RE: [us...@httpd] default site

[Boyle Owen]

> -Original Message-
> From: Fred Zinsli [mailto:fred.zin...@shooter.co.nz] 
> Sent: Tuesday, June 09, 2009 3:12 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] default site
> 
> Hello all
> 
> I am sure this has been asked, but I couldn't find the answer I was 
> looking for.
> 
> I have apache 2.2 installed on my Debian server with name 
> based virtual 
> hosting. Single static IP.
> 
> I have my DNS setup as wildcard left of the domain *.shooter.co.nz
> I have setup the websites I wanted using individual conf 
> files and they 
> all work well.
> 
> But when I type any other URL apart from those configured I get the 
> default "Its working" page.
> 
> How can I point all other URLs not defined to a default site?

Since you have defined name-based VHs, all requests that match a defined
domain-name will end up in the appropriate VH. That, you say, is
working..

However, a request with a domain-name that *doesn't* match a VH will be
served outside the VHs by whatever default rules you have (look for
"ServerName" and "DocumentRoot" outside any VH).

The simplest fix is probably to pick a "default" VH and then assign all
unmatched domains to it using the "ServerAlias" directive. Something
like;


  ServerName www1.shooter.co.nz
  ServerAlias *.shooter.co.nz
  ...

VHs are matched in config file order so the default one (containing
"ServerAlias *.shooter.co.nz") should be last.

NB: requests with *no* domain name (eg http://121.73.6.17/) will still
go outside the VHs, to fix that, use "ServerAlias *", if that's what you
want. Or edit the external DocumentRoot directive to point to some error
page.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 





> 
> The thing to concider is that I have phpmysql installed which is only 
> accessable via the local (192.168.*.*)IP of the machine from 
> inside the 
> LAN. It is not accessable from a name based URL.
> 
> I wasn't sure if it was just a case of setting the default 
> document root 
> or not, but then I would probably loss my phpmysql accesss as the 
> document path would be invalid for that application.
> 
> This is on a production server with 8 websites so hence I am cautious 
> about any changes on it.
> 
> Any comments or pointers to documentation on this subject 
> would be most 
> helpful.
> 
> Regards
> 
> Fred
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Configuring multiple instance of apache on solaris

[Boyle Owen]

> -Original Message-
> From: Sayed Wali [mailto:sayed.w...@gmail.com] 
> Sent: Monday, June 08, 2009 11:54 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Configuring multiple instance of 
> apache on solaris
> 
> Hi ,
> 
> I have a problem that I am hoping one you have seen before
> 
> I am trying to run multiple instances of Apache V. 2.2.8 on Solaris
> 10.  I have everything setup. i.e. Different configuration files for
> each instances, with different port numbers, lock file, PidFile, and
> ScoreBoardFile. However, when I try to start instance, it won't accept
> the "PidFile" param from the config file. Hence I am unable to start
> multiple instances. If I start each instance individually, all 3
> instances come up ok, but they all place the PidFile in
> /var/run/httpd.pid. No matter what I do, I cannot seem to force the
> config to use different pid file. Any help?

Your config looks OK... So usually when directives seem to get ignored,
it's because the config is not really being read.

How, exactly, are you starting apache? Each instance should start
separately with a defined config file, eg:

/path/to/apache/bin/httpd -f /path/to/config/instance_1.conf

(probably this will be inside a control script).

Apart from that;

- what does it say in the error log? 
- do any configs have included content from other files?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> I know its not permissions issue because it creates errorlogs and
> scoreboardfile successfully.
> 
> 
> Here is my instance 1.conf:
> 
> ServerRoot "/opt/code/apache2.2.8"
> 
> Listen 80
> ServerName localhost:80
> ScoreBoardFile /var/adm/apache2.2.8/inst1/apache_runtime_status
> LockFile /var/adm/apache2.2.8/inst1/inst1.lock
> PidFile /var/adm/apache2.2.8/inst1/inst1.pid
> 
> 
> 
> 
> Here is my instance 2.conf:
> 
> ServerRoot "/opt/code/apache2.2.8"
> 
> Listen 81
> ServerName localhost:81
> ScoreBoardFile /var/adm/apache2.2.8/inst2/apache_runtime_status
> LockFile /var/adm/apache2.2.8/inst2/inst2.lock
> PidFile /var/adm/apache2.2.8/inst2/inst2.pid
> 
> 
> Here is my instance 3.conf:
> 
> Listen 82
> ServerName localhost:82
> ScoreBoardFile /var/adm/apache2.2.8/inst3/apache_runtime_status
> LockFile /var/adm/apache2.2.8/inst3/inst3.lock
> PidFile /var/adm/apache2.2.8/inst3/inst3.pid
> 
> 
> 
> Any help or suggestions are very much appreciated.
> 
> Thanks,
> Sayed
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] default site

[Boyle Owen]

> -Original Message-
> From: Davide Bianchi [mailto:dav...@walterisookeensufferukker.nl] 
> 
> Actually no. If the request doesn't match any Virtual Hosts, 
> it will be
> served by the first vhost defined or by the one defined with the
> _default_ keyword.

Quite right. Once you start using VHs, external DocRoots are ignored. So
the OP's "It works!" page must be coming from the first or default VH.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Davide
> 
> -- 
> You need an emergency cynicism transplant, stat.
> -- Seymour J. on asr
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Re: Fixing HTTP Service / Server Version Detected

[Boyle Owen]

> -Original Message-
> From: Singh, Sukhjeet [mailto:sukhjeet.si...@fiserv.com] 
> Sent: Wednesday, June 10, 2009 2:56 PM
> To: users@httpd.apache.org
> Subject: RE: [us...@httpd] Re: Fixing HTTP Service / Server 
> Version Detected
> 
> Eric,
> 
> Can you let me know the best possible way to hide this banner.

There is no way, via configuration, to hide it. You can only reduce it
to a minimum by setting the directive in the documentation link you were
sent (you did follow this link, didn't you?)

If you are really determined, you can remove it in the source code and
recompile (search for "ServerTokens"). Alternatively some application
firewall might be able to filter out this response header.

However, as Dan has said, every attacker just blindly attacks every
server with every exploit. They do not waste time "testing" to try to
match exploit to server. If they did it would be great! - we could all
just masquerade our servers as "Dreadnought Unbreakable Server" and
hackers would all have to give up. The warning you have seen is just a
stock message that security consultants wheel out to make it look like
they are doing something.

There was originally a good reason for the server signature - in the
early days, different browsers and servers had slightly different
capabilities and it was useful if each could identify the other in order
to work-around known bugs and features. However, nowadays everything
does everything and it probably doesn't matter any more.

Having said all that, I hear that future versions of apache might have a
directive allowing you to put "Bob's Handy Dandy Server" in there.. so
maybe just wait a while.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Sukhjeet
> 
> -Original Message-
> From: Dan Poirier [mailto:poir...@pobox.com] 
> Sent: Wednesday, June 10, 2009 6:05 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Re: Fixing HTTP Service / Server 
> Version Detected
> 
> Eric Covener  writes:
> 
> > On Wed, Jun 10, 2009 at 7:53 AM, Singh, Sukhjeet
> >  wrote:
> >> The server allows capture of the HTTP service banner. 
> Service banners
> can
> >> contain sensitive information, such as application and Operating
> System (OS)
> >> version numbers. An attacker can use the version information from
> your Web
> >> server to determine if there are any known vulnerabilities present,
> or can
> >> use such information to create attacks towards the specific
> application or
> >> OS.
> >
> > http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
> 
> Sukhjeet, you can hide this information, but I wouldn't think it would
> make your server any more secure.  Most attackers will 
> probably just try
> a bunch of known vulnerabilities without even looking at the OS and
> version.
> 
> -- 
> Dan Poirier 
> 
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Fixing HTTP Service / Server Version Detected

[Boyle Owen]

> -Original Message-
> From: André Warnier [mailto:a...@ice-sa.com] 
> > 
> and, when you have exhausted all of those, and the JBoss list 
> too, you 
> might finally be able to bask in the satisfaction of knowing which 
> webserver software you are really responsible for.

I suspect we've had a visitation from a Help Vampire...
http://slash7.com/pages/vampires

> :-)
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] redirect webdav traffic from dmz to server inside firewall?

[Boyle Owen]

> -Original Message-
> From: Brent Friedman [mailto:br...@brentfriedman.net] 
> Sent: Friday, June 12, 2009 12:31 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] redirect webdav traffic from dmz to 
> server inside firewall?
> 
> I have been trying to determine the proper configuration for 
> a problem 
> unsuccessfully.  I have tried many online resources, but haven't been 
> able to put the lid on this problem.
> 
> My scenario:
> 
> One server is running Apache in a dmz.  Another server is 
> running Apache 
> inside a firewall, and is configured for webdav.
> 
> I am trying to use mod_rewrite (or whatever config will accomplish 
> this), but I must be missing something.
> 
> I have tried virtual hosts, .htaccess files in 
> /htdocs/en-us/webdav and 
> /htdocs/en-us/webdav/readwrite, redirect rules, etc.  Webdav is 
> configured on the server inside the firewall, and works fine 
> from inside 
> the firewall.  Webdav is not configured on the server in the dmz.  I 
> have also tried using port 81 for webdav.

What *exactly* are you trying to do - you don't really say...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> An example .htaccess file from htdocs/en-us/webdav/readwrite:
> Options +FollowSymlinks
> RewriteEngine on
> RewriteRule ^/$ http://192.168.124.139/webdav
> 
> The two servers can ping each other successfully.
> 
> It would be great to force everything to port 443, but even port 80 
> would be good, at this point.
> 
> Thanks,
> 
> Brent Friedman
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] redirect webdav traffic from dmz to server inside firewall?

[Boyle Owen]

 

> -Original Message-
> From: Brent Friedman [mailto:br...@brentfriedman.net] 
> Sent: Friday, June 12, 2009 2:36 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] redirect webdav traffic from dmz 
> to server inside firewall?
> 
> I have a box running webdav inside a firewall.  I want to 
> provide access 
> to webdav via a box running in a dmz.  I am not certain of 
> mod_rewrite 
> is the appropriate way to accomplish this, but I haven't been able to 
> configure the dmz server properly to forward traffic for 
> webdav to the 
> other server.

Assuming a basic set-up where you have a FW with three interfaces A, B
and C, where:

A - connected to internet
B - connected to apache server in DMZ
C - connected to internal LAN where lives also the webdav server

Then you basically need to use mod_proxy to proxy requests from the DMZ
server to the webdav server. Your starting point would be
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass

Obviously, you'll need to configure the FW accordingly, but that's out
of scope here..

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Thanks,
> 
> Brent Friedman
> 
> 
> Boyle Owen wrote:
> >> -Original Message-
> >> From: Brent Friedman [mailto:br...@brentfriedman.net] 
> >> Sent: Friday, June 12, 2009 12:31 AM
> >> To: users@httpd.apache.org
> >> Subject: [us...@httpd] redirect webdav traffic from dmz to 
> >> server inside firewall?
> >>
> >> I have been trying to determine the proper configuration for 
> >> a problem 
> >> unsuccessfully.  I have tried many online resources, but 
> haven't been 
> >> able to put the lid on this problem.
> >>
> >> My scenario:
> >>
> >> One server is running Apache in a dmz.  Another server is 
> >> running Apache 
> >> inside a firewall, and is configured for webdav.
> >>
> >> I am trying to use mod_rewrite (or whatever config will accomplish 
> >> this), but I must be missing something.
> >>
> >> I have tried virtual hosts, .htaccess files in 
> >> /htdocs/en-us/webdav and 
> >> /htdocs/en-us/webdav/readwrite, redirect rules, etc.  Webdav is 
> >> configured on the server inside the firewall, and works fine 
> >> from inside 
> >> the firewall.  Webdav is not configured on the server in 
> the dmz.  I 
> >> have also tried using port 81 for webdav.
> >> 
> >
> > What *exactly* are you trying to do - you don't really say...
> >
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored. 
> >
> >   
> >> An example .htaccess file from htdocs/en-us/webdav/readwrite:
> >> Options +FollowSymlinks
> >> RewriteEngine on
> >> RewriteRule ^/$ http://192.168.124.139/webdav
> >>
> >> The two servers can ping each other successfully.
> >>
> >> It would be great to force everything to port 443, but 
> even port 80 
> >> would be good, at this point.
> >>
> >> Thanks,
> >>
> >> Brent Friedman
> >>
> >> 
> -
> >> The official User-To-User support forum of the Apache HTTP 
> >> Server Project.
> >> See http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> >> For additional commands, e-mail: users-h...@httpd.apache.org
> >>
> >>
> >> 
> >  
> > This message is for the named person's use only. It may 
> contain confidential, proprietary or legally privileged 
> information. If you receive this message in error, please 
> notify the sender urgently and then immediately delete the 
> message and any copies of it from your system. Please also 
> immediately destroy any hardcopies of the message. 
> > The sender's company reserves the right to monitor all 
> e-mail communications through their networks.
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >"   from the digest: users-digest-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h.

RE: [us...@httpd] How to detect a non-graceful restart of Apache

[Boyle Owen]

> -Original Message-
> From: SAILESH KRISHNAMURTI, BLOOMBERG/ 731 LEXIN 
> [mailto:skrishnam...@bloomberg.net] 
> Sent: Thursday, June 18, 2009 3:42 PM
> To: USERS@httpd.apache.org
> Subject: [us...@httpd] How to detect a non-graceful restart of Apache
> 
> Hi, I have a requirement wherin application owners would like 
> to be notified if apache is restarted non-gracefully, since 
> there might be impact to user sessions etc... Is there any 
> way to detect and report this, hopefully without compiling 
> additional modules? thanks

The simplest way is probably to monitor the error_log (eg, with a
perl-script running under cron). If there is a stop; you get a SIGTERM
in the log. For a restart; there is a SIGHUP. For a graceful; no
signals, just a message.

Alternatively, if you have mod_server_status, you could poll it. The
server uptime is reset to zero if there is a stop/start or restart, but
keeps ticking if there is a graceful.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] mod_expires/mod_headers and SSL

[Boyle Owen]

From: Igor Cicimov [mailto:icici...@gmail.com] 
Sent: Tuesday, June 30, 2009 9:05 AM
To: users
Subject: [us...@httpd] mod_expires/mod_headers and SSL


Hi all,

Any idea if mod_expires works over SSL? In case it works are
there any conditions to be satisfied?

Thanks

mod_expires just sets a header. That's part of HTTP, which is
encapsulated by HTTPS. So, yes, it will "work".

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] How do I prioritize requests ?

[Boyle Owen]

>   From: ricardo figueiredo [mailto:ricardoogra...@gmail.com] 
>   Sent: Friday, July 03, 2009 2:51 PM
>   To: users@httpd.apache.org
>   Subject: Re: [us...@httpd] How do I prioritize requests ?
>   Implement a HTTP proxy which do it and be happy!
>
>   I would like implement it in Apache webserver, but dont know
where I start.

As has been pointed out already, this is a very complex requirement,
best handled by another component (ie, not the webserver). The HTTP RFC
doesn't consider request priority so what you want to do would require
extensive engineering. It is a major project that a skilled engineer
might spend weeks on.. I do not think you will solve it as a novice,
just asking questions on a list.

I'm also not convinced you have a real motivation for wanting this - do
you really have a case where clients are having to wait a long time for
a response? If so, there are other ways to approach the problem.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


Ricardo 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Annoying problem with apache22 / php5 - how to investigate?

[Boyle Owen]

> -Original Message-
> From: Per olof Ljungmark [mailto:p...@bsdlabs.com] 
> Sent: Sunday, July 05, 2009 2:01 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Annoying problem with apache22 / php5 
> - how to investigate?
> 
> Hi,
> 
> We run FreeBSD 7 and apache 2.2 (currently 2.2.11) with php5 serving 
> pages from a webmail app (Horde).
> 
> Randomly (as it seems at least), there is a 500 (Internal 
> server error) 
> and a blank page is presented to the user like
> 
> [04/Jul/2009:15:19:37 +0200] "GET 
> /services/portal/sidebar.php?httpclient=1 HTTP/1.1" 500 -

500 Internal Server error means that the PHP program crashed, so not
really an apache problem. Basically, you need to find out the conditions
that make the program crash and then protect against them.

For example, if the program reads a file and the filename is derived
from the request attributes, a certain request might generate a filename
that doesn't exist - then you'll get a file-not-found condition in the
program and, if it's not trapped, it'll crash.

> 
> There are no other messages in the logs, not even with 
> LogLevel debug. 
> The problem has survived several both OS and Apache/PHP/HORDE 
> upgrades 
> and I really need to track this down now.
> 
> Question: What tools would be the best to further analyze this? The 
> standard logging does not seem to be sufficient in this case and I am 
> totally inexperienced in how to dig further down.

Read the program code and do a print for everything the program has to
use. Then think of what could go wrong (for example, never assume that
request attributes will be what you expect them to be, or even that they
will be present.)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 



> 
> Thanks a lot!
> 
> -- 
> per
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] mod_proxy_balance: route redirect not working

[Boyle Owen]

From: juergen.l...@it.nrw.de [mailto:juergen.l...@it.nrw.de] 
Sent: Monday, July 06, 2009 5:29 PM
To: users@httpd.apache.org
Subject: [us...@httpd] mod_proxy_balance: route redirect not working


We use mod_proxy to distribute requests to four tomcat instances.
Our configuration (vhost.conf) is as follows:
 

   ProxyPass /balancer-manager !
   ProxyPass / balancer://mybalancer/ stickysession=JSESSIONID
 
   
BalancerMember ajp://xx.yy.zz:11009/ldsportal route=tomcat1 
loadfactor=50
BalancerMember ajp://xx.yy.zz:12009/ldsportal route=tomcat2 
loadfactor=50
BalancerMember ajp://xx.yy.zz:13009/ldsportal route=tomcat3 
loadfactor=50
BalancerMember ajp://xx.yy.zz:13009/ldsportal route=tomcat4 
loadfactor=50
   
 
   
SetHandler balancer-manager
   


Things work fine this way, but occasionally, we have to shut down a 
single instance for maintenance.
We use the balancer manager to reconfigure the respective worker (say: 
tomcat1) to redirect to another worker:
- select the instance tomcat1 from the web GUI 
http://aa.bb.cc:3000/balancer-manager 
- enter e.g. tomcat2 in the "Route Redirect" form field.
- on submit, the respective worker is marked with "RouteRedir=tomcat2" 
in the worker list.
 
Our problem is, requests without a session id still get routed to 
worker tomcat1 (as well as to the other 3 instances). 
 
We use [Server Version: Apache/2.2.3 (Linux/SUSE)] in our production 
env, but I also tried [Server Version: Apache/2.2.11 (Win32)]
The result is the same in both setups.
 
Am I missing something essential?

You have to also "disable" the route that you are re-directing. AFAIK, it works 
like this:

Disable only: labelled requests for that route get "server unavailable", 
unlabelled requests will go to other routes.
Redirect only: labelled requests for that route get redirected, unlabelled 
requests can go to any route, including this one (this is your case).
Redirect and disable: labelled requests for that route get redirected, 
unlabelled requests will go to other routes.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 




 
Cheers
Jürgen 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] mod_proxy_balance: route redirect not working

[Boyle Owen]

> -Original Message-
> From: juergen.l...@it.nrw.de [mailto:juergen.l...@it.nrw.de] 
> Sent: Tuesday, July 07, 2009 9:52 AM
> To: users@httpd.apache.org
> Subject: AW: [us...@httpd] mod_proxy_balance: route redirect 
> not working
> 
> Owen,
> what exactly does "labelled" mean? 

containing an attribute that allows mod_proxy_balancer to route the request. 
Either a cookie or a request parameter.

> Can I think of it in our case as the request having a cookie 
> JSESSIONID=.tomcat1,
> i.e. a suffix matching one of the configured workers?

yes.

> If so, we completely misinterpreted the meaning of "redirect".
> 
> We are looking for a way to starve an instance: matching 
> requests should still get routed to this instance (we have 
> sticky sessions), but requests without a session must get 
> routed to another instance.

Aha.. I don't think you can do this. There are only two switches (redirect and 
enable) so four possible states, all of which are already defined. You need a 
fifth state... I think the problem is that the redirect-enabled state does the 
"opposite" of what you want; it redirects labelled requests but allows through 
unlabelled requests.

> If redirection in mod_proxy_balance does not work this way, 
> what is the preferred way to smoothly fade out an instance?

I don't know. 

> 
> Cheers
> Jürgen
> 
> 
> > You have to also "disable" the route that you are 
> > re-directing. AFAIK, it works like this:
> > 
> > Disable only: labelled requests for that route get "server 
> unavailable", unlabelled requests will go to other routes.
> > Redirect only: labelled requests for that route get 
> redirected, unlabelled requests can go to any route, 
> including this one (this is your case).
> > Redirect and disable: labelled requests for that route get 
> redirected, unlabelled requests will go to other routes.
> > 
> > Rgds,
> > Owen Boyle
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] SSI - file not included

[Boyle Owen]

> -Original Message-
> From: Marc Patermann [mailto:hans.mo...@ofd-sth.niedersachsen.de] 
> Sent: Wednesday, July 08, 2009 9:07 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] SSI - file not included
> 
> Hi,
> 
> I tried a simple "include" with SSI.
> 
> In the root directory I added a .htaccess file with
> AddType text/html .shtml
> AddOutputFilter INCLUDES .html
> 
> In index-test.html i added
> 
> 
> This works fine.
> 
> Now I moved the footer.html to another directory.
> 
> 
> This works fine, too.
> 
> Now I moved the file again and it stops working.
> 
> 
> foo/ and bar/ are both "DAV on".
> foo/ is accessable without authencitation.
> bar/ is "basic auth" protected (file and ldap).
> 
> Can the included file not be placed in an authentictaion protected 
> directory ?

Apparently not... Otherwise, it would be a way to circumvent
authentication.

