Re: [EMAIL PROTECTED] Tomcat Issue

[André Warnier]

Mohit Anchlia wrote:

I wasn't able to find appropriate forum for Tomcat. I thought I'll
check if this is right place.


It is not.
Tomcat's list is here : [EMAIL PROTECTED]


I am using tomcat as my web and app server. I need to rewrite URL just
like mod_rewrite in apache. Is that possible to do that in tomcat.


Look here for a nice functionally similar add-on module for Tomcat :
http://www.tuckey.org
and check UrlRewriteFilter.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] windows "top" to view apache scripts called.

[Brent Clark]

Hi

I got this developer that cant code for ..

Anyway on my *BSD / Linux boxes I just run top and I can view the 
scripts called etc.


For windows in Task Manager it just says perl.exe. Would anyone know how 
to view the script thats causing havoc on my machine.


Regards
Brent Clark

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] question on DirectoryIndex "inheritance"

[André Warnier]

Hi.

Apache 2.2.x, any platform

Suppose I have this configuration snippet :


  Options Indexes
  DirectoryIndex index.html welcome.html index.php whatever.html
...


  Options ?
  DirectoryIndex ??


How do I specify that the list of index documents provided in the 
"topdir" is no longer valid in "subdir", and that I would like Apache to 
just return its standard self-generated list of files ?


- if in subdir, I specify neither Options nor DirectoryIndex, then these 
options are inherited from topdir, which is not what I want.
- if I put in subdir "Options -Indexes", then the list of index 
documents is still inherited from topdir; Apache looks for all of them 
in sequence, and if neither of these documents is present in subdir 
(which is the case), Apache returns "forbidden", which is also not what 
I want
- if I put no "Options", but I put a "DirectoryIndex 
SomeOtherFile.html", then at each access to "subdir", Apache still looks 
for "SomeOtherFile.html", and if it does not find it (which is the 
case), generates the index itself.  Which is essentially what I want, 
but I find the useless lookup for "SomeOtherFile.html", well, useless..


What I would like is leaving topdir as it is, but in "subdir" stopping 
Apache even looking for an index document (since there is none), and 
immediately return the list of files.

Is there a way to do that ?
(I did not see a "DirectoryIndex none" as a possibility in the doc)

Thanks in advance

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Deny/Allow directives within have no effect [Workaround]

[Steffen Neumann]

On Mon, 2008-09-29 at 22:28 +0200, André Warnier wrote:
> The first thing maybe to check is if you don't by any chance have some 
>  sections that override your  section.
Yup, that got me on the right track.

I had a spurious  I copied 
from a httpd.conf that was used for an application 
on a dedicated server.

Thanks André,
Yours,
Steffen

-- 
IPB HalleAG Massenspektrometrie & Bioinformatik
Dr. Steffen Neumann  http://www.IPB-Halle.DE
Weinberg 3   http://msbi.bic-gh.de
06120 Halle  Tel. +49 (0) 345 5582 - 1470
  +49 (0) 345 5582 - 0
sneumann(at)IPB-Halle.DE Fax. +49 (0) 345 5582 - 1409


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines

[Brian Mearns]

Not sure what the default xampp setup is, but look for the Listen
directive to verify which ports apache is actually listening on, and
make sure those are forwarded.

Also, I'm not sure how much you know about networks (so pardon me if
you consider this suggestion offensive): are you connecting to your
router's public IP address, or your system's local address? If you got
the ip address from something like ipconfig, then it's the local
address. If it's something like 192.168.x.x, it's a local address. To
get the public address, you can go to a site like
whatismyipaddress.com.

Best of luck
-Brian

On Mon, Sep 29, 2008 at 10:05 PM, Nilesh Govindrajan <[EMAIL PROTECTED]> wrote:
> check the logs
>
> On Tue, Sep 30, 2008 at 4:48 AM, <[EMAIL PROTECTED]> wrote:
>>
>> Ok done all the research I can, time for some collaboration.
>>
>> New Server apache 2.5
>>
>> apache running default configuration xampp/htdocs/index.html
>>
>> http://localhost and http://ipaddress works great.
>>
>> outside machines cannot connect to http://ipaddress
>>
>> main gateway and routers have been forwarded from port 80 and port 443 as
>> apache suggests, to the machines ip address. no machines outside the network
>> can connect. Firewalls are temporarily off.
>>
>> is there anything in the httpd file or apache that needs to be changed in
>> order to display a webpage via the web?
>>
>> Jay
>
>
> --
> Nilesh Govindrajan ([EMAIL PROTECTED])
>
> iTech7 Site and Server Administrator
>
> www.itech7.com
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines

[Nilesh Govindrajan]

On Tuesday 30 September 2008 04:58:31 pm Brian Mearns wrote:
> Not sure what the default xampp setup is, but look for the Listen
> directive to verify which ports apache is actually listening on, and
> make sure those are forwarded.
>
> Also, I'm not sure how much you know about networks (so pardon me if
> you consider this suggestion offensive): are you connecting to your
> router's public IP address, or your system's local address? If you got
> the ip address from something like ipconfig, then it's the local
> address. If it's something like 192.168.x.x, it's a local address. To
> get the public address, you can go to a site like
> whatismyipaddress.com.
>
> Best of luck
> -Brian
>
> On Mon, Sep 29, 2008 at 10:05 PM, Nilesh Govindrajan <[EMAIL PROTECTED]> 
wrote:
> > check the logs
> >
> > On Tue, Sep 30, 2008 at 4:48 AM, <[EMAIL PROTECTED]> wrote:
> >> Ok done all the research I can, time for some collaboration.
> >>
> >> New Server apache 2.5
> >>
> >> apache running default configuration xampp/htdocs/index.html
> >>
> >> http://localhost and http://ipaddress works great.
> >>
> >> outside machines cannot connect to http://ipaddress
> >>
> >> main gateway and routers have been forwarded from port 80 and port 443
> >> as apache suggests, to the machines ip address. no machines outside the
> >> network can connect. Firewalls are temporarily off.
> >>
> >> is there anything in the httpd file or apache that needs to be changed
> >> in order to display a webpage via the web?
> >>
> >> Jay
> >
> > --
> > Nilesh Govindrajan ([EMAIL PROTECTED])
> >
> > iTech7 Site and Server Administrator
> >
> > www.itech7.com
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]

No I don't consider your suggestion offensive as I am not a network engineer! 
I am just a student running my website on my home PC with apache, php, mysql.
I didn't configure my box for public address. The router has a public static 
ip address. Internally my box's address is 10.0.0.2 and that of router is 
10.0.0.1


signature.asc
Description: This is a digitally signed message part.

[EMAIL PROTECTED] disable to responded to an unrequested SSL Certificate

[Andre Hübner]

Hi List,

costumer did a nessus pci-scan to fit worldpay requirements. Result was a 
security risk at ssl section:


Family: Remote Shell Access Critical 443/tcp 11875
Description:
The remote host responded to an unrequested SSL Certificate. The remote SSL 
server should have
sent back an Error message. This may indicate that the server is vulnerable 
to a remote
flaw in the way that it handles unrequested certificates. You should 
manually inspect the

SSL Server's configuration



In my httpd.conf i have:


   SuexecUserGroup user  user
   Serveradmin [EMAIL PROTECTED]
   DocumentRoot /www/htdocs/user/
   ServerName www.hostname.com
   php_admin_value open_basedir 
/www/htdocs/user/:/tmp:/usr/bin:/www/htdocs/user:/bin:/usr/local/bin:/usr/share/php

   ScriptAlias /cgi-bin/ "/www/htdocs/user/cgi-bin/"
   SSLEngine on
   SSLCertificateFile /path/to/SSL2_www.hostname.com.crt
   SSLCertificateKeyFile /path/to/SSL2_www.hostname.com.key
   SSLCACertificateFile /path/to/SSL2_www.hostname.com.bundle.crt
   SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
   SetEnvIf User-Agent ".*MSIE.*" \
   nokeepalive ssl-unclean-shutdown \
   downgrade-1.0 force-response-1.0


Is there a possibility to send this error when requested the ssl-connection 
with wrong hostname. Did not found really fitting options.

Thank your for hints etc.
Andre


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] disable to responded to an unrequested SSL Certificate

[Krist van Besien]

On Tue, Sep 30, 2008 at 2:14 PM, Andre Hübner <[EMAIL PROTECTED]> wrote:

> In my httpd.conf i have:
>   SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire

Why do you have these options? Do you have SSL authentication configured?

Krist


-- 
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Mod_Proxy and 100-Continue

[Tom Wells]

Hi Group

I'm fairly confident I've found a bug in mod_proxy in Apache 2.2.9 but
would like your opinion before I log anything to the bug tracker. It's
something I discovered while working in mod_python, but I've managed
to get it occurring with a bare-bones Apache 2.2.9 setup using only
mod_proxy and mod_headers:

This is my vhost configuration:
ProxyRequests Off

  Order Deny,Allow
  Allow from all


  ServerName munchkin.synthesis.co.za
  Header add Set-Cookie "MOD_PROXY_FOOD=FOO;" early
  Header add Set-Cookie "MOD_PROXY_KEEP=BAR;"
  
ProxyPass http://192.168.16.225:8118/sonik/
  
  ErrorLog /home/tom/dev/apache/deploy/logs/error.log
  LogLevel notice
  CustomLog /home/tom/dev/apache/deploy/logs/access.log combined


The config above is forwarding requests to /sonik/ to another host
after setting two cookies, one early and one late. I am no Apache
guru, but as I understand it the early cookie is set before handlers
are processed (i.e. before modproxy kicks in) and the late will be
appended to the response after modproxy has done it's processing and
produced a complete response. Also (as far as I understand) modproxy
should try to preserve any headers already set before processing by
merging the headers before and after processing (especially any
Set-Cookie headers).

