Re: [users@httpd] To Gzip or not? [EXT]

Can you please STOP breaking threads by adding the [EXT] thing to the title, it is getting quite annoying. El sáb., 10 oct. 2020 a las 23:14, James Smith () escribió: > > There are two sorts of compression - TLS and HTTP. > > It is recommended not to compress the TLS traffic (as CRIME can then be

Re: [users@httpd] SAMEORIGIN and multiple ALLOWFROM X-Frame-Options

Probably you should drop using X-Frame-Options in favour of the more compatible and up to date "Access-Control-Allow-Origin" header: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin And for extra fine grained permissions then CSP (although keeping an eye on b

[users@httpd] SAMEORIGIN and multiple ALLOWFROM X-Frame-Options

Hi, I have been using the following successfully in HTTPD config for some time: Header always set X-Frame-Options SAMEORIGIN The SAMEORIGIN is required for our use but now I am getting a request to allow X-Frame-Options to include specific URL's, say: https://example1.com https://example2.com

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Yes, it does: Redirect 301 or RedirectPermanent. Please review the docs before answering. On 12/10/20 02:04 PM, James Smith wrote: > Redirect doesn't allow you to distinguish between 301s and 302s which you can > do with mod_rewrite {very useful feature tbh when it comes to bits like this} > -

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

Redirect doesn't allow you to distinguish between 301s and 302s which you can do with mod_rewrite {very useful feature tbh when it comes to bits like this} - the user is using WordPress so will almost certainly be using mod_rewrite to handle the nice URLs As for the issue without a server n

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

James, Unless the user has many hosts, I would recommend against using mod_rewrite here. It isn't needed. And your vhost should include an explicity ServerName directive. On 12/10/20 11:56 AM, James Smith wrote: > So I would do this for the virtual host sections – assuming you are only > running

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

That is incorrect. If you inherit a ServerName value that conflicts with other name-based vhosts, you break your set. You can use a dummy value, or even the IP in the ServerName attribute. Run apachectl -S on all your servers to verify, you are making dangerous assumptions. On 12/10/20 11:38 AM,

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

Thank you.I'm using Let's Encrypt SSL. Is it OK? Sent from Yahoo Mail on Android On Mon, Oct 12, 2020 at 7:27 PM, James Smith wrote: #yiv3289296361 #yiv3289296361 -- _filtered {} _filtered {} _filtered {}#yiv3289296361 #yiv3289296361 p.yiv3289296361MsoNormal, #yiv3289296361 li.yiv3289296

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

So I would do this for the virtual host sections – assuming you are only running ONE externally facing website – there are other things you would need to do if you were running multiple ones ## Send all traffic on port 80 to the primary domain over SSL… RequestHeader unset X-is-ssl Rewrite

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

It's how you do a catchall... there is no other way of doing it - it doesn't cause any problems if you only have one. I have many domains with wildcard DNS it is the clean way of handling those sub-domains I am not serving in a "nice" manner rather than just dropping the requests on the floor..

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Excuse me,Can you clean my configuration? On Monday, October 12, 2020, 07:06:17 PM GMT+3:30, Frank wrote: James, Omitting an explicit ServerName in name-based vhosts is a bad idea as well. You can create conflicts or ambiguities. On 12/10/20 11:22 AM, James Smith wrote: > This would

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

James, Omitting an explicit ServerName in name-based vhosts is a bad idea as well. You can create conflicts or ambiguities. On 12/10/20 11:22 AM, James Smith wrote: > This would be my set-up in your case - note as someone said it was too > complex I've removed the extra security bits I'd left i

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

At the end of domain name? On Monday, October 12, 2020, 07:01:27 PM GMT+3:30, Frank wrote: I mentioned slashes. Look at yours, and mine. On 12/10/20 11:22 AM, Jason Long wrote: > You used "Redirect / https://hostname.tld/"; and > I'm using "Redirect permanent /

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

I mentioned slashes. Look at yours, and mine. On 12/10/20 11:22 AM, Jason Long wrote: > You used "Redirect / https://hostname.tld/"; and > I'm using "Redirect permanent / https://www.example.com";. > I have a "permanent" word. > > I > > > > >