Check what it says in the error_log; that should tell you more than
"..stops working.."
If there is a 401 Unauthorized then that's the problem.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 



or is there something else?
> 
> 
> Marc
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] apache monitoring

[Boyle Owen]

http://httpd.apache.org/docs/2.2/mod/mod_status.html




From: nima chavooshi [mailto:nima0...@gmail.com] 
Sent: Wednesday, July 08, 2009 8:51 AM
To: users@httpd.apache.org
Subject: [us...@httpd] apache monitoring


Hi

I want to monitor apache status (amount of requests,ram
usage,amount of apache daemons and etc)as real time, Is there any tools
that justify these needs?

thanks for any help or guidance


-- 
N.Chavoshi 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

RE: [us...@httpd] apache modules

[Boyle Owen]

If you just load modules but don't actually use them (ie, no directives
in config), then no.



From: nima chavooshi [mailto:nima0...@gmail.com] 
Sent: Wednesday, July 08, 2009 8:59 AM
To: users@httpd.apache.org
Subject: [us...@httpd] apache modules


Hi
I have one question about Apache modules.with loading more
modules on apache, may apache responses with more delay ??

-- 
N.Chavoshi 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

RE: [us...@httpd] SSI - file not included

[Boyle Owen]

> -Original Message-
> From: Marc Patermann [mailto:hans.mo...@ofd-sth.niedersachsen.de] 
> Sent: Wednesday, July 08, 2009 10:47 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] SSI - file not included
> 
> Boyle Owen schrieb:
> 
> >> Can the included file not be placed in an authentictaion protected 
> >> directory ?
> > 
> > Apparently not... Otherwise, it would be a way to circumvent
> > authentication.
> > 
> > Check what it says in the error_log; that should tell you more than
> > "..stops working.."
> > If there is a 401 Unauthorized then that's the problem.
> I can't see any 401 errors in access or error log.
> There are only "unable to include "./bar/footer.html" in parsed file 
> /opt/www/index-test.html" messages.

Try removing the basic auth from bar - if it then "starts working", then
that's the problem.

BTW, if that *is* the problem, then there's no solution; you won't be
able to include protected content.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> Marc
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Using Apache with SSL and SSO

[Boyle Owen]

HTTP is a stateless protocol and the normal HTTP process flow doesn't
give you any way to detect this sort of thing.
 
If the user does this:

*   
hits your page
*   
switches to another page on another site
*   
hits "back" to get back to your page

your server sees:

*   
a request for your page
*   
(some time later) another identical request for your page

You do not see that the user went to a third-party page in-between. In
other words, there is no message sent from the client when it "leaves"
your page; all you get are the requests when a client "arrives".
 
Having said that, you might be able to workaround it with some
javascript; send a "logout" request to your server that is fired by the
onunload handler. However, that is nothing to do with apache and is a
subject for a javascript forum.
 
Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 




From: Thomas J Kaiser [mailto:thomas.j.kai...@jpmchase.com] 
Sent: Thursday, July 09, 2009 4:51 PM
To: users@httpd.apache.org
Subject: [us...@httpd] Using Apache with SSL and SSO



Hi,   

  I'm using Apache with SSL and SSO  and am trying to force
apache to require a new logon when a user navigates away from a web page
and then uses the back button to return to  our web page.   I'm not sure
if this is something that apache could control. Can you offer any
assistance with this or direct me to some info that could help?
Thanks.  

 

Regards, 

 

Thomas J. Kaiser

JPMorganChase/BankOne /  Abl Systems

300 South Riverside,  Ill 60603

Ph: (312) 954-0933

 

E-mail: thomas.j.kai...@jpmchase.com

Peregrine queue - A1CBUSCREDIT

 







This communication is for informational purposes only. It is not
intended as an offer or solicitation for the purchase or sale of any
financial instrument or as an official confirmation of any transaction.
All market prices, data and other information are not warranted as to
completeness or accuracy and are subject to change without notice. Any
comments or statements made herein do not necessarily reflect those of
JPMorgan Chase & Co., its subsidiaries and affiliates. This transmission
may contain information that is privileged, confidential, legally
privileged, and/or exempt from disclosure under applicable law. If you
are not the intended recipient, you are hereby notified that any
disclosure, copying, distribution, or use of the information contained
herein (including any reliance thereon) is STRICTLY PROHIBITED. Although
this transmission and any attachments are believed to be free of any
virus or other defect that might affect any computer system into which
it is received and opened, it is the responsibility of the recipient to
ensure that it is virus free and no responsibility is accepted by
JPMorgan Chase & Co., its subsidiaries and affiliates, as applicable,
for any loss or damage arising in any way from its use. If you received
this transmission in error, please immediately contact the sender and
destroy the material in its entirety, whether in electronic or hard copy
format. Thank you. Please refer to
http://www.jpmorgan.com/pages/disclosures for disclosures relating to
European legal entities. 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

RE: [us...@httpd] [OT][Fwd: Undelivered Mail Returned to Sender]

[Boyle Owen]

> -Original Message-
> From: André Warnier [mailto:a...@ice-sa.com] 
> Sent: Monday, July 13, 2009 10:52 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] [OT][Fwd: Undelivered Mail Returned to Sender]
> 
> Hi list.
> I apologise if this is not really on-topic.
> 
> Since a few days, I am getting quite of few of the messages 
> below in my 
> inbox.  The message attached to this one is indeed something 
> I sent to 
> the list, but not to that recipient.
> Is that a misconfiguration purely on my part, or do other 
> list users get 
> these same messages ?

Me too... His address is on the mailing list so the apache mailman sends the 
mail to his mail server. However, his address has been suspended so his mailer 
sends this helpful message back to whoever sent it - which is you, or me, or 
whoever... I guess anyone who sends a message to this list is going to get an 
error message back from this server. The quickest fix is for the list-admin to 
remove that guy's address ASAP.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> Maybe also there is a pun in the address, which I fail to get..
> 
> 
>  Original Message 
> Subject: Undelivered Mail Returned to Sender
> Date: Mon, 13 Jul 2009 10:14:41 +0200 (CEST)
> From: mailer-dae...@smtp-out01.dc2.nl.netcop.net (Mail 
> Delivery System)
> To: (my address)
> 
> This is the mail system at host smtp-out01.dc2.nl.netcop.net.
> 
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
> 
> For further assistance, please send mail to 
> 
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
> 
> The mail system
> 
> : delivery temporarily 
> suspended: 
> connect
>  to 82.94.182.66[82.94.182.66]: Connection timed out
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Conditional in httpd.conf

[Boyle Owen]

> -Original Message-
> From: rank1see...@gmail.com [mailto:rank1see...@gmail.com] 
> Sent: Tuesday, July 14, 2009 4:05 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Conditional in httpd.conf

First off, httpd.conf is a config file - think of it as a data structure
like a hash-map. It is not a programming language and has no conditional
capabilities.

> 
> I would like to achieve this:
> 
> 
>   
>   Execute / Parse this
>   
> 

The SSL VH is actually an independent port-based VH so this is achieved
simply by the  container. For example;


... plain HTTP website



... SSL website


Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> What is valid Apache22 syntax for this?
> That is, if port is 443, then additional config rules shall apply.
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Conditional in httpd.conf

[Boyle Owen]

 

> -Original Message-
> From: rank1see...@gmail.com [mailto:rank1see...@gmail.com] 
> Sent: Tuesday, July 14, 2009 2:17 PM
> To: users@httpd.apache.org
> Subject: RE: [us...@httpd] Conditional in httpd.conf
> 
> That is exatly how do I do it now.
> But the point is that I've noticed how diif between:
> 
>   ... plain HTTP website
> 
> 
> 
>   ... SSL website
> 
> 
> for a SAME site, is jus a 3 lines.
> That is:
> SSLEngine On and path to key and cert file.
> 
> So, had a thought of excluding port from VH container and 
> leaving only IP, 
> like:
> 
> 
> 
> SetEnvIf or any other, similar module, also wouldn't be able 
> to "hack" it 
> in this way?

No. When apache parses the config file, it just fills up a series of
data structures as it goes along, line by line. You can't get it to
build a whole new VH struct just based on an ENV.

To do conditional stuff like this, I would write a perl-script that
*generates* the VHs, eg:

foreach $port (80, 443) {
$output .= "\n";
$output .= getCommonDirectives();
$output .= getSSLStuff()
if ($port == 443);
$output .= "\n";
}   

Then you run the perl-script just before each apache restart (ie, add it
to the apachectl script)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> 
> 
> 
> 
> - Original Message -
> From: "Boyle Owen" 
> To: 
> Date: Tue, 14 Jul 2009 09:32:34 +0200
> Subject: RE: [us...@httpd] Conditional in httpd.conf
> 
> > > -Original Message-
> > > From: rank1see...@gmail.com [mailto:rank1see...@gmail.com] 
> > > Sent: Tuesday, July 14, 2009 4:05 AM
> > > To: users@httpd.apache.org
> > > Subject: [us...@httpd] Conditional in httpd.conf
> > 
> > First off, httpd.conf is a config file - think of it as a 
> data structure
> > like a hash-map. It is not a programming language and has 
> no conditional
> > capabilities.
> > 
> > > 
> > > I would like to achieve this:
> > > 
> > > 
> > >   
> > >   Execute / Parse this
> > >   
> > > 
> > 
> > The SSL VH is actually an independent port-based VH so this 
> is achieved
> > simply by the  container. For example;
> > 
> > 
> > ... plain HTTP website
> > 
> > 
> > 
> > ... SSL website
> > 
> > 
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored. 
> > 
> > > 
> > > 
> > > What is valid Apache22 syntax for this?
> > > That is, if port is 443, then additional config rules shall apply.
> > > 
> > > 
> -
> > > The official User-To-User support forum of the Apache HTTP 
> > > Server Project.
> > > See http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > >"   from the digest: users-digest-unsubscr...@httpd.apache.org
> > > For additional commands, e-mail: users-h...@httpd.apache.org
> > > 
> > > 
> >  
> > This message is for the named person's use only. It may contain 
> confidential, proprietary or legally privileged information. If you 
> receive this message in error, please notify the sender 
> urgently and then 
> immediately delete the message and any copies of it from your system. 
> Please also immediately destroy any hardcopies of the message. 
> > The sender's company reserves the right to monitor all e-mail 
> communications through their networks.
> > 
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >"   from the digest: users-digest-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> > 
> > 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] 404's to robots.txt?

[Boyle Owen]

> -Original Message-
> From: Evan Platt [mailto:e...@espphotography.com] 
> Sent: Wednesday, July 22, 2009 1:56 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] 404's to robots.txt?
> 
> So I've noticed quite a lot of connections from web spider programs. 
> I've had a robots.txt
> (User-agent: *
> Disallow: /)  For a long time. But looking closer in my apache logs, 
> am I reading right that it's giving a 404?

Yes.

How many VHs do you have? If you have robots.txt in one VH but the
request comes into another VH, then you will get a 404. Maybe put
%{Host}i into the log format to see the Host header sent by the client..

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 65.55.106.173 - - [21/Jul/2009:09:44:43 -0700] "GET /robots.txt 
> HTTP/1.1" 404 208 "-" "msnbot/2.0b 
> (+http://search.msn.com/msnbot.htm)"
> 65.55.106.112 - - [21/Jul/2009:10:11:43 -0700] "GET /robots.txt 
> HTTP/1.1" 404 208 "-" "msnbot/2.0b 
> (+http://search.msn.com/msnbot.htm)"
> 65.55.106.166 - - [21/Jul/2009:11:03:35 -0700] "GET /robots.txt 
> HTTP/1.1" 404 208 "-" "msnbot/2.0b 
> (+http://search.msn.com/msnbot.htm)"
> 65.55.106.160 - - [21/Jul/2009:11:09:07 -0700] "GET /robots.txt 
> HTTP/1.1" 200 28 "-" "msnbot/2.0b (+http://search.msn.com/msnbot.htm)"
> 65.55.106.180 - - [21/Jul/2009:11:35:34 -0700] "GET /robots.txt 
> HTTP/1.1" 404 208 "-" "msnbot/2.0b 
> (+http://search.msn.com/msnbot.htm)"
> 
> Same day, no changes made:
> X.X.X.X - - [21/Jul/2009:16:47:44 -0700] "GET /robots.txt HTTP/1.1" 
> 304 - "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; 
> rv:1.9.1.1) Gecko/20090715 Firefox/3.0.7, Ant.com Toolbar 1.3 (.NET 
> CLR 3.5.30729)"
> Z.Z.Z.Z- - [21/Jul/2009:16:49:10 -0700] "GET /robots.txt HTTP/1.1" 
> 200 28 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) 
> AppleWebKit/530.5 (KHTML, like Gecko) Chrome/2.0.172.30 Safari/530.5"
> 
> Two different IP's. One myne, one a friends.
> 
> Any suggestions as to why (if I'm reading the log right) I'm handing 
> out a 404 to it appears just web crawlers?
> 
> # httpd -v
> Server version: Apache/2.2.3
> Server built:   Jun 16 2009 11:28:50
> 
> Don't know what other information is needed to help troubleshoot... 
> Running on a os//x box.
> http://www.espphotography.com/robots.txt if you want to take a look...
> 
> Thanks. :)
> 
> Evan
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Remote .htaccess

[Boyle Owen]

> -Original Message-
> From: Jos Chrispijn [mailto:apa...@webrz.net] 
> Sent: Wednesday, July 22, 2009 1:31 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Remote .htaccess
> 
> Is it possible to use a .htaccess in a folder in which I define a 
> htpasswd path that physically is located on a complete 
> different server?

Sure. As long as apache can follow the path, no problem.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS: It's also asking for trouble from a performance/reliability
perspective. I leave it as an exercise to the reader to work out why...

> 
> Jos Chrispijn
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Re: Low priced certificate?

[Boyle Owen]

> -Original Message-
> From: news [mailto:n...@ger.gmane.org] On Behalf Of Nicholas Sherlock
> > 
> > Jfyi: you might also try free and not widely recognized,
> > http://cacert.org/
> 
> Won't certificates signed by them be only useful for 
> internally-deployed 
> apps? They're not a trusted root on Windows so random browsers on the 
> web will just get an "UNTRUSTED SITE! Get me out of here!" message.

Hopefully...

It's worth remembering what a certificate is for; it is a document,
undersigned by a third-party, that confirms that you are who you say you
are. The third-party certificate signing authority is putting their
reputation on the line and has a moral (even a legal) obligation to be
certain you are bona fide.

A certificate is not some random obstacle that makes SSL websites pesky
to set up - it is an essential security feature that protects web-users
from fraud. So, of course it should cost you (as e-commerce operator)
money and effort.

Trying to get a cheap cert for your site is like a bus company getting
cheap tyres for their buses...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Cheers,
> Nicholas Sherlock
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Re: Low priced certificate?

[Boyle Owen]

> -Original Message-
> From: André Warnier [mailto:a...@ice-sa.com] 
> Sent: Wednesday, July 22, 2009 3:09 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] Re: Low priced certificate?
> 
> 
> We are a services company, and provide websites to select 
> customers, for 
> their own usage. We know these customers, they know us, and there are 
> not thousands of them (merely hundreds).
> We store information in these websites for those customers.  
> Sometimes 
> this information is relatively private, for the customer.
> (It is not however of the "top secret - defense" variety, nor banking 
> etc...)
> 
> We would like to offer to our customers, the possibility of 
> connecting 
> to their websites using HTTPS instead of HTTP.
> This is merely so that it would be harder for "foreign" 
> people to easily 
> intercept the data being exchanged between the webserver and the 
> browsers of our customers.

If you have a "private" application (in the sense that server-owner and clients 
already know each other and only want to encrypt traffic), then of course you 
can use a self-signed cert. In this case you are getting encryption (protection 
from eavesdropping) but no authentication (which you don't care about because 
you already know each other).

The cause of much of the confusion is the fact that SSL certs provide *two* 
functions; they contain a key that allows you to set up an encrypted channel, 
but they also contain a document that attests the ownership of the domain. This 
second feature is essential in an e-commerce environment where the server and 
client are not known to each other a priori. 

If you were a shopkeeper and wanted to send your takings off to the bank, you 
might request the bank to send round a security van. When the van arrives, 
would you check the driver's credentials? Obviously you should in case some 
crooks were tapping your phone line and had turned up first in a stolen van 
with fake uniforms. If you don't check the credentials, your money will be safe 
in transit, but might not actually be going to the bank :-)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> It is my understanding that we could set up our own "certificate 
> authority" (CA) and create our own server certificates.  A customer 
> browser, upon the first connection, would pop up some message 
> indicating 
> that it cannot verify this certificate, and offering maybe to 
> "authorise" our own CA as a valid one.  Once they did this, the popup 
> would not happen again, and their communications with the 
> website would 
> be encrypted (which is the main point of the exercise).
> 
> I understand that, in case their DNS system is compromised, 
> they could 
> land onto another website pretending to be ours, and thus accept this 
> other website certificate and CA.
> But I consider this possibility as relatively unlikely, and easily 
> detected by the customers themselves once they proceed. (*)
> 
> Is anything wrong with the above thinking ?
> 
> Thanks for comments.
> 
> 
> (*) because each customer application is specific, and in 
> order to fool 
> a customer, the miscreant would haver to duplicate this 
> application, the 
> data etc..
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] 404's to robots.txt?

[Boyle Owen]

> -Original Message-
> From: Evan Platt [mailto:e...@espphotography.com] 
> Sent: Wednesday, July 22, 2009 10:44 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] 404's to robots.txt?
> 
> At 06:03 PM 7/21/2009, you wrote:
> 
> >More than 1 docroot / log %{Host}i ?
> 
> Ahh.. I believe that's it! Thank you and the others who suggested 
> that, I believe that's it - I have a few subdomains I rarely use...
> 
> My current httpd.conf is:
> 
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i 
> \"%{User-agent}i\" combined
> 
> Is there a better format ...

It's right above you... >>> %{Host}i <<< logs the Host header from the
request, eg:

LogFormat "%h %l %u %t %{Host}i \"%r\" %>s %b \"%{Referer}i 


> for that so instead of:
> 
> 1.2.3.4 - - [22/Jul/2009:13:31:28 -0700] "GET /images/favicon.ico 
> HTTP/1.1" 200 1150
> 
> I'd get
> 
> 1.2.3.4 - - [22/Jul/2009:13:31:28 -0700] "GET 
> www.mydomain.com/images/favicon.ico HTTP/1.1" 200 1150
> 
> I do have a few rarely used subdomains - but anything .mydomain.com 
> goest to my apache.
> 
> Thanks. :) 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] rewrite to 443..please help me

[Boyle Owen]

> -Original Message-
> From: danielitob [mailto:gbatt...@aliceposta.it] 
> Sent: Tuesday, July 28, 2009 9:06 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] rewrite to 443..please help me
> 
> 
> Ok..
> that is configuration. What I need is running a we site on 
> http, but when I
> send request to a protected/* page, request mu be managed under ssl.
> What I'm missing?Is this only configuration I have to do?
> In ssl.conf, I configured certificate. It seems I did it 
> well, cause when I
> run application and I click on certificate, it seems 
> correctly configured.
> But when I run a page under /protected, it gives me error
> 
> [warn] RSA server certificate CommonName (CN) 
> `www.mysite.com' does NOT
> match server name!?
> 
> Why is it so difficult and there isn't a working example on 
> internet?:(
> 
> This is virtual host
> 
> 
> ServerName www.mysite.it
> DocumentRoot /var/www/www.mysite.com
> RewriteEngine on
> RewriteLog "log/rewrite.log"
> RewriteLogLevel 5
> RewriteRule ^/protected/(.*) 
> https://www.mysite.com/protected:443/$1
> [R=301,L]

It is still not clear: as Igor says, the domain name in the rewrite-rule
is different from the domain-name of your HTTP site. Do you have both
the .it and the .com domains registered?

If you could bear to publish the real domain name, we could check it.
Otherwise, we only have your word that fields are the same - you could
have a typing error that you are failing to notice..


> 
> AllowOverride FileInfo
> 
> 
> 
> Thanks for your help, you're my last hope..
> 
> 
> 
> Igor Cicimov wrote:
> > 
> > sorry i lost your initial email with the configuration, can 
> you send it
> > again please so i can have another look?
> > 
> > 
> > On Tue, Jul 28, 2009 at 3:01 AM, danielitob 
> > wrote:
> > 
> >>
> >> Hello Igor..
> >>
> >> I checked but it was my digit error.
> >> Fields are equal but I have always same problem..
> >>
> >> What I'm missing?
> >> I configured virtual host on port 80 and did a redirect 
> for a subfolder
> >> to
> >> 443.
> >> i need other configuration?
> >>
> >> Please help me, I'm crazying..
> >>
> >>
> >> Igor Cicimov wrote:
> >> >
> >> > I don't know if typo or not but in the redirect rule you have
> >> > mysite.cominstead
> >> > mysite.it
> >> >
> >> > On Fri, Jul 24, 2009 at 6:24 PM, danielitob 
> 
> >> > wrote:
> >> >
> >> >>
> >> >> Sorry...you're right.
> >> >> I analyzed error log and I found that...it's strange
> >> >>
> >> >> [Fri Jul 24 10:12:19 2009] [warn] RSA server 
> certificate CommonName
> >> (CN)
> >> >> `www.mysite.com' does NOT match server name!?
> >> >>
> >> >> what does mean?
> >> >>
> >> >>
> >> >>
> >> >>
> >> >> Ray Van Dolson-3 wrote:
> >> >> >
> >> >> > On Thu, Jul 23, 2009 at 09:51:38AM -0700, danielitob wrote:
> >> >> >> The issue is when I click on
> >> >> >>
> >> >> >> https://www.mysite.it/protected
> >> >> >>
> >> >> >> and error appears.
> >> >> >
> >> >> > More information on the error please.  An error in 
> your Apache log
> >> >> > file?  An error in the browser (perhaps corresponding 
> with a self
> >> >> > signed certificate)?
> >> >> >
> >> >> > Ray
> >> >> >
> >> >> >
> >> 
> -
> >> >> > The official User-To-User support forum of the Apache 
> HTTP Server
> >> >> Project.
> >> >> > See http://httpd.apache.org/userslist.html> for 
> more info.
> >> >> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >> >> >"   from the digest: 
> users-digest-unsubscr...@httpd.apache.org
> >> >> > For additional commands, e-mail: users-h...@httpd.apache.org
> >> >> >
> >> >> >
> >> >> >
> >> >>
> >> >> --
> >> >> View this message in context:
> >> >>
> >> 
> http://www.nabble.com/rewrite-to-443..please-help-me-tp2462994
2p24640563.html
> >> >> Sent from the Apache HTTP Server - Users mailing list archive at
> >> >> Nabble.com.
> >> >>
> >> >>
> >> >> 
> -
> >> >>  The official User-To-User support forum of the Apache 
> HTTP Server
> >> >> Project.
> >> >> See http://httpd.apache.org/userslist.html> for more info.
> >> >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >> >>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> >> >> For additional commands, e-mail: users-h...@httpd.apache.org
> >> >>
> >> >>
> >> >
> >> >
> >>
> >> --
> >> View this message in context:
> >> 
> http://www.nabble.com/rewrite-to-443..please-help-me-tp2462994
2p24684493.html
> >> Sent from the Apache HTTP Server - Users mailing list archive at
> >> Nabble.com.
> >>
> >>
> >> 
> -
> >> The official User-To-User support forum of the Apache HTTP Server
> >> Project.
> >> See http://httpd.apache.org/userslist.html> for more info.
> >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>

RE: [us...@httpd] Question about Server Side Includes

[Boyle Owen]

> -Original Message-
> From: Freddy Jensen [mailto:jen...@adobe.com] 
> Sent: Wednesday, July 29, 2009 3:06 PM
> To: users@httpd.apache.org
> Cc: jen...@adobe.com
> Subject: Re: [us...@httpd] Question about Server Side Includes
> 
> 
> I really appreciate all the quick and accurate answers.
> Great mailing list. I will venture further and pose
> another question:

Then please change the subject - it helps archival threading.

