,
Mike
---
Michael D. Berger
m.d.ber...@ieee.org <mailto:m.d.ber...@ieee.org>
http://www.rosemike.net
but it might be less effort to just move your documentation into
> your app servers.
>
> HTH
>
> Michael
>
>
>
> Am 20.05.21 um 06:46 schrieb Michael D.:
>
> Hello user group.
>
> I maintain a website that authenticates users through an internal
> single-sign-o
Hello user group.
I maintain a website that authenticates users through an internal
single-sign-on app.
I have a documentation page that is publically viewable but I only want it
viewable after authentication. I've looked into .htaccess but I don't want
a separate login process for users to view
)
suspected an order problem in the includes, and sure enough, they were
out of order, which I corrected in under one minute. It now works with
no problem.
Thanks for your efforts and interest.
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
_
From: Michael
Interestinglet us know what you find.
Sent from my iPhone
> On Jan 4, 2016, at 9:06 PM, Michael D. Berger wrote:
>
> I don't think index.html was changed, but I only took a quick look.
> I have it backed up in a tgz file, so when the Linux box comes back up
> (maybe to
d.config slowly.
Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
_
From: Michael D. Wood [mailto:m...@itsecuritypros.org]
Sent: Monday, January 04, 2016 20:27
To: users@httpd.apache.org
Subject: Re: [users@httpd] Possible virus via httpd server
Was the in
Was the index.html file modified in anyway? Did it call the executable? Any
rewrites or any other files added to the path index.html resided?
Sent from my iPhone
> On Jan 4, 2016, at 8:21 PM, Michael D. Berger wrote:
>
> It was not overwritten. If you looked on the server, it was
It was not overwritten. If you looked on the server, it was just fine.
But an executable was delivered instead. In any case, it is gone
with the wind -- DBAN is now running on the server. Hopefully,
the reinstallation will work better.
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http
I tried the submission you suggest. It said it is an executable file,
suitable for my Linux box. I don't think I am about to run it. Note that
my ESET NOD32 virus software finds nothing wrong with it.
Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemik
.
Thanks,
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
> -Original Message-
> From: Keith Roberts [mailto:keith.robe...@ecric.nhs.uk]
> Sent: Monday, January 04, 2016 11:25
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] Possible virus v
Examining with Lemmy (A Windows version of VI), it looks like a binary file.
Size is 181.4 KB.
I am considering my favorite virus remover: DBAN, but it would take several
days work to
recover from that.
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
> -Origi
Using my WinXP Firefox client to access my previously working httpd 2.4
server
on Fedora 23 gets a file named 1OfvyQ5L instead of my index.html . Do you
think I have a
virus on my Linux box? I did notice that my iptables is not as tight as it
should be.
--
Michael D. Berger
m.d.ber...@ieee.org
> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de]
> Sent: Friday, January 01, 2016 19:07
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] LogMessage not working
>
> Am 01.01.2016 um 22:55 schrieb Michael D. Berger:
>
> -Original Message-
> From: Rainer Jung [mailto:rainer.j...@kippdata.de]
> Sent: Friday, January 01, 2016 05:56
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] LogMessage not working
>
> Am 01.01.2016 um 03:55 schrieb Michael D. Berger:
> > I a
Happy New Year!
Mike.
--
Michael D. Berger
m.d.ber...@ieee.org
http://www.rosemike.net/
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
You could potentially deny legitimate users access. I limit so many
connections per second per source IP. If I knew I were getting a ton of
traffic from a University I would have to adjust it accordingly.
The setting in pfsense is Maximum new connections / per second(s) -
that's per IP. My
Truthfully, I've always limited connections from the source IP via a
firewall before the traffic is even passed to apache.
