[EMAIL PROTECTED] apache problem with soft link

[Michael D. Berger]

Using Fedora Core 2.6.14-1.1653_FC4 and apache httpd-2.0.54-10.3
I have a web site in which there are soft links from directories
containing http files to directories containing jpg files.  These
links are all constructed using a simple installation script, and
there are many such links.

They all work except the last one that I added.  The jpg file is
properly displayed if I move it to the http directory, but not
through the link.

The appropriate directories all have SymLinksIfOwnerMatch (and all
owners match).  In my debugging effort I tried FollowSymLinks.

In case "the last link" made might be the problem, changed the order
by changing the first letter of the directory in question to upper
case (they are usually lower case). It made no difference.

Any suggestions would be much appreciated.

Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] apache problem with soft link

[Michael D. Berger]

> > The appropriate directories all have SymLinksIfOwnerMatch (and all
> > owners match).  In my debugging effort I tried FollowSymLinks.
> > 
> > In case "the last link" made might be the problem, changed the order
> > by changing the first letter of the directory in question to upper
> > case (they are usually lower case). It made no difference.
> > 
> > Any suggestions would be much appreciated.
> > 
> Did you have at look at on your httpd's log? Could give more details 
> regarding your set-up, like the relevante httpd.conf lines, 
> path of your 
> pictures directories, ...
> 
> Regards,
> 
> Gaël
> 
A good suggestion.  The httpd logs show correct delivery,
including an exactly correct file length, despite failure.
This suggested that the problem might be on the receiving
end.  The failure is seen two two boxes of different
hardware, but with similar win2k systems. I did test it
with firefox on the server box using file:///... and it
works correctly.  I don't have another linux box I can
test it with.

The strangest thing is that the problem is critically
dependent on the soft link name.  I have tried numerous
combinations, and can make no sense of it.  For example:

These fail:
   
   

Thess work:
   
   

In all cases, the correct links are in place.

You can see where my work-around is comming from.
Thanks for your help.

Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] one cookie for all html

[Michael D. Berger]

I would like to manage one cookie for all the
myriad files in my tree.  This would be easy if
the one cgi script in the root were called
irrespective of the contents of the GET.
Can this be done? How?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] Redhat WS compime problem

[Michael D. Berger]

I downloaded httpd-2.0.54.tar.gz and I am using it
to replace the present version on RH-E-WS-4.  My main
reason is to get --enable-ext-filter. Here is my
config command:

  ./configure --prefix=/usr --enable-expires --enable-ext-filter
--enable-headers --enable-logio 

I then:
  make
  make install
There is plenty of action, but my old version is not
replaced.

For what it is worth, in the make directory, I note
a new file named httpd, with a size of 6389.  This
seems rather small.

Thanks in advance for your advice.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] one cookie for all html

[Michael D. Berger]

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Sunday, May 22, 2005 12:01 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] one cookie for all html
> 
> 
> On 5/20/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > I would like to manage one cookie for all the
> > myriad files in my tree.  This would be easy if
> > the one cgi script in the root were called
> > irrespective of the contents of the GET.
> > Can this be done? How?
> 
> This can be done with Action, ScriptAlias, or RewriteRule, depending
> on your needs.  (They increase with flexibility and complexity in that
> order.)
> 
> For example:
> ScriptAlias / /full/filesystem/path/to/cgiscript.cgi
> (Note this will hit .gif/.jpg/etc as well as html requests.)
> 
> Joshua.
> 

Thanks for this information.  I read up on RewriteRule, and I
now have it working in a preliminary way.  Any URI calls my one
cgi. HOWEVER, I get a different cookie file name on the client
for each URI.  I would like the same cookie file on the client
for all URIs. Can this be done?  The client is IE 6.0.
Thanks again for your help.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 






> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] one cookie for all html

[Michael D. Berger]

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Monday, May 23, 2005 9:33 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] one cookie for all html
> 
> 
> On 5/23/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > Thanks for this information.  I read up on RewriteRule, and I
> > now have it working in a preliminary way.  Any URI calls my one
> > cgi. HOWEVER, I get a different cookie file name on the client
> > for each URI.  I would like the same cookie file on the client
> > for all URIs. Can this be done?  The client is IE 6.0.
> 
> Sounds like a problem with your cgi script.  It needs to check if the
> cookie exists in the client request before setting another one.
> 
> Joshua.
I want to send the cookie whether or not one is returned.  If there is
one, I want to replace it.  The Set-Cookie is trivial, and contains no
path information.  If the client only calls the root, this what happens.
But if one of the subdirectories is called, the client gives the cookie
file another name.  Maybe I should try path=/ in the Set-Cookie?
Tomorrow. Its bed time at UTC-0400.
Thanks,
Mike.



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] one cookie for all html

[Michael D. Berger]

> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED] 
> Sent: Monday, May 23, 2005 10:25 PM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] one cookie for all html
> 
> 
> 
> 
> --
> Michael D. Berger
> [EMAIL PROTECTED] 
> 
> > -Original Message-
> > From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> > Sent: Monday, May 23, 2005 9:33 PM
> > To: users@httpd.apache.org
> > Subject: Re: [EMAIL PROTECTED] one cookie for all html
> > 
> > 
> > On 5/23/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > > Thanks for this information.  I read up on RewriteRule, and I
> > > now have it working in a preliminary way.  Any URI calls my one
> > > cgi. HOWEVER, I get a different cookie file name on the client
> > > for each URI.  I would like the same cookie file on the client
> > > for all URIs. Can this be done?  The client is IE 6.0.
> > 
> > Sounds like a problem with your cgi script.  It needs to 
> check if the
> > cookie exists in the client request before setting another one.
> > 
> > Joshua.
> I want to send the cookie whether or not one is returned.  If there is
> one, I want to replace it.  The Set-Cookie is trivial, and contains no
> path information.  If the client only calls the root, this 
> what happens.
> But if one of the subdirectories is called, the client gives 
> the cookie
> file another name.  Maybe I should try path=/ in the Set-Cookie?
> Tomorrow. Its bed time at UTC-0400.
> Thanks,
> Mike.
> 
path=/ indeed solves the problem, as a careful trading of the
rfc 2109 suggests.  I now get exactly one cookie rather than
several.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] Newbie CGI: nested href

[Michael D. Berger]

I wrote a CGI that opens an html file, reads it and sends
it out (with some modification).  Now these files contain
relative links of the form:
   something
Now when the client clicks on "something", only the relative
paths appear to the CGI, and I cannot open the file.

What should I do?
1. I could carry the last path in a cookie and construct
   the full path.  But this would only work for nodes
   that accept cookies.

2. I could change all the paths to absolute.  Much much
   work.

Any better suggestions?

Thanks in advance.
Mike.


--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Newbie CGI: nested href

[Michael D. Berger]

I have a legacy tree with numerous branches, and many relative links.
I was hoping to get it all with one CGI.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, June 04, 2005 12:32 AM
> To: Apache-Users
> Subject: Re: [EMAIL PROTECTED] Newbie CGI: nested href
> 
> 
> On Sat, 4 Jun 2005, Michael D. Berger wrote:
> 
> Try putting the cgi in the same directory as the html file 
> and turning on 
> execCGI in that directory?  That's the easy answer.  I 
> suppose there's 
> something harder involving mod_rewrite.
> 
> But since you're parsing the html anyway, you could rewrite 
> them on the 
> fly, too.
> 
> Your call.
> 
> 
> > I wrote a CGI that opens an html file, reads it and sends
> > it out (with some modification).  Now these files contain
> > relative links of the form:
> >   something
> > Now when the client clicks on "something", only the relative
> > paths appear to the CGI, and I cannot open the file.
> >
> > What should I do?
> > 1. I could carry the last path in a cookie and construct
> >   the full path.  But this would only work for nodes
> >   that accept cookies.
> >
> > 2. I could change all the paths to absolute.  Much much
> >   work.
> >
> > Any better suggestions?
> >
> > Thanks in advance.
> > Mike.
> >
> >
> > --
> > Michael D. Berger
> > [EMAIL PROTECTED]
> >
> >
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >   "   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> 
> --
> 
> [23:49:00] LarpGM: Did my little TP comment scare you off?
> [23:49:22] ilzarion: no, the shrieking retarded child eating 
> people did
> 
> -Feb 06, 2001, times apparent.
> 
> 
> Dan Mahoney
> Techie,  Sysadmin,  WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144   AIM: LarpGM
> Site:  http://www.gushi.org
> ---
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Newbie CGI: nested href

[Michael D. Berger]

