[us...@httpd] openssl_pkcs7_sign error

[Hoang, Le Vu]

Hello,

My server is running Apache 2.2.9, PHP 5.2.9, OpenSSL 0.9.8j, Zend Optimizer 
3.3.0. Everything is fine. I don’t get any error.

After I upgraded Apache to 2.2.13 (and reboot server), I can’t use this PHP 
function: openssl_pkcs7_sign

The PHP error is:

Warning: openssl_pkcs7_sign() [function.openssl-pkcs7-sign]: error creating 
PKCS7 structure! in /home/www/myfile.php on line 25

The signature file is empty.

 

I’m sure that signature files are ok. If I use OpenSSL to sign pkcs7 in command 
line (use the same signatures), it runs correctly. I can use PHP exec to do 
this also but It’s not secure.

I tried this situation many times and the result is the same.

1.   If I fully restore my system with Apache 2.2.9, the system works correct.

2.   I install Apache 2.2.13, system is error

3.   I reinstall Apache 2.2.9 (overwrite 2.2.13), system still error

So, the final solution is fully restore the system. But I would like to know 
that what happen with the latest Apache 2.2.13, PHP 5.2.9 and OpenSSL 0.9.8j.

Thank you

 

 

 

cid:image001.jpg@01C9BD1F.0D061CB0

 

Hoang Vu Le (Mr.)

System Operator

Mobile: 0905 644 777

Email:   hoang...@vietunion.com.vn

 

--

VietUnion Online Services Corporation.

65-65A - Street 3/2, W.11, D.10, HCM City

Tel: 08. 929 2827 (126) ▪ Fax: 08. 929 2826

www.vidientu.com.vn ▪ www.payoo.com.vn

--

 

<>

smime.p7s
Description: S/MIME cryptographic signature

[us...@httpd] A question about configuring Apache Http Server

[thomas2004]

Hi all,

I installed the Apache Http Web Server on RH-Linux and want to configure it
so that the incoming browsing will be forward to the application deployted
on Jboss. I do followings:

1. Set the ip-address in "/etc/sysconfig/network-scripts/ifcfg-eth0:xx"

2. Create a .conf file which looks as follow:
...

ServerName web-mycompany.com:80
ServerAdmin r...@localhost
DocumentRoot /opt/content/web-myweb


debug ALL
WLLogFile  /var/log/httpd/wl-proxy-myweb.log
DebugConfigInfo ON




CustomLog /var/log/httpd/web-myweb-test.mycompany-combined_log
combined
ErrorLog  /var/log/httpd/web-myweb-test.mycompany-error_log



Options Indexes FollowSymLinks
AllowOverride all
Order allow,deny
Allow from all


 #1 Send everything for context /examples to worker named
worker_portfolio (ajp13)


JkMount  /myWebApp* myworker


...

3. Configure the workers.properties as follow:

...
myowrker

# worker template
worker.template.connection_pool_timeout=600
worker.template.socket_timeout=120
worker.template.type=ajp13
worker.socket_keepalive=True

# Set properties for worker_portfolio
worker.myworker.reference=worker.template
worker.myworker.host=test.mycompany.com
worker.myworker.port=8009

...

I think that's all for the configuration. Or maybe I forgot something?

But as I try to call up "http://web-mycompany.com/myWebApp";, it failed. I
got error message as follow:

...
The following error was encountered:

* Connection Failed 

The system returned:

(111) Connection refused

The remote host or network may be down. Please try the request again. 
...
-- 
View this message in context: 
http://www.nabble.com/A-question-about-configuring-Apache-Http-Server-tp25382056p25382056.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 64 bit ?

[ricardo figueiredo]

ok !!

Ricardo

On Thu, Sep 10, 2009 at 2:00 AM, Krist van Besien  wrote:

> On Wed, Sep 9, 2009 at 7:51 PM, ricardo13 
> wrote:
>
> >
> > Ok !!
> > Do I need any special parameter for compile ??
> > For example: ./configure --with-64bit
>
> In your case, since you are planning to use Ubuntu (a good Idea in my
> opinion) and seem not to have that much experience yet (not that this
> is a problem, I was once a novice too) I'd suggest you simple take the
> apache that comes with Ubuntu.
>
> Basically just install Ubuntu 64 bit (server version if this is going
> to be a server), and then once it's up and running you can install
> apache with a simple comand:
>
> "sudo apt-get install apache2"
>
> That's really all it takes. With ubuntu it is possible to go from bare
> metal to a fully functioning "LAMP" server in 20 minutes.
>
> Krist
>
>
> --
> krist.vanbes...@gmail.com
> kr...@vanbesien.org
> Bremgarten b. Bern, Switzerland
> --
> A: It reverses the normal flow of conversation.
> Q: What's wrong with top-posting?
> A: Top-posting.
> Q: What's the biggest scourge on plain text email discussions?
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>


-- 
Muito Obrigado

Ricardo

Re: [us...@httpd] A question about configuring Apache Http Server

[André Warnier]

thomas2004 wrote:



I installed the Apache Http Web Server 


what version of Apache ?

on RH-Linux and want to configure it

so that the incoming browsing will be forward to the application deployted
on Jboss. 

