[users@httpd] Access control advice needed

[Ramon Casha]

I have a website running drupal which is currently under a continuous
botnet attack, which is causing major performance issues. I'm trying to
use apache's access control mechanism to block these requests. 

Two characteristics of the attack requests are that they all use
HTTP/1.0, and a large percentage of them are within one domain.

When I look at my access log, most requests are coming in from:
134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
...etc.

i tried blocking access using Apache's Deny From as follows:


   Options +FollowSymLinks 
   AllowOverride All
   Order Allow,Deny
   Allow from all
   Deny from .broad.pt.fj.dynamic.163data.com.cn


However this did not work - all requests are still being allowed in.
Note that the /opt/drupal-7 directory is a symlink to the actual
directory which has the full version number.

Also, since all the botnet requests are marked as HTTP/1.0, I tried to
restrict access to the user-registration pages using the protocol, as
follows:

SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req

Order Allow,Deny 
Deny from env=BadReq 


However this is blocking everything - HTTP/1.0 or 1.1. "/utenti" is the
prefix to the user registration page, password-reset page etc. I tried
changing around the Order, adding an "Allow from all" but in each case I
either end up blocking everyone or letting all requests through.

I'd appreciate any advice on how to implement the above or resolve this
issue in some other way.

--
Ramon Casha

Note: I have no control over the disclaimer message that will invariably
appear below.




DISCLAIMER
-- 

The information transmitted in this message and any attachments is strictly 
confidential and intended only for the individual or entity to whom it is 
addressed.
Any form of unauthorised review, transmission, disclosure, publication, 
reproduction, modification or other use of, or the taking of any action in 
reliance upon any of the information contained in this e-mail by individuals or 
entities other than the intended recipient is strictly prohibited.
If you are not the named addressee or the person responsible for delivering the 
message to the named addressee and have received this communication in error, 
you must not disclose the contents of this e-mail to any other person; or make 
any copies thereof. If you are not the named recipient please delete/destroy 
any and all copies that may exist, whether in electronic or hard copy for and 
notify us immediately on the phone number indicated above and provide us with 
details about the said e-mail received in error.
Since the Internet is not a secure medium Megabyte cannot guarantee the privacy 
or confidentiality of any e-mail communications transmitted. All messages sent 
to and from Megabyte Ltd may be monitored and/or recorded to ensure compliance 
with internal policies and procedures. We disclaim all responsibility and 
liability whatsoever in relation to any errors or omissions that may reveal 
themselves in this message and in relation to any damage that may result from 
any such errors or omissions. We disclaim all responsibility and liability for 
any damage that may arise from the unauthorised acts of third parties and/or 
the corruption of any data contained in this message.
Thank you.

Re: [users@httpd] Access control advice needed

[Jan Vávra]

Hello,
 try to use an IP address or subnet instead of 
.broad.pt.fj.dynamic.163data.com.cn


Jan.

Access control advice needed

I have a website running drupal which is currently under a continuous
botnet attack, which is causing major performance issues. I'm trying to
use apache's access control mechanism to block these requests.

Two characteristics of the attack requests are that they all use
HTTP/1.0, and a large percentage of them are within one domain.

When I look at my access log, most requests are coming in from:
134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
...etc.

i tried blocking access using Apache's Deny From as follows:


   Options +FollowSymLinks
   AllowOverride All
   Order Allow,Deny
   Allow from all
   Deny from .broad.pt.fj.dynamic.163data.com.cn


However this did not work - all requests are still being allowed in.
Note that the /opt/drupal-7 directory is a symlink to the actual
directory which has the full version number.

Also, since all the botnet requests are marked as HTTP/1.0, I tried to
restrict access to the user-registration pages using the protocol, as
follows:

SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req

Order Allow,Deny
Deny from env=BadReq


However this is blocking everything - HTTP/1.0 or 1.1. "/utenti" is the
prefix to the user registration page, password-reset page etc. I tried
changing around the Order, adding an "Allow from all" but in each case I
either end up blocking everyone or letting all requests through.

I'd appreciate any advice on how to implement the above or resolve this
issue in some other way.

--
Ramon Casha

Note: I have no control over the disclaimer message that will invariably
appear below.