So in general this works as expected, with both cookies being returned
to the caller for regular GET and POST requests. However the problem
I've noticed is where the request contains an "Expect:100-Continue",
that the early cookie is discarded by modproxy. After some further
investigation the root problem appears that modproxy doesn't handle
the "HTTP/1.1 100 Continue\r\n\r\n" within the response from the
back-end host nicely when performing the merging of headers. I
discovered this by writing back both of these responses from the
back-end host:

"HTTP/1.1 200 OK
Content-Length: 1

"

And

"HTTP/1.1 100 Continue

HTTP/1.1 200 OK
Content-Length: 1

"

The first response produces a final response to the client which
contains both Set-Cookie headers, and the second response produces a
final response to the client which contains only the late Set-Cookie
header.

Maybe this is normal modproxy behaviour, I can't be certain, but
reading through some of mod_proxy_http.c seems to show that this is
the intention. However I was able to test this on another Apache
instance running 2.2.4 and modproxy retains both cookies in both
cases. So either this is a bug in 2.2.9 or it's a bug that was fixed
since 2.2.4.

Your thoughts?

Thanks,
Tom

--
http://www.tomwells.org

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] problem with cgi functionality

[Mohan gupta]

hello everyone,
i am very new to apache and tried using it ,but my problem is

i have cgi script written in c++ which outputs a perfect xhtml code
and i also output the content type declaration at the start i.e before
"

Re: [EMAIL PROTECTED] Question about SSL and Apache and a certificate error

[Justin Pasher]

Mike Soultanian wrote:

Justin Pasher wrote:
Ahhh... Now it should actually be possible. If possible, I would 
(personally) try to push all traffic to www.csulb.edu whenever they 
try to pull csulb.edu. Whether or not this is possible in your 
situation, I do not know. Something like this in the VirtualHost 
config would do it.


RewriteCond %{HTTP_HOST} !^www\.csulb\.edu$ [NC]
RewriteRule ^/(.*)$ http://www.csulb.edu/$1 [R=permanent]

This would make sure that requests for any pages are always going 
through www.csulb.edu (as opposed to csulb.edu or any other 
ServerAlias setting).



Would this affect sites like cota.csulb.edu?

We do make sure that www.cota.csulb.edu and cota.csulb.edu are both 
valid.


If you have more (sub)domains that point to the same virtualhost, then 
you won't be able to use the above directive as-is, since it's designed 
to funnel ALL requests through www.csulb.edu. It's mainly designed for 
sites that have a handful of alias domains, but only one primary domain. 
The redirect makes sure all traffic see the same domain in the URL (and 
it also aids in generating traffic statistics when different domains are 
treated as different sites to the outside world).


If you only have a small handful of domains that should be left alone, 
you can put some exceptions in the rules, like this:


# leave these domains alone
RewriteCond %{HTTP_HOST} ^www\.cota\.csulb\.edu$ [NC,OR]
RewriteCond %{HTTP_HOST} ^cota\.csulb\.edu$ [NC]
RewriteRule . - [L]

# push everyone else to www.csulb.edu
RewriteCond %{HTTP_HOST} !^www\.csulb\.edu$ [NC]
RewriteRule ^/(.*) http://www.csulb.edu/$1 [R=permanent,L]

FWIW, I tried visiting the test pages you mentioned above, and both 
of them actually pushed me to https. Have you cleared your cache to 
make sure the browser isn't trying to do something weird by caching 
the previous response it received?
that's odd.. .I did refresh my browser and like you said, it started 
working.  I did still use your version as it has some definite 
advantages.


Thanks for your help!!
Mike


Good to hear it's working now.

--
Justin Pasher

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Apache Http sticky session problem.

[Rafael Genovez Idalgo]

Hi. Here is your answer (I think hehe :-))

"workers.properties" of apache:
===
worker.list=bal1,stat1

worker.Tomcat61.type=ajp13
worker.Tomcat61.host=172.28.11.4
worker.Tomcat61.port=8009
worker.Tomcat61.lbfactor=10
worker.Tomcat61.connect_timeout=1
worker.Tomcat61.prepost_timeout=1
worker.Tomcat61.socket_timeout=10
worker.Tomcat61.connection_pool_timeout=30 # here in seconds <=> tomcat's
server.xml -> connectionTimeout=3 ms

worker.Tomcat62.type=ajp13
worker.Tomcat62.host=172.28.11.4
worker.Tomcat62.port=8010
worker.Tomcat62.lbfactor=10
worker.Tomcat62.connect_timeout=1
worker.Tomcat62.prepost_timeout=1
worker.Tomcat62.socket_timeout=10
worker.Tomcat62.connection_pool_timeout=30 

worker.bal1.type=lb
worker.bal1.sticky_session=1
worker.bal1.balance_workers=Tomcat61,Tomcat62
worker.bal1.method=S # but already is the default...

worker.stat1.type=status
===

I hope this can help. By.
:-) Rafael.


amie.lahey wrote:
> 
> Hi All,
> 
> I need a urgent help with apache tomcat load balancing:
> I have configured Apache 2.2 with multiple tomcat 6 service instances to
> achieve load balancing. But I am unable to maintain sticky session . The
> application that I am using has to maintain sessions.
> But this not happening .When I login the request is JSP so it does to the
> first Tomcat after login when I click on any link it goes to the second
> Tomcat and I get a session timeout.
> 
> This how mow wrokers.properties look like:
> 
> Workers.Properties file
> 
> 
> worker.list=bal1,stat1
> worker.Tomcat6_1.type=ajp13
> worker.Tomcat6_1.host=172.28.11.4
> worker.Tomcat6_1.port=8009
> worker.Tomcat6_1.sticky_session=True
> worker.Tomcat6_1.method=Session
> worker.Tomcat6_1.lbfactor=10
> worker.Tomcat6_2.type=ajp13
> worker.Tomcat6_2.host=172.28.11.4
> worker.Tomcat6_2.port=8010
> worker.Tomcat6_2.sticky_session=True
> worker.Tomcat6_1.method=Session
> worker.Tomcat6_2.lbfactor=10
> worker.bal1.type=lb
> worker.bal1.sticky_session=True
> worker.bal1.balance_workers=Tomcat6_1,Tomcat6_2
> worker.bal1.method=Session
> worker.stat1.type=status
> 
> I have specified the jvm route too in tomcat insatnces server.xml.
> 
> Can anyone help?
> As after speciefying the sticky session, I am able to login to my
> application but if i do it more that 2-3 times...it doesn't redirect me to
> the application.
> 
> I get this eoor msg in tomcat logs:
> javax.faces.application.ViewExpiredException: viewId:/login.lahey - View
> /login.lahey could not be restored.
>   at
> com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:206)
>   at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:266)
>   at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:132)
>   at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
>   at
> org.lahey.webapps.controller.ECMSFacesServlet.service(ECMSFacesServlet.java:47)
>   at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>   at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>   at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>   at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
>   at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
>   at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>   at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>   at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:563)
>   at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>   at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263)
>   at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
>   at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
>   at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
>   at
> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
>   at
> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)
>   at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
>   at java.lang.Thread.run(Thread.java:595)
> 

-- 
View this message in context: 
http://www.nabble.com/Apache-Http-sticky-session-problem.-tp18877839p19743819.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Mod_Proxy and 100-Continue

[Nick Kew]

On Tue, 30 Sep 2008 09:50:00 -0400
"Tom Wells" <[EMAIL PROTECTED]> wrote:


>   ServerName munchkin.synthesis.co.za
>   Header add Set-Cookie "MOD_PROXY_FOOD=FOO;" early

Why?

The "early" keyword exists to help developers simulate
a request, for example when debugging a new module.
Perhaps it should've remained undocumented.


>  Also (as far as I understand) modproxy
> should try to preserve any headers already set before processing by
> merging the headers before and after processing (especially any
> Set-Cookie headers).

HTTP has no provision for a proxy to set an end-to-end header
such as Set-Cookie - only how it should deal with headers set by
the backend.  mod_headers isn't part of the protocol implementation;
it's a convenience for users who want to change the default behaviour.

> Maybe this is normal modproxy behaviour, I can't be certain, but
> reading through some of mod_proxy_http.c seems to show that this is
> the intention. However I was able to test this on another Apache
> instance running 2.2.4 and modproxy retains both cookies in both
> cases. So either this is a bug in 2.2.9 or it's a bug that was fixed
> since 2.2.4.

It's probably a side-effect of fixing 
https://issues.apache.org/bugzilla/show_bug.cgi?id=16518
and associated improvements.

But it's not a bug now, nor was it before.  If you want to set
a header with predictable behaviour, don't use "early".

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Writing too much to stderr kill apache 2.2.9 on windows

[Artem Kuchin]

Hello!

Windows 2003, Apache 2.2.9, active state perl.
There is a huge script which does a lot of data
manip and working with mysql.  Suddenly, when number of
products in orders grew it stopped working.
The script's perl precess was in the memory, but
there were no lines in access log or error log AT ALL.

