[users@httpd] ** MOD_RELEASE ** Apache2.x (mod_fence) Flood/DOS/DDOS Protection + stuck detection
Hi Everyone! As a FullStack I had a very long headache with Apache, especially with crappy and slowly pages, that the PHP stucks (FLOCK() && Session) the processes over-time until the webserver become unavailable meanwhile unfortunately slow pages (1-4 secs) will able to kill the whole webserver with hammering F5 or with external help (with mod_evasive On and/or nginx rate limiting). In the case described before we made a module that only mitigate requests when unfinished jobs remaining in apache and its stopped my headache as well and it is available for public, "Licensed under the Apache License, Version 2.0". (Links below does not contains any advertising) If you are interesting how is it works please visit: https://web-flood-test.npulse.net/ If you are interested for source: https://devel.npulse.net/npulse-public/mod_fence If you are interested for our article about the problem: https://npulse.net/en/apache-php-stuck-session-bug-mod_fence-protection-dos-ddos-protection Feel free to test / use / share and also pull requests are welcome. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] DELETE method
What's in the directory? If it's a filesystem, apache won't let you DELETE (unless you have it DAV enabled or something like that). On Tue, Oct 6, 2009 at 1:15 AM, Jeff Dyke wrote: > I'm trying to put together a REST-ful application and am having a hard time > getting apache configured to take DELETE's. I have in the virtual host > file: > > AllowOverride All > Options All > > Order allow,deny > Allow from all > > > > I only added this configuruation after it was first denied, thinking i had > to enable it. I'm using apache 2.2.13. This directory is also named as a > WSGIScriptAlias /wsgi /path/to/directory. POST/GET works fine, have not yet > tried PUT. > > Thanks for what is sure to be a simple solution. > > Jeff > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] Odd site redirection
Do you have a NameVirtualHost *.80 in your apache config somewhere? On Tue, Oct 6, 2009 at 8:06 AM, Igor Cicimov wrote: > I would say something is wrong with your new virtual host definition. It's > not a redirection but since the request doesn't match any virtual host is > being served by the first one in the config file. > > > On Tue, Oct 6, 2009 at 2:03 AM, Oliver Marshall > wrote: >> >> Hi chaps, >> >> Was wondering if someone can help me look at a problem. We've created a >> new virtual host entry on a particular box, which do frequently (once a >> month or so) only this time, when a user goes to the new site, they get >> directed to the first site in the conf file. >> >> >> >> You can type in http://wiggle.mydomain.com and hit enter and you instantly >> get a http://woggle.mydomain.com and the address bar in the browser also >> changes. >> >> >> >> I've tried creating other new virtual host entries with just the absolute >> basic entries and those also show the same issue. I've also tried adding a >> custom log entry for the new vhost sites but the log stays empty. >> >> >> >> There's no .htaccess file involved in either of the sites. >> >> >> >> The new vhost entry looks like this; >> >> >> >> >> >> documentroot /var/www/new_site >> >> servername new_site.mydomain.co.uk >> >> >> >> >> >> The site that it get's directed to looks like this; >> >> >> >> >> >> DocumentRoot /var/www/first_site >> >> ServerName first_site.mydomain.co.uk >> >> ServerName first_site.mydomain.com >> >> >> >> AuthBasicProvider ldap >> >> AuthzLDAPAuthoritative off >> >> AuthLDAPBindDN "CN=LDAP >> USER,CN=Users,DC=mydomain,DC=local" >> >> AuthLDAPBindPassword *** >> >> AuthLDAPURL >> "ldap://server1/DC=mydomain,DC=local?sAMAccountName?sub?(objectClass=*)" >> NONE >> >> AuthLDAPGroupAttributeIsDN on >> >> require ldap-group CN=Web Users,OU=Security >> Groups,OU=Mydomain LLP,DC=mydomain,DC=local >> >> AuthName "Mydomain First Site" >> >> >> >> >> >> >> >> There are lots of other sites on the server and they are working fine, its >> just started happening today. We've also tried using a plain "hello world" >> style index.html file to rule out any meta refresh issue that the coders may >> have put in to the index file. The SVN stuff all works fine, it's just there >> for the sake of accuracy. >> >> >> >> Is there a way to find out whats causing the redirect and/or where they >> redirect is happening ? >> >> >> >> Olly >> >> -- >> >> G2 Support >> >> Network Support : Online Backups : Server Management > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] mod_rewrite : Can a space in a URL be preserved ?
Spaces aren't valid characters in urls, period. As you say, it URL encodes to %20, and I can't imagine any bits of apache (or any other server) are going to send a space instead, because that breaks the HTTP spec. On Tue, Oct 6, 2009 at 3:59 PM, ABAPGUY wrote: > > Hi Apache experts, > I am using Apache 2.0.59 as a Reverse Proxy using mod_rewrite and mod_proxy . > I have a downstream J2EE server that is creating URLs with a space in them . > How can I use mod_rewrite (which sees %20) to write the space ..instead of > %20 ? > > Regards > Daniel - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] DAV locktokens clashing?
Any help with this would be very much appreciated - if this is the wrong list please let me know where it should go. I've got a reasonably biggish vhost with WebDAV over SSL enabled. Users are only allowed to access their own parts of the site. (I block them out with Require user foo Require user bar ) Now and again, I'm seeing errors along the lines of: user 'foo' submitted a locktoken created by user 'bar' when user foo is trying to create resources under /a. I can't understand how this is possible. Has anyone seen this before? The DavLockDB is per-vhost, so I suppose it's possible the UUIDs are clashing (but then they're not *U*UIDs, I suppose). Clients are various flavours of DreamWeaver. Thanks for any suggestions. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] .htaccess files not working from internet? intranetaccess fine
What's in the error/access logs on apache, Kaya? That should tell you whether it's apache blocking the request, or Squid. On Tue, Oct 13, 2009 at 9:45 AM, Kaya Saman wrote: > matt farey wrote: >> >> Did you ever investigate the response headers or lookup basic auth in >> squid? >> Sent from my BlackBerry® wireless device >> > > Thanks for the response Matt!! > > I haven't checked the headers so will need to run Wireshark on it. > > Checked out basic auth in Squid and posted a line of conf which I thought > was viable: > > #auth_param basic realm Squid proxy-caching web server > > after restarting however I got the same issue. > > When I get back later I'll do more Google'ing on it as I have to run out now > as meeting for a job interview (currently transitioning between ex-student > and IT/networking proffessional (make that junior))!! > > I think output from Wireshark will help you guys help me out more provided I > don't get the issue fixed before hand :-) > > Thanks again for the response!! > > Regards, > > Kaya > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] .htaccess files not working from internet? intranetaccessfine
On Tue, Oct 13, 2009 at 12:33 PM, Kaya Saman wrote:
> I used: telnet {mydomain.com} 80 and it just gives me connected??? No 'get
> url' etc... - am on Ubuntu 9.04 currently but even within the Solaris and
> Cent OS servers I don't get that kind of response.
You have to type the GET bit yourself :)
> Dick, I have nothing in access log apart from BitTorrent stuff, but in
> error_log I get this:
>
> [Tue Oct 13 14:30:16 2009] [error] [client 127.0.0.1] File does not exist:
> /var/www/html/announce
If squid is running on the same box, you'd see an error like that if
squid was letting you
in and you requested /announce .