Problem solved by pathcing the href in the outgoing response.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, June 04, 2005 12:34 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Newbie CGI: nested href
> 
> 
> I have a legacy tree with numerous branches, and many relative links.
> I was hoping to get it all with one CGI.
> Mike.
> 
> --
> Michael D. Berger
> [EMAIL PROTECTED] 
> 
> > -Original Message-
> > From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED] 
> > Sent: Saturday, June 04, 2005 12:32 AM
> > To: Apache-Users
> > Subject: Re: [EMAIL PROTECTED] Newbie CGI: nested href
> > 
> > 
> > On Sat, 4 Jun 2005, Michael D. Berger wrote:
> > 
> > Try putting the cgi in the same directory as the html file 
> > and turning on 
> > execCGI in that directory?  That's the easy answer.  I 
> > suppose there's 
> > something harder involving mod_rewrite.
> > 
> > But since you're parsing the html anyway, you could rewrite 
> > them on the 
> > fly, too.
> > 
> > Your call.
> > 
> > 
> > > I wrote a CGI that opens an html file, reads it and sends
> > > it out (with some modification).  Now these files contain
> > > relative links of the form:
> > >   something
> > > Now when the client clicks on "something", only the relative
> > > paths appear to the CGI, and I cannot open the file.
> > >
> > > What should I do?
> > > 1. I could carry the last path in a cookie and construct
> > >   the full path.  But this would only work for nodes
> > >   that accept cookies.
> > >
> > > 2. I could change all the paths to absolute.  Much much
> > >   work.
> > >
> > > Any better suggestions?
> > >
> > > Thanks in advance.
> > > Mike.
> > >
> > >
> > > --
> > > Michael D. Berger
> > > [EMAIL PROTECTED]
> > >
> > >
> > >
> > > 
> > 
> -
> > > The official User-To-User support forum of the Apache HTTP 
> > Server Project.
> > > See http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > >   "   from the digest: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > 
> > --
> > 
> > [23:49:00] LarpGM: Did my little TP comment scare you off?
> > [23:49:22] ilzarion: no, the shrieking retarded child eating 
> > people did
> > 
> > -Feb 06, 2001, times apparent.
> > 
> > 
> > Dan Mahoney
> > Techie,  Sysadmin,  WebGeek
> > Gushi on efnet/undernet IRC
> > ICQ: 13735144   AIM: LarpGM
> > Site:  http://www.gushi.org
> > ---
> > 
> > 
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> > Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >"   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > 
> > 
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Newbie CGI: nested href

[Michael D. Berger]

Indeed, one "non-standard" link had to be corrected.
Later I'll run find...grep to check for other problems.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, June 04, 2005 10:37 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Newbie CGI: nested href
> 
> 
> On Sat, 4 Jun 2005, Michael D. Berger wrote:
> 
> > Problem solved by pathcing the href in the outgoing response.
> > Mike.
> 
> It was either that, or come up with some complex mod_rewrite 
> answer so 
> your users wouldn't see the cgi url but rather the url of 
> some page.  I 
> figured just tweaking the links (as long as you knew their 
> style to be 
> consistent) was easiest, even if it's not the "correct" answer.
> 
> -Dan
> 
> >
> > --
> > Michael D. Berger
> > [EMAIL PROTECTED]
> >
> >> -Original Message-
> >> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> >> Sent: Saturday, June 04, 2005 12:34 AM
> >> To: users@httpd.apache.org
> >> Subject: RE: [EMAIL PROTECTED] Newbie CGI: nested href
> >>
> >>
> >> I have a legacy tree with numerous branches, and many 
> relative links.
> >> I was hoping to get it all with one CGI.
> >> Mike.
> >>
> >> --
> >> Michael D. Berger
> >> [EMAIL PROTECTED]
> >>
> >>> -Original Message-
> >>> From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED]
> >>> Sent: Saturday, June 04, 2005 12:32 AM
> >>> To: Apache-Users
> >>> Subject: Re: [EMAIL PROTECTED] Newbie CGI: nested href
> >>>
> >>>
> >>> On Sat, 4 Jun 2005, Michael D. Berger wrote:
> >>>
> >>> Try putting the cgi in the same directory as the html file
> >>> and turning on
> >>> execCGI in that directory?  That's the easy answer.  I
> >>> suppose there's
> >>> something harder involving mod_rewrite.
> >>>
> >>> But since you're parsing the html anyway, you could rewrite
> >>> them on the
> >>> fly, too.
> >>>
> >>> Your call.
> >>>
> >>>
> >>>> I wrote a CGI that opens an html file, reads it and sends
> >>>> it out (with some modification).  Now these files contain
> >>>> relative links of the form:
> >>>>   something
> >>>> Now when the client clicks on "something", only the relative
> >>>> paths appear to the CGI, and I cannot open the file.
> >>>>
> >>>> What should I do?
> >>>> 1. I could carry the last path in a cookie and construct
> >>>>   the full path.  But this would only work for nodes
> >>>>   that accept cookies.
> >>>>
> >>>> 2. I could change all the paths to absolute.  Much much
> >>>>   work.
> >>>>
> >>>> Any better suggestions?
> >>>>
> >>>> Thanks in advance.
> >>>> Mike.
> >>>>
> >>>>
> >>>> --
> >>>> Michael D. Berger
> >>>> [EMAIL PROTECTED]
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >> 
> -
> >>>> The official User-To-User support forum of the Apache HTTP
> >>> Server Project.
> >>>> See http://httpd.apache.org/userslist.html> for more info.
> >>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>>>   "   from the digest: [EMAIL PROTECTED]
> >>>> For additional commands, e-mail: [EMAIL PROTECTED]
> >>>>
> >>>
> >>> --
> >>>
> >>> [23:49:00] LarpGM: Did my little TP comment scare you off?
> >>> [23:49:22] ilzarion: no, the shrieking retarded child eating
> >>> people did
> >>>
> >>> -Feb 06, 2001, times apparent.
> >>>
> >>>
> >>> Dan Mahoney
> >>> Techie,  Sysadmin,  WebGeek
> >>> Gushi on efnet/undernet IRC
> >>> ICQ: 13735144   AIM: LarpGM
> >>> Site:  http://www.gushi.org
> >>> ---
> >>>
> >>>
> >>>
> >> 
> --

[users@httpd] X's in HTTP GET

[Michael D. Berger]

Here is an excerpt from a GET packet from IE-6.0-SP-1 on Win2k:

Accept-Language: en-us\r\n
XXX: X\r\n
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n

What are all these X's?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] Missing User-Agent:

[Michael D. Berger]

I notice that Apache 2.0 rejects, with a 403,
a GET that does not have a User-Agent header,
and I to get some of these.

Why do I get them?
Why are they rejected?

Thanks,
Mike
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Missing User-Agent:

[Michael D. Berger]

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Sunday, June 05, 2005 12:03 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Missing User-Agent:
> 
> 
> On 6/4/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > I notice that Apache 2.0 rejects, with a 403,
> > a GET that does not have a User-Agent header,
> > and I to get some of these.
> > 
> > Why do I get them?
> > Why are they rejected?
> 
> Apache 2 certainly does not do this by default.  There must be
> someplace in your config that your are restricting based on
> User-Agent.
> 
> Joshua.

cd /etc/httpd/conf
vi httpd.conf
:set ignorecase
/user
/agent

I find nothing in the config file that suggests this.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Missing User-Agent:

[Michael D. Berger]

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Sunday, June 05, 2005 9:52 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Missing User-Agent:
> 
> 
> On 6/5/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > > On 6/4/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > > > I notice that Apache 2.0 rejects, with a 403,
> > > > a GET that does not have a User-Agent header,
> > > > and I to get some of these.
> > > >
> > > > Why do I get them?
> > > > Why are they rejected?
> > >
> > > Apache 2 certainly does not do this by default.  There must be
> > > someplace in your config that your are restricting based on
> > > User-Agent.
> > >
> > > Joshua.
> > 
> > cd /etc/httpd/conf
> > vi httpd.conf
> > :set ignorecase
> > /user
> > /agent
> > 
> > I find nothing in the config file that suggests this.
> 
> What about Include'd config files?
> 
> Other than that, you haven't mentioned the relevant error log and
> access log messages.  You also haven't mentioned if you are running a
> proxy in front of apache, or if apache is proxying to another server,
> etc.
> 
> As I said, apache doesn't do this by default.
> 
> Joshua.

I am using the configuration supplied with RH-E-W-3, with a few changes,
inclusing a virtual host and blocking of directory listing.  As you can
see from the log lines below, the block of directory listing is involved.
It is as if when a User-Agent is not supplied, it tries to list the
direcory, even though there is an index.html.  Why would this be?  I
don't know about the Include'd config files -- whatever RH set up.
Sorry for the long silence.
Mike.


halls-129-31-65-108.hor.ic.ac.uk - - [07/Jun/2005:09:42:01 -0400] "GET /
HTTP/1.1" 200 808 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB;
rv:1.7.8) Gecko/20050511 Firefox/1.0.4"

adsl-68-72-134-32.dsl.chcgil.ameritech.net - - [07/Jun/2005:13:52:47 -0400]
"GET / HTTP/1.0" 403 202 "-" "-"

[Tue Jun 07 13:52:47 2005] [error] [client 68.72.134.32] Directory index
forbidden by rule: /var/www/html/

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] NTLMSSP in ethereal

[Michael D. Berger]

On RH, I have been capturing http packets with tethereal
and examining them with ethereal.  In one obvious buffer
overflow attack I found:

   Frame size = 1506
   IP total length = 1492
   NTLMSSP data size = 1044

What is the NTLMSSP?  The hex dump shows it to be in
>addition< to the ethernet frame size, which to me,
does not make sense.