After 2 days of figuring out what was going on we discovered that
too many warn were stopping the process. We deleted  warn
statements and it started to work again.

It work before because there not too many products in orders
and since warn is in the loop the overall warn ouput was
with some kind of limit. After number of products grew the
warn output grew a lot more and everything stopped.

The weird thing is that is such case there is no record in the
access log and not even a part of warn output. So, i thinks,
that apache under windows writes all logs in a bufferred manner
and only after cgi script finished.  I guess too many warn
statements fill up that stderr buffer and after that script waits for the
buffer to become free and apache does not free it.

This seems to be a terrible feature for debugging process.
Any comments?

--
Artem


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines

[jg6789]

listens on 80 then port 443. Yes I am using public ip address to connect via 
browser. and port forwarding is forwarding to the local ip 192.168.x.x


- Original Message - 
From: "Brian Mearns" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, September 30, 2008 4:28 AM
Subject: Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines



Not sure what the default xampp setup is, but look for the Listen
directive to verify which ports apache is actually listening on, and
make sure those are forwarded.

Also, I'm not sure how much you know about networks (so pardon me if
you consider this suggestion offensive): are you connecting to your
router's public IP address, or your system's local address? If you got
the ip address from something like ipconfig, then it's the local
address. If it's something like 192.168.x.x, it's a local address. To
get the public address, you can go to a site like
whatismyipaddress.com.

Best of luck
-Brian

On Mon, Sep 29, 2008 at 10:05 PM, Nilesh Govindrajan <[EMAIL PROTECTED]> 
wrote:

check the logs

On Tue, Sep 30, 2008 at 4:48 AM, <[EMAIL PROTECTED]> wrote:


Ok done all the research I can, time for some collaboration.

New Server apache 2.5

apache running default configuration xampp/htdocs/index.html

http://localhost and http://ipaddress works great.

outside machines cannot connect to http://ipaddress

main gateway and routers have been forwarded from port 80 and port 443 
as
apache suggests, to the machines ip address. no machines outside the 
network

can connect. Firewalls are temporarily off.

is there anything in the httpd file or apache that needs to be changed 
in

order to display a webpage via the web?

Jay



--
Nilesh Govindrajan ([EMAIL PROTECTED])

iTech7 Site and Server Administrator

www.itech7.com



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Tomcat Issue

[Mohit Anchlia]

Thanks. I subscribed to tomcat email list

On Tue, Sep 30, 2008 at 12:27 AM, André Warnier <[EMAIL PROTECTED]> wrote:
> Mohit Anchlia wrote:
>>
>> I wasn't able to find appropriate forum for Tomcat. I thought I'll
>> check if this is right place.
>>
> It is not.
> Tomcat's list is here : [EMAIL PROTECTED]
>
>> I am using tomcat as my web and app server. I need to rewrite URL just
>> like mod_rewrite in apache. Is that possible to do that in tomcat.
>>
> Look here for a nice functionally similar add-on module for Tomcat :
> http://www.tuckey.org
> and check UrlRewriteFilter.
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>  "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines

[jg6789]

Should I change following below for my ip to be reached? The port forwarding 
instructions on apaches website says to forward port 443(in router) to my ip 
and all should be fine. Someone mentioned to edit this httpd statement 
below. If that is true then would I have it listen on port 443 as apache 
says or have it listen on my ip?


# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
Listen 80



- Original Message - 
From: "Brian Mearns" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, September 30, 2008 4:28 AM
Subject: Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines



Not sure what the default xampp setup is, but look for the Listen
directive to verify which ports apache is actually listening on, and
make sure those are forwarded.

Also, I'm not sure how much you know about networks (so pardon me if
you consider this suggestion offensive): are you connecting to your
router's public IP address, or your system's local address? If you got
the ip address from something like ipconfig, then it's the local
address. If it's something like 192.168.x.x, it's a local address. To
get the public address, you can go to a site like
whatismyipaddress.com.

Best of luck
-Brian

On Mon, Sep 29, 2008 at 10:05 PM, Nilesh Govindrajan <[EMAIL PROTECTED]> 
wrote:

check the logs

On Tue, Sep 30, 2008 at 4:48 AM, <[EMAIL PROTECTED]> wrote:


Ok done all the research I can, time for some collaboration.

New Server apache 2.5

apache running default configuration xampp/htdocs/index.html

http://localhost and http://ipaddress works great.

outside machines cannot connect to http://ipaddress

main gateway and routers have been forwarded from port 80 and port 443 
as
apache suggests, to the machines ip address. no machines outside the 
network

can connect. Firewalls are temporarily off.

is there anything in the httpd file or apache that needs to be changed 
in

order to display a webpage via the web?

Jay



--
Nilesh Govindrajan ([EMAIL PROTECTED])

iTech7 Site and Server Administrator

www.itech7.com



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] SSl question

[manning allan]

I have apache set up on my home PC. I handle many domains, many of which are
websites located on Tripod or Geocities, and I am just effectively
forwarding the name to the current location.

I have edited my http.conf to direct the various domain names to various
folders in my httdocs folder, where they are then redirected (and set to
only show the original address in the bar).

 

My question is, I have a site I am working on that will be a secured site.
It is currently on a secured server, but my home PC is not. I need to show
my employer a fully functional website before they will release the funds to
rent my own server and set it up for SSL. Can I set up my home PC to receive
the https://www.domain.com   and then redirect it
to the secured server, without making all of my other domains require the
https?

 

Thanks

 

Allan Manning

MIS

Employee Health & Safety Rep (certified)

TG Minto Corporation

300 Toronto St.

Palmerston, Ont.,

N0G 2P0

(519) 417-2249 Direct Line

(519) 343-2800 Ext.2249

(519) 343-3200 Fax

TG VoIP 676-2249

 

Re: [EMAIL PROTECTED] Mod_Proxy and 100-Continue

[Tom Wells]

On Tue, Sep 30, 2008 at 11:00 AM, Nick Kew <[EMAIL PROTECTED]> wrote:
> On Tue, 30 Sep 2008 09:50:00 -0400
> "Tom Wells" <[EMAIL PROTECTED]> wrote:
>
>
> The "early" keyword exists to help developers simulate
> a request, for example when debugging a new module.
> Perhaps it should've remained undocumented.

Exactly - and I've used it for debugging!

Maybe I should have explained my real situation which sent me down
this road, I know this is a busy list so I didn't want to bore people
:) I've developed a mod_python module which hooks into the authen and
authz Apache handlers in order to provide a common authentication and
security module in front of a set of back-end webservers. So requests
come into the Apache machine, my handlers do some fancy cookie
checking and updating and either allow the request to continue
processing (and onto the back-end webserver via modproxy) or respond
with a redirect (to get rid of a not logged in user, or a bad cookie
or whatever). This means we have a single "logical" session and
multiple disparate webservers in the back, which is nice.

So in the "real" app I don't actually use mod_header for anything, I
just used it to demonstrate the issue I was having with mod_proxy (and
thus remove any 3rd party dependencies such as mod_python and my
custom module from the mix). In my "real" app I set the Set-Cookie
header within a mod_python structure called req.headers_out, which
marshals to the Apache r->headers_out structure. Sorry to cause any
confusion here.

> HTTP has no provision for a proxy to set an end-to-end header
> such as Set-Cookie - only how it should deal with headers set by
> the backend.  mod_headers isn't part of the protocol implementation;
> it's a convenience for users who want to change the default behaviour.

Ok I understand this - but modproxy does seem to provide this
behaviour, which is great, but differs between 2.2.4 and 2.2.9 when
dealing with 100-Continue responses.

> But it's not a bug now, nor was it before.  If you want to set
> a header with predictable behaviour, don't use "early".

Maybe it's not a bug, but it certainly is inconsistent - and certainly
something has has changed between the versions - so I wanted to
highlight this. In the meantime however we have worked around this
issue by stripping the "Expect: 100-Continue" from any inbound POSTs
before the request is processed by modproxy. This works OK as I assume
our clients don't really care about the "HTTP/1.1 100 Continue" before
sending their POST body - but we have tested this only with a C# .NET
client.

-- 
http://www.tomwells.org

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] problem with cgi functionality

[Nilesh Govindrajan]

On Tuesday 30 September 2008 08:03:15 pm Mohan gupta wrote:
> hello everyone,
> i am very new to apache and tried using it ,but my problem is
>
> i have cgi script written in c++ which outputs a perfect xhtml code
> and i also output the content type declaration at the start i.e before
> " the browser as a result of an action it displays the exact xhtml code
> without actually formating it (i mean it shows all tags also like " xml " etc) and yes the line content-type:text/html is not
> displayed .
> what is going wrong ,i tried a lot but couldn't find any solution to
> this .
> i use apache on fedora core8 .
> thank you
> Mohan gupta

there is some problem with the content-type declaration as when I tried it 
with a C program, i wrote Content-Type: text/html in the first printf 
statement.

further statements were treated as html by the browser i.e. bold appeared 
bold.

try with a HTML program instead of XHTML one.


signature.asc
Description: This is a digitally signed message part.

