Did you check the timeout on your apache proxy config? Once apache has
detected the backend is not available it won't retry again until a certain
number of seconds (timeout) has passed. I pretty sure mod_proxy defaults to 60
seconds, which I usually reduce to get a quicker recovery when Tomcat
Hello,
i did some Tests with apache22 and mod_deflate in standardsettings.
With deflate enabled i called a simple phpinfo.php to watch what happens.
When phpinfo.php was processed by mod_php the content was deliverd gziped
but wenn php running with fastcgi it was not.
Ist this a generall differe
I'm using mod_rewrite method for clean URLs.
---
Options +FollowSymLinks
RewriteEngine on
RewriteCond %{REQUEST_URI} !/$
RewriteCond %{REQUEST_URI} !\.
RewriteRule ^(.*) %{REQUEST_URI}/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
Re
Ryan Murray wrote:
Did you check the timeout on your apache proxy config? Once apache has detected the backend is not available it won't retry again until a certain number of seconds (timeout) has passed. I pretty sure mod_proxy defaults to 60 seconds, which I usually reduce to get a quicker rec
> > On 09.06.09 09:14, Davide Bianchi wrote:
> >> Actually no. If the request doesn't match any Virtual Hosts, it will be
> >> served by the first vhost defined or by the one defined with the
> >> _default_ keyword.
> On Tue, Jun 9, 2009 at 4:11 AM, Matus UHLAR - fantomas
> wrote:
> > No. The "fi
On Tue, 2009-06-09 at 22:37 +0200, ml ml wrote:
> Hi Nick,
>
> it still does not work if i use:
>
>
>
> ServerName webmail.example.com
> SSLEngine on
> SSLCertificateFile /usr/local/apache/conf/webmail.example.cert
> SSLCertificateKeyFile /usr/local/apache/conf/webmail.example.key
>
> SSL
Hello,
Please forgive me if this is the wrong place to post questions about
mod_authnz_ldap, but I've been struggling with this particularly issue for a
few days now ...
I have a (working) openldap server which contains a number of user accounts.
see extract below :
dn: uid=pmiles,ou=people,d
Hello All,
I need to rewrite the url http://123.dev.com to http://123.dev.com/profile
I have put the below code to my .htaccesss that successfully worked
# ---
rewritecond %{http_host} ^widgets\.cmdn\.com$
rewritecond %{request_uri} ^/
BipinDas-Gmail wrote:
Hello All,
I need to rewrite the url http://123.dev.com to http://123.dev.com/profile
1) Since you are rewriting everything that is "/*" to "/profile/*"
anyway, then why don't you move everything that is now under /profile,
to / ,
and be done with all the rewriting
Hi,
I have some perl CGI scripts in my cgi-bin. The setup was working
perfectly on my old server. I've now moved the scripts to a replacement
server.
The new server responds when I send a GET request to the script, but
throws an error 403 Forbidden if I send a POST request to the script.
N
Jonathan Gazeley wrote:
x.x.x.x - jg4461 [09/Jun/2009:07:18:32 +0100] "GET
/cgi-bin/registerMAC.pl?ticket=ST-39049938-KDf1eIxd5gH0dodU8KzX
HTTP/1.1" 200 4792
x.x.x.x - - [09/Jun/2009:07:19:40 +0100] "POST /cgi-bin/registerMAC.pl
HTTP/1.1" 403 313
Just from the name and arguments of the scri
I need to fix this Vulnerability, So can someone please check the
vulnerability and let me know the best way to fix the HTTP Service /
Server Version.
The server allows capture of the HTTP service banner. Service banners
can contain sensitive information, such as application and Operating
Syst
On Wed, Jun 10, 2009 at 7:53 AM, Singh, Sukhjeet
wrote:
> The server allows capture of the HTTP service banner. Service banners can
> contain sensitive information, such as application and Operating System (OS)
> version numbers. An attacker can use the version information from your Web
> server t
On Wed, Jun 10, 2009 at 3:12 AM, Andre Hübner wrote:
> Hello,
>
> i did some Tests with apache22 and mod_deflate in standardsettings.