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] .htaccess files not working from internet? intranetaccessfine
Do yourself a big favour and use something like curl. Telnet is a crappy way to test http. On Tue, Oct 13, 2009 at 1:19 PM, Kaya Saman wrote: > Using host: hostname from telnet I get this: > > [code] > HTTP/1.0 400 Bad Request > Server: squid/2.6.STABLE15 > Date: Tue, 13 Oct 2009 12:17:34 GMT > Content-Type: text/html > Content-Length: 1186 > Expires: Tue, 13 Oct 2009 12:17:34 GMT > X-Squid-Error: ERR_INVALID_REQ 0 > X-Cache: MISS from NetraT1-Proxy > Via: 1.0 NetraT1-Proxy:80 (squid/2.6.STABLE15) > Proxy-Connection: close > > "http://www.w3.org/TR/html4/loose.dtd";> > > ERROR: The requested URL could not be retrieved > type="text/css"> > > ERROR > The requested URL could not be retrieved > > > While trying to process the request: > > host zeta-ray > > > > The following error was encountered: > > > > Invalid Request > > > > > Some aspect of the HTTP Request is invalid. Possible problems: > > Missing or unknown request method > Missing URL > Missing HTTP Identifier (HTTP/1.0) > Request is too large > Content-Length missing for POST or PUT requests > Illegal character in hostname; underscores are not allowed > > Your cache administrator is mailto:webmaster";>webmaster. > > > > > Generated Tue, 13 Oct 2009 12:17:34 GMT by NetraT1-Proxy > (squid/2.6.STABLE15) > > > [/code] > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] mod_dbd and multiple DB connections
Can someone tell me if it is possible to have more than one database connection using mod_dbd at once? For example, if I want to connect to database A with mod_authn_dbd and connect to database B using mod_authz_dbd? If this is possible, how do you configure more than one connection, and how do you specify which connections to use. I think I know the answer is that there can only be one connection per server/virtual host. I hope this is not the case. Cheers! Ben Davies
[us...@httpd] Re: Dav Locks corrupting; need some troubleshooting tools
[sorry for the crosspost, but not sure where this should go]. To answer my own question: got to the bottom of it; looks to me like the lock DB is a hash of inode <-> locktoken Steps to reproduce: * PUT file * LOCK file * PROPGET file (note down the locktoken) use something other than DAV to delete 'file' (e.g. a cronjob) * PUT newfile (very good chance the inode is reused) * LOCK newfile (it will fail) * PROPGET newfile (you'll see it has the same locktoken) Should I report this as a bug? On Wed, Oct 14, 2009 at 2:47 PM, Dick Davies wrote: > Hi all > > I'm on apache 2.0.63, and seeing nonsensical Dav Locks > (symptoms are that files show as being locked by users that couldn't > possibly have locked them). > > I *think* I've tracked it down to a bug in mod_dav_fs; it appears that > if files are deleted > from disk (by a mechanism other than Dav), any locks that were taken > out on that file > 'jump' so that they apply to a different file altogether. > > Are there any tools that let me inspect the content of DavLockDB? And > who's a good person > to talk to if I need to pick over the code? > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] Re: Dav Locks corrupting; need some troubleshooting tools
Is that documented anywhere at all? In any event, does it made sense to use something other than the inode as the key into the lockDB - the URI for example? On Thu, Oct 15, 2009 at 3:33 PM, Joe Orton wrote: >> Steps to reproduce: >> >> * PUT file >> * LOCK file >> * PROPGET file (note down the locktoken) >> use something other than DAV to delete 'file' (e.g. a cronjob) > > mod_dav doesn't support operations on the repository outside of its > control - this has always been the case. You should think of the DAV > repository as "owned" by mod_dav. > > Regards, Joe > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [us...@httpd] cgi as directory index?
Why don't you do ScriptAlias /abc /var/www/abc/cgi-bin/abc.cgi ? On Thu, Oct 15, 2009 at 8:35 PM, Israel Brewster wrote: > I'm sure this one is really simple, but I don't know what I am doing wrong. > I have the following config block in my httpd.conf file: > ScriptAlias /abc /var/www/abc/cgi-bin > > Options +ExecCGI > allow from all > directoryindex abc.cgi > > if I go to http:///abc/abc.cgi, it works fine. However, if I just > go to http:///abc, I get a "Forbidden" message. The error log > shows "attempt to invoke directory as script: /var/www/abc/cgi-bin". I want > to be able to just type http:///abc to get to the script. What am > I missing here? Thanks. > --- > Israel Brewster > Computer Support Technician II > Frontier Flying Service Inc. > 5245 Airport Industrial Rd > Fairbanks, AK 99709 > (907) 450-7250 x293 > --- > > > > - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
RE: [us...@httpd] mod_dbd and multiple DB connections
Nice one! I was hoping this had been addressed. Cheers! Ben From: nicholas@sun.com [mailto:nicholas@sun.com] On Behalf Of Nick Kew Sent: 15 October 2009 20:04 To: users@httpd.apache.org Subject: Re: [us...@httpd] mod_dbd and multiple DB connections On 15 Oct 2009, at 09:06, Ben Davies wrote: I think I know the answer is that there can only be one connection per server/virtual host. I hope this is not the case. That's true in 2.2.x versions. For what you want, you can try the svn trunk version, or any of the (unreleased) 2.3.x tarballs. -- Nick Kew
[us...@httpd] Resource Centric Authz
Hi Everybody! I wonder if someone can help me? I'm interested in restricting access to certain resource based on the following criteria: The users name Or the users group Standard fare so far. I'm using mod_authn_dbd to authenticate the user from my MySQL database. For Authorization, I want each resource to have an owner and a group (like unix/linux), and I want each of these to restrict access based on the http method used to access the resource. For example; I have the resource article.html The owner of this resource is "bob". The group of this resource is "editors". The following methods may be used by the owner on this resource: GET, PUT, DELETE The following methods may be used by members of the group "editors" on this resource: GET, PUT Any user who is not the owner, and not a member of the group "editors" may use the following methods: GET The closest Authz module I have seen that does this is mod_authz_file which works based on the files actual POSIX file owner and group details. Unfortunately, this doesn't restrict access by http method though. Ideally, I would be able to look up these details from an SQL database by request URI and request method. Now to my question: Does anyone know if there is a module or combination of modules that could achieve (or at least part way achieve) this? Is this (as I fear) a restriction/limit of the Require directive? I could do this in PHP, but I'm attempting to draw a clean line between Authn/Authz and the resources accessed underneath. Any comments or ideas would be appreciated. Cheers! Ben
[EMAIL PROTECTED] SSLVerifyClient require in Virtual Host
Hi,
I am running Apache 2.0.55 on a Linux From Scratch box.
I am trying to get an entire virtual host to get an entire virtual host to use
client certificates to authenticate, however I can only get it to work on
directive (I havent tried ) which forces a renogiate.
This is fine for things like Firefox which can handle the renogiation, however
I plan on turning this virtual host into a subversion repository and havent
been able to get renogiation to work with the svn client or javasvn (but that
is a whole other problem).