Re: [EMAIL PROTECTED] SSl question

[Nilesh Govindrajan]

On Tuesday 30 September 2008 09:04:55 pm manning allan wrote:
> I have apache set up on my home PC. I handle many domains, many of which
> are websites located on Tripod or Geocities, and I am just effectively
> forwarding the name to the current location.
>
> I have edited my http.conf to direct the various domain names to various
> folders in my httdocs folder, where they are then redirected (and set to
> only show the original address in the bar).
>
>
>
> My question is, I have a site I am working on that will be a secured site.
> It is currently on a secured server, but my home PC is not. I need to show
> my employer a fully functional website before they will release the funds
> to rent my own server and set it up for SSL. Can I set up my home PC to
> receive the https://www.domain.com   and then
> redirect it to the secured server, without making all of my other domains
> require the https?
>
>
>
> Thanks
>
>
>
> Allan Manning
>
> MIS
>
> Employee Health & Safety Rep (certified)
>
> TG Minto Corporation
>
> 300 Toronto St.
>
> Palmerston, Ont.,
>
> N0G 2P0
>
> (519) 417-2249 Direct Line
>
> (519) 343-2800 Ext.2249
>
> (519) 343-3200 Fax
>
> TG VoIP 676-2249

Yes you can, but you need a SSL certificate for that. Well, you can generate 
one signed by yourself using genkey command (crypto-utils package) but the 
browser will warn the user about the self-signed certificate.


signature.asc
Description: This is a digitally signed message part.

Re: [EMAIL PROTECTED] SSl question

[J. Greenlees]

Nilesh Govindrajan wrote:

On Tuesday 30 September 2008 09:04:55 pm manning allan wrote:
  

I have apache set up on my home PC. I handle many domains, many of which
are websites located on Tripod or Geocities, and I am just effectively
forwarding the name to the current location.

I have edited my http.conf to direct the various domain names to various
folders in my httdocs folder, where they are then redirected (and set to
only show the original address in the bar).



My question is, I have a site I am working on that will be a secured site.
It is currently on a secured server, but my home PC is not. I need to show
my employer a fully functional website before they will release the funds
to rent my own server and set it up for SSL. Can I set up my home PC to
receive the https://www.domain.com   and then
redirect it to the secured server, without making all of my other domains
require the https?



Thanks



Allan Manning

MIS

Employee Health & Safety Rep (certified)

TG Minto Corporation

300 Toronto St.

Palmerston, Ont.,

N0G 2P0

(519) 417-2249 Direct Line

(519) 343-2800 Ext.2249

(519) 343-3200 Fax

TG VoIP 676-2249



Yes you can, but you need a SSL certificate for that. Well, you can generate 
one signed by yourself using genkey command (crypto-utils package) but the 
browser will warn the user about the self-signed certificate.
  

also, Firefox 3 gets nasty about adding a self signed cert.
Aparently the Firefox developers hate self signed certs and have made it 
harder to get one installed into the browser's list.
I don't use Firefox, so this is not something I have seen myself, but it 
was discussed on an article discussion about certificates on CBS 
Interactive's techrepublic.com


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] SSl question

[manning allan]

Allan Manning
MIS
Employee Health & Safety Rep (certified)
TG Minto Corporation
300 Toronto St.
Palmerston, Ont.,
N0G 2P0
(519) 417-2249 Direct Line
(519) 343-2800 Ext.2249
(519) 343-3200 Fax
TG VoIP 676-2249

-Original Message-
From: J. Greenlees [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, September 30, 2008 1:01 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] SSl question

Nilesh Govindrajan wrote:
> On Tuesday 30 September 2008 09:04:55 pm manning allan wrote:
>   
>> I have apache set up on my home PC. I handle many domains, many of which
>> are websites located on Tripod or Geocities, and I am just effectively
>> forwarding the name to the current location.
>>
>> I have edited my http.conf to direct the various domain names to various
>> folders in my httdocs folder, where they are then redirected (and set to
>> only show the original address in the bar).
>>
>>
>>
>> My question is, I have a site I am working on that will be a secured
site.
>> It is currently on a secured server, but my home PC is not. I need to
show
>> my employer a fully functional website before they will release the funds
>> to rent my own server and set it up for SSL. Can I set up my home PC to
>> receive the https://www.domain.com   and then
>> redirect it to the secured server, without making all of my other domains
>> require the https?
>>
>>
>>
>> Thanks
>>
>>
>>
>> Allan Manning
>>
>> MIS
>>
>> Employee Health & Safety Rep (certified)
>>
>> TG Minto Corporation
>>
>> 300 Toronto St.
>>
>> Palmerston, Ont.,
>>
>> N0G 2P0
>>
>> (519) 417-2249 Direct Line
>>
>> (519) 343-2800 Ext.2249
>>
>> (519) 343-3200 Fax
>>
>> TG VoIP 676-2249
>> 
>
> Yes you can, but you need a SSL certificate for that. Well, you can
generate 
> one signed by yourself using genkey command (crypto-utils package) but the

> browser will warn the user about the self-signed certificate.
>   
also, Firefox 3 gets nasty about adding a self signed cert.
Aparently the Firefox developers hate self signed certs and have made it 
harder to get one installed into the browser's list.
I don't use Firefox, so this is not something I have seen myself, but it 
was discussed on an article discussion about certificates on CBS 
Interactive's techrepublic.com


OK, but I want to make it so that if I input http:// into the address bar,
it tells me I have to use https:// 
I also would like to be able to use http:// for the other domains I use.
Do I have to make a fancy entry into the httpd.conf file?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Question about SSL and Apache and a certificate error

[Mike Soultanian]

Justin Pasher wrote:
If you have more (sub)domains that point to the same virtualhost, then 
you won't be able to use the above directive as-is, since it's 
designed to funnel ALL requests through www.csulb.edu. It's mainly 
designed for sites that have a handful of alias domains, but only one 
primary domain. The redirect makes sure all traffic see the same 
domain in the URL (and it also aids in generating traffic statistics 
when different domains are treated as different sites to the outside 
world).


If you only have a small handful of domains that should be left alone, 
you can put some exceptions in the rules, like this:


# leave these domains alone
RewriteCond %{HTTP_HOST} ^www\.cota\.csulb\.edu$ [NC,OR]
RewriteCond %{HTTP_HOST} ^cota\.csulb\.edu$ [NC]
RewriteRule . - [L]

# push everyone else to www.csulb.edu
RewriteCond %{HTTP_HOST} !^www\.csulb\.edu$ [NC]
RewriteRule ^/(.*) http://www.csulb.edu/$1 [R=permanent,L]


Hey Justin,
I'll forward this over to our admins and see what they think.  I 
appreciate all of your help!!


thanks!
Mike

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] mod_auth_ldap

[Sheryl]

>> Are you aware that there is no such module in 2.2.x?  Most of the auth
>> modules were renamed.  You probably want to load mod_ldap and
>> mod_authnz_ldap.
>>
> No I was not aware.  Thank you.  However I am still out of luck as there
> is no module with "*ldap*" in the name.  :(

Did you add the flags

--enable-ldap --enable-authnz-ldap --with-ldap

to your configure?  Something that is poorly documented is that
apr/apr-util can require flags that apache itself doesn't.

You might need the following if the configure process can't find ldap.

  --with-ldap-include=path  path to ldap include files with trailing slash
  --with-ldap-lib=pathpath to ldap lib file
  --with-ldap=library ldap library to use

Also, check the output to see if configure is finding your ldap libraries.
 To get back basics even more, you need to be sure that you have the ldap
headers and libraries installed.  On linux RPM systems, there's usually an
ldap-devel package you have to install in addition to ldap so you can
compile programs to use the libraries.

Good luck,

Sheryl

>
> Thanks,
>
> Drew
>
> --
> Be a Great Magician!
> Visit The Alchemist's Warehouse
>
> http://www.alchemistswarehouse.com
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] SSl question

[J. Greenlees]

manning allan wrote:


OK, but I want to make it so that if I input http:// into the address 
bar, it tells me I have to use https://

I also would like to be able to use http:// for the other domains I use.
Do I have to make a fancy entry into the httpd.conf file?



yup.
the virtual host you want to require https needs to ONLY be defined for 
https
and adding https to virutal osts is a well covered subject both in the 
list archives and the documentation.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Mod_Proxy and 100-Continue

[Nick Kew]

On Tue, 30 Sep 2008 12:00:56 -0400
"Tom Wells" <[EMAIL PROTECTED]> wrote:

> Maybe it's not a bug, but it certainly is inconsistent - and certainly
> something has has changed between the versions - so I wanted to
> highlight this.

You're right.  Sorry if I came across a bit grumpy.

Anyway, I think that change will have come between 2.2.6 and 2.2.7.

>In the meantime however we have worked around this

:-)

> issue by stripping the "Expect: 100-Continue" from any inbound POSTs
> before the request is processed by modproxy. This works OK as I assume
> our clients don't really care about the "HTTP/1.1 100 Continue" before
> sending their POST body - but we have tested this only with a C# .NET
> client.

That's section 8.2.3 of RFC2616.  But anyway, I don't see why
use the early keyword.

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Mod_Proxy and 100-Continue

[Tom Wells]

On Tue, Sep 30, 2008 at 1:48 PM, Nick Kew <[EMAIL PROTECTED]> wrote:

> That's section 8.2.3 of RFC2616.  But anyway, I don't see why
> use the early keyword.

As mentioned earlier, I'm not actually using mod_headers or the early
keyword at all, I was using it to demonstrate the issue with
mod_proxy. The issue is that modproxy doesn't merge headers_out with
the proxy response from the backend correctly in the 100-Continue
situation, setting an early cookie using mod_headers was how I was
able to reproduce the problem without using mod_python, so that we
could strike it off the blame-list.

