Quoth latin...@resist.ca:
> > Quoth latin...@resist.ca:
> >> Hello
> >>
> >> i found today these lines, is it something to be worry please?
> >>
> >> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
> >> /.well-known/security.txt HTTP/1.1" 404 0
> >> agroena.org 185.177.72.16 - - [09
latin...@resist.ca wrote:
> Thank you noodle, i was cautious because of the 200 which appears when
> someone access the web page.
You see HTTP 200 because it's passed as a query string, it's just serving
your index.html from the root. It's probing for a web application with a
path traversal vulne
On Wed, Jul 09, 2025 at 10:30:59PM -0600, latin...@resist.ca wrote:
> > Quoth latin...@resist.ca:
> >> Hello
> >>
> >> i found today these lines, is it something to be worry please?
> >>
> >> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
> >> /.well-known/security.txt HTTP/1.1" 40
> Quoth latin...@resist.ca:
>> Hello
>>
>> i found today these lines, is it something to be worry please?
>>
>> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
>> /.well-known/security.txt HTTP/1.1" 404 0
>> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
>> /?file=.
Quoth latin...@resist.ca:
> Hello
>
> i found today these lines, is it something to be worry please?
>
> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
> /.well-known/security.txt HTTP/1.1" 404 0
> agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
> /?file=../../../
Hello
i found today these lines, is it something to be worry please?
agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
/.well-known/security.txt HTTP/1.1" 404 0
agroena.org 185.177.72.16 - - [09/Jul/2025:13:06:03 -0700] "GET
/?file=../../../../../../etc/passwd HTTP/1.1" 200 7591
agr
kihagurugath...@gmail.com (Kihaguru Gathura), 2025.05.16 (Fri) 09:54 (CEST):
> What is the way to inject http headers in httpd for static content?
found some snippets for you in a live relayd.conf:
match response header remove "Server"
match response header set "Connection" value "close"
Marcus
Hello,
Update.
I am already using relayd to apply rules based on httpd headers.
Therefore, I have consolidated all common (global) headers within relayd so
that these applies to static files as well.
Only the headers specific for dynamic content now remain within the
scripts.
Thanks and
Hello,
Update.
I am already using relayd to apply rules based on httpd headers.
Therefore, I have consolidated all common (global) headers within relayd so
that these applies to static files as well.
Only the headers specific for dynamic content now remain within the
scripts.
Thanks and
> What is the way to inject http headers in httpd for static content?
httpd(8) is not for injecting/manipulating HTTP-headers.
Example:
If you need to add an "foobar" header you have to combine httpd(8)
and relayd(8)
then select [1] either the request or the response (depends on
Thank you Dan,
This is CGI in C.
This is an issue of maintainability. Headers embedded in cgi scripts become
a challenge to update.
It requires tedious recompiling of scripts especially for big web
applications with hundreds or thousands of them.
Serving common http headers via httpd would
Hello Kia guru.. serve it by php via header() changes?
But I would stick to wait for answers mostly relayd and httpd pertaining, Kia..
Dan
--
Blog: http://bsd.gaoxio.com - Repo: https://code.5mode.com
Please reply to the mailing-list, leveraging technical stuff.
May 16, 2025 10:05:21
Hi,
What is the way to inject http headers in httpd for static content?
Regards,
Kihaguru
Hi misc@,
apache-httpd is broken under 7.7-stable in conjunction with apr-1.7.5.
The following messages are logged in the Apache error log when trying
to access a ProxyPass target:
[proxy:error] [pid 93733] (22)Invalid argument: AH00957: http: attempt
to connect to $IP:8080 ($FQDN:8080) failed
Upon further investigation, I am not so sure that the problem
comes from a BOM. More probably, since I'm only using vi(1) to
edit my (plain)text files in general, I need to be able to specify
the encoding/charset on the fly. Is that doable ? Should I update
my game and use vim ? Out of curiosity,
e how to troubleshoot
> > the client encoding / font problem.