On 08/01/2013 04:39 AM, Grant wrote:
Two different things come to mind. Kingcope found an Apache
byterange
vulnerability and the PoC code he wrote for it exhausts the
res
Burp Suite will do exactly this.
http://portswigger.net/burp/
On 07/31/2013 06:04 AM, Robin Becker wrote:
Not sure if I am using the right terminology, but I want to create a
forward proxy that will allow me to substitute locally controlled
content for some of the requests eg a specific remote
Two different things come to mind. Kingcope found an Apache byterange
vulnerability and the PoC code he wrote for it exhausts the resources on
a server running Apache. Only 1 instance of his perl script had to be
ran. LOIC is another that could possible DoS your server from one
source. What
You wouldn't keep a syn proxy rule enabled all the time; only under a
DoS attack. You could also implement ModSecurity.
On 07/29/2013 02:07 PM, Grant wrote:
Also, you should be able to limit simultaneous client connections
with your
firewall and pass the traffic in a syn proxy state. There are
Also, you should be able to limit simultaneous client connections with
your firewall and pass the traffic in a syn proxy state. There are
numerous ways to achieve this.
On 07/29/2013 03:18 AM, Michael D. Wood wrote:
You can always compile from source ;)
What version of Apache are you running
The only reason I asked was because I had done this before and had
the virtualhost created for port 443 but forgot to a2ensite on the
virtualhost.
On 07/29/2013 02:59 AM, Yuvapriya s wrote:
> Yes.. I
have configured Vhosts for port 443..
>
> On Fri, Jul 26, 2013 at 2:56
PM, Michae
You can always compile from source ;)
What version of Apache are you running?
On 07/29/2013 02:59 AM, Grant wrote:
Was it just an IP exhausting the apache service with too many
connections? What do you see in the access logs? I use OSSEC HIDS on
my apache servers to mitigate this.
In the ac
Was it just an IP exhausting the apache service with too many connections?
What do you see in the access logs? I use OSSEC HIDS on my apache servers to
mitigate this.
--
Sent from my mobile device
Michael D. Wood
www.itsecuritypros.org
Grant wrote:
>> My server has 4GB RAM and uses ng
Do you have a virtual host configured for the site SSL/443?
On
07/26/2013 05:15 AM, Yuvapriya s wrote:
> Hi
>
> We had done split
deployment of apache and tomcat and we are trying to configure ssl on
apache.
> Modified the httpd_ssl.conf file and uncommented the lines to
include mod_ssl.so
The new wireless router is configured the same way as your old
router was? As in, the same network configuration and I'm assuming the
server you have Apache running on has a static ip in the same network?
Not much that has to change - port forward to your server running
Apache.
What are you
> -Original Message-
> From: Michael D. Berger [mailto:m.d.ber...@ieee.org]
> Sent: Saturday, July 13, 2013 13:12
> To: users@httpd.apache.org
> Subject: RE: [users@httpd] RewriteCond to select by username
>
>
>
> > -Original Message-
>
> -Original Message-
> From: Eric Covener [mailto:cove...@gmail.com]
> Sent: Saturday, July 13, 2013 12:43
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] RewriteCond to select by username
>
> On Sat, Jul 13, 2013 at 12:41 PM, Michael D. Berger
> wr
On my fedora 16 box using httpd.x86_64 2.2.21-1.fc16, using SSL,
I tried:
...
RewriteCond %{REMOTE_USER} ^mike$
RewriteRule
...
and variations thereof.
My intention is to have the RewriteRule run iff "mike" is logged on.
It didn't work.
Thanks for your advice.
Mike.
--
Running:
# rpm -q httpd
httpd-2.2.3-31.el5.centos.4
On:
# uname -a
Linux mbrc20 2.6.18-164.15.1.el5 #1 SMP Wed Mar 17 11:37:14 EDT 2010 i686
athlon i386 GNU/Linux
Accessing a directory:
www.myplace.net/here/there/
where both "here" and "there" require httpd access, while
www.myplace.net/ does no
On Tue, 05 Apr 2011 14:28:34 -0400, Yehuda Katz wrote:
> [[RESEND]]
>
> On Tue, Apr 5, 2011 at 10:43 AM, Michael D. Berger <
> m_d_berger_1...@yahoo.com> wrote:
>
>> Same result, 403 when I do:
>> /server-status
>> I note that I also get 403 for:
>
On Tue, 05 Apr 2011 10:31:01 -0400, Yehuda Katz wrote:
> Thanks. I tried it and I still get 403.
