[users@httpd] httpd 2.4.12 ignoring net.ipv4.ip_local_port_range

2015-04-14 Thread Mike Peachey 
Hi all,

Will try to be concise:

OS: Amazon Linux 2015.03 x86_64
Precise package: httpd24-2.4.12-1.60.amzn1.x86_64

Apache httpd 2.4 in use as SSL proxy.

$ sysctl net.ipv4.ip_local_port_range
net.ipv4.ip_local_port_range = 3276861000

One remote client was unable to connect. Amazon subnet ACL in place
permitting response communication with the ephemeral port rage 32768-61000
as defined in /proc/sys/net/ipv4/ip_local_port_range and confirmed as above
by sysctl. Client successfully connected after enlarging subnet ACL to
permit responses on 1025-65536.

Once client connected (); the following shows in netstat

tcp0  0 ::::443  ::::63158TIME_WAIT   -
tcp0  0 ::::443  ::::63156TIME_WAIT   -
tcp0  0 ::::443  ::::63157TIME_WAIT   -
tcp0  0 ::::443  ::::42875 TIME_WAIT   -
tcp0  0 ::::443  ::::63159TIME_WAIT   -

This client is getting responses from httpd on ports 63156+

As far as I understand it this should not be permitted as the maximum local
port is set to 61000.

Bug? Feature?

Thanks in advance.
-- 
Mike Peachey
mike.peac...@port.im

Re: [users@httpd] Apache Installation

2015-04-14 Thread Richard 


 Original Message 
> Date: Tuesday, April 14, 2015 00:53:08 -0400
> From: Ethan Rosenberg 
> To: Apache Mailing List 
> Cc: 
> Subject: [users@httpd] Apache Installation
>
> Dear List -
> 
> After trying everything I could think of, and hitting a brick
> wall, I did a clean installation of Apache2.
> 
> Rebooted.
> 
> PING localhost (127.0.0.1) 56(84) bytes of data.
> 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.024
> ms
> 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.029
> ms
> ^C
> --- localhost ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 999ms
> rtt min/avg/max/mdev = 0.024/0.026/0.029/0.005 ms
> 
> http://127.0.0.1/start.php
> 
> The requested URL /start.php was not found on this server.
> 
> What am I doing wrong??
> 
> TIA
> 
> Ethan

 - your ping indicates the reachability/responsiveness of the
 host, it says nothing about a specific service.

 - that you got a "404" indicates that the httpd service is
 running/responding.

 - the "404" is indicating that the file "start.php" is not
 in the directory at the top of the document root of
 the "primary host" in your apache setup, or otherwise
 not accessible [if it's there and accessible, but php isn't
 properly configured you'll get the php source, rather than
 server-parsed output]:

 -- have you reviewed your apache configuration to be certain
of where the "document root" of your "primary host" is?

 -- have you checked to see if the file (start.php) is there
(and readable by user that apache runs as on your system)?

 -- have you checked your server logs (specifically the
error log in this case)?

you need to do basic troubleshooting -- we can't do it for you.




-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] AuthBasic Questions: Modify the pop-up message? Change auth cache time?

2015-04-14 Thread Tom Browder 
I now have basic authorization (under TLS) working okay, but I would
like to influence the user experience a bit via Apache behavior if
possible.

A few questions if you please:

1.  Can I modify the pop-up message?

2. Can I change the cache behavior of the access?

As it is, my Google Chrome keeps the authorization cached for a long
time unless I change settings.  I would like more control over that
server-side.

3.  Is there good book or article on clear examples for such security
issues with modern Apache?  The currently available books I have and
others I'm aware of are very old and do not address Apache 2.4.

Thanks.

Best regards,

-Tom

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Compile apache2.4 with mod_proxy_html/libxml2

2015-04-14 Thread Andre.Wendel 
Hello,

today I tried to compile the current apache 2.4.12 together with mod_proxy_html 
and xml2enc, but I ran into some problem with libxml2, which is currently not 
installed on the system and I'm not able to install the library in the system.