> >
> > Jan 30, 2025 10:52:10 Jan Stary :
> >
> >> httpd serves the file as is, and advices the client with
> >> a Content-Type header. It is then entirely up to the client
> >> (typicaly a
Le Jeudi 30 Janvier 2025 12:18 CET, xse a écrit:
> On 2025-01-30 11:27, Claudio Jeker wrote:
> > httpd uses simple content-type of text/plain for txt files.
> > It does not include a charset so the browser will probably default to
> > utf8
> > so if the text files ar
oding=utf-8' that seems recommended for vim (which I
don't use, am I wrong ?) by the AI / search engine.
Le Jeudi 30 Janvier 2025 11:27 CET, Claudio Jeker a
écrit:
> httpd uses simple content-type of text/plain for txt files.
> It does not include a charset so the browser will pro
>
> Jan 30, 2025 10:52:10 Jan Stary :
>
> > httpd serves the file as is, and advices the client with
> > a Content-Type header. It is then entirely up to the client
> > (typicaly a browser) to display what the server has served.
> >
> > On Jan 30 09:30:
On 2025-01-30 11:27, Claudio Jeker wrote:
httpd uses simple content-type of text/plain for txt files.
It does not include a charset so the browser will probably default to
utf8
so if the text files are not in utf8 encoding then the browser will not
display them correctly.
From my
httpd uses simple content-type of text/plain for txt files.
It does not include a charset so the browser will probably default to utf8
so if the text files are not in utf8 encoding then the browser will not
display them correctly.
>From my understanding it is not possible to configure a char
t problem.
>
> Jan 30, 2025 10:52:10 Jan Stary :
>
>> httpd serves the file as is, and advices the client with
>> a Content-Type header. It is then entirely up to the client
>> (typicaly a browser) to display what the server has served.
>>
>> On Jan 30 09:30:16, s
At this point is maybe suggestable you specify the clients you
are using to access these files to see in case how to troubleshoot
the client encoding / font problem.
Jan 30, 2025 10:52:10 Jan Stary :
> httpd serves the file as is, and advices the client with
> a Content-Type header. It i
httpd serves the file as is, and advices the client with
a Content-Type header. It is then entirely up to the client
(typicaly a browser) to display what the server has served.
On Jan 30 09:30:16, sylv...@saboua.me wrote:
>
> I have a folder with several standalone .txt files on my web
I have a folder with several standalone .txt files on my webserver.
I expect these to be displayed as such. But when opening them
in the browser, either locally (from the same machine) or from
remote, several characters such as accents and em dashes get
replaced by other characters.
Where could
Hi
When an HTTP request for a (large) file is made directly to httpd, the
transfer speed is what's expected from the infrastructure: a 92Mb file
is transferred in under a second. However, when relayd is placed in
front of httpd (running on the same host), the transfer rate drops to
abou
On Tue, Dec 10, 2024 at 05:46:35AM +0100, Sylvain Saboua wrote:
> Regularly I make minor [ae]d?ditions to my static html files.
>
> Afaik the browser needs to manually refresh the file in order to
> display the latest version.
>
> Am I doing something wrong or is there a workaround ?
You can us
On Tue, Dec 10, 2024 at 5:56 AM Sylvain Saboua
wrote:
> Regularly I make minor [ae]d?ditions to my static html files.
>
> Afaik the browser needs to manually refresh the file in order to
> display the latest version.
>
That's correct, but if you just tap the reload button (typically ctrl-R),
you
On Tue, Dec 10, 2024 at 01:46:35AM -0300, Sylvain Saboua wrote:
> Regularly I make minor [ae]d?ditions to my static html files.
>
> Afaik the browser needs to manually refresh the file in order to
> display the latest version.
>
Maybe I misunderstood but sounds normal
> Am I doing something wro
Regularly I make minor [ae]d?ditions to my static html files.
Afaik the browser needs to manually refresh the file in order to
display the latest version.
Am I doing something wrong or is there a workaround ?
This is also annoying when editing the style sheets.
Thank you
--
Sylvain Saboua
www.