Thanks for your help,
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] Missing User-Agent:

[Michael D. Berger]

Thanks for your suggestion.  I caught the packets with tethereal
and found the problem:  I was addressed by IP address rather than
URL.  I reject these, especially since I use dynamic dns.  In
addition, the messages are buffer oferflow attacks.  I address
another issue with these in a message I just sent to the list.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: herauthon [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, June 11, 2005 9:16 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Missing User-Agent:
> 
> 
> compare yours with mine - and tell me if the fixed version would work.
> 
> 
> At 04:11 8-6-2005, you wrote:
> > > -Original Message-
> > > From: Joshua Slive [mailto:[EMAIL PROTECTED]
> > > Sent: Sunday, June 05, 2005 9:52 PM
> > > To: users@httpd.apache.org
> > > Subject: Re: [EMAIL PROTECTED] Missing User-Agent:
> > >
> > >
> > > On 6/5/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > > > > On 6/4/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > > > > > I notice that Apache 2.0 rejects, with a 403,
> > > > > > a GET that does not have a User-Agent header,
> > > > > > and I to get some of these.
> > > > > >
> > > > > > Why do I get them?
> > > > > > Why are they rejected?
> > > > >
> > > > > Apache 2 certainly does not do this by default.  There must be
> > > > > someplace in your config that your are restricting based on
> > > > > User-Agent.
> > > > >
> > > > > Joshua.
> > > >
> > > > cd /etc/httpd/conf
> > > > vi httpd.conf
> > > > :set ignorecase
> > > > /user
> > > > /agent
> > > >
> > > > I find nothing in the config file that suggests this.
> > >
> > > What about Include'd config files?
> > >
> > > Other than that, you haven't mentioned the relevant error log and
> > > access log messages.  You also haven't mentioned if you 
> are running a
> > > proxy in front of apache, or if apache is proxying to 
> another server,
> > > etc.
> > >
> > > As I said, apache doesn't do this by default.
> > >
> > > Joshua.
> >
> >I am using the configuration supplied with RH-E-W-3, with a 
> few changes,
> >inclusing a virtual host and blocking of directory listing.  
> As you can
> >see from the log lines below, the block of directory listing 
> is involved.
> >It is as if when a User-Agent is not supplied, it tries to list the
> >direcory, even though there is an index.html.  Why would this be?  I
> >don't know about the Include'd config files -- whatever RH set up.
> >Sorry for the long silence.
> >Mike.
> >
> >
> >halls-129-31-65-108.hor.ic.ac.uk - - [07/Jun/2005:09:42:01 
> -0400] "GET /
> >HTTP/1.1" 200 808 "-" "Mozilla/5.0 (Windows; U; Windows NT 
> 5.1; en-GB;
> >rv:1.7.8) Gecko/20050511 Firefox/1.0.4"
> >
> >adsl-68-72-134-32.dsl.chcgil.ameritech.net - - 
> [07/Jun/2005:13:52:47 -0400]
> >"GET / HTTP/1.0" 403 202 "-" "-"
> >
> >[Tue Jun 07 13:52:47 2005] [error] [client 68.72.134.32] 
> Directory index
> >forbidden by rule: /var/www/html/
> >
> >--
> >Michael D. Berger
> >[EMAIL PROTECTED]
> >
> >
> >
> >-
> >The official User-To-User support forum of the Apache HTTP 
> Server Project.
> >See http://httpd.apache.org/userslist.html> for more info.
> >To unsubscribe, e-mail: [EMAIL PROTECTED]
> >"   from the digest: [EMAIL PROTECTED]
> >For additional commands, e-mail: [EMAIL PROTECTED]
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] logging from cgi

[Michael D. Berger]

In order to get logging from my cgi I proceeded as shown
below.  Is this correct?  It did not seem to be working
all of the time, but I am not sure.

In syslog.conf:
   local0.*   /var/log/httpd/cgi

In c++ cgi:
   openlog("cgi",LOG_PID|LOG_NDELAY|LOG_NOWAIT,LOG_LOCAL0);
   syslog(LOG_INFO,"entered");
   closelog();

Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] logging from cgi

[Michael D. Berger]

I quote from the Apacle 2.0 ScriptLog:

   Note that script logging is meant to be a debugging
   feature when writing CGI scripts, and is not meant
   to be activated continuously on running servers. It
   is not optimized for speed or efficiency, and may
   have security problems if used in a manner other
   than that for which it was designed.

Now I would like to log certain specific aspects of my
cgi activity on a "continuously running server".  Perhaps
I should just open a file and write to it?  This is how I
have been debugging. On the other, I like the files:
cgi, cgi.1, cgi.2, etc. that I think syslog will
generate.

Further suggestions much appreciated.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Boyle Owen [mailto:[EMAIL PROTECTED] 
> Sent: Monday, June 20, 2005 4:21 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] logging from cgi
> 
> 
> > -Original Message-
> > From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> > Sent: Samstag, 18. Juni 2005 21:25
> > To: Apache-Users
> > Subject: [EMAIL PROTECTED] logging from cgi
> > 
> > 
> > In order to get logging from my cgi I proceeded as shown
> > below.  Is this correct?  It did not seem to be working
> > all of the time, but I am not sure.
> 
> You might like to try apache's built in ScriptLog (see docs 
> for details) rather than messing around with syslog... 
> (syslog is for logging system processes. Apache is an application).
> 
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored. 
> 
> > 
> > In syslog.conf:
> >local0.*   /var/log/httpd/cgi
> > 
> > In c++ cgi:
> >    openlog("cgi",LOG_PID|LOG_NDELAY|LOG_NOWAIT,LOG_LOCAL0);
> >syslog(LOG_INFO,"entered");
> >closelog();
> > 
> > Thanks,
> > Mike.
> > --
> > Michael D. Berger
> > [EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [users@httpd] logging from cgi

[Michael D. Berger]

Very interesting.  Do you think that it is better
than syslog for my purpose?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Bohumil Holubec [mailto:[EMAIL PROTECTED] 
> Sent: Monday, June 20, 2005 10:33 PM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] logging from cgi
> 
> 
> files cgi, cgi.1, cgi.2 ... can be create by logrotate daemon (man 
> logrotate)
> In /etc/logrotate.conf or rather /etc/logrotate.d/mycgi you 
> can write for 
> example:
> /var/log/cgi {
>  rotate 10
>  weekly
>  compress
>  missingok
> }
> 
> 
> 
> 
> On Mon, 20 Jun 2005, Michael D. Berger wrote:
> 
> > I quote from the Apacle 2.0 ScriptLog:
> >
> >   Note that script logging is meant to be a debugging
> >   feature when writing CGI scripts, and is not meant
> >   to be activated continuously on running servers. It
> >   is not optimized for speed or efficiency, and may
> >   have security problems if used in a manner other
> >   than that for which it was designed.
> >
> > Now I would like to log certain specific aspects of my
> > cgi activity on a "continuously running server".  Perhaps
> > I should just open a file and write to it?  This is how I
> > have been debugging. On the other, I like the files:
> > cgi, cgi.1, cgi.2, etc. that I think syslog will
> > generate.
> >
> > Further suggestions much appreciated.
> > Mike.
> >
> > --
> > Michael D. Berger
> > [EMAIL PROTECTED]
> >
> >> -Original Message-
> >> From: Boyle Owen [mailto:[EMAIL PROTECTED]
> >> Sent: Monday, June 20, 2005 4:21 AM
> >> To: users@httpd.apache.org
> >> Subject: RE: [EMAIL PROTECTED] logging from cgi
> >>
> >>
> >>> -Original Message-
> >>> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> >>> Sent: Samstag, 18. Juni 2005 21:25
> >>> To: Apache-Users
> >>> Subject: [EMAIL PROTECTED] logging from cgi
> >>>
> >>>
> >>> In order to get logging from my cgi I proceeded as shown
> >>> below.  Is this correct?  It did not seem to be working
> >>> all of the time, but I am not sure.
> >>
> >> You might like to try apache's built in ScriptLog (see docs
> >> for details) rather than messing around with syslog...
> >> (syslog is for logging system processes. Apache is an application).
> >>
> >> Rgds,
> >> Owen Boyle
> >> Disclaimer: Any disclaimer attached to this message may be ignored.
> >>
> >>>
> >>> In syslog.conf:
> >>>local0.*   /var/log/httpd/cgi
> >>>
> >>> In c++ cgi:
> >>>openlog("cgi",LOG_PID|LOG_NDELAY|LOG_NOWAIT,LOG_LOCAL0);
> >>>syslog(LOG_INFO,"entered");
> >>>closelog();
> >>>
> >>> Thanks,
> >>> Mike.
> >>> --
> >>> Michael D. Berger
> >>> [EMAIL PROTECTED]
> >
> >
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >   "   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Problem with Redirect

[Michael D. Berger]

I have not been able to get Redirect to work.  Particulars
are below.  Advice would be much appreciated.