So what I did was to compile libxml2 as shared library with

./configure --prefix=//libxml2 --enable-shared=yes 
--with-python=no

After that I tried to build the apache with the following parameters:

./configure
...
  --enable-proxy-html \
  --enable-xml2enc \
  --with-libxml2=${apache_prefix}/libxml2

I also tried the following:

./configure
...
  --enable-proxy-html \
  --enable-xml2enc \
  --with-libxml2 \
  --with-libxml2-include=${apache_prefix}/libxml2/include \
  --with-libxml2-lib=${apache_prefix}/libxml2/lib

But every time the following error comes up,

...
checking whether to enable mod_deflate... shared
checking whether to enable mod_xml2enc... checking dependencies
checking for libxml2... checking for libxml2... no
checking whether to enable mod_xml2enc... configure: error: mod_xml2enc has 
been requested but can not be built due to prerequisite failures
...

Does somebody have any idea, what is the problem or which configuration I need 
to set, so that I can build the apache with mod_proxy_html support. But I don't 
need to install libxml2 on the system? Is there any additional compiler setting 
needed?

Thanky & Best regards,
André

Re: [users@httpd] Apache Installation

2015-04-14 Thread Ethan Rosenberg 

On 04/14/2015 07:29 AM, Richard wrote:



 Original Message 

  - your ping indicates the reachability/responsiveness of the
  host, it says nothing about a specific service.

  - that you got a "404" indicates that the httpd service is
  running/responding.

  - the "404" is indicating that the file "start.php" is not
  in the directory at the top of the document root of
  the "primary host" in your apache setup, or otherwise
  not accessible [if it's there and accessible, but php isn't
  properly configured you'll get the php source, rather than
  server-parsed output]:

  -- have you reviewed your apache configuration to be certain
 of where the "document root" of your "primary host" is?

  -- have you checked to see if the file (start.php) is there
 (and readable by user that apache runs as on your system)?

  -- have you checked your server logs (specifically the
 error log in this case)?

you need to do basic troubleshooting -- we can't do it for you.


Richard -

Thanks.

"you need to do basic troubleshooting -- we can't do it for you"

Totally agree.  However, in this case, I did not know what to do.  I am NOT an 
expert programmer.

Sorry for the questions that follow, but I am still in the dark

-- have you reviewed your Apache configuration to be certain
  of where the "document root" of your "primary host" is?

Looked in Apache2.conf and did not see any reference to primary host or 
document root.

start.php is in /var/www

made the following change in /etc/apache2/sites-available/default-ssl.conf

DocumentRoot /var/www/


root@meow:/var/log# cat apache2/error.log
  '
[Tue Apr 14 00:51:10.502172 2015] [:error] [pid 7610] [client ::1:53486] script 
'/var/www/html/start.php' not found or unable to stat


restarted Apache2

root@meow:/var/www# ls -l start.php
-rw-r--r-- 1 ethan ethan 1047 Mar 31 23:54 start.php
root@meow:/var/www# chmod 777  start.php
root@meow:/var/www# ls -l start.php
-rwxrwxrwx 1 ethan ethan 1047 Mar 31 23:54 start.php

403 error???

TIA

Ethan



-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache Installation

2015-04-14 Thread Hendrik Schmieder 

Ethan Rosenberg schrieb:

On 04/14/2015 07:29 AM, Richard wrote:



 Original Message 

- your ping indicates the reachability/responsiveness of the
host, it says nothing about a specific service.

- that you got a "404" indicates that the httpd service is
running/responding.

- the "404" is indicating that the file "start.php" is not
in the directory at the top of the document root of
the "primary host" in your apache setup, or otherwise
not accessible [if it's there and accessible, but php isn't
properly configured you'll get the php source, rather than
server-parsed output]:

-- have you reviewed your apache configuration to be certain
of where the "document root" of your "primary host" is?

-- have you checked to see if the file (start.php) is there
(and readable by user that apache runs as on your system)?

-- have you checked your server logs (specifically the
error log in this case)?

you need to do basic troubleshooting -- we can't do it for you.


Richard -

Thanks.

"you need to do basic troubleshooting -- we can't do it for you"

Totally agree. However, in this case, I did not know what to do. I am
NOT an expert programmer.

Sorry for the questions that follow, but I am still in the dark

-- have you reviewed your Apache configuration to be certain
of where the "document root" of your "primary host" is?