I still think it's a bug - mod_proxy must have a requirement somewhere
which says "merge headers from the backend response with the headers
that were set before the request was made", because this is what it
does in the general case. If modproxy didn't have this requirement it
wouldn't even attempt it, because I can understand it's not an easy
feat. But the fact remains that modproxy doesn't work like this 100%
of the time, and in my opinion screws up when it gets a "100 Continue"
response from the back-end. I call fishy! :)

Thanks!
Tom
-- 
http://www.tomwells.org

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] SSl question

[manning allan]

Where is the list archives, I have searched the documentation (2.2) and can
find how to create virtual hosts (which I have already done) but not how to
add https to a virtual host, can you direct me to the archives

Allan Manning
MIS
Employee Health & Safety Rep (certified)
TG Minto Corporation
300 Toronto St.
Palmerston, Ont.,
N0G 2P0
(519) 417-2249 Direct Line
(519) 343-2800 Ext.2249
(519) 343-3200 Fax
TG VoIP 676-2249

-Original Message-
From: J. Greenlees [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, September 30, 2008 1:36 PM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] SSl question

manning allan wrote:
>
> OK, but I want to make it so that if I input http:// into the address 
> bar, it tells me I have to use https://
> I also would like to be able to use http:// for the other domains I use.
> Do I have to make a fancy entry into the httpd.conf file?
>

yup.
the virtual host you want to require https needs to ONLY be defined for 
https
and adding https to virutal osts is a well covered subject both in the 
list archives and the documentation.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jwberger]

I am novice when it comes to Apache.  I have installed 2.2.9 on a Windows
2003 server and can get it to run fine.  The server has one NIC with three
IP addresses bound to it.  In installed Apache as a Windows service and
edited the httpd.conf file so that the server listened on port 8080.  I
would like each IP address to run a different site on port 8080 and I would
like each site to have its own Windows service so that I can individually
shut down a site.  Is this possible?  It seems like if I start just one
service I can hit each IP at port 8080 and they all work.  Can you assist me
in what I am doing wrong.
-- 
View this message in context: 
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines

[Brian Mearns]

Okay, I'm not sure who's question I'm answering any more, but I'll try
to explain:

/Standard/ usage of port 80 is for standard (unencrypted) http, where
as 443 is typically used for secure http (https://...). If you tell
you web browser to go to an address without explicitly specifying a
port, it will assume 80 for http and 443 for https.

That said, your apache server can listen on any available port.
Additionally, apache only manages a port with secure http if you've
set it up to do so (or the default is set up to do so, which could be
with xampp, though I'd be a little surprised). So if you don't have
https set up in apache, and you connect to port 443, it's just regular
http.

Regardless of whether it is for secure http or not, you need to have
any port that you want apache listening to explicitly given in a
Listen directive, like the 'Listen 80' shown below. As far as I know,
you need a separate Listen directive for each port. Furthermore, if
you have multiple network interfaces on your system (i.e., multiple IP
addresses), you can explicitly tell it which interface/ip-address to
listen on for each Listen directive, like 'Listen: 192.168.0.1:80'.
Without an IP address, it will listen to the specified port on all
available interfaces.

So whatever ports you want to be able to access your site via need to
be setup with a Listen directive, AND need to be forwarded to the
server-machine through any routers and firewalls between you and your
intended audience (i.e., the Internet).

The canonical unsecured (non-https) setup would be 'Listen 80' to
listen to port 80 on all available network interfaces, and to forward
incoming port 80 to port 80 (i.e., straight through) on the server
machine from all routers/firewalls.

For debugging, first see if you can connect to your site from the
server machine with http://localhost, or if you used some port besides
80, do http://localhost: (there's a colon between localhost and
the port, if you can't tell). If you're able to connect, then your
apache is most likely set up.

Next, if you want to be able to connect to your machine from elsewhere
on the Internet, you'll need to use your LAN's public IP. Again, you
can get this by going to whatismyipaddress.com from your server
machine. If you're behind a router or firewall, then the address you
get from ipconfig or ifconfig is not the public address and won't work
outside your LAN.

A final note, many ISPs block port 80 for residential clients. If
you're able to connect locally, but not remotely, try /adding/ a new
Listen directive, say 'Listen 8080' and forward the new port as well,
then try connecting remotely with http://localhost:8080. If you're
able to do that, then it probably means port 80 is blocked. There's
really no work around for this: you'll have to either upgrade your ISP
services, get a new ISP that doesn't block, or just plan to always
have people specify the port number in the address. If you have to
work on a non-standard port, 8080 is a common alternate HTTP port, so
it's probably a safe bet. Using non-standard ports like 81 or 89 will
increase the likelihood that other people won't be able to connect:
many office and university networks limit the ports their users can
connect to, figuring that they only have legitimate business
connecting to a handful of standard ports like web and email.

-Brian

On Tue, Sep 30, 2008 at 11:24 AM,  <[EMAIL PROTECTED]> wrote:
> Should I change following below for my ip to be reached? The port forwarding
> instructions on apaches website says to forward port 443(in router) to my ip
> and all should be fine. Someone mentioned to edit this httpd statement
> below. If that is true then would I have it listen on port 443 as apache
> says or have it listen on my ip?
>
> # Change this to Listen on specific IP addresses as shown below to
> # prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
> #
> #Listen 12.34.56.78:80
> Listen 80
>
>
>
> - Original Message - From: "Brian Mearns" <[EMAIL PROTECTED]>
> To: 
> Sent: Tuesday, September 30, 2008 4:28 AM
> Subject: Re: [EMAIL PROTECTED] Cannot connect to apache from outside machines
>
>
>> Not sure what the default xampp setup is, but look for the Listen
>> directive to verify which ports apache is actually listening on, and
>> make sure those are forwarded.
>>
>> Also, I'm not sure how much you know about networks (so pardon me if
>> you consider this suggestion offensive): are you connecting to your
>> router's public IP address, or your system's local address? If you got
>> the ip address from something like ipconfig, then it's the local
>> address. If it's something like 192.168.x.x, it's a local address. To
>> get the public address, you can go to a site like
>> whatismyipaddress.com.
>>
>> Best of luck
>> -Brian
>>
>> On Mon, Sep 29, 2008 at 10:05 PM, Nilesh Govindrajan <[EMAIL PROTECTED]>
>> wrote:
>>>
>>> check the logs
>>>
>>> On Tue, Sep 30, 2008 at 4:48 AM, <[EMAIL PROTECTED]> wrote:

 Ok 

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Brian Mearns]

You /can/ run multiple sites from different IP addresses on the same
or different ports, using virtual hosts, which are well documented in
apache. It basically just allows you to use custom configurations
depending on which IP address is accessed. So for instance, you could
have a different DocumentRoot for each ip address, which will quite
effectively give you different sites.

Do you actually have different network interfaces for each ip address?
Or do they all map to the same interface? If they're distinct
interfaces, I don't see any reason you couldn't set up a different
service for each one, but then again, I have no idea how to do it. If
they're all just a single network interface, then I'm pretty certain
it's not possible. This would pretty much defeat the purpose of a
port, which is to map a specific network connection to a specific
process.

But it sounds like virtual hosts might be sufficient for what you
need. You don't actually need different apache services to run
different sites at the same time.

Hope that helps.
-Brian

On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]> wrote:
>
> I am novice when it comes to Apache.  I have installed 2.2.9 on a Windows
> 2003 server and can get it to run fine.  The server has one NIC with three
> IP addresses bound to it.  In installed Apache as a Windows service and
> edited the httpd.conf file so that the server listened on port 8080.  I
> would like each IP address to run a different site on port 8080 and I would
> like each site to have its own Windows service so that I can individually
> shut down a site.  Is this possible?  It seems like if I start just one
> service I can hit each IP at port 8080 and they all work.  Can you assist me
> in what I am doing wrong.
> --
> View this message in context: 
> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
> Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>   "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jwberger]

They are bound to one interface.  I did see all the info on the Virtual host
and got it working.  My issue is that since they are different sites, if I
do maintenance on one site and have to stop the service then all sites are
down and I cannot have that. This is why I was trying to setup different
services.  Also I am limited to port 8080 because we will be using the BEA
Weblogic Plug-in to proxy back to our WL servers and we have established
only port 8080 is allowed to come through our firewall to talk to the WL
servers.

John


Brian Mearns-2 wrote:
> 
> You /can/ run multiple sites from different IP addresses on the same
> or different ports, using virtual hosts, which are well documented in
> apache. It basically just allows you to use custom configurations
> depending on which IP address is accessed. So for instance, you could
> have a different DocumentRoot for each ip address, which will quite
> effectively give you different sites.
> 
> Do you actually have different network interfaces for each ip address?
> Or do they all map to the same interface? If they're distinct
> interfaces, I don't see any reason you couldn't set up a different
> service for each one, but then again, I have no idea how to do it. If
> they're all just a single network interface, then I'm pretty certain
> it's not possible. This would pretty much defeat the purpose of a
> port, which is to map a specific network connection to a specific
> process.
> 
> But it sounds like virtual hosts might be sufficient for what you
> need. You don't actually need different apache services to run
> different sites at the same time.
> 
> Hope that helps.
> -Brian
> 
> On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]> wrote:
>>
>> I am novice when it comes to Apache.  I have installed 2.2.9 on a Windows
>> 2003 server and can get it to run fine.  The server has one NIC with
>> three
>> IP addresses bound to it.  In installed Apache as a Windows service and
>> edited the httpd.conf file so that the server listened on port 8080.  I
>> would like each IP address to run a different site on port 8080 and I
>> would
>> like each site to have its own Windows service so that I can individually
>> shut down a site.  Is this possible?  It seems like if I start just one
>> service I can hit each IP at port 8080 and they all work.  Can you assist
>> me
>> in what I am doing wrong.
>> --
>> View this message in context:
>> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
>> Sent from the Apache HTTP Server - Users mailing list archive at
>> Nabble.com.
>>
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>   "   from the digest: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
> 
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Brian Mearns]

I see your issue. To the best of my knowledge, it just isn't possible.
Like I said, a port maps a connection on an interface to a process:
the OS has no way of knowing how to pick a process other than that.
The only possible workaround I can think of would be a bit of a
doozie: you could write your own sockets application to listen to port
8080, extract the destination IP address from the IP packet, and then
forward it along to another process. It actually might not be that
hard: you would set up each instance of apache to listen on a
different port which only needs to be open locally, and then your
multiplexing application could forward it to a specific port.