*DISCLAIMER*

/The information transmitted in this message and any attachments is 
strictly confidential and intended only for the individual or entity 
to whom it is addressed.
Any form of unauthorised review, transmission, disclosure, 
publication, reproduction, modification or other use of, or the taking 
of any action in reliance upon any of the information contained in 
this e-mail by individuals or entities other than the intended 
recipient is strictly prohibited.
If you are not the named addressee or the person responsible for 
delivering the message to the named addressee and have received this 
communication in error, you must not disclose the contents of this 
e-mail to any other person; or make any copies thereof. If you are not 
the named recipient please delete/destroy any and all copies that may 
exist, whether in electronic or hard copy for and notify us 
immediately on the phone number indicated above and provide us with 
details about the said e-mail received in error.
Since the Internet is not a secure medium Megabyte cannot guarantee 
the privacy or confidentiality of any e-mail communications 
transmitted. All messages sent to and from Megabyte Ltd may be 
monitored and/or recorded to ensure compliance with internal policies 
and procedures. We disclaim all responsibility and liability 
whatsoever in relation to any errors or omissions that may reveal 
themselves in this message and in relation to any damage that may 
result from any such errors or omissions. We disclaim all 
responsibility and liability for any damage that may arise from the 
unauthorised acts of third parties and/or the corruption of any data 
contained in this message.

Thank you./

<#> 

Re: [users@httpd] Access control advice needed

[Oren]

Hi Ramon.
Why use apache for the block and not a firewall? its not apache related 
but i think its a better way of doing that.
You can add those addresses to blocking rules and reduce the load on the 
apache before they even reach it.
I am not sure which os you use but there are simple ways of doing that 
even if you dont have dedicated hardware.


Oren

On 04/09/2014 10:32 AM, Jan Vávra wrote:

Hello,
 try to use an IP address or subnet instead of 
.broad.pt.fj.dynamic.163data.com.cn


Jan.

Access control advice needed

I have a website running drupal which is currently under a continuous
botnet attack, which is causing major performance issues. I'm trying to
use apache's access control mechanism to block these requests.

Two characteristics of the attack requests are that they all use
HTTP/1.0, and a large percentage of them are within one domain.

When I look at my access log, most requests are coming in from:
134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
...etc.

i tried blocking access using Apache's Deny From as follows:


   Options +FollowSymLinks
   AllowOverride All
   Order Allow,Deny
   Allow from all
   Deny from .broad.pt.fj.dynamic.163data.com.cn


However this did not work - all requests are still being allowed in.
Note that the /opt/drupal-7 directory is a symlink to the actual
directory which has the full version number.

Also, since all the botnet requests are marked as HTTP/1.0, I tried to
restrict access to the user-registration pages using the protocol, as
follows:

SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req

Order Allow,Deny
Deny from env=BadReq


However this is blocking everything - HTTP/1.0 or 1.1. "/utenti" is the
prefix to the user registration page, password-reset page etc. I tried
changing around the Order, adding an "Allow from all" but in each case I
either end up blocking everyone or letting all requests through.

I'd appreciate any advice on how to implement the above or resolve this
issue in some other way.

--
Ramon Casha

Note: I have no control over the disclaimer message that will invariably
appear below.


*DISCLAIMER*

/The information transmitted in this message and any attachments is 
strictly confidential and intended only for the individual or entity 
to whom it is addressed.
Any form of unauthorised review, transmission, disclosure, 
publication, reproduction, modification or other use of, or the 
taking of any action in reliance upon any of the information 
contained in this e-mail by individuals or entities other than the 
intended recipient is strictly prohibited.
If you are not the named addressee or the person responsible for 
delivering the message to the named addressee and have received this 
communication in error, you must not disclose the contents of this 
e-mail to any other person; or make any copies thereof. If you are 
not the named recipient please delete/destroy any and all copies that 
may exist, whether in electronic or hard copy for and notify us 
immediately on the phone number indicated above and provide us with 
details about the said e-mail received in error.
Since the Internet is not a secure medium Megabyte cannot guarantee 
the privacy or confidentiality of any e-mail communications 
transmitted. All messages sent to and from Megabyte Ltd may be 
monitored and/or recorded to ensure compliance with internal policies 
and procedures. We disclaim all responsibility and liability 
whatsoever in relation to any errors or omissions that may reveal 
themselves in this message and in relation to any damage that may 
result from any such errors or omissions. We disclaim all 
responsibility and liability for any damage that may arise from the 
unauthorised acts of third parties and/or the corruption of any data 
contained in this message.