Where is that Jboss server running ?

I do followings:


1. Set the ip-address in "/etc/sysconfig/network-scripts/ifcfg-eth0:xx"


that has nothing to do with either Apache or Jboss.



2. Create a .conf file which looks as follow:
...

ServerName web-mycompany.com:80


That is probably not correct.
You should have, in one of your Apache configuration files (apache2.conf 
or httpd.conf), a line like :

Listen 80
do you ?

There should also be another line somewhere like
NameVirtualHost *:80
(show us the line, exactly as it is in your configuration)

You should probably change the above 2 lines as follows :

 
 ServerName web-mycompany.com




 #1 Send everything for context /examples to worker named
worker_portfolio (ajp13)

That comment above is irrelevant to whatever you have below, and 
confusing. Better to remove it.




JkMount  /myWebApp* myworker

replace this by the following 2 lines :

 JkMount  /myWebApp/ myworker
 JkMount  /myWebApp/* myworker




...

3. Configure the workers.properties as follow:

...
myowrker


that should be :
worker.list=myworker



# worker template
worker.template.connection_pool_timeout=600
worker.template.socket_timeout=120
worker.template.type=ajp13
worker.socket_keepalive=True

# Set properties for worker_portfolio
worker.myworker.reference=worker.template
worker.myworker.host=test.mycompany.com
worker.myworker.port=8009



Does the host "test.mycompany.com" exist ?
Is it the host where JBoss is running ?
Does that JBoss "listen" on port 8009 ?
If it does, does it do it with an AJP Connector ?


...

I think that's all for the configuration. Or maybe I forgot something?

But as I try to call up "http://web-mycompany.com/myWebApp";, it failed. I
got error message as follow:


where do you get this message ?



...
The following error was encountered:

* Connection Failed 


The system returned:

(111) Connection refused

The remote host or network may be down. Please try the request again. 
...


That either means that the host "web-mycompany.com" is not running, or 
that it is not listening on port 80.
It looks like you are not even getting as far as connecting to your 
Apache webserver.

What happens when you enter this URL :
http://web-mycompany.com



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] proxy server

[idan72]

Hi,

I have web application writing in Flex.
The clients are from different location(countries).
I want that when client try to reach the URL of application he will get it
from local server and not from the main server.
Also if possible that if there is update in main server the update will be
send to the local server at each location.

Is that possible ?
Should I use proxy server for that ?
Is the update from server can be done or I need to define some timeout that
after that the local cache on local server is removed so when user will try
to reach server it will cause to update of local server ?

Thanks

-- 
View this message in context: 
http://www.nabble.com/proxy-server-tp25383173p25383173.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] openssl_pkcs7_sign error

[Krist van Besien]

On Thu, Sep 10, 2009 at 12:11 PM, Hoang, Le Vu
 wrote:
>
> Hello,
>
> My server is running Apache 2.2.9, PHP 5.2.9, OpenSSL 0.9.8j, Zend Optimizer 
> 3.3.0. Everything is fine. I don’t get any error.
>
> After I upgraded Apache to 2.2.13 (and reboot server), I can’t use this PHP 
> function: openssl_pkcs7_sign

What OS are you using, and what method did you use to upgrade from
2.2.9 to 2.2.13?

Krist


--
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] proxy server

[Krist van Besien]

On Thu, Sep 10, 2009 at 3:26 PM, idan72  wrote:

> I have web application writing in Flex.
> The clients are from different location(countries).
> I want that when client try to reach the URL of application he will get it
> from local server and not from the main server.
> Also if possible that if there is update in main server the update will be
> send to the local server at each location.
>
> Is that possible ?

Yes. But this is not that trivial.
The easiest part is mirroring your servers to a local machine. Use
whatever works for you to do this. The hard part is getting clients to
use a geographically close server. For that you will need to return a
different IP address when a client request your hostname, depending on
where the request originates from. But this has nothing to do with
apache really...

Krist


-- 
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] proxy server

[idan72]

Thanks for your quick reply.
Can you explain how do I do the mirroring part ? Is it with proxy server ?
Can you give example for one or more ?

