Re: [EMAIL PROTECTED] Different security based on network interface

AragonX wrote: > and external users (customers). There are some web applications that I > would like to have available to internal users but require external users > to have a password to access the directory Can you distinguish internal user from external ones? If so, you can use the 'Satisfy' d

[EMAIL PROTECTED] New authentication framework in Apache 2.1

Hello, >From what I've read, the authentication API has been rewritten in Apache 2.1. >As there is not many docs at http://mod-auth.sourceforge.net/docs/ (link to "Changes from 2.0" is broken), I want to know more. One of the things I've been disappointed with in Apache 1.3 or 2.0 is that authent

[EMAIL PROTECTED] Backup Apache web servers

Hi everyone,   i wanted to backup web files, and configuration files from my apache server, mysql server and mailmain server. is there any other scripts to automate this process. I wanted to tar the whole directory especially the web files, zip it and upload to the windows FTP server.   Ple

Re: [EMAIL PROTECTED] Different security based on network interface

On 9/13/05, AragonX <[EMAIL PROTECTED]> wrote: > Hello all, > > I am trying to secure my web server. It serves internal users (employees) > and external users (customers). There are some web applications that I > would like to have available to internal users but require external users > to have

RE: [EMAIL PROTECTED] Different security based on network interface

This may be a stupid answer, but isn't it easily possible to set up the interfaces (or firewall, or both) so they reject source IP addresses in the wrong I/F? Or am I missing the point? David | On 9/13/05, AragonX <[EMAIL PROTECTED]> wrote: | > Hello all, | > | > I am trying to secure my web ser

[EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Hi list,    We have Apache 1.3 running on debian (172.16.2.0). We have several name based virtual hosts that we use for development. Now we need a virtualhost with SSL support. After going through the docs I found that SSL with Name based virtual host is not possible. So I'll need an IP based virt

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Arun G Nair wrote: > use for development. Now we need a virtualhost with SSL support. After > going through the docs I found that SSL with Name based virtual host is > not possible. Who said so? It is possible, the only problem is that all the SSL-enabled virtual hosts will use the same certificat

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

If its possible, how ? I haven't created any certs, just used that came default.On 9/13/05, Davide Bianchi <[EMAIL PROTECTED] > wrote:Arun G Nair wrote:> use for development. Now we need a virtualhost with SSL support. After > going through the docs I found that SSL with Name based virtual host is>

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Arun G Nair wrote: > If its possible, how ? You need to have both the 'Listen' directives, one for port 80 and one for port 443, then you need two 'NameVirtualHost' directives, one for port 80 and one for port 443, then you need to specify which VHosts respond on port 80 and which on port 443, the

[EMAIL PROTECTED] htpasswd -c -m -b validation

hi i ve the http password file which is encrypted using htpasswd -c -m -b command i.e the password which is encrypted using md5 algorithm .i want to validate the user input password against the stored encrypted password thank u iyappan -

[EMAIL PROTECTED] Reg htpasswd

hi i ve the http password file which is encrypted using htpasswd -c -m -b command i.e the password which is encrypted using md5 algorithm .i want to validate the user input password against the stored encrypted password thank u iyappan --

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

> Of course you could > get away with it by having only sub-domains, like thishost.domain.com, > anotherhost.domain.com and so on, and the certificate having > *.domain.com. > Interesting. and how do you generate a certifcate for a whole domain.com ? As far as I know CA like verisign does not s

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Jérôme Tytgat wrote: > and how do you generate a certifcate for a whole domain.com ? > As far as I know CA like verisign does not support things like this : No they don't, I was referring to a self-signed certificate, since (AFAIU) we were talking about testing/development. Davide -- NT is the

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on sameserver.

hi, Thanks for your input. What we are facing is 1. I have encrypted file using the command htpasswd -c -m -b filename username password The output was stored in file. admin:$apr1$g3X.i/..$NZYMsYERfm1obRrWUy9aq. I found out admin is username. I want to validate the user admin. I am ge

[EMAIL PROTECTED] Windows Server 2003 SP 1 and Apache 2.0.52

Hi guys After I installed Service Pack 1 for Win 2003, I keep on getting the following errors when trying to access one of my ISAPI dll's on Apache 2.0.52. I assume it's got something to do with incompatibility between mod_isapi and Win 2003 SP 1: --- Apache.exe - Applicat

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

> > No they don't, I was referring to a self-signed certificate, since > (AFAIU) we were talking about testing/development. > > Davide > Oh. Ok. Is there any reasons about that as cacert.org is free, there's no restrictive idea about "how many certificate I can generate" ? Jerome.