On 2024-11-25 11:09, Marcus MERIGHI wrote:
location match "/(wp%-json/.*)$" {
request rewrite "/index.php/%1"
fastcgi socket "/run/php-fpm.sock"
pass
}
Thank you for this one, especially. It fixes the REST API issue.
Unfortunately,
p...@mostlybsd.com (Paul Pace), 2024.11.25 (Mon) 14:24 (CET):
> I have been working on getting pretty permalinks[1] to work properly in
> httpd. The WordPress project publishes configurations for Apache and
> nginx.[2]
>
> I have a slightly better but still very weak grasp of ng
It is suggestable to discard a scattered spam with footernotes or I should
assume it is good? :))
Dan
--
Nuggetsman.com - Repo: https://code.5mode.com
Please reply to the mailing-list, leveraging technical stuff.
Nov 25, 2024 14:27:22 Paul Pace :
> 1] https://wordpress.org/documentation
I have been working on getting pretty permalinks[1] to work properly in
httpd. The WordPress project publishes configurations for Apache and
nginx.[2]
I have a slightly better but still very weak grasp of nginx, so here is
the key part of nginx.conf, as I understand it, for supporting pretty
Hello,
On 21/11/24 01:41, Benjamin Stürz wrote:
> Hi,
>
> Is it intended behavior, that `fastcgi param`
> doesn't overwrite variables?
I'm not a fastcgi lawyer, but I think it's wrong.
> [...]
>
> When I open in a web browser, I get this:
> SERVER_SOFTWA
Hi,
Is it intended behavior, that `fastcgi param`
doesn't overwrite variables?
I have the following httpd config:
server "example" {
listen on * port 80
location "/test/" {
root "/cgi-bin/env.cgi"
On Mon, Nov 18, 2024 at 05:58:20AM +, Sha'ul wrote:
> $ cat /etc/rc.conf.local
> httpd_flags=
>
> My home router router set to port forward port 80 and port 443 to the
> internal ip of machine. There is no SSL issued for my domain and pf is
> disabled.
>
> $
I have httpd running on local installation on physical hardware at home
so I can erase the SSD, not in a VM and not remotely. I substituted my
real domain here for example.com. I have
$ cat /etc/rc.conf.local
httpd_flags=
My home router router set to port forward port 80 and port 443 to the
On 2024-10-27, Sadeep Madurange wrote:
>
> All this time I thought www.openbsdhandbook.com was an official OpenBSD
> resource! Thanks very much for that info too.
I just took a quick look and spotted an error in 30 seconds of reading.
own/acme-challenge/*" {
> root "/acme"
> request strip 2
> }
>
> location "/*" {
> fastcgi socket tcp 127.0.0.1 3000
> }
> }
>
> server "src.domain.io" {
>
request strip 2
}
location "/*" {
fastcgi socket tcp 127.0.0.1 3000
}
}
server "src.domain.io" {
listen on * port 80
location "/.well-known/acme-challenge/*" {
root "/acme"
On 2024-10-27 05:55:37, Lucas Gabriel Vuotto wrote:
> On Sun, Oct 27, 2024 at 12:34:06PM +0800, Sadeep Madurange wrote:
> > I had configured httpd with SSL using the guide at
> > https://www.openbsdhandbook.com/services/webserver/ssl/. It was
> > working fine for many months
On Sun, Oct 27, 2024 at 12:34:06PM +0800, Sadeep Madurange wrote:
> Hello,
>
> I had configured httpd with SSL using the guide at
> https://www.openbsdhandbook.com/services/webserver/ssl/. It was working
> fine for many months now. So, I'm not sure if this is related to the
&g
Hello,
I had configured httpd with SSL using the guide at
https://www.openbsdhandbook.com/services/webserver/ssl/. It was working
fine for many months now. So, I'm not sure if this is related to the
recent OS upgrade. I just realized that the SSL cert had expired.
When I run the acme-client
Am Jam writes:
> > Most likely, you're not requesting a full chain from acme-client, or you
> > haven't given the full chain certificate a name relayd will pick up
> > automatically.
>
> According to relayd.conf(5), relayd should pick up my full chain
> certificate.