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

You used "Redirect / https://hostname.tld/" and I'm using "Redirect permanent /  https://www.example.com". I have a "permanent" word. I On Monday, October 12, 2020, 06:40:00 PM GMT+3:30, Frank wrote: You can compare my redirect directive with yours. There is a subtle difference. A

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

This would be my set-up in your case - note as someone said it was too complex I've removed the extra security bits I'd left in by accident... ## Port 80 && 443 default configs... RequestHeader unset X-is-ssl RewriteEngine on RewriteRule ^(.*)$ https://www.mydomain.com%{REQUEST_

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

You can compare my redirect directive with yours. There is a subtle difference. Also, you don't need a documentroot in a vhost if you redirect every request. On 12/10/20 11:02 AM, Jason Long wrote: > Excuse me, How? > > > > > > > On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Ging

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Excuse me, How? On Monday, October 12, 2020, 06:29:38 PM GMT+3:30, Frank Gingras wrote: Always match the trailing slashes when redirecting. On 12/10/20 10:43 AM, Jason Long wrote: > # apachectl -S > # > > My Virtual Host configuration is: > > > Header always set Strict-Transport-S

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Always match the trailing slashes when redirecting. On 12/10/20 10:43 AM, Jason Long wrote: > # apachectl -S > # > > My Virtual Host configuration is: > > > Header always set Strict-Transport-Security "max-age=63072000; > includeSubdomains; preload" > ServerAdmin root@localhost > ServerName ww

Re: [users@httpd] session crypto module in “httpd 2.4.25” version

On Mon, Oct 12, 2020 at 10:45 AM Sathish Vijayan wrote: > Hi, > > > > Anyone installed session crypto module in “httpd 2.4.25” version. What are > the steps to follow? > > I tried the below command and got the error: > > > > ./apxs -i -c /httpd-2.4.25/modules/session/mod_session_crypto.c > > > >

[users@httpd] session crypto module in “httpd 2.4.25” version

Hi, Anyone installed session crypto module in “httpd 2.4.25” version. What are the steps to follow? I tried the below command and got the error: ./apxs -i -c /httpd-2.4.25/modules/session/mod_session_crypto.c /httpd-2.4.25/modules/session/mod_session_crypto.c:32:2: error: #error Crypto suppor

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

# apachectl -S # My Virtual Host configuration is: Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" ServerAdmin root@localhost ServerName www.example.com ServerAlias www.example.com DocumentRoot /var/www/wp Options Indexes FollowSymLinks AllowOverride

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

I would take a step back. The approach stated below is not only convoluted, but ignores the existing configuration. First, run apachectl -S to see what your existing vhosts are set up as. Then, from the default (first) vhost, you simply need a ServerName directive, and Redirect. The former is req

Re: [users@httpd] Forwarding IP to HTTPS. [EXT]

Thank you. I added that lines to my Virtual Host file but it show me "Your connection is not private". On Monday, October 12, 2020, 05:16:27 PM GMT+3:30, James Smith wrote: Yes - with Apache you put a default virtual host which redirects all traffic to your https server   RequestH

Re: [users@httpd] Forwarding IP to HTTPS.

On 10/12/2020 9:09 AM, Jason Long wrote: Thank you. I want when a user enter my server IP address in his\her browser then it forward to "https://mywebsite.com";. Most users will not enter an IP address, but rather a domain name. For those that enter a domain name (https://mywebstie.com) first

RE: [users@httpd] Forwarding IP to HTTPS. [EXT]

Yes - with Apache you put a default virtual host which redirects all traffic to your https server RequestHeader unset X-is-ssl Require all denied Require all granted ProxyPreserveHost on RewriteEngine on RewriteRule ^(.*)$ https://myservername.com%{REQ

Re: [users@httpd] Forwarding IP to HTTPS.

Thank you. I want when a user enter my server IP address in his\her browser then it forward to "https://mywebsite.com";. On Monday, October 12, 2020, 12:14:31 PM GMT+3:30, Antony Stone wrote: On Monday 12 October 2020 at 07:25:56, Jason Long wrote: > Hello, > Forwarding an IP addres

Re: [users@httpd] Forwarding IP to HTTPS.

On Monday 12 October 2020 at 07:25:56, Jason Long wrote: > Hello, > Forwarding an IP address to HTTPS domain is the task of Apache or SSL? What do you mean by "forwarding", and what protocol (presumably either HTTP or HTTPS) is being used by the client application which starts the connection (i