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

I think I've found a good answer : http://wiki.cacert.org/wiki/VhostTaskForce#head-7d528898908190ce2585e6a8158d07ce42230724 Jérôme Tytgat a écrit : >>No they don't, I was referring to a self-signed certificate, since >>(AFAIU) we were talking about testing/development. >> >>Davide >> > > > Oh.

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Jérôme Tytgat wrote: > Is there any reasons about that as cacert.org is free, there's no restrictive > idea about "how many certificate I can generate" ? Well, the whole point of the 'certificate' is to guarantee that you are whoever you claim to be (actually, not you but your system). So a self-

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

For certificates - http://slacksite.com/apache/certificate.html BTW, I have a spare IP. But can't get ssl to work. Relevant parts from httpd.conf include: httpd.conf- Listen 172.16.2.0:80Listen 172.16.2.10:443skip## mod_ssl ## AddType application/x-x509-ca-cert

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Arun G Nair wrote: > NameVirtualHost 172.16.2.0:80 > > If you used 172.16.2.0:80 in the NameVirtualHost directive, you need to repeat it in all the VirtualHost blocks. > # SSL Virtual Hosts > > http://172.16.2.10:443>> And I hope those http://httpd.apache.org/userslist

[EMAIL PROTECTED] Regarding htpasswd

hi, What we are facing is 1. I have encrypted file created by using this command htpasswd -c -m -b filename username password The output was stored in file. admin:$apr1$g3X.i/..$NZYMsYERfm1obRrWUy9aq. I found out admin is username. I want to validate the user admin and encrypted passwo

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

On 9/13/05, Davide Bianchi <[EMAIL PROTECTED]> wrote: Arun G Nair wrote:> NameVirtualHost 172.16.2.0:80 >> If you used 172.16.2.0:80 in the NameVirtualHost directive, you needto repeat it in all the VirtualHost blocks. Ok changed it, 'n restarted. Now it says connection

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Arun G Nair wrote: > Ok changed it, 'n restarted. Now it says connection refused. posrt > 80 is not listening ? 'netstat -an' shows 172.16.2.0.80 No it is listening, but you need to connect to THAT ip address, not 127.0.0.1 (or localhost). So adjust your host file to map your various server n

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

On 9/13/05, Davide Bianchi <[EMAIL PROTECTED]> wrote: Arun G Nair wrote:>  Ok changed it, 'n restarted. Now it says connection refused. posrt> 80 is not listening ? 'netstat -an' shows 172.16.2.0.80No it is listening, but you need to connect to THAT ip address, not 127.0.0.1 (or localhost). So

Re: [EMAIL PROTECTED] New authentication framework in Apache 2.1

On Tuesday 13 September 2005 08:26, Julien ALLANOS wrote: > Hello, > > From what I've read, the authentication API has been rewritten in Apache > 2.1. As there is not many docs at http://mod-auth.sourceforge.net/docs/ > (link to "Changes from 2.0" is broken), I want to know more. Have you written

[EMAIL PROTECTED] High memory usage on new server

I'm having a memory usage problem and hoping I can find a solution. I'm moving from 32 bit Fedora Core 4 to 64 bit Fedora Core 4 on a new server. The problem is that the individual servers on the 64 bit box are using a LOT more memory that they did on the 32 bit box. and I need to figure out h

Re: [EMAIL PROTECTED] Windows Server 2003 SP 1 and Apache 2.0.52

louis, you really need to download the apache_2.0.52-win32-x86-symbols.zip file from http://archive.apache.org/dist/httpd/binaries/win32/ Unpack it in your top level Apache2 directory (e.g. somewhere like c:\program files\apache group\apache2\) and expand directories. Next Application error, if

Re: [EMAIL PROTECTED] block empty referrer?