The subversion2.phoenixphire.org-ssl.log verifies that a client certificate
isnt being sent with my configuration. After running some tests with
SSLVerifyClient require in a directive I can verify that firefox
does send a client certificat after a renogiation.
Is this a bug? The Apache 2.0 documentation says that this is valid and should
work (The howto on the apache site for this also says this should work).
Cheers,
Phoenix
My virtual host config is as follows:
ServerName subversion2.phoenixphire.org
DocumentRoot /srv/www/subversion2.phoenixphire.org
ErrorLog /var/log/apache/subversion2.phoenixphire.org-error.log
CustomLog /var/log/apache/subversion2.phoenixphire.org-access.log common
CustomLog /var/log/apache/subversion2.phoenixphire.org-ssl.log "%t
%{SSL_CLIENT_I_DN_CN}x %{SSL_CLIENT_S_DN_CN}x"
SSLCACertificateFile /srv/www/ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
SSLOptions +StrictRequire
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] SSLVerifyClient require in Virtual Host
Hi Oliver,
I believe the directives you refer to are for the server establishing an SSL
connection. This occurs successfully (other then the cert being for an
incorrect host which I will fix later). As you suggested this is in my global
configuration that I haven't provided.
To summerise, traffic is being encrypted, but client authentication is being
ignored.
Cheers,
Tony
On Thu, Mar 02, 2006 at 09:12:49AM +0100, [EMAIL PROTECTED] wrote:
> Hi Tony,
>
> if you want run SSL my understanding is
> that your server need a certificate and
> a key file too or do you have it at another place ?
> Like:
> SSLCertificateFile/path/to/conf/ssl.crt/subversion2.phoenixphire.org.crt
> SSLCertificateKeyFile /path/to/conf/ssl.key/subversion2.phoenixphire.org.key
> Than it would be better not to put your key and
> crtificate files in the document root. Make this too:
> SSLCertificateFile/path/to/conf/ssl.crt/ca.crt
> "LogLevel debug" can help you later that you see what is going wrong
> during the connection phase between your client and your server
>
> Greets
>
> oliver
>
>
> -Urspr?ngliche Nachricht-
> Von: Tony Davies [mailto:[EMAIL PROTECTED]
> Gesendet: Do 02.03.2006 00:59
> An: users@httpd.apache.org
> Betreff: [EMAIL PROTECTED] SSLVerifyClient require in Virtual Host
>
> Hi,
>
> I am running Apache 2.0.55 on a Linux From Scratch box.
>
> I am trying to get an entire virtual host to get an entire virtual host to
> use client certificates to authenticate, however I can only get it to work on
> directive (I havent tried ) which forces a renogiate.
>
> This is fine for things like Firefox which can handle the renogiation,
> however I plan on turning this virtual host into a subversion repository and
> havent been able to get renogiation to work with the svn client or javasvn
> (but that is a whole other problem).
>
> The subversion2.phoenixphire.org-ssl.log verifies that a client certificate
> isnt being sent with my configuration. After running some tests with
> SSLVerifyClient require in a directive I can verify that firefox
> does send a client certificat after a renogiation.
>
> Is this a bug? The Apache 2.0 documentation says that this is valid and
> should work (The howto on the apache site for this also says this should
> work).
>
> Cheers,
>
> Phoenix
>
> My virtual host config is as follows:
>
>
> ServerName subversion2.phoenixphire.org
> DocumentRoot /srv/www/subversion2.phoenixphire.org
>
> ErrorLog /var/log/apache/subversion2.phoenixphire.org-error.log
> CustomLog /var/log/apache/subversion2.phoenixphire.org-access.log
> common
> CustomLog /var/log/apache/subversion2.phoenixphire.org-ssl.log "%t
> %{SSL_CLIENT_I_DN_CN}x %{SSL_CLIENT_S_DN_CN}x"
>
> SSLCACertificateFile /srv/www/ca.crt
> SSLVerifyClient require
> SSLVerifyDepth 1
>
> SSLOptions +StrictRequire
>
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>" from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>" from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Restricted FTP access in Apache
* Bediako George <[EMAIL PROTECTED]> [0517 13:17]: > able to try to download from my Apache FTP server Apache isn't an FTP server. I think you're on the wrong track. -- 'This must be Thursday. I never could get the hang of Thursdays.' -- Arthur Dent Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
* Sandeep Gaikwad <[EMAIL PROTECTED]> [0558 09:58]: > Hello Anand, >Please try by updating the line AllowOverride None by >AllowOverride AuthConfig or AllowOverride All > > Regards, > Sandeep Guys, read the mails before posting replies, ok? What you suggest would enable .htaccess loading of Auth* directives, which has nothing to do with the question. > > K Anand wrote: > > >Hi all, > > > >I have a very basic question regarding authentication on apache...I have in > >my httpd.conf a section like below : > > > > AuthType Basic > > AuthName "By Invitaion Only" > > AuthUserFile /etc/httpd/conf/passwd/passwords > > Require valid-user > > > > AllowOverride None > > Options ExecCGI > > Order allow,deny > > Allow from all > > > > > >So whenever a browser first sends a cgi-bin request, authentication is done > >by userid and password...Whenever subsequent requests come for cgi-bin, > >authentication is not required provided the browser has not been closed. > >How > >is this done ? > > > >I know that this is not a problem but I would like to know just for my > >information. -- 'When you have to kill a man it costs nothing to be polite.' -- Winston Churchill, On formal declarations of war Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
* Boyle Owen <[EMAIL PROTECTED]> [0507 09:07]: > > The first time the client requests a resource in a protected realm, it > doesn't know it is protected so makes a plain request. The server responds > with a 401 Unauthorized. The client then pops up a password window and > captures the username/password (aka, the credentials). The client repeats the > request but this time adds an Authorization header containing the > credentials. The server gets the request and verifies the credentials, if OK, > it serves the resource. The client caches the credentials and for all > subsequent requests in the same realm, it adds the same Authorization header > - that's how you stay "logged in". > > That's also how it is really hard to get the browser to "forget" your > password - even if you surf off to a different site and come back a day > later, it'll remember your credentials and send them off again. Best. Firefox extension. Ever. http://extensionroom.mozdev.org/more-info/clearhttpauth -- 'What have you done to the cat? It looks half-dead.' -- Schroedinger's wife Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Basic Authentication question
* Boyle Owen <[EMAIL PROTECTED]> [0523 12:23]: > > -Original Message- > > From: K Anand [mailto:[EMAIL PROTECTED] > > Sent: Donnerstag, 12. Mai 2005 10:46 > > To: users@httpd.apache.org > > Subject: Re: [EMAIL PROTECTED] Basic Authentication question > > > > > > Thanx...I used ethereal to see the flow of data between browser and > > server...one point though...I was able to see my password in > > clear text in > > ethereal. So it is possible that it could be open to the public ?? > > Of course. What made you think it might be secure? > > If you want to hide the PW, you have to use HTTPS. However, be aware that > Basic authentication is not very secure anyway (see > http://httpd.apache.org/docs/howto/auth.html#basiccaveat) You make it sound as though it's still a problem over SSL - is that what you mean? -- 'My life, and by extension everyone else's, is meaningless.' -- Bender Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] adding virtual hosts without restarting ??
