Re: [users@httpd] Re: Special characters in password for mod_dbd
Thank you I was looking for such info and didn't found. Why so much chars left for params split? Should I fire a request or this will not be changed in future by concept? On 20.08.2018 22:14, Christophe JAILLET wrote: This seems to be mysql APR driver specific. For some reasons, in APR, in function dbd_mysql_open(), fields are split according to delimiters in: static const char *const delims = " \r\n\t;|,"; See Remarks about MySQL at: http://apr.apache.org/docs/apr-util/1.6/group___a_p_r___util___d_b_d.html#gabddb1fdcb2f8a5f5b83127485c78e8ae According to the code, there is no way to avoid the "incorrect" split of the DBDParams parameter. I guess that your best option is to modify the password. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache HTTPD not responding after running for several days
Hi Eric, Thanks for the info. Since Apr-1.6.4, which should contain the patch, is not yet available as a stable release, I'll try even older Apr versions. I'm not sure whether it is a problem of Apr. Thanks. Regards, Eric On Mon, 20 Aug 2018 at 19:34, Eric Covener wrote: > On Mon, Aug 20, 2018 at 1:56 AM Eric . wrote: > > > > Hi Yann and all, > > > > Understood that Apr-1.6.3 had a bug in Solaris, I compiled Apache 2.4.34 > with apr-1.6.2 and apr-util-1.6.0 , but the problem still occurred. > > > > I don't think the bug was introduced in 1.6.3. That's just where it > was reported. You need the patch. > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >
Re: [users@httpd] Problem setting up ssl
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID): > root@webshub:~# grep IfModule /etc/apache2/sites-available/default-ssl.conf > # > # Ok. > root@webshub:~# apachectl -S > AH00558: apache2: Could not reliably determine the server's fully qualified > domain name, using 127.0.1.1. Set the 'ServerName' directive globally to > suppress this message > VirtualHost configuration: > *:80 127.0.1.1 > (/etc/apache2/sites-enabled/000-default.conf:1) > ServerRoot: "/etc/apache2" I would expect a *:443 line here too. Somehow your config is not being parsed and Apache is not showing the SSL :443 vhost configuration. -- | My Bonnie looked into a gas tank, the height of its contents to see! | She lit a small match to assist her, oh bring back my Bonnie to me. | 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2 - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Problem setting up ssl
Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID): > >Is default-ssl site "enabled" via the debian/ubuntu tools e.g. a2ensite? > # a2ensite default-ssl > Enabling site default-ssl. Well, there ya go. > Now, when I open https://w.x.y.z in firefox, I get > Your connection is not secure This is because SSL-certs require domain names and don't work properly with 'bare IP addresses'. You'll never get that fixed unless you start using a domainname and a correct certificate (LetsEncrypt for example). -- | I'm a lousy dancer but my moods are swinging! | 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2 - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Buffer in apache
Hi All, I want to use buffer of 512B in apache . I am using mod_proxy_http to send request to tomcat and have set ProxyIOBufferSize 512. But it is sending message to tomcat with size greater than 512B. How should I control apache in proxy so that it will send message and receive with max buffer size of 512B. Thanks Hemant
Re: [users@httpd] Problem setting up ssl
>This is because SSL-certs require domain names and don't work properly >with 'bare IP addresses'. You'll never get that fixed unless you start >using a domainname and a correct certificate (LetsEncrypt for example). Thank you very much for the help. Regards, Mahmood
[users@httpd] Basic question about https
Hi, It is possible to have http://sub.somewhere/portal1 and https://sub.somewhere/portal2 For that, I have to define a document root in 000-default.conf and an entry for portal1 and then define an entry for portal2 in default-ssl.conf. Is that a valid configuration? Or I have to define all directories in either 000-default.conf (http) or default-ssl.conf (https)? Regards, Mahmood
Re: [users@httpd] Problem setting up ssl