> With deflate enabled i called a simple phpinfo.php to watch what happens.
> When phpinfo.php was processed by mod_php the content was deliverd gziped
> but wenn p
On Wed, Jun 10, 2009 at 5:52 AM, BipinDas-Gmail wrote:
> I need to rewrite the url http://123.dev.com to http://123.dev.com/profile
>
> I have put the below code to my .htaccesss that successfully worked
>
> # ---
>
> rewritecond %{http_host
Eric,
I think you are right cuz the rewrite rule which I'm using and also the
ErrorDocument which I'm using are using the path of the files and not the exact
URL.
But while I'm able to fix the custom 403 and 404 pages, I'm not too sure why
the scanner is still detecting this vulnerability.
Su
On Wed, Jun 10, 2009 at 4:07 AM, Matus UHLAR - fantomas
wrote:
>> NameVirtualHost doesn't affect this selection, so the logic degrades
>> to simpler _default_ and * are used when there isn't an exact match
>> on the IP.
>
> I've meant, if there's NameVirtualHost , the
> will not match the IP eve
On Wed, Jun 10, 2009 at 4:06 AM, André Warnier wrote:
> I have not verified, but intuitively I would tend to think that no HTTP
> caching mechanism (browser, server, mod_cache, proxies, etc..) would ever
> really "cache" error responses, and keep responding the same from some cache
> memory.
>
ht
On Wed, Jun 10, 2009 at 8:06 AM, Singh, Sukhjeet
wrote:
> Eric,
>
> I think you are right cuz the rewrite rule which I'm using and also the
> ErrorDocument which I'm using are using the path of the files and not the
> exact URL.
>
> But while I'm able to fix the custom 403 and 404 pages, I'm not
Eric,
Basically the thing is my security guy is saying that If I can any how able to
fix the 404 error in lieu of the 403 Forbidden error then it'll fix the
vulnerability.
I mean instead of HTTP/1.1 403 I should get HTTP/1.1 404 while anyone try even
from telnet or with any scanner.
Sukhjeet
Eric,
I agree with you but as we can fix the custom 404 or 403 errors via
ErrorDocument. Isn't there any way to fix this banner as whenever the 403
Forbidden message is generated it should be replaced with 404 message.
I tried even blocking the mod_ProxyVia but it also didn't helped.
Sukhjeet
Nuno Fernandes writes:
> When the 32000 sub dirs limit is reached, i get the following errors in
> error_log:
>
> [Tue Jun 09 22:19:23 2009] [error] (2)No such file or directory: disk_cache:
> rename tempfile to hdrsfile failed: /var/cache/httpd/mod_proxy/aptmpfddU8r ->
> /var/cache/httpd/mod_
Eric Covener writes:
> On Wed, Jun 10, 2009 at 7:53 AM, Singh, Sukhjeet
> wrote:
>> The server allows capture of the HTTP service banner. Service banners can
>> contain sensitive information, such as application and Operating System (OS)
>> version numbers. An attacker can use the version inform
On Wed, Jun 10, 2009 at 8:13 AM, Singh, Sukhjeet
wrote:
> Eric,
>
> I agree with you but as we can fix the custom 404 or 403 errors via
> ErrorDocument. Isn't there any way to fix this banner as whenever the 403
> Forbidden message is generated it should be replaced with 404 message.
>
You're s
RE: [us...@httpd] default site
RE: [us...@httpd] 503 status seems to get cached - how do I disable caching?
Singh, Sukhjeet wrote:
(lots of stuff in the wrong threads)
1) would you please stop just hitting the "reply" button on just any
message of this list to post things that have nothin
Eric,
Can you let me know the best possible way to hide this banner.
