Hi;
On Wed, Jul 31, 2024 at 12:04 PM Marijn Schops | HostYou
wrote:
>
> It feels like I’m missing something very obvious, can anyone point me in the
> right direction?
Possibly https://bz.apache.org/bugzilla/show_bug.cgi?id=69203
Rega
1 in handshake (server
hostname:port)" and "SSL Library Error: error:1417C0C7:SSL
routines:tls_process_client_certificate:peer did not return a
certificate") if the client isn't providing a certificate.
You should probably remove them if you only want mtls with t
on/index.php?type=view&ids=$1&uri=$1";
Possibly using the "DefaultValue" (i.e. not found) as described in [1]:
RewriteRule "/content/view/([0-9]{6})/?"
"${lsv2ids:$1|https://linuxsecurity.com/redi
Host" header (i.e.
HTTP_X_FORWARDED_HOST in cgi/php) with the value of defaulthost, when
forwarding the request to proxyhost. This is the default behaviour,
unless "ProxyAddHeaders off".
Regards;
Yann.
-
To uns
(or were made available by
the system) after the last accept() call, which is the race condition
that httpd can do nothing about unfortunately.
How much does it improve compared to non-patched httpd, how many reset
connections without the patch?
If not significant I don't think it&#x
On Tue, Jan 30, 2024 at 11:54 AM Yann Ylavic wrote:
>
> On Tue, Jan 30, 2024 at 4:37 AM Sherrard Burton wrote:
> >
> > i was going to add some debugging lines, but when i took a quick look at
> > the patch, i wasn't clear on which sections of the code i should be
&
> some gratuitous logging in the appropriate sections so that there will
> be positive affirmation that the patch has (or hasn't) been applied and
> is falling into the expected sections?
Sure, here is a v2 (which also includes a fix w.r.t. v1).
Regards;
Yann.
On Mon, Jan 29, 2024 at 4:59 PM Sherrard Burton wrote:
>
> On 1/29/24 10:17 AM, Yann Ylavic wrote:
> > On Mon, Jan 29, 2024 at 3:06 PM Eric Covener wrote:
> >
> > The patch helps in this case because we no longer close the listening
> > sockets unconditionally, I
On Mon, Jan 29, 2024 at 4:21 PM Eric Covener wrote:
>
> > > It seems to me If there is no such LB/VIP that stops new connections
> > > from landing on this server, the new option should be avoided.
> >
> > Correct.
> >
> > > But if there is such a LB/VIP, the option is not really needed. Is it
>
er
> > or a tcp/bpf filter), otherwise they may never really stop which does
> > not help for a graceful stop/restart obviously. So this change (if
> > useful) should be guarded by a GracefulDrain on/off or something
> > config option to not hurt the other use cases.
>
>
On Mon, Jan 29, 2024 at 2:23 PM Yann Ylavic wrote:
>
> On Sun, Jan 28, 2024 at 5:26 AM Sherrard Burton wrote:
> >
> > On 1/27/24 09:46 PM, Eric Covener wrote:
> > >
> > > Both worker and event MPMs have a dedicated listener thread per child
> > >
ay, with
this change the effective stop could be longer (so long as there are
incoming/pending connections routed to each child by the system), it
could even last forever theoretically if connections keep coming
indefinitely..
Regards;
Yann.
Index: server/mpm/event/event.c
===
On Tue, Jan 23, 2024 at 5:22 PM Yann Ylavic wrote:
>
> On Tue, Jan 23, 2024 at 11:55 AM Erik Thuning wrote:
> >
> > I have a tomcat application running that accepts websockets. In front of
> > this application I'm running apache as a reverse proxy. SSL is
> >
r elaboration in the log.
You could set "LogLevel trace8" in the VirtualHost to get more/full information.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
alues explicitly.
I don't know of a setting/module which would show all the effective
configuration, it would probably not be easy to write/maintain
(dumping the internal structures).
Maybe if it's not shown by mod_info it could be considered that the
default applies, and the
y options for now are to use a patched version of httpd or
wait for the next release.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
orrect or are the not the same?