Can't I configure in client side to use the local server and not the main
server (where I put my app)?

Thanks


Krist van Besien wrote:
> 
> On Thu, Sep 10, 2009 at 3:26 PM, idan72  wrote:
> 
>> I have web application writing in Flex.
>> The clients are from different location(countries).
>> I want that when client try to reach the URL of application he will get
>> it
>> from local server and not from the main server.
>> Also if possible that if there is update in main server the update will
>> be
>> send to the local server at each location.
>>
>> Is that possible ?
> 
> Yes. But this is not that trivial.
> The easiest part is mirroring your servers to a local machine. Use
> whatever works for you to do this. The hard part is getting clients to
> use a geographically close server. For that you will need to return a
> different IP address when a client request your hostname, depending on
> where the request originates from. But this has nothing to do with
> apache really...
> 
> Krist
> 
> 
> -- 
> krist.vanbes...@gmail.com
> kr...@vanbesien.org
> Bremgarten b. Bern, Switzerland
> --
> A: It reverses the normal flow of conversation.
> Q: What's wrong with top-posting?
> A: Top-posting.
> Q: What's the biggest scourge on plain text email discussions?
> 
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/proxy-server-tp25383173p25383575.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] proxy server

[Krist van Besien]

On Thu, Sep 10, 2009 at 3:44 PM, idan72  wrote:
>
> Thanks for your quick reply.
> Can you explain how do I do the mirroring part ? Is it with proxy server ?
> Can you give example for one or more ?

Mirrororing basically means copying all the content that exists on one
server on another one. There are many different way to do this, going
from simply copying everything from one machine to another, to using
something like rsync, to using a webspider. Use what works for you.
This is however not really an apache issue.

> Can't I configure in client side to use the local server and not the main
> server (where I put my app)?

If you have control over the clients you can configure them to use a
local server. How to do this depends on what kind of control you have.
This is however not an apache issue.

Krist



-- 
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Downloaded java applet bypasses proxy

[Eric Jacobs]

We were trying to add an extra layer of security in front of some financial 
apps with a reverse proxy (which required a login). It worked until we tried 
restricting access to financial apps only to proxy server. Turns out, after 
the initial connection, browsers downloaded applets which then tried to 
connect directly to financial servers. Is there a way (perhaps through 
mod_proxy_html) to rewrite the URL in the applet?

Eric Jacobs 




-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] A question about configuring Apache Http Server

[thomas2004]

>what version of Apache ?
It is httpd-2.0.46-46.2.ent

>Where is that Jboss server running ?
On RH-Linux on other machine.

>that has nothing to do with either Apache or Jboss.
You are right. This is configuration of the machine. I have to do this since
the machine will listen to this ip.

>That is probably not correct. You should have, in one of your Apache
configuration files (apache2.conf 
>or httpd.conf), a line like :Listen 80
>do you ?

I think this should correct since I just want to listen to the call to this
ip. This ip is mapped to "web-mycompany.com".

There are other xxx.conf files under /etc/httpd/conf.d/. As the http server
starts, it will load all the xxx.conf files from here- 


>That comment above is irrelevant to whatever you have below, and confusing.
Better to remove it.
 Ok, I did it now.


>replace this by the following 2 lines :

  JkMount  /myWebApp/ myworker
  JkMount  /myWebApp/* myworker

I replace them now.


>that should be :
>worker.list=myworker

You are right. I mistyped it.


>Does the host "test.mycompany.com" exist ?
>Is it the host where JBoss is running ?
>Does that JBoss "listen" on port 8009 ?
>If it does, does it do it with an AJP Connector ?

The host exist. This is the Jboss host. I can browser up
"http://test.mycompany.com:8080/myWebApp";

The Jboss "listens" on port 8009. In fact in "workers.properties" there is
another worker which looks as follow:

...
  worker.another_worker.reference=worker.template
  worker.another_worker.host=another-web-test.com
  worker.another_worker.port=8009
...


>where do you get this message ?
On the browser


>That either means that the host "web-mycompany.com" is not running, or 
>that it is not listening on port 80.
>It looks like you are not even getting as far as connecting to your Apache
webserver.

Could be. That's the reason I ask this question. :)

Where and how can I check it?


>What happens when you enter this URL :http://web-mycompany.com

The same error.