On the other hand, you might be able to set up a "sandbox" apache
server that listens on a different port, and do all your testing on
that. Then when you're confident any maintenece changes you've made
are correct, copy the changes to your real server, and do a quick
restart. It only takes a few seconds for the apache server to restart:
is that too long to keep all your sites down?

-Brian

On Tue, Sep 30, 2008 at 3:55 PM, jwberger <[EMAIL PROTECTED]> wrote:
>
> They are bound to one interface.  I did see all the info on the Virtual host
> and got it working.  My issue is that since they are different sites, if I
> do maintenance on one site and have to stop the service then all sites are
> down and I cannot have that. This is why I was trying to setup different
> services.  Also I am limited to port 8080 because we will be using the BEA
> Weblogic Plug-in to proxy back to our WL servers and we have established
> only port 8080 is allowed to come through our firewall to talk to the WL
> servers.
>
> John
>
>
> Brian Mearns-2 wrote:
>>
>> You /can/ run multiple sites from different IP addresses on the same
>> or different ports, using virtual hosts, which are well documented in
>> apache. It basically just allows you to use custom configurations
>> depending on which IP address is accessed. So for instance, you could
>> have a different DocumentRoot for each ip address, which will quite
>> effectively give you different sites.
>>
>> Do you actually have different network interfaces for each ip address?
>> Or do they all map to the same interface? If they're distinct
>> interfaces, I don't see any reason you couldn't set up a different
>> service for each one, but then again, I have no idea how to do it. If
>> they're all just a single network interface, then I'm pretty certain
>> it's not possible. This would pretty much defeat the purpose of a
>> port, which is to map a specific network connection to a specific
>> process.
>>
>> But it sounds like virtual hosts might be sufficient for what you
>> need. You don't actually need different apache services to run
>> different sites at the same time.
>>
>> Hope that helps.
>> -Brian
>>
>> On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]> wrote:
>>>
>>> I am novice when it comes to Apache.  I have installed 2.2.9 on a Windows
>>> 2003 server and can get it to run fine.  The server has one NIC with
>>> three
>>> IP addresses bound to it.  In installed Apache as a Windows service and
>>> edited the httpd.conf file so that the server listened on port 8080.  I
>>> would like each IP address to run a different site on port 8080 and I
>>> would
>>> like each site to have its own Windows service so that I can individually
>>> shut down a site.  Is this possible?  It seems like if I start just one
>>> service I can hit each IP at port 8080 and they all work.  Can you assist
>>> me
>>> in what I am doing wrong.
>>> --
>>> View this message in context:
>>> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
>>> Sent from the Apache HTTP Server - Users mailing list archive at
>>> Nabble.com.
>>>
>>>
>>> -
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>   "   from the digest: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>"   from the digest: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>>
>
> --
> View this message in context: 
> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html
> Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscrib

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jwberger]

We may be able to get by with the short time Apache restarts, but I wanted to
exhuast all options before going down a certain path.

Thanks for all the help.

John


Brian Mearns-2 wrote:
> 
> I see your issue. To the best of my knowledge, it just isn't possible.
> Like I said, a port maps a connection on an interface to a process:
> the OS has no way of knowing how to pick a process other than that.
> The only possible workaround I can think of would be a bit of a
> doozie: you could write your own sockets application to listen to port
> 8080, extract the destination IP address from the IP packet, and then
> forward it along to another process. It actually might not be that
> hard: you would set up each instance of apache to listen on a
> different port which only needs to be open locally, and then your
> multiplexing application could forward it to a specific port.
> 
> On the other hand, you might be able to set up a "sandbox" apache
> server that listens on a different port, and do all your testing on
> that. Then when you're confident any maintenece changes you've made
> are correct, copy the changes to your real server, and do a quick
> restart. It only takes a few seconds for the apache server to restart:
> is that too long to keep all your sites down?
> 
> -Brian
> 
> On Tue, Sep 30, 2008 at 3:55 PM, jwberger <[EMAIL PROTECTED]> wrote:
>>
>> They are bound to one interface.  I did see all the info on the Virtual
>> host
>> and got it working.  My issue is that since they are different sites, if
>> I
>> do maintenance on one site and have to stop the service then all sites
>> are
>> down and I cannot have that. This is why I was trying to setup different
>> services.  Also I am limited to port 8080 because we will be using the
>> BEA
>> Weblogic Plug-in to proxy back to our WL servers and we have established
>> only port 8080 is allowed to come through our firewall to talk to the WL
>> servers.
>>
>> John
>>
>>
>> Brian Mearns-2 wrote:
>>>
>>> You /can/ run multiple sites from different IP addresses on the same
>>> or different ports, using virtual hosts, which are well documented in
>>> apache. It basically just allows you to use custom configurations
>>> depending on which IP address is accessed. So for instance, you could
>>> have a different DocumentRoot for each ip address, which will quite
>>> effectively give you different sites.
>>>
>>> Do you actually have different network interfaces for each ip address?
>>> Or do they all map to the same interface? If they're distinct
>>> interfaces, I don't see any reason you couldn't set up a different
>>> service for each one, but then again, I have no idea how to do it. If
>>> they're all just a single network interface, then I'm pretty certain
>>> it's not possible. This would pretty much defeat the purpose of a
>>> port, which is to map a specific network connection to a specific
>>> process.
>>>
>>> But it sounds like virtual hosts might be sufficient for what you
>>> need. You don't actually need different apache services to run
>>> different sites at the same time.
>>>
>>> Hope that helps.
>>> -Brian
>>>
>>> On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]>
>>> wrote:

 I am novice when it comes to Apache.  I have installed 2.2.9 on a
 Windows
 2003 server and can get it to run fine.  The server has one NIC with
 three
 IP addresses bound to it.  In installed Apache as a Windows service and
 edited the httpd.conf file so that the server listened on port 8080.  I
 would like each IP address to run a different site on port 8080 and I
 would
 like each site to have its own Windows service so that I can
 individually
 shut down a site.  Is this possible?  It seems like if I start just one
 service I can hit each IP at port 8080 and they all work.  Can you
 assist
 me
 in what I am doing wrong.
 --
 View this message in context:
 http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
 Sent from the Apache HTTP Server - Users mailing list archive at
 Nabble.com.


 -
 The official User-To-User support forum of the Apache HTTP Server
 Project.
 See http://httpd.apache.org/userslist.html> for more info.
 To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


>>>
>>> -
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>"   from the digest: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/Running-Multiple-Windows-Servi

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[William A. Rowe, Jr.]

jwberger wrote:
> I am novice when it comes to Apache.  I have installed 2.2.9 on a Windows
> 2003 server and can get it to run fine.  The server has one NIC with three
> IP addresses bound to it.  In installed Apache as a Windows service and
> edited the httpd.conf file so that the server listened on port 8080.  I
> would like each IP address to run a different site on port 8080 and I would
> like each site to have its own Windows service so that I can individually
> shut down a site.  Is this possible?  It seems like if I start just one
> service I can hit each IP at port 8080 and they all work.  Can you assist me
> in what I am doing wrong.

You seem to be getting quite a bit of incorrect advise, so I'll hint that
you would need *three* httpd.conf files (different names) that have three
different Listen directives (IP-address:8080), different log file names
(accesslog and errorlog), and different pidfile directives.

Then, see

http://httpd.apache.org/docs/2.2/platform/windows.html#winsvc


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Brian Mearns]

Well look at that. Thanks for correcting me, even if you did it rather
unpleasantly. It's always nice to learn something new. That's why I
try to preface my comments with soft phrases like "to the best of my
knowledge".

-Brian

>
> You seem to be getting quite a bit of incorrect advise, so I'll hint that
> you would need *three* httpd.conf files (different names) that have three
> different Listen directives (IP-address:8080), different log file names
> (accesslog and errorlog), and different pidfile directives.
>
> Then, see
>
> http://httpd.apache.org/docs/2.2/platform/windows.html#winsvc
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>   "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] setting response header based on content type

[Ben Spencer]

Seems I have run into an unique little problem. I am interesting in setting
a response header based on the content-type of the response. This seems like
this should be an head thing with a combination of SetEnvIf and Header,
however, SetEnvIf only looks at request headers, and not the response
headers.

Anyone have a way to set response headers based on the content-type?