Yes, they should be the same. Upgrade only takes place when requested
AND accepted/switched by the backend server.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Wed, May 31, 2023 at 4:39 PM Yann Ylavic wrote:
>
> On Wed, May 31, 2023 at 2:52 PM Josef Wolf wrote:
> >
> > On Wed, May 31, 2023 at 10:58:27AM +0200, Yann Ylavic wrote:
> > > On Thu, May 25, 2023 at 2:38 PM Josef Wolf wrote:
> > > >
> > >
On Wed, May 31, 2023 at 2:52 PM Josef Wolf wrote:
>
> On Wed, May 31, 2023 at 10:58:27AM +0200, Yann Ylavic wrote:
> > On Thu, May 25, 2023 at 2:38 PM Josef Wolf wrote:
> > >
> > > I am trying to use apache as a proxy to pass requests to a
L connection from the
> SSL context
> [Thu May 25 13:34:04.690700 2023] [ssl:error] [pid 2259] SSL Library Error:
> error:140BA0C3:SSL routines:SSL_new:null ssl ctx
Do you build httpd by yourself? Which OS / httpd / openssl version? It
looks like httpd (mod_ssl) links/runs against an openssl version
di
o, do you see errors in the error_log file? Maybe "LogLevel
mpm_event:trace1" could help see what happens while not being too
verbose.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
for requests using local IP addresses directly or
other/unknown/unlistable local domain names, you probably should have
a look at how hosts are resolved on the local DNS when requests are
misdirected.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Fri, Mar 31, 2023 at 2:46 PM Yann Ylavic wrote:
>
> On Fri, Mar 31, 2023 at 2:27 PM Yann Ylavic wrote:
> >
> > Hello,
> >
> > On Fri, Mar 31, 2023 at 8:18 AM Stefan Helmert wrote:
> > >
> > > in my setup, httpd runs on a specific u
On Fri, Mar 31, 2023 at 2:27 PM Yann Ylavic wrote:
>
> Hello,
>
> On Fri, Mar 31, 2023 at 8:18 AM Stefan Helmert wrote:
> >
> > in my setup, httpd runs on a specific uid and delegates transfers to
> > mpm_itk with AssignUserIDExpr %{reqenv:MAPPED_USER} dynamic uid.
bout
this MPM), but it looks like it could work..
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
upport for openssl-1.1.1 in any maintained httpd version.
In any case, the questions about maintenance times/deadlines concern
more the vendors/distros than the httpd project itself.
Regards;
Yann.
-
To unsubscribe, e-ma
On Tue, Feb 14, 2023 at 6:56 PM Yann Ylavic wrote:
>
> On Tue, Feb 14, 2023 at 1:13 PM 유원석 wrote:
> >
> > Hello
> > I was trying to cross-compile apache to no avail
> > How can I fix this error below?
>
> Can you try the attached patch?
Possible adding ap_c
On Tue, Feb 14, 2023 at 1:13 PM 유원석 wrote:
>
> Hello
> I was trying to cross-compile apache to no avail
> How can I fix this error below?
Can you try the attached patch?
Regards;
Yann.
Index: configure.in
===
---
pd/commit/8b800c1457aee40d871e07470c1a962bf3e25de3
Patching 2.4.54 with
https://github.com/apache/httpd/commit/8b800c1457aee40d871e07470c1a962bf3e25de3.patch
should work.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apach
sReverse /myapp balancer://mybalance/myapp
How are your BalancerMember(s) defined in the block?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
just trying to get the local path immediately.
>
> It cannot be reproduced as well and there's no specific periodicity for this
> failure.
> Anything i'm missing? Any more debug to turn on?
Which httpd MPM and mo
ssible reasons and solutions.
You are possibly hitting this bug:
https://bz.apache.org/bugzilla/show_bug.cgi?id=66004
The fix is not released yet but there is a patch available here:
https://patch-diff.githubusercontent.com/raw/apache/httpd/pull/313.di
On Tue, May 3, 2022 at 5:44 PM Yann Ylavic wrote:
>
> On Mon, May 2, 2022 at 8:24 AM Ivan Ionut wrote:
> >
> > I'm trying to set a virtual host on apache2 with this configuration.