Hi Sander, Nice to meet you. Based on your response here, you seem to be more educated with respect to web security and SSLs. I’m working on developing a startup that eliminates the difficulty obtaining and installing SSL certs. The process is overly complicated and ripe for disruption. If this is something of interest to you, please send me your LinkedIn url and/or CV and some good days/times to chat. Thanks, Tony On Tue, Aug 21, 2018 at 4:12 AM Sander Smeenk wrote: > Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID): > > > >Is default-ssl site "enabled" via the debian/ubuntu tools e.g. > a2ensite? > > # a2ensite default-ssl > > Enabling site default-ssl. > > Well, there ya go. > > > Now, when I open https://w.x.y.z in firefox, I get > > Your connection is not secure > > This is because SSL-certs require domain names and don't work properly > with 'bare IP addresses'. You'll never get that fixed unless you start > using a domainname and a correct certificate (LetsEncrypt for example). > > -- > | I'm a lousy dancer but my moods are swinging! > | 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2 > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
Re: [users@httpd] Problem setting up ssl
On 2018-08-20 01:38 PM, Mahmood Naderan wrote: [snip] Now, when I open https://w.x.y.z in firefox, I get Your connection is not secure The owner of 5.57.36.104 has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. > So, I have to click on advanced and then "add exception". Is that related to apache configuration? Apache? No -- it's related to what Firefox says on that page: 5.57.36.104 uses an invalid security certificate. The certificate is not trusted because it was signed using a signature algorithm that was disabled because that algorithm is not secure. The certificate is only valid for the following names: *.scu.ac.ir, scu.ac.ir and even then *it's_not_valid* -- a little further digging comes up with: scu.ac.ir uses an invalid security certificate. The certificate is only valid for *.scu.ac.ir The certificate expired on 2017-01-18 04:22 AM. The current time is 2018-08-21 10:38 AM. which suggests to me that your certificate (or the one you are attempting to use) expired some twenty months ago... Paul - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Apache/php: Max number of open files
Hello, I'm struggeling with the maximum number of open files in a php script executed through the apache web server. I have done two tests - one from shell and one through the apache web server. Both tests open as many files as possible in a given folder (named a-1.dat, a-2.dat and so on). The initial test resulted in 1006 open files through the apache web server, and about 1020 from the shell. By playing with the /etc/security/limits.conf and /etc/sysctl.conf I managed to increase the number of files from the shell to about 2000 (then the limit was set to 8190 files (soft limit was 8192 in /etc/security/limits.conf). But through the apache web server, it is still only 1006. The content of /etc/security/limits.conf: * soft nofile 8192 * hard nofile 16348 apache soft nofile 8192 apache hard nofile 16348 The apache web server was restarted after I changed the /etc/security/limits.conf file. I executed 'print_r(posix_getrlimit())' in a php script through the apache web server and got this output: Array ( [soft core] => unlimited [hard core] => unlimited [soft data] => unlimited [hard data] => unlimited [soft stack] => 8388608 [hard stack] => unlimited [soft totalmem] => unlimited [hard totalmem] => unlimited [soft rss] => unlimited [hard rss] => unlimited [soft maxproc] => 62856 [hard maxproc] => 62856 [soft memlock] => 65536 [hard memlock] => 65536 [soft cpu] => unlimited [hard cpu] => unlimited [soft filesize] => unlimited [hard filesize] => unlimited [soft openfiles] => 1024 [hard openfiles] => 4096 ) For me it seems like php is setting a limit, or?? I'm using php 7.0.25 and apache 2.4.27 -- Jørn Dahl-Stamnes homepage: http://www.dahl-stamnes.net/dahls/ - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Re: Special characters in password for mod_dbd
Hi, I have no idea why so many separators have been allowed. I googled a bit yesterday, and didn't find anything useful. Most other mysql connectors I've found only use ';'. But it is documented this way since a long time in APR. Removing some separators could break some existing configuration. So, IMHO, it is unlikely to be accepted. We maybe should have some way to escape some characters to be allowed these delimiters to be used as "normal" characters. I cross-post to APR dev@ mailing list to have others feed-back on it. CJ Le 21/08/2018 à 09:17, Mimiko a écrit : Thank you I was looking for such info and didn't found. Why so much chars left for params split? Should I fire a request or this will not be changed in future by concept? On 20.08.2018 22:14, Christophe JAILLET wrote: This seems to be mysql APR driver specific. For some reasons, in APR, in function dbd_mysql_open(), fields are split according to delimiters in: static const char *const delims = " \r\n\t;|,"; See Remarks about MySQL at: http://apr.apache.org/docs/apr-util/1.6/group___a_p_r___util___d_b_d.html#gabddb1fdcb2f8a5f5b83127485c78e8ae According to the code, there is no way to avoid the "incorrect" split of the DBDParams parameter. I guess that your best option is to modify the password. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache/php: Max number of open files
