Re: [EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

Chris Robertson wrote: >> Chris Robertson wrote: >>> Where's the posix api and dl-functionality report? Any specific >>> keywords to narrow it down? >> disable_*** in php.ini? > I thought you meant a vulnerability/exploit report... Yup - peek at CVE-2007-3304. Requires php scripts to run in-proc

RE: [EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

> >Chris Robertson wrote: >> >> Where's the posix api and dl-functionality report? Any specific >> keywords to narrow it down? > >disable_*** in php.ini? I thought you meant a vulnerability/exploit report... >> I actually started with PHP as my most likely culprit but in digging in >> one of the

[EMAIL PROTECTED] stickysession without ProxyPass

I'm using mod_proxy_balancer with httpd 2.2.4. I have 2 clusters defined and use rewrite rules with the [P] flag to route to one of the two, e.g., RewriteCond %{HTTP_HOST} ^www2.prestosports.com [NC] RewriteRule ^/(.*) balancer://main/$1 [P] I'd now like to be able to set the "stickysession"

Re: [EMAIL PROTECTED] Redirect, Rewrite and php.ini

On 02/07/07, Senén de Diego <[EMAIL PROTECTED]> wrote: The real url I'm trying to redirect is http://www.electrodh.com/herramientas/sincronizar1.jnlp and I want to redirect it to http://www.electrodh.com/herramientas/sincronizar.php The content of the herramientas/.htaccess file is: RewriteEngin

Re: [EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

Chris Robertson wrote: > > Where's the posix api and dl-functionality report? Any specific > keywords to narrow it down? disable_*** in php.ini? > I actually started with PHP as my most likely culprit but in digging in > one of the servers that was compromised doesn't have any php web pages, >

Re: [EMAIL PROTECTED] Is there a mod_gzip?

On Mon, 02 Jul 2007 18:50:49 -0500 "Dennis G. Wicks" <[EMAIL PROTECTED]> wrote: > Is this module old and obsolete Yes. See mod_deflate if you need the functionality mod_gzip used to provide. -- Nick Kew Application Development with Apache - the Apache Modules Book http://www.apachetutor.org/

[EMAIL PROTECTED] Is there a mod_gzip?

Greetings; I was looking at a package today that had mod_gzip listed as a requirement. I don't find that module in any of the versions of Apache that I am running or is it mentioned in the doc. Is this module old and obsolete or too new to be in the doc or config yet? If the latter, where do I f

RE: [EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

>nothing else you mention even raises an eyebrow. These two are likely >your culprits if you run untrusted scripts. I'd disable all the posix >api functions and dl-functionality based on a recent report. > >As far as /root/2/ that doesn't correspond to something I know of, but >limiting users who

Re: [EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

Chris Robertson wrote: > Over the weekend we had several servers that all experienced the same > symptoms (details below). I've gone through the CVE, bugtraq, etc > archives and haven't found anything that matches either our versions or > the symptoms. > > - Mod_PHP5 5.2.0-10 (some) > - Mod_PHP5

[EMAIL PROTECTED] HTTPD 2.2.3 possible exploit?

Over the weekend we had several servers that all experienced the same symptoms (details below). I've gone through the CVE, bugtraq, etc archives and haven't found anything that matches either our versions or the symptoms. Symptoms: - Server exhibits small jump in number of processes in queue and

Re: [EMAIL PROTECTED] setting ORACLE_HOME

> On 02/07/07, James White <[EMAIL PROTECTED]> wrote: >> I am trying to install Oracle XE to run PHP scripts. I have read that it >> is preferable to set ORACLE_HOME before starting Apache instead of using >> putenv() in the PHP script. I have tried the recommended script. >> >> ORACLE_HOME=/usr/li

RE: [EMAIL PROTECTED] Apache using AD autentication

Hi, I´ve downloaded apr and apr-util-1.2.8 from the same site (apr.apache.org) and... APR: ./configure --prefix=/usr/local make make install I had to install APR to install APR-UTIL... APR_UTIL: ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr --with-ldap make make install

[EMAIL PROTECTED] Don't stop exec() process when restarting httpd

Hi, I run a process using exec() and I would like the process not to be stopped when httpd is restarted. I didn't try but I guess that using a cgi would work, but my php is running as an apache module. Is that possible ? Thanks -- Thomas Blanchin ---