> >
> >
> > ServerName mysite.com
> > ServerAlias www.mysite.co
On Mon, May 2, 2022 at 8:24 AM Ivan Ionut wrote:
>
> I'm trying to set a virtual host on apache2 with this configuration.
>
>
> ServerName mysite.com
> ServerAlias www.mysite.com
>
>
> Define directory_path /srv/http/mysite
>
>
> Define directory_path /srv/http/under_construc
On Fri, Apr 15, 2022 at 3:50 PM Yann Ylavic wrote:
>
> On Fri, Apr 15, 2022 at 2:16 PM 刘孟 wrote:
> >
> >
> > What I want to ask is, will these 1000 sub processes fail at the same time,
> > causing my httpd serivce to stop responding.But I think you have given th
ectionsPerChild at some point (without being restarted) hence
move towards MinSpareservers, until the next peak..
So you should find the MaxConnectionsPerChild setting that does kill
processes too often at load peak but still kills enough processes
after the peak (during the ramp down).
Regards;
rChild have failed..
Did you think of a cron job (or a trigger) that explicitely restart
httpd (gracefuly) just after the DNS have switched?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ms] (mean)
Time per request: 0.020 [ms] (mean, across all concurrent requests)
Transfer rate: 67540.43 [Kbytes/sec] received
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Fri, Mar 18, 2022 at 8:27 AM Marc Serra wrote:
>
> Thank's for your comments Frank,
>
> Reading the Apache documentation
> (https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html#threadlimit)
> I cannot find the way to calculate an optimal value for ThreadLimit
> and ThreadsPerChild directive
th/to/pcre \
> --with-ssl=/path/to/ssl
It should probably be "--with-pcre=/path/to/pcre-config", pointing to
the pcre-config file rather than pcre the installation directory.
Regards;
Yann.
-
To unsubscribe, e-mail: u
e
certificate file (see
https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile).
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
[Match] without mapping=servlet and then
RewriteRules/, but then they need to take path
parameters into account in the regexes (which is not very practical if
not impossible in some cases).
Best of both worlds where httpd does application specific
normalization and restores it across all possib
On Thu, Mar 3, 2022 at 12:24 PM Yann Ylavic wrote:
>
> Hi Hendrik;
>
> >
> > after reading your commit comment in https://svn.apache.org/r1898509 I
> > realised that one important test case is missing:
> > What happens if mod_rewrite manipulates the URL of a tar
ri but keeps proxying (like in the above
example).
Isn't:
RewriteRule "^/alpha/gobeta/(.*)$" http://server2.localnet:8080/beta/$1 [P]
(or alike) what you are looking for in the above example?
Regards;
Yann.
-
To u
Hi,
>
> I have applied your patch to my httpd-2.4.52 and created two test cases.
> One with a simple RewriteRule and a second one using a RewriteMap.
> Both are working fine. :-)
Thanks for testing! Now checked in https://svn.apache.org/r1898509
R
m warning just in case..).
Anyway, could you please try the attached patch and see if it works for you?
Regards;
Yann.
Index: modules/mappers/mod_rewrite.c
===
--- modules/mappers/mod_rewrite.c (revision 1898463)
+++ modules/mappers/m
k users mailing list
[1], we can't answer your questions here (Apache HTTP Server users).
Regards;
Yann.
[1] https://cloudstack.apache.org/mailing-lists.html
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For ad
MIT in
/opt/local/apr-1.7.0/include/apr.h ?
Please show the "config.log" file from the apr-1.7.0 build.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Tue, Oct 26, 2021 at 7:36 PM Patrick Verdon
wrote:
>
> Do you know who maintains mod_php, is it worth following up with them?
I'd suggest reporting the issue to the php maintainers (https://bugs.php.net/).
It may ring a bell there..
Re
xxx -Wl,-Bdynamic' belongs more in LIBS=...