Thank you./

[users@httpd] Small search engine by keyword for a webdav server

[BONNET, Frank]

Hello

I'm searching for a small search engine to use on a  webav server

The amount of data to search is very small and performance is not a problem.

The purpose is : search by keyword in files ( word or pdf files ) then
display
the matching files to the requester.

Usage is private and protected by authentication , users have readonly
access


Thanks for any help.

Re: [users@httpd] Access control advice needed

[Ramon Casha]

To be honest I don't want to end up having to maintain the IP blocks that 
correspond to the computers that are sending the requests, which is why I tried 
using the partial domain name. The apache documentation seems to suggest this 
would work:

A (partial) domain-name 


Example: 

Allow from apache.org
Allow from .net example.edu 


The server is running Linux so I've got iptables but, again, I want to avoid 
having to maintain the list of blocked IP addresses.

The thing is, the methods I described would take care of the problems if I 
could get them to work - blocking all HTTP/1.0 requests to a specific location, 
and/or blocking everyone from that server.

I am currently working around it by adding a bit of PHP code to the drupal 
settings.php file but I'd like it to be tackled earlier than that - in apache's 
access control or iptables for instance.


On Erb, 2014-04-09 at 10:44 +0300, Oren wrote:


Hi Ramon.
Why use apache for the block and not a firewall? its not apache related 
but i think its a better way of doing that.
You can add those addresses to blocking rules and reduce the load on 
the apache before they even reach it.
I am not sure which os you use but there are simple ways of doing that 
even if you dont have dedicated hardware.

Oren



On 04/09/2014 10:32 AM, Jan Vávra wrote:



Hello,
 try to use an IP address or subnet instead of 
.broad.pt.fj.dynamic.163data.com.cn

Jan.



I have a website running drupal which is currently 
under a continuous
botnet attack, which is causing major performance 
issues. I'm trying to
use apache's access control mechanism to block these 
requests.

Two characteristics of the attack requests are that 
they all use
HTTP/1.0, and a large percentage of them are within one 
domain.

When I look at my access log, most requests are coming 
in from:
134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
...etc.

i tried blocking access using Apache's Deny From as 
follows:


   Options +FollowSymLinks
   AllowOverride All
   Order Allow,Deny
   Allow from all
   Deny from .broad.pt.fj.dynamic.163data.com.cn


However this did not work - all requests are still 
being allowed in.
Note that the /opt/drupal-7 directory is a symlink to 
the actual
directory which has the full version number.

Also, since all the botnet requests are marked as 
HTTP/1.0, I tried to
restrict access to the user-registration pages using 
the protocol, as
follows:

SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req

Order Allow,Deny
Deny from env=BadReq


However this is blocking everything - HTTP/1.0 or 1.1. 
"/utenti" is the
prefix to the user registration page, password-reset 
page etc. I tried
changing around the Order, adding an "Allow from all" 
but in each case I
either end up blocking everyone or letting all requests 
through.

I'd appreciate any advice on how to implement the above 
or resolve this
issue in some other way.

--
Ramon Casha

Note: I have no control over the disclaimer message 
that will invariably
appear below.




DISCLAIMER 

The information transmitted in this message and any 
attachments is strictly confidential and intended only for the individual or 
entity to whom it is addressed.
Any form of unauthorised review, transmission, 
disclosure, publication, reproduction, modification or other use of, or the 
taking of any action in reliance upon any of the informati

RE: [users@httpd] Access control advice needed

[pratibha.dhankhar]

Hi All,


Can anyone please suggest steps to remove vulnerability OpenSSL "Heartbleed" 
Vulnerability
 in apache.



--
Regards
Pratibha
From: Ramon Casha [mailto:ramon.ca...@megabyte.net]
Sent: Wednesday, April 09, 2014 1:57 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Access control advice needed

To be honest I don't want to end up having to maintain the IP blocks that 
correspond to the computers that are sending the requests, which is why I tried 
using the partial domain name. The apache documentation seems to suggest this 
would work:

A (partial) domain-name
Example:
Allow from apache.org
Allow from .net example.edu
The server is running Linux so I've got iptables but, again, I want to avoid 
having to maintain the list of blocked IP addresses.