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




-- 
View this message in context: 
http://www.nabble.com/A-question-about-configuring-Apache-Http-Server-tp25382056p25384132.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Apache Tuning

[Daniel Viana Auler(Plebeuz)]

Hello,
  I have a question about MaxClients and maxservers, when i tuning 
i found in apache that  to calculate maxclients i need to calculate the 
SO used memory-total memory divided by the memory witch each apache 
process use, but how can i know how to do it correctly, because apache 
process ocilates too much, i have configured 256 max clients for 8GB of 
ram, that is correct? I have calculate the use of the memory to 25M for 
each apache process, 25 * 256 = 6400, there is 1.6GB to OS. But i think, 
apache can handle only 256 concurrent connections with 8GB of ram?


Att,

Plebeuz

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Downloaded java applet bypasses proxy

[Nick Kew]

Eric Jacobs wrote:
We were trying to add an extra layer of security in front of some financial 
apps with a reverse proxy (which required a login). It worked until we tried 
restricting access to financial apps only to proxy server. Turns out, after 
the initial connection, browsers downloaded applets which then tried to 
connect directly to financial servers. Is there a way (perhaps through 
mod_proxy_html) to rewrite the URL in the applet?


mod_proxy_html won't touch applet contents.  You'd be in with a chance
if your applet works by fetching text contents in HTML, but that's
not very likely.  A similar filtering approach could deal with
XML or (subject to a small risk of false positives) plain text,
but not if the data are embedded in the applet.

I should read the applet's documentation: does it allow you
to set a base URL (to the proxy), or stick to relative URLs?
If not, talk to your developer.

Come to think of it, a java class could rewrite URLs in the same
way as mod_proxy_html.  You'd have to figure out whether that'll
work within the applet sandbox (most likely for signed applets),
but that looks like an approach you could consider (and maybe
google for an existing class) if you don't have the applet source.

Or a firefox plugin could easily do the job if restricting your
users is an option.

--
Nick Kew

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Case sensitive URLs

[Andrew Hole]

Hi guys!

How can I ensure case sensitive URLs?

I've test.html at DocumentRoot. I want a "File not found" error when I
invoke http://host/TEST.html.

Thanks a lot
A.

Re: [us...@httpd] A question about configuring Apache Http Server

[André Warnier]

thomas2004 wrote:
...



That either means that the host "web-mycompany.com" is not running, or 
that it is not listening on port 80.

It looks like you are not even getting as far as connecting to your Apache

webserver.

Could be. That's the reason I ask this question. :)

Where and how can I check it?


Ok, let's start from there.
First, let's see if Apache is running.
When you enter the following command :

netstat -pan | grep '\:80'

it should at least show one line.  That line corresponds to the port on 
which Apache should be listening.
Toward the end of the line, should be the name of the program, and it's 
Process-ID.


You call also try either one of those :
ps -ef | grep httpd
or
ps -ef | grep apache

(I don't remember if under RH Apache appears as httpd or apache2)

Once you make sure that there is an Apache running, then you could try 
the following :

enter the command :
telnet web-mycompany.com 80
GET / HTTP/1.0

(the second line above, you have to enter "blind", because there will be 
no echo; the third line is just a "return")

Do you get something ?



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Case sensitive URLs

[Tom Evans]

On Thu, 2009-09-10 at 15:40 +0100, Andrew Hole wrote:
> Hi guys!
> 
> How can I ensure case sensitive URLs?
> 
> I've test.html at DocumentRoot. I want a "File not found" error when I
> invoke http://host/TEST.html.
> 
> Thanks a lot
> A.

You need to use a case sensitive file system, ie not windows.

Cheers

Tom


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Case sensitive URLs

[Nick Kew]

Andrew Hole wrote:

Hi guys!

How can I ensure case sensitive URLs?

I've test.html at DocumentRoot. I want a "File not found" error when I 
invoke http://host/TEST.html.


You'll get that as standard.  Just don't use any of the hacks that
make them appear case-insensitive, like mod_speling.

The possible exception to that is if you have a case-insensitive
filesystem that returns test.html when asked for TEST.html.  If that's
the case you'd have to deal with it before the filesystem is
accessed.  A simple solution would be a rewriterule.  Or if
your capitalisations are many and complex, maybe a rewritemap
generated by listing the files.

--
Nick Kew

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Is it okay to not use exportable ciphers?

[Matus UHLAR - fantomas]

On 20.08.09 15:16, Brian Mearns wrote:
> For the sake of security, I'd like to configure my SSL/TLS server to
> not allow export level ciphers (using the SSLCipherSuite directive).
> Is this going to realistically limit the number of people who can use
> a secure connection to my site? Specifically, will visitors from other
> countries (outside the US) be able to support the stronger
> (non-exportable) ciphers?

I did not have received and problem reports with setting:

SSLCipherSuite DEFAULT:!EXP:!LOW

for some time.
-- 
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live forever - so far so good. 