Looked in Apache2.conf and did not see any reference to primary host or
document root.

start.php is in /var/www

made the following change in /etc/apache2/sites-available/default-ssl.conf

DocumentRoot /var/www/


root@meow:/var/log# cat apache2/error.log
'
[Tue Apr 14 00:51:10.502172 2015] [:error] [pid 7610] [client ::1:53486]
script '/var/www/html/start.php' not found or unable to stat

restarted Apache2

root@meow:/var/www# ls -l start.php
-rw-r--r-- 1 ethan ethan 1047 Mar 31 23:54 start.php
root@meow:/var/www# chmod 777 start.php
root@meow:/var/www# ls -l start.php
-rwxrwxrwx 1 ethan ethan 1047 Mar 31 23:54 start.php

403 error???

TIA

Ethan



Apache is looking for
/var/www/html/start.php
and not for
/var/www/start.php

  Hendrik


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] About installing Apache web server

2015-04-14 Thread Stephen Liu 

Hi all,

Does Apache web server need X (X window) to run?  Can I install it on server 
without X, not on desktop? If YES then how can I test the web server locally 
without a GUI browser?  w3m/elinks/lynx etc only displays the web page as text. 
 Please advise.

Regards
Stephen L

Re: [users@httpd] About installing Apache web server

2015-04-14 Thread Daniel 
2015-04-14 16:56 GMT+02:00 Stephen Liu :

>
> Hi all,
>
> Does Apache web server need X (X window) to run?  Can I install it on
> server without X, not on desktop? If YES then how can I test the web server
> locally without a GUI browser?  w3m/elinks/lynx etc only displays the web
> page as text.  Please advise.
>
> Regards
> Stephen L
>
>
You should start here:

http://httpd.apache.org/docs/current/invoking.html

and here:

http://httpd.apache.org/docs/current/getting-started.html


-- 
*Daniel Ferradal*
IT Specialist

email dferradal at gmail.com
linkedin es.linkedin.com/in/danielferradal

Re: [users@httpd] About installing Apache web server

2015-04-14 Thread Yehuda Katz 
Apache HTTPD runs perfectly fine without X (and that is probably how most
users have it).
If lynx or any other text browser shows output, then Apache is working. The
browser you use has nothing to do with how Apache works.
The only other option is to test from another computer.

- Y

On Tue, Apr 14, 2015 at 10:56 AM, Stephen Liu 
wrote:

>
> Hi all,
>
> Does Apache web server need X (X window) to run?  Can I install it on
> server without X, not on desktop? If YES then how can I test the web server
> locally without a GUI browser?  w3m/elinks/lynx etc only displays the web
> page as text.  Please advise.
>
> Regards
> Stephen L
>
>

Re: [users@httpd] About installing Apache web server

2015-04-14 Thread Lester Caine 
On 14/04/15 15:56, Stephen Liu wrote:
> Does Apache web server need X (X window) to run?  Can I install it on
> server without X, not on desktop? If YES then how can I test the web
> server locally without a GUI browser?  w3m/elinks/lynx etc only displays
> the web page as text.  Please advise.

Don't need any graphics interface loaded to run Apache or any of the
related server stack. But you do need to learn about command line tools
to manage things. Just which command line management tools will depend
on your distribution, but I have several remote machine which I only
access via ssh and then use things like phpinfo to test things over the
internet. You only need to know that the server is running and then you
can access it remotely as web pages.

-- 
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Compile apache2.4 with mod_proxy_html/libxml2

2015-04-14 Thread Rainer Jung 

Am 14.04.2015 um 16:34 schrieb andre.wen...@bmw.de:

Hello,

today I tried to compile the current apache 2.4.12 together with
mod_proxy_html and xml2enc, but I ran into some problem with libxml2,
which is currently not installed on the system and I’m not able to
install the library in the system.