> 
> I have a web server configured for https with SSL certificates etc.
> Now I want it to block all http access and only allow https.
> Someone told me that I needed to block port 80 on the web server.
> 
> The question is: How do I do that?

You don't really "block" it, you just don't serve it. So you just remove
your VH that serves port 80, leaving only the VH that serves port 443.

However, this will mean users coming to http://your-site/ will get a
"server not listening" error at the network layer. So probably, you want
to redirect them to https://your-site/ 

If so, see http://wiki.apache.org/httpd/RedirectSSL

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Is it a config item somewhere in /etc/httpd/conf/httpd.conf ?
> 
> Thanks
> 
> --
> Freddy Jensen, Sr. Computer Scientist, Adobe Systems Incorporated
> 345 Park Avenue, San Jose, CA 95110-2704, USA, Ph: (408) 536-2869
> Email: jen...@adobe.com, URL: http://www.adobe.com
> --
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] apache ajp interconnection Issue

[Boyle Owen]

>BalancerMember ajp://192.168.31.128:8009/MyJava min=10 max=100

> http://Ipaddress:8080/MyJava
   
Not same port.

What happens if you try direct login to back-end on same port as
Balancer (8009)?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] httpd 2.0.63 + cgi script + 'Error: Bad file number'

[Boyle Owen]

> -Original Message-
> From: lr...@juno.com [mailto:lr...@juno.com] 
> Sent: Monday, August 31, 2009 3:41 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] httpd 2.0.63 + cgi script + 'Error: 
> Bad file number'
> 
> 
> 
>  I am attempting to upgrade my apache installation from 
> the 1.3.x branch to the 2.0.x or, perhaps 2.2.x branch, 

If you're going to upgrade, why not go all the way to 2.2.13? The 2.0
branch has not been updated since January 2008 and is not developed any
more.

> for 
> security reasons on AIX running 5.2.0.8.  I built httpd 
> 2.0.63 from source and configured it to be the same as the 
> 1.3.x version was configured.  But when we attempted to use a 
> cgi script that has run flawlessly under httpd 1.3.x, it 
> failed with 'Operating system error:  Bad file number'.  
> Other cgi scripts continue to operate.

Where did you get the error? Switch on ScriptLog and check there. Also,
check the code of the CGI program and look for file-handling calls to
see if you can narrow down where the error is coming from.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
>  I have searched the archives without finding a solution. 
>  Has anyone seen this and resolved it?  I can provide 
> additional information if needed.
> 
>  Thank you!
> 
> Lee
> 
> 
> Wanna lose weight?  Weight Loss Programs that work. Click here.
> http://thirdpartyoffers.juno.com/TGL2131/fc/BLSrjnsEGrHoiRF3pf
> GpbOAWqQGNbIS71eoXIPI86ocOy0f1AqlTDHVAWEA/
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] httpd 2.0.63 + cgi script + 'Error: Bad file number'

[Boyle Owen]

> -Original Message-
> From: lr...@juno.com [mailto:lr...@juno.com] 
> Sent: Tuesday, September 01, 2009 5:46 PM
> To: users@httpd.apache.org
> Subject: RE: [us...@httpd] httpd 2.0.63 + cgi script + 
> 'Error: Bad file number'
> 
> Hi Boyle Owen,
> 
> >>  I am attempting to upgrade my apache installation from 
> >> the 1.3.x branch to the 2.0.x or, perhaps 2.2.x branch, 
> 
> >If you're going to upgrade, why not go all the way to 2.2.13? The 2.0
> >branch has not been updated since January 2008 and is not 
> developed >any more.
> 
>  Good point.  I went with 2.0.63 because the issue appeared when
>  we attempted to replace the 1.3.x version of apache we are using
>  with the IBM IHS 6.1 server which is built on 2.0.47 and patched
>  to 2.0.63.  My thinking was to attempt to isolate the issue to
>  apache or IBM's modification of it.  Unfortunately, the problem 
>  appears under both platforms.  I have also attempted using
>  2.2.13 with precisely the same issue.
> 
> >> security reasons on AIX running 5.2.0.8.  I built httpd 
> >> 2.0.63 from source and configured it to be the same as the 
> >> 1.3.x version was configured.  But when we attempted to use a 
> >> cgi script that has run flawlessly under httpd 1.3.x, it 
> >> failed with 'Operating system error:  Bad file number'.  
> >> Other cgi scripts continue to operate.
> 
> > Where did you get the error? Switch on ScriptLog and check there. 
> > Also, check the code of the CGI program and look for file-handling 
> > calls to see if you can narrow down where the error is coming from.
> 
>This is the flow of the process:  A user brings up the 
> login screen,
>enters their userid and password, and clicks submit.  That posts a
>call to a cgi script that parses the submission and calls another
>script to verify the userid/password and extract that user's job 
>code from the database, placing that job code in a file to 
> be parsed
>by the calling script upon return.  The script that verifies the
>userid/password calls two compiled programs:  one verifies the 
>userid and password are valid, the other makes the call to the
>database to extract the job code.  The call to verify the userid
>and password succeeds but the call to the database fails.
> 
>ScriptLog does not give me anything.  The output from the script
>is redirected to a file and the failed script does not 
> emit anything
>aside from it's stdout message and a return code of 255.  
> The script
>executes flawlessly under apache 1.3.x and from the command line as
>the same user as under apache.  I do not have the source for the
>script; it is a compiled application that makes a database call.
> 
>Any ideas as to how I can debug this further?

Not really... Are you using a worker or prefork MPM? Apache 1.3 is
worker only (daemons, not multi-threaded). If you are using a
multi-threaded apache there could be synchronization issues, especially
with DB but that's just a shot in the dark. Otherwise, I found this
thread: http://www.perlmonks.org/?node_id=636194 but it's not really too
similar...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> Thank you for your assistance!
> 
> Lee
> 
> 
> 
> Best Weight Loss Program - Click Here!
> http://thirdpartyoffers.juno.com/TGL2131/fc/BLSrjnsEGrEal0sXmK
> 3ceVgwSXiWn3UvduQYE1h6Mnl9fWb4lEP8U7gjtwk/
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] able to start one virtual host but not all of them!!!

[Boyle Owen]

I'm not familiar with your linux distro, but I  suspect that
/usr/sbin/apache2 is the apache binary and that by starting it directly
you get a default config (do "/usr/sbin/apache2 -V" to find out where).

On the other hand, /etc/init.d/apache2 is probably a shell-script that
defines a different config file when it starts apache (look inside
/etc/init.d/apache2 to see what it does).

So each method loads a different config and that's why you get different
results...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 




From: khalid touati [mailto:khalidtou...@gmail.com] 
Sent: Thursday, October 22, 2009 8:51 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] able to start one virtual host but
not all of them!!!


thanks for all of you guys, actually i was doing a big mistake
(as i am not too familiar with apche on linux) i was starting the
service using this /usr/sbin/apache2 -k start, but when using
/etc/init.d/apache2 start, all my problem are gone, i still wondering
though wht's the difference but i am all set anyway!
tahnk you


2009/10/22 Mark Watts 


On Thu, 2009-10-22 at 09:16 -0400, khalid touati wrote:
> Hi Guys,
> i am able to start one virtual host but not all of
them, and these are
> the module when i type:
> /usr/sbin/apache2 -l
> Compiled in modules:
>   core.c
>   worker.c
>   http_core.c
>   mod_so.c
> i'm realyy stuck, any idea!!


A list of compiled-in modules is pretty useless.

Please provide a better description of your problem,
including error
messages, configuration information and anything else
relevant.

Mark.

--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer, Managed Services Manpower
www.QinetiQ.com  
QinetiQ - Delivering customer-focused solutions
GPG Key: http://www.linux-corner.info/mwatts.gpg





-- 
Abdullah 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] apache configuration: always go to parent directory

[Boyle Owen]

> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in] 
> Sent: Tuesday, November 10, 2009 10:43 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] apache configuration: always go to 
> parent directory
> 
> Hello,
> 
> I have configured a personal work-space for mine in apache where I can
> experiment with different sites and here is the configuration
> 
> 
> Alias /personal/joydeep  /var/personal_work_area/joydeep
> 
> DocumentRoot  /var/personal_work_area/joydeep/
> 
> 
> 
>   DirectoryIndex index.php
> 
>Options Indexes FollowSymLinks MultiViews
> AllowOverride All
> Order allow,deny
> allow from all
> 
> 
> ``
> 
> I have placed a folder ( a site) there. So the absolute path of that
> folder is  /var/personal_work_area/joydeep/experiment. 
> Whenever I access
> the folder through browser by visiting
> http://192.168.1.1/personal/joydeep/experimet   I  get "page not found
> error".  the log reports
> 
> ``
> URL   /personal/joydeep/experiment/index.php,  referer:
> http://192.168.1.1/personal/joydeep/

I just read over the thread - this should be a simple mis-configuration
problem... But can you please post the full line from the apache error
log?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> ```
> It is definitely wrong as it refer the parent folder and not the
> subfolder "experiment" hence the index.php is missing.  Is there any
> problem with my configuration ?
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] apache configuration: always go to parent directory

[Boyle Owen]

> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in] 
> 
> 
> ##apache config
> 
> ``
> Alias /personal/joydeep  /var/personal_work_area/joydeep
> 
> DocumentRoot  /var/personal_work_area/
> 
> 
> DirectoryIndex index.php
> Options Indexes FollowSymLinks MultiViews
> AllowOverride All
> Order allow,deny
> allow from all
> 
> `
> 
> There is a folder called test with a .htaccess  inside 
> /var/personal_work_area/joydeep  folder
> The test folder has  .htaccess ; alice.html  and  bob.html
> 
> `
> Options +FollowSymLinks
> #
> RewriteEngine On
> RewriteRule ^alice.html$ bob.htm
> ```
> 
> When I visit http://192.168.1.1/personal/joydeep/test/alice.html I get
> error as
> 
> 
> The requested URL /index.php was not found on this server.
> 
> 
> Here is the log
> 
> 
> [Thu Nov 12 15:47:49 2009] [debug] mod_deflate.c(632): [client
> 192.168.1.100] Zlib: Compressed 366 to 278 : URL /index.php
> [Thu Nov 12 15:47:50 2009] [error] [client 192.168.1.100] script
> '/var/www/index.php' not found or unable to stat

So the server has its docroot set to /var/www. That means it is not using the 
config above.

> [Thu Nov 12 15:47:50 2009] [debug] mod_deflate.c(632): [client
> 192.168.1.100] Zlib: Compressed 366 to 278 : URL /index.php
> [Thu Nov 12 15:47:50 2009] [error] [client 192.168.1.100] script
> '/var/www/index.php' not found or unable to stat
> [Thu Nov 12 15:47:50 2009] [debug] mod_deflate.c(632): [client
> 192.168.1.100] Zlib: Compressed 366 to 278 : URL /index.php
> 
> 
> Though everything is working well if I put test folder inside /var/www
> folder.
> 
> Here is my main configuration ( separate file)  for /var/www

Aha... You are using virtual hosts. This VH below is effectively your main 
server. All requests will go here (unless they don't match *:80 at TCP/IP).

Under what circumstances do you expect requests to go to the 
/var/personal_work_area/ docroot? Once you decide, you need to move the 
directives to a VH and set it up to receive that traffic (eg, you may want to 
use a name-based VH).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> ```
> 
> ServerAdmin webmas...@localhost
> 
> DocumentRoot /var/www
> 
> Options FollowSymLinks
> AllowOverride All
> 
> 
> Options Indexes FollowSymLinks MultiViews
> AllowOverride All
> Order allow,deny
> allow from all
> 
> 
> 
> DirectoryIndex index.php index.html
> 
> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
> 
> AllowOverride All
> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
> Order allow,deny
> Allow from all
> 
> 
> ErrorLog /var/log/apache2/error.log
> 
> # Possible values include: debug, info, notice, warn, 
> error, crit,
> # alert, emerg.
> LogLevel debug
> 
> CustomLog /var/log/apache2/access.log combined
> 
> Alias /doc/ "/usr/share/doc/"
> 
> Options Indexes MultiViews FollowSymLinks
> AllowOverride None
> Order deny,allow
> Deny from all
> Allow from 127.0.0.0/255.0.0.0 ::1/128
> 
> 
> 
> ``
> 
> Please ask if you need more info.
> 
> Thanks
> -- 
> জয়দীপ বক্সী
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] htacces

[Boyle Owen]

> -Original Message-
> From: Teun [mailto:apache.httpd@dse.nl] 
> Sent: Sunday, November 15, 2009 9:09 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] htacces
> 
> > On Sun, Nov 15, 2009 at 2:32 PM, Teun 
>  wrote:
> >> Best People,
> >> I do not understand the website of httpd apache for to 
> enabled htacces
> >> support websitefolders.
> >>
> >> How can ik enable in Ubuntu htacces for my websitefolder on my
> >> localhost?
> >> Thanks all !
> >
> > http://httpd.apache.org/docs/2.2/howto/htaccess.html
> > http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride
> >
> > You have virtual hosts defined in 
> /etc/apache2/sites-available/* that
> > probably have "AllowOverride none".  This disabled the reading of
> > htaccess files.
> >
> > --
> > Eric Covener
> > cove...@gmail.com
> >
> Best Eric,
> I think, I understand you. So...must I change "AllowOverride none" in
> "AllowOverride yes"

Look at the doc-page above
(http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride). Look at
the outlined summary-box. Look at the "Syntax" line. To make htaccess
work, you need "AllowOverride All"... "AllowOverride yes" does not mean
anything to apache.

But try to understand Eric's warning about what you are doing - if you
allow local overrides, people who edit the content can also control some
features of the server. Are you OK with this?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> ?
> 
> Thanks from Teun
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Can't get Apache 2.2 to display anything

[Boyle Owen]

On line 177 you have 

DocumentRoot "C:/Program Files/Apache Software
Foundation/Apache2.2/htdocs"

So apache will go there and look for "index.html". It appears this file
is the standard apache "It works!" file. So there is no problem with
apache, just with your understanding of how apache finds the content...

The usual thing that most people do is to make their own content
directory and put their own "index.html" in it. Then they point
"DocumentRoot to that directory. This saves mixing your content with
apache documentation stuff.

Eg;

DocumentRoot "C:/Users/fred/mysite"

then C:/Users/fred/mysite/index.html is your homepage.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 






From: Trolle Yew [mailto:berematkesa...@gmail.com] 
Sent: Saturday, November 14, 2009 7:59 PM
To: users@httpd.apache.org
Subject: [us...@httpd] Can't get Apache 2.2 to display anything


I'm trying to get the webserver to display my index page. I
placed everything required in \htdocs\ inside the default Apache
installation directory. However, when I try localhost in my browser, all
I see is "It Works!". What could be the problem?
My httpd.conf: http://pastebin.com/m1eab135a
error.log: http://pastebin.com/m72374816

Thanks in advance. 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] ProxyHTMLURLMap issues ... resent .. surely somebody can help with this

[Boyle Owen]

I think the reason no-one has replied is that no-one knows...

You are using a 3rd party module that many people will be unfamiliar with (eg, 
me) so it's not too surprising no-one feels able to respond. I did look up the 
module's homepage and noticed that the author offers to try to help out 
registered (ie, paying) users - is it worth £50?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 






From: Peter de Groot [mailto:peter.de.gr...@det.wa.edu.au] 
Sent: Thursday, November 19, 2009 10:12 AM
To: users@httpd.apache.org
Subject: [us...@httpd] ProxyHTMLURLMap issues ... resent .. surely 
somebody can help with this 



Hi,

Please help ... been grinding away for days :-).


I am trying to reverse proxy to my internal web site from the outside.

The internal web site has CSS and Java and everything.

HOWEVER.

The internal web site uses a "CSS Hack" (??)  to get around browser 
issues in IE.
When I browse the internal site directly I see this in the source. 








When I view the page source via the proxy.. this piece of the code is 
MISSING, and the apache log shows this

 Non-HTML content; not inserting proxy-html filter, referer: 
http://intranet.fff.du/tv/

I am presuming this is related to the error.

The displayed page is missing its "theme", which I am assuming is to do 
with the "hack"

How can I get ProxyHTMLMap to pass this content through.

Config snippet is


#  ---  TV


#To support scripting events (with ProxyHTMLExtended On),
#you'll need to declare them too.

ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \
onmouseover onmousemove onmouseout onkeypress \
onkeydown onkeyup onfocus onblur onload \
onunload onsubmit onreset onselect onchange


ProxyHTMLLogVerbose on
LogLevel debug
ProxyHTMLExtended On
ProxyPass /tv/http://tv-3:8088/
ProxyHTMLURLMap   http://tv-3:8088/  /tv


   ProxyPassreverse /
   SetOutputFilter  proxy-html
   ProxyHTMLURLMap/  /tv/
   ProxyHTMLURLMap/tv/tv
   RequestHeaderunset  Accept-Encoding





Thanks
peter




-- 

  
Peter de Groot
Eastern Goldfields College
Kalgoorlie 6430
Department of Education and Training
Phone 90801800 Fax 90801866 Mob 0418915312
  
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] ProxyHTMLURLMap issues ... resent .. surely somebody can help with this

[Boyle Owen]

supplement to previous post:

This looks something like your problem:
http://apache.webthing.com/mod_proxy_html/faq.html#script

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 






From: Peter de Groot [mailto:peter.de.gr...@det.wa.edu.au] 
Sent: Thursday, November 19, 2009 10:12 AM
To: users@httpd.apache.org
Subject: [us...@httpd] ProxyHTMLURLMap issues ... resent ..
surely somebody can help with this 



Hi,

Please help ... been grinding away for days :-).


I am trying to reverse proxy to my internal web site from the
outside.

The internal web site has CSS and Java and everything.

HOWEVER.

The internal web site uses a "CSS Hack" (??)  to get around
browser issues in IE.
When I browse the internal site directly I see this in the
source. 








When I view the page source via the proxy.. this piece of the
code is MISSING, and the apache log shows this

 Non-HTML content; not inserting proxy-html filter, referer:
http://intranet.fff.du/tv/

I am presuming this is related to the error.

The displayed page is missing its "theme", which I am assuming
is to do with the "hack"

How can I get ProxyHTMLMap to pass this content through.

Config snippet is


#  ---  TV


#To support scripting events (with ProxyHTMLExtended
On),
#you'll need to declare them too.

ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \
onmouseover onmousemove onmouseout onkeypress \
onkeydown onkeyup onfocus onblur onload \
onunload onsubmit onreset onselect onchange


ProxyHTMLLogVerbose on
LogLevel debug
ProxyHTMLExtended On
ProxyPass /tv/http://tv-3:8088/
ProxyHTMLURLMap   http://tv-3:8088/  /tv


   ProxyPassreverse /
   SetOutputFilter  proxy-html
   ProxyHTMLURLMap/  /tv/
   ProxyHTMLURLMap/tv/tv
   RequestHeaderunset  Accept-Encoding





Thanks
peter




-- 

  
Peter de Groot
Eastern Goldfields College
Kalgoorlie 6430
Department of Education and Training
Phone 90801800 Fax 90801866 Mob 0418915312
  
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] More RewriteRule issues ..

[Boyle Owen]

> -Original Message-
> From: bearsfoot [mailto:adam.p.reyno...@gmail.com] 
> Sent: Tuesday, November 24, 2009 3:24 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] More RewriteRule issues ..
> 
> 
> Hi,
> 
> I have the following rules in my .htaccess.
> 
> RewriteRule products/(.*)/ /index.php?view=products&brand=$1 [L]
> RewriteRule products/(.*)/(.*)/ 
> /index.php?view=productdetail&brand=$1&id=$2
> [L]
> 
> These are the urls the users see:
> http://www.mysite.com/products/product-name/ 
> http://www.mysite.com/products/product-name/1/ 
> 
> These are the pages the users see:
> http://www.mysite.com/index.php?view=products&brand=product-name
> http://www.mysite.com/index.php?view=productdetail&brand=produ
ct-name&id=1
> 
> 
> I want to add another rule rewrites the folowing url. 
> http://www.mysite.com/products/product-name/?filter=10
> 
> to
> 
> http://www.mysite.com/index.php?view=products&brand=product-na
me&filter=10
> 
> Can someone please show me how to implement this rule without 
> interferring
> with the existing second rule  ?