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] .htaccess does not work

[testwreq wreq]

Hello, My goal is to password protect a few pages in one of the userdir
(/home/users/vinda). And, I cannot get this to work. Any suggestions will be
welcomed! Below is the configuration in my httpd.conf file:

Options -Indexes FollowSymLinks IncludesNoExec
Options +ExecCGI
DirectoryIndex index.html index.php index.htm
AllowOverride AuthConfig
Allow from all
Order allow,deny
AddType text/html .html
AddOutputFilter INCLUDES .html

I placed .htaccess in (/home/users/vinda/public_html/labs) because this is
the directory I want to protect.
Below are the contents of .htaccess and it has the .passwd file generated by
htpasswd apache command.

AuthUserFile /www/home/users/vinda/labs/.htpasswd
AuthName "Members Only"
AuthType Basic
require user lab
When I call the page with http://hostname/~vinda/labs, I get the box to
enter the username and password but then I can never pass this. The error in
the eerror log is:
[debug] mod_auth_pgsql.c(774): [client 10.105.9.103] [mod_auth_pgsql.c] -
missing configuration parameters
[Thu Sep 10 10:35:32 2009] [error] [client 10.105.9.103] access to
/~vinda/labs failed, reason: verification of user id 'lab' not configured
Please advise. Am I missing any configuration?

Thanks much:)

[us...@httpd] Limited TextArea buffer

[Nick]

   Hi,
I have a problem with a limited carry over buffer size with
   TextArea being limited to around 6,500-7,000 bytes.

   I placed the directive LimitRequestBody 0 in my apache2.conf
   (don't use httpd.conf) but it makes no difference. When I paste
   12,000+ characters of data into a FORM, it's cut in half..

   Am I putting it in the wrong place or is this the wrong directive?

Thanks, in advance,
  Nick. . .

   _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
.  .  .  .  .  .  .  .
   ...---... (Stamp Out Spam and Save Our Servers)  http://sosNow.ws
.  .  .  .  .  .  .  .
   _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] openssl_pkcs7_sign error

[Hoang, Le Vu]

I'm using Centos 5.2.
I compile Apache from source with:
1. make clean
2. make dist clean
3. ./configure
4. make
5. make install
After that, I restart the apache and reboot the server




Hoang Vu Le (Mr.)
System Operator
Mobile: 0905 644 777
Email: hoang...@vietunion.com.vn

--
VietUnion Online Services Corporation.
65-65A - Street 3/2, W.11, D.10, HCM City
Tel: 08. 929 2827 (126) ▪ Fax: 08. 929 2826
www.vidientu.com.vn ▪ www.payoo.com.vn
--

-Original Message-
From: Krist van Besien [mailto:krist.vanbes...@gmail.com] 
Sent: Thursday, September 10, 2009 8:30 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] openssl_pkcs7_sign error

On Thu, Sep 10, 2009 at 12:11 PM, Hoang, Le Vu
 wrote:
>
> Hello,
>
> My server is running Apache 2.2.9, PHP 5.2.9, OpenSSL 0.9.8j, Zend Optimizer 
> 3.3.0. Everything is fine. I don’t get any error.
>
> After I upgraded Apache to 2.2.13 (and reboot server), I can’t use this PHP 
> function: openssl_pkcs7_sign

What OS are you using, and what method did you use to upgrade from
2.2.9 to 2.2.13?

Krist


--
krist.vanbes...@gmail.com
kr...@vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



smime.p7s
Description: S/MIME cryptographic signature

Re: [us...@httpd] Limited TextArea buffer

[Eric Covener]

On Thu, Sep 10, 2009 at 12:02 PM,  wrote:
>   Hi,
>        I have a problem with a limited carry over buffer size with
>   TextArea being limited to around 6,500-7,000 bytes.
>
>   I placed the directive LimitRequestBody 0 in my apache2.conf
>   (don't use httpd.conf) but it makes no difference. When I paste
>   12,000+ characters of data into a FORM, it's cut in half..
>
>   Am I putting it in the wrong place or is this the wrong directive?

Is the method POST? Is there an error recorded in the error log?

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] .htaccess

[Bob Ionescu]

2009/9/7 Jos Chrispijn :
> Is there a way of forcing webbrowser to present a login popup every time
> they enter a protected URL? Now I login once and until I delete my
> cookies, I can go to the URL without having a username and password
> filled out, even not having the 'remember password' option active.

If your server replies with HTTP 401 to a request made with
credentials, the browser will drop the HTTP Auth session and
re-prompt.