>>
>>
> The next thing that I try is explicitly setting Allow from all: Order
> allow,deny
> Allow from all
Same result, 403 when I do:
http://my.stuff.net/server-status
I note that I also get 4
On Tue, 05 Apr 2011 09:56:08 -0400, Yehuda Katz wrote:
> The first thing I always try is removing/commenting the access control
> directives, something like this:
>
> SetHandler server-status
> # Order deny,allow
> # Deny from all
> # Allow from 192.168.9.0/24 127.0.0.1
>
> Then you will
On my CentOS 5 box with:
#rpm -q httpd
httpd-2.2.3-43.el5.centos.3
I tried to activate mod_status with:
ExtendedStatus On
SetHandler server-status
Order deny,allow
Deny from all
Allow from 192.168.9.0/24 127.0.0.1
I already have:
LoadModule stat
You should not need an update to Apache to run PHP 5.2.x All you should
need to do is rebuild/install PHP. To test, put a phpinfo() script in
your root directory. If it runs, you can look at the top of the output
and figure out which version of PHP you're accessing.
-Original Message-
Message-
From: Reeves, Michael D Civ 517 SMXS/MXDEC
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 09, 2008 8:20 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Problem with ./configure Apache 2.2.6
Hi, I'm having a problem installing a new webserver. I'm doing the
Hi, I'm having a problem installing a new webserver. I'm doing the
exact same procedure that I've used in the past (v 2.0.55, 2.0.59, and
2.2.4), but it no longer seems to be working.
I'm doing a custom layout. I've edited the config.layout file to match
what I'd done in the past, copying the fo
oft link name. I have tried numerous
combinations, and can make no sense of it. For example:
These fail:
Thess work:
In all cases, the correct links are in place.
You can see where my work-around is comming from.
Thanks for your help.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED
quot; made might be the problem, changed the order
by changing the first letter of the directory in question to upper
case (they are usually lower case). It made no difference.
Any suggestions would be much appreciated.
Mike.
--
Michael D. Berger
[EMAIL
Apache/1.3.33
ServerAlias
[A] Is there a limit to how long a ServerAlias can be? Characters?
Words?
[B] Can I use multiple (more than one) ServerAlias line? For large
numbers of aliases, this may improve readability and manageability.
What do you think?
--
Best Regards,
mds
mds res
If nothing else is suggested, I think that this could be done
with NetFilter (http://www.netfilter.org/). Hopefully, something
else will be suggested.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Bart Heinsius [mailto:[EMAIL PROTECTED]
> Sen
note, however, that,
as verified by debug logging, the arguments following ?
do appear in argv of index.cgi (C++), suggesting that RewriteRule
does see the arguments. Aside from that, I wonder if there is any
reason not to use argv[0] to determine the current directory? (I
note that in some cases ot
> -Original Message-
> From: Rich Bowen [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 01, 2005 7:24 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] unexpected RewriteRule behavior
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
&
> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
[...]
> [...]
> > From: Rich Bowen [mailto:[EMAIL PROTECTED]
> [...]
> > Michael D. Berger wrote:
> > > The following:
> >
> > >RewriteCond %{
[...]
> From: Rich Bowen [mailto:[EMAIL PROTECTED]
[...]
> Michael D. Berger wrote:
> > The following:
>
> >RewriteCond %{REQUEST_URI} !^.*/picts/.*$
> >RewriteRule ^/(.*/)?$ /index.cgi [L]
> >
> > sends
> >GET /favicon.ico
> >
Sorry, I forgot to mention: RH-E-WS-4 httpd-2.0.52-9.ent
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> Sent: Monday, October 31, 2005 9:24 PM
> To: Apache-Users
> Subject: [EMAIL PROTECTED] unexpec
because it
does not appear to match any pattern. Wherein do
I err?