The thing is, the methods I described would take care of the problems if I 
could get them to work - blocking all HTTP/1.0 requests to a specific location, 
and/or blocking everyone from that server.

I am currently working around it by adding a bit of PHP code to the drupal 
settings.php file but I'd like it to be tackled earlier than that - in apache's 
access control or iptables for instance.


On Erb, 2014-04-09 at 10:44 +0300, Oren wrote:
Hi Ramon.
Why use apache for the block and not a firewall? its not apache related but i 
think its a better way of doing that.
You can add those addresses to blocking rules and reduce the load on the apache 
before they even reach it.
I am not sure which os you use but there are simple ways of doing that even if 
you dont have dedicated hardware.

Oren
On 04/09/2014 10:32 AM, Jan Vávra wrote:
Hello,
 try to use an IP address or subnet instead of 
.broad.pt.fj.dynamic.163data.com.cn

Jan.
I have a website running drupal which is currently under a continuous
botnet attack, which is causing major performance issues. I'm trying to
use apache's access control mechanism to block these requests.

Two characteristics of the attack requests are that they all use
HTTP/1.0, and a large percentage of them are within one domain.

When I look at my access log, most requests are coming in from:
134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
...etc.

i tried blocking access using Apache's Deny From as follows:


   Options +FollowSymLinks
   AllowOverride All
   Order Allow,Deny
   Allow from all
   Deny from .broad.pt.fj.dynamic.163data.com.cn


However this did not work - all requests are still being allowed in.
Note that the /opt/drupal-7 directory is a symlink to the actual
directory which has the full version number.

Also, since all the botnet requests are marked as HTTP/1.0, I tried to
restrict access to the user-registration pages using the protocol, as
follows:

SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req

Order Allow,Deny
Deny from env=BadReq


However this is blocking everything - HTTP/1.0 or 1.1. "/utenti" is the
prefix to the user registration page, password-reset page etc. I tried
changing around the Order, adding an "Allow from all" but in each case I
either end up blocking everyone or letting all requests through.

I'd appreciate any advice on how to implement the above or resolve this
issue in some other way.

--
Ramon Casha

Note: I have no control over the disclaimer message that will invariably
appear below.




DISCLAIMER

The information transmitted in this message and any attachments is strictly 
confidential and intended only for the individual or entity to whom it is 
addressed.
Any form of unauthorised review, transmission, disclosure, publication, 
reproduction, modification or other use of, or the taking of any action in 
reliance upon any of the information contained in this e-mail by individuals or 
entities other than the intended recipient is strictly prohibited.
If you are not the named addressee or the person responsible for delivering the 
message to the named addressee and have received this communication in error, 
you must not disclose the contents of this e-mail to any other person; or make 
any copies thereof. If you are not the named recipient please delete/destroy 
any and all copies that may exist, whether in electronic or hard copy for and 
notify us immediately on the phone number indicated above and provide us with 
details about the said e-mail received in error.
Since the Internet is not a secure medium Megabyte cannot guarantee the privacy 
or confidentiality of any e-mail communications transmitted. All messages sent 
to and from Megabyte Ltd may be monitored and/or recorded to ensure compliance 
with internal policies and procedures. We disclaim all responsibility and 
liability whatsoever in relation to any errors or omissions that may reveal 
themselves in this message and in relation to any damage that may result from 
any such errors or omissions. We disclaim all responsibility and liability for 
any damage that may aris

[users@httpd] OpenSSL "Heartbleed" Vulnerability (was:Re: [users@httpd] Access control advice needed)

[Didier Spaier]

On 09/04/2014 10:33, pratibha.dhank...@wipro.com wrote:

Hi All,

Can anyone please suggest steps to remove vulnerability *OpenSSL "Heartbleed" 
Vulnerability 
 *in 
apache.

--

Regards

*Pratibha ***



You should first upgrade to openssl 1.0.1g, or at least patch your openssl 
version.

That should be enough for httpd if dynamically linked to opensssl.

If instead httpd is statically linked to open ssl then you shopuld rebuild 
httpd against openssl 1.0.1g.