However, since you can't distinguish between the previous and the next
request by the client after the prompt, you'll trap into a problem
(not to mention implementing something like that).

Conclusion: You'll need your own module with some sort of session
database attached to save the state user x HTTP 401, allow one request
with credentials for that username, HTTP 401, allow one request with
credentials for that username, HTTP 401

Bob

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Re: Refreshing renewed SSL certificate

[Andy Hawkins]

Hi,

In article <4aa7cecd.9020...@newmediagateway.com>,
   Justin Pasher wrote:
> FWIW, in my experience, installing or changing an SSL cert on an Apache 
> 1 server requires a stop and start (restart/reload won't work).  Now 
> this is using apache-ssl (as opposed to mod_ssl), but it sounds the same 
> for your situation.

Ah ok, that might explain it. I'll try to remember to do a full stop / start
next time.

Andy


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] .htaccess does not work

[Jonathan Zuckerman]

On Thu, Sep 10, 2009 at 8:56 AM, testwreq wreq  wrote:
> Hello, My goal is to password protect a few pages in one of the userdir
> (/home/users/vinda). And, I cannot get this to work. Any suggestions will be
> welcomed! Below is the configuration in my httpd.conf file:
> 
> Options -Indexes FollowSymLinks IncludesNoExec
> Options +ExecCGI
> DirectoryIndex index.html index.php index.htm
> AllowOverride AuthConfig
> Allow from all
> Order allow,deny
> AddType text/html .html
> AddOutputFilter INCLUDES .html
> 
> I placed .htaccess in (/home/users/vinda/public_html/labs) because this is
> the directory I want to protect.
> Below are the contents of .htaccess and it has the .passwd file generated by
> htpasswd apache command.
> AuthUserFile /www/home/users/vinda/labs/.htpasswd
> AuthName "Members Only"
> AuthType Basic
> require user lab
> When I call the page with http://hostname/~vinda/labs, I get the box to
> enter the username and password but then I can never pass this. The error in
> the eerror log is:
> [debug] mod_auth_pgsql.c(774): [client 10.105.9.103] [mod_auth_pgsql.c] -
> missing configuration parameters
> [Thu Sep 10 10:35:32 2009] [error] [client 10.105.9.103] access to
> /~vinda/labs failed, reason: verification of user id 'lab' not configured
> Please advise. Am I missing any configuration?
>
> Thanks much:)
>

A few thoughts: might need to put the .htaccess file that password
protects all the contents of a directory _outside_ of that directory,
since that file is required to determine where the authorized users
data is stored, and you currently can't access it until you _are_ one
of those authorized users...

Also, really not a big deal but.. your subject implied that .htaccess
is broken.  Chances are quite good that it's simply your understanding
of .htaccess which is flawed; everyone on this list is here because
they're happy to try to help but it might be nice to approach the
problem with the attitude "I would really appreciate some help
figuring your awesome free software out" rather than "Fix your shit".

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] .htaccess does not work

[André Warnier]

testwreq wreq wrote:
 The error in

the eerror log is:
[debug] mod_auth_pgsql.c(774): [client 10.105.9.103] [mod_auth_pgsql.c] -
missing configuration parameters

And where does that come from ?
Hint : mod_auth_pgsql.c ?


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Limited TextArea buffer

[André Warnier]

Eric Covener wrote:

On Thu, Sep 10, 2009 at 12:02 PM,  wrote:

  Hi,
   I have a problem with a limited carry over buffer size with
  TextArea being limited to around 6,500-7,000 bytes.

  I placed the directive LimitRequestBody 0 in my apache2.conf
  (don't use httpd.conf) but it makes no difference. When I paste
  12,000+ characters of data into a FORM, it's cut in half..

  Am I putting it in the wrong place or is this the wrong directive?


Is the method POST? Is there an error recorded in the error log?


.. and maybe you want to have a look at what is processing that form ?


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] .htaccess

[André Warnier]

Jos Chrispijn wrote:

Is there a way of forcing webbrowser to present a login popup every time
they enter a protected URL? Now I login once and until I delete my
cookies, I can go to the URL without having a username and password
filled out, even not having the 'remember password' option active.


What is the authentication method used ?
Show us the directory configuration.

If it is Basic Authentication, that's how it works.
The browser remembers the "realm" (AuthName) of the first 
authentication, and automatically re-adds the corresponding 
authentication header whenever the server responds with a 401 for the 
same realm.

In that case also, cookies have nothing to do with it.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] .htaccess does not work

[testwreq wreq]

I figured out the small typo in the path. Thanks for reading my request and
suggestions.