Thanks,
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 
--

DNS has cnames www.mysite.net and test.mysite.net

Linksys routes port 80 to 192.168.1.10

On 192.168.1.10, running RH-E-WS-3:
   (I will soon install WS-4, but it is 235 days since the
last reboot, and I loathe to stop it.)

rpm -q httpd httpd-2.0.46-25.ent

In /etc/hosts:

192.168.1.11   test.mysite.net

In httpd.conf:


   ServerName www.mysite.net
   DocumentRoot "/var/www/html/www"



   ServerName test.mysite.net
#   DocumentRoot "/var/www/html/www"  # I tried with and without this
   Redirect /index.html http://test.mysite.net/index.html


# I tried numerous versions of Redirect and RedirectMatch.

#From a remote site, http://test.mysite.net finds nothing, although
#192.168.1.10 shows 302 in its log.

#From 192.168.1.10, telnet test.mysite.net 80 followed
#by GET succeeds as expected.



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] Block File Types

[Michael D. Berger]

I would like to prevent Apache 2.0 from sending any
file of a particular type.  In my VirtualHost I put:

   RewriteEngine on
   RewriteCond %{REQUEST_URI} ^.*notThis\?*$
   RewriteRule ^.*$ /zzz [L]

Is there a better way?

Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Block File Types

[Michael D. Berger]

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, August 06, 2005 11:40 AM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Block File Types
> 
> 
> On 8/6/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > I would like to prevent Apache 2.0 from sending any
> > file of a particular type.  In my VirtualHost I put:
> > 
> >   RewriteEngine on
> >   RewriteCond %{REQUEST_URI} ^.*notThis\?*$
> >   RewriteRule ^.*$ /zzz [L]
> > 
> > Is there a better way?
> 
> 
> Order Allow,Deny
> Deny from all
> 
> 
> But watch for configuration merging issues (this could be overriden by
>  sections).  Also, I have no idea what the \? is supposed to
> be doing.
> 
> Joshua.
> 
Thanks for this help; it works as advertised. The \?* deals with the
situation in which there are arguments in the request.  Experiment
shows that with yout method, the \?* is not necessary.

Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Block File Types

[Michael D. Berger]

> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED] 
> Sent: Saturday, August 06, 2005 10:19 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Block File Types
> 
> 
> On 8/6/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> > Thanks for this help; it works as advertised. The \?* deals with the
> > situation in which there are arguments in the request.  Experiment
> > shows that with yout method, the \?* is not necessary.
> 
> I was afraid of that.  The query string is not matched either in
>  or in %{REQUEST_URI}.  If you need to match against the query
> string, then you need to use mod_rewrite's %{QUERY_STRING} variable. 
> But I guess in your case it doesn't matter.
> 
> Joshua.

You are correct.  In this case, I only wanted to prevent
the argument string from intefering with detection of the
file I do not want to send.  Should I perhaps use both
methods, since in any case, I have the RewriteEngine
running for other reasons?

Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] NTLMSSP attacks

[Michael D. Berger]

On RH-E-WS-4 using Apache 2.0 running a very small
web site, using a virtual host and a cgi that sees
all inputs, but only allows GET.

I have been receiving NTLMSSP attacks as often as
several per hour.  Sniffing with tethereal, and
examining with ethereal, I see:

   GET / HTTP/1.0\r\n
   Host: 
   Authorization: Negotiate 
  NTLMSSP identifter: 
  NTLM Message type: Unknown 
  Unrecognized NTLMSSP Message
  

I respond as for a normal GET.  I would like to:

1. Not respond.
  So far, the only way my cgi can distinguish these from my
  usual traffic is by the absence of both User-Agent and Accept
  headers. I tried several environment variables, but I
  have not been able to see the Authorization header.

  * Should I use the information I have to reject?
  * Is there a better way?

2. Drop the connection before I get the continuation packets.
  I can do this with Netfilter QUEUE, put this requires
  parsing many packets twice: once in Netfilter, and
  once in Apache.

  * Is there a way to detect the first attack packet and
close the connection in Apache?

Any other suggestions?

Thanks in advance for your help.

Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

The following:

   ...
   RewriteEngine on
   RewriteCond %{REQUEST_URI} !^.*/picts/.*$
   RewriteRule ^/.*\.html(\?.*$)? /index.cgi$2 [L]
   RewriteCond %{REQUEST_URI} !^.*/picts/.*$
   RewriteRule ^/(.*/)?$ /index.cgi [L]


sends
   GET /favicon.ico
to index.cgi .  I would not expect this because it
does not appear to match any pattern.  Wherein do
I err?

Thanks for your help.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

Sorry, I forgot to mention: RH-E-WS-4 httpd-2.0.52-9.ent
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED] 
> Sent: Monday, October 31, 2005 9:24 PM
> To: Apache-Users
> Subject: [EMAIL PROTECTED] unexpected RewriteRule behavior
> 
> 
> The following:
> 
>...
>RewriteEngine on
>RewriteCond %{REQUEST_URI} !^.*/picts/.*$
>RewriteRule ^/.*\.html(\?.*$)? /index.cgi$2 [L]
>RewriteCond %{REQUEST_URI} !^.*/picts/.*$
>RewriteRule ^/(.*/)?$ /index.cgi [L]
> 
> 
> sends
>GET /favicon.ico
> to index.cgi .  I would not expect this because it
> does not appear to match any pattern.  Wherein do
> I err?
> 
> Thanks for your help.
> Mike.
> 
> --
> Michael D. Berger
> [EMAIL PROTECTED] 
> 
> 
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

[...]
> From: Rich Bowen [mailto:[EMAIL PROTECTED] 
[...]
> Michael D. Berger wrote:
> > The following:
> 
> >RewriteCond %{REQUEST_URI} !^.*/picts/.*$
> >RewriteRule ^/(.*/)?$ /index.cgi [L]
> > 
> > sends
> >GET /favicon.ico
> > to index.cgi .  I would not expect this because it
> > does not appear to match any pattern.  Wherein do
> > I err?
> 
> The REQUEST_URI is /favicon.ico, and this matches 
> !^.*/picts/.*$ - that
> is, it's a string that doesn't contain /picts/ anywhere in it.
> It also matches the RewriteRule pattern ^/(.*/)?$ because it 
> starts with
> a slash, and doesn't contain the optional "something followed 
> by a slash".
> So, according to this ruleset, it's supposed to rewrite that 
> to /index.cgi
> 
> So it seems that it's doing exactly what you asked for it to do.
> 
> The real question is what you're trying to do with this 
> rewrite ruleset,
> since that's not really evident.

The picts line is functioning as expected.  Such lines are
handled differently elsewhere. With regard to the RewriteRule
line, this is functioning correctly only of you ignore the
'$' end-of-line anchor.  From a linux box:

   echo // | grep -P "^/(.*/)?$"
   //
   echo / | grep -P "^/(.*/)?$"
   /
   echo /x.y | grep -P "^/(.*/)?$"
   echo /x.y/ | grep -P "^/(.*/)?$"
   /x.y/

Notice the one line that doesn't echo.  BTW, this is exactly
what I am trying to do.  The question is why the difference
between grep -P and RewriteRule?  I have yet to follow the
advice in another response and turn on logging.

Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 

[...]



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED] 
[...]
> [...]
> > From: Rich Bowen [mailto:[EMAIL PROTECTED] 
> [...]
> > Michael D. Berger wrote:
> > > The following:
> > 
> > >RewriteCond %{REQUEST_URI} !^.*/picts/.*$
> > >RewriteRule ^/(.*/)?$ /index.cgi [L]
> > > 
> > > sends
> > >GET /favicon.ico
> > > to index.cgi .  I would not expect this because it
> > > does not appear to match any pattern.  Wherein do
> > > I err?
> > 
> > The REQUEST_URI is /favicon.ico, and this matches 
> > !^.*/picts/.*$ - that
> > is, it's a string that doesn't contain /picts/ anywhere in it.
> > It also matches the RewriteRule pattern ^/(.*/)?$ because it 
> > starts with
> > a slash, and doesn't contain the optional "something followed 
> > by a slash".
> > So, according to this ruleset, it's supposed to rewrite that 
> > to /index.cgi
> > 
> > So it seems that it's doing exactly what you asked for it to do.
> > 
> > The real question is what you're trying to do with this 
> > rewrite ruleset,
> > since that's not really evident.
> 
> The picts line is functioning as expected.  Such lines are
> handled differently elsewhere. With regard to the RewriteRule
> line, this is functioning correctly only of you ignore the
> '$' end-of-line anchor.  From a linux box:
> 
>echo // | grep -P "^/(.*/)?$"
>//
>echo / | grep -P "^/(.*/)?$"
>/
>echo /x.y | grep -P "^/(.*/)?$"
>echo /x.y/ | grep -P "^/(.*/)?$"
>/x.y/
> 
> Notice the one line that doesn't echo.  BTW, this is exactly
> what I am trying to do.  The question is why the difference
> between grep -P and RewriteRule?  I have yet to follow the
> advice in another response and turn on logging.