What did you try yourself already? What results did you get? What
problems did you encounter?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

Hint: A query-string is NOT part of the URL and so is not immediately
visible to a RewriteRule. For further details, check out:
http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule (and
read the grey box "what is matched?")
http://wiki.apache.org/httpd/RewriteQueryString


> 
> Thanks,
> Adam
> 
> 
> -- 
> View this message in context: 
> http://old.nabble.com/More-RewriteRule-issues-..-tp26489575p26
489575.html
> Sent from the Apache HTTP Server - Users mailing list archive 
> at Nabble.com.
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Load balancer sticky session problem

[Boyle Owen]

Try adding "nofailover=On" to the Proxy tag, ie
 

...

By default, if the desired balancer member is busy, the request will be
routed to another one, even if the stickysession doesn't match (this is
"failover"). To force apache to hold the request until the server is
free again, you need to switch this off by switching ON "nofailover" (so
switching OFF "failover" - confusing, eh? :-)

The downside is that if the desired server is really down, the request
will eventually fail.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 






From: Onur Agin [mailto:onura...@gmail.com] 
Sent: Tuesday, November 24, 2009 11:05 AM
To: users@httpd.apache.org
Subject: [us...@httpd] Load balancer sticky session problem


Hi,

With the configuration below, sticky sessions won't work...
I checked that both servers get the request with the same
session IDs.
Any ideas?



# Proxy
ProxyRequests Off

??Order deny,allow
??Allow from all


??BalancerMember http://10.xxx:7101
??BalancerMember http://10.xxx:7102


ProxyPass / balancer://ow1/




# Proxy
ProxyRequests Off

??Order deny,allow
??Allow from all


??BalancerMember http://10.xxx:7103
??BalancerMember http://10.xxx:7104


ProxyPass / balancer://ow2/



Also my request header is:

GET
/xxx/resources/org.apache.wicket.markup.html.WicketEventReference/wicket
-event.js;jsessionid=76BF17CE24DB39AC8F6B3639BBA5727D HTTP/1.1
Accept: */*
Referer:
http://10.xxx:8001/xxx/?class=texan.acq.ui.param.MERPARAM
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
SV1; .NET CLR 2.0.50727; MS-RTC LM 8; InfoPath.2)
Host: 10.xxx:8001
Connection: Keep-Alive
Cookie: JSESSIONID=76BF17CE24DB39AC8F6B3639BBA5727D 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Load balancer sticky session problem

[Boyle Owen]

 



>   "The downside is that if the desired server is really down, the
request
>   will eventually fail." 
>
>   I wouldn't want this, the reason why I am using a load balancer
is to have high availability,
> not just to balance a load.
>
>   How can I overcome this?
>   Aren't there any alternatives?


What do you imagine can happen? If you want sessions to be sticky then
if a request has session ID that points to server-A, the request *must*
go there. If server-A is unavailable, the request must wait. 

Alternatively, you can allow failover and then the request will go
straight to server-B, but then it has the wrong session cookie. 

Session affinity and failover are mutually exclusive - there is no way
round it.

>   Also what does it mean to be busy?
>   Currently I am using my pc to act as a load balancer in front of
powerfull servers and there
> is only one page request, how can it be busy?

No idea. It's your server.. You posted that stickysession wasn't working
and I posted back a possible explanation and something to try (did you?)
Maybe it's not the problem - try it and see :-)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 




On Tue, Nov 24, 2009 at 12:27 PM, Boyle Owen
 wrote:


Try adding "nofailover=On" to the Proxy tag, ie



...

By default, if the desired balancer member is busy, the
request will be
routed to another one, even if the stickysession doesn't
match (this is
"failover"). To force apache to hold the request until
the server is
free again, you need to switch this off by switching ON
"nofailover" (so
switching OFF "failover" - confusing, eh? :-)

The downside is that if the desired server is really
down, the request
will eventually fail.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may
be ignored.






? ? ? ?From: Onur Agin [mailto:onura...@gmail.com]
? ? ? ?Sent: Tuesday, November 24, 2009 11:05 AM
? ? ? ?To: users@httpd.apache.org
? ? ? ?Subject: [us...@httpd] Load balancer sticky
session problem



? ? ? ?Hi,

? ? ? ?With the configuration below, sticky sessions
won't work...
? ? ? ?I checked that both servers get the request with
the same
session IDs.
? ? ? ?Any ideas?


? ? ? ?
? ? ? ?# Proxy
? ? ? ?ProxyRequests Off
? ? ? ?
? ? ? ???Order deny,allow
? ? ? ???Allow from all
? ? ? ?
? ? ? ?
? ? ? ???BalancerMember http://10.xxx:7101
? ? ? ???BalancerMember http://10.xxx:7102
? ? ? ?

? ? ? ?ProxyPass / balancer://ow1/
? ? ? ?

? ? ? ?

? ? ? ?# Proxy
? ? ? ?ProxyRequests Off
? ? ? ?
? ? ? ???Order deny,allow
? ? ? ???Allow from all
? ? ? ?
? ? ? ?
? ? ? ???BalancerMember http://10.xxx:7103
? ? ? ???BalancerMember http://10.xxx:7104
? ? ? ?

? ? ? ?ProxyPass / balancer://ow2/
? ? ? ?


? ? ? ?Also my request header is:

? ? ? ?GET

/xxx/resources/org.apache.wicket.markup.html.WicketEventReference/wicket
-event.js;jsessionid=76BF17CE24DB39AC8F6B3639BBA5727D
HTTP/1.1
? ? ? ?Accept: */*
? ? ? ?Referer:

http://10.xxx:8001/xxx/?class=texan.acq.ui.param.MERPARAM
? ? ? ?Accept-Language: en-us
? ? ? ?Accept-Encoding: gzip, deflate
? ? ? ?User-Agent: Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.1;
SV1; .NET CLR 2.0.50727; MS-RTC LM 8; InfoPath.2)
? ? ? ?Host: 10.xxx:8001
? ? ? ?Connection: Keep-Alive
? ? ? ?Cookie:
JSESSIONID=76BF17CE24DB39AC8F6B3639BBA5727D


This message is for the named person's use only. It may
contain confidential, proprietary or legally privileged infor

RE: [us...@httpd] Load balancer sticky session problem

[Boyle Owen]

Forget the failover thing - Let's get back to your original problem
which is stickysession not working. 

Have you checked you have the session cookie in the request and that
it's called JSESSIONID?
Check http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass for
details on how it is supposed to work.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


From: Onur Agin [mailto:onura...@gmail.com] 
Sent: Tuesday, November 24, 2009 1:23 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Load balancer sticky session problem


What if I have a session clustering mechanism which works
asynchronously, so if host A fails, then the sessions will be replicated
to server B in several seconds, and if the session is sticky and request
is moved to B, only request that will come on that second will fail. But
if the load balancer is not sticky, it won't work since the sessions are
not replicated realtime 

On Tue, Nov 24, 2009 at 2:16 PM, Boyle Owen
 wrote:






> ? ? ? "The downside is that if the desired server is
really down, the
request
> ? ? ? will eventually fail."
>
> ? ? ? I wouldn't want this, the reason why I am using
a load balancer
is to have high availability,
> not just to balance a load.
>
> ? ? ? How can I overcome this?
> ? ? ? Aren't there any alternatives?



What do you imagine can happen? If you want sessions to
be sticky then
if a request has session ID that points to server-A, the
request *must*
go there. If server-A is unavailable, the request must
wait.

Alternatively, you can allow failover and then the
request will go
straight to server-B, but then it has the wrong session
cookie.

Session affinity and failover are mutually exclusive -
there is no way
round it.


> ? ? ? Also what does it mean to be busy?
> ? ? ? Currently I am using my pc to act as a load
balancer in front of
powerfull servers and there
> is only one page request, how can it be busy?


No idea. It's your server.. You posted that
stickysession wasn't working
and I posted back a possible explanation and something
to try (did you?)
Maybe it's not the problem - try it and see :-)


Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may
be ignored.


    
    
? ? ? ?On Tue, Nov 24, 2009 at 12:27 PM, Boyle Owen
 wrote:


? ? ? ? ? ? ? ?Try adding "nofailover=On" to the Proxy
tag, ie


? ? ? ? ? ? ? ?
? ? ? ? ? ? ? ?...

? ? ? ? ? ? ? ?By default, if the desired balancer
member is busy, the
request will be
? ? ? ? ? ? ? ?routed to another one, even if the
stickysession doesn't
match (this is
? ? ? ? ? ? ? ?"failover"). To force apache to hold the
request until
the server is
? ? ? ? ? ? ? ?free again, you need to switch this off
by switching ON
"nofailover" (so
? ? ? ? ? ? ? ?switching OFF "failover" - confusing, eh?
:-)

? ? ? ? ? ? ? ?The downside is that if the desired
server is really
down, the request
? ? ? ? ? ? ? ?will eventually fail.

? ? ? ? ? ? ? ?Rgds,
? ? ? ? ? ? ? ?Owen Boyle
? ? ? ? ? ? ? ?Disclaimer: Any disclaimer attached to
this message may
be ignored.




? ? ? ? ? ? ? ?

? ? ? ? ? ? ? ?? ? ? ?From: Onur Agin
[mailto:onura...@gmail.com]
? ? ? ? ? ? ? ?? ? ? ?Sent: Tuesday, November 24, 2009
11:05 AM
? ? ? ? ? ? ? ?? ? ? ?To: users@httpd.apache.org
? ? ? ? ? ? ? ?? ? ? ?Subject: [us...@httpd] Load
balancer sticky
session problem



? ? ? ? ? ? ? ?? ? ? ?Hi,

RE: [us...@httpd] proxy 502 problem uploading a large file

[Boyle Owen]

> -Original Message-
> From: Scott Chapman [mailto:schap...@mischko.com] 
> Sent: Wednesday, November 25, 2009 12:28 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] proxy 502 problem uploading a large file
> 
> I have Apache 2.2.11 and a web server behind it (CherryPy).
> When I upload a large file to the CherryPy server, I see the file in
> /tmp/modrproxy.tmp.FOO
> It uploads completely.
> Then Apache returns a 502 error without ever hitting the backend (the
> first line of code in the handler is to spit out a log line saying it
> was reached).

502 is Bad Gateway, which means that apache and back-end had a protocol
problem. Probably the back-end didn't handle the upload correctly. What
do the back-end logs say?

You mention a "large" file without saying what that means 1 Mb? 1 Gb? 1
Tb? what happens with a "small" file (10 b, 1 kb, 10 kb...)?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> The access and error logs are below and my virtual host config.
> I can't think what else to try.  I was using RewriteRules for this.
> Same situation.
> 
> This is a production server and it's having problems.  Any 
> help would be
> greatly appreciated.
> 
> Scott
> 
> 
> access log
>  - - [24/Nov/2009:16:13:46 -0500] "POST
> /lertwfm/addFileToCase HTTP/1.1" 502 422
> 
> error log
> [Tue Nov 24 16:18:23 2009] [error] [client ] (70014)End of
> file found: proxy: error reading status line from remote server
> 127.0.0.1, referer:
> http://lertwfmdev.odc.vzwcorp.com/lertwfm/detail_edit_case?cas
e_id=6667
> [Tue Nov 24 16:18:23 2009] [error] [client ] proxy: Error
> reading from remote server returned by 
> /lertwfm/addFileToCase, referer:
> http://lertwfmdev.odc.vzwcorp.com/lertwfm/detail_edit_case?cas
e_id=6667
> 
> 
> 
> DocumentRoot "/opt/webapp/wfm"
> ServerName foo.bar.com
> ErrorLog "|/usr/local/apache2/bin/rotatelogs
> /usr/local/apache2/logs/lert_wfm-error_log 86400"
> CustomLog "|/usr/local/apache2/bin/rotatelogs
> /usr/local/apache2/logs/lert_wfm-access_log 86400" common
> 
>   
> FileETag None
> 
> ExpiresActive On
> ExpiresDefault "access plus 2 hours"
> 
> Order allow,deny
> allow from all
> SetHandler default-handler
>   
> 
>   ProxyPass /static/ !
>   ProxyPass /lertwfm/static/js/ !
>   ProxyPass /fax/ http://127.0.0.1:9010/fax/
>   ProxyPass / http://127.0.0.1:9000/ connectiontimeout=900 timeout=900
> 
>   
> Order allow,deny
> allow from all
>   
> 
> 
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] apache 2.2.13 SSL renegotiation vulnerability

[Boyle Owen]

> -Original Message-
> From: David Taveras [mailto:d3taveras3...@gmail.com] 
> Sent: Wednesday, November 25, 2009 10:56 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] apache 2.2.13 SSL renegotiation vulnerability
> 
> Hello,
> 
> Ive seen that 2.2.14 comes with a patch for the recent SSL
> renegotiation vulnerability. Could anybody tell me if there is a patch
> available for apache 2.2.13 

The patch applies to four files in mod_ssl:

Index: modules/ssl/ssl_private.h
Index: modules/ssl/ssl_engine_init.c
Index: modules/ssl/ssl_engine_io.c
Index: modules/ssl/ssl_engine_kernel.c

If you compare the diffs between 2.2.13 and 2.2.14, you'll find that
there is only a difference in one file (ssl_engine_init.c) and even that
is only an edit within a line (so the line arrangement doesn't change).
Therefore, the patch _should_ work just fine with 2.2.13. Try it and let
us know!

> .. iam not ready to update yet.

If you're going to recompile a module, there's not much more effort to
just doing the whole thing..

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS - To test the patch is working:
http://www.mail-archive.com/d...@httpd.apache.org/msg46109.html

> 
> Thank you.
> 
> David
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] mod_proxy issue - intermittent 502 response

[Boyle Owen]

502 is bad gateway, which means that apache and the back-end server have
got into a protocol argument. Usually this is due to a bad response from
the back-end (as your log entries indicate). Why do you think apache is
the problem?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  




From: Cristian Pini [mailto:cris.p...@fsite.com] 
Sent: Thursday, November 26, 2009 6:19 PM
To: users@httpd.apache.org
Subject: [us...@httpd] mod_proxy issue - intermittent 502
response



Hi,

 

I'm running Apache/2.0.52 as a reverse proxy on a RHE4 box, the
backend app server is on a separate machine again RHE4, running
Apache/2.0.52 and mod_perl 1.99_16. 

 

There are intermittent 502 responses being generated by the
proxy although a page refresh generally resolves the issue, we are
trying to get a configuration of 2 RP boxes in front of 3 mod_perl app
servers into production but will need to understand / resolve the issue
of these intermittent 502 responses first.

 

[Thu Nov 26 15:35:09 2009] [error] [client 88.96.233.45] proxy:
error reading status line from remote server xxx.xx.co.uk, referer:
http://xxx..co.uk/mens/casual/casual/71/brand-/all-/start-

[Thu Nov 26 15:35:09 2009] [error] [client 88.96.233.45] proxy:
Error reading from remote server returned by
/mens/smart/smart/70/brand-/all-/start-, referer:
http://.xxx.co.uk/mens/casual/casual/71/brand-/all-/start-

 

Can someone shed further light on what the problem is and how to
resolve it pls, I'm happy to send virtual host confs if someone wishes
to dig little deeper. Note at this point I'm using mod_rewrite [P] to
proxy the requests to the app server rather than using ProxyPass as we
have many rewrites in the conf.

 

I've googled around and have seen that others have observed
similar scenarios when using this setup in Apache 2.0 but have not seen
anything specific about a resolution or path to resolution.

 

Your help gratefully appreciated.

 

Kind regards,

 

Cris

 

Cristian Pini

Foresite Business Solutions Ltd

Tel: 020 8540 0040

Direct: 020 8545 6813

http://www.fsite.com 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] how to get multiple SSL with name based vhost ?

[Boyle Owen]

> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in] 
> Sent: Tuesday, December 01, 2009 8:20 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name 
> based vhost ?
> 
> ...
>
> Thanks for your nice explanatory  response.  The server where 
> my apache
> is running is based on opensuse 11.0 . Hence I don't think 
> this box can
> support SNI. As this is a production server I can't simply upgrade the
> box. So I need some other alternative.

Krist explained it very nicely... But maybe you still didn't get it: Without 
SNI, there is NO WAY TO DO THIS. It is a fundamental limitation of the HTTPS 
protocol with no production-grade work-around. SNI (server-name indication) was 
specifically added to address this limitation. There is simply NO ALTERNATIVE. 

Having said that, if you have a research or academic environment and don't care 
about browser warnings, you can just use the same cert for all sites. You will 
get the encryption aspect of HTTPS but not the authentication aspect.

Alternatively, if all sites have the same domain-name (eg, sales.wibble.com, 
shop.wibble.com etc), you can get a wildcard cert that certifies *.wibble.com.

Aside from these special cases, there is NO WAY to have name-based SSL VHs.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> Thanks to make me 
> familiar with SNI
> 
> -- 
> জয়দীপ বক্সী
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] how to get multiple SSL with name based vhost ?

[Boyle Owen]

> -Original Message-
> From: J. Bakshi [mailto:joyd...@infoservices.in] 
> Sent: Tuesday, December 01, 2009 10:53 AM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name 
> based vhost ?
>
> ... 
> 
> Thank for your response. your assumption is correct. I am 
> working in an
> environment where the domain name is same.  Hence I am using the same
> certificate. But the problem is with port.  apache 
> complaining if it see
> more name based vhost with port 443. I was using the config as below

I think you are just getting a *warning* - if you test the sites it should 
"work"...

That is to say, you will get an SSL session with the cert from VH1 then if you 
request site1 all will be OK (no browser warnings sice site1 matches cert1). If 
you request site2, you will get a browser warning since site2 doesn't match 
cert1, but otherwise the request should succeed (since the SSL session is up by 
this time, apache can decrypt the request, get the Host header and so go to the 
appropriate VH).

If this is not happening, post back with a description of what *is* happening...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> ` ` ` `
> Listen 443
> NameVirtualHost  example1.de:443
> 
> 
> SSLEngine on
> SSLCipherSuite HIGH:MEDIUM
> SSLProtocol all -SSLv2
> SSLCertificateFile /etc/apache2/myca/mars-server.crt
> SSLCertificateKeyFile /etc/apache2/myca/mars-server.key
> SSLCertificateChainFile /etc/apache2/myca/my-ca.crt
> ServerName https://example1.de
> ServerAlias https://example1.de
> 
> DocumentRoot /srv/www/htdocs/blevti.opendingo.de
> DirectoryIndex index.php
> 
> 
> 
> NameVirtualHost  example2.de:443
> 
> SSLEngine on
> SSLCipherSuite HIGH:MEDIUM
> SSLProtocol all -SSLv2
> SSLCertificateFile /etc/apache2/myca/mars-server.crt
> SSLCertificateKeyFile /etc/apache2/myca/mars-server.key
> SSLCertificateChainFile /etc/apache2/myca/my-ca.crt
> ServerName https://example2.de
> ServerAlias https://example2.de
> 
> DocumentRoot /srv/www/htdocs/example2.de
> DirectoryIndex index.php
> 
> ` ` ` `
> 
> but no luck
> 
> -- 
> জয়দীপ বক্সী
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] how to get multiple SSL with name based vhost ?

[Boyle Owen]

> -Original Message-
> From: Peter Schober [mailto:peter.scho...@univie.ac.at] 
> Sent: Tuesday, December 01, 2009 12:40 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] how to get multiple SSL with name 
> based vhost ?
> 
> * Boyle Owen  [2009-12-01 10:08]:
> > Krist explained it very nicely... But maybe you still didn't get it:
> > Without SNI, there is NO WAY TO DO THIS. It is a fundamental
> > limitation of the HTTPS protocol with no production-grade
> > work-around. SNI (server-name indication) was specifically added to
> > address this limitation. There is simply NO ALTERNATIVE.
> 
> Nonsense, and shouting does not make it correct either.
> Use X.509v3 SubjectAltName extensions in the certs, as I (and probably
> others) said several times on this very list last month alone.


Thanks for the reminder, peter. Oddly enough, I had a nagging suspicion
I had heard of some rather obscure alternative to SNI and now I know
where I heard it :-) But couldn't remember enough about it to find it on
Google :-( Anyway, I stand corrected. 

Sorry for afflicting your hearing - but it seemed the op wasn't getting
the point. However, at least he now has an alternative... Would you mind
helping him out with it?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 






> (And of course SNI is preferable, once ubiquitious support for it is
> available in servers and user agents alike).
> -peter
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Re: Building Apache 2.2 without IPv6

[Boyle Owen]

> -Original Message-
> From: Tom Evans [mailto:tevans...@googlemail.com] 
> Sent: Sunday, December 06, 2009 12:49 PM
> To: users@httpd.apache.org
> Subject: Re: [us...@httpd] Re: Building Apache 2.2 without IPv6
> 
> "Hello, I'd like to stop receiving messages about Christianity"
> "Ooh, no, you just dont understand how great Christianity is going to
> be for you..."

Har har... It's posts like this (and Kirst's one last week about the
power cut) that make this list such a hoot! Please renew my
subscription.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Cheers
> 
> Tom
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Load balancer sending request when server starts and gets ready

[Boyle Owen]

From: Onur Agin [mailto:onura...@gmail.com] 
Sent: Monday, December 07, 2009 1:32 PM
To: users@httpd.apache.org
Subject: [us...@httpd] Load balancer sending request when server
starts and gets ready


Hi, 

I am using apache 2.2 as load balancer in front of 2 tomcat
servers.
I notice that when I restart a tomcat server, when a new request
comes to apache, it directs the request to the tomcat server before the
application goes up and the user has to wait until the server gets up.
Probably when it sees that http port is up, apache routes the
requests.
Is there a way to tell apache to wait until the application goes
up (something like make it poll a control page or tell apache to wait 60
seconds when a new server starts )?

Thanks.?



