 2gig file size limit, is there anything I can do to increase this > to 4 or more gigs? > > Thanks, > - Charles > > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Re: Dynamic refreshing of Proxy Rules
Thanks Joost, I am not so confident about "apachectl -k graceful". I was actually referring to something within the Apache runtime. The parent process polls the config files or a file with just proxy rules for changes and communicates it to the child processes. But since you have mentioned it, are you aware of any medium to big site using "apachectl -k graceful " on a daily basis and during peak hours. Also we are using a Netegrity Siteminder agent and they do not recommend/support apache recycle using graceful. About the DNS round-robin, well we could have used it if it was smart enough to route a subsequent user request to the same backend server which established the user session in the first place. I mean load-balancing and routing request based on session information in the request header (or a session cookie). Thanks again. "Joost de Heer" <[EMAIL PROTECTED]> 06/24/2005 02:18 PM Please respond to [EMAIL PROTECTED] To "Jignesh Badani" <[EMAIL PROTECTED]> cc users@httpd.apache.org Subject Re: Dynamic refreshing of Proxy Rules > It would be nice to have Apache reload proxy rules at regular > (configurable) intervals w/o the need to bounce the webserver. apachectl graceful in the crontab? > Another thing, I desire in mod_proxy is the ability to specify a Failover > backend (remote) host, in case one host does not respond or is too busy. > Ideally it would be great to have some kind of load-balancing proxy (with > failover) solution so that we do not have to rely on external > load-balancers. reverse-proxy to a DNS-name, and let DNS do the load balancing. Joost - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] 2 Gig Apache File Size Limit...
I believe it is the current version (2.0x) limitation You may want to check this out: http://httpd.apache.org/docs-2.1/new_features_2_2.html New Features in Apache 2.1/2.2 -- Large File Support httpd is now built with support for files larger than 2Gb on modern 32-bit Unix systems. Support for handling >2Gb request bodies has also been added. "Gary W. Smith" <[EMAIL PROTECTED]> 06/24/2005 05:46 PM Please respond to users@httpd.apache.org To cc Subject RE: [EMAIL PROTECTED] 2 Gig Apache File Size Limit... I think this was discussed about 6 months back. If I recall you need to first make sure the filesystem can support files larger than 2gb. I think this was the problem that they had. Gary > -Original Message- > From: Charles Heizer [mailto:[EMAIL PROTECTED] > Sent: Friday, June 24, 2005 3:16 PM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] 2 Gig Apache File Size Limit... > > Hello, > I'm running apache 2.0.46 on RHEL AS3 and I have some image files that are > over the 2gig file size limit, is there anything I can do to increase this > to 4 or more gigs? > > Thanks, > - Charles > > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Chroot question.
"Gold, Samuel (Contractor)" <[EMAIL PROTECTED]> writes: > Hey all, > > I have setup apache 1.3.33 on Solaris 9 in a chroot environment and just > wanted to ask a simple question. If there is a /proc directory in the jail > should the apache processes be in the real root /proc directory or in the > jail /proc directory. This is the first time I have ever setup a chroot > jail so I just want to be sure. Sorry if this OT. I wouldn't give your chroot'd Apache access to the real /proc unless something required it. If possible, I would just not put a /proc at all. ScottG. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