In my attempts to log the problem, I find that I cannot
reproduce it.  It is now functioning correctly.  I added
some more detail to the error log and we can only wait.
Since my daily traffic averages about 5 legitimate hits,
and 50 attacks ("herbs": you are not alone), patience may
be required.

Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 
[...]



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

> -Original Message-
> From: Rich Bowen [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, November 01, 2005 7:24 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] unexpected RewriteRule behavior
> 
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Michael D. Berger wrote:
> > [...]
> > 
> >>From: Rich Bowen [mailto:[EMAIL PROTECTED] 
> > 
> > [...]
> > 
> >>Michael D. Berger wrote:
> >>
> >>>The following:
> >>
> >>>   RewriteCond %{REQUEST_URI} !^.*/picts/.*$
> >>>   RewriteRule ^/(.*/)?$ /index.cgi [L]
> 
> ...
> 
> > The picts line is functioning as expected.  Such lines are
> > handled differently elsewhere. With regard to the RewriteRule
> > line, this is functioning correctly only of you ignore the
> > '$' end-of-line anchor.  From a linux box:
> > 
> >echo // | grep -P "^/(.*/)?$"
> >//
> >echo / | grep -P "^/(.*/)?$"
> >/
> >echo /x.y | grep -P "^/(.*/)?$"
> 
> That's correct. It doesn't match, because the (.*/) is optional, and
> when it's *not* there, then the regex is equivalent to ^/$ - ie, it
> insists that it ends with the slash, which this string does not do.
> 
> >echo /x.y/ | grep -P "^/(.*/)?$"
> >/x.y/
> > 
> > Notice the one line that doesn't echo.  BTW, this is exactly
> > what I am trying to do.  The question is why the difference
> > between grep -P and RewriteRule?  I have yet to follow the
> > advice in another response and turn on logging.
> 
> I'm sorry, it's still not clear what you're trying to accomplish with
> these rules. Can you state in words what the rules are 
> supposed to solve?
> 
> - --
> Rich Bowen
> [EMAIL PROTECTED]

What the rules are "supposed to solve" is not relevant to this
discussion. This is what they are >supposed to do<.

Do not change anything with "picts" in it.

For the rule above:
Change to /index.cgi for:
   /
   anything that both begins and ends in "/", i.e. "/.*/"

The other rule, not shown here, was incorrect.  The corrected version is:
   RewriteRule ^/.*\.html(\?.*$)? /index.cgi$1 [L]

This will call /index.cgi for any URL that begins in "/", ends in ".html",
and optionally has argumenmts following a ?.  If there are arguments,
they will be passed to index.cgi.

Perhaps there is difficulty because it is not obvious why I would want
to do this.  Suffice it to say that index.cgi is rather complex.

Mike.
--
Michael D. Berger
[EMAIL PROTECTED] 

[...]



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] unexpected RewriteRule behavior

[Michael D. Berger]

[...]
> > Do not change anything with "picts" in it.
> 
> You might try prefacing the entire thing with
> 
> RewriteRule picts - [L]
> 
> > For the rule above:
> > Change to /index.cgi for:
> >/
> >anything that both begins and ends in "/", i.e. "/.*/"
> 
> That might be:
> 
> RewriteRule ^/$ /index.cgi [PT,QSA]
> RewriteRule ^/.+/$ /index.cgi [PT,QSA]
> 

Thanks for these suggestions; I'll try them.

I note that on my system, QUERY_STRING appears if there
are arguments, without the QSA specification.

Why do you use "PT" rather than "L"?

> > The other rule, not shown here, was incorrect.  The 
> corrected version is:
> >RewriteRule ^/.*\.html(\?.*$)? /index.cgi$1 [L]
> > 
> > This will call /index.cgi for any URL that begins in "/", 
> ends in ".html",
> > and optionally has argumenmts following a ?.  If there are 
> arguments,
> > they will be passed to index.cgi.
> 
> There's one problem with this approach. The arguments 
> following a ? are
> not part of what you are allowed to consider in a 
> RewriteRule. That is,
> RewriteRule considers the REQUEST_URI, not including the 
> http:// or the
> hostname or the QUERY_STRING (the QUERY_STRING is the bit 
> starting with
> the ?). If you want to retain the QUERY_STRING, you need to 
> use the QSA
> flag (QUERY STRING APPEND) to do that. Granted, there's a 
> chance that it
> appeared to be working anyway, because of the trailing ? making the
> whole thing optional.

I have read that the arguments should not be used, and no doubt
it is best to follow this directive.  I note, however, that,
as verified by debug logging, the arguments following ?
do appear in argv of index.cgi (C++), suggesting that RewriteRule
does see the arguments.  Aside from that, I wonder if there is any
reason not to use argv[0] to determine the current directory?  (I
note that in some cases other than those discussed here, , cgi is
called from directories other than / .)

[...]

> 
> - --
> Rich Bowen
> 

Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [EMAIL PROTECTED] Configuring apache as a gateway for another domain on another server

[Michael D. Berger]

If nothing else is suggested, I think that this could be done
with NetFilter (http://www.netfilter.org/).  Hopefully, something
else will be suggested.
Mike.

--
Michael D. Berger
[EMAIL PROTECTED] 

> -Original Message-
> From: Bart Heinsius [mailto:[EMAIL PROTECTED] 
> Sent: Sunday, November 06, 2005 9:14 AM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Configuring apache as a gateway 
> for another domain on another server
> 
> 
> From what I read in the documentation, mod_proxy works for routing
> requests for www.d1.com/myapp1 and www.d1.com/myapp2 (notice that both
> url's are in the d1.com domain) to be served by different servers on
> the internal network.
> 
> What I want is to route requests for www.d1.com and www.d2.com to
> different servers (notice the difference in domain names), where
> www.d1.com and www.d2.com have the same ip address in the outside
> world dns.
> 
> With Virtual Hosts I can manage different domain names to be served
> from different directories.
> With mod_proxy I can manage different url's on the same domain to be
> served by different servers.
> I need a combination of both: different domain names being served by
> different servers.
> 
> Thanks,
> Bart.
> 
> On 11/6/05, Nick Kew <[EMAIL PROTECTED]> wrote:
> > On Sunday 06 November 2005 12:10, Bart Heinsius wrote:
> > > Hi,
> > >
> > > I have two servers on my internal network with apache on 
> them, lets
> > > say m1 and m2.
> > > I want to host two domains on my network, lets say www.d1.com and
> > > www.d2.com. The router routes all external http requests 
> to server m1.
> > > External requests for www.d1.com should be processed by 
> apache on server
> > > m1. External requests for www.d2.com should be processed 
> by apache on
> > > server m2. How would I do this?
> > > I googled around and looked on apache.org which directed met to
> > > mod_proxy but I don't think that works in this situation.
> >
> > mod_proxy is exactly what you need.  see also
> > http://www.apacheweek.com/features/reverseproxies
> >
> > --
> > Nick Kew
> >
> > 
> -
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> >"   from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> 
> -
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>"   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 
> 



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[users@httpd] cannot run mod_status

[Michael D. Berger]

On my CentOS 5 box with:

   #rpm -q httpd
   httpd-2.2.3-43.el5.centos.3

I tried to activate mod_status with:

   ExtendedStatus On

   
   SetHandler server-status
   Order deny,allow
   Deny from all
   Allow from 192.168.9.0/24 127.0.0.1
   

I already have:

   LoadModule status_module modules/mod_status.so

I tried access from the local box as well as another box
on 192.168.9.0/24 .  I get 403.

Any suggestions on what to look at?  BTW, I am using VirtualHost.

Thanks,
Mike.












-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Re: cannot run mod_status

[Michael D. Berger]

On Tue, 05 Apr 2011 09:56:08 -0400, Yehuda Katz wrote:

> The first thing I always try is removing/commenting the access control
> directives, something like this:
> 
> SetHandler server-status
> #  Order deny,allow
> #  Deny from all
> #  Allow from 192.168.9.0/24 127.0.0.1 
> 
> Then you will know if it is a problem with those directives or somewhere
> else.

Thanks.  I tried it and I still get 403.