* Josh Cheney <[EMAIL PROTECTED]> [0540 12:40]: > I have found that an 'apachectl restart' is not enough for some reason > when adding a new SSL VHost, but rather you need to stop then startssl. > > Just as a side note. Sounds like a problem with apachectl not picking up '-DSSL'. -- 'Everybody I know who is right always agrees with ME.' -- Rev Lady Mal Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Restricted FTP access in Apache
* Bediako George <[EMAIL PROTECTED]> [0557 17:57]: > Actually I am not using one. I am really just trying > to find out right now. Perhaps I should point out > that I am looking at the modules ftp_proxy. See > http://httpd.apache.org/docs-2.0/mod/mod_proxy_ftp.html. > > I am assuming that this module provides FTP > functionality. Perhaps what it does instead is provide > just the proxy to an FTP server instead. Yeah, the clue is in the name :) > Either way, I believe this does not change my > question. The basis of the question is that I wish > to restrict axis to the FTP server via Apache. If the > FTP proxy module somehow acts as a gateway/wall that > hides the actual URL of the files my user is > requesting then that would be something of what I am > looking for. That is a totally different question - but you should be able to restrict the URLs apache accepts using the usual stuff. Combining that with a proxied Location pointing to the ftp server should let you restrict what URLs apache will forward onto the ftp server. Personally I'd secure the ftp server itself. -- 'A little rudeness and disrespect can elevate a meaningless interaction into a battle of wills and add drama to an otherwise dull day.' -- Calvin discovers Usenet Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Accessing a usage directory
* Mike McMullen <[EMAIL PROTECTED]> [0524 06:24]: > Hi All, > > I'm sure I am doing something stupid here so forgive my upfront. > > I am running Apache 2.0.52 on FC3. With the FC3 installation > comes a web log analyzer called webalizer. It stores it's information > in a directory called usage in /var/www. You access it by the index.html > file it creates there. > > When I go to access the information there I get a 403 Forbidden > message and the following shows up in the error_log: > > client denied by server configuration: /var/www/usage/ > > So I tried editing the conf file by adding a section like wha is done > for "manual": > > Alias /usage/ "/var/www/usage/" > > > Options Indexes > AllowOverride None > Order allow,deny > Allow from all > > > When I restart the httpd server I get the following warning: > > [warn] The Alias directive in /etc/httpd/conf/httpd.conf at line > 564 will probably never match because it overlaps an earlier Alias. > > I still can't access the usage data. Regarding the warning above, > there is no other word "usage" in the conf file except for my small > section. You don't need the Alias line, that's what the error is about. You have an Alias / elsewhere I guess, apache is saying this means that Alias /usage will never match, since the more general one wins first. -- 'If we can hit that bull's-eye, the rest of the dominoes will fall like a house of cards... Checkmate!' -- Zapp. Brannigan Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] web server slow too much slow
* Boyle Owen <[EMAIL PROTECTED]> [0523 10:23]: > > -Original Message- > > From: Msuro Venanzi [mailto:[EMAIL PROTECTED] > > Sent: Freitag, 20. Mai 2005 11:15 > > To: users@httpd.apache.org > > Subject: [EMAIL PROTECTED] web server slow too much slow > > > > > > hi all > > here is a link to my home web server > > on windows was really fast now i'm on suse 9.0 es > > and i don't know why it' svery slow > > if you want to try > > http://maurovenanzi.dynalias.org > > DNS lookup? > > Do you use domain-names or IP addresses to define sites? (ie, VirtualHost etc) And check you have : HostnameLookups Off in httpd.conf too. -- 'Sweet Zombie Jesus!' -- Prof. Farnsworth Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] httpd can't start because it's not yet running
* dan <[EMAIL PROTECTED]> [0559 01:59]:
> Fabiano Sidler wrote:
> >Hi folks!
> >
> >[EMAIL PROTECTED] $ httpd -k start
> >(20014)Error string not specified yet: Error retrieving pid file
> >/var/run/httpd.pid
> >[EMAIL PROTECTED] $ ls -l /var/run/httpd.pid -rw-r--r-- 1 root root 0 May
> >20
> >02:44 /var/run/httpd.pid
> >
> >Same problem with httpd:httpd permissions. 'strace' says:
> >
> >[...]
> >open("/var/run/httpd.pid", O_RDONLY)= 3
> >read(3, "", 13) = 0
> >write(2, "(20014)Error string not specifie"..., 84) = 84
> >[...]
> >
> >Where is the problem?
> >Greetings,
> >fips
> >
>
> Do you have a PidFile directive in httpd.conf? Does it match up to
> where Apache would expect it?
Well it looks like it, doesn't it? Did you see the strace output?
apache opens the file,
tries to read 13 bytes, and hits end of file
no error is thrown.
Looks to me like Apache is reading the pidfile, but it's empty.
Try deleting it and trying again.
--
'Robots don't have emotions, and that sometimes makes me feel sad.'
-- Bender
Rasputin :: Jack of All Trades - Master of Nuns
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] httpd can't start because it's not yet running
* Fabiano Sidler <[EMAIL PROTECTED]> [0542 11:42]:
> Dick Davies schrieb:
> >Looks to me like Apache is reading the pidfile, but it's empty.
> >Try deleting it and trying again.
>
> No, this never did work by now:
>
> open("/var/run/httpd.pid", O_RDONLY)= -1 ENOENT (No such file or
> directory)
That's screwed. It should create it when it starts.
Are you using some Redhat monstrosity with SE extensions or something.
> write(2, "no listening sockets available, "..., 46) = 46
> write(2, "Unable to open logs\n", 20) = 20
--
'common sense is what tells you that the world is flat.'
-- Principia Discordia
Rasputin :: Jack of All Trades - Master of Nuns
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Apache cannot connect to Tomcat in httpd.conf
* Andreas Bauer <[EMAIL PROTECTED]> [0643 13:43]: > Hello! > > Can somebody help me, please? > > My OS is Suse 9.2 pro. Apache and Tomcat work for me. > But If I start Apache with normal httpd.conf, Apache works for me. > If I paste my lines for Apache-Tomcat Connection, Apache doesn't > work for me, only Tomcat. It must be something wrong with this lines, but > the same lines in httpd.conf > > in a windows XP Tomcat-Apache configuration works for me: > > The pasted lines in httpd.conf are: > > LoadModule jk2_module modules/mod_jk2.so > > JkUriSet worker ajp13:localhost:8009 > > > JkUriSet worker ajp13:localhost:8009 > Setup a log for mod_jk2. -- 'Yeah, well I'm gonna build my own themepark! With blackjack aaand Hookers! Actually, forget the park. And the blackjack.' -- Bender Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] Re: Apache cannot connect to Tomcat in httpd.conf
* Andreas <[EMAIL PROTECTED]> [0634 23:34]: > > >Setup a log for mod_jk2. > > /usr/local/apache2/logs/error_log: > > [Thu Jun 02 01:36:24 2005] [notice] Apache/2.0.54 (Unix) configured -- > resuming normal operations > [Thu Jun 02 02:19:08 2005] [notice] caught SIGTERM, shutting down > [Thu Jun 02 02:19:11 2005] [notice] Apache/2.0.54 (Unix) mod_jk2/2.0.4 > configured -- resuming normal operations > [Thu Jun 02 02:19:19 2005] [notice] child pid 6544 exit signal > Segmentation fault (11) No, a log for jk2, not apache, to tell you what it's doing. You're probably better off asking on the tomcat list. -- 'A little rudeness and disrespect can elevate a meaningless interaction into a battle of wills and add drama to an otherwise dull day.' -- Calvin discovers Usenet Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [users@httpd] syntax error before '*' token
* Gustavo A. Baratto <[EMAIL PROTECTED]> [0632 01:32]: > Does anybody know what is this error all about? > > I got the same error in all combinations of these: > - freebsd 5.3 and 5.4. > - apache 2.0.53 and 2.0.54 > - freebsd make and gmake Why don't you just use the ports tree? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports.html -- 'TAKE your dustbin to the supermarket with you so that you can see which items you have recently run out of.' -- Top Tips Rasputin :: Jack of All Trades - Master of Nuns - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_rewrite and network addresses?