Of course you should re-issue possibly stolen certicates as well.

See http://heartbleed.com/ for more information.

HTH,

Didier


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] OpenSSL "Heartbleed" Vulnerability (was:Re: [users@httpd] Access control advice needed)

[Didier Spaier]

On 09/04/2014 10:33, pratibha.dhank...@wipro.com wrote:

Hi All,

Can anyone please suggest steps to remove vulnerability *OpenSSL "Heartbleed" 
Vulnerability 
 *in 
apache.

--

Regards

*Pratibha ***



You should first upgrade to openssl 1.0.1g, or at least patch your openssl 
version.

That should be enough for httpd if dynamically linked to opensssl.

If instead httpd is statically linked to open ssl then you shopuld rebuild 
httpd against openssl 1.0.1g.

Of course you should re-issue possibly stolen certificates as well.

See http://heartbleed.com/ for more information.

HTH,

Didier


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Access control advice needed

[Vávra Jan]

There could be a problem with reverse dns records. Eg. a hostname
www.example.com is translated to ip address x.x.x.x But if the Apache
Server asks what is the name of x.x.x.x adress, it could get nothing or  a
response www.somethingelse.com. So this could be your problem.

Jan.


2014-04-09 10:26 GMT+02:00 Ramon Casha :

>  To be honest I don't want to end up having to maintain the IP blocks
> that correspond to the computers that are sending the requests, which is
> why I tried using the partial domain name. The apache documentation seems
> to suggest this would work:
>
> A (partial) domain-name  *Example:* Allow from apache.org
> Allow from .net example.edu
> The server is running Linux so I've got iptables but, again, I want to
> avoid having to maintain the list of blocked IP addresses.
>
> The thing is, the methods I described would take care of the problems if I
> could get them to work - blocking all HTTP/1.0 requests to a specific
> location, and/or blocking everyone from that server.
>
> I am currently working around it by adding a bit of PHP code to the drupal
> settings.php file but I'd like it to be tackled earlier than that - in
> apache's access control or iptables for instance.
>
>
> On Erb, 2014-04-09 at 10:44 +0300, Oren wrote:
>
> Hi Ramon.
> Why use apache for the block and not a firewall? its not apache related
> but i think its a better way of doing that.
> You can add those addresses to blocking rules and reduce the load on the
> apache before they even reach it.
> I am not sure which os you use but there are simple ways of doing that
> even if you dont have dedicated hardware.
>
> Oren
>
>  On 04/09/2014 10:32 AM, Jan Vávra wrote:
>
>   Hello,
>  try to use an IP address or subnet instead of .
> broad.pt.fj.dynamic.163data.com.cn
>
> Jan.
>
>I have a website running drupal which is currently under a continuous
> botnet attack, which is causing major performance issues. I'm trying to
> use apache's access control mechanism to block these requests.
>
> Two characteristics of the attack requests are that they all use
> HTTP/1.0, and a large percentage of them are within one domain.
>
> When I look at my access log, most requests are coming in from:
> 134.230.153.27.broad.pt.fj.dynamic.163data.com.cn
> 129.199.159.27.broad.pt.fj.dynamic.163data.com.cn
> ...etc.
>
> i tried blocking access using Apache's Deny From as follows:
>
> 
>Options +FollowSymLinks
>AllowOverride All
>Order Allow,Deny
>Allow from all
>Deny from .broad.pt.fj.dynamic.163data.com.cn
> 
>
> However this did not work - all requests are still being allowed in.
> Note that the /opt/drupal-7 directory is a symlink to the actual
> directory which has the full version number.
>
> Also, since all the botnet requests are marked as HTTP/1.0, I tried to
> restrict access to the user-registration pages using the protocol, as
> follows:
>
> SetEnvIf Request_Protocol "^HTTP/1\.0$" Bad_Req
> 
> Order Allow,Deny
> Deny from env=BadReq
> 
>
> However this is blocking everything - HTTP/1.0 or 1.1. "/utenti" is the
> prefix to the user registration page, password-reset page etc. I tried
> changing around the Order, adding an "Allow from all" but in each case I
> either end up blocking everyone or letting all requests through.
>
> I'd appreciate any advice on how to implement the above or resolve this
> issue in some other way.
>
> --
> Ramon Casha
>
> Note: I have no control over the disclaimer message that will invariably
> appear below.
>
>
>
>
> *DISCLAIMER*
>
> *The information transmitted in this message and any attachments is
> strictly confidential and intended only for the individual or entity to
> whom it is addressed.*
> *Any form of unauthorised review, transmission, disclosure, publication,
> reproduction, modification or other use of, or the taking of any action in
> reliance upon any of the information contained in this e-mail by
> individuals or entities other than the intended recipient is strictly
> prohibited.*
> *If you are not the named addressee or the person responsible for
> delivering the message to the named addressee and have received this
> communication in error, you must not disclose the contents of this e-mail
> to any other person; or make any copies thereof. If you are not the named
> recipient please delete/destroy any and all copies that may exist, whether
> in electronic or hard copy for and notify us immediately on the phone
> number indicated above and provide us with details about the said e-mail
> received in error.*
> *Since the Internet is not a secure medium Megabyte cannot guarantee the
> privacy or confidentiality of any e-mail communications transmitted. All
> messages sent to and from Megabyte Ltd may be monitored and/or recorded to
> ensure compliance with internal policies and procedures. We disclaim all
> responsibility and liability whatsoever in relation to any errors or
> omissions that may reveal themselves in this message and in relation to any
> dama