So what I did was to compile libxml2 as shared library with

./configure --prefix=//libxml2 --enable-shared=yes
--with-python=no

After that I tried to build the apache with the following parameters:

./configure

…

   --enable-proxy-html \

   --enable-xml2enc \

   --with-libxml2=${apache_prefix}/libxml2



I also tried the following:

./configure

…

   --enable-proxy-html \

   --enable-xml2enc \

   --with-libxml2 \

   --with-libxml2-include=${apache_prefix}/libxml2/include \

   --with-libxml2-lib=${apache_prefix}/libxml2/lib

But every time the following error comes up,

…

checking whether to enable mod_deflate... shared

checking whether to enable mod_xml2enc... checking dependencies

checking for libxml2... checking for libxml2... no

checking whether to enable mod_xml2enc... configure: error: mod_xml2enc
has been requested but can not be built due to prerequisite failures

…

Does somebody have any idea, what is the problem or which configuration
I need to set, so that I can build the apache with mod_proxy_html
support. But I don’t need to install libxml2 on the system? Is there any
additional compiler setting needed?


Try

   --with-libxml2=${apache_prefix}/libxml2/include/libxml2

(in my libxml2 installation all header files are in a directory 
.../include/libxml2/libxml which should be the default layout of libxml2).


In addition set the following envvars:

MOD_XML2ENC_LDADD="-L${apache_prefix}/libxml2/lib 
-R${apache_prefix}/libxml2/lib"


export MOD_XML2ENC_LDADD

MOD_PROXY_HTML_LDADD="-L${apache_prefix}/libxml2/lib 
-R${apache_prefix}/libxml2/lib"


export MOD_PROXY_HTML_LDADD

(the -R is optional for setting the RUNPATH in the binary module file).

Regards,

Rainer

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] 回覆︰ [users@httpd] About installing Apache web server

2015-04-14 Thread Stephen Liu 
Hi all,

Thanks for your advice.

I couldn't resolve how to test the website locally.  

1)
If installing the website on a Desktop running on a VM/guest of Virtualbox/KVM 
on local GUI browser I can browse the website by running /localhost/domain.  

2)
If installing the website on a server without X then running a text browser 
such as w3m/elinks only text are displayed on the terminal.

Regards
Stephen L 


 Lester Caine  於 2015年04月14日 (週二) 11:11 PM 寫道﹕
   
 

 On 14/04/15 15:56, Stephen Liu wrote:
> Does Apache web server need X (X window) to run?  Can I install it on
> server without X, not on desktop? If YES then how can I test the web
> server locally without a GUI browser?  w3m/elinks/lynx etc only displays
> the web page as text.  Please advise.

Don't need any graphics interface loaded to run Apache or any of the
related server stack. But you do need to learn about command line tools
to manage things. Just which command line management tools will depend
on your distribution, but I have several remote machine which I only
access via ssh and then use things like phpinfo to test things over the
internet. You only need to know that the server is running and then you
can access it remotely as web pages.

-- 
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] httpd 2.4.12 ignoring net.ipv4.ip_local_port_range

2015-04-14 Thread Eric Covener 
On Tue, Apr 14, 2015 at 6:49 AM, Mike Peachey  wrote:
> This client is getting responses from httpd on ports 63156+

The server side of the connection uses a well-known listening port,
443.  Clients use those high ephemeral ports.  I don't think tuning an
ephemeral port range on the server does anything unless you use
mod_proxy for outbound connections.



-- 
Eric Covener
cove...@gmail.com

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] 回覆︰ [users@httpd] About installing Apache web server

2015-04-14 Thread Lester Caine 
On 14/04/15 16:22, Stephen Liu wrote:
> If installing the website on a server without X then running a text
> browser such as w3m/elinks only text are displayed on the terminal.

You need to have a network connection available TO the location where
you are running Apache. You will only talk to the web server via a port
80 connection, and if you can't see that ...

You need a graphics based browser to access that werver if you want to
see more than text, but the server itself does not need anything other
than Apache running to serve up web pages.

I'm not quite sure what you are trying to achieve? If you WANT to use a
graphic browser on the server then you need a desktop, but APACHE does
not need the desktop, only the browser. You can chck the text logs and
status to verify that the server is running, and test graphic pages via
a remote browser.

-- 
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] 回覆︰ [users@httpd] 回覆︰ [users@httpd] About installing Apache web server

2015-04-14 Thread Stephen Liu 
Hi Lester,

Thanks for your advice.

In the past I installed LAMP on desktop.  Running its web browser I can edit 
the webpage/website without problem.  Now I install LAMP on Ubuntu server 
without X I have no way to edit the webpage locally.  Maybe I have to edit it 
remotely on another machine/guest.  