On Thu, Sep 10, 2009 at 1:02 PM, Jonathan Zuckerman
wrote:

>  On Thu, Sep 10, 2009 at 8:56 AM, testwreq wreq 
> wrote:
> > Hello, My goal is to password protect a few pages in one of the userdir
> > (/home/users/vinda). And, I cannot get this to work. Any suggestions will
> be
> > welcomed! Below is the configuration in my httpd.conf file:
> > 
> > Options -Indexes FollowSymLinks IncludesNoExec
> > Options +ExecCGI
> > DirectoryIndex index.html index.php index.htm
> > AllowOverride AuthConfig
> > Allow from all
> > Order allow,deny
> > AddType text/html .html
> > AddOutputFilter INCLUDES .html
> > 
> > I placed .htaccess in (/home/users/vinda/public_html/labs) because this
> is
> > the directory I want to protect.
> > Below are the contents of .htaccess and it has the .passwd file generated
> by
> > htpasswd apache command.
> > AuthUserFile /www/home/users/vinda/labs/.htpasswd
> > AuthName "Members Only"
> > AuthType Basic
> > require user lab
> > When I call the page with http://hostname/~vinda/labs, I get the box to
> > enter the username and password but then I can never pass this. The error
> in
> > the eerror log is:
> > [debug] mod_auth_pgsql.c(774): [client 10.105.9.103] [mod_auth_pgsql.c] -
> > missing configuration parameters
> > [Thu Sep 10 10:35:32 2009] [error] [client 10.105.9.103] access to
> > /~vinda/labs failed, reason: verification of user id 'lab' not configured
> > Please advise. Am I missing any configuration?
> >
> > Thanks much:)
> >
>
> A few thoughts: might need to put the .htaccess file that password
> protects all the contents of a directory _outside_ of that directory,
> since that file is required to determine where the authorized users
> data is stored, and you currently can't access it until you _are_ one
> of those authorized users...
>
> Also, really not a big deal but.. your subject implied that .htaccess
> is broken.  Chances are quite good that it's simply your understanding
> of .htaccess which is flawed; everyone on this list is here because
> they're happy to try to help but it might be nice to approach the
> problem with the attitude "I would really appreciate some help
> figuring your awesome free software out" rather than "Fix your shit".
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [us...@httpd] Excluding String from access log

[Mohit Anchlia]

All I want is to remove that "info" message from the access log. So
basically I don't want to see that in access or error log

On Wed, Sep 9, 2009 at 7:12 PM, Eric Covener  wrote:
> On Wed, Sep 9, 2009 at 6:20 PM, Mohit Anchlia wrote:
>> These go as "info" in access log
>
> It's pretty unusual for error log entries to end up in your access
> log. Is that what you're actually claiming?  We could already see that
> they were "info" level.
>
> These are two distinctly different log files.
>
> --
> Eric Covener
> cove...@gmail.com
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Excluding String from access log

[André Warnier]

Mohit,

Mohit Anchlia wrote:

All I want is to remove that "info" message from the access log. So
basically I don't want to see that in access or error log



read this : http://httpd.apache.org/docs/2.2/mod/core.html#loglevel

You can stop all [info] messages from appearing in the error log.
As to the access log, these messages should anyway not appear there, 
unless you did something stupid like point both access log and error log 
to the same file.


Apart from that, Apache is open source, and you are welcome to download 
the source, modify it, and remove any kind of message from the logs that 
you want.


What other people here are trying to tell you (but you don't seem to 
want to listen) is that for this kind of thing, it is easier to "filter" 
your logfiles after the fact, using a separate script.

Or filtering them in real-time, by piping them through your own filter.

See for example here (the section "pipe") :
http://httpd.apache.org/docs/2.2/mod/mod_log_config.html#customlog




-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

[David Taveras]

Hello,

I run apache 2.2.9 & apache 2.2.11 both with  apr-1.2.11p2   &
apr-util-1.2.10p2


According to the CVE at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412  only  0.9.x and
1.3.x are affected .  Could anybody confirm that this is so? If not.. how
bad is this vulnerability to a user? Would mod_security help for this?

Thank you.

Re: [us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

[William A. Rowe, Jr.]

David Taveras wrote:
> 
> I run apache 2.2.9 & apache 2.2.11 both with  apr-1.2.11p2   & 
> apr-util-1.2.10p2
> 
> According to the CVE at
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412  only  0.9.x
> and 1.3.x are affected .  Could anybody confirm that this is so? If
> not.. how bad is this vulnerability to a user? Would mod_security help
> for this?

[cc'ing dev@ to point out this error]

The description of the CVE is wildly wrong.