Re: [users@httpd] compile error server/mpm//lib.la

[eMyListsDDg]

Hello Srinivasa,

linux/fedora 20

3.12.8-300.fc20.x86_64 #1 SMP Thu Jan 16 01:07:50 UTC 2014 x86_64 x86_64 x86_64 
GNU/Linux

thanks



>   
> What operating system are you using?
>  
> If You use Solaris,please use /usr/ccs/bin/make for to compile it or 
> /usr/sfw/bin/gmake ?
>  
> Please let me know How it is going on?
>  
> Thanks,
> Srinivas



>  
>  
>  Srinivasa Rao Katta(System Administrator),
>  skatt...@hotmail.com,
>   
>  

>  

>> Date: Tue, 8 Apr 2014 08:54:34 -0700
>> From: emylists...@gmail.com
>> To: users@httpd.apache.org
>> Subject: Re: [users@httpd] compile error server/mpm//lib.la

>> i'm using GNU Make 3.82

>> do you have some suggestions how to use make to help with this?  i'm no 
>> expert with this

>> thanks




>> > May beYou can use gnu make for to work on it.
>> > 
>> > Thanks,
>> > Srinivas


>> > 
>> > 
>> >  Srinivasa Rao Katta(System Administrator),
>> >  skatt...@hotmail.com,
>> > 
>> > 

>> > 


>> > Date: Sun, 6 Apr 2014 10:14:22 -0700
>> > From: emylists...@gmail.com
>> > To: users@httpd.apache.org
>> > Subject: [users@httpd] compile error server/mpm//lib.la


>> > [1]: *** No rule to make target `server/mpm//lib.la', needed by `httpd'.  
>> > Stop.

>> > i'm trying to compile apache 2.4.7. the ./configure process runs
>> > without error. when i run make i'm getting the above error message.
>> > 
>> > google search didn't turn up much to help me correct this.

>> > if you need the config.nice script or ?? let me know
>> > 



>> -- 
>> Bill
>> Key fingerprint = DB4D 251B FE8A BDCD 2BE4  E889 13F1 78D0 A386 B32B


>> ---
>> This email is free from viruses and malware because avast! Antivirus 
>> protection is active.
>> http://www.avast.com


>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org

>



-- 
Bill
Key fingerprint = DB4D 251B FE8A BDCD 2BE4  E889 13F1 78D0 A386 B32B


---
This email is free from viruses and malware because avast! Antivirus protection 
is active.
http://www.avast.com


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Escaping space in SetEnv

[Nawalramka, Priyanka]

Hi All,

I am trying to set an environment variable using SetEnv directive. I need to 
set a value containing space characters. Any help on how to escape spaces in 
the variable value?
For example:

SetEnv dir_root "/dir1/m1/s1/my dir"

I tried enclosing the value in quotations, escaping space using backslash, \040 
and \s. Nothing seems to be working.


Regards,
Priyanka