Mike.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Re: cannot run mod_status

[Michael D. Berger]

On Tue, 05 Apr 2011 10:31:01 -0400, Yehuda Katz wrote:

> Thanks.  I tried it and I still get 403.
>>
>>
> The next thing that I try is explicitly setting Allow from all: Order
> allow,deny
> Allow from all

Same result, 403 when I do:

   http://my.stuff.net/server-status

I note that I also get 403 for:

   http://my.stuff.net/AnyOldJunk


Since I have no file or directory named "server-status",
I assume that Apache is supposed to give this name special
treatment, but it is not doing it.

Mike.



Mike.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Re: cannot run mod_status

[Michael D. Berger]

On Tue, 05 Apr 2011 14:28:34 -0400, Yehuda Katz wrote:

> [[RESEND]]
> 
> On Tue, Apr 5, 2011 at 10:43 AM, Michael D. Berger <
> m_d_berger_1...@yahoo.com> wrote:
> 
>> Same result, 403 when I do:
>>   /server-status
>>  I note that I also get 403 for:
>>   /AnyOldJunk
>>
>> Since I have no file or directory named "server-status", I assume that
>> Apache is supposed to give this name special treatment, but it is not
>> doing it.
>>
>>
> You should get a 404 when you go to /AnyOldJunk, not a 403. Because you
> get a 403, there is probably some other configuration error in the
> vhost.
> 
[...]

PROBLEM SOLVED.  Following suggestion, I took
a close look at VirtualHost.  It was not the problem, but I
note that the reason I get the 403 is because the last line
in my VirtualHost is:

RewriteRule ^.*$ - [F,L]

It is the 'F' that generates the 403.  To make the server-status
work, in the VirtualHost I need:

   RewriteRule ^/server-status.*$ - [L]

somewhere near the top.

But that is not all. In  I need:

   RewriteRule ^server-status.*$ - [L]

Note the difference in the '/' between  and
.  It must be exactly as shown or it will not
work.

Thanks again for your help.

Mike.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Chrome 300 Problem

[Michael D. Berger]

Running:
# rpm -q httpd
httpd-2.2.3-31.el5.centos.4
On:
# uname -a
Linux mbrc20 2.6.18-164.15.1.el5 #1 SMP Wed Mar 17 11:37:14 EDT 2010 i686 
athlon i386 GNU/Linux

Accessing a directory:
www.myplace.net/here/there/
where both "here" and "there" require httpd access, while 
www.myplace.net/ does not,

Using Chrome, the user gets a "300 Multiple Choices" response,
(with no choices offered) while when using Firefox, there is
no problem, and a proper login is requested.

I note that the directory "there" contains numerous subdirectories,
but only one other file: there/there.html .

Any suggestions?
Thanks,
Mike.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] LogMessage not working

[Michael D. Berger]

I am converting my old complex httpd.config from 2.2 to 2.4, and
having numerous problems.  I added mod_log_debug, but I cannot get
LogMessage to work.  Here is one of numerous things I tried inside
a VirtualHost that is working up to a point:


   LogMessage "herebefore02 httpdViMn" hook=type_checker expr=true


The message does not appear the log files.  I have seen on the web
that I have to "enable" mod_log_debug, but I have not seen how to
do that.

Thanks for any advice.  Perhaps there is another way to print
things from various parts of the config file?

Happy New Year!
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] LogMessage not working

[Michael D. Berger]

> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de] 
> Sent: Friday, January 01, 2016 05:56
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] LogMessage not working
> 
> Am 01.01.2016 um 03:55 schrieb Michael D. Berger:
> > I am converting my old complex httpd.config from 2.2 to 2.4, and 
> > having numerous problems.  I added mod_log_debug, but I cannot get 
> > LogMessage to work.  Here is one of numerous things I tried 
> inside a 
> > VirtualHost that is working up to a point:
> >
> > 
> > LogMessage "herebefore02 httpdViMn" hook=type_checker expr=true 
> > 
> >
> > The message does not appear the log files.  I have seen on the web 
> > that I have to "enable" mod_log_debug, but I have not seen 
> how to do 
> > that.
> >
> > Thanks for any advice.  Perhaps there is another way to 
> print things 
> > from various parts of the config file?
> 
> How is LogLevel set in your config?
> 
> Quoting from the docs, the messages logged by mod_log_debug 
> "are logged at loglevel info." So if your server runs with 
> "LogLevel warn", they won't be logged. In that case use
> 
>LogLevel warn log_debug:info
> 
> instead, and start wth a simple
> 
>
>  LogMessage "herebefore02 httpdViMn"
>
> 
> before trying more complex constructs.
> 
> Regards,
> 
> Rainer

Thanks, but the above suggestions did not work.

I also tried:

   LogLevel info

which also didn't work.  I did follow your suggestion for a simpler message.
FWIW, I forgot to mention that I am on Fedora 23.

Any other suggestions?

Mike.


--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] LogMessage not working

[Michael D. Berger]

> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de] 
> Sent: Friday, January 01, 2016 19:07
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] LogMessage not working
> 
> Am 01.01.2016 um 22:55 schrieb Michael D. Berger:
> >> -Original Message-
> >> From: Rainer Jung [mailto:rainer.j...@kippdata.de]
> >> Sent: Friday, January 01, 2016 05:56
> >> To: users@httpd.apache.org
> >> Subject: Re: [users@httpd] LogMessage not working
> >>
> >> Am 01.01.2016 um 03:55 schrieb Michael D. Berger:
> >>> I am converting my old complex httpd.config from 2.2 to 2.4, and 
> >>> having numerous problems.  I added mod_log_debug, but I 
> cannot get 
> >>> LogMessage to work.  Here is one of numerous things I tried
> >> inside a
> >>> VirtualHost that is working up to a point:
> >>>
> >>> 
> >>>  LogMessage "herebefore02 httpdViMn" 
> hook=type_checker expr=true 
> >>> 
> >>>
> >>> The message does not appear the log files.  I have seen 
> on the web 
> >>> that I have to "enable" mod_log_debug, but I have not seen
> >> how to do
> >>> that.
> >>>
> >>> Thanks for any advice.  Perhaps there is another way to
> >> print things
> >>> from various parts of the config file?
> >>
> >> How is LogLevel set in your config?
> >>
> >> Quoting from the docs, the messages logged by mod_log_debug "are 
> >> logged at loglevel info." So if your server runs with "LogLevel 
> >> warn", they won't be logged. In that case use
> >>
> >> LogLevel warn log_debug:info
> >>
> >> instead, and start wth a simple
> >>
> >> 
> >>   LogMessage "herebefore02 httpdViMn"
> >> 
> >>
> >> before trying more complex constructs.
> >>
> >> Regards,
> >>
> >> Rainer
> >
> > Thanks, but the above suggestions did not work.
> >
> > I also tried:
> >
> > LogLevel info
> >
> > which also didn't work.  I did follow your suggestion for a 
> simpler message.
> > FWIW, I forgot to mention that I am on Fedora 23.
> >
> > Any other suggestions?
> 
> Do your requests actually hit the right vhost, the one into 
> which you had put the LogMessage? Can you see the request in 
> the access log if you add a separate access log in the same vhost?
> 
> Or in case you put the LogMessage into the global server: 
> could it be that your request hits a vhost instead?
> 
> Regards,
> 
> Rainer

Yes that was it! I was hitting the wrong vhost, which I confirmed
by commenting out all the other vhosts. Problem solved.

Thanks,
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Possible virus via httpd server

[Michael D. Berger]

Using my WinXP Firefox client to access my previously working httpd 2.4
server
on Fedora 23 gets a file named 1OfvyQ5L instead of my index.html .  Do you
think I have a
virus on my Linux box?  I did notice that my iptables is not as tight as it
should be.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

Examining with Lemmy (A Windows version of VI), it looks like a binary file.
Size is 181.4 KB.
I am considering my favorite virus remover: DBAN, but it would take several
days work to
recover from that.

Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  

> -Original Message-
> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk] 
> Sent: Monday, January 04, 2016 05:03
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] Possible virus via httpd server
> 
> Well, what do you see if you examine the file in a text editor?
> 
> > -Original Message-----
> > From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> > Sent: 04 January 2016 05:03
> > To: Apache-Users
> > Subject: [users@httpd] Possible virus via httpd server
> > 
> > Using my WinXP Firefox client to access my previously working httpd 
> > 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my 
> > index.html .  Do you think I have a virus on my Linux box?  I did 
> > notice that my iptables is not as tight as it should be.
> > 
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> >  
> > 
> > 
> > 
> -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> > 
> > 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

Following your suggestion, I made use of my daily backups to install
the httpd.conf from two days ago, when all was well. The problem was
the same.  I tried sublitting a file to sophos, but I would have to
join, and I am not ready for that.  See also my next email.

Still heading toward DBAN.