Have you tried adding a ulimit command to raise the number of open files in the apache start script or systemd service file? Darryl Baker (he/him/his) Sr. System Administrator Distributed Application Platform Services Northwestern University 1800 Sherman Ave. Suite 6-600 – Box #39 Evanston, IL 60201-3715 darryl.ba...@northwestern.edu (847) 467-6674 On 8/21/18, 1:37 PM, "Jørn" wrote: Hello, I'm struggeling with the maximum number of open files in a php script executed through the apache web server. I have done two tests - one from shell and one through the apache web server. Both tests open as many files as possible in a given folder (named a-1.dat, a-2.dat and so on). The initial test resulted in 1006 open files through the apache web server, and about 1020 from the shell. By playing with the /etc/security/limits.conf and /etc/sysctl.conf I managed to increase the number of files from the shell to about 2000 (then the limit was set to 8190 files (soft limit was 8192 in /etc/security/limits.conf). But through the apache web server, it is still only 1006. The content of /etc/security/limits.conf: * soft nofile 8192 * hard nofile 16348 apache soft nofile 8192 apache hard nofile 16348 The apache web server was restarted after I changed the /etc/security/limits.conf file. I executed 'print_r(posix_getrlimit())' in a php script through the apache web server and got this output: Array ( [soft core] => unlimited [hard core] => unlimited [soft data] => unlimited [hard data] => unlimited [soft stack] => 8388608 [hard stack] => unlimited [soft totalmem] => unlimited [hard totalmem] => unlimited [soft rss] => unlimited [hard rss] => unlimited [soft maxproc] => 62856 [hard maxproc] => 62856 [soft memlock] => 65536 [hard memlock] => 65536 [soft cpu] => unlimited [hard cpu] => unlimited [soft filesize] => unlimited [hard filesize] => unlimited [soft openfiles] => 1024 [hard openfiles] => 4096 ) For me it seems like php is setting a limit, or?? I'm using php 7.0.25 and apache 2.4.27 -- Jørn Dahl-Stamnes homepage: https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dahl-2Dstamnes.net_dahls_&d=DwIFaQ&c=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws&r=tdje61_VHSXp608oLofeaJnnzo2Sr9_Cdcp70bBEtQ8&m=dQjXLII5jTRHXABt8am0T0Sw9EzKDuuzIyWHoWbBA88&s=n3YSaMxt_nkqvBi0MHQ1q2IWJgpKwQ8qsF3-imfC3cA&e= - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Re: Buffer in apache
Le 21/08/2018 à 13:50, Hemant Chaudhary a écrit : Hi All, I want to use buffer of 512B in apache . I am using mod_proxy_http to send request to tomcat and have set ProxyIOBufferSize 512. But it is sending message to tomcat with size greater than 512B. How should I control apache in proxy so that it will send message and receive with max buffer size of 512B. Thanks Hemant Hi, for some reasons, mod_proxy_ajp has the folowing code ([1]) This means that value are silently forced between 8k (AJP_MSG_BUFFER_SZ) and 64k (AJP_MAX_BUFFER_SZ). I don't know why this is done this way and it looks spurious However, the code looks in line with apache 2.2 doc ([2]), but not with 2.4. ([3]) This looks to something that has not been completely updated in the 2.2 -> 2.4 process. Sounds like a useless limitation and mod_proxy_ajp should be aligned on the doc. IMHO, the test with AJP_MSG_BUFFER_SZ should be removed. (and also the one with AJP_MAX_BUFFER_SZ BTW) I cross-post to dev@ list for others feed-back. CJ [1]: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_ajp.c?diff_format=h&view=markup#l197 [2]: https://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxyiobuffersize [3]: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyiobuffersize
Re: [users@httpd] Apache/php: Max number of open files
On Tuesday, August 21, 2018 21:52:34 Darryl Philip Baker wrote: > Have you tried adding a ulimit command to raise the number of open files in > the apache start script or systemd service file? If I only knew where the startup script is. Back in the (good) old days everything was located under /etc/rc.d, but that seem to be history now. Everything is started by the '/bin/systemctl' command. I'm running fedora core 25 on this server. -- Jørn Dahl-Stamnes homepage: http://www.dahl-stamnes.net/dahls/ - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache/php: Max number of open files