Hi all,
I'm trying to do what should be simple, can anyone suggest a better approach?
I have content I want to serve up via http to intranet users, but have
external IPs authenticate over SSL (mod_auth_ldap).
the internal nets are (say):
10.9.0.0/16
10.0.112.0/20
10.19.64.0/22
I solved this by having two vhosts, one clear and one ssl.
The SSL site requires basic ldap auth, and the non-ssl vhost has some
mod_rewrite voodoo like this:
...snip
# for main network users
RewriteCond %{REMOTE_ADDR} !^10\.9\..*
# XXX these are hosed
# or our other two sites
RewriteCond %{REMOTE_ADDR} !10.0.112.0/20
RewriteCond %{REMOTE_ADDR} !10.19.64.0/22
# then you need to authenticate
RewriteRule ^(.*)$ https://server.domain$1 [R,L]
...snip
Now this works fine for the 10.9.0.0/16 network (because it's a class B),
but since we're just matching a string (REMOTE_ADDR) with no network information
it isn't going to cut it for the last two sites.
Am I really going to have to have one line for each possible starting string
for each of the last two subnets?
--
'A length of plastic drainpipe with a roller skate at each end makes an ideal
"car" for snakes.'
-- Top Tips
Rasputin :: Jack of All Trades - Master of Nuns
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: [EMAIL PROTECTED] mod_rewrite and network addresses?
* Joshua Slive <[EMAIL PROTECTED]> [0737 18:37]:
> On 7/25/05, Dick Davies <[EMAIL PROTECTED]> wrote:
> > but since we're just matching a string (REMOTE_ADDR) with no network
> > information
> > it isn't going to cut it for the last two sites.
> >
> > Am I really going to have to have one line for each possible starting string
> > for each of the last two subnets?
> Well, you will need to build a regex that does the matches. But you
> won't need one for every starting string. You can use stuff like
> RewriteCond %{REMOTE_ADDR} !^10\.0\.11[2-9]\.*
> RewriteCond %{REMOTE_ADDR} !^10\.0\.12[0-7]\.*
> which I believe should get the intention of your first line. (Note
> also the correct regex escaping of the '.'.)
Thanks Joshua, just needed some confirmation I wasn't missing anything obvious
(the escaping in my post was adhoc, was'nt sure if mod_rewrite needs .*
or * to match 'anything').
The technique below is interesting too, thanks for the idea.
> Alternative techniques include using a RewriteMap to list all the
> address (at least down to the /24 level), or going back to mod_access.
> For example, you could do something like
> Order Allow,Deny
> Allow from 10.0.112.0/20
> Allow from 10.19.64.0/22
> ErrorDocument 403 https://server.domain
> (That doesn't necessarily get you to the right exact page. For that,
> you'd need to
> point your ErrorDocument at a CGI script to do the redirection.)
--
'That question was less stupid, though you asked it in a profoundly stupid way.'
-- Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11
Hi Everybody! I've been having some problems with a recent compile of Apache 2.2.8. I appears that when I use the SetEnvIf directive, Apache Seg Faults. It appears that the error occurs when SetEnvIf tries to compile the Regular Expression. This error only occurs if I use the SetEnvIf directive: comment it out and there is no problem (the LoadModule line does not trigger the segfault). Here is the configure line I used to compile Apache: CFLAGS="-arch i386" ./configure --prefix=/usr/local/apache2 --enable-layout=Apache --enable-mods-shared=all --enable-auth-digest --enable-rewrite --enable-dav --enable-dav-fs --enable-ext-filter I've only compiled Apache a couple of times in the past, and always on OSX, so I *think* I need to compile the latest version of PCRE (7.7) and somehow get mod_SetEnvIf to include that lib, but I don't know how :) Anyway, here is the httpd.crash.log. I would appreciate any help, directions or hunches anyone has, as the use of SetEnvIf is pretty vital to my project. Thank you! Ben ****** Host Name: ben-davies-computer Date/Time: 2008-05-23 11:12:07.863 +0100 OS Version: 10.4.11 (Build 8S2167) Report Version: 4 Command: httpd Path:/usr/local/apache2/bin/httpd Parent: sh [499] Version: ??? (???) PID:500 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xc0ffda9f Thread 0 Crashed: 0 httpd 0x0002d869 compile_regex + 2447 (pcre.c:2463) 1 httpd 0x0002ff10 pcre_compile + 696 (pcre.c:5511) 2 httpd 0x7840 ap_regcomp + 65 (util_pcre.c:135) 3 httpd 0x47a3 ap_pregcomp + 57 (util.c:268) 4 mod_setenvif.so 0x005617a5 add_setenvif_core + 1602 (mod_setenvif.c:176) 5 mod_setenvif.so 0x005618a2 add_setenvif + 104 (mod_setenvif.c:412) 6 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 7 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 8 httpd 0xdab7 dirsection + 383 (core.c:1866) 9 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 10 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 11 httpd 0xe671 virtualhost_section + 256 (core.c:2209) 12 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 13 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 14 httpd 0x00018fce ap_process_config_tree + 166 (config.c:1760) 15 httpd 0x26d5 main + 1928 (main.c:634) 16 httpd 0x19be _start + 228 (crt.c:272) 17 httpd 0x18d9 start + 41 Thread 0 crashed with X86 Thread State (32-bit): eax: 0x ebx: 0x0002ceeb ecx: 0x01836418 edx: 0x00561f4d edi: 0xbfffed24 esi: 0x00ffed7c ebp: 0xbfffed88 esp: 0xbfffebf0 ss: 0x001f efl: 0x00010246 eip: 0x0002d869 cs: 0x0017 ds: 0x001f es: 0x001f fs: 0x gs: 0x0037 Binary Images Description: 0x1000 -0x3dfff httpd /usr/local/apache2/bin/httpd 0x125000 - 0x133fff libaprutil-1.0.dylib /usr/local/apache2/lib/libaprutil-1.0.dylib 0x16d000 - 0x184fff libexpat.0.dylib /usr/local/apache2/lib/libexpat.0.dylib 0x1b8000 - 0x1b8fff mod_authn_file.so /usr/local/apache2/modules/mod_authn_file.so 0x1c - 0x1c0fff mod_authn_dbm.so /usr/local/apache2/modules/mod_authn_dbm.so 0x1c8000 - 0x1c8fff mod_authn_anon.so /usr/local/apache2/modules/mod_authn_anon.so 0x1d - 0x1d0fff mod_authn_dbd.so /usr/local/apache2/modules/mod_authn_dbd.so 0x1d8000 - 0x1d8fff mod_authn_default.so /usr/local/apache2/modules/mod_authn_default.so 0x1e - 0x1e0fff mod_authz_host.so /usr/local/apache2/modules/mod_authz_host.so 0x1e9000 - 0x1e9fff mod_authz_groupfile.so /usr/local/apache2/modules/mod_authz_groupfile.so 0x1f2000 - 0x1f2fff mod_authz_user.so /usr/local/apache2/modules/mod_authz_user.so 0x305000 - 0x31cfff libapr-1.0.dylib /usr/local/apache2/lib/libapr-1.0.dylib 0x37d000 - 0x37dfff mod_authz_dbm.so /usr/local/apache2/modules/mod_authz_dbm.so 0x385000 - 0x385fff mod_authz_owner.so /usr/local/apache2/modules/mod_authz_owner.so 0x38d000 - 0x38dfff mod_authz_default.so /usr/local/apache2/modules/mod_authz_default.so 0x395000 - 0x395fff mod_auth_basic.so /usr/local/apache2/modules/mod_auth_basic.so 0x39e000 - 0x3a2fff mod_auth_digest.so /usr/local/apache2/modules/mod_auth_digest.so 0x3b - 0x3b1fff mod_dbd.so /usr/local/apache2/modules/mod_dbd.so 0x3bc000 - 0x3bcfff mod_dumpio.so /usr/local/apache2/modules/mod_dumpio.so 0x3c5000 - 0x3c7fff mod_ext_filter.so /usr/local/apache2/modules/mod_ext_filter.so 0x3d3000 - 0x3dafff mod_include.so /usr/local/apache2/modules/mod_include.so 0x3ef000 - 0x3f0fff mod_filter.so /usr/local/apache2/modules/mod_filter.so 0x505000 - 0x506fff mod_substitute.so /usr/local/apache2/modules/mod_substitute.so 0x51 - 0x513fff
RE: [EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11
Just a quick update to my previous posting: It now appears that the same compile_regex PCRE error fires for mod_rewrite as well. So there is definitely some problem with my compile and PCRE, as more that one module is affected. Again, any help would be appreciated! Cheers! Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: Ben Davies [mailto:[EMAIL PROTECTED] Sent: 23 May 2008 11:20 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11 Hi Everybody! I've been having some problems with a recent compile of Apache 2.2.8. I appears that when I use the SetEnvIf directive, Apache Seg Faults. It appears that the error occurs when SetEnvIf tries to compile the Regular Expression. This error only occurs if I use the SetEnvIf directive: comment it out and there is no problem (the LoadModule line does not trigger the segfault). Here is the configure line I used to compile Apache: CFLAGS="-arch i386" ./configure --prefix=/usr/local/apache2 --enable-layout=Apache --enable-mods-shared=all --enable-auth-digest --enable-rewrite --enable-dav --enable-dav-fs --enable-ext-filter I've only compiled Apache a couple of times in the past, and always on OSX, so I *think* I need to compile the latest version of PCRE (7.7) and somehow get mod_SetEnvIf to include that lib, but I don't know how :) Anyway, here is the httpd.crash.log. I would appreciate any help, directions or hunches anyone has, as the use of SetEnvIf is pretty vital to my project. Thank you! Ben ****** Host Name: ben-davies-computer Date/Time: 2008-05-23 11:12:07.863 +0100 OS Version: 10.4.11 (Build 8S2167) Report Version: 4 Command: httpd Path:/usr/local/apache2/bin/httpd Parent: sh [499] Version: ??? (???) PID:500 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xc0ffda9f Thread 0 Crashed: 0 httpd 0x0002d869 compile_regex + 2447 (pcre.c:2463) 1 httpd 0x0002ff10 pcre_compile + 696 (pcre.c:5511) 2 httpd 0x7840 ap_regcomp + 65 (util_pcre.c:135) 3 httpd 0x47a3 ap_pregcomp + 57 (util.c:268) 4 mod_setenvif.so 0x005617a5 add_setenvif_core + 1602 (mod_setenvif.c:176) 5 mod_setenvif.so 0x005618a2 add_setenvif + 104 (mod_setenvif.c:412) 6 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 7 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 8 httpd 0xdab7 dirsection + 383 (core.c:1866) 9 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 10 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 11 httpd 0xe671 virtualhost_section + 256 (core.c:2209) 12 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 13 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 14 httpd 0x00018fce ap_process_config_tree + 166 (config.c:1760) 15 httpd 0x26d5 main + 1928 (main.c:634) 16 httpd 0x19be _start + 228 (crt.c:272) 17 httpd 0x18d9 start + 41 Thread 0 crashed with X86 Thread State (32-bit): eax: 0x ebx: 0x0002ceeb ecx: 0x01836418 edx: 0x00561f4d edi: 0xbfffed24 esi: 0x00ffed7c ebp: 0xbfffed88 esp: 0xbfffebf0 ss: 0x001f efl: 0x00010246 eip: 0x0002d869 cs: 0x0017 ds: 0x001f es: 0x001f fs: 0x gs: 0x0037 Binary Images Description: 0x1000 -0x3dfff httpd /usr/local/apache2/bin/httpd 0x125000 - 0x133fff libaprutil-1.0.dylib /usr/local/apache2/lib/libaprutil-1.0.dylib 0x16d000 - 0x184fff libexpat.0.dylib /usr/local/apache2/lib/libexpat.0.dylib 0x1b8000 - 0x1b8fff mod_authn_file.so /usr/local/apache2/modules/mod_authn_file.so 0x1c - 0x1c0fff mod_authn_dbm.so /usr/local/apache2/modules/mod_authn_dbm.so 0x1c8000 - 0x1c8fff mod_authn_anon.so /usr/local/apache2/modules/mod_authn_anon.so 0x1d - 0x1d0fff mod_authn_dbd.so /usr/local/apache2/modules/mod_authn_dbd.so 0x1d8000 - 0x1d8fff mod_authn_default.so /usr/local/apache2/modules/mod_authn_default.so 0x1e - 0x1e0fff mod_authz_host.so /usr/local/apache2/modules/mod_authz_host.s
[EMAIL PROTECTED] RE: RESOLVED [EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11