There is no known exploit of these flaws relative to Apache httpd itself.
The version numbers you reference refer to APR, so this is applicable to
all distributions of httpd 2.x (2.0 included 0.9, 2.2 included 1.3).

Third party modules might be affected; Other projects or products using APR
may be affected; one project is known to be affected.

However, any code which is affected remains vulnerable, in that these
bugs would only be triggered by using untainted/untrusted input as the
memory allocation size.  Any affected application would be subject to
memory exhaustion DoS vectors until the code properly detaints the input
which determines the size of memory allocations.

This was granted a CVE strictly on the basis that the effects of the flaw
may unexpectedly be worse than expected; the affected code may unexpectedly
continue, rather than failing or segfaulting as expected, based on design.

Finally, mod_security is very unlikely to have any effect whatsoever on
this group of issues.  Input into httpd is already constrained in terms
of size before these calls to APR occur, so this is unlikely to affect
typical httpd modules.  Non-HTTP protocols, or HTTP implementations other
than httpd are more likely to be affected, again depending upon the code
used and caution exercised by the developer.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

[David Taveras]

Hello William.


You mentioned as far as APR causing a DoS, how about the execution of
arbitrary code through apache as the CVE says..?

Thank you

Daniel

On Thu, Sep 10, 2009 at 6:54 PM, William A. Rowe, Jr.
wrote:

> David Taveras wrote:
> >
> > I run apache 2.2.9 & apache 2.2.11 both with  apr-1.2.11p2   &
> > apr-util-1.2.10p2
> >
> > According to the CVE at
> > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412  only  0.9.x
> > and 1.3.x are affected .  Could anybody confirm that this is so? If
> > not.. how bad is this vulnerability to a user? Would mod_security help
> > for this?
>
> [cc'ing dev@ to point out this error]
>
> The description of the CVE is wildly wrong.
>
> There is no known exploit of these flaws relative to Apache httpd itself.
> The version numbers you reference refer to APR, so this is applicable to
> all distributions of httpd 2.x (2.0 included 0.9, 2.2 included 1.3).
>
> Third party modules might be affected; Other projects or products using APR
> may be affected; one project is known to be affected.
>
> However, any code which is affected remains vulnerable, in that these
> bugs would only be triggered by using untainted/untrusted input as the
> memory allocation size.  Any affected application would be subject to
> memory exhaustion DoS vectors until the code properly detaints the input
> which determines the size of memory allocations.
>
> This was granted a CVE strictly on the basis that the effects of the flaw
> may unexpectedly be worse than expected; the affected code may unexpectedly
> continue, rather than failing or segfaulting as expected, based on design.
>
> Finally, mod_security is very unlikely to have any effect whatsoever on
> this group of issues.  Input into httpd is already constrained in terms
> of size before these calls to APR occur, so this is unlikely to affect
> typical httpd modules.  Non-HTTP protocols, or HTTP implementations other
> than httpd are more likely to be affected, again depending upon the code
> used and caution exercised by the developer.
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

[William A. Rowe, Jr.]

David Taveras wrote:
> 
> You mentioned as far as APR causing a DoS, how about the execution of
> arbitrary code through apache as the CVE says..?

No, you misinterpreted; the application developer must expose a DoS/memory
exhaustion vector; where that exists, and the affected version of APR
is used, and the information written to the never-allocated buffer just
happens to overlap some predictable, current allocations, then the external
user may trigger a segfault but possibly worse, depending ENTIRELY on
the code in the application.

An example is http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2411
svn's libsvn_delta library, but there may be other applications in the
wild which suffer similar, lesser or worse side effects from trusting
untained user input.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Limited TextArea buffer

[Nick]

  Thanks for the comeback...

>>I have a problem with a limited carry over buffer size
>>   with TextArea being limited to around 6,500-7,000 bytes.
>>
>>   I placed the directive LimitRequestBody 0 in my apache2.conf
>>   (don't use httpd.conf) but it makes no difference. When I
>>   paste 12,000+ characters of data into a FORM, it's cut in half.

  Hi Eric,
  > Is the method POST? Is there an error recorded in the error log?

   Yes and No...

  Hi André,
  > maybe you want to have a look at what is processing that form ?

   All scripts written by me, there are several, but that put
   me on the right track.  The very old perl library that I use to
   parse all data was set very low - increasing it fixed the problem..
   Thanks André...

   Problem solved - thanx everyone,
  Nick. . .

   _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/
.  .  .  .  .  .  .  .
   ...---... (Stamp Out Spam and Save Our Servers)  http://sosNow.ws
.  .  .  .  .  .  .  .
   _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org