I think you've described what's happening pretty well.. However, I had a
look at http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass
and there are a few parameters that you can tweak that might do
something. Look especially at "ping" and "status".

If you do figure something out, please post back the solution as I (and
others, I'm sure) would be interested to know.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Problems with mod_ssl and mod_proxy

[Boyle Owen]

> -Original Message-
> From: Jan Luca Naumann [mailto:j...@naumannsfamily.de] 
> Sent: Tuesday, December 08, 2009 3:53 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Problems with mod_ssl and mod_proxy
> 
> Hallo,
> 
> I have a problem with Apache Server (Apache/2.2.14 (Win32) 
> mod_ssl/2.2.14 OpenSSL/0.9.8k):
> 
> I want to set up that the server controll a client-cert and, 
> if it is OK, connect with a ProxyPass to the right server.
> 
> ...
> 
> 
> Order Deny,Allow
> Deny from all
>  
> 
> ProxyRequests Off
> 
> NameVirtualHost :443
> 
> :443>
> DocumentRoot "C:/Program Files/Webserver/Apache/htdocs"
> ServerName 
> ServerAlias 
> 
> SSLEngine on
> SSLCertificateFile 
> SSLCertificateKeyFile 
> SSLCACertificateFile 
> SSLVerifyClient require
> SSLVerifyDepth  10
> 
> ProxyPreserveHost On
> ProxyPass / 
> ProxyPassReverse / 
> 
> 
> 
> When I connect to the server now, the browser loads some time 
> and then gives me a timeout. What do I wrong?

Break the problem into two parts and get the ProxyPass working before worrying 
about the SSL client verification. What happens if you comment out all the SSL 
stuff and try to get to the back-end server with a plain HTTP virtual host?

If that times out, what happens if you try to access the back-end directly 
(from a client that has TCP/IP access, obviously)?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Viele Grüße
> Jan
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] http video streaming

[Boyle Owen]

> -Original Message-
> From: Ted Byers [mailto:r.ted.by...@gmail.com] 
>
> ...
> 
> 1) Am I to understand, then, that your answer is that I can't 
> do this with
> Apache's httpd server and I have to deploy Apple's open 
> source streaming
> video server?

One way to think about it is to reflect that streaming media is not
really HTTP (which was originally designed to transfer entire files).
Streaming is yet another protocol that sits on top of TCP/IP (along with
SMTP, DNS, HTTP, etc...) The last time I looked, RTSP was the flavour of
the month (http://en.wikipedia.org/wiki/Real_Time_Streaming_Protocol).

In principle, you shouldn't really expect an HTTP server to deliver a
streaming media feed any more than you should expect it to receive mail.
That it apparently can be done is a bonus :-)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS - before someone points it out, apache actually *can* receive mail!

> 
> 2) If I use mpeg-4 files, will they then stream pproperly using http
> streaming?
> 
> Thanks
> 
> Ted
> -- 
> View this message in context: 
> http://old.nabble.com/http-video-streaming-tp26733531p26736282.html
> Sent from the Apache HTTP Server - Users mailing list archive 
> at Nabble.com.
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Questions about implementing SSL/VirtualHosts

[Boyle Owen]

> -Original Message-
> From: Justin Pasher [mailto:just...@newmediagateway.com] 
> 
> Many others have provided some information, but here's a 
> basic summary 
> (assuming no SNI support):
> 
> (a) Single FQDN, single DocumentRoot - Single IP.
> (b) Multiple FQDN, single DocumentRoot - Single IP, assuming cert 
> supports all (sub)domains listed. Otherwise Multiple IP
> (c) Multiple FQDN, multiple DocumentRoot - Multiple IP addresses (one 
> for each FQDN)

Why is no-one mentioning the SubjectAltName solution
(http://marc.info/?l=apache-httpd-users&m=125889530300657&w=2)? Does it
not really work or is no-one actually using it?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> -- 
> Justin Pasher
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Http server not working from everywhere

[Boyle Owen]

> -Original Message-
> From: Pop123 [mailto:i_dont_car...@hotmail.com] 
> Sent: Wednesday, December 23, 2009 3:40 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Http server not working from everywhere
> 
> 
> I installed apache http server 2 on my ubuntu linux computer 
> at home. I also
> have a router which I forwarded the http port to that 
> computer. My problem
> is that my friend, who is not on the same network, can access 
> my website
> without any problem. But at my girlfriends house, I can't get 
> access to the
> website, the site says that the link is broken. 
> So, depending from where I am trying to access the website 
> from, it can work
> or not.
> 
> I really don't know what can cause that, so this is why I 
> need some help.

You need to think about how the external computers are accessing your
server. Do you have a static IP? Do you have a domain-name? Do you have
a public DNS entry that maps your domain-name to your IP?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Thanks,
> 
> Pop123
> -- 
> View this message in context: 
> http://old.nabble.com/Http-server-not-working-from-everywhere-
> tp26897331p26897331.html
> Sent from the Apache HTTP Server - Users mailing list archive 
> at Nabble.com.
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Mod_Rewrite voodoo

[Boyle Owen]

> -Original Message-
> From: Reese [mailto:howel...@inkworkswell.com] 
> Sent: Monday, January 04, 2010 5:34 PM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Mod_Rewrite voodoo
> 
> Hello everyone,
> 
> I am restructuring a Web site and need to move a number of files to
> different subdirectories. The files have an embedded date code in
> [filename]DDMMYY.ext format, I was hoping to hook the YY.ext portion
> to redirect ...05.html files to the 2005/ subdirectory, ...06.html
> files to the 2006/ subdirectory, etc.
> 
> This shouldn't be that difficult, but I'm not getting anywhere with
> the RewriteCond/RewriteRule pairs I've tried so far. Either I get
> 500 errors, create endless loops or the rule is not applied at all.
> 
> How should a rewrite rule like this be formulated?

What did you try so far?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Reese
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Multiple ssh login prompts

[Boyle Owen]

> -Original Message-
> From: Patrick Horgan [mailto:phorg...@yahoo.com] 
> Sent: Wednesday, January 06, 2010 6:41 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] Multiple ssh login prompts
> 
> On a site that I set up on fedora, https://ootbcomp.com, which brings 
> you to a mediawiki installation, there are ten ssl login prompts each 
> above the other, so if you log in to one of them, the next 
> one down in 
> the stack appears in my firefox browser.  If I log in ten times I get 
> the site, if I log in once and cancel the other nine I get 
> one pane of 
> the site and a refresh in the browser gets the whole site.  
> After that 
> I'm not prompted again unless I restart the browser of course.  Does 
> anyone have any idea what I did?  I've never seen this 
> behavior before.  
> The system:

How are your Basic Auth realms defined? Do you have a single realm with
all content within? Or many parallel realms? Or nested realms?

You mention "panes" so I guess that components of the site are loaded
with dojo ContentPanes or iframes or similar? If so, how do the hrefs
look? Do they have absolute URLs
(href="https://ootbcomp.com/path/to/content";) or relative links
(href="/path/to/content")?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Linux s2.ootbcomp.com 2.6.30.8-64.fc11.x86_64 #1 SMP Fri Sep 
> 25 04:43:32 
> EDT 2009 x86_64 x86_64 x86_64 GNU/Linux
> The server is loaded from a fedora package:
> httpd.x86_64   2.2.13-1.fc11  
>   
> @updates
> Server version: Apache/2.2.13 (Unix)
> mediawiki is from a fedora package:
> mediawiki.x86_64 1.15.1-50.fc11   
>   
> @updates
> 
> In the ssl_access_log I can see the multiple requests for the page, 
> favicon, a php file, some css, some images, etc...and it 
> seems that for 
> each of them, I get an ssl login prompt.
> 
> Patrick
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Trouble installing on windows 7

[Boyle Owen]

> -Original Message-
> From: William Foster [mailto:willia...@gmail.com] 
> Sent: Thursday, January 07, 2010 5:07 AM
> To: users@httpd.apache.org; comp...@roadrunner.com
> Subject: Re: [us...@httpd] Trouble installing on windows 7
> 
> Hi Wes,
> 
> Well it was a free copy, so no money to Microsoft on this one.
> 
> I figured out the issue.  There was a hidden dialog underneath the
> install shield dialog asking if I wanted to grant permission.  Once I
> discovered that and granted permission it installed fine.

This sounds like User Account Control - it appeared with Vista. You're going to 
get very familiar with it if you are maintaining a Windows system ;-)

http://en.wikipedia.org/wiki/User_Account_Control

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Now I'm facing another issue.  I can get to localhost:80 but when I
> try to access from another computer inside the router, it does not
> work.  I wonder if port 80 is being blocked by default in Windows 7?
> 
> Thanks.
> 
> -William
> 
> 
> On Wed, Jan 6, 2010 at 7:52 PM, Wesley Stupar 
>  wrote:
> > Hi William,
> >
> > Sorry to say, I cannot help on this one. But for what 
> little solace it
> > is, I believe that Windows 7 is a sham and an affront to the user
> > community. It is simply an attempt to gather more money into the
> > Microsoft coffers. Have you considered Linux?
> >
> > Wes Stupar
> >
> > -Original Message-
> > From: William Foster [mailto:willia...@gmail.com]
> > Sent: Wednesday, January 06, 2010 5:54 PM
> > To: users@httpd.apache.org
> > Subject: [us...@httpd] Trouble installing on windows 7
> >
> > Hi,
> >
> > I am trying to install Apache HTTP Server v2.2.14 on a machine
> > recently upgraded to Windows 7. Apache worked fine under Windows XP,
> > but when I go to install this in Windows 7, the install 
> script appears
> > to hang. In the install wizard dialog it states:
> >
> >  Installing Apache HTTP Server 2.2.14
> >  The program features you selected are being installed.
> >
> >  Please wait while the Installation Wizard installs Apache HTTP
> > Server 2.2.14. This may take several minutes.
> >
> >  Status:
> >
> >  
> >
> > I tried with and without openSSL support, both fail the same way.
> >
> > Is this install script known to work on Windows 7? If so, how do I
> > debug what is going wrong?
> >
> > Thanks.
> >
> > -William
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
> >
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
> >
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] HTTPD Authentication Questions

[Boyle Owen]

> -Original Message-
> From: cgswtsu78 [mailto:cg...@proofpoint.com] 
> Sent: Thursday, January 14, 2010 1:12 AM
> To: users@httpd.apache.org
> Subject: [us...@httpd] HTTPD Authentication Questions
> 
> 
> Hello, 
> 
> I'm currently trying to apply apache httpd authentication to 
> a tomcat web
> application.  The user authenticates on the apache side and 
> then has a link
> within the apache server perl application that sends them 
> over to the tomcat
> application (reportsvcs_ws) via mod_jk.  If the user tries to 
> jump to the
> tomcat application without first authenticating they're prompted and
> successfully directed to the tomcat app if they supply the correct
> credentials.  The problem I'm seeing is once in the tomcat 
> application (post
> initial auth), the application envokes some web service calls 
> against the
> reportsvcs_ws tomcat application and the response is a 401 
> (auth needed)
> error.  So It looks like the fact that the reportsvcs_ws 
> resource is already
> authorized isn't persisted on the tomcat side.  Any ideas on how to
> troubleshoot or fix this?  My httpd config is below

For Basic Auth to work, the client simply adds a header (containing the
credentials) to the request (there is no state maintained in the
server). If the header is not present, Auth fails. So you need to make
sure the header is present in all requests under that realm.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> 
> 
> 
>Order allow,deny
> 
> Allow from all
> 
> AuthType Basic
> 
> AuthName "Report Service"
> 
> AuthUserFile /filepath/file.users
> 
> require valid-user
> 
> 
> 
> -- 
> View this message in context: 
> http://old.nabble.com/HTTPD-Authentication-Questions-tp2715433
5p27154335.html
> Sent from the Apache HTTP Server - Users mailing list archive 
> at Nabble.com.
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [EMAIL PROTECTED] What is the Difference between A webserver(apache) and an application server?

[Boyle Owen]

Is this how students write their essays nowadays?




From: Varuna Seneviratna [mailto:[EMAIL PROTECTED] 
Sent: Saturday, September 20, 2008 5:43 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] What is the Difference between A
webserver(apache) and an application server?


What is the Difference between A webserver(apache) and an
application server?


Varuna
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. The sender's company reserves the right to 
monitor all e-mail communications through their networks.

RE: [EMAIL PROTECTED] Issue with SSL configuration.

[Boyle Owen]

Hi,

It is not clear that SSL is actually working so concentrate on that
first. Forget about proxying (where are your Proxy directives, by the
way?) and try to get a local file via HTTPS. So point the DocumentRoot
at a local path (is /opt/bea/domains/optdomain/servers/AdminServer/stage
local?) Then just try https://server-name/ and see what you get...

Look also in the error-log when you start-up; mod_ssl usually prints a
lot of diagnostics during startup...

Finally, bear in mind that switching on SSL is really about setting up a
port-based virtual host. So it is an *additional* virtual host rather
than something you add to an existing VH. So it won't necessarily
inherit features of the "main" site (you have to make that happen).

Post back if you need more info...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.




From: Vasanth Kumar ravi [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 28, 2008 3:37 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Issue with SSL configuration.


Operation System : Redhat Linux.
Apache Version  : 2.0.63

Folks,
I have installed apache as a web proxy server to redirect all
the client requests to the 
weblogic application server.This works perfectly for the non ssl
connection.
Now I need to setup SSL for apache alone and not for the
Weblogic.
As we are setting up SSO at the web server level, we need to
have the apache running on SSL.

So I had installed the module mod_ssl to the apache and
configured the ssl.conf and virtual hosts as follows.


SSLRandomSeed startup builtin
SSLRandomSeed connect builtin


Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl.crl
SSLPassPhraseDialog  builtin
SSLSessionCache dbm:/home/apache/logs/ssl_scache
SSLSessionCacheTimeout  300
SSLMutex file:/home/apache/logs/ssl_mutex



DocumentRoot
"/opt/bea/domains/optdomain/servers/AdminServer/stage"
ServerName (ip address>:443
ErrorLog /home/apache/logs/error_log
TransferLog /home/apache/logs/access_log

SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /usr/share/ssl/certs/server.crt/
SSLCertificateKeyFile /usr/share/ssl/certs/server.key/

CustomLog /home/apache/logs/ssl_request_log \
  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"




**
I created the certificates and key files using the following
command options of openssl.

openssl req -new -x509 -days 365 -sha1 -newkey rsa:1024 -nodes
-keyout server.key -out server.crt -subj
'/O=Company/OU=Department/CN=www.example.com'

I had copied the certs to the openssl certs directory and
created hashlinks for them.

I verified the certs using the openssl command as follows.
[EMAIL PROTECTED] logs]# openssl s_client -host 43.65.9.6 -port 443
CONNECTED(0003)
22951:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:475:


But when I try to access the url with https, it give the
following error messages.

At the browser.
 has sent an incorrent or unexpected message Error
code :-12263
At the apache logs.
[Tue Oct 28 10:20:00 2008] [error] [client HOST] Invalid
method in request \x16\x03\x01
[Tue Oct 28 10:20:10 2008] [error] [client HOST] Invalid
method in request \x16\x03\x01
[Tue Oct 28 10:20:20 2008] [error] [client HOST] Invalid
method in request \x16\x03\x01
[Tue Oct 28 10:23:22 2008] [error] [client HOST] Invalid
method in request \x80\x8c\x01\x03\x01
[Tue Oct 28 10:29:41 2008] [error] [client HOST] Invalid
method in request \x16\x03\x01

Can you help me out , if there is something wrong with config
settings.
I did google with the error messages obtained in log, they were
pointing out a configuration problem with ssl.
Can you point out specifically which i need to address.

-- 
Regards&Thanks,
Vasanth Kumar Ravi



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Issue with SSL configuration.

[Boyle Owen]

I think you're not getting responses because your question is a bit
muddled...

By ".. able to use the SSL at the apache level .. " I am assuming that
https://server/filepath returns the file at /filepath -
i.e. you can get local content via HTTPS. Is this so?

If so, all you need to do now is proxy this VH to the back-end server
(i.e. the weblogic thingy). For this you need Proxy directives,e.g.

ProxyPass / http://back-end-server/

then a request for https://server/filepath will cause apache to fetch
http://back-end-server/filepath and return it, via HTTPS, to the client.

I don't quite understand why you have paths like /OPSWeb/neo... That
makes it look like apache is fetching the back-end content via the
filesystem (e.g. shared disks). If so, that's not right - a proxy is
simply a way of forwarding HTTP requests so that all data are
transferred by HTTP. No need for the servers to see each other's files.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

 




From: Vasanth Kumar ravi [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 30, 2008 6:30 AM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Issue with SSL configuration.


All,
Can someone throw light on this issue.

Thanks.


On Wed, Oct 29, 2008 at 4:28 PM, Vasanth Kumar ravi
<[EMAIL PROTECTED]> wrote:


Thanks folks..
After posting this in the forum , I did an extensive
research on the internet and it was resolved.
Major problem was due to the Virtual host
configuration..Now i am able to use the SSL at the apache level.

wildcard NameVirtualHosts and _default_ servers:
*:443  is a NameVirtualHost
 default server gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:362)
 port 443 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:362)
 port 443 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:376)
*:80   is a NameVirtualHost
 default server gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:332)
 port 80 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:332)
 port 80 namevhost gelxd002.sony.com.sg
(/home/apache/conf/httpd.conf:343)

I need your help in some configuration ideas.
I m trying to setup something like the below.
Client <---SSL---> Apache <---HTTP---> WebLogic

I request http:///OPSWeb/neo from the browser
and it goes to the login page and I am able to perform all the
functions.
When I request https:///OPSWeb/neo , it doesnt
give a login page, but it gives a pop-up in IE "Access is Denied. Type
Error"
As stated earlier, I need to have HTTPS between the
browser and the web server and HTTP between the Apache and Weblogic.
Also there is no SSL enabled at the Weblogic level.

Do we have to write some ProxyReverse Parameters/Rewrite
rules.
Let me know if you need any further details.

Please advise. 




On Tue, Oct 28, 2008 at 10:35 PM, Krist van Besien
<[EMAIL PROTECTED]> wrote:


On Tue, Oct 28, 2008 at 3:36 AM, Vasanth Kumar
ravi
<[EMAIL PROTECTED]> wrote:

> SSLCertificateFile
/usr/share/ssl/certs/server.crt/
> SSLCertificateKeyFile
/usr/share/ssl/certs/server.key/


The argument to SSLCertifacateFile and
SSLCertificateKeyFile is a
_file_, not a directory. Just enter the full
path to your cert and
private key here.


> I had copied the certs to the openssl certs
directory and created hashlinks
> for them.


Creating hashkeys is not necessary. Apache knows
where to find its
cert if you give  SSLCertificateFile the correct
value.

Krist

--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.

RE: [EMAIL PROTECTED] 502 proxy error

[Boyle Owen]

From: isha b [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 30, 2008 12:47 PM
To: users@httpd.apache.org; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: [EMAIL PROTECTED] 502 proxy error


 
 
Team,
When I try to access an application using reverse proxy, most of
the time I will end up with below error. Anybody have an idea what will
be causing the issue? After few refresh on the page I will get actual
page but most of the times end up with below proxy error
 
 
 
Proxy Error
The proxy server received an invalid response from an upstream
server.
The proxy server could not handle the request GET /testingtool/.
Reason: Error reading from remote server
 



Apache/2.2.3 (Fedora) Server at testingserver.test.com Port 443
 
 
Thanks,
Isha


Aoache is the proxy, is it?

It could be the back-end server is not working reliably - what happens
if you access it drectly?

If it seems OK, how long does it take to respond? If it's a slow
application it may take longer than apache is prepared to wait (see
ProxyTimeout, KeepAlivetimeout)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [us...@httpd] Reducing js file sizes...

[Boyle Owen]

> -Original Message-
> From: André Warnier [mailto:a...@ice-sa.com] 
>
> Would that not prevent browser-level caching of the javascript ?
> If yes, that would probably more than cancel any advantage of the 
> "minification", no ?

I don't know for certain the OP's motivation but it may not be just to save 
bandwidth...

There is a security imperative for cleaning up JS - comments, and even variable 
names, can reveal details about  your server's implementation that may assist 
an attacker. You can (should?) go the whole hog and obfuscate the code too 
(re-write variables to "a", "b", "c" etc, remove white-space, etc..)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>"   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. If you receive this message in 
error, please notify the sender urgently and then immediately delete the 
message and any copies of it from your system. Please also immediately destroy 
any hardcopies of the message. 
The sender's company reserves the right to monitor all e-mail communications 
through their networks.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] overriding mod_auth_sspi from .htaccess

[Boyle Owen]

Plain text please...

It looks like you are attempting to nest authentication realms. HTTP 1.1 
doesn't support this (to be more precise, the protocol assumes a single layer 
of authentication).

When the browser requests a URL aand gets a "401 Unauthorized" back, it logs 
the pathname part of the URL as a "realm", caches the username/password and 
sends them automatically with every subsequent request in the same realm. If it 
encounters another realm *inside* the main realm, the browser has no mechanism 
for distinguishing the two and the behaviour is usually unpredictable and 
browser-depenedent.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

-Original Message-
From: Scott Baverstock [mailto:[EMAIL PROTECTED]
Sent: Donnerstag, 5. Mai 2005 15:01
To: 'users@httpd.apache.org'
Subject: [EMAIL PROTECTED] overriding mod_auth_sspi from .htaccess


Platform - Win2000, Apache/2.0.47, mod_auth_sspi/1.0.1, PHP/4.3.2

Hi there,

In my httpd.conf file I currently have the following -


AllowOverride All
 AuthName "TTL Chiltern"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain HIGHWYCOMBE
require valid-user


within a virtualhost directive.  I have tried to override this in a directory 
using an .htaccess file with the following single line -

AuthType Basic

but when accessing scripts within this directory I still  get the NTLM headers.

Can someone please suggest how I might get around this.