Sukhjeet
-Original Message-
From: Dan Poirier [mailto:poir...@pobox.com]
Sent: Wednesday, June 10, 2009 6:05 PM
To: users@httpd.apache.org
Subject: [us...@httpd] Re: Fixing HTTP Service / Server Version Detected
Eric
Andre,
I appreciate your concern but I'll like to let you know that enabling or
disabling the HTTP banner should logically come under the server configuration.
I'm not too sure whether you treat it that ways or not..?
Sukhjeet
-Original Message-
From: André Warnier [mailto:a...@ice-sa.
Hi Andre,
Thanks for your reply
registerMAC.pl accepts username, MAC address and device type as
arguments so users can register their devices in our database. The
database is later relied on for authentication with FreeRADIUS, but this
perl script does not do authorization or authentication.
Sukhjeet,
let me try one more time.
- this is a users help forum dedicated to Apache httpd
- considering the content of the server message you showed (see below),
I am not sure that what you call "the server", is an Apache httpd server
- if I am wrong, and it /is/ an Apache httpd server, then y
> -Original Message-
> From: Singh, Sukhjeet [mailto:sukhjeet.si...@fiserv.com]
> Sent: Wednesday, June 10, 2009 2:56 PM
> To: users@httpd.apache.org
> Subject: RE: [us...@httpd] Re: Fixing HTTP Service / Server
> Version Detected
>
> Eric,
>
> Can you let me know the best possible way
Andre,
It is an apache server and let me concrete my request. I like to disable the
HTTP 1.1 server /service banner. Which include 404 errors and 403 errors.
Sukhjeet
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, June 10, 2009 6:37 PM
To: users@httpd
I need to fix this Vulnerability, So can someone please check the
vulnerability and let me know the best way to fix the HTTP Service
/ Server Version.
The server allows capture of the HTTP service banner. Service
banners can contain sensitive information, such as application and
Operating Sys
Thanks for your help Dave...!!
Sukhjeet
-Original Message-
From: Dave Floyd [mailto:dave.fl...@pa.press.net]
Sent: Wednesday, June 10, 2009 6:58 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] Fixing HTTP Service / Server Version Detected
>I need to fix this Vulnerability, So c
On Wed, Jun 10, 2009 at 3:12 AM, Andre Hübner wrote:
Hello,
i did some Tests with apache22 and mod_deflate in standardsettings.
With deflate enabled i called a simple phpinfo.php to watch what happens.
When phpinfo.php was processed by mod_php the content was deliverd gziped
but wenn php runnin
Dave Floyd wrote:
I need to fix this Vulnerability, So can someone please check the
vulnerability and let me know the best way to fix the HTTP Service /
Server Version.
The server allows capture of the HTTP service banner. Service banners
can contain sensitive information, such as application
On Wed, Jun 10, 2009 at 10:08 AM, Andre Hübner wrote:
> On Wed, Jun 10, 2009 at 3:12 AM, Andre Hübner wrote:
>>>
>>> Hello,
>>>
>>> i did some Tests with apache22 and mod_deflate in standardsettings.
>>> With deflate enabled i called a simple phpinfo.php to watch what happens.
>>> When phpinfo.php
> -Original Message-
> From: André Warnier [mailto:a...@ice-sa.com]
> >
> and, when you have exhausted all of those, and the JBoss list
> too, you
> might finally be able to bask in the satisfaction of knowing which
> webserver software you are really responsible for.
I suspect we've
Tough to guess. Relevant Config, logs, and the request/response are a
good start.
oh, it works now. if called php-script ist parsed by php-cgi it is not
enough to write AddOutputFilterByType in .htaccess
if i activated AddOutputFilterByType directly in httpd.conf it works.
with mod_php t
On Wed, 10 Jun 2009 18:28:39 +0530
"Singh, Sukhjeet" wrote:
> Andre,
>
> I appreciate your concern but I'll like to let you know that enabling
> or disabling the HTTP banner should logically come under the server
> configuration.