Also note that you could use NOTEST_LDFLAGS and NOTEST_LIBS (instead
of LDFLAGS and LIBS) for them to apply to the httpd linking only (they
won't be added to all the gcc tests run by ./configure). They need to
be correct still, otherwise ./
Client side: Proxy/Backend side:
Timeout N <=> timeout=N
KeepAlive On/Off <=> enablereuse=On/Off
KeepAliveTimeout N <=> ttl=N
[*Always On*] <=> keepalive=On/Off
Hope that helps..
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
d be a "/tmp/core" (or "/tmp/core.[pid]")
file which can be analysed with the gdb debugger, by using these
commands:
$ gdb /usr/sbin/httpd /tmp/core[.pid]
[and once in gdb with the "(gdb)" prompt]
(gdb) thread apply all bt
Please paste the result here.
Regards;
Yann.
2021] [lbmethod_heartbeat:notice] [pid 3581]
> AH02282: No slotmem from mod_heartmonitor
Likewise you probably don't need lbmethod_heartbeat and several
modules in your list, so I'd suggest that you cleanup your LoadModules
a bit, ideally to the strict minimum needed.
Regards;
Yan
e openssl recently?
What are your SSLRandomSeed settings?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Fri, Jul 2, 2021 at 2:09 PM RONDEC JUNE RUBIO
wrote:
>
> I have not tried to repro the issue with higher version. Is it known issue?
Not to me (doesn't ring a bell). But I'm not very inclined to
investigate if it's already f
:
> Core was generated by `/usr/sbin/httpd -k start -D SSL'.
> Program terminated with signal SIGILL, Illegal instruction.
> #0 ap_die (r=0x7f9403ba08, type=-1811695096) at
> /usr/src/debug/apache2/2.4.41-r0/httpd-2.4.41/modules/http/http_request.c:817
Can you still rep
On Fri, Jun 18, 2021 at 10:35 AM Yann Ylavic wrote:
>
> Hi Daniel,
Hi Nick, sorry.. (Hi Daniel too though!)
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: u
t;
>> >> Header add Set-Cookie "RZ2ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/"
>> >> env=BALANCER_ROUTE_CHANGED
And "path=/rz2" here ?
>> >> BalancerMember http://www.fox.com route=03
>> >> BalancerMember http://ww
Hi,
On Tue, Jun 1, 2021 at 5:24 PM Carlos Castro wrote:
>
>
>
[]
> ProxyRequests On
You probably should remove the above line (which is not in the non-SSL
virtual host by the way).
Regards;
Yann.
-
To un
tSTACK= on systemd), depending on the loaded modules and their
stack "consumption".
I usually run httpd with "ulimit -s 512" (KB) without issues, but this
needs testing in your environment (i.e. no crash)..
Regards;
Yann.
---
think of a workaround.
Does the attached patch working for you?
Regards;
Yann.
Index: modules/proxy/mod_proxy_hcheck.c
===
--- modules/proxy/mod_proxy_hcheck.c (revision 1888249)
+++ modules/proxy/mod_proxy_hcheck.c (working co
, my mod_ssl should be linked with the libssl.so (/opt/openssl/ssl) not
> with the default (/lib/x86_64-linux-gnu/)
Try adding LDFLAGS='-L/opt/openssl/ssl/lib
-Wl,-rpath,/opt/openssl/ssl/lib' here too in addition to (or even
instead of) the CFLAGS.
Regards;
Yann.
---
doing wrong? And How can I fix it?
httpd itself needs no link to openssl, mod_ssl does though.
So you should have a look at:
# ldd /etc/apache2/modules/mod_ssl.so
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
2.4.
If you don't build httpd yourself, you may want to ask on apachelounge
that they create a version including it (possibly Steffen is listening
here anyway and can help ;)
Regards;
Yann.
[1] https://svn.apache.org/r1888266
-
gt; >
>
> could be a duplicate of https://bz.apache.org/bugzilla/show_bug.cgi?id=59798
If so it should be fixed in APR-1.7.0, which APR version are you using Michael?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@
pareThreads $numWorkers / 2
MaxRequestWorkers$numWorkers
MaxConnectionsPerChild 0
Hth..
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
, so httpd has to make 5
new idle threads available (actually 5 children processes with
ThreadsPerChild=1) to honor MinSpareThreads=5.