This thread seemed to address this "need", but doesn't seem as if it was
ever implemented:
http://mail-archives.apache.org/mod_mbox/httpd-dev/200605.mbox/%3C447325C8.8
[EMAIL PROTECTED]

benji

Benji Spencer
System Administrator

Moody Bible Institute
Phone: 312-329-2288
Fax: 312-329-8961




smime.p7s
Description: S/MIME cryptographic signature

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jg6789]

John,

We too are limited to port 8080. since our ISP blocks port 80. Have you ever 
found a work around for this? We currently have to have our domain 
[sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to work. Now 
users see the ip address in the browser address bar. not good. not good at 
all.


Apache 2.2.9
Linksys Gateway/Router WCG200

Jay

- Original Message - 
From: "jwberger" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, September 30, 2008 12:55 PM
Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080




They are bound to one interface.  I did see all the info on the Virtual 
host

and got it working.  My issue is that since they are different sites, if I
do maintenance on one site and have to stop the service then all sites are
down and I cannot have that. This is why I was trying to setup different
services.  Also I am limited to port 8080 because we will be using the BEA
Weblogic Plug-in to proxy back to our WL servers and we have established
only port 8080 is allowed to come through our firewall to talk to the WL
servers.

John


Brian Mearns-2 wrote:


You /can/ run multiple sites from different IP addresses on the same
or different ports, using virtual hosts, which are well documented in
apache. It basically just allows you to use custom configurations
depending on which IP address is accessed. So for instance, you could
have a different DocumentRoot for each ip address, which will quite
effectively give you different sites.

Do you actually have different network interfaces for each ip address?
Or do they all map to the same interface? If they're distinct
interfaces, I don't see any reason you couldn't set up a different
service for each one, but then again, I have no idea how to do it. If
they're all just a single network interface, then I'm pretty certain
it's not possible. This would pretty much defeat the purpose of a
port, which is to map a specific network connection to a specific
process.

But it sounds like virtual hosts might be sufficient for what you
need. You don't actually need different apache services to run
different sites at the same time.

Hope that helps.
-Brian

On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]> wrote:


I am novice when it comes to Apache.  I have installed 2.2.9 on a 
Windows

2003 server and can get it to run fine.  The server has one NIC with
three
IP addresses bound to it.  In installed Apache as a Windows service and
edited the httpd.conf file so that the server listened on port 8080.  I
would like each IP address to run a different site on port 8080 and I
would
like each site to have its own Windows service so that I can 
individually

shut down a site.  Is this possible?  It seems like if I start just one
service I can hit each IP at port 8080 and they all work.  Can you 
assist

me
in what I am doing wrong.
--
View this message in context:
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
Sent from the Apache HTTP Server - Users mailing list archive at
Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server 
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
View this message in context: 
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html
Sent from the Apache HTTP Server - Users mailing list archive at 
Nabble.com.



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Frank Gingras]

Jay,

A business Internet account would not have that limitation - you might 
even be able to call your ISP to lift this restriction, provided it does 
not breach your contract agreement, and that you can prove that your 
server is secure.


Frank

[EMAIL PROTECTED] wrote:

John,

We too are limited to port 8080. since our ISP blocks port 80. Have 
you ever found a work around for this? We currently have to have our 
domain [sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to 
work. Now users see the ip address in the browser address bar. not 
good. not good at all.


Apache 2.2.9
Linksys Gateway/Router WCG200

Jay

- Original Message - From: "jwberger" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, September 30, 2008 12:55 PM
Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080




They are bound to one interface.  I did see all the info on the 
Virtual host
and got it working.  My issue is that since they are different sites, 
if I
do maintenance on one site and have to stop the service then all 
sites are

down and I cannot have that. This is why I was trying to setup different
services.  Also I am limited to port 8080 because we will be using 
the BEA

Weblogic Plug-in to proxy back to our WL servers and we have established
only port 8080 is allowed to come through our firewall to talk to the WL
servers.

John


Brian Mearns-2 wrote:


You /can/ run multiple sites from different IP addresses on the same
or different ports, using virtual hosts, which are well documented in
apache. It basically just allows you to use custom configurations
depending on which IP address is accessed. So for instance, you could
have a different DocumentRoot for each ip address, which will quite
effectively give you different sites.

Do you actually have different network interfaces for each ip address?
Or do they all map to the same interface? If they're distinct
interfaces, I don't see any reason you couldn't set up a different
service for each one, but then again, I have no idea how to do it. If
they're all just a single network interface, then I'm pretty certain
it's not possible. This would pretty much defeat the purpose of a
port, which is to map a specific network connection to a specific
process.

But it sounds like virtual hosts might be sufficient for what you
need. You don't actually need different apache services to run
different sites at the same time.

Hope that helps.
-Brian

On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]> 
wrote:


I am novice when it comes to Apache.  I have installed 2.2.9 on a 
Windows

2003 server and can get it to run fine.  The server has one NIC with
three
IP addresses bound to it.  In installed Apache as a Windows service 
and
edited the httpd.conf file so that the server listened on port 
8080.  I

would like each IP address to run a different site on port 8080 and I
would
like each site to have its own Windows service so that I can 
individually
shut down a site.  Is this possible?  It seems like if I start just 
one
service I can hit each IP at port 8080 and they all work.  Can you 
assist

me
in what I am doing wrong.
--
View this message in context:
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html 


Sent from the Apache HTTP Server - Users mailing list archive at
Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server 
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
View this message in context: 
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html 

Sent from the Apache HTTP Server - Users mailing list archive at 
Nabble.com.



-
The official User-To-User support forum of the Apache HTTP Server 
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server 
Project.

See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Brian Mearns]

Some ISPs don't block port 80 for residential accounts, either. I'm on
Comcast in the Boston area, and (for now) I've got port 80 free. They
did just start blocking 25, though, so they might be coming for 80
next.

-Brian

On Tue, Sep 30, 2008 at 5:31 PM, Frank Gingras
<[EMAIL PROTECTED]> wrote:
> Jay,
>
> A business Internet account would not have that limitation - you might even
> be able to call your ISP to lift this restriction, provided it does not
> breach your contract agreement, and that you can prove that your server is
> secure.
>
> Frank
>
> [EMAIL PROTECTED] wrote:
>>
>> John,
>>
>> We too are limited to port 8080. since our ISP blocks port 80. Have you
>> ever found a work around for this? We currently have to have our domain
>> [sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to work. Now
>> users see the ip address in the browser address bar. not good. not good at
>> all.
>>
>> Apache 2.2.9
>> Linksys Gateway/Router WCG200
>>
>> Jay
>>
>> - Original Message - From: "jwberger" <[EMAIL PROTECTED]>
>> To: 
>> Sent: Tuesday, September 30, 2008 12:55 PM
>> Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080
>>
>>
>>>
>>> They are bound to one interface.  I did see all the info on the Virtual
>>> host
>>> and got it working.  My issue is that since they are different sites, if
>>> I
>>> do maintenance on one site and have to stop the service then all sites
>>> are
>>> down and I cannot have that. This is why I was trying to setup different
>>> services.  Also I am limited to port 8080 because we will be using the
>>> BEA
>>> Weblogic Plug-in to proxy back to our WL servers and we have established
>>> only port 8080 is allowed to come through our firewall to talk to the WL
>>> servers.
>>>
>>> John
>>>
>>>
>>> Brian Mearns-2 wrote:

 You /can/ run multiple sites from different IP addresses on the same
 or different ports, using virtual hosts, which are well documented in
 apache. It basically just allows you to use custom configurations
 depending on which IP address is accessed. So for instance, you could
 have a different DocumentRoot for each ip address, which will quite
 effectively give you different sites.

 Do you actually have different network interfaces for each ip address?
 Or do they all map to the same interface? If they're distinct
 interfaces, I don't see any reason you couldn't set up a different
 service for each one, but then again, I have no idea how to do it. If
 they're all just a single network interface, then I'm pretty certain
 it's not possible. This would pretty much defeat the purpose of a
 port, which is to map a specific network connection to a specific
 process.

 But it sounds like virtual hosts might be sufficient for what you
 need. You don't actually need different apache services to run
 different sites at the same time.

 Hope that helps.
 -Brian

 On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]>
 wrote:
>
> I am novice when it comes to Apache.  I have installed 2.2.9 on a
> Windows
> 2003 server and can get it to run fine.  The server has one NIC with
> three
> IP addresses bound to it.  In installed Apache as a Windows service and
> edited the httpd.conf file so that the server listened on port 8080.  I
> would like each IP address to run a different site on port 8080 and I
> would
> like each site to have its own Windows service so that I can
> individually
> shut down a site.  Is this possible?  It seems like if I start just one
> service I can hit each IP at port 8080 and they all work.  Can you
> assist
> me
> in what I am doing wrong.
> --
> View this message in context:
>
> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
> Sent from the Apache HTTP Server - Users mailing list archive at
> Nabble.com.
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>  "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

 -
 The official User-To-User support forum of the Apache HTTP Server
 Project.
 See http://httpd.apache.org/userslist.html> for more info.
 To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



>>>
>>> --
>>> View this message in context:
>>> http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html
>>> Sent from the Apache HTTP Server - Users

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[Brian Mearns]

How are you "redirecting" to the IP address? I used to use dyndns.com
for my subdomain name, and I was able to append the port number with
no problem. E.g., my subdomain was something like bmearns.homeip.net,
so I just went to http://bmearns.homeip.net:8080.