I make this change because of security reason.  On googling I found some 
suggestion mentioning that without X/GUI it is more secure.

Regards
Stephen L 



 Lester Caine  於 2015年04月15日 (週三) 12:37 AM 寫道﹕
   
 

 On 14/04/15 16:22, Stephen Liu wrote:
> If installing the website on a server without X then running a text
> browser such as w3m/elinks only text are displayed on the terminal.

You need to have a network connection available TO the location where
you are running Apache. You will only talk to the web server via a port
80 connection, and if you can't see that ...

You need a graphics based browser to access that werver if you want to
see more than text, but the server itself does not need anything other
than Apache running to serve up web pages.

I'm not quite sure what you are trying to achieve? If you WANT to use a
graphic browser on the server then you need a desktop, but APACHE does
not need the desktop, only the browser. You can chck the text logs and
status to verify that the server is running, and test graphic pages via
a remote browser.

-- 
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] 回覆︰ [users@httpd] 回覆︰ [users@httpd] About installing Apache web server

2015-04-14 Thread Lester Caine 
On 14/04/15 17:54, Stephen Liu wrote:
> In the past I installed LAMP on desktop.  Running its web browser I can
> edit the webpage/website without problem.  Now I install LAMP on Ubuntu
> server without X I have no way to edit the webpage locally.  Maybe I
> have to edit it remotely on another machine/guest. 
> 
> I make this change because of security reason.  On googling I found some
> suggestion mentioning that without X/GUI it is more secure.

Less entry points to attack, but in my case, the servers are 100 miles
away so I don't need a desktop actually on the machines. Yes - you use
another machine to do the GUI work.

-- 
Lester Caine - G8HFL
-
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache is Slow

2015-04-14 Thread Jim Jagielski 
I have some suggestions: I hope some work.

It's likely that we are seeing some sort of timeout issue,
on the PHP side, resulting in the standard PHP "blank screen
of death". Or, it is also possible that PHP somewhere is
using output buffering itself, which is also causing an
error. Why Apache itself would "hang", I'm no so sure.

If you can provide more info, I may be able to dig deeper.

> On Apr 13, 2015, at 12:03 AM, Ethan Rosenberg 
>  wrote:
> 
> On 03/31/2015 10:50 AM, Jim Jagielski wrote:
> 
> 
> 
> I'm afraid that we have to revisit this issue.
> 
> I've tried everything I can think of and am hitting a blank wall.
> 
> To restate, Apache is hanging and I cannot find the error.
> 
> If I have a script that does not connect to a database,and does not have a 
> HTML header it works...
> 
>  
> /*
> * To change this license header, choose License Headers in Project Properties.
> * To change this template file, choose Tools | Templates
> * and open the template in the editor.
> */
> 
> //ENTER YOUR DATABASE CONNECTION INFO BELOW:
> $hostname="localhost";
> $database="Store";
> $username="ethan";
> $password="RbR3908";
> 
> global $i;
> 
> //DO NOT EDIT BELOW THIS LINE
> $link = mysqli_connect($hostname, $username, $password);
> if (!$link) {
> die('Connection failed: ' . mysql_error());
> }
> else{
> echo "Connection to MySQL server " .$hostname . " successful!
> " . PHP_EOL;
> }
> 
> $db_selected = mysqli_select_db($link, $database);
> if (!$db_selected) {
>die ('Can\'t select database: ' . mysqli_error());
> }
> else {
>echo 'Database ' . $database . ' successfully selected!';
> }
> 
> ?>
> 
> If I try this
> 
>  session_name("STORE");
> session_set_cookie_params( '24000', '/' );
> session_start();
> ?>
> 
>  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
> http://www.w3.org/1999/xhtml";>
> 
>
>Handle Weight
>   
>   
>   body{
>   background-color: #89caeb;
>   width:100%;
>   height:100%;
>   position: relative;
>   font-family: "Helvetica", "Arial" , "Liberation Sans", 
> "Free sans", sans-serif;
>   overflow-y: scroll;
>   }   
>   
>   
>
>   
> 
>   
>   
> Handle Weight
>   
>   
> 
> It never prints the header.
> 
> If this helps... the lasdt line in my Apache configuration file is
> 
> ServerName 127.0.0.1:80
> 
> Would  you please suggest some debugging steps I can take.
> 
> 
> TIA
> 
> Ethan
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] mod_reqtimeout question:

2015-04-14 Thread Jim Jagielski 
By persistent, do you mean one that was held open via
standard HTTP keepalive?