>
> # /etc/ssl
> drwxr-xr-x 3 r
> Most likely, you're not requesting a full chain from acme-client, or you
> haven't given the full chain certificate a name relayd will pick up
> automatically.
According to relayd.conf(5), relayd should pick up my full chain
certificate.
# /etc/ssl
drwxr-xr-x 3 root wheel 512B Dec 27 2021
Am Jam writes:
>$ git clone https://src.domain.io/user/aoc.git
>Cloning into 'aoc'...
>fatal: unable to access 'https://src.domain.io/user/aoc.git/': SSL
> certificate problem: unable to get local issuer certificate
>
> and
>
>$ curl https://src.domain.io
>curl: (60) SSL certifi
Hi openbsd-misc,
I am a hobbyist hosting several services on my OpenBSD-7.5 machine. Because
some of the services that I want to use export their own HTTP server (and
not a FastCGI one), I am cornered into using relayd with httpd.
When things were simpler, I could serve gitea with just httpd
git README
> [https://git.zx2c4.com/cgit/tree/README] and comiled cgit with lua
> support using:
>
> `gmake LUA_PKGCONFIG=luajit CFLAGS="-I/usr/local/include/luajit-2.0" install`
>
> However, when I try to run the `cgit.cgi` with the following OpenBSD
> `httpd` con
ua
support using:
`gmake LUA_PKGCONFIG=luajit CFLAGS="-I/usr/local/include/luajit-2.0" install`
However, when I try to run the `cgit.cgi` with the following OpenBSD
`httpd` configuration, it doesn't work as expected:
```
server "git.example.com" {
listen on * tls por
socket tcp "192.168.1.78" 8004
I guess that calibre exports an HTTP server, not a FastCGI one, so this
can't work. httpd doesn't support proxying another HTTP server, it can
only talk to fastcgi.
You'll have to look into relayd(8) (but also keep httpd in the stack so
you can use acme-client for TLS.)
e server listening on 0.0.0.0:8004
> OPDS feeds advertised via BonJour at: 192.168.1.78 port: 8004
> _
>
> When I do this, I can, from another computer within my network, navigate
> to http://192.168.1.78:8004 and read my ebooks. So far so good.
> I now want to access the same webpage fro
: 192.168.1.78 port: 8004
_
When I do this, I can, from another computer within my network, navigate to
http://192.168.1.78:8004 and read my ebooks. So far so good.
I now want to access the same webpage from outside of the network using a
domain I've purchased; however, I keep getting th
omain socket, you have to put it somewhere
> > inside the /var/www chroot; for example
> > /var/www/run//fcgi.sock and then instructs httpd to talk
> > to it
> >
> > fastcgi {
> > # note that this is relative to the /var/www chroot
> > socket "/run//fcgi.sock"
> > }
That worked! Thank you all very much for the help.
--
Sadeep Madurange
PGP: 103BF9E3E750BF7E
n the following command to install it:
# install -o www -g www -m 0500 flask.py /var/www/cgi-bin
Then I added the following config to /etc/httpd.conf:
server "localhost" {
listen on * port 8080
location "/*" {
fastcgi { param SCRIPT_FILENAME "/cgi-bin/fl
listen on * port 8080
location "/*" {
fastcgi { param SCRIPT_FILENAME "/cgi-bin/flask.py" }
}
}
restarted httpd, and executed the following curl request:
$ curl http://localhost:8080/
However, I keep getting 500 internal server error. Not sure w
ran the following command to install it:
>
> # install -o www -g www -m 0500 flask.py /var/www/cgi-bin
>
> Then I added the following config to /etc/httpd.conf:
>
> server "localhost" {
> listen on * port 8080
> location "/*" {
> fastcg
ig to /etc/httpd.conf:
server "localhost" {
listen on * port 8080
location "/*" {
fastcgi { param SCRIPT_FILENAME "/cgi-bin/flask.py" }
}
}
restarted httpd, and executed the following curl request:
$ curl http://localhost:8080/
However, I keep getting
On Sat, Jul 13, 2024 at 08:48:56PM +1000, Paul W. Rankin wrote:
> Hello,
>
> I’m trying to get a basic URL rewrite working with httpd but, alas, it
> seems broken.