Thanks,
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  

> -Original Message-
> From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk] 
> Sent: Monday, January 04, 2016 11:25
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus via httpd server
> 
> Hi Mike.
> 
> You might like to send this to sophos for analysis:
> 
> https://www.sophos.com/en-us/support/knowledgebase/11490.aspx
> 
> As index.html is the default page if nothing else is 
> configured, has your httpd.conf file been modified to server 
> this binary file instead of index.html?
> 
> HTH,
> 
> Keith Roberts
> 
> On 4 Jan 2016, at 16:18, Michael D. Berger 
>  wrote:
> 
> > Warning: This message contains unverified links which may 
> not be safe.  You should only click links if you are sure 
> they are from a trusted source.
> > Examining with Lemmy (A Windows version of VI), it looks 
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take 
> > several days work to recover from that.
> > 
> > Mike.
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> > 
> > 
> >> -Original Message-
> >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@httpd.apache.org
> >> Subject: RE: [users@httpd] Possible virus via httpd server
> >> 
> >> Well, what do you see if you examine the file in a text editor?
> >> 
> >>> -Original Message-
> >>> From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> >>> Sent: 04 January 2016 05:03
> >>> To: Apache-Users
> >>> Subject: [users@httpd] Possible virus via httpd server
> >>> 
> >>> Using my WinXP Firefox client to access my previously 
> working httpd
> >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my 
> >>> index.html .  Do you think I have a virus on my Linux box?  I did 
> >>> notice that my iptables is not as tight as it should be.
> >>> 
> >>> --
> >>> Michael D. Berger
> >>> m.d.ber...@ieee.org
> >>> http://www.rosemike.net/
> >>> 
> >>> 
> >>> 
> >>> 
> >> 
> -
> >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >>> For additional commands, e-mail: users-h...@httpd.apache.org
> >>> 
> >>> 
> >> 
> -
> >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >> For additional commands, e-mail: users-h...@httpd.apache.org
> >> 
> > 
> > 
> > 
> -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> > 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

I tried the submission you suggest.  It said it is an executable file,
suitable for my Linux box.  I don't think I am about to run it.  Note that
my ESET NOD32 virus software finds nothing wrong with it.

Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  

> -Original Message-
> From: Kent Frazier [mailto:frazier...@sbcglobal.net] 
> Sent: Monday, January 04, 2016 13:57
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus via httpd server
> 
> 
> You might try submitting the file at 
> https://www.virustotal.com and see what it detects.
> 
> On 1/4/16 8:18 AM, Michael D. Berger wrote:
> > Examining with Lemmy (A Windows version of VI), it looks 
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take 
> > several days work to recover from that.
> >
> > Mike.
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> >
> >
> >> -Original Message-
> >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@httpd.apache.org
> >> Subject: RE: [users@httpd] Possible virus via httpd server
> >>
> >> Well, what do you see if you examine the file in a text editor?
> >>
> >>> -Original Message-
> >>> From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> >>> Sent: 04 January 2016 05:03
> >>> To: Apache-Users
> >>> Subject: [users@httpd] Possible virus via httpd server
> >>>
> >>> Using my WinXP Firefox client to access my previously 
> working httpd
> >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my 
> >>> index.html .  Do you think I have a virus on my Linux box?  I did 
> >>> notice that my iptables is not as tight as it should be.
> >>>
> >>> --
> >>> Michael D. Berger
> >>> m.d.ber...@ieee.org
> >>> http://www.rosemike.net/
> >>>
> >>>
> >>>
> >>>
> >> 
> -
> >>
> >>
> 
> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

It was not overwritten.  If you looked on the server, it was just fine.
But an executable was delivered instead.  In any case, it is gone
with the wind -- DBAN is now running on the server. Hopefully,
the reinstallation will work better.
 
Mike.
 
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  
 


  _  

From: Dino B. [mailto:mypascal2...@gmail.com] 
Sent: Monday, January 04, 2016 19:36
To: users@httpd.apache.org
Subject: RE: [users@httpd] Possible virus via httpd server



Hmmm, index. Html is just default page???  Strange that that it got
overwritten by some executable

--
Dino Buljubasic


--
Dino Buljubasic
Cell 604 441 3560

Please pardon my brevity - sent from my mobile device.  Please excuse any
typos.

On Jan 4, 2016 12:38, "Michael D. Berger"  wrote:


Following your suggestion, I made use of my daily backups to install
the httpd.conf from two days ago, when all was well. The problem was
the same.  I tried sublitting a file to sophos, but I would have to
join, and I am not ready for that.  See also my next email.

Still heading toward DBAN.

Thanks,
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/


> -Original Message-
> From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk]
> Sent: Monday, January 04, 2016 11:25
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus via httpd server
>
> Hi Mike.
>
> You might like to send this to sophos for analysis:
>
> https://www.sophos.com/en-us/support/knowledgebase/11490.aspx
>
> As index.html is the default page if nothing else is
> configured, has your httpd.conf file been modified to server
> this binary file instead of index.html?
>
> HTH,
>
> Keith Roberts
>
> On 4 Jan 2016, at 16:18, Michael D. Berger
>  wrote:
>
> > Warning: This message contains unverified links which may
> not be safe.  You should only click links if you are sure
> they are from a trusted source.
> > Examining with Lemmy (A Windows version of VI), it looks
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take
> > several days work to recover from that.
> >
> > Mike.
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> >
> >
> >> -Original Message-
> >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@httpd.apache.org
> >> Subject: RE: [users@httpd] Possible virus via httpd server
> >>
> >> Well, what do you see if you examine the file in a text editor?
> >>
> >>> -Original Message-
> >>> From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> >>> Sent: 04 January 2016 05:03
> >>> To: Apache-Users
> >>> Subject: [users@httpd] Possible virus via httpd server
> >>>
> >>> Using my WinXP Firefox client to access my previously
> working httpd
> >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my
> >>> index.html .  Do you think I have a virus on my Linux box?  I did
> >>> notice that my iptables is not as tight as it should be.
> >>>
> >>> --
> >>> Michael D. Berger
> >>> m.d.ber...@ieee.org
> >>> http://www.rosemike.net/
> >>>
> >>>
> >>>
> >>>
> >>
> -
> >>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >>> For additional commands, e-mail: users-h...@httpd.apache.org
> >>>
> >>>
> >>
> -
> >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> >> For additional commands, e-mail: users-h...@httpd.apache.org
> >>
> >
> >
> >
> -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

I don't think index.html was changed, but I only took a quick look.
I have it backed up in a tgz file, so when the Linux box comes back up
(maybe tomorrow), I'll take a closer look
 
It is also possible that there was something wrong with httpd.config .
It is quite complex, with numerous RewriteRule, etc.  However, even
when I commented out ALL the virtual hosts, the problem persisted.
But if I left a simple vhost and put a RewiteRule that (for reasons that I
don't
know) it didn't like, then it returned a failure.  When I put it back
together,
I'll build up httpd.config slowly.
 
Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
 


  _  

From: Michael D. Wood [mailto:m...@itsecuritypros.org] 
Sent: Monday, January 04, 2016 20:27
To: users@httpd.apache.org
Subject: Re: [users@httpd] Possible virus via httpd server


Was the index.html file modified in anyway?  Did it call the executable?
Any rewrites or any other files added to the path index.html resided?

Sent from my iPhone

On Jan 4, 2016, at 8:21 PM, Michael D. Berger  wrote:



It was not overwritten.  If you looked on the server, it was just fine.
But an executable was delivered instead.  In any case, it is gone
with the wind -- DBAN is now running on the server. Hopefully,
the reinstallation will work better.
 
Mike.
 
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  
 


  _  

From: Dino B. [mailto:mypascal2...@gmail.com] 
Sent: Monday, January 04, 2016 19:36
To: users@httpd.apache.org
Subject: RE: [users@httpd] Possible virus via httpd server



Hmmm, index. Html is just default page???  Strange that that it got
overwritten by some executable

--
Dino Buljubasic


--
Dino Buljubasic
Cell 604 441 3560

Please pardon my brevity - sent from my mobile device.  Please excuse any
typos.

On Jan 4, 2016 12:38, "Michael D. Berger"  wrote:


Following your suggestion, I made use of my daily backups to install
the httpd.conf from two days ago, when all was well. The problem was
the same.  I tried sublitting a file to sophos, but I would have to
join, and I am not ready for that.  See also my next email.

Still heading toward DBAN.