Thx
> On Apr 13, 2015, at 9:29 AM, Brian McBride  wrote:
> 
> Not having had a response to this question I'm left wondering whether I've 
> screwed up maybe by not asking a clear question or asking in the wrong place. 
>  Or maybe I just asked it at a bad time or I'm just out of luck and no one is 
> motivated to respond.
> 
> Brian
> 
> 
> On 02/04/15 15:43, Brian McBride wrote:
>> Given an apache 2.4 server with:
>> 
>>  ReadRequestTimeout header=60-65,rate=500
>> 
>> When a client opens a persistent connection to that server, does the request 
>> timeout apply to
>> 
>>  a) each request sent down the connection individually, or
>>  b) the whole connection, i.e. the connection will close after 65 seconds of 
>> reading requests even if there
>>  are more requests ready to send
>> 
>> Background:
>> 
>> I have two apache 2.4 servers, one acting as a reverse proxy for the other.  
>> Both have mod_reqtimeout enabled.
>> 
>> The reverse proxy is using persistent connections to talk to the backend.
>> 
>> I have applied a steady test load of 1 request per second; requests are 
>> quick to process in the backend
>> 
>> I'm getting 502 errors from the front end.  It appears that the backend is 
>> closing the connections, though its hard to be sure which end is.
>> 
>> The rate of 502 errors reduces the longer I make the ReadRequestTimeout.  I 
>> get no errors if I disable mod_reqtimeout. It looks like the backend is 
>> closing then connections after about N seconds where N is the timeout value, 
>> even in the presence of a steady load.
>> 
>> MaxKeepAliveRequests and KeepAliveTimeout are set very high.
>> 
>> I'm pretty new to this sort of thing.  I'd appreciate any thoughts or 
>> guidance.
>> 
>> Brian
>> 
>> 
>> 
>> 
>> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] mod_reqtimeout question:

2015-04-14 Thread Brian McBride 

Hi Jim,

Thanks for responding.

Short answer: yes - the client is using http keep alive to keep a 
persist connection open to the server.


Brian

On 14/04/15 19:38, Jim Jagielski wrote:

By persistent, do you mean one that was held open via
standard HTTP keepalive?

Thx

On Apr 13, 2015, at 9:29 AM, Brian McBride  wrote:

Not having had a response to this question I'm left wondering whether I've 
screwed up maybe by not asking a clear question or asking in the wrong place.  
Or maybe I just asked it at a bad time or I'm just out of luck and no one is 
motivated to respond.

Brian


On 02/04/15 15:43, Brian McBride wrote:

Given an apache 2.4 server with:

  ReadRequestTimeout header=60-65,rate=500

When a client opens a persistent connection to that server, does the request 
timeout apply to

  a) each request sent down the connection individually, or
  b) the whole connection, i.e. the connection will close after 65 seconds of 
reading requests even if there
  are more requests ready to send

Background:

I have two apache 2.4 servers, one acting as a reverse proxy for the other.  
Both have mod_reqtimeout enabled.

The reverse proxy is using persistent connections to talk to the backend.

I have applied a steady test load of 1 request per second; requests are quick 
to process in the backend

I'm getting 502 errors from the front end.  It appears that the backend is 
closing the connections, though its hard to be sure which end is.

The rate of 502 errors reduces the longer I make the ReadRequestTimeout.  I get 
no errors if I disable mod_reqtimeout. It looks like the backend is closing 
then connections after about N seconds where N is the timeout value, even in 
the presence of a steady load.

MaxKeepAliveRequests and KeepAliveTimeout are set very high.

I'm pretty new to this sort of thing.  I'd appreciate any thoughts or guidance.

Brian







-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] AuthBasic Questions: Modify the pop-up message? Change auth cache time?

