Re: [us...@httpd] Apr_bucket_read() failed when uploading files

Mark wrote: So, needless to say, this is quite serious. Like I said, I even got an admin (not a silly helpdesk clerk) to admit that it's a bug; but they're not gonna fix it. That's why I was looking for a way around it. Well then, I'm afraid that all I can tell you is to look for another hosti

Re: [us...@httpd] Can a proxy rewrite a 302 redirect location reply?

On Mon, Jun 22, 2009 at 9:10 PM, Scott Moseman wrote: > We have some SSL websites that proxy through to non-SSL websites on > the inside.  Here's a sample of how they are configured. > > >  ProxyRequests Off >  ProxyPreserveHost On >  ProxyPass / http://inside:8000/subdirectory1/ >  ProxyPassRever

[us...@httpd] compilation error

Hi what might break the compilation? make: Fatal error: Command failed for target `all-recursive' Current working directory /opt/jupiter/httpd-2.2.4/support *** Error code 1 The following command caused the error: otarget=`echo all-recursive|sed s/-recursive//`; \ list=' srclib os server m

[us...@httpd] How can I secure my apache server from DoS attack ?

Hi, I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel and Apache 1.3.37 running on it. 2 days back I got one script to test DoS attack on website. It is called slowloris.pl from http://ha.ckers.org/slowloris/ I run that script against my server and it worked. It stopped m

Re: [us...@httpd] How can I secure my apache server from DoS attack ?

Hello Neelesh, It is possible to use a modules called: mod_evasive this will help prevent DOS attacks occurring. http://www.zdziarski.com/projects/mod_evasive/ 2009/6/23 Neelesh Gurjar > > Hi, > I have a web server which has CentOS Linux 2.6.18-028stab059.6-ent kernel and > Apache 1.3.37 runni

Re: [us...@httpd] compilation error

On Tue, Jun 23, 2009 at 8:17 AM, Melanie Pfefer wrote: > > Hi > > what might break the compilation? > > make: Fatal error: Command failed for target `all-recursive' Look higher up in the output. -- Eric Covener cove...@gmail.com --

[us...@httpd] Apache 1.x & 2.x vulnerability against simple DoS attacks

Hi, I just tried the perl script against my 2.2 apache under ubuntu 8.04 and found I could make my apache server unavailable in 30 sec with the little hack script you can find here http://ha.ckers.org/slowloris/ Has anyone heard of a configuration or a ongoing fix to protect Apache against such a

Re: [us...@httpd] Apache 1.x & 2.x vulnerability against simple DoS attacks

On Tue, 2009-06-23 at 15:11 +0200, Bastien LEGRAS wrote: > Hi, > > I just tried the perl script against my 2.2 apache under ubuntu 8.04 > and found I could make my apache server unavailable in 30 sec with the > little hack script you can find here http://ha.ckers.org/slowloris/ > > Has anyone hea

Re: [us...@httpd] compilation error

in configure: checking for ldap support... setting APRUTIL_INCLUDES to "-I/opt/ldap/lib/ldapcsdk/include/" setting APRUTIL_LDFLAGS to "-L/opt/ldap/lib/" checking for ldap_init in -lldap50... no checking for ldap_init in -lldapssl41... no checking for ldap_init in -lldapssl40... no checking fo

Re: [us...@httpd] Apache 1.x & 2.x vulnerability against simple DoS attacks

Hello, Isn't the 'event MPM' experimental? Wouldn't 'worker MPM' work better? 2009/6/23 Tom Evans > On Tue, 2009-06-23 at 15:11 +0200, Bastien LEGRAS wrote: > > Hi, > > > > I just tried the perl script against my 2.2 apache under ubuntu 8.04 > > and found I could make my apache server unavailab

Re: [us...@httpd] Apache 1.x & 2.x vulnerability against simple DoS attacks

On Tue, 2009-06-23 at 16:36 +0100, Damian Myerscough wrote: > Hello, > > > Isn't the 'event MPM' experimental? > > > Wouldn't 'worker MPM' work better? > > 2009/6/23 Tom Evans > On Tue, 2009-06-23 at 15:11 +0200, Bastien LEGRAS wrote: > > Hi, > > > > I just tr

[us...@httpd] Seeking knowledge : Apache2 MPM Event and Input filters

Hi. http://httpd.apache.org/docs/2.2/mod/event.html states (at the end) : At present, this MPM is incompatible with mod_ssl, and other input filters. Would someone care to elaborate, in the sense of : Does that mean "any input filters at all", or just "some input filters" ? In particular : mod

[us...@httpd] Re:[us...@httpd] Seeking knowledge : Apache2 MPM Event and

my thoughts about this issue are similar too. This looks to me to be a security issue caused primarily due to mod_perl. Is there a listing somewhere of potential security threats/vulnerabilities associate with mod_perl and say other apache modules too? thanks - Original Message - From:

[us...@httpd] Last-Modified header questions

When is the Last-Modified header sent? Is it always sent unless unset in the config? Is it only sent based on the content of the original request? - The official User-To-User support forum of the Apache HTTP Server Project. See

Re: [us...@httpd] Apache 1.x & 2.x vulnerability against simple DoS attacks

Hello, Mod_evasive is unable to defend against this attack. 2009/6/23 Tom Evans : > On Tue, 2009-06-23 at 16:36 +0100, Damian Myerscough wrote: >> Hello, >> >> >> Isn't the 'event MPM' experimental? >> >> >> Wouldn't 'worker MPM' work better? >> >> 2009/6/23 Tom Evans >>         On Tue, 2009-06-

Re: [us...@httpd] Re:[us...@httpd] Seeking knowledge : Apache2 MPM Event and

SAILESH KRISHNAMURTI, BLOOMBERG/ 731 LEXIN wrote: my thoughts about this issue are similar too. Mmmm. I believe you misunderstood what I wrote. This looks to me to be a security issue caused primarily due to mod_perl. That was not at all what I had in mind. If you are thinking about slowloris

Re: [us...@httpd] How can I secure my apache server from DoS attack ?

Please Change Following Parameters Timeout 60 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 5 MinSpareServers 5 MaxSpareServers 10 StartServers 5 MaxClients 150 MaxRequestsPerChild 4000 Then Kernel settings are like : tcp_keepalive_time=900 tcp_fin_timeout=30 tcp_max_orphans=16384 tcp_t