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For add
On Thu, Feb 25, 2021 at 1:44 PM Brian Wolfe wrote:
>
> Are you sure that you have any MD5 ciphers enabled.
Wrong thread?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional comma
h the takes place
(VirtualHost, directory, location..), the server needs to know the
request header, thus negotiate TLS with the user-agent already.
Chicken and egg..
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@http
se some "automatic" routing can be performed like in
https://httpd.apache.org/docs/2.4/en/mod/mod_proxy_balancer.html#example
(the one using mod_headers).
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.
APR-1.7.0 still.
Regards;
Yann.
[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=61786
On Tue, Feb 9, 2021 at 11:07 AM Gabriele Bulfon
wrote:
>
> Hi, I finally could produce the httpd blocked problem and ran a script to
> dump stack of all running processes/threads.
> They strang
Thanks Kyle.
Since this fix resulted in two 2.4 changes actually, it's possibly
worth mentioning them to the redhat team, that could help them:
- http://svn.apache.org/r1701404
- http://svn.apache.org/r1701405
Regards;
Yann.
On Mon, Feb 8, 2021 at 5:27 PM Kyle Hansen wrote:
>
> Good
n
> Apache 2.4.17 entitled
>
> *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.
> PR 57868. [Jose Kahan < jose w3.org>, Yann Ylavic]
[]
> Unfortunately, my Apache now doesn't have the benefits of RHEL if I go this
> route
You may want t
On Thu, Jan 14, 2021 at 2:14 PM Yann Ylavic wrote:
>
> You could use a "ProxyPass ... ttl=[timeout]" on the proxy with
> [timeout] < KeepAliveTimeout on the backend (say the KeepAliveTimeout
> on the backend's vhost is 5, try ttl=3 in the proxy's ProxyPass
>
happen on well established connections.
I may be missing something though, so this first step could help already..
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
.. "; key=value"
else
cookie_in = "key=value"
end
r.headers_in['Cookie'] = cookie_in
work?
> > return apache2.OK
> > end
> > return apache2.DECLINED
>
t; 703 return errno;
> 704 }
Here m->shmkey is then the result of our_ftok(filename).
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Fri, Dec 11, 2020 at 5:43 PM Yann Ylavic wrote:
>
> On Fri, Dec 11, 2020 at 5:10 PM Wendell Hatcher
> wrote:
> >
> > Hi All, quick question. The APR_USE_SHMEM_SHMGET defined option within
> > the shm.c file what does it do exactly and can we set the option to
POSIX semaphores mechanism instead with
"./configure --enable-posix-shm ...", which is usually a good
alternative "suffering" less from system limits than IPC SysV, since
limits are then the filesystem's maximum number of inodes (as opposed
to 127.0.0.1:3002.
If you can't find this piece of configuration you can send me the full
"apache2\conf" archive (privately if you prefer).
Since Redmine seems to run on port 3001 (not 3002), the fix would be
to replace 127.0.0.1:3002 by 127.0.0.1:3001 in the httpd proxy
settings..
Rega
ge ((\s+=)|(=\s+)) = early
work better?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Tue, Dec 8, 2020 at 12:18 PM Ran Mozes wrote:
>
>
> http_request.c(440): [client 10.xxx.xxx.xx:x] Range: bytes=
> 7168-414976430
>
> Looks like this causes to fail serve the request.
Which error exactly does the log show
on which httpd really can't know about..
If Redmine crashed (which could explain why there are no logs on its
side), you should see something like "child pid exit signal..."
in one of the log files.
Possibly you could ask on Bitnami forums how to get more traces from Redmine.
Hth
On Mon, Dec 7, 2020 at 6:33 PM Wendell Hatcher
wrote:
>
> Yann, quick question would it be ok to have a cronjob running daily maybe at
> slow periods that runs a script to delete the sephmore segments using a
> script while apache is running? It shouldn't cause issues with the
test Remine locally, via 127.0.0.1 .
Do all the POST requests fail or only some of them?