2015-04-14 Thread Pete Houston 
On Tue, Apr 14, 2015 at 07:14:55AM -0500, Tom Browder wrote:
> I now have basic authorization (under TLS) working okay, but I would
> like to influence the user experience a bit via Apache behavior if
> possible.
> 
> A few questions if you please:
> 
> 1.  Can I modify the pop-up message?

Possibly. You can change the AuthName in the apache config and many
browsers will display that to the users. There's no obligation on the
browser to do that, however.

> 2. Can I change the cache behavior of the access?
> 
> As it is, my Google Chrome keeps the authorization cached for a long
> time unless I change settings.  I would like more control over that
> server-side.

Not without resorting to something really ropey. If you are keen to enable
such levels of customisation it is probably time to start looking beyond
Basic Auth and consider using server-side sessions and passing tokens
either via cookies or in the URLs.

Good luck,

Pete
-- 
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107


pgpO_JgsDzRAo.pgp
Description: PGP signature

Re: [users@httpd] AuthBasic Questions: Modify the pop-up message? Change auth cache time?

2015-04-14 Thread Tom Browder 
On Tue, Apr 14, 2015 at 2:11 PM, Pete Houston  wrote:
...
> Good luck,

Thanks, Pete, that's what I was afraid of.  I hope mod_perl get
released for Apache 2.4 soon!

Best,

-Tom

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Apache ldaps ceritificate directive issue

2015-04-14 Thread John Beaulaurier -X (jbeaulau - ADVANCED NETWORK INFORMATION INC at Cisco) 
Hello,

We're running Server version: Apache/2.0.63 that needs to be configured for 
LDAPS. I have run into an issue with the certificate directives.

I have a .pem file with the trusted ca-certs, but when I configure httpd.conf 
to use it with the directives "LDAPTrustedCA /local/.pem" and  
"LDAPTrustedCAType BASE64_FILE"
The following error occurs.

Syntax error on line 349 of /local/apache/conf/httpd.conf:
LDAPTrustedCA not allowed here

This is a directive for this Apache release, so I'm not sure why.

Thanks
-John

Re: [users@httpd] Apache Installation

2015-04-14 Thread Ethan Rosenberg 

On 04/14/2015 10:45 AM, Hendrik Schmieder wrote:

Ethan Rosenberg schrieb:

On 04/14/2015 07:29 AM, Richard wrote:




made the following change in /etc/apache2/sites-available/default-ssl.conf

DocumentRoot /var/www/


root@meow:/var/log# cat apache2/error.log
'
[Tue Apr 14 00:51:10.502172 2015] [:error] [pid 7610] [client ::1:53486]
script '/var/www/html/start.php' not found or unable to stat

restarted Apache2





With this


#   Options Indexes FollowSymLinks
#   AllowOverride None
#   Require all granted


I get a 403 error

With this


   Options Indexes FollowSymLinks
   AllowOverride None
   Require all granted


I get a 404 error

In /etc/apache2/sites-available/default-ssl.conf

I have

DocumentRoot /var/www/

TIA

Ethan

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] My Comments

2015-04-14 Thread Ethan Rosenberg 

Dear List -

We are here to help each other. None of us are forced to explain why we are doing something, nor do 
any of us have resumes of everybody on the site.


I am well aware that the programmers who are answering the queries are expert programmers with years 
of experience.  I do not fit into either of the above categories. When I am lost, I have tried 
everything I could, e.g, Dr. Google and many other useful sites.


For all of us in the same or similar boats, I respectfully request that we not be told to read the 
man pages or do appropriate debugging.  A guide to the appropriate sites, command line queries, etc, 
would be much appreciated.  Then we can dig it out for ourselves and learn.


Thank you for your patience in reading this.

Ethan

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache Installation

2015-04-14 Thread Eric Covener 
On Tue, Apr 14, 2015 at 10:36 AM, Ethan Rosenberg
 wrote:
> [Tue Apr 14 00:51:10.502172 2015] [:error] [pid 7610] [client ::1:53486]
> script '/var/www/html/start.php' not found or unable to stat

Something non-standard under /etc/apache2 or /.htaccess or
/var/.htaccess or /var/www/.htaccess is mapping that request of
/start.php to /var/www/html/start.php. I'd look at anything matching
"html" or php in those configuration files and see what turns up.
You should be familiar with grep -ri of configuration files.