Re: [EMAIL PROTECTED] Redirect, Rewrite and php.ini

I'm afraid you are right. The "redirect everything" works. There must be anything wrong in my .htaccess. But I cannot see what it is. The real url I'm trying to redirect is http://www.electrodh.com/herramientas/sincronizar1.jnlp and I want to redirect it to http://www.electrodh.com/herramientas/

[EMAIL PROTECTED] Apache dies with ACCESS_VIOLATION

Hi All, In apache httpd.conf we have added entries for virtual host. Apache -S gives proper output of the virtual hosts configured. In most cases apache too runs fine. In some cases we could see Apache stops from responding to the user request and apache error.log has ACCESS_VIOLATION wit

Re: [EMAIL PROTECTED] Redirect, Rewrite and php.ini

On 02/07/07, Senén de Diego <[EMAIL PROTECTED]> wrote: That's what I thought. I think this people does have neither mod_alias nor mod_rewrite enabled, and I don't know why, they are telling me just the contrary... That seems unlikely. As you tried the 'Wooga' trick and got a 500 error, your hta

Re: [EMAIL PROTECTED] Redirect, Rewrite and php.ini

Hello, Thank you for your answer... Vincent Bray escribió: On 02/07/07, Senén de Diego <[EMAIL PROTECTED]> wrote: I'm trying to redirect requests from "/foo/bar.jnlp" to "/foo/bar.php". Be careful using the word redirect as it has a very specific meaning. I've tried this .htaccess file: [

Re: [EMAIL PROTECTED] Redirect, Rewrite and php.ini

On 02/07/07, Senén de Diego <[EMAIL PROTECTED]> wrote: I'm trying to redirect requests from "/foo/bar.jnlp" to "/foo/bar.php". Be careful using the word redirect as it has a very specific meaning. I've tried this .htaccess file: [ Redirect permanent /foo/bar.jnlp http://www.domain.com/foo/ba

Re: [EMAIL PROTECTED] Access parameters in URL

Hi , Thnx for the reply. I have a application which does the authentication based on the header values. Therefore I need to send the request to the http://localhost:8080/test-app with the correct headers. I need to simulate this behaviour. What I need is to get the parameters and add it to the

[EMAIL PROTECTED] Redirect, Rewrite and php.ini

Hello, I've already posted this question, but having had no answers, I'm trying again with a more suited Subject. I'm trying to redirect requests from "/foo/bar.jnlp" to "/foo/bar.php". I've tried this .htaccess file: [ Redirect permanent /foo/bar.jnlp http://www.domain.com/foo/bar.php ] I'v

Re: [EMAIL PROTECTED] Access parameters in URL

On 02/07/07, Madonesa sanjaya <[EMAIL PROTECTED]> wrote: I have configured apache as a reverse proxy. Then for a particular url , I need to add some headers to the request. At the moment I'm doing it statically using the following configuration in httpd.conf file. ProxyPass /care http://

Re: [EMAIL PROTECTED] Access parameters in URL

Hi , I have configured apache as a reverse proxy. Then for a particular url , I need to add some headers to the request. At the moment I'm doing it statically using the following configuration in httpd.conf file. ProxyRequests Off Order deny,allow Allow from all ProxyPass /care http://loca

Re: [EMAIL PROTECTED] How to serve images from memory?

> In Apache, is there a way to serve images from memory instead of disk? > > -Cathy > www.nachofoto.com If you are using Linux, the kernel aggressively tries to keep file in cache (ram). So after the first access, most files are cached in ram anyway. Mark. -- Mark Watts BSc RHCE MBCS Senior S

Re: [EMAIL PROTECTED] How to serve images from memory?

On 7/2/07, Norman Peelman <[EMAIL PROTECTED]> wrote: Cathy Murphy wrote: > In Apache, is there a way to serve images from memory instead of disk? > > -Cathy > www.nachofoto.com Check: http://httpd.apache.org/docs/2.0/mod/mod_cache.html In the documentation it says:

Re: [EMAIL PROTECTED] Access parameters in URL

On 02/07/07, Madonesa sanjaya <[EMAIL PROTECTED]> wrote: Hi , Is there any way to access parameters in a URL without writting a script? Yes there is, usually by using RewriteCond. See: http://wiki.apache.org/httpd/Rewrite/Common/QueryString Perhaps you could elaborate on your question a

[EMAIL PROTECTED] Access parameters in URL

Hi , Is there any way to access parameters in a URL without writting a script? Cheers, Sanjaya.

[EMAIL PROTECTED] File Download size limit

It seems that in apache there is a limit of 2GB for download file through http. Is there any way to increase it?