Hi all, Just a quick reply to let you know I got it sorted: I downloaded the latest version of PCRE, compiled it and used the apache configure option --with-pcre=/usr/local/pcre. So now all my modules are compiled against the latest version of PCRE. Pretty painless actually, and worked first time with no problems. Cheers! Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: Ben Davies [mailto:[EMAIL PROTECTED] Sent: 23 May 2008 11:49 To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11 Just a quick update to my previous posting: It now appears that the same compile_regex PCRE error fires for mod_rewrite as well. So there is definitely some problem with my compile and PCRE, as more that one module is affected. Again, any help would be appreciated! Cheers! Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: Ben Davies [mailto:[EMAIL PROTECTED] Sent: 23 May 2008 11:20 To: users@httpd.apache.org Subject: [EMAIL PROTECTED] mod_setenvif SEGFAULT PCRE - OSX 10.4.11 Hi Everybody! I've been having some problems with a recent compile of Apache 2.2.8. I appears that when I use the SetEnvIf directive, Apache Seg Faults. It appears that the error occurs when SetEnvIf tries to compile the Regular Expression. This error only occurs if I use the SetEnvIf directive: comment it out and there is no problem (the LoadModule line does not trigger the segfault). Here is the configure line I used to compile Apache: CFLAGS="-arch i386" ./configure --prefix=/usr/local/apache2 --enable-layout=Apache --enable-mods-shared=all --enable-auth-digest --enable-rewrite --enable-dav --enable-dav-fs --enable-ext-filter I've only compiled Apache a couple of times in the past, and always on OSX, so I *think* I need to compile the latest version of PCRE (7.7) and somehow get mod_SetEnvIf to include that lib, but I don't know how :) Anyway, here is the httpd.crash.log. I would appreciate any help, directions or hunches anyone has, as the use of SetEnvIf is pretty vital to my project. Thank you! Ben ****** Host Name: ben-davies-computer Date/Time: 2008-05-23 11:12:07.863 +0100 OS Version: 10.4.11 (Build 8S2167) Report Version: 4 Command: httpd Path:/usr/local/apache2/bin/httpd Parent: sh [499] Version: ??? (???) PID:500 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_INVALID_ADDRESS (0x0001) at 0xc0ffda9f Thread 0 Crashed: 0 httpd 0x0002d869 compile_regex + 2447 (pcre.c:2463) 1 httpd 0x0002ff10 pcre_compile + 696 (pcre.c:5511) 2 httpd 0x7840 ap_regcomp + 65 (util_pcre.c:135) 3 httpd 0x47a3 ap_pregcomp + 57 (util.c:268) 4 mod_setenvif.so 0x005617a5 add_setenvif_core + 1602 (mod_setenvif.c:176) 5 mod_setenvif.so 0x005618a2 add_setenvif + 104 (mod_setenvif.c:412) 6 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 7 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 8 httpd 0xdab7 dirsection + 383 (core.c:1866) 9 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 10 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 11 httpd 0xe671 virtualhost_section + 256 (core.c:2209) 12 httpd 0x000170d6 invoke_cmd + 273 (config.c:785) 13 httpd 0x0001804b ap_walk_config + 222 (config.c:1158) 14 httpd 0x00018fce ap_process_config_tree + 166 (config.c:1760) 15 httpd
RE: [EMAIL PROTECTED] ext_filter + negotiation?
Don't know if this helps, but I did the following: ExtFilterDefine TranscodeMP3 intype="audio/flac" outtype="audio/mp3" cmd="flac2mp3" SetOutputFilter TranscodeMP3 AliasMatch "^/(.*)\.mp3$" /flac/lib/$1.flac The above means that if anyone requests "mysong.mp3", they get the file "mysong.flac" filtered through my flac2mp3 script which converts it to mp3 (via LAME) on the fly. I didn't need to use Multiviews in the end. Dunno if that helps, but it took me a while to realise I didn't need multiviews. Cheers, Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: Jonathan H N Chin [mailto:[EMAIL PROTECTED] Sent: 30 May 2008 22:12 To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] ext_filter + negotiation? nick wrote: > Jonathan H N Chin <[EMAIL PROTECTED]> wrote: > > > Using debian's apache 2.0.54 and 2.2.3, I define a filter: > > > > ExtFilterDefine test \ > > mode=output intype=text/html \ > > cmd="/usr/bin/perl -pe 's/foo/bar/g'" > > Presumably that's just illustrative (if that's what you want > to do, then using ext_filter for it is a terrible solution). Yes. > > I use it with: > > DocumentRoot /export/www > > > > Options Indexes FollowSymLinks MultiViews > > > > > > SetOutputFilter test > > > > As a general rule, using with local contents > is a bad idea, and may not work as expected. That could > be your problem here, though I'm not sure. I'm afraid I have no idea what "local contents" means here. Please do expand (or point me to the relevant docs). > > If I GET http://server/test.html, the substitution happens. > > However, if I GET http://server/test, it does not. > > What do I need to do to make substitution also work with > > content negotiation? If I change "Location" to "Directory" the substitution occurs. However, in either case mod_info/mod_status then fail. Given: SetHandler server-info SetHandler server-status when I GET http://server/info or GET http://server/status, I just get back an empty page. When I remove the SetOutputFilter, info/status work again. > See the mod_filter documentation for better filter control. mod_filter doesn't seem to exist in 2.0.54 ? I need something that works with both 2.0 and 2.2. -jonathan -- Jonathan H N Chin | deputy computer | Newton Institute, Cambridge, UK <[EMAIL PROTECTED]> | systems manager | tel/fax: +44 1223 767091/330508 - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[EMAIL PROTECTED] AddOutputFilterByType
Hi Everybody! I've noticed that the directive AddOutputFilterByType has been deprecated in Apache 2.1 and later. Does anyone have a suggestion (or a link) on how one would be able to configure Apache to accomplish the same task without using AddOutputFilterByType on Apache2.2? Cheers, Ben Ben Davies | Lead Developer | <http://www.stickyeyes.com/> Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail.
