[EMAIL PROTECTED] per-subdirectory 405 Method Not Allowed in .htaccess file for read-only WebDAV
Dear Experts, I have a directory named 'foo' in which I have a subdirectory named 'bar' and an '.htaccess' file in which I need to specify that all methods expect GET, HEAD, OPTIONS, and PROPFIND on all resources in the 'bar' subdirectory should result in 405 Method Not Allowed response. The directory layout is as follows: foo .htaccess bar ... I cannot have .htaccess in 'bar' and thus cannot specify for the 'bar' directory, plus and both result in 403 Forbidden rather than 405 Method Not Allowed. Am I to use mod_rewrite rewrites with the R=405 flag? If so, can I somehow add the list of allowed methods to the Allow header in 405 Method Not Allowed responses as required by RFC 2616 section 10.4.6? The ultimate goal here is to make the 'bar' subdirectory of the WebDAV-enabled 'foo' directory read-only for everyone. Thanks, Vasiliy - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] How to start Apache automatically with certificate?
On Thu, Sep 4, 2008 at 10:51 PM, Joseph S D Yao <[EMAIL PROTECTED]> wrote: > I did figure someone would point out that I'd said more words than those > in the last entry. I really don't want to add any more to this topic. > If anyone else can stand up and say that THEY have admin'ed Unix, Linux, > BSD, etc. for over 35 years, and NEVER seen a mistake made worse because > the person making the mistake was su'ed or sudo'ed to root, then I will > applaud that person's good luck - SILENTLY. In the end always make backups. I've in my career (only 15 years) once deleted files as root by accident. But it has only happened once, and it was in the first year of my career. BTW, I'm impressed that you were already admin'ing Unix when there were only a few hundred installations worldwide... A lot of things can go wrong. A lot of things are run as root even when it's not obvious. I've seen a system thoroughly wrecked by a typing error in a postinstall script included in a sun package. Luckily this was a test system, and it was exactly to catch such things that the package was installed on a test system first. That's how you do it in a real production environment. I don't edit httpd.conf on any production server. I do it on an integration machine, ship a package to a test machine, and if it passes the tests (executed by someone else) it goes on production. Krist -- [EMAIL PROTECTED] [EMAIL PROTECTED] Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Query on access log for entry of %T
Hi All, Thanks for all help.One basic question, how can I figure out my TimeOut value has expired?In the error logs do we see any entry for this or can you tell me the steps to simulate? Regards Arnab On Thu, Sep 4, 2008 at 11:02 PM, Eric Covener <[EMAIL PROTECTED]> wrote: > On Thu, Sep 4, 2008 at 12:23 PM, Arnab Ganguly <[EMAIL PROTECTED]> > wrote: > > Hi All, > > Thanks for your time and paitence. > > I am not worried about the TimeOut value as I am not using mod_cgid.so. > > TimeOut isn't mod_cgid specific. > > > What I understand from your explanation is even if the Client times out > before > > the response comes in time,Apache can send the response back to the > > client.Also this is the time which it actually took to serve the > request?If > > I am not correct let me know. > > Not sure what you mean specifically by "if the client times out". IF > the client decided it was waiting too long and it closes the TCP > connection, Apache won't figure this out until it actually tries to > write to the client (vs. e.g. busy reading from a proxy backend, in a > buggy php script) > > > > But just curious about the Client side, so when it gets a response from > the > > webserver for which it has timed out, the response may be discarded > also.Let > > me know your views. > > If the client gets tired of waiting and closes the connection, it > won't see a response. > > -- > Eric Covener > [EMAIL PROTECTED] > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
[EMAIL PROTECTED] Problems connecting using Apache on Vista
A little background: I have a client-server application that I created using Delphi. The database server is a Windows 2003 operating system running Oracle and Oracle HTTP Server (Apache 1.3.34). eq_prod.dll is registered with Apache as a handler. The client connects to the database and all works well with this configuration. Development was done on Windows XP running Apache 1.3.39. I am able to run the client software and connect to the database through either the local Apache on the development machine or the Oracle Http Server on the database server. The problem comes when testing Vista Ultimate as my new development platform. I had no errors installing Apache 1.3.39 on Vista. Apache seems to run with the same httpd.conf file that I used on Windows XP. If I run my client software on Vista, I am able to connect to the database through the Oracle Http Server on the database server. If I run the client using the local Apache I get the following error: "Access violation at address 02207FE26 in module 'eq_prod.dll'. Read of address 0B37F330". eq_prod.dll is the name of my server component of the client-server software. Thinking that this may be a permissions error, I have tried running Apache as an administrator, the client as administrator, and both as administrator with no avail. I get the same error with minor changes in the two addresses regardless. An error.log file is created when Apache is ran but contains no data. Any suggestions, David Gley
