Oleg Goryunov wrote:
Any help is appreciated.
Oleg - Does YOUR copy of the index page look OK reading it as a file?
What no one has mentioned is that DNC servers have been hacked and could be
doing the re-routing. It may not be YOUR site which is compromised.
I can view my own sites 'locall
On 4/3/2010, lots of people chimed in saying things.
Around 00:03 [-7GMT], Morgan Gangwere chimed in to say:
I'd suggest either turning on Syn Cookies, getting mpm_worker running,
or not really worrying about it. mpm_worker so far for me has been able
to avoid the Slowloris attack on a 50Mhz AR
It was thus said that the Great Nerius Landys once stated:
> > This is called 'slow loris' attack. That'll give you something to Google for
> > :)
>
> Thank you so much for the help guys.
>
> I did Google "slowloris" and I did indeed find much information. In
> fact, the program I wrote from scr
On Sat, Apr 3, 2010 at 9:09 PM, Nerius Landys wrote:
>> if (ip_count > conf->limit) {
>> ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected,
>> too many connections in READ state from %s", c->remote_ip);
>> return OK;
>> } else {
>> return DECLINED;
>> }
I'd
> if (ip_count > conf->limit) {
> ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "Rejected,
> too many connections in READ state from %s", c->remote_ip);
> return OK;
> } else {
> return DECLINED;
> }
I figured out what OK and DECLINED mean. In httpd.h:
#define DE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Reminder: the Call For Proposals for the Apache HTTP Server track closes
TOMORROW NIGHT, April 4. If you would like to submit a session
proposal, please do so now! See below for instructions.
-
ApacheCon North America 2010 will be hel
On 4/3/2010 8:55 PM, Gil Vidals wrote:
Oleg,
What kind of web application firewall (WAF) are you running on your web
servers? If the answer is "none", then you will have many problems with
malware and hackers. You must have proper security. Google
"mod_security" or hire a web security guy to ta
> This is called 'slow loris' attack. That'll give you something to Google for
> :)
Thank you so much for the help guys.
I did Google "slowloris" and I did indeed find much information. In
fact, the program I wrote from scratch does the exact attack described
on the slowloris Wikipedia page.
An
Yes,the hacker is from China.
the subfix "9966.org" is provided by the biggest DynDNS ISP of China.
Best regards,
Sharl.Jimh.Tsin
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apac
It was thus said that the Great Nerius Landys once stated:
>
> I'm wondering what methods are preferred for preventing this sort of
> attack. I'm wondering this for two reasons: 1) I want to secure my
> websites and 2) I want to learn techniques that address this issue
> because I'm writing my ow
On 4/04/2010 11:32 a.m., Nerius Landys wrote:
So, when I run the 100 thread program against my max-80-clients
server, and each of the 100 threads takes over one minute to send the
complete HTTP request header, my Apache httpd server becomes
unavailable to other incoming connections. In other wor
Hi guys. I'm in the process of writing some custom server code that
uses TCP sockets. This is totally unrelated to Apache and the HTTP
protocol (but please read on, I'll get there). I have quite a bit of
experience writing server code that communicates with UDP, but I've
had relatively little ex
On 4/3/2010 4:24 PM, Oleg Goryunov wrote:
THe problem is that I do not see any files changed on the server (and
thus cannot check the owner of them). Where should I look for the
possible evidence of someone else being there?
Do you have Tripwire installed?
If so, just look at its logs :)
Othe
Nick,
Thanks for your reply.
THe problem is that I do not see any files changed on the server (and thus
cannot check the owner of them). Where should I look for the possible
evidence of someone else being there?
On Sun, Apr 4, 2010 at 2:05 AM, Nick Kew wrote:
>
> On 3 Apr 2010, at 22:20, Oleg Go
On 3 Apr 2010, at 22:20, Oleg Goryunov wrote:
> Hello all,
> It looks like someone hacked my apache2 server and I am trying to understand
> how this could have happened.
> This is what happened:
Yep, someone's been there. Take it off the 'net, if you haven't already!
And get someone competent
Hello all,
It looks like someone hacked my apache2 server and I am trying to understand
how this could have happened.
This is what happened:
All of a sudden the server - in response to a web-browser request for a page
- started to give a full screen of unknown characters (looked like a long
text wi
On Sat, Apr 3, 2010 at 1:35 PM, Rafael Muneton wrote:
>
> Finally I could access my web app from another machine in my local network.
> This is what I did:
>
> In my apache configuration file, I changed the following line,
>
> Before > Listen 8080
>
> After > Listen 192.168.1.64:
Finally I could access my web app from another machine in my local network.
This is what I did:
In my apache configuration file, I changed the following line,
Before > Listen 8080
After > Listen 192.168.1.64:8080
and now I can access my we app by typing,
http://192.168.1.64:8
On 4/3/2010 2:59 AM, Nick Kew wrote:
You can't.
Well, you could write a module for it. If you can live with ballpark
numbers, I'd suggest limiting the number of threads per process
on a restricted task, rather than maintaining a global count.
Or if this is about system load, consider something
yes, should be enough.
have you tried killing the running process that listens to that port and start
apache again?
From: Ravi Roy
To: users@httpd.apache.org
Sent: Sat, April 3, 2010 5:50:50 PM
Subject: Re: [us...@httpd] Apache/2.2.13 : Starting httpd: (98)Ad
On Sat, Apr 3, 2010 at 8:10 PM, Ravi Roy wrote:
>
>
> On Sat, Apr 3, 2010 at 5:02 PM, alin vasile wrote:
>
>> Are you sure that you have the permisson to listen on port 80?
>>
>
>
> User logged in (current user) in the system is part of sudoers. I think
> that is sufficient ?
> Thanks.
> -RR
On Sat, Apr 3, 2010 at 5:02 PM, alin vasile wrote:
> Are you sure that you have the permisson to listen on port 80?
>
User logged in (current user) in the system is part of sudoers. I think
that is sufficient ?
Thanks.
-RR
Are you sure that you have the permisson to listen on port 80?
From: Ravi Roy
To: users@httpd.apache.org
Sent: Sat, April 3, 2010 7:08:17 AM
Subject: Re: [us...@httpd] Apache/2.2.13 : Starting httpd: (98)Address already
in use: make_sock: could not bind to ad
On 2010-04-02 19:31, peter pilsl wrote:
So actually I have to copy/paste each virtualhost-section [...]
Isnt there an easier way to do this?
You might like to use mod_macro.
Especially if most of the hosts are very similar to each other.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & För
Hi
I'm new to Apache configurations. Could you please suggest how I might
achieve the below proxy restrictions within Apache 2.2, thanks.
I need the apache forwarding proxy's restrictions to only allow :
- Any client computers to be able to access web server "srv-a".
- A client computer "cli
On 2 Apr 2010, at 22:29, The Gaijin wrote:
> I've inherited a system from our development group, and I've been
> attempting to find information on recommended best practices for
> running mixed mod_perl, mod_python and mod_php simultaneously on
> Apache HTTPd using mod_prefork. Unfortunately, my
On 2 Apr 2010, at 23:48, Anuradha wrote:
> I want to limit the number of "particular" requests in apache
>
> For example
> I have httpd running on my system. My webserver provides a upload and
> download service.
> I want to configure appache in a way that at the max it can serve 100
> upl
On 2 Apr 2010, at 17:22, Ravi Roy wrote:
> 1.Command : $ sudo /etc/rc.d/init.d/httpd start
>
> Error Message :
>
> Starting httpd: (98)Address already in use: make_sock: could not bind to
> address 0.0.0.0:80
You might have another instance running, in which case you should
check your packa
28 matches
Mail list logo