Do you not want users to see your IP address for security reasons? Or
just because it's ugly and utterly forgettable? If it's for security
reasons, and they're connecting directly to your site through the
domain forwarding (i.e., not through a proxy), then they should be
able to get your IP address anyway with a DNS lookup.

-Brian

>> [EMAIL PROTECTED] wrote:
>>>
>>> John,
>>>
>>> We too are limited to port 8080. since our ISP blocks port 80. Have you
>>> ever found a work around for this? We currently have to have our domain
>>> [sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to work. Now
>>> users see the ip address in the browser address bar. not good. not good at
>>> all.
>>>
>>> Apache 2.2.9
>>> Linksys Gateway/Router WCG200
>>>
>>> Jay

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jg6789]

enjoy it while you can.

Jay
- Original Message - 
From: "Brian Mearns" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, September 30, 2008 2:36 PM
Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080



Some ISPs don't block port 80 for residential accounts, either. I'm on
Comcast in the Boston area, and (for now) I've got port 80 free. They
did just start blocking 25, though, so they might be coming for 80
next.

-Brian

On Tue, Sep 30, 2008 at 5:31 PM, Frank Gingras
<[EMAIL PROTECTED]> wrote:

Jay,

A business Internet account would not have that limitation - you might 
even

be able to call your ISP to lift this restriction, provided it does not
breach your contract agreement, and that you can prove that your server 
is

secure.

Frank

[EMAIL PROTECTED] wrote:


John,

We too are limited to port 8080. since our ISP blocks port 80. Have you
ever found a work around for this? We currently have to have our domain
[sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to work. Now
users see the ip address in the browser address bar. not good. not good 
at

all.

Apache 2.2.9
Linksys Gateway/Router WCG200

Jay

- Original Message - From: "jwberger" <[EMAIL PROTECTED]>
To: 
Sent: Tuesday, September 30, 2008 12:55 PM
Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 
8080





They are bound to one interface.  I did see all the info on the Virtual
host
and got it working.  My issue is that since they are different sites, 
if

I
do maintenance on one site and have to stop the service then all sites
are
down and I cannot have that. This is why I was trying to setup 
different

services.  Also I am limited to port 8080 because we will be using the
BEA
Weblogic Plug-in to proxy back to our WL servers and we have 
established
only port 8080 is allowed to come through our firewall to talk to the 
WL

servers.

John


Brian Mearns-2 wrote:


You /can/ run multiple sites from different IP addresses on the same
or different ports, using virtual hosts, which are well documented in
apache. It basically just allows you to use custom configurations
depending on which IP address is accessed. So for instance, you could
have a different DocumentRoot for each ip address, which will quite
effectively give you different sites.

Do you actually have different network interfaces for each ip address?
Or do they all map to the same interface? If they're distinct
interfaces, I don't see any reason you couldn't set up a different
service for each one, but then again, I have no idea how to do it. If
they're all just a single network interface, then I'm pretty certain
it's not possible. This would pretty much defeat the purpose of a
port, which is to map a specific network connection to a specific
process.

But it sounds like virtual hosts might be sufficient for what you
need. You don't actually need different apache services to run
different sites at the same time.

Hope that helps.
-Brian

On Tue, Sep 30, 2008 at 3:36 PM, jwberger <[EMAIL PROTECTED]>
wrote:


I am novice when it comes to Apache.  I have installed 2.2.9 on a
Windows
2003 server and can get it to run fine.  The server has one NIC with
three
IP addresses bound to it.  In installed Apache as a Windows service 
and
edited the httpd.conf file so that the server listened on port 8080. 
I

would like each IP address to run a different site on port 8080 and I
would
like each site to have its own Windows service so that I can
individually
shut down a site.  Is this possible?  It seems like if I start just 
one

service I can hit each IP at port 8080 and they all work.  Can you
assist
me
in what I am doing wrong.
--
View this message in context:

http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19748920.html
Sent from the Apache HTTP Server - Users mailing list archive at
Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
 "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





--
View this message in context:
http://www.nabble.com/Running-Multiple-Windows-Services-on-port-8080-tp19748920p19749242.html
Sent from the Apache HTTP Server - Users mailing list archive at
Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [E

Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080

[jg6789]

We are using dydns too. We can append the port number, sure. that sucks for 
users though. (thats why we use webhop)maybe we should petition dyndns to 
allow the domains they hand out to be linked to an IPADDRESS:PORT instead of 
just an IP. That would elminate any workarounds like webhop and suffice to 
say solve the port 80 issue with ISP's.


- Original Message - 
From: "Brian Mearns" <[EMAIL PROTECTED]>

To: 
Sent: Tuesday, September 30, 2008 2:44 PM
Subject: Re: [EMAIL PROTECTED] Running Multiple Windows Services on port 8080



How are you "redirecting" to the IP address? I used to use dyndns.com
for my subdomain name, and I was able to append the port number with
no problem. E.g., my subdomain was something like bmearns.homeip.net,
so I just went to http://bmearns.homeip.net:8080.

Do you not want users to see your IP address for security reasons? Or
just because it's ugly and utterly forgettable? If it's for security
reasons, and they're connecting directly to your site through the
domain forwarding (i.e., not through a proxy), then they should be
able to get your IP address anyway with a DNS lookup.

-Brian


[EMAIL PROTECTED] wrote:


John,

We too are limited to port 8080. since our ISP blocks port 80. Have you
ever found a work around for this? We currently have to have our domain
[sub.domain.com] redirect to 72.x.x.x.:8080 in order for it to work. 
Now
users see the ip address in the browser address bar. not good. not good 
at

all.

Apache 2.2.9
Linksys Gateway/Router WCG200

Jay


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Proxy to Tomcat AJP

[George Mashini]

Hello,

I setup Apache to proxy to Tomcat using AJP, currently without SSL.  This is
being used to connect a Flex application that uses AMF to Java on the back
end.  All AMF calls are done using a POST to a servlet.  I have 3 tomcat
instances running on separate ports.  Login is used for logging into the
application.  NA1 and NA2 are the application servers.  This is running on
RH Enterprise Linux 5, Apache HTTPD 2.2.3 and Tomcat 6.0.14

It all appears to work fine until I try to stress test it or someone uses
the application for an extended period of time.  The errors that we
encounter are either connection refused or hung connections, where the
connection is alive but never returns a response.  At one point the
connection would drop after a few minutes when it got hung and I would get
APR errors in Apache and Broken pipe errors in Tomcat, but after changing
some HTTPD configuration settings it now just stays hung forever.  I run the
same stress tests against Tomcat directly and they all complete without
errors.  I researched the configuration for each side of the connection, but
I cannot find what I am doing wrong.  I am including each piece of the
configuration.  Any help would be really appreciated.  Sorry for the lengthy
email.

Thank you,

HTTPD.conf

###
# START HTTPD.CONF
###

ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120
KeepAlive Off
MaxKeepAliveRequests 0
KeepAliveTimeout 15


StartServers   8
MinSpareServers5
MaxSpareServers   20
ServerLimit  256
MaxClients   256
MaxRequestsPerChild  4000




StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild  0


Listen 80

LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

Include conf.d/*.conf

User apache
Group apache

ServerAdmin [EMAIL PROTECTED]
#ServerName www.example.com:80

UseCanonicalName Off
DocumentRoot "/srv/www"


Options FollowSymLinks
AllowOverride None



Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all



UserDir disable


DirectoryIndex index.html index.html.var

AccessFileName .htaccess


Order allow,deny
Deny from all


TypesConfig /etc/mime.types

DefaultType text/plain


#   MIMEMagicFile /us

[EMAIL PROTECTED] Proxy to Tomcat AJP

[George Mashini]

Hello,

I setup Apache to proxy to Tomcat using AJP, currently without SSL.  This is
being used to connect a Flex application that uses AMF to Java on the back
end.  All AMF calls are done using a POST to a servlet.  I have 3 tomcat
instances running on separate ports.  Login is used for logging into the
application.  NA1 and NA2 are the application servers.  This is running on
RH Enterprise Linux 5, Apache HTTPD 2.2.3 and Tomcat 6.0.14

It all appears to work fine until I try to stress test it or someone uses
the application for an extended period of time.  The errors that we
encounter are either connection refused or hung connections, where the
connection is alive but never returns a response.  At one point the
connection would drop after a few minutes when it got hung and I would get
APR errors in Apache and Broken pipe errors in Tomcat, but after changing
some HTTPD configuration settings it now just stays hung forever.  I run the
same stress tests against Tomcat directly and they all complete without
errors.  I researched the configuration for each side of the connection, but
I cannot find what I am doing wrong.  I am including each piece of the
configuration.  Any help would be really appreciated.  Sorry for the lengthy
email.

Thank you,

HTTPD.conf

###
# START HTTPD.CONF
###

ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120
KeepAlive Off
MaxKeepAliveRequests 0
KeepAliveTimeout 15


StartServers   8
MinSpareServers5
MaxSpareServers   20
ServerLimit  256
MaxClients   256
MaxRequestsPerChild  4000




StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild  0


Listen 80

LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

Include conf.d/*.conf

User apache
Group apache

ServerAdmin [EMAIL PROTECTED]
#ServerName www.example.com:80

UseCanonicalName Off
DocumentRoot "/srv/www"


Options FollowSymLinks
AllowOverride None



Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all



UserDir disable


DirectoryIndex index.html index.html.var

AccessFileName .htaccess


Order allow,deny
Deny from all


TypesConfig /etc/mime.types

DefaultType text/plain


#   MIMEMagicFile /us