Re: [EMAIL PROTECTED] Getting back HTTP as-is like plain text sometimes
On Thu, Sep 4, 2008 at 10:09 AM, Dragon <[EMAIL PROTECTED]> wrote: > Dobes Vandermeer did speak thusly: >> >> On Thu, Sep 4, 2008 at 9:56 AM, Dragon <[EMAIL PROTECTED]> wrote: >> > Dobes Vandermeer did speak thusly: >> >> >> >> For some reason I'm not getting any hits on my google searches for >> >> this, so I'm trying this mailing list. >> >> >> >> The issue I'm running into is that sometimes I get back the HTTP >> >> response as plain text, instead of the *content* of the HTTP response >> >> as the correct content type. >> >> >> >> Has anyone seen this before? Any ideas what might cause it? >> >> >> > >> > Does the browser you are using know how to handle the content type? >> >> It seems to be happening for pretty standard content-types, such as >> html pages on the site, so I seem like this is the issue. >> >> It also happens in different browsers. > > OK, so then are you certain that the content type header is always being > sent? Yes, as far as I can tell it is always included in the HTTP dump that I get. Besides, which content-type includes the HTTP response headers in it? > I know you sent a list of headers in your original post and it was there, > but was that for a failed request or a successful one? It was a failed request - the only reason I had a copy of the headers was that I saw them in the browser window. > Other than that, I am at a loss as to what might be happening. Me too :-( I wish I could reproduce this more frequently so that I could file a bug or something -- Dobes Vandermeer Director, Habitsoft Inc. [EMAIL PROTECTED] 778-891-2922 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Problems connecting using Apache on Vista
Gley, David B CTR USAF AFMC HQ AFMC/A7AQ did speak thusly: A little background: I have a client-server application that I created using Delphi. The database server is a Windows 2003 operating system running Oracle and Oracle HTTP Server (Apache 1.3.34). eq_prod.dll is registered with Apache as a handler. The client connects to the database and all works well with this configuration. Development was done on Windows XP running Apache 1.3.39. I am able to run the client software and connect to the database through either the local Apache on the development machine or the Oracle Http Server on the database server. The problem comes when testing Vista Ultimate as my new development platform. I had no errors installing Apache 1.3.39 on Vista. Apache seems to run with the same httpd.conf file that I used on Windows XP. If I run my client software on Vista, I am able to connect to the database through the Oracle Http Server on the database server. If I run the client using the local Apache I get the following error: "Access violation at address 02207FE26 in module 'eq_prod.dll'. Read of address 0B37F330". eq_prod.dll is the name of my server component of the client-server software. Thinking that this may be a permissions error, I have tried running Apache as an administrator, the client as administrator, and both as administrator with no avail. I get the same error with minor changes in the two addresses regardless. An error.log file is created when Apache is ran but contains no data. Any suggestions, David Gley End original message. - From the error message, it sounds like the DLL is not Vista compatible. The error message you are getting is saying that the program is attempting to access a location outside of its allocated protected memory space. That has nothing to do with Apache or what user it or the application are being run as. Dragon ~~~ Venimus, Saltavimus, Bibimus (et naribus canium capti sumus) ~~~ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_rewrite bug/by design with mod_mem_cache cached files?
Hi,
I'm using apache 2.2.9 with mod_mem_cache to cache some javascript
files, which is working fine.
Today, I added a rewrite rule to forbid access (403) to everything in a
virtualhost based on the Opera browser, which obviously included the
javascript files.
Problem is, the cached files in memory weren't getting forbidden, yet
everything non-cached was.
If I turn off mod_mem_cache, everything gets forbidden as it should.
Is there either a bug in the rewrite or caching modules that is allowing
this rule to get circumvented? Is it by design? Am I messing up my
config?
Here's what I have in my virtualhost config..