It's not broken :-).
>
> My goal:
>
> /~USER -> /htdocs/u/USER
root "/htdocs/u"
Hello,
I’m trying to get a basic URL rewrite working with httpd but, alas, it
seems broken.
My goal:
/~USER -> /htdocs/u/USER
To debug this, in case the “~” character was throwing something off, I
simply tried to achieve:
/u/USER -> /htdocs/u/USER
I’m aware this
On Tue, Jun 11, 2024 at 10:41:33PM +, Martin wrote:
> But what useful methods exists that prevent spamming a HTML signup form
> from stuffing the database with useless signups?
>
> Naturally the accounts that haven't been validated one way or another
> gets deleted, but the initial signup is a
On Thu, Jun 13, 2024 at 04:30:27AM -0700, Paul Pace wrote:
> On 6/12/24 10:32 PM, Chris Bennett wrote:
> > It's not perfect, but I have a long list of regexes that I know are spam
> > that I have my Perl code that processes the form block. Trying to block
> > from a log is not very helpful. It can
On 6/12/24 10:32 PM, Chris Bennett wrote:
It's not perfect, but I have a long list of regexes that I know are spam
that I have my Perl code that processes the form block. Trying to block
from a log is not very helpful. It can let through thousands of the same
spam attempts before the log catches
On Tue, Jun 11, 2024 at 10:41:33PM +, Martin wrote:
> I already do some rate limiting with stateful tracking options for PF,
> which works really great for the stuff I use it for.
>
> I also use block lists of known bad IP addresses etc.
>
> But what useful methods exists that prevent spammin
Jun 12, 2024 00:56:47 Martin :
> A simple CAPTCHA reduces some of the irrelevant noise, but the more
> sophisticated bots solves the CAPTCHA.
>
> Using Cloudflare's or Google's CAPTCHA is frowned upon by the real
> users, which I fully understand.
>
> So I was wondering, if some other clever metho
No perfect solution exists, but the following may help.
1) Parse the logs of your web application and ban any IP that attempts
to create multiple accounts. Not great because you may have multiple
users sharing the same public IP. It only works ok if you automate it
via cronjob scripts.
2) Re
On 2024-06-11 15:41, Martin wrote:
I already do some rate limiting with stateful tracking options for PF,
which works really great for the stuff I use it for.
I also use block lists of known bad IP addresses etc.
But what useful methods exists that prevent spamming a HTML signup form
from stuff
I already do some rate limiting with stateful tracking options for PF,
which works really great for the stuff I use it for.
I also use block lists of known bad IP addresses etc.
But what useful methods exists that prevent spamming a HTML signup form
from stuffing the database with useless signups
Greetings,
On Wed, 29 May 2024 00:01:07 +0100,
Am Jam wrote:
>
> For posterity's sake, my working /etc/httpd.conf is below:
>
Maybe it is worth making a port for pixelfed to allow others to install it
as easily as pkg_add pixelfed with some polish documented in the
description?
--
wbr, Kirill
Hello,
I very much appreciate the new directory index in httpd. Thank you espie@ :)
I would like to make a suggestion for the default CSS, which is to remove the
italic styling of directories:
--- /Users/pwr/Downloads/css.h.in.txt~ 2024-05-21 12:33:11
+++ /Users/pwr/Downloads/css.h.in.txt
udes creating the
> > following symlink in /var/www/pixelfed:
> > - lrwxr-xr-x 1 root www37B May 27 12:15 storage@ ->
> > /var/www/pixelfed/storage/app/public/
> >
> > That, unfortunately, is "outside" of the root directory specified in
> > /etc/httpd.conf.
>
> httpd is in a chroot jail so the absolute symlink won't work.
>
> Either use a relative symlink for the above link, or set things up so
> that /var/www still works inside the chroot -
>
> mkdir /var/www/var; ln -s .. /var/www/var/www
>
>
>
age/app/public/
>
> That, unfortunately, is "outside" of the root directory specified in
> /etc/httpd.conf.
httpd is in a chroot jail so the absolute symlink won't work.