On 9/12/05, Erik Svensson <[EMAIL PROTECTED]> wrote: > How can I block hits like this: > > xx.xxx.xxx.xxx - - [04/Sep/2005:20:03:48 +0200] "GET / HTTP/1.0" 200 > 5109 "-" "-" "-" > > I´m geting about 50-70 hits a day from different ip-numbers and there is > constantly new ones, so blocking the ip

Re: [EMAIL PROTECTED] New authentication framework in Apache 2.1

Quoting Nick Kew <[EMAIL PROTECTED]>: On Tuesday 13 September 2005 08:26, Julien ALLANOS wrote: Hello, From what I've read, the authentication API has been rewritten in Apache 2.1. As there is not many docs at http://mod-auth.sourceforge.net/docs/ (link to "Changes from 2.0" is broken), I want

RE: [EMAIL PROTECTED] Windows Server 2003 SP 1 and Apache 2.0.52

> louis, you really need to download the > apache_2.0.52-win32-x86-symbols.zip > file from http://archive.apache.org/dist/httpd/binaries/win32/ > > Unpack it in your top level Apache2 directory (e.g. somewhere > like c:\program files\apache group\apache2\) and expand directories. > > Next Appl

[EMAIL PROTECTED] Apache and Active Directory

Hi, here where I work we have the following configuration for our web server: Windows 2003 Apache 2.0.54 PHP 4.4.0 MySQL 4.0.20 This server also connects to a database server with Oracle 9i through a Oracle 8i Client, otherwise the PHP wouldn't connect to the database properly. There is als

[EMAIL PROTECTED] Memory leak on Windows 2003

Hi, here where I work we have the following configuration for our web server: Windows 2003 Apache 2.0.54 PHP 4.4.0 MySQL 4.0.20 This server also connects to a database server with Oracle 9i through a Oracle 8i Client, otherwise the PHP wouldn't connect to the database properly. There is als

[EMAIL PROTECTED] Re: Regarding htpasswd

Hi [EMAIL PROTECTED], you wrote: > 1. I have encrypted file created by using this command > > htpasswd -c -m -b filename username password > > The output was stored in file. > > admin:$apr1$g3X.i/..$NZYMsYERfm1obRrWUy9aq. > can I know How to validate in perl or c?. There should be so

Re: [EMAIL PROTECTED] Different security based on network interface

Hello, Administrator wrote: This may be a stupid answer, but isn't it easily possible to set up the interfaces (or firewall, or both) so they reject source IP addresses in the wrong I/F? Or am I missing the point? Just drop packets coming in the external interface that claim to have an IP of

[EMAIL PROTECTED] SetEnvIf[NoCase] and url get attributes

Hi, i've tried many things to get a setenvif working with GET-parameters in a url. The problem, i can only use the url till the ? marker. I will explain by example http://locahost/index.php?test=1 i want to check the existence of test. i tried setenvifnocase Request_URI test test=1 but this d

Re: [EMAIL PROTECTED] SetEnvIf[NoCase] and url get attributes

On 9/13/05, sven buerger <[EMAIL PROTECTED]> wrote: > Hi, > > i've tried many things to get a setenvif working with GET-parameters in > a url. The problem, i can only use the url till the ? marker. I will > explain by example > > > http://locahost/index.php?test=1 > > i want to check the existe

[EMAIL PROTECTED] Re: SetEnvIf[NoCase] and url get attributes

hi, 13.09.2005 17:55 Joshua Slive wrote: > As the docs say, Request_URI does not include the query string. I > believe you'd need to use mod_rewrite for this: But then query_string should work? and for example http://www.tolatsga.org/info.php?test=1 under environment the request_uri includes th

Re: [EMAIL PROTECTED] Re: SetEnvIf[NoCase] and url get attributes

On 9/13/05, sven buerger <[EMAIL PROTECTED]> wrote: > hi, > > 13.09.2005 17:55 Joshua Slive wrote: > > As the docs say, Request_URI does not include the query string. I > > believe you'd need to use mod_rewrite for this: > > But then query_string should work? > > and for example http://www.tola