Thanks for your help.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http
.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTEC
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Saturday, August 06, 2005 10:19 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Block File Types
>
>
> On 8/6/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
>
I would like to prevent Apache 2.0 from sending any
file of a particular type. In my VirtualHost I put:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^.*notThis\?*$
RewriteRule ^.*$ /zzz [L]
Is there a better way?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Saturday, August 06, 2005 11:40 AM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Block File Types
>
>
> On 8/6/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
>
I have not been able to get Redirect to work. Particulars
are below. Advice would be much appreciated.
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
--
DNS has cnames www.mysite.net and test.mysite.net
Linksys routes port 80 to 192.168.1.10
On 192.168.1.10, running RH-E-WS-3:
(I
Very interesting. Do you think that it is better
than syslog for my purpose?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Bohumil Holubec [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 20, 2005 10:33 PM
> To: users@httpd.apache.org
&
cgi.2, etc. that I think syslog will
generate.
Further suggestions much appreciated.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Boyle Owen [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 20, 2005 4:21 AM
> To: users@httpd.apache.org
> Subj
g(LOG_INFO,"entered");
closelog();
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.htm
just sent to the list.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: herauthon [mailto:[EMAIL PROTECTED]
> Sent: Saturday, June 11, 2005 9:16 AM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] Missing User-Agent:
>
>
>
hernet frame size, which to me,
does not make sense.
Thanks for your help,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apac
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Sunday, June 05, 2005 9:52 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Missing User-Agent:
>
>
> On 6/5/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
>
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Sunday, June 05, 2005 12:03 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] Missing User-Agent:
>
>
> On 6/4/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
> &
I notice that Apache 2.0 rejects, with a 403,
a GET that does not have a User-Agent header,
and I to get some of these.
Why do I get them?
Why are they rejected?
Thanks,
Mike
--
Michael D. Berger
[EMAIL PROTECTED]
-
The
Here is an excerpt from a GET packet from IE-6.0-SP-1 on Win2k:
Accept-Language: en-us\r\n
XXX: X\r\n
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)\r\n
What are all these X's?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROT
Indeed, one "non-standard" link had to be corrected.
Later I'll run find...grep to check for other problems.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED]
> Sent: Saturday, Jun
Problem solved by pathcing the href in the outgoing response.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> Sent: Saturday, June 04, 2005 12:34 AM
> To: users@httpd.apache.org
> Subject: RE: [
I have a legacy tree with numerous branches, and many relative links.
I was hoping to get it all with one CGI.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Dan Mahoney, System Admin [mailto:[EMAIL PROTECTED]
> Sent: Saturday, June 04, 2005 12:3
I do?
1. I could carry the last path in a cookie and construct
the full path. But this would only work for nodes
that accept cookies.
2. I could change all the paths to absolute. Much much
work.
Any better suggestions?
Thanks in advance.
Mike.
--
Michael D. Berger
[EMAIL
> -Original Message-
> From: Michael D. Berger [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 23, 2005 10:25 PM
> To: users@httpd.apache.org
> Subject: RE: [EMAIL PROTECTED] one cookie for all html
>
>
>
>
> --
> Michael D. Berger
> [EMAIL PROT
--
Michael D. Berger
[EMAIL PROTECTED]
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Monday, May 23, 2005 9:33 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] one cookie for all html
>
>
> On 5/23/05, Michael D.
> -Original Message-
> From: Joshua Slive [mailto:[EMAIL PROTECTED]
> Sent: Sunday, May 22, 2005 12:01 PM
> To: users@httpd.apache.org
> Subject: Re: [EMAIL PROTECTED] one cookie for all html
>
>
> On 5/20/05, Michael D. Berger <[EMAIL PROTECTED]> wrote:
install
There is plenty of action, but my old version is not
replaced.
For what it is worth, in the make directory, I note
a new file named httpd, with a size of 6389. This
seems rather small.
Thanks in advance for your advice.
Mike.
--
Michael D. Berger
[EMAIL PROTECTED
I would like to manage one cookie for all the
myriad files in my tree. This would be easy if
the one cgi script in the root were called
irrespective of the contents of the GET.
Can this be done? How?
Thanks,
Mike.
--
Michael D. Berger
[EMAIL PROTECTED
70 matches
Mail list logo