TIA

Scott

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Looking for a Favicon/Robots Solution

[Boyle Owen]

> -Original Message-
> From: Justin Gehring [mailto:[EMAIL PROTECTED]
> Sent: Montag, 9. Mai 2005 05:41
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Looking for a Favicon/Robots Solution
> 
> 
> Hi all,
> 
> I apologize if someone has posted on this but I did not find 
> it searching the
> archives.
> 
> I currently manage an apache webserver 1.3.33 with a large number of
> virtualhosts. As you can guess, my log files are ridden with 
> 404's about the
> missing robots.txt and favicon.ico files. One obvious 
> solution to this problem
> is to put an icon and robots file into all of there root 
> level directories, but
> this takes work. Instead, I wanted to use mod_rewrite to just 
> have all the
> address's rewrite to a common favicon, in the event that 
> there was no favicon
> present (same with robots). The code looked like this (thank 
> you: laffey.tv)
> 
>   RewriteEngine On
>   RewriteCond  %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
>   RewriteRule  .*favicon\.ico$ /var/web/favicon.ico [L]
>   RewriteRule  .*robots\.txt$ /var/web/robots.txt [L]
> 
> 
> I put that in my main server conf file thinking that it would 
> catch all
> addresses, and if it failed to find one of the files, it 
> would spit out the
> common file. This hit a glitch though, it appears that Apache 
> sends the address
> information to the virtual host before running it through the 
> main config
> (unless i have something else wrong). This means that I can't 
> just write this
> one rule once, I would have to put it into every single 
> virtualhost. 

Exactly. The request is assigned to a particular VH based on it's TCP/IP and 
HTTP header attributes. Thereafter, the only directives which apply to it are 
those inside the VH container or those "outside" which have "server" context 
(see
http://httpd.apache.org/docs-2.0/mod/directive-dict.html#Context ).

You need to put the rule in every VH...

> I'm curios
> if anyone knows a way around this. 

... unless you can specify it globally using mass virtual hosting
(http://httpd.apache.org/docs-2.0/vhosts/mass.html ).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> If not, can anyone recommend any
> documentation the apache stuff for writing custom mod's?
> 
> -
> -- Justin Gehring  --
> --   PH: 651 - 208 -8797   --
> --  EM: [EMAIL PROTECTED] --
> -
> 
> 
> 
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] httpd process crash the server

[Boyle Owen]

> -Original Message-
> From: WEBGATE ADMIN [mailto:[EMAIL PROTECTED]
>
> My server start crash couple times a day
> In the TOP I see HTTPD process take 399% of CPU
> I don't see any un regular activity in the error.log
> How I can determinate what crach my server.
> Thank You.
> Dual P4 / Xeon 2.8 Ghz 
>   2 GB PC2100 ECC / REG DDR 
> Apache 1.3.33
> Os:CentOs 3.3

Not really crashing is it? More like it becomes extremely busy...

What additional modules do you have loaded (PHP?) Do you have dependencies on 
additional applications (tomcat, MySQL etc)? What's in the access log?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> 
> 
> 
> 
> 
> Best Regards 
> Webgate Internet Solutions
>  
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] httpd process crash the server

[Boyle Owen]

> -Original Message-
> From: WEBGATE ADMIN [mailto:[EMAIL PROTECTED]
> Sent: Montag, 9. Mai 2005 13:10
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] httpd process crash the server
> 
> 
> Hello
> Thank You for quick replay
> You are right "becomes extremely busy"
> Yes I also run tomcat, 
> MySQL(4.0.24-0),
> PHP 4.3.2 (cgi),
> perl v5.8.0
> access log mixed HTML and PHP requests
> Or I should look for any specific?

It is very rare for apache to get hung up like this. This type of thing usually 
happens because apache is trying to get data from a third-party resource (eg, a 
database request or a Tomcat request) and it is the third-party resource that 
gets stuck.

If you look in the access log, you should see what requests are triggering the 
problem (they will be the last requests!). You should then try to replicate the 
problem by sending such requests to a test server (or take  the server offline 
and test it). You need to be able to reproduce the problem before you can 
analyse it.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 




> Thank You.
> 
>  
> 
>  
> 
>  
> 
> Best Regards 
> Webgate Internet Solutions
> * Sales: [EMAIL PROTECTED] ]  
> * T.support: [EMAIL PROTECTED]
> *Telephone: 052-3242837,09-8871643   
> 
> 
> 
> 
> > -Original Message-
> > From: Boyle Owen [mailto:[EMAIL PROTECTED] 
> > Sent: Monday, May 09, 2005 11:19 AM
> > To: users@httpd.apache.org
> > Subject: RE: [EMAIL PROTECTED] httpd process crash the server
> > 
> > 
> > > -Original Message-
> > > From: WEBGATE ADMIN [mailto:[EMAIL PROTECTED]
> > >
> > > My server start crash couple times a day
> > > In the TOP I see HTTPD process take 399% of CPU
> > > I don't see any un regular activity in the error.log
> > > How I can determinate what crach my server.
> > > Thank You.
> > > Dual P4 / Xeon 2.8 Ghz 
> > >   2 GB PC2100 ECC / REG DDR
> > > Apache 1.3.33
> > > Os:CentOs 3.3
> > 
> > Not really crashing is it? More like it becomes extremely busy...
> > 
> > What additional modules do you have loaded (PHP?) Do you have 
> > dependencies on additional applications (tomcat, MySQL etc)? 
> > What's in the access log?
> > 
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored. 
> > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > Best Regards
> > > Webgate Internet Solutions
> > >  
> > > 
> > > 
> > > 
> > > 
> > 
> -
> > > The official User-To-User support forum of the Apache HTTP
> > > Server Project.
> > > See http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > >"   from the digest: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > 
> > > 
> > Diese E-mail ist eine private und persönliche Kommunikation. 
> > Sie hat keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der 
> > SWX Gruppe. This e-mail is of a private and personal nature. 
> > It is not related to the exchange or business activities of 
> > the SWX Group. Le présent e-mail est un message privé et 
> > personnel, sans rapport avec l'activité boursière du Groupe SWX.
> >  
> >  
> > This message is for the named person's use only. It may 
> > contain confidential, proprietary or legally privileged 
> > information. No confidentiality or privilege is waived or 
> > lost by any mistransmission. If you receive this message in 
> > error, please notify the sender urgently and then immediately 
> > delete the message and any copies of it from your system. 
> > Please also immediately destroy any hardcopies of the 
> > message. You must not, directly or indirectly, use, disclose, 
> > distribute, print, or copy any part of this message if you 
> > are not the intended recipient. The sender's company reserves 
> > the right to monitor all e-mail communications through their 
> > networks. Any views expressed in this message are those of 
> > the individual sender, except where the message states 
> > otherwise and the sender is authorised to state them to be 
> > the views of the sender's company.
> > 
> > 
> ---

RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work

[Boyle Owen]

> -Original Message-
> From: Michael Avila [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 7. Dezember 2005 20:56
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> 
> 
> Thanks for the reply.
> 
> Here is what is there now.
> 
> .htaccess
> -
> 
>   
> SetEnvIf User-Agent ".*MSIE.*" \
>  nokeepalive ssl-unclean-shutdown \
>  downgrade-1.0 force-response-1.0
>   
> 
> 
> This was in the file and is the only uncommented text. I am 
> not using SSL.
> Iremoved everything else per your suggestion.
> 
> 
> htppd.conf
> --
> Alias /o E:/ApacheGroup/Apache2/d/c/a
> 
> AuthType Basic
> AuthName O
> Require valid-users
> AllowOverride AuthConfig Options
> AuthUserFile E:\ApacheGroup\Apache2\auth.dbm
> Options None
> Order allow,deny
> Allow from all
> 
> 
> I created the id/password with htdbm and restarted Apache. It 
> still does not
> work.
> 
> What next?

Learn to read carefully...

> Require valid-users

should be 

> Require valid-user

Do you see the difference? Did you read the docs?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Mike
> 
> 
> > -Original Message-
> > From: Boyle Owen [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, December 07, 2005 2:57 AM
> > To: users@httpd.apache.org
> > Subject: RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> >
> >
> > Your set up is a bit of a mess
> >
> > 1) You don't need (and should have) Auth directives in the main
> > config *and* in a .htaccess file. For simplicity, I'd recommend
> > all directives in the main config and only use a .htaccess file
> > if you really need to (if you don't know whether to use a
> > .htaccess file... don't use it).
> >
> > 2) You need an AuthUserFile directive to tell apache where to
> > find the file with the list of users and passwords (see
> > http://httpd.apache.org/docs/2.0/mod/mod_auth.html#authuserfile)
> >
> > 3) "Require user all" doesn't make sense unless you have a user
> > called "all". If you just want to restrict access to user who
> > have an entry in the AuthUserFile (see #2), then put "Require
> > valid-user" (see 
> http://httpd.apache.org/docs/2.0/mod/core.html#require).
> >
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored.
> >
> >
> > >  -Original Message-
> > > From: Michael Avila [mailto:[EMAIL PROTECTED]
> > > Sent: Mittwoch, 7. Dezember 2005 00:23
> > > To:   Apache - User Mailing List
> > > Subject:  [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> > >
> > > Windows XP Pro SP2
> > > Apache 2.0.55
> > >
> > > I have had basic auth working in the past and I looked at
> > several examples to set this up but for some reason it is not
> > working. It is time for me to present it to someone else as I may
> > not be seeing the trees because the forest is so big!
> > >
> > > Thanks for the help.
> > >
> > > Mike
> > >
> > >
> > > hpptd.conf
> > > ---
> > > LoadModule auth_module modules/mod_auth.so
> > > LoadModule auth_dbm_module modules/mod_auth_dbm.so
> > >
> > > UseCanonicalName Off   <-- was on but turned it off as I
> > saw a post about it causing problems
> > >
> > > Alias /o E:/ApacheGroup/Apache2/d/c/a <---
> > changed the names because it is wide open now
> > > 
> > > AuthType Basic
> > > AuthName O
> > > Require user all
> > > AllowOverride AuthConfig Options
> > > Options None
> > > Order allow,deny
> > > Allow from all
> > > 
> > >
> > > ==
> > >
> > > .htaccess
> > > --
> > > 
> > <--- this already was in the .htaccesss file
> > >   
> > > SetEnvIf User-Agent ".*MSIE.*" \
> > >  nokeepalive ssl-unclean-shutdown \
> > >  downgrade-1.0 force-response-1.0
> > >   
> > > 
> > >
> > > AuthType Basic
> > > AuthName O
> > > Require user
> > > AllowOverride AuthConfig Options
> > >  << File: ATT975377.txt >>
> >
> >
> > Diese E-mail ist eine priv

RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work

[Boyle Owen]

> -Original Message-
> From: Michael Avila [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 7. Dezember 2005 20:56
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> 
> 
> Thanks for the reply.
> 
> Here is what is there now.
> 
> .htaccess
> -
> 
>   
> SetEnvIf User-Agent ".*MSIE.*" \
>  nokeepalive ssl-unclean-shutdown \
>  downgrade-1.0 force-response-1.0
>   
> 
> 
> This was in the file and is the only uncommented text. I am 
> not using SSL.
> Iremoved everything else per your suggestion.
> 
> 
> htppd.conf
> --
> Alias /o E:/ApacheGroup/Apache2/d/c/a
> 
> AuthType Basic
> AuthName O
> Require valid-users
> AllowOverride AuthConfig Options
> AuthUserFile E:\ApacheGroup\Apache2\auth.dbm
> Options None
> Order allow,deny
> Allow from all
> 
> 
> I created the id/password with htdbm and restarted Apache. 

Further to the spelling mistake, you're using directives for a text-file based 
authentication scheme but your credentials are in a DB.

If you want to use dbm for the passwords, you have to use the appropriate 
directives, ie AuthDBMUserFile rather than AuthUserFile... and all the other 
ones.

See http://httpd.apache.org/docs/2.0/mod/mod_auth_dbm.html

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

It 
> still does not
> work.
> 
> What next?
> 
> Mike
> 
> 
> > -Original Message-
> > From: Boyle Owen [mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, December 07, 2005 2:57 AM
> > To: users@httpd.apache.org
> > Subject: RE: [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> >
> >
> > Your set up is a bit of a mess
> >
> > 1) You don't need (and should have) Auth directives in the main
> > config *and* in a .htaccess file. For simplicity, I'd recommend
> > all directives in the main config and only use a .htaccess file
> > if you really need to (if you don't know whether to use a
> > .htaccess file... don't use it).
> >
> > 2) You need an AuthUserFile directive to tell apache where to
> > find the file with the list of users and passwords (see
> > http://httpd.apache.org/docs/2.0/mod/mod_auth.html#authuserfile)
> >
> > 3) "Require user all" doesn't make sense unless you have a user
> > called "all". If you just want to restrict access to user who
> > have an entry in the AuthUserFile (see #2), then put "Require
> > valid-user" (see 
> http://httpd.apache.org/docs/2.0/mod/core.html#require).
> >
> > Rgds,
> > Owen Boyle
> > Disclaimer: Any disclaimer attached to this message may be ignored.
> >
> >
> > >  -Original Message-
> > > From: Michael Avila [mailto:[EMAIL PROTECTED]
> > > Sent: Mittwoch, 7. Dezember 2005 00:23
> > > To:   Apache - User Mailing List
> > > Subject:  [EMAIL PROTECTED] Cannot Get Basic Auth to Work
> > >
> > > Windows XP Pro SP2
> > > Apache 2.0.55
> > >
> > > I have had basic auth working in the past and I looked at
> > several examples to set this up but for some reason it is not
> > working. It is time for me to present it to someone else as I may
> > not be seeing the trees because the forest is so big!
> > >
> > > Thanks for the help.
> > >
> > > Mike
> > >
> > >
> > > hpptd.conf
> > > ---
> > > LoadModule auth_module modules/mod_auth.so
> > > LoadModule auth_dbm_module modules/mod_auth_dbm.so
> > >
> > > UseCanonicalName Off   <-- was on but turned it off as I
> > saw a post about it causing problems
> > >
> > > Alias /o E:/ApacheGroup/Apache2/d/c/a <---
> > changed the names because it is wide open now
> > > 
> > > AuthType Basic
> > > AuthName O
> > > Require user all
> > > AllowOverride AuthConfig Options
> > > Options None
> > > Order allow,deny
> > > Allow from all
> > > 
> > >
> > > ==
> > >
> > > .htaccess
> > > --
> > > 
> > <--- this already was in the .htaccesss file
> > >   
> > > SetEnvIf User-Agent ".*MSIE.*" \
> > >  nokeepalive ssl-unclean-shutdown \
> > >  downgrade-1.0 force-response-1.0
> > >   
> > > 
> > >
> > > AuthType Ba

RE: [EMAIL PROTECTED] Apache Problem / Win XP / Wireless AD-HOC

[Boyle Owen]

Fix your mailer!=20

"=20" is popping up all over the place...=20

It is really=20 ann=20oyin=20g...

Read on=20

> -Original Message-
> From: fj b [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 8. Dezember 2005 14:07
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Apache Problem / Win XP / Wireless AD-HOC
> 
> 
> Hi,=20
> 
> I am trying to connect a device (Sinus 154 Media) to my PC 
> via wireless net=
> work. The device is used to send pictures and music to the 
> TV. I have the f=
> olloing configuration.
> 
> My PC=20
> IP: 192.168.2.44=20
> Mask 255.255.255.0=20
> SSID : FJBR=20
> 
> Device
> IP: 192.168.2.45=20
> Mask 255.255.255.0=20
> SSID : FJBR=20
> 
> Communication AD-HOC=20
> 
> Ping to the device   (ping 192.168.2.45 )...does work
> 
> Ping to the PC (ping 192.168.2.44)..does not work .. I am not 
> sure if there=
>   is a problem

There is. You must be able to ping the PC before anything using TCP/IP will 
work.

> 
> Now the apache problem
> 
> The device has  a software that starts Apache . The software 
> says "Server c=
> ould not be started" and in the apache log directory there is 
> the following=
>   error:=20

Where is apache running? On the device or PC? (be careful - I'm not asking 
where the config screen appears - obviously that's on the PC - but where is the 
*server* running?

> 
> Apache.exe: Could not determine the server's fully qualified 
> domain name, u=
> sing 192.168.2.44 for ServerName=20

This isn't actually an error - just a warning. It will not prevent apache from 
starting. Where do you see this message?

what happens when you navigate to http:/192.168.2.44/ ?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  
> 
> What could be the Problem?
> 
> I tried to manipulate the httpd.conf file, but it is 
> automatically generate=
> d every time that the server program runs I tried to 
> manipulated a http=
> d.default.conf file...but the changes that I do here do not 
> take efect in t=
> he httpd.conf..
> 
> I am really not sure where could be the problem and if 
> changing the conf in=
> formation could be solve my proble...
> 
> well I am going to be appreciate any help about that
> 
> Federico
> 
> 
> 
> -- 
> ___
> 
> Search for businesses by name, location, or phone number.  
> -Lycos Yellow Pages
> 
> http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.c
om/default.asp?SRC=lycos10


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Apache 1.3: Aliases no longer working

[Boyle Owen]

> -Original Message-
> From: Stephen Collyer [mailto:[EMAIL PROTECTED]
> 
> I'm not familiar with the Apache code base, but I guess this
> implies that there's no trace code in there ? Seems to be
> something of an omission for a project as large as Apache, if so.

I disagree strongly. Apache's greatest strength is its reliability and 
robustness. If you pollute the code-base with help, info and debug messages and 
all the associated switches and conditionals, you create a fertile bug 
environment.

Incidentally, I believe your assertion that you found nothing in the error log 
to be inaccurate. If the problem was due to an access control restriction, then 
you would have received a message "access denied by server configuration". This 
should have been enough to indicate what the problem was.

If you truly didn't get this, then there is still something wrong with your 
installation. Reproduce the 403 and double-check the error log.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> > An alternative is to run the request under a debugger and 
> step through
> > it until you see what is causing the problem.  See:
> > http://httpd.apache.org/dev/debugging.html
> 
> Well, I'd already strace'd it, with no better results; all
> I could see is that the appropriate file is stat'ed, and then
> a little later on, the 403 being returned.
> 
> However: *** I have found the problem ***
> 
> The problem, of course, was caused by my being a dick.
> I'd put in some temporary access control that I'd forgotten
> about in an Include'd conf file.
> 
> Now, given that we're all dicks at some point or other,
> this has taught me that Apache is too hard to debug.
> 
> It would be much more useful if it were possible to ask
> Apache to provide a trace of a request, based on its current 
> configuration, this trace containing all of the major decisions
> that are made thoughout its life: access control, URL->dir
> translations, usage of Aliases, and so on.
> 
> Now, I'd guess that such trace would be spread across many
> components, written by many different people, so I won't be
> holding my breath, but this would be far more useful than the
> current suggestions in the debugging page of, say, strace or
> gdb, both of which are really at the wrong level semantically.
> (strace is telling you about syscalls, not config logic, and
> gdb'ing Apache ain't for those who aren't already familiar
> with the code, though it would give you the right answer with
> enough effort, of course).
> 
> -- 
> Regards
> 
> Stephen Collyer
> Netspinner Ltd
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Manual page problem ?

[Boyle Owen]

Plain text please...

I think your problem is that you are missing a few directives to do with 
mod_negotiation (see 
http://httpd.apache.org/docs/2.0/mod/mod_negotiation.html). 

Try;

- "Options Multiviews" (or add Multiview to an existing Options directive)
-  LanguagePriority en (assuming you want English as priority)

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


-Original Message-
From: Mehmet Fatih AKBULUT [mailto:[EMAIL PROTECTED]
Sent: Montag, 12. Dezember 2005 04:53
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Manual page problem ?


hi all.
when i try to browse manual pages for apache2 i always get errors like below :
(url : http://127.0.0.1/apache2-doc/manual/new_features_2_0.html )

and error :

URI: new_features_2_0.html.de Content-Language: de Content-type: text/html; 
charset=ISO-8859-1 URI: new_features_2_0.html.en Content-Language: en 
Content-type: text/html; charset=ISO-8859-1 URI: new_features_2_0.html.es 
Content-Language: es Content-type: text/html; charset=ISO-8859-1 URI: 
new_features_2_0.html.fr Content-Language: fr Content-type: text/html; 
charset=ISO-8859-1 URI: new_features_2_0.html.ja.euc-jp Content-Language: ja 
Content-type: text/html; charset=EUC-JP URI: new_features_2_0.html.ko.euc-kr 
Content-Language: ko Content-type: text/html; charset=EUC-KR URI: 
new_features_2_0.html.ru.koi8-r Content-Language: ru Content-type: text/html; 
charset=KOI8-R ... bla bla bla ...

i see such errors unless i add '.en' at the end of url. (url : 
http://127.0.0.1/apache2-doc/manual/new_features_2_0.html .en)

do i have to remove all *.html and rename *.html.en as *.html ???
or is there a simple solution not to get the error(s) above ?
help please.
Regards,
Bye.

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Only redirecting, but not changing the root?

[Boyle Owen]

> -Original Message-
> From: Lennart Aangeenbrug [mailto:[EMAIL PROTECTED]
> Sent: Dienstag, 13. Dezember 2005 09:26
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Only redirecting, but not changing the root?
> 
> 
> Hi all,
> 
> Yesterday i've posted a question and no one replyed :-( Maybe i 
> explained it not clear enough or is it not solvable. Here is 
> my question 
> again in another words:
> 
> How can I forward an user to a specific location, > without < 
> changing 
> the root? 

It is not clear what you mean by "the root". Do you mean the "DocumentRoot"? 
It's always better to use exact keywords in technical questions rather than 
making up your own shorthand.