If some requests succeed, it may be a problem of connection reuse
between Redmine (running on 127.0.0.1) and the httpd proxy (configured
to forward the requests to localhost).
Regards;
Yann.
---
at kind of duplicates there may be..
On Sun, Dec 6, 2020 at 8:21 PM Wendell Hatcher
wrote:
>
> Let me gather this information from one of our servers next week. I will
> provide a little more background information tomorrow as well.
>
> On Sat, Dec 5, 2020, 7:08 PM Yann Ylavic wrote:
d potential duplicates), the
error_log of all the instances may help too (with LogLevel debug,
still).
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ers ([1]).
So your section could be something like:
ProxyPass "http://127.0.0.1:8080/apps/";
ProxyAddHeaders on
Regards;
Yann.
[1] https://httpd.apache.org/docs/2.4/en/mod/mod_proxy.html#proxyaddheaders
---
On Fri, Jun 19, 2020 at 4:20 PM Yann Ylavic wrote:
>
> On Thu, Jun 18, 2020 at 8:03 PM Danny Mallory wrote:
> >
> > Anyone here know a good way to tell what Apache may be chewing up memory on?
>
> Do you have MaxMemFree configured already
> (https://httpd.apache.org/d
r instance) help?
Regards;
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
Hi Madhan,
wrong list, consider asking on us...@tomcat.apache.org instead.
Regards;
Yann.
On Wed, Jun 3, 2020 at 3:07 AM Madhan Raj wrote:
>
> Hi all,
>
> this is my connector tag
> scheme="https" secure="true"
> protocol="org.apache.coyote.http11.
r, no connection reuse etc..
The usual way to declare a proxy worker, and its parameters, without
any particular path mapping is:
ProxySet secret=my_secret
Then "ajp://IP:PORT" can be mapped to any path with either a ProxyPass
or
by timeouts or
(maliciously-)slow clients, you should have a look at AcceptFilter
([1]) and/or mod_reqtimeout ([2]).
Regards,
Yann.
[1] https://httpd.apache.org/docs/2.4/mod/core.html#acceptfilter
[2] https://httpd.apache.org/docs/2.4/en/mod/mod_reqtimeout.html
-
IRC, on RHEL/centos, you need selinux context "httpd_sys_content_t"
for read access, `chcon` command may be your friend here.
Regards,
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
On Sat, Apr 25, 2020 at 1:24 PM baptx wrote:
>
> @Yann: About your last reply suggesting Require expr "%{REMOTE_ADDR} !=
> %{CONN_REMOTE_ADDR}":
> I want to restrict access on some virtualhosts only because I want to use
> some domain names without Cloudflare.
>
On Sat, Apr 25, 2020 at 12:24 AM Yann Ylavic wrote:
>
> On Sat, Apr 25, 2020 at 12:17 AM Yann Ylavic wrote:
> >
> > Hi,
> >
> > On Fri, Apr 24, 2020 at 10:49 PM bapt x wrote:
> > >
> > > Is there a way to have the same functionality a
On Sat, Apr 25, 2020 at 12:17 AM Yann Ylavic wrote:
>
> Hi,
>
> On Fri, Apr 24, 2020 at 10:49 PM bapt x wrote:
> >
> > Is there a way to have the same functionality as the directive
> > DenyAllButCloudflare from mod_cloudflare when using mod_remoteip?
> > I
rustedProxyList /path/to/proxies.list
RewriteEngine on
RewriteCond expr "%{REMOTE_ADDR} != %{CONN_REMOTE_ADDR}"
RewriteRule ^ - [F]
With "proxies.list" containing the same list as mod_cloudflare's ([1]).
Hth,
Yann.
[1]
https://github.com/cloudflare/m
gest something more precise without knowing about
your needs and environment...
Regards,
Yann.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
ith Apache httpd server.
> >
>
> There's a large patch somewhere in bugzila.
I see two PRs in my mail archive:
https://bz.apache.org/bugzilla/show_bug.cgi?id=51757
https://bz.apache.org/bugzilla/show_bug.cgi?id=55178
Hth..
Regards,
Yann.
---
1 - 100 of 426 matches
Mail list logo