-- 
Eric Covener
cove...@gmail.com

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache Installation

2015-04-14 Thread Yehuda Katz 
On Tue, Apr 14, 2015 at 9:05 PM, Eric Covener  wrote:

> On Tue, Apr 14, 2015 at 10:36 AM, Ethan Rosenberg
>  wrote:
> > [Tue Apr 14 00:51:10.502172 2015] [:error] [pid 7610] [client ::1:53486]
> > script '/var/www/html/start.php' not found or unable to stat
>
> Something non-standard under /etc/apache2 or /.htaccess or
> /var/.htaccess or /var/www/.htaccess is mapping that request of
> /start.php to /var/www/html/start.php. I'd look at anything matching
> "html" or php in those configuration files and see what turns up.
> You should be familiar with grep -ri of configuration files.
>

That looks like the "standard" Debian/Ubuntu configuration starting with
2.4.
The DocumentRoot is probably in /etc/apache2/sites-enabled/000-default.conf

- Y

Re: [users@httpd] Apache ldaps ceritificate directive issue

2015-04-14 Thread Otis Dewitt - NOAA Affiliate 
[image: top] 
LDAPTrustedCA DirectiveDescription:
Sets
the file containing the trusted Certificate Authority certificate or
databaseSyntax:

LDAPTrustedCA directory-path/filenameContext:
server
configStatus:
Experimental
Module: 
mod_ldap

It specifies the directory path and file name of the trusted CA mod_ldap
 should use when
establishing an SSL connection to an LDAP server. If using the
Netscape/iPlanet Directory SDK, the file name should be cert7.db.
[image: top] 
LDAPTrustedCAType DirectiveDescription:
Specifies
the type of the Certificate Authority fileSyntax:

LDAPTrustedCAType typeContext:
server
configStatus:
Experimental
Module: 
mod_ldap

The following types are supported:
DER_FILE - file in binary DER format
BASE64_FILE - file in Base64 format
CERT7_DB_PATH - Netscape certificate database file ")

Note: Add here:
  vi  /etc/http/conf.d/ca.conf

On Tue, Apr 14, 2015 at 7:49 PM, John Beaulaurier -X (jbeaulau - ADVANCED
NETWORK INFORMATION INC at Cisco)  wrote:

>  Hello,
>
>
>
> We’re running Server version: Apache/2.0.63 that needs to be configured
> for LDAPS. I have run into an issue with the certificate directives.
>
>
>
> I have a .pem file with the trusted ca-certs, but when I configure
> httpd.conf to use it with the directives “LDAPTrustedCA /local/.pem” and
>  “LDAPTrustedCAType BASE64_FILE”
>
> The following error occurs.
>
>
>
> Syntax error on line 349 of /local/apache/conf/httpd.conf:
>
> LDAPTrustedCA not allowed here
>
>
>
> This is a directive for this Apache release, so I’m not sure why.
>
>
>
> Thanks
>
> -John
>
>
>

[users@httpd] Failed to load perl file when restarting Apache 2.2.29 with mod_perl 2.0.8

2015-04-14 Thread Sailaja Gadireddy 
Hello Team,


We have installed Apache with mod_perl 2.0.8 and facing the issue when
restarting apache.

Below is the error


*ld.so.1: httpd: fatal: relocation error: file
/opt/pgm/perl/5.10.0/lib/site_perl/5.10.0/sun4-solaris-thread-multi/auto/ARS/ARS.so:
symbol Perl_Istack_sp_ptr: referenced symbol not found*
Please suggest me the way forward to fix the issue.

Thanks & Regards,
Sailaja

  PerlRequire "/opt/app/ars/ovsc/perl/startup.pl"
PerlModule ModPerl::Registry
PerlModule Apache2::compat
PerlModule Apache2::ServerRec
PerlModule WIH::CaseExchange

AuthTypeBasic
AuthNameCaseExchange
AuthUserFile/opt/web/apache/app/ars/conf/passwd
require valid-user
SetHandler modperl
PerlResponseHandler WIH::CaseExchange


SetHandler modperl
PerlResponseHandler WIH::CaseExchange



-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org