> For example:
> www.example1.com == goes to ==> public_html/example1/, the root stays 
> public_html/
> www.example2.com == goes to ==> public_html/example2/, the root stays 
> public_html/
> www.example3.com == goes to ==> public_html/example3/, the root stays 
> public_html/

If you do mean DocumentRoot, then I'm confused. The DocumentRoot never changes. 
So now I'm beginning to think you mean the path displayed in the browser 
location bar... If so, you could do something like this (untested):

- set up a default VH, possibly on localhost, which has "DocumentRoot 
/path/to/public_html"
- set up one name-based VH for each site which proxies (or rewrites in 
proxy-mode) the request to the default server

eg:

# default VH

Listen 127.0.0.1

  DocumentRoot /path/to/public_html


# site VHs

NameVirtualHost *:80


  ServerName www.example1.com

  ProxyPass / http://127.0.0.1/example1/
  ProxyPassReverse / http://127.0.0.1/example1/

  or 

  RewriteRule ^/(.*) http://127.0.0.1/example1/$1 [P]



repeat as required...

How it works:

- Incoming request has Hostname = www.example1.com so is routed to the VH with 
that ServerName. 
- VH makes a second request to localhost with path /example1
- this request is routed to the default VH on localhost
- default VH fetches the page and returns it to example1 VH
- example1 VH passes the page back to the client

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> 
> The root public_html contains nothing more than a .htaccess file. It 
> should recognize which domain is adressed and then send it to 
> the right 
> dir. Why I want this? I keep in the dir  public_html/ several other 
> dirs, like graphic & tools I need for all sites.
> 
> gr, Lennart
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Re: cgi scripts outside of cgi-bin

[Boyle Owen]

> -Original Message-
> From: news [mailto:[EMAIL PROTECTED] Behalf Of Christopher J.
> Bottaro
> Sent: Dienstag, 13. Dezember 2005 23:07
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Re: cgi scripts outside of cgi-bin
> 
> 
> Joshua Slive wrote:
> 
> > On 12/13/05, Christopher J. Bottaro <[EMAIL PROTECTED]>
> > wrote:
> >> The exact same script works if I put it in Apache's 
> cgi-bin dir.  Any
> >> ideas? I'm using Apache-2.0.54. Thanks for the help.
> > 
> > What exactly happens when you try this?  What is in the 
> browser?  What
> > is in the error_log?  Most importantly: what is in the suexec_log,
> > since I'd guess the problem is with suexec.
> 
> Oh, forgot to mention that...:)  error_log says this:
> 
> [Tue Dec 13 15:03:19 2005] [error] [client 127.0.0.1] Premature end of
> script headers: 

Congratulations! The CGI program was identified by apache and executed as a 
CGI. So your config is working.

Sadly, your program is not. The error message means that the script did not 
produce the required CGI header information before any other data.

Does the same script work when it is in a "normal" cgi directory? If not, you 
have to fix the script:
http://httpd.apache.org/docs/2.0/howto/cgi.html#troubleshoot
Also, switch on script-logging get more debug 
http://httpd.apache.org/docs/2.0/mod/mod_cgi.html#scriptlog.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS - It may be your script is failing due to some complication from suexec (eg 
permissions problem). Try to get a simpler "hello-world" running before 
tackling suexec..

  

>test.cgi, referer:
> http://localhost/~sti/tragence/webapp/interfaces/customer/webl
> ib/pb_upload/
> 
> suexec.log says this:
> 
> [2005-12-13 15:03:19]: uid: (501/sti) gid: (501/501) cmd: upload.cgi
> [2005-12-13 15:03:19]: directory is writable by others:
> (/home/sti/public_html/tragence/webapp/interfaces/weblib/pb_upload)
> 
> If I do apachectl -V, it says that it's looking for SUEXEC_BIN
> in /usr/sbin/suexec.  The strange thing is that 
> /usr/sbin/suexec doesn't
> exist.  I'm using Fedora Core 4 and I can't figure out which package
> installs suexec.
> 
> > Joshua.
> 
> Thanks for the help,
> -- Christopher
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Apache 2.0.54 Proxy information request

[Boyle Owen]

Plain text please...

I assume when say "port 443" you mean HTTPS and not that you're just changing 
the port number under normal HTTP. Your main application is an undefined Single 
Sign-On authentication scheme. Your set up is:

Internet <--HTTPS--> apache <--HTTP--> IIS

...and this works. But when you change to:

Internet <--HTTPS--> apache <--HTTPS--> IIS

...it doesn't.

So it looks like your SSO application doesn't work via HTTPS. What do you get 
in the apache and/or IIS logs? Is there any SSO logging?

BTW, What happens if you try:

DMZ browser <--HTTPS--> IIS

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

-Original Message-
From: Rosado, Rodolfo CTR MDA/IOM [mailto:[EMAIL PROTECTED]
Sent: Donnerstag, 15. Dezember 2005 22:12
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Apache 2.0.54 Proxy information request


Hi all,  
I'm new, have mercy.  I've set up an Apache server in my DMZ and it is 
accessed via port 443 only.  I reverse proxy requests to a back-end IIS server 
and application.  My issue is with SSO.  I configured my Apache Server in a 
test environment to accept and reverse proxy requests over port 80 and the 
information is passed correctly to the IIS server and application and allows 
the user to SSO.  However, when I change this to port 443, the SSO no longer 
works.  I can get to the backend app, but no SSO.  Is there something I haven't 
configured properly? 
 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] "error reading the headers"

[Boyle Owen]

>  -Original Message-
> From: Michael Avila [mailto:[EMAIL PROTECTED] 
> Sent: Freitag, 16. Dezember 2005 02:59
> To:   Apache - User Mailing List
> Subject:  [EMAIL PROTECTED] "error reading the headers"
> 
> WinXP Pro
> Apache 2.0.55
> MySQL database 4.1.15
> 
> 
> I am getting this error when submitting a METHOD='Post' to Apache. 
> 
> [Thu Dec 15 20:49:48 2005] [error] [client 70.228.56.50] request failed: 
> error reading the headers, referer: 
> http://www.thecertnetwork.net/certprod/repository/index.php
> 
> I have this at the top of the php script being called but it never gets there.
> 
> error_reporting(E_ALL);
> 
> What puzzles me is that this same procedure works 99% of the time. It is 
> creating a record for a member and works with over 60 members. With 2 members 
> it does not.

So what's funny about these two users? Do they have illegal characters (spaces, 
carriage returns etc.) in there usernames?
Incidentally, this looks entirely like a PHP problem - you might have more luck 
on a PHP forum

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> What causes an error such as that? Anything that I can try?
> 
> Thanks.
> 
> Mike
> 
>  << File: ATT232491.txt >> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Which directory

[Boyle Owen]

> -Original Message-
> From: Bill Belew [mailto:[EMAIL PROTECTED]
> Sent: Montag, 19. Dezember 2005 22:04
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Which directory
> 
> 
> Thank you!  I made that change to the documentroot.  Now can 
> you tell me
> what I need to do to give permission per the message below?

If you mean that you changed the DocumentRoot directive to point to a new 
directory, then you have to "Allow" access to this dir. Check 
http://httpd.apache.org/docs/2.0/mod/mod_access.html#allow and 
http://httpd.apache.org/docs/2.0/mod/mod_access.html

Basically, you need:


  Allow from all


Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS - always check the error log when you're debugging (and post the entry to 
the list if you need to ask about it).

> 
> Forbidden
> You don't have permission to access / on this server.
> Apache/2.0.55 (Win32) Server at belewconsulting.com Port 80
> 
> Bill
> 
> 
> -Original Message-
> From: Gallagher, Jon [mailto:[EMAIL PROTECTED] 
> Sent: Monday, December 19, 2005 11:52 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Which directory
> 
> 
> Most webservers have a document root.  This is described in 
> detail and can
> be configured in the httpd.conf file.  However - out of the box, the
> document root for apache httpd is:apache_installation_dir/htdocs
> 
> Where apache_installation_dir is where you installed apache. 
> 
> In there you will find the page that renders the " If you can 
> see this, it
> means that the installation of the Apache web server software 
> on this system
> was successful" message.
> 
> Drop an html file in there and it will render.
> 
> The documentation can walk you through change the location of 
> the document
> root, changing permissions, etc.
> 
> 
> 
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
he.org] On
Behalf Of Bill Belew
Sent: Monday, December 19, 2005 11:46 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Which directory

I'm trying very hard to use the documentation and not ask for help on
obvious things, but I find some simple things very ambiguous.  What
directory is the message below referring to?
 
If you can see this, it means that the installation of the Apache web server
 software on this system was successful. You may now add content to this
directory Bill

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info. To
unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.1/206 - Release Date: 12/16/2005



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Upgrading to Apache/2.0.54 from 1.3.26

[Boyle Owen]

> -Original Message-
> From: Gerry Danen [mailto:[EMAIL PROTECTED]
> Sent: Dienstag, 20. Dezember 2005 07:54
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Upgrading to Apache/2.0.54 from 1.3.26
> 
> 
> Hi Alfred,
> 
> Yes, Apache is running. I'm running virtual hosts so the hardcoded ip
> address does not really work.

"Connection refused" is a failure at the TCP/IP layer (before you even get to 
apache). It means the server does not have a listening socket on the IP:port 
you are addressing. This usually means apache is not running. If, as you say, 
it *is* running, then there must be something wrong with your Listen directive 
(eg, not listening to port 80) - check that first.

Your point about VHs is not correct - your server *must* have an IP. If you hit 
it on that IP with no hostname (ie, use an IP address) then you will simply get 
the first VH. 

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.

PS - you don't have a FW between the client and server, by any chance?

> 
> Gerry
> 
> 
> On 12/19/05, Alfred Vahau <[EMAIL PROTECTED]> wrote:
> > Hi,
> > Is Apache running at all?
> > If Apache is running, what happens if you explicitly set 
> Listen  > address>:80 in the conf file and then try to access
> > the index page from the browser
> >
> > http:///index.html
> >
> > Alfred,
> >
> > Gerry Danen wrote:
> >
> > >I have set up a new server and adjusted the config files, 
> but I keep
> > >getting "connection refused". Been chewing on this for 
> some time now.
> > >Does anybody have any suggestions?
> > >
> > >Many thanks
> > >
> > >
> > >--
> > >Gerry
> > >http://portal.danen.org/
> > >
> > 
> >-
> > >The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > >See http://httpd.apache.org/userslist.html> for more info.
> > >To unsubscribe, e-mail: [EMAIL PROTECTED]
> > >   "   from the digest: [EMAIL PROTECTED]
> > >For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> > >
> > >
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >"   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> 
> 
> --
> Gerry
> http://portal.danen.org/
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Apache and dynu

[Boyle Owen]

Plain text please...

I think your router is misconfigured (so not a problem with apache or dynu). I 
tried your address from the public internet and got your router's config 
screen. The way it is supposed to work (I think) is this:

- user on the web, types in asluttech.dynu.com
- browser requests IP address from dynu.com
- dynu.com sends browser your IP address (69.139.24.80)
- browser makes HTTP request to that IP
- router receives request on its external interface and routes it to its 
internal interface, changing the destination IP to that of your server (eg, 
192.168.1.1)
- your server receives the request, gets the page and sends it back
- router routes it to the browser

What's happening in your case is that the router is responding with its config 
screen on your external IP address (69.139.24.80) instead of routing it to the 
internal server. So it's a router config issue...

What happens if you hit your router's internal IP from inside your network (ie, 
192.168.54.126)? Do you get the config screen?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


-Original Message-
From: Tom [mailto:[EMAIL PROTECTED]
Sent: Montag, 19. Dezember 2005 17:30
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Apache and dynu


Hello,
I am new to using apache. I have been told by people that in order to run a 
webserver from my computer I would need apache.  I also need a dns client, and 
I was directed toward dynu, since its free.  I am having a terrible time 
setting these two up together to work.  Does anyone know how to configure 
apache to use dynu, or does anyone know another free DNS client type like dynu 
and how to configure it.  
When I tried to configure apache to work with dynu, I type in my address 
(asluttech.dynu.com) and at home I get my routers homepage, and here at work 
outside my network, I get a could not be found error. 
I have forwarded tcp port 80 through the router, but I am still not able to 
make it work. I am using windows 2000 sp4 behind a belkin wireless g router.
Any help would be appreciated.
Thanks,
Tom

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Virtual Hosting and SSL

[Boyle Owen]

> -Original Message-
> From: Jerry Baker [mailto:[EMAIL PROTECTED]
> 
> I guess another way of putting it is, I am looking to see if it is 
> possible to just tell Apache that anything on port 443 is to 
> be treated 
> as SSL and anything on port 80 is to be treated as normal 
> HTTP? It seems 
> awkward and clumsy to have to have two virtual hosts for every real 
> virtual host just to include SSL.

First, the lecture:

"...just to include SSL." is your wrongthink.

SSL (or to be more accurate, HTTPS) is an additional layer on top of HTTP so it 
is like it is a different protocol. Therefore your question is a bit like, "Do 
I have to install Sendmail, just to include SMTP?"

For HTTPS to work, it needs a unique TCP/IP socket on which to begin the HTTPS 
negotiation. That is conventionally port 443. Happily, apache (using mod_ssl) 
can be configured to handle an HTTPS session, but it requires a virtual host to 
be configured to handle the requests once they are decrypted. This VH then 
includes all the SSL directives (eg, SSLEngine on) so it can't be used for 
plain HTTP.

I think the underlying problem is that you want a site that automatically works 
in HTTP or HTTPS with identical content under each. I'm sure you have your 
reasons, but have you thought through exactly why you want this? SSL is used to 
protect data when it's on the public part of the route between the client and 
server. This would either be private data submitted by the client (eg, credit 
card number) or sent by the server (eg, personal user data held on a server). 
Why would you want these resources also available under plain HTTP? If people 
used the HTTP URLs, the data would not be protected. It's a bit like phoning 
your bank up and asking them to send you some money and, depending on the 
number you call, they either send it round in an armoured car or post it in the 
mail in a see-through envelope.

Second, a possible solution:

Having said all that, you might be able to construct a suitably complicated 
boolean expression which you can use in SSLRequire to switch on and off SSL on 
a per-request basis (see 
http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslrequire). Alternatively, 
you can keep the two VHs but put the common directives in an included file (see 
http://httpd.apache.org/docs/2.0/mod/core.html#include).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 





> 
> -- 
> Jerry Baker
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] RE: Multiple Line LogFormat ??

[Boyle Owen]

Plain text please...

Is this just someone else's config you're trying to make sense of? These are 
just LogFormat declarations. Are the formats ever used in a CustomLog directive?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


-Original Message-
From: Arthur DiSegna [mailto:[EMAIL PROTECTED]
Sent: Dienstag, 20. Dezember 2005 13:28
To: users@httpd.apache.org
Subject: Multiple Line LogFormat ??


Oops I posted this last night with a previous posts subject line.. :o

 
Hi,  

The httpd.conf file has four LogFormat lines like below. The actual log shows 
only one line per access request. The first line has everything combined so why 
four entries?
-# remoteHost, identityCheck, userName, time, first line of the request, 
status, bytes sent

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" 
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

Thanks in advance

Diese E-mail ist eine private und persnliche Kommunikation. Sie hat keinen 
Bezug zur B rsen- bzw. Geschftst tigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le prsent e-mail est un message priv  et 
personnel, sans rapport avec l'activit boursi re du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender’s company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender’s company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] RE: Multiple Line LogFormat ??

[Boyle Owen]

> -Original Message-
> From: Arthur DiSegna [mailto:[EMAIL PROTECTED]
> Sent: Dienstag, 20. Dezember 2005 14:39
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] RE: Multiple Line LogFormat ??
> 
> 
> Yes, I am creating an httpd.conf file from scratch using bits 
> and pieces
> of other web servers. No, there is no CustomLog Directive. I'm just a
> little confused as to why there are four lines. The conf file 
> I grabbed
> it from didn't have a CustomLog Directive either. Is this 
> just someone's
> mistake of not understanding.

Read http://httpd.apache.org/docs/2.0/mod/mod_log_config.html to see what these 
directives do.

The writer is just declaring a few log formats (common, referer, agent) which 
he could then use (if desired) in a CustomLog directive later.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Thanks
> 
> Arthur DiSegna
> Network Operations Center
> Authentium, Inc.
>  
> 7121 Fairway Drive
> Suite 102
> Palm Beach Gardens, FL 33418 
> Phone: 561-575-3200 ext. 4135
> 
> -Original Message-
> From: Boyle Owen [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, December 20, 2005 8:20 AM
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] RE: Multiple Line LogFormat ??
> 
> Plain text please...
> 
> Is this just someone else's config you're trying to make 
> sense of? These
> are just LogFormat declarations. Are the formats ever used in a
> CustomLog directive?
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> 
> -Original Message-
> From: Arthur DiSegna [mailto:[EMAIL PROTECTED]
> Sent: Dienstag, 20. Dezember 2005 13:28
> To: users@httpd.apache.org
> Subject: Multiple Line LogFormat ??
> 
> 
> Oops I posted this last night with a previous posts subject line.. :o
> 
>  
> Hi,  
> 
> The httpd.conf file has four LogFormat lines like below. The 
> actual log
> shows only one line per access request. The first line has everything
> combined so why four entries?
> -# remoteHost, identityCheck, userName, time, first line of the
> request, status, bytes sent
> 
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" 
> \"%{User-Agent}i\""
> combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat
> "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent
> 
> Thanks in advance
> 
> Diese E-mail ist eine private und persnliche Kommunikation. Sie hat
> keinen Bezug zur B rsen- bzw. Geschftst tigkeit der SWX Gruppe. This
> e-mail is of a private and personal nature. It is not related to the
> exchange or business activities of the SWX Group. Le prsent e-mail est
> un message priv  et personnel, sans rapport avec l'activit 
> boursi re du
> Groupe SWX.
>  
>  
> This message is for the named person's use only. It may contain
> confidential, proprietary or legally privileged information. No
> confidentiality or privilege is waived or lost by any mistransmission.
> If you receive this message in error, please notify the 
> sender urgently
> and then immediately delete the message and any copies of it from your
> system. Please also immediately destroy any hardcopies of the message.
> You must not, directly or indirectly, use, disclose, 
> distribute, print,
> or copy any part of this message if you are not the intended 
> recipient.
> The sender's company reserves the right to monitor all e-mail
> communications through their networks. Any views expressed in this
> message are those of the individual sender, except where the message
> states otherwise and the sender is authorised to state them to be the
> views of the sender's company.
> 
> -
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Virtual Hosting and SSL

[Boyle Owen]

> -Original Message-
> From: Jerry Baker [mailto:[EMAIL PROTECTED]
> 
> It's not wrongthink.

I don't want to get into a big debate - suffice to say that if your 
understanding of the functioning of HTTP were accurate, it would be trivial to 
do what you want.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 



> I don't know what users are going to want to 
> protect, and what they aren't. I make everything potentially 
> protected 
> by SSL and I'll let them use .htaccess and SSLRequireSSL to 
> protect the 
> things they want protected.
> 
> > SSL (or to be more accurate, HTTPS) is an additional layer 
> on top of HTTP so it is like it is a different protocol. 
> Therefore your question is a bit like, "Do I have to install 
> Sendmail, just to include SMTP?"
> 
> SSL operates above the protocol. The analogy doesn't work. It's more 
> like the telco requiring a separate phone number if you want to speak 
> French over the line.
> 
> > For HTTPS to work, it needs a unique TCP/IP socket on which 
> to begin the HTTPS negotiation. That is conventionally port 
> 443. Happily, apache (using mod_ssl) can be configured to 
> handle an HTTPS session, but it requires a virtual host to be 
> configured to handle the requests once they are decrypted. 
> This VH then includes all the SSL directives (eg, SSLEngine 
> on) so it can't be used for plain HTTP.
> 
> Which is why it seems like it shouldn't need a separate 
> container. It is 
> already separated from regular HTTP by port.
> 
> > I think the underlying problem is that you want a site that 
> automatically works in HTTP or HTTPS with identical content 
> under each. I'm sure you have your reasons, but have you 
> thought through exactly why you want this? SSL is used to 
> protect data when it's on the public part of the route 
> between the client and server. This would either be private 
> data submitted by the client (eg, credit card number) or sent 
> by the server (eg, personal user data held on a server). Why 
> would you want these resources also available under plain 
> HTTP? If people used the HTTP URLs, the data would not be 
> protected. It's a bit like phoning your bank up and asking 
> them to send you some money and, depending on the number you 
> call, they either send it round in an armoured car or post it 
> in the mail in a see-through envelope.
> 
> To continue the armored-car analogy, it's like wanting to buy 
> a car with 
> locks that don't *have* to be locked. Instead of having one 
> car with no 
> locks and no armor, and another with armor and locks that are always 
> locked, I want a car that has the armor and locks, but can be left 
> unlocked if I so choose. It's not unusual at all.
> 
> -- 
> Jerry Baker
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Problem blocking user dir access

[Boyle Owen]

> -Original Message-
> From: Krist van Besien [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 21. Dezember 2005 11:38
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Problem blocking user dir access
> 
> 
> Hello,
> 
> On our server we do not use userdirs, so requests to
> 
> http:///~/
> 
> should always result in an error. Right now they do.
> 
> The problem is that the server returns a "404 Not Found" error when
>  does not exist on our server, but a "403 Forbidden"  does
> exist.
> 
> In the one case we get error messages like:
> File does not exist: /opt/portal/mp/www/~
>  and in the other case
> client denied by server configuration: /home/
> 
> the odd thing is that the server does this, even though we do not load
> mod_userdir, and have not configured a UserDir.

That's your problem - if you don't define a UserDir, it defaults to 
"public_html". Try;

UserDir disabled

which should switch it off completely.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> What have I overlooked? How can I make sure that all requests to
> userdirs result in a 404
> 
> Krist
> 
> 
> --
> [EMAIL PROTECTED]
> Solothurn, Switzerland
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] favicon

[Boyle Owen]

> -Original Message-
> From: Tom Allison [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 21. Dezember 2005 13:18
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] favicon
> 
> 
> Perhaps I'm a purist, but is there something I can do to stop 
> throwing an error 
> for missing favicon.ico files?
> Besides making a favicon.ico file

To broaden the debate, this type of question often comes up from people who 
want to avoid their logs filling with failed requests for code-red and nimbda 
and other exploits (see 
http://marc.theaimsgroup.com/?l=apache-httpd-users&m=111917287429421&w=2 for a 
hilarious thread on the topic).