RE: [EMAIL PROTECTED] AddOutputFilterByType
Sorry, I should have been more explicit: How would you implement AddOutputFilterByType for filters created with ExtFilterDefine? Example: I have a flac file. I have a custom filter that converts flac files to mp3 files. If the request contains the header Accept: audio/mp3, how can I ensure that my custom filter will run? I had a look at the directives for mod_filter and the closest match appears to be FilterProvider, but the second argument requires that I specify a regular filter. Cheers! Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Slive Sent: 02 June 2008 15:42 To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] AddOutputFilterByType On Mon, Jun 2, 2008 at 10:31 AM, Ben Davies <[EMAIL PROTECTED]> wrote: > Hi Everybody! > > > > I've noticed that the directive AddOutputFilterByType has been deprecated in > Apache 2.1 and later. Does anyone have a suggestion (or a link) on how one > would be able to configure Apache to accomplish the same task without using > AddOutputFilterByType on Apache2.2? See mod_filter. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [EMAIL PROTECTED] AddOutputFilterByType
Okay, this is great! Making some real headway here. Your suggestions works as expected. However, I want to throw another spanner in the works :) I have a directory which only contains flac files. I have several bash scripts, each of which convert a flac file to another format (mp3, aac, etc) I've setup various custom filters for each using ExtFilterDefine, and they all work as suggested. Now: I could expand your suggestion of using SetEnvIf to pass through the value of the quality field for each mimetype I want to support. This would be a fine solution, and would work. However, I'm interested in seeing if I can get MultiViews to work with directives provided by mod_filter. It is my understanding that: MultiViewsMatch Filters Would tell Apache to check the mime-types of any attached filters and apply those in order to provide the requested resource. Here is a pseudo-example of what I've configured: ExtFilterDefine Transcode_MP3 mode=output intype=audio/flac outtype=audio/mp3 cmd="flac2mp3" ExtFilterDefine Transcode_AAC mode=output intype=audio/flac outtype=audio/aac cmd="flac2aac" ExtFilterDefine Transcode_MP4 mode=output intype=audio/flac outtype=audio/mp4 cmd="flac2mp4" Options MultiViews MultiViewsMatch Filters FilterProvider Transcode_MP3 ext_filter Content-type audio/mp3 FilterProvider Transcode_AAC ext_filter Content-type audio/aac FilterProvider Transcode_MP4 ext_filter Content-type audio/mp4 FilterChain Transcode_MP3 Transcode_AAC Transcode_MP4 Alias /lib /mylib The directory /mylib only contains flac files. So, in theory, I should be able to make the following request: GET /lib/song1 Accept: audio/mp3;q=1,audio/aac;q=0.5 And the process should be: 1) MultiViews fires up and tries to conneg the file. Matches the audio/mp3 type from the Accept header. 2) Matches the file /mylib/song1.flac 3) Passes the file out through the custom filter Transcode_MP3 (flac2mp3 script) 4) Returns song1.mp3 Can anyone give me some advice? My main concerns are regarding the process Apache goes through to accomplish this: 1) The Second parameter of FilterProvider should be the provider-name. In the example above, Apache refuses to start if I use "ext_filter", but replacing it with "Transcode_MP3" lets it start (the thinking is that the provider-name is the custom filter name I have previously setup using ExtFilterDefine, but I think this may be wrong) 2) I think I may have made a incorrect assumption that multiviews will grab the song1.flac file and pass it through to the appropriate filter. Is this correct? If "MultiViewsMatch Filters" is used, will MultiViews pass through the first file that *could* match to the appropriate filter? I couldn't find any further information on what happens with this directive from the Apache 2.2 Documentation. 3) This may seem like a long winded way of doing things, but I am interested in running my custom filter as much like "real" filters as possible, so that in the future I could replace them with properly coded "real" filters :). That and I really want to understand Apache Filters better, and considering Apache source code is way out of my league, custom/script filters are about the best I can cope with. If I can do pretty much everything you can with custom/script filters you can do with "real" filters, that would definitely help my understanding. If you have a better, more in-depth reference for filters (besides the Apache 2.2 Documentation), please send me the link, and I'll quit bothering the list :) Again, thanks for your help so far. Cheers, Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Slive Sent: 02 June 2008 17:28 To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] AddOutputFilterByType On Mon, Jun 2, 2008 at 11:50 AM, Ben Davies <[EMAIL PROTECTED]> wrote: > Sorry, I should have been more explicit: > > How would you implement AddOutputFilterByType for filters created with > ExtFilterDefine? > > Example: > > I have a flac file. I have a custom filter that c
RE: [EMAIL PROTECTED] AddOutputFilterByType
" MultiViews is used specifically when choosing between a bunch of files that exist in the filesystem, but that have different meta-data attached to them. You only have a single file, but wish to process it in a bunch of different ways." That's what I thought, though the brief explanation of MultiViewsMatch Filters suggests something else. I have a copy of the Apache Modules book and I'll have a dig through to see if there is anything on this directive. Cheers, Ben Ben Davies | Lead Developer | Stickyeyes 6th Floor, West One, Wellington Street, Leeds, LS1 1BA Email: [EMAIL PROTECTED] 0113 391 2929 | Fax 0113 391 2939 This e-mail may contain information that is privileged, confidential or otherwise protected from disclosure. It must not be used by, or its contents copied or disclosed to persons other than the intended recipient. Any liability (in negligence or otherwise) arising from any third party acting, or refraining from acting, on any information contained in this e-mail is excluded. The views expressed may not be official company policy, but instead, the personal views of the originator. If you have received this e-mail in error please notify the sender and delete the e-mail. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joshua Slive Sent: 03 June 2008 19:02 To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] AddOutputFilterByType On Tue, Jun 3, 2008 at 6:42 AM, Ben Davies <[EMAIL PROTECTED]> wrote: > Okay, this is great! Making some real headway here. > > Your suggestions works as expected. However, I want to throw another spanner > in the works :) > > I have a directory which only contains flac files. I have several bash > scripts, each of which convert a flac file to another format (mp3, aac, etc) > > I've setup various custom filters for each using ExtFilterDefine, and they > all work as suggested. > > Now: > > I could expand your suggestion of using SetEnvIf to pass through the value > of the quality field for each mimetype I want to support. This would be a > fine solution, and would work. > > However, I'm interested in seeing if I can get MultiViews to work with > directives provided by mod_filter. I haven't though your problem through in detail, but I don't think this approach will work. MultiViews is used specifically when choosing between a bunch of files that exist in the filesystem, but that have different meta-data attached to them. You only have a single file, but wish to process it in a bunch of different ways. Joshua. - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] Single auth file for many per-user directories
Hi all, I would appreciate any suggetions on how to achieve the following: I have a large number of per-user directories: /var/www/user1 /var/www/user2 /var/www/user3 ... And a htdigest file containing usernames and passwords for all of these users. I want to set up authentication for each user to access just their own directory. The obvious method is to have a very long Apache config file, with "Require user1", "Require user2", etc. specified manually for each directory. However, I have a lot of users! Is there some clever way around this, for example a way to do: Require Or alternatively, a way for me to have "Require valid-user", but then somehow prevent users from accessing directories other than their own? (even with a hack like rewrite rules?) Thanks for any pointers, Richard. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
Re: [users@httpd] Single auth file for many per-user directories
Eric Covener wrote: > > ?Require > > > > Or alternatively, a way for me to have "Require valid-user", but then > > somehow prevent users from accessing directories other than their own? > > (even with a hack like rewrite rules?) > > There is a shortcut if the those names are system users and they > actually own their directories: > > http://httpd.apache.org/docs/2.2/mod/mod_authz_owner.html Unfortunately, they aren't - they're just entries in an htdigest file. Richard. - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] REMOTE_USER in a "RewriteCond expr" test with v2.4
Hi all,
Apache 2.4 introduces ap_expr syntax for complex tests in "RewriteCond expr"
I'm trying to write such a test which uses %{REMOTE_USER}.
However, the %{LA-U:REMOTE_USER} look-ahead syntax needed to access this
variable in a per-server context doesn't seem to work inside an ap_expr.
Can anyone help me understand how to test REMOTE_USER in a "RewriteCond
expr" test?
Thanks,
Richard.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] What IP Addresses Are Used With Virtual Host & Listen Directives
My question relates to IP addresses that are used in (1) the section of a virtual host container and (2) the Listen directive My Server computer is on a local area network controlled by a router which is connected to the internet If I want to specify specific IP addresses (as opposed to an all IP address configuration), do I specify (1) the local IP address(es) of the Server, (2) the local IP address of the router or (3) the internet address of the router My understanding is that you use the local IP address(es) of the Server Am I correct on this point Thank you for your reply Howard
Re: [users@httpd] How to get the apache HTTP Server version 2.4.2 for Windows ?
I was not able to find a Windows version 2.4 a few days ago - Probably not developed yet I think the latest Windows version is 2.2.22 which is what I downloaded and installed a couple of days ago Look in the binary folder for Windows apps On Aug 8, 2012, at 12:45 AM, Varuna Seneviratna wrote: > Hi > I am not able to find apache HTTP server 2.4.2 version for Windows. > Is there Windows version, or is there a Windows source code bundle to > be compiled? > > VS > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > - To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[users@httpd] Unsubscribe
Please remove my E-mail address from your E-mail list Thank you