Your vulnerability isn't the banner, it's the sysop. Find one wh
On Wed, 2009-06-10 at 16:41 +0200, Andre Hübner wrote:
>
> > Tough to guess. Relevant Config, logs, and the request/response are a
> > good start.
>
>
> oh, it works now. if called php-script ist parsed by php-cgi it is not
> enough to write AddOutputFilterByType in .htaccess
> if i activated
Dear Group,
How do web servers achieve scalability is bothering me for a long time. My
understanding is that an application can open one and only one socket
connection through four system calls (socket, bind, listen, and accept). It
is at 'listen' level that a server can specify for how many con
I don't know why that would make a difference, but if you have access to
the main httpd.conf file, you should never use .htaccess. It is less
efficient than putting it in the main httpd.conf, has various 'gotchas'
and slight differences in syntax that are easy to catch you out.
yes, but there ar
On Wed, 2009-06-10 at 09:10 -0700, Vinay Nagrik wrote:
> Dear Group,
>
> How do web servers achieve scalability is bothering me for a long
> time. My understanding is that an application can open one and only
> one socket connection through four system calls (socket, bind, listen,
> and accept).
Boyle Owen wrote:
I suspect we've had a visitation from a Help Vampire...
http://slash7.com/pages/vampires
That's a great one !
:-)
Did you know this one ?
http://www.mail-archive.com/us...@tomcat.apache.org/msg53854.html
---
On Wed, Jun 10, 2009 at 11:33 AM, Tom Evans wrote:
> On Wed, 2009-06-10 at 16:41 +0200, Andre Hübner wrote:
>>
>> > Tough to guess. Relevant Config, logs, and the request/response are a
>> > good start.
>>
>>
>> oh, it works now. if called php-script ist parsed by php-cgi it is not
>> enough to w
On Wed, Jun 10, 2009 at 3:06 AM, André Warnier wrote:
> So, to get back to the original issue : if indeed the observed behaviour
> derives from such a timeout on the part of mod_proxy, I would suggest to do
> some thinking about whether it is not better, in a general sense, to leave
> things as the
Singh, Sukhjeet wrote:
>
> The server allows capture of the HTTP service banner. Service banners
> can contain sensitive information, such as application and Operating
> System (OS) version numbers. An attacker can use the version information
> from your Web server to determine if there are any kn
Jenny Brown wrote:
On Wed, Jun 10, 2009 at 3:06 AM, André Warnier wrote:
So, to get back to the original issue : if indeed the observed behaviour
derives from such a timeout on the part of mod_proxy, I would suggest to do
some thinking about whether it is not better, in a general sense, to leave
William A. Rowe, Jr. wrote:
http://httpd.apache.org/docs/2.2/mod/core.html#servertokens
Sadly, this information is useless to you. This is not an httpd issue,
it's a JBoss issue. Take it to their user forum. This is not a JBoss
support forum.
What I've been trying to tell the OP since mmm
Complementary to what you will find in the on-line Apache documentation
at http://httpd.apache.org, and painted with a very wide brush :
When you start Apache, a single main Apache process is started.
It reads and checks the configuration, and loads a series of core and
add-on modules, as per y
You got me going in a good general direction -- the real solution is
slightly different. Here's what I found.
In the parameters section of the ProxyPass directive, there is a
parameter called retry. It defaults to 60 seconds. The description
is such:
"Connection pool worker retry timeout in sec
We are using Apache 2.2. How can I find which one is most recent
stable version? I am trying to determine if we need to upgrade Apache.
I am also waiting for this bug to get fixed in that version
https://issues.apache.org/bugzilla/show_bug.cgi?id=42829
---
Mohit Anchlia wrote:
> We are using Apache 2.2. How can I find which one is most recent
> stable version? I am trying to determine if we need to upgrade Apache.
Have you visited http://httpd.apache.org recently?
-
The official Us
53 matches
Mail list logo