The basic problem is that, in order to conform to the HTTP protocol, the apache 
server has to accept and respond to any legal HTTP request. So there is no 
possibility to silently drop offending requests.

The next best thing is to use mod_rewrite to rewrite them immediately to 403 or 
404 or 410 or something. Here's one huy's solution: 
http://marc.theaimsgroup.com/?l=incidents&m=100096206722945&w=2

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] .htaccess to prevent external access

[Boyle Owen]

> -Original Message-
> From: Gerry Danen [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 22. Dezember 2005 07:31
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] .htaccess to prevent external access
> 
> 
> Hmmm... Now I get an error 500..

500 means "internal server error" - that means that the request got through the 
authorisation scheme but then the script (or whatever the resource is) failed 
to execute. So the scheme *did* work - it was the request which failed execute 
in the server.

BTW, always post the error logs entry as well as the browser result..

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
>  Order Deny,Allow
>  Deny from all
>  Allow from 192.168.0.218
> 
> No combinations seem to work.
> 
> 
> On 12/21/05, Joshua Slive <[EMAIL PROTECTED]> wrote:
> > On 12/21/05, Graham Frank <[EMAIL PROTECTED]> wrote:
> > >
> > > Order Allow,Deny
> > > Allow from 192
> > > Deny from All
> > >
> > > That would return a 403 Forbidden error for anything not 
> connecting from a
> > > 192. IP address.
> >
> > Oops.  I think you meant
> > Order Deny,Allow
> >
> > And he asked for how to allow a single address, so more like
> > Allow from 192.0.0.1
> >
> > For the username/password part, see:
> > http://httpd.apache.org/docs/2.2/howto/auth.html
> >
> > Joshua.
> >
> 
> 
> --
> Gerry
> http://portal.danen.org/
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] .htaccess to prevent external access

[Boyle Owen]

> -Original Message-
> From: Eugene [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 22. Dezember 2005 11:28
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] .htaccess to prevent external access
> 
> 
> On Thu, Dec 22, 2005 at 12:31:17AM CST, Gerry Danen 
> <[EMAIL PROTECTED]> wrote:
> : 
> : Hmmm... Now I get an error 500...
> : 
> :  Order Deny,Allow
> :  Deny from all
> :  Allow from 192.168.0.218
> : 
> : No combinations seem to work.
> 
> Are you sure your IP address is 192.168.0.218?  What happens if
> you remove the Allow directive and restart Apache?

His access scheme *is* actually working now. The error 500 (internal server 
error) is from the resource which apache executes *after* the request is 
accepted. If the access were failing, he would get a 403.

This is a good example of why it is important to include the actual error 
message from the error log and not just say "it doesn't work". The browser 
error is very limited and often inadequate for debugging. He's lucky he even 
got a response code - if he'd enabled "friendly" messages he'd have got a "Page 
cannot be displayed" which is worse than useless.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
> -- 
> Eugene
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] .htaccess to prevent external access

[Boyle Owen]

> -Original Message-
> 
> The error log says ".htaccess: order not allowed here"...

1) Your resource is a script (hence the error 500) - it's easier to debug if 
it's a plain file.
2) Your Allow directives are in a .htaccess file - it's easier to debug if 
they're in a Directory block in the main config.
3) The error above implies that you have an "AllowOverride" in the main config 
which is disabling the use of .htaccess files (eg, AllowOverride none).

What I guess is happening is that the AllowOverride in the main config is 
disabling the .htacces so your Allow/Deny directives don't have any effect. The 
request gets in but then the script that's supposed to run is failing for an 
unconnected reason.

Probably if you remove AllowOverride, it'll "work" (ie, allow some addresses, 
deny others) but you really should read up on the docs for the directives 
mentioned.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Gerry
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] .htaccess to prevent external access

[Boyle Owen]

> -Original Message-
> From: Gerry Danen [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 22. Dezember 2005 15:58
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] .htaccess to prevent external access
> 
> 
> Oddly enough, httpd.conf does not show "AllowOverride" anywhere...

So check for an "Include" directive (bringing in additional config code). Also, 
verify that you are editing the correct config file (you'd be surprised how 
often that happens...). Put in a deliberate syntax error and run a configtest - 
verify the error is detected.

> This is really baffling!

Mainly because you are using a rather complicated setup right-off. Simplify it 
first by moving the directives from the .htaccess to a  block in the 
main config and replacing the script you are trying to hit with a plain file 
URL. Once you get it working, you can add on the complexity layer-by-layer, 
checking it still works at each step.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Gerry
> 
> On 12/22/05, Boyle Owen <[EMAIL PROTECTED]> wrote:
> > > -Original Message-
> > >
> > > The error log says ".htaccess: order not allowed here"...
> >
> > 1) Your resource is a script (hence the error 500) - it's 
> easier to debug if it's a plain file.
> > 2) Your Allow directives are in a .htaccess file - it's 
> easier to debug if they're in a Directory block in the main config.
> > 3) The error above implies that you have an "AllowOverride" 
> in the main config which is disabling the use of .htaccess 
> files (eg, AllowOverride none).
> >
> > What I guess is happening is that the AllowOverride in the 
> main config is disabling the .htacces so your Allow/Deny 
> directives don't have any effect. The request gets in but 
> then the script that's supposed to run is failing for an 
> unconnected reason.
> >
> > Probably if you remove AllowOverride, it'll "work" (ie, 
> allow some addresses, deny others) but you really should read 
> up on the docs for the directives mentioned.
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] NameVirtualHost / VirtualHost Scenario

[Boyle Owen]

> -Original Message-
> From: Arthur DiSegna [mailto:[EMAIL PROTECTED]
> 
> What happens to the client who writes a script pointing to 
> the public IP
> address instead of the FQDN of the one server. 

To add to Nick's advice, the literal answer is that if apache cannot identify 
the VH to use (no host header or non-matching host header) it will assign the 
request to the *first* VH in the config. If you don't want either VH to be used 
then, as Nick suggests, make a default VH (containing a default page or an 
error or whatever) and put it first in the config.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> The VirtualHost configuration takes advantage of host headers which
> don't appear in a direct IP based requests.
> 
>   Will I have to redo my .conf file to include both 
> IP addresses
> ???
> 
> Thanks in advance
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] mod-ssl with or without client certificate

[Boyle Owen]

> -Original Message-
> From: Ezio Paglia [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 22. Dezember 2005 18:03
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] mod-ssl with or without client certificate
> 
> 
> Server version: Apache/2.0.54
> 
> Hi all.
> 
> In our virtual hosts we have got a squirrelmail conf through 
> https (without 
> client side certificate). It works.
> 
> NameVirtualHost *:443
> 
> 
>  ServerAdmin [EMAIL PROTECTED]
>  ServerName webmail.comune.grosseto.it
>  SSLEngine on
>  DocumentRoot /usr/share/squirrelmail
> 
>  php_flag register_globals off
>  Options Indexes FollowSymLinks
> 
>  DirectoryIndex index.php
> 
> 
>  order deny,allow
>  deny from all
>  allow from 127.0.0.1
> 
> 
> 
> 
> I'd like to add another Virtual Host in order to manage client side 
> certificates.

And here the problems start You are trying to use name-based 
virtual-hosting under SSL. This cannot be done (see 
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts2 for details and 
http://marc.theaimsgroup.com/?l=apache-httpd-users&w=2&r=1&s=ssl+name+based&q=b 
for archived threads on this very topic, which comes up more frequently than 
I've had hot dinners).

Because your two sites are closely linked, you might try using the same cert in 
both VHs. When a user first requests either site, HTTPS will start up using the 
cert of the first VH (so this will cause a warning if the request is for the 
second site) but once the HTTPS session is established, name-based VHing will 
"work" again since apache can now decrypt the requests and see the Host header. 
So users will get the correct site.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> 
>  ServerAdmin [EMAIL PROTECTED]
>  ServerName ciecns.comune.grosseto.it
>  LogLevel debug
>  SSLEngine on
>  SSLVerifyClient require
>  SSLVerifyDepth 3
>  SSLCACertificateFile /etc/apache2/ssl/caCerts.pem
>  DocumentRoot /var/www/
> 
> 
> Now, if I put this section before the squirrelmail, it asks 
> me for the 
> certificate even though I point to the squirrelmail, while if 
> the latter is 
> the second section, I can access everything without any 
> certificate. It 
> sounds like if does not discriminate between client cert and 
> no client 
> certificate, it only understand the method invoked in the 
> first virtual host.
> Do you have any ideas ?
> 
> Ciao and thank you.
> Merry Chistmas.
> Yours Ezio.
> 
> Ezio Paglia
> Sistemi e Database
> Servizi Informatici (SED)
> Comune di Grosseto
> Ufficio : +39-0564-488706 Fax : +39-0564-21139 Cellulare : 
> +39-320-7984950
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Apache and php

[Boyle Owen]

Plain text please...

The simple answer to your simple question is, read the PHP configuration docs 
(http://www.php.net/manual/en/configuration.php). Configuration of PHP is 
non-trivial and dependent on your system and setup.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


 
-Original Message-
From: mark student [mailto:[EMAIL PROTECTED]
Sent: Donnerstag, 22. Dezember 2005 22:51
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Apache and php


Hi folks,
I have a simple question.  I'm running Apache 1.3.x and installed the pkgs 
CSWphp4cgi, CSWphp4mysql, and SFWmphp.  Now, how do I configure Apache and/or 
PHP to display my little hello.php file in the browser?  The browser doesn't 
display anything when I put in the URL.
Help


Yahoo! for Good - Make a difference this year. 

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Apache 2.0.54 randomly fails to serve index.html for single domainon multi-host server

[Boyle Owen]

> -Original Message-
> From: Thomas Leavitt [mailto:[EMAIL PROTECTED]
> Sent: Donnerstag, 5. Januar 2006 16:09
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Apache 2.0.54 randomly fails to serve 
> index.html
> for single domainon multi-host server
> 
> 
> I asked this before, with no response, so I'm rephrasing the question:
> 
> Environment:
> 
> Apache/2.0.54 (Mandriva Linux/PREFORK-13.1.20060mdk)
> mod_auth_external/2.2.9 mod_ssl/2.0.54 OpenSSL/0.9.7g PHP/5.1.0RC1
> 
> Mandriva 2006, Pentium III dual processor system, SMP kernal, 768 mb
> memory, ext3 filesystem... can supply any other information desired.
> 
> Using virtual hosting, with a fairly "stock" set up, via individual
> files in vhosts.d (about 100 or so different sites)
> 
> Here's the problem:
> 
> Periodically, I get calls from my clients, and/or web site visitors,
> telling me that "their site is gone"... inevitably, when I 
> look, what I
> see is a directory listing.

If you have commented out all "DirectoryIndex" directives then apache falls 
back to the default "index.html". If the client then edits their site and - 
somehow - renames index.html to index.htm then apache will not find the index 
file and so will list the directory.

Double-triple check that users are not using some helpful editor that renames 
the index file

As a fix for the future (since you'll never get them to stop it), actually 
start *using* the DirectoryIndex directive. It can take a list of names, eg:

DirectoryIndex index.html index.htm

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> 
> Now, this isn't because index.html has been munged... because it is
> there. It just isn't being served by the web server as the 
> default home
> page.
> 
> This problem is, as far as I can tell, always confined to a single
> domain, and is consistent (as long as it lasts), i.e., 100 attempts to
> load the site produce 100 directory listings.
> 
> What isn't consistent, is that it goes away after a few days (haven't
> retested any one domain long enough to see how long)... and 
> usually pops
> up on another domain (had the problem reported a half dozen times over
> the past few months).
> 
> Nothing I've done seems to make it go away - I removed a bunch of
> modules that I wasn't really using, in case there was some odd "side
> effect". I played around with the order of the DirectoryIndex 
> listing. I
> commented out the DirectoryIndex item in the php apache config file...
> tried every trick I could think of; nothing works. Which is why I'm
> asking (again) here for advice.
> 
> What does "fix" the problem, is symlinking index.htm to index.html ...
> no idea why the problem doesn't display itself with 
> index.htm, but that
> seems to "cure" it. Rather reluctant to symlink every damned 
> instance of
> index.html to an equivalent index.htm, but it looks like I 
> might need to
> do that if I can't solve the problem otherwise.
> 
> Tips? Pointers? Help?!?
> 
> Regards,
> Thomas Leavitt
> Systems Admin
> Godmoma's Forge, LLC
> 831-295-3917
> http://www.godmomasforge.com/
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the diges

RE: [EMAIL PROTECTED] Apache error

[Boyle Owen]

> -Original Message-
> From: Octavian Rasnita [mailto:[EMAIL PROTECTED]
> Sent: Montag, 9. Januar 2006 10:18
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Apache error
> 
> 
> Hi,
> 
> Please tell me what should I check in order to avoid the 
> following error
> which appear in the error_log file:
> 
> [Mon Jan 09 10:42:44 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network

Are you fetching data from a network drive or other server? Have a look here 
and follow the link to the FAQ:

http://lists.trustix.org/pipermail/tsl-discuss/2005-April/013967.html

Could be a sendfile problem which will be fixed by 
"EnableSendFile Off"

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

> [Mon Jan 09 10:42:44 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network
> [Mon Jan 09 10:42:51 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network
> [Mon Jan 09 10:42:51 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network
> [Mon Jan 09 10:42:51 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network
> [Mon Jan 09 10:42:51 2006] [info] [client 194.102.138.5] 
> (32)Broken pipe:
> core_o
> utput_filter: writing data to the network
> 
> Thank you.
> 
> Teddy
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursičre du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Automating apachectl startssl on startup

[Boyle Owen]

> -Original Message-
> From: Aman Raheja [mailto:[EMAIL PROTECTED]
> Sent: Montag, 9. Januar 2006 19:29
> To: users@httpd.apache.org; users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Automating apachectl startssl on startup
> 
> 
> Well this solution is dependent on programing skills.
> You may have a C/C++ binary which fetches the password from a 
> database (you 
> may hardcode it) and works as a wrapper to apachectl.
> This could be done using PERL/SHELL script but that would leave the 
> password exposed in the scripts, so prefer binaries.

This is a nice idea (compiling the PW into the binary is neat :-) However, you 
should understand the purpose of a pass-phrase on a certificate in the first 
place.  

A certificate does more than encrypt traffic to your site, it provides 
*authentication* that your site really does belong to you. A user on the web 
can be sure that the server responding to your domain really is operated by 
you. But, what happens if your server is compromised and an attacker copies 
your cert? He can now impersonate your site with your valid certificate! The 
use of a passphrase prevents this since he can't start the server unless he 
knows the passphrase. Putting the passphrase into a script defeats this 
security mechanism since the thief can steal the script too (whether the 
passphrase is compiled in or not doesn't help - he just runs the script). It's 
the SSL equivalent of leaving the key under the mat...

An alternative viewpoint is to consider that if you are running an SSL server, 
you must have some sensitive data to protect. If so, you'd better make sure the 
server is secure! That means FW, up-to-date patches, limited access etc. If you 
do all that properly (and you should) how can anyone steal the cert? Therefore 
a passphrase is unnecessary. Put it another way, if your setup allows someone 
to steal the cert, you shouldn't be running an SSL server in the first place...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


 
> HTH
> Aman Raheja
> 
> On Mon, 9 Jan 2006 12:56:57 -0500, "Kaplan, Andrew H." 
> <[EMAIL PROTECTED]> wrote :
> 
> > 
> > Hi there -
> > 
> >  
> > 
> > Is there a way to have an apache 1.3.34 server 
> automatically start with 
> ssl
> > enabled on system boot? Currently, I need to
> > 
> > start the server manually and enter the pass-phrase 
> associated with the
> > certificate. How can this be done without admin
> > 
> > intervention? Thanks. 
> > 
> > 
> > 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Max number of connections from a single client to a server.

[Boyle Owen]

What connections? HTTP is stateless and each request is a separate transaction. 
Having said that, HTTP/1.1 allows "Keep-alive" so a client can send many 
requests over the same TCP/IP connection (see 
http://httpd.apache.org/docs/2.0/mod/core.html#keepalive). 

I'm not entirely sure I understand your question (possibly because you may not 
understand exactly how HTTP works?). Why not describe exactly what you want to 
happen and what you don't want to happen?

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

-Original Message-
From: paritosh mahana [mailto:[EMAIL PROTECTED]
Sent: Montag, 9. Januar 2006 19:22
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Max number of connections from a single client to a 
server.


Hi all,
What is the max number of connection a server allows from a single
client and how to change it(both in windows and linux).
And how exactly the server determines the number of connections from a
single client? I dont think it uses client's IP (there can be many 
people behind same NAT). I think this is based on session. Can someone
enlighten me here.

Thanks. 

Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Access to the referrer and search query

[Boyle Owen]

> -Original Message-
> From: Robert Palmer [mailto:[EMAIL PROTECTED]
> Sent: Mittwoch, 11. Januar 2006 15:55
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] Access to the referrer and search query
> 
> 
> Is there a way from a web page (php for example) to access 
> the referrer 

http://ch2.php.net/reserved.variables and look for HTTP_REFERER (sic).

> (e.g. google) and the search query? 

QUERY_STRING

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

>I'm interested in the infromation 
> that shows
> in the Apache log being available dynmically so that I can make a 
> decision what products to display on the home page.
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Meaninf of [L]

[Boyle Owen]

Plain text please...

Things inside square brackets on a RewriteRule or RewriteCond are "flags" - 
they modify the way the Cond or Rule is applied. See 
http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html and look for "flags" for 
more details.

To answer your specific questions, [OR] performs a logical-OR of two or more 
RewriteConds, eg

RewriteCond cond_1 [OR]
RewriteCond cond_2
RewriteRule patt_1 patt_2

means apply the rule if cond_1 OR cond_2 is true.

[L] means "last". That is, if you hit this rule, make the rewrite and stop 
processing any further rewrites for this request. It is a way of jumping out of 
a series of rules (like "break" in C, or "last" in perl).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  


-Original Message-
From: senthil kumar [mailto:[EMAIL PROTECTED]
Sent: Freitag, 13. Januar 2006 10:32
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Meaninf of [L]


RewriteCond %{REMOTE_HOST}  ^host1.*  [OR]iteRule  ^/$ 
/homepage.max.html  [L]Please suggest the meaning of [OR] ? [L] ? on rewrite 
rule
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] very new but trying to learn.

[Boyle Owen]

> -Original Message-
> From: Tom Allison [mailto:[EMAIL PROTECTED]
>
> Glad to know what kind of mailing list this is...
> I'll save my questions for someone else, thank you.

I didn't notice your original mail but I was intrigued by the miffed tone in 
this one. So I looked back to see... You posted a vague request for "URL's or 
books that would cover the essentials of HTTP" - well here's a good one: 
http://www.faqs.org/rfcs/rfc2068.html

You also said you had the Horse Book - did you try working through it? Or 
reading it? Frankly, that book is about the best you are going to get for a 
step-by-step guide about how the web works. If it baffles you, then I think you 
might have chosen the wrong vocation.

If you do get it working but have further *specfic* questions about 
configuration, I think you'll find this list is an excellent resource.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

PS - you might like to glance at this page too: 
http://www.catb.org/~esr/faqs/smart-questions.html



>
> -
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] samba artifact on error log?

[Boyle Owen]

> -Original Message-
> From: Marty Landman [mailto:[EMAIL PROTECTED] 
> Sent: Montag, 23. Januar 2006 04:01
> To: users@httpd.apache.org
> Subject: [EMAIL PROTECTED] samba artifact on error log?
> 
> I've been annoyed by entries like this
> 
> [Sun Jan 22 19:22:04 2006] [error] [client 192.168.0.111] 
> File does not 
> exist: /usr/local/apache/htdocs/web

I don't think it's anything to do with samba...

These entries are usually caused by a request that cannot be assigned to *any* 
VH and so is served by default. (The default docroot is 
/usr/local/apache/htdocs but presumably this doesn't exist on your system...)

The real question is how the request is managing to fall through the entire 
config without hitting a valid VH - guesses might be:

- you are using name-based VHs, but this request is coming in without a Host 
header (e.g. HTTP 1.0 or 0.9), although I think this would go to the first VH...
- you are listening on more than 1 IP but have VHs assigned to only 1 IP and 
this request is on the other.

To get more info, put the Host header into the log (add %{Host}i to LogFormat - 
see docs for details) and cross-ref the errors with the access log.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.  

> 
> on my Apache error log for... forever. Workstation is Win XP 
> home and the 
> server runs RedHat 9 with Apache and Samba. I'm thinking this 
> is some kind 
> of Apache Samba Windows interaction cluttering up the httpd 
> error log but 
> not totally sure.
> 
> Albeit there are no messages on either /var/log/samba/n|smbd.log or 
> /var/log/messages which come close to a corresponding timestamp.
> 
> Anyone use my style config i.e. xp workstation, linux apache 
> server running 
> samba who's either run into this, or has not?
> 
> Marty
> 
> 
> Marty Landman, Face 2 Interface Inc. 845-679-9387
> Webmaster's Bulletin Board: http://bbs.face2interface.com/
> Web Installed Formmail: http://face2interface.com/formINSTal  
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen 
Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a 
private and personal nature. It is not related to the exchange or business 
activities of the SWX Group. Le présent e-mail est un message privé et 
personnel, sans rapport avec l'activité boursière du Groupe SWX.
 
 
This message is for the named person's use only. It may contain confidential, 
proprietary or legally privileged information. No confidentiality or privilege 
is waived or lost by any mistransmission. If you receive this message in error, 
please notify the sender urgently and then immediately delete the message and 
any copies of it from your system. Please also immediately destroy any 
hardcopies of the message. You must not, directly or indirectly, use, disclose, 
distribute, print, or copy any part of this message if you are not the intended 
recipient. The sender's company reserves the right to monitor all e-mail 
communications through their networks. Any views expressed in this message are 
those of the individual sender, except where the message states otherwise and 
the sender is authorised to state them to be the views of the sender's company.

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]