RewriteCond %{HTTP_USER_AGENT} ^.*(opera).*$ [NC]
RewriteRule ^(.*)$ - [F,L]
CacheDefaultExpire 300
CacheEnable mem /js
CacheEnable mem /images
CacheIgnoreQueryString On
MCacheRemovalAlgorithm LRU
MCacheMaxObjectCount 100
MCacheMaxObjectSize 15
MCacheMinObjectSize 10
MCacheSize 10240
Here are sample back-to-back log entries (note, last parameter in log
line is %{Age}o"
129.7.109.142 - - [05/Sep/2008:08:13:25 -0600] "GET /js/2273/pd.js?ps=6
HTTP/1.1" 200 7545 "REFERER" "Opera/9.50 (Windows NT 5.1; U; en)" 1
129.7.109.142 - - [05/Sep/2008:08:13:27 -0600] "GET
/cp/psj?killCache=1220624007222&divId=2273&printSpecId=6 HTTP/1.1" 403
15 "REFERER" "Opera/9.50 (Windows NT 5.1; U; en)" -
-Tony
---
Manager, IT Operations
Format Dynamics, Inc.
303-573-1800x27
[EMAIL PROTECTED]
http://www.formatdynamics.com
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Getting back HTTP as-is like plain text sometimes
Dobes Vandermeer did speak thusly: > > OK, so then are you certain that the content type header is always being > sent? Yes, as far as I can tell it is always included in the HTTP dump that I get. Besides, which content-type includes the HTTP response headers in it? I am not sure what you are asking there. As a result of an HTTP request to Apache, it will always send a series of headers before it sends content. I forget the exact specifics on this as I have not looked at the relevant RFC in quite a while. BTW, the relevant RFC for HTTP 1.1 is RFC2616 OK, after scanning through it pretty quickly, I have a suspicion what may be happening. When the HTTP server sends a response it sends a series of header lines including some details on the status of the request, a timestamp, and a variety of headers defining the content of the request. Each header line is terminated with a CRLF pair. The header section is then terminated with a blank line consisting of ONLY a CRLF pair. I suspect a blank line is getting to the browser before the end of the headers and definitely before the content type header. In such a case, the browser is likely to default to plain text. > I know you sent a list of headers in your original post and it was there, > but was that for a failed request or a successful one? It was a failed request - the only reason I had a copy of the headers was that I saw them in the browser window. Which tends to support my theory above. If you saw them in the browser window, then the browser must have believed that the end of headers had already been sent and took everything beyond that to be plain text content. This will require some more digging. If you have Firefox installed, you can use the LiveHeaders plugin to capture the request and response headers when you load the page. Or if you have a Linux or similar machine that supports wget, you can use it to do the same. > Other than that, I am at a loss as to what might be happening. Me too :-( I wish I could reproduce this more frequently so that I could file a bug or something Well, we need a real good look at the HTTP transaction to determine that. You may need to do some more digging beyond that to see where the problem is occuring. Dragon ~~~ Venimus, Saltavimus, Bibimus (et naribus canium capti sumus) ~~~ - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite bug/by design with mod_mem_cache cached files?
On Fri, Sep 5, 2008 at 1:20 PM, Anthony J. Biacco <[EMAIL PROTECTED]> wrote: > Hi, > > I'm using apache 2.2.9 with mod_mem_cache to cache some javascript > files, which is working fine. > > Today, I added a rewrite rule to forbid access (403) to everything in a > virtualhost based on the Opera browser, which obviously included the > javascript files. top of http://httpd.apache.org/docs/2.2/mod/mod_cache.html : This module should be used with care and can be used to circumvent Allow and Deny directives. You should not enable caching for any content to which you wish to limit access by client host name, address or environment variable. Once the cache is on, it gets served so early that these modules don't get to run. -- Eric Covener [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] mod_rewrite bug/by design with mod_mem_cache cached files?