[EMAIL PROTECTED] Httpd processes are not dying

Hi Joshua, I am not sure you remember the problem I stated last time so I am listing it here again. You had asked me to run mod_status. I have attached the output of the mod_status too. Problem: The httpd processes keep getting accumulated in the memory and are not dying timely as expected. This

Re: [EMAIL PROTECTED] Httpd processes are not dying

On 9/13/05, Mishra, Pawan <[EMAIL PROTECTED]> wrote: > Hi Joshua, > > I am not sure you remember the problem I stated last time so I am > listing it here again. You had asked me to run mod_status. I have > attached the output of the mod_status too. > > Problem: The httpd processes keep getting ac

RE: [EMAIL PROTECTED] Httpd processes are not dying

Just an FYI IBM does not recommend this combination: to WAS 5.0.2 / I.H.S. 1.3.26.2 combination. For WAS 5.0 YOU NEED TO install HIS 2.0.42.X Thank Balanand Pinni 23-H-4 SBC Services Inc OBC ,Stl MO * 314-206-5911 * [EMAIL PROTECTED] -Original Message- From: Joshua Slive [mailto:[

RE: [EMAIL PROTECTED] Httpd processes are not dying

Thanks. I have checked to see that there is no duplicate entry for MaxSpareServers. -Original Message- From: Joshua Slive [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 13, 2005 10:52 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] Httpd processes are not dying On 9/13/

RE: [EMAIL PROTECTED] Backup Apache web servers

-Original Message- From: Jojo Solis [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 13, 2005 2:57 AM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] Backup Apache web servers Hi everyone, i wanted to backup web files, and configuration files from my apache server, mysql server

[EMAIL PROTECTED] mod_logio Performance hits?

Hi Folks, We've encountered a bit of a problem with Apache2. Apparently to improve performance, when apache2 logs the respose size in the access log, it logs the 'expected' file size, not the amount of data sent out on the wire. It seems to get this information from the filesize of the fil

Re: [EMAIL PROTECTED] Different security based on network interface

> AragonX wrote: > > > I'm afraid someone will spoof the IP addresses of the internal network > > to bypass this security measure. I don't see how that's possible. Given the following: M - malicious hacker at address M W - webserver I - internal netw

Re: [EMAIL PROTECTED] Different security based on network interface

"AragonX" <[EMAIL PROTECTED]> writes: [...] > I know that mod_access and I think mod_security will allow me to do this > but they do it based on IP address. I'm afraid someone will spoof the IP > addresses of the internal network to bypass this security measure. The easiest way to do this is wi

[EMAIL PROTECTED] 2 questions with apache2 operation

I am not sure where my system is corrupted, but it is problematic indeed. Here's the problem, and then a symptom: 1) I run Mailman 2.5 on my apache 2 installation, system running Debian 3.1. I can open my mailman database if I enter it like this: http://fyrenice.com/cgi-bin/mailman/adm

Re: [EMAIL PROTECTED] mod_logio Performance hits?

On 9/13/05, Dan <[EMAIL PROTECTED]> wrote: > Hi Folks, > > We've encountered a bit of a problem with Apache2. > > Apparently to improve performance, when apache2 logs the respose size > in the access log, it logs the 'expected' file size, not the amount > of data sent out on the wire. It seems to

Re: [EMAIL PROTECTED] Both IP based and name based virtual host on same server.

Hi all,    Atlast I got it working So name based virtual hosting *is* possible with mod_ssl. --httpd.conf- < IfModule mod_ssl.c > Listen 443 Listen 80 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl< / IfModule >< IfModule mod_ssl.

Re: [EMAIL PROTECTED] Different security based on network interface

On 9/14/05, Scott Gifford <[EMAIL PROTECTED]> wrote: > "AragonX" <[EMAIL PROTECTED]> writes: > > [...] > > > I know that mod_access and I think mod_security will allow me to do this > > but they do it based on IP address. I'm afraid someone will spoof the IP > > addresses of the internal network