Either use a relative symlink for the above link, or set things up so
that /var/www still works inside the chroot -
mkdir /var/www/var; ln -s .. /var/www/var/www
Wild guess:
When a request is made against a picture in /storage/, it triggers the
location not found * rule.
The rewritten request does never hit the location "/storage/*" rule
because it now requests /index.php$something instead of any object
within /storage.
Try placing a matching /stor
Hi Everyone,
I am trying to install and run pixelfed (think of it as a self-hosted
instagram alternative) on OpenBSD 7.5, but I am having a problem with my
/etc/httpd.conf. Unfortunately, pixelfed's installation instructions only
provide an nginx example. For those of you familiar with nextcloud,
On Wed May 22, 2024 at 4:46 PM BST, Am Jam wrote:
Your tip led me in the right direction and I now have what I need. Thank
you!
Glad I could help.
One thing to note. I had to add the following line to get everything to
work:
- location "/" { block return 301 "$https://$SERVER_NAME/index.ph
Hi Souji,
Your tip led me in the right direction and I now have what I need. Thank
you!
One thing to note. I had to add the following line to get everything to
work:
- location "/" { block return 301 "$https://$SERVER_NAME/index.php"; }
I added this line because, for some reason, without this
On Wed May 22, 2024 at 2:38 PM BST, Am Jam wrote:
Hi Everyone,
Hi Am,
Before anyone asks, removing "/nextcloud" from each of the location strings
does not work.
When I do that I get an "ERR_EMPTY_RESPONSE" error in my browser (Chrome).
My httpd.conf below was inspired by the one outlined in t
Hi Everyone,
I am trying to run a small nextcloud website and I'm having a problem with
the URLs.
I installed nextcloud via pkg_add, and all of its files were installed
under /var/www/nextcloud.
The pkg-readmes were helpful in getting nextcloud working with httpd.
However, though every
Michael Hekeler writes:
Is there any directive or regex for the 'location' directive,
httpd doesn't support regular expressions.
httpd includes lua pattern support.
see patterns(7)
(Though to use patterns(7) syntax, one needs to use the 'match'
keyword, e.g. &qu
> Is there any directive or regex for the 'location' directive,
httpd doesn't support regular expressions.
httpd includes lua pattern support.
see patterns(7)
Hi,
In httpd, my web portal gives an HTTP 404 error when 'mysite.com/create' is
typed,
however 'mysite.com/create/' works.
In order to *solve* this issue, I added 2 different locations pointing to
the same cgi script, as:
location "/create" {
fastcgi socket &q
On 2024-03-08, James Cook wrote:
> On Fri, Mar 08, 2024 at 04:28:52PM +0300, Mark wrote:
>> Greetings.
>>
>> Trying to figure out the mailman configuration on OpenBSD.
>>
>> What is the equivalent of the following server block in httpd?
>&
On Fri, Mar 08, 2024 at 04:28:52PM +0300, Mark wrote:
> Greetings.
>
> Trying to figure out the mailman configuration on OpenBSD.
>
> What is the equivalent of the following server block in httpd?
>
> "
> Options FollowSymLinks
> AllowOverride None
>
Greetings.
Trying to figure out the mailman configuration on OpenBSD.
What is the equivalent of the following server block in httpd?
"
Options FollowSymLinks
AllowOverride None
"
Does the httpd even support following symlinks?
Regards,
Mark
> Hi,
>
> I have a custom error template that I use for the error documents for
> httpd, as described in: man httpd.conf
>
> In /var/www I have created:
>
> /err root:daemon chmod 0755
>
> Within /var/www/err I have created:
>
> err
l configuration that points to this:
>
> /etc/httpd.conf
> . . .
> errdocs "/err"
>
> When I cause an error with httpd, the error document template I have
> created gets rendered to the client, but I get entries in syslog like
> the following:
ve a global configuration that points to this:
>
> /etc/httpd.conf
> . . .