Thanx for that. -Tony --- Manager, IT Operations Format Dynamics, Inc. 303-573-1800x27 [EMAIL PROTECTED] http://www.formatdynamics.com -Original Message- From: Eric Covener [mailto:[EMAIL PROTECTED] Sent: Friday, September 05, 2008 12:13 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] mod_rewrite bug/by design with mod_mem_cache cached files? On Fri, Sep 5, 2008 at 1:20 PM, Anthony J. Biacco <[EMAIL PROTECTED]> wrote: > Hi, > > I'm using apache 2.2.9 with mod_mem_cache to cache some javascript > files, which is working fine. > > Today, I added a rewrite rule to forbid access (403) to everything in a > virtualhost based on the Opera browser, which obviously included the > javascript files. top of http://httpd.apache.org/docs/2.2/mod/mod_cache.html : This module should be used with care and can be used to circumvent Allow and Deny directives. You should not enable caching for any content to which you wish to limit access by client host name, address or environment variable. Once the cache is on, it gets served so early that these modules don't get to run. -- Eric Covener [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] Require Directive
3 4 AuthServer https://webauth03.iavian.com/ 5 Require valid-user 6 AuthType Basic 9 10 11 15 How do i not to protect subdirectory /home/vijay/src/atd/borg/html/public while protecting /home/vijay/src/atd/borg/html ? http://iavian.com
Re: [EMAIL PROTECTED] Require Directive
On Fri, Sep 5, 2008 at 2:58 PM, Vjy <[EMAIL PROTECTED]> wrote: > > How do i not to protect subdirectory /home/vijay/src/atd/borg/html/public > while protecting /home/vijay/src/atd/borg/html ? > 3 > 4 AuthServer https://webauth03.iavian.com/ > 5 Require valid-user > 6 AuthType Basic > 9 > 10 > 11 order deny,allow allow from all satisfy any > 15 -- Eric Covener [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] Getting back HTTP as-is like plain text sometimes
On Fri, Sep 5, 2008 at 10:32 AM, Dragon <[EMAIL PROTECTED]> wrote: > Dobes Vandermeer did speak thusly: >> >> > >> > OK, so then are you certain that the content type header is always being >> > sent? >> >> Yes, as far as I can tell it is always included in the HTTP dump that >> I get. Besides, which content-type includes the HTTP response headers >> in it? > > OK, after scanning through it pretty quickly, I have a suspicion what may be > happening. I suspect a blank line is getting > to the browser before the end of the headers and definitely before the > content type header. In such a case, the browser is likely to default to > plain text. Yeah, that seems possible. What I wonder about is that it happens so infrequently - I haven't seen it for a few days now. I'll keep an eye out for it and try and devise a way to reproduce it more reliably. I was hoping someone on the list had previously had this problem and found a solution. >> > Other than that, I am at a loss as to what might be happening. >> >> Me too :-( I wish I could reproduce this more frequently so that I >> could file a bug or something > > Well, we need a real good look at the HTTP transaction to determine that. Thanks for your help. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] debugging fastcgi/ACTION directive in Apache Config
Eric Covener wrote: # where the actual fastcgi, the php interpreter, lives ScriptAlias /fcgi-bin /stuff/cgi-bin Options ExecCGi SetHandler fastcgi-script Action my-fastcgi /fcgi-bin/php-fastcgi AddHandler my-fastcgi .php Alias /foo /usr/local/foo Alias worked great. Thanks - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] fastcgi/cygwin failures
Good evening, After much hair pulling I've found my particular bug with fastcgi on Windows Apache. I thought I would share with the community. Any fastcgi binary application compiled with Microsoft (msvc 8, etc) compilers and running against a mod_fastcgi compiled under cygwin with a version of 1.5.24 or earlier will fail. The cygwin libraries do not emulate dup2() in such a way that the duplicated handle is reliably inheritable by a child process. This causes the fastcgi application to fail if it uses a tcp/ip connection for interprocess communication. There's a discussion of the problem here: http://www.nabble.com/Socket-inheritance-with-fork-dup2-exec-td11243160.html Jay Sprenkle - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] per-subdirectory 405 Method Not Allowed in .htaccess file for read-only WebDAV
Vasiliy Baranov wrote: Dear Experts, I have a directory named 'foo' in which I have a subdirectory named 'bar' and an '.htaccess' file in which I need to specify that all methods expect GET, HEAD, OPTIONS, and PROPFIND on all resources in the 'bar' subdirectory should result in 405 Method Not Allowed response. The directory layout is as follows: foo .htaccess bar ... I cannot have .htaccess in 'bar' and thus cannot specify for the 'bar' directory, plus and both result in 403 Forbidden rather than 405 Method Not Allowed. Am I to use mod_rewrite rewrites with the R=405 flag? If so, can I somehow add the list of allowed methods to the Allow header in 405 Method Not Allowed responses as required by RFC 2616 section 10.4.6? The ultimate goal here is to make the 'bar' subdirectory of the WebDAV-enabled 'foo' directory read-only for everyone. Without being able to either move/create an .htaccess file under bar or specify the settings in the global apache config, I don't think there is a way to make the apply just to the bar directory. You would need to encompass it in a or directive, but those directives are only allowed in the global and virtualhost config context. Even with mod_rewrite, since you are actually tricking the server to report the 405 error code, I don't think you'll be able to report a proper list of commands in the "Allow" header without using . Justin Pasher - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