Systemd stores the scripts in /lib/systemd/system and /etc/systemd/system. Darryl Baker (he/him/his) Sr. System Administrator Distributed Application Platform Services Northwestern University 1800 Sherman Ave. Suite 6-600 – Box #39 Evanston, IL 60201-3715 darryl.ba...@northwestern.edu (847) 467-6674 On 8/21/18, 3:23 PM, "Jørn" wrote: On Tuesday, August 21, 2018 21:52:34 Darryl Philip Baker wrote: > Have you tried adding a ulimit command to raise the number of open files in > the apache start script or systemd service file? If I only knew where the startup script is. Back in the (good) old days everything was located under /etc/rc.d, but that seem to be history now. Everything is started by the '/bin/systemctl' command. I'm running fedora core 25 on this server. -- Jørn Dahl-Stamnes homepage: https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dahl-2Dstamnes.net_dahls_&d=DwIFaQ&c=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws&r=tdje61_VHSXp608oLofeaJnnzo2Sr9_Cdcp70bBEtQ8&m=MGATRzKx5sSQUsGgcxvrmbkLXIaoMkjdYpl1MmVWOPI&s=YxwA0wj1B-72elf7EB5tIw4qRFk1Fpm44rSOMi1u7dg&e=
Re: [users@httpd] Apache/php: Max number of open files
I forgot to add the systemd directive, LimitNOFILE= Which is the number of file descriptors. Darryl Baker (he/him/his) Sr. System Administrator Distributed Application Platform Services Northwestern University 1800 Sherman Ave. Suite 6-600 – Box #39 Evanston, IL 60201-3715 darryl.ba...@northwestern.edu (847) 467-6674 On 8/21/18, 3:46 PM, "Darryl Philip Baker" wrote: Systemd stores the scripts in /lib/systemd/system and /etc/systemd/system. Darryl Baker (he/him/his) Sr. System Administrator Distributed Application Platform Services Northwestern University 1800 Sherman Ave. Suite 6-600 – Box #39 Evanston, IL 60201-3715 darryl.ba...@northwestern.edu (847) 467-6674 On 8/21/18, 3:23 PM, "Jørn" wrote: On Tuesday, August 21, 2018 21:52:34 Darryl Philip Baker wrote: > Have you tried adding a ulimit command to raise the number of open files in > the apache start script or systemd service file? If I only knew where the startup script is. Back in the (good) old days everything was located under /etc/rc.d, but that seem to be history now. Everything is started by the '/bin/systemctl' command. I'm running fedora core 25 on this server. -- Jørn Dahl-Stamnes homepage: https://urldefense.proofpoint.com/v2/url?u=http-3A__www.dahl-2Dstamnes.net_dahls_&d=DwIFaQ&c=yHlS04HhBraes5BQ9ueu5zKhE7rtNXt_d012z2PA6ws&r=tdje61_VHSXp608oLofeaJnnzo2Sr9_Cdcp70bBEtQ8&m=MGATRzKx5sSQUsGgcxvrmbkLXIaoMkjdYpl1MmVWOPI&s=YxwA0wj1B-72elf7EB5tIw4qRFk1Fpm44rSOMi1u7dg&e=
Re: [users@httpd] Apache/php: Max number of open files
On Tuesday, August 21, 2018 22:45:56 Darryl Philip Baker wrote: > Systemd stores the scripts in /lib/systemd/system and /etc/systemd/system. I got that catalog but no scripts to start up the apache web server. Only a config file named httpd.service: # See httpd.service(8) for more information on using the httpd service. # Modifying this file in-place is not recommended, because changes # will be overwritten during package upgrades. If you want to # customize the behaviour, the best way is to use "systemctl edit" # command to create an override unit. # For example, to pass additional options (such as -D definitions) to # the httpd binary at startup, create an override unit (as is done by # systemctl edit) and enter the following: # [Service] # Environment=OPTIONS=-DMY_DEFINE [Unit] Description=The Apache HTTP Server After=network.target remote-fs.target nss-lookup.target Documentation=man:httpd.service(8) [Service] Type=notify Environment=LANG=C ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND ExecReload=/usr/sbin/httpd $OPTIONS -k graceful # Send SIGWINCH for graceful stop KillSignal=SIGWINCH KillMode=mixed PrivateTmp=true [Install] WantedBy=multi-user.target -- Jørn Dahl-Stamnes homepage: http://www.dahl-stamnes.net/dahls/ - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Apache/php: Max number of open files
On Tuesday, August 21, 2018 22:51:09 Darryl Philip Baker wrote: > I forgot to add the systemd directive, LimitNOFILE= Which is the number > of file descriptors. Thanks!! I added this under the [Service] section: LimitNOFILE=8192 Then did a $ systemctl daemon-reload $ /bin/systemctl restart httpd.service Now I'm able to open 8174 files :) -- Jørn Dahl-Stamnes homepage: http://www.dahl-stamnes.net/dahls/ - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