> errdocs "/err"
>
> When I cause an error with httpd, the error document template I have
> created gets rendered to the client, but I get entries in syslog like
> the fo
Hi,
I have a custom error template that I use for the error documents for
httpd, as described in: man httpd.conf
In /var/www I have created:
/errroot:daemon chmod 0755
Within /var/www/err I have created:
err.htmlwww:www chmod 0444
In my
Hi misc@,
I may have found a bug with the combination of
`request rewrite` and `directory auto index`
when using httpd(8).
Preparation:
mkdir -p /var/www/htdocs/pub/user
echo "Hello World" > /var/www/htdocs/pub/user/test
/etc/httpd.conf:
server "example.com" {
On 2023-09-23, Nick Holland wrote:
> Hello,
> Twice in the last couple weeks, I've had httpd fall over on me.
> Only clue I've got is this in /var/log/messages:
>
> MASTER $ grep httpd daemon
> Sep 23 05:24:06 node2 httpd[69989]: logger exiting, pid 69989
> Se
Hello,
Twice in the last couple weeks, I've had httpd fall over on me.
Only clue I've got is this in /var/log/messages:
MASTER $ grep httpd daemon
Sep 23 05:24:06 node2 httpd[69989]: logger exiting, pid 69989
Sep 23 05:24:06 node2 httpd[80972]: parent terminating, pid 80972
Sep 23 05:2
0.
/etc/hosts:
127.0.0.1 localhost test1 test2
/tmp/httpd.conf:
server "test1" {
listen on localhost port 8080
block return 200
}
server "default" {
listen on localhost port 8080
block return 404
}
httpd -df /tmp/httpd.conf &
ftp -o - http://localhost:8080/ #2
On 2023-08-10, Tito Mari Francis Escaño wrote:
> Hi,
> Can somebody point me to resources on how to use libmodsecurity with httpd
> to create a WAF for a web application?
> If it's not feasible, please advise what options are there for WAF that can
> be used with the buil
Hi,
Can somebody point me to resources on how to use libmodsecurity with httpd
to create a WAF for a web application?
If it's not feasible, please advise what options are there for WAF that can
be used with the built-in httpd.
Thank you.
On Wed, Jul 12, 2023 at 06:28:47PM +0200, Matthias Pressfreund wrote:
> Why does 'cvs diff -D...' on the OPENBSD_7_2 branch
> include changes from before the given date?
Because cvs -D resolves to the most recent revision no later than
the given date, and the OPENBSD_7_2 tag contains files that we
Why does 'cvs diff -D...' on the OPENBSD_7_2 branch
include changes from before the given date?
# cvs -qd anon...@anoncvs.spacehopper.org:/cvs checkout -rOPENBSD_7_2 -P
src/usr.sbin/httpd
U src/usr.sbin/httpd/Makefile
U src/usr.sbin/httpd/config.c
U src/usr.sbin/httpd/control.c
U sr
Hello Stuart,
your suggestion worked perfectly, thanks a lot!
Werner
On 3/25/23 17:18, Stuart Henderson wrote:
On 2023-03-24, Werner Boninsegna wrote:
Hello,
fake /dev/random means I created a file with a string of text such as
"1234567890". This was a workaround t
On 2023-03-24, Werner Boninsegna wrote:
> Hello,
>
> fake /dev/random means I created a file with a string of text such as
> "1234567890". This was a workaround to get the application running.
Yes that's as bad as I thought. While most things in OpenBSD itself
don't use /dev/random or /dev/urand
On 2023/03/24 18:06:03 +0800, Werner Boninsegna wrote:
> Hello,
>
> fake /dev/random means I created a file with a string of text such as
> "1234567890". This was a workaround to get the application running.
...
> Your suggestion is to chroot into /var/www and run "MAKEDEV random" ?
If you re
Hello,
fake /dev/random means I created a file with a string of text such as
"1234567890". This was a workaround to get the application running.
Your suggestion is to chroot into /var/www and run "MAKEDEV random" ?
I will give it a try.
Werner
On 3/24/2023 3:27 PM, Stuart Henderson wrote:
1 - 100 of 1194 matches
Mail list logo