Thanks,
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/


> -Original Message-
> From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk]
> Sent: Monday, January 04, 2016 11:25
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus via httpd server
>
> Hi Mike.
>
> You might like to send this to sophos for analysis:
>
> https://www.sophos.com/en-us/support/knowledgebase/11490.aspx
>
> As index.html is the default page if nothing else is
> configured, has your httpd.conf file been modified to server
> this binary file instead of index.html?
>
> HTH,
>
> Keith Roberts
>
> On 4 Jan 2016, at 16:18, Michael D. Berger
>  wrote:
>
> > Warning: This message contains unverified links which may
> not be safe.  You should only click links if you are sure
> they are from a trusted source.
> > Examining with Lemmy (A Windows version of VI), it looks
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take
> > several days work to recover from that.
> >
> > Mike.
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> >
> >
> >> -Original Message-
> >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@httpd.apache.org
> >> Subject: RE: [users@httpd] Possible virus via httpd server
> >>
> >> Well, what do you see if you examine the file in a text editor?
> >>
> >>> -Original Message-
> >>> From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> >>> Sent: 04 January 2016 05:03
> >>> To: Apache-Users
> >>> Subject: [users@httpd] Possible virus via httpd server
> >>>
> >>> Using my WinXP Firefox client to access my previously
> working httpd
> >>> 2.4 server on Fedora 23 gets a file named 1OfvyQ5L instead of my
> >>> index.html .  Do you think I have a virus on my Linux box?  I did
> >>> notice that my iptables is not as tight as it should be.
> >>>
> >>> --
> >>> Michael D. Berger
> >>> m.d.ber...@ieee.org
> >>> http://www.rosemike.net/
> >>>
> >>>
> >>>
> >>>
> >>
> -
> >>> To unsubscribe, e-mail: users-unsubscr...@h

RE: [users@httpd] Possible virus via httpd server

[Michael D. Berger]

Problem solved, and it was not a virus.  I have a complex cgi writen in C++.
While DBAN was running, it occured to me that the binary file I was getting
was around the same size as my cgi binary.  After the reinstallation, diff
informed that it was in fact the cgi I was getting, the notwithstanding the
peculiar names.  I reread the cgi documentation and spent some time
trying variations in my config.  I then decided to take a look at
01-cgi.conf,
which is included in httpd.conf . There I read that what it did depended on
the results of 00-mpm.config . I immediately (after wasting 2-3 days)
suspected an order problem in the includes, and sure enough, they were
out of order, which I corrected in under one minute.  It now works with
no problem.
 
Thanks for your efforts and interest.
Mike.
 
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  
 


  _  

From: Michael D. Wood [mailto:m...@itsecuritypros.org] 
Sent: Monday, January 04, 2016 21:13
To: users@httpd.apache.org
Subject: Re: [users@httpd] Possible virus via httpd server


Interestinglet us know what you find.

Sent from my iPhone

On Jan 4, 2016, at 9:06 PM, Michael D. Berger  wrote:



I don't think index.html was changed, but I only took a quick look.
I have it backed up in a tgz file, so when the Linux box comes back up
(maybe tomorrow), I'll take a closer look
 
It is also possible that there was something wrong with httpd.config .
It is quite complex, with numerous RewriteRule, etc.  However, even
when I commented out ALL the virtual hosts, the problem persisted.
But if I left a simple vhost and put a RewiteRule that (for reasons that I
don't
know) it didn't like, then it returned a failure.  When I put it back
together,
I'll build up httpd.config slowly.
 
Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
 


  _  

From: Michael D. Wood [mailto:m...@itsecuritypros.org] 
Sent: Monday, January 04, 2016 20:27
To: users@httpd.apache.org
Subject: Re: [users@httpd] Possible virus via httpd server


Was the index.html file modified in anyway?  Did it call the executable?
Any rewrites or any other files added to the path index.html resided?

Sent from my iPhone

On Jan 4, 2016, at 8:21 PM, Michael D. Berger  wrote:



It was not overwritten.  If you looked on the server, it was just fine.
But an executable was delivered instead.  In any case, it is gone
with the wind -- DBAN is now running on the server. Hopefully,
the reinstallation will work better.
 
Mike.
 
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
  
 


  _  

From: Dino B. [mailto:mypascal2...@gmail.com] 
Sent: Monday, January 04, 2016 19:36
To: users@httpd.apache.org
Subject: RE: [users@httpd] Possible virus via httpd server



Hmmm, index. Html is just default page???  Strange that that it got
overwritten by some executable

--
Dino Buljubasic


--
Dino Buljubasic
Cell 604 441 3560

Please pardon my brevity - sent from my mobile device.  Please excuse any
typos.

On Jan 4, 2016 12:38, "Michael D. Berger"  wrote:


Following your suggestion, I made use of my daily backups to install
the httpd.conf from two days ago, when all was well. The problem was
the same.  I tried sublitting a file to sophos, but I would have to
join, and I am not ready for that.  See also my next email.

Still heading toward DBAN.

Thanks,
Mike.

--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/


> -Original Message-
> From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk]
> Sent: Monday, January 04, 2016 11:25
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus via httpd server
>
> Hi Mike.
>
> You might like to send this to sophos for analysis:
>
> https://www.sophos.com/en-us/support/knowledgebase/11490.aspx
>
> As index.html is the default page if nothing else is
> configured, has your httpd.conf file been modified to server
> this binary file instead of index.html?
>
> HTH,
>
> Keith Roberts
>
> On 4 Jan 2016, at 16:18, Michael D. Berger
>  wrote:
>
> > Warning: This message contains unverified links which may
> not be safe.  You should only click links if you are sure
> they are from a trusted source.
> > Examining with Lemmy (A Windows version of VI), it looks
> like a binary file.
> > Size is 181.4 KB.
> > I am considering my favorite virus remover: DBAN, but it would take
> > several days work to recover from that.
> >
> > Mike.
> > --
> > Michael D. Berger
> > m.d.ber...@ieee.org
> > http://www.rosemike.net/
> >
> >
> >> -Original Message-
> >> From: Daniel Beardsmore [mailto:dan...@trustnetworks.co.uk]
> >> Sent: Monday, January 04, 2016 05:03
> >> To: users@httpd.apache.org
> >> Subject: RE: [users@httpd] Possible virus via http

[users@httpd] RewriteCond to select by username

[Michael D. Berger]

On my fedora 16 box using httpd.x86_64 2.2.21-1.fc16, using SSL,

I tried:


  ...
   RewriteCond %{REMOTE_USER} ^mike$
   RewriteRule 
   ...


and variations thereof.

My intention is to have the RewriteRule run iff "mike" is logged on.
It didn't work.

Thanks for your advice.

Mike.


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] RewriteCond to select by username

[Michael D. Berger]

 

> -Original Message-
> From: Eric Covener [mailto:cove...@gmail.com] 
> Sent: Saturday, July 13, 2013 12:43
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] RewriteCond to select by username
> 
> On Sat, Jul 13, 2013 at 12:41 PM, Michael D. Berger 
>  wrote:
> > On my fedora 16 box using httpd.x86_64 2.2.21-1.fc16, using SSL,
> >
> > I tried:
> >
> > 
> >   ...
> >RewriteCond %{REMOTE_USER} ^mike$
> >RewriteRule 
> >...
> > 
> >
> > and variations thereof.
> >
> > My intention is to have the RewriteRule run iff "mike" is logged on.
> > It didn't work.
> >
> Check out the Look-ahead examples in the manual.
> 
[...]

Following this suggestion, I tried:

   RewriteCond %{LA-U:REMOTE_USER} ^mike$

and a few related things.  It still fails.

Thanks for additional information.

Mike.


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] RewriteCond to select by username FIXED

[Michael D. Berger]

 

> -Original Message-
> From: Michael D. Berger [mailto:m.d.ber...@ieee.org] 
> Sent: Saturday, July 13, 2013 13:12
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] RewriteCond to select by username
> 
>  
> 
> > -Original Message-
> > From: Eric Covener [mailto:cove...@gmail.com]
> > Sent: Saturday, July 13, 2013 12:43
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] RewriteCond to select by username
> > 
> > On Sat, Jul 13, 2013 at 12:41 PM, Michael D. Berger 
> >  wrote:
> > > On my fedora 16 box using httpd.x86_64 2.2.21-1.fc16, using SSL,
> > >
> > > I tried:
> > >
> > > 
> > >   ...
> > >RewriteCond %{REMOTE_USER} ^mike$
> > >RewriteRule 
> > >...
> > > 
> > >
> > > and variations thereof.
> > >
> > > My intention is to have the RewriteRule run iff "mike" is 
> logged on.
> > > It didn't work.
> > >
> > Check out the Look-ahead examples in the manual.
> > 
> [...]
> 
> Following this suggestion, I tried:
> 
>RewriteCond %{LA-U:REMOTE_USER} ^mike$
> 
> and a few related things.  It still fails.
> 
> Thanks for additional information.
> 
> Mike.
> 
> 
Correction:

LA-U in fact solves the problem.  The previous test was contaminated
by another "fix" I forgot to remove.

Thanks,
Mike.


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Verizon Digital Voice

[Michael D. Berger]

Verizon wants to replace my FIOS phone line with Digital Voice.

I think this means my house phone will work over the internet.

Does anyone have any experience with this? Advice would be

much appreciated.  Also, if you know a better place to post this

query, please let me know.

 

Thanks,

Mike

 

---

Michael D. Berger

m.d.ber...@ieee.org <mailto:m.d.ber...@ieee.org> 

http://www.rosemike.net