Hello,
I got a problem with SSL versions.
I'm looking for a solution to redirect Browsers, which doesn't support SSLv3 or
TLSv1, to an infopage.
Is it possible, to solve the problem with an redirect rule or something else on
the server side.
I don't want to solve the problem on the client s
I want to have NO http traffic on my site. Is this the correct way to
ensure I serve everything on my site via https:
ServerName tb.com
ServerAlias *.tb.com
Redirect permanent / https://tb.com/
...
Thanks so much.
Best regards,
-Tom
On 12 Jul 2012, at 12:02, Tom Browder wrote:
> I want to have NO http traffic on my site. Is this the correct way to
No.
The Listen directive determines whether you serve HTTP traffic.
What you have only affects how you respond to HTTP traffic once
you have already accepted it.
--
Nick Kew
On Thu, Jul 12, 2012 at 6:37 AM, Nick Kew wrote:
>
> On 12 Jul 2012, at 12:02, Tom Browder wrote:
>
>> I want to have NO http traffic on my site. Is this the correct way to
>
> No.
Thanks for the reply, Nick. I have a stack of Apache security books
(as well as your modules book), but I am looki
HI
*for loadbalancing I added following lines in httpd-ssl.conf file *
//certificates etc
//loadbalancing lines
ProxyPass / balancer://sakaiCluster/ stickysession=JSESSIONID nofailover=On
timeout=60
BalancerMember ajp://192.168.1.101:8009 route=tom121
BalancerMember ajp://192.1
On 07/12/2012 02:42 PM, Jehan Badshah wrote:
> HI
>
> *for loadbalancing I added following lines in httpd-ssl.conf file *
>
>
> //certificates etc
>
> //loadbalancing lines
> ProxyPass / balancer://sakaiCluster/ stickysession=JSESSIONID
> nofailover=On timeout=60
>
> BalancerMember ajp
unsubscribe
On 07/12/2012 02:55 PM, Jim Osborne wrote:
> unsubscribe
Please unsubscribe by writing to users-unsubscr...@httpd.apache.org instead.
With regards,
Daniel.
-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additio
Thanks Daniel
Now syntax errors are fixed, but apache is not starting, following is error
log
[Fri Jul 13 23:07:52.976414 2012] [lbmethod_heartbeat:notice] [pid
12579:tid 3086534336] AH02282: No slotmem from mod_heartmonitor
[Fri Jul 13 23:07:52.977220 2012] [proxy_balancer:emerg] [pid 12579:tid
On July 12, 2012 8:02 , Tom Browder wrote:
On Thu, Jul 12, 2012 at 6:37 AM, Nick Kew wrote:
On 12 Jul 2012, at 12:02, Tom Browder wrote:
I want to have NO http traffic on my site. Is this the correct way to
No.
I see lots of mixed http/https setups, but no
single solution for https only i
Maybe not a "pure" Apache question, but...
Using Apache 2.2.17 and Perl 5.10.0, a script [1] uses a temp directory for
read/write. When the directory is 755, the script can read but fails to
write a new temp file -- secondary result Apache outputs a *text* file for
*download* containing the d
On July 12, 2012 8:23 , Ajay Garg wrote:
Well, figured out the reason.
I rebooted, and again I could NOT upload files.
I then disabled SELinux (via "sudo setenforce 0"), and voila I
could upload the files.
Your solution removes SELinux protection from the entire system. If an
attack
On Thu, Jul 12, 2012 at 9:08 AM, Mark Montague wrote:
> On July 12, 2012 8:02 , Tom Browder wrote:
>> On Thu, Jul 12, 2012 at 6:37 AM, Nick Kew wrote:
>>> On 12 Jul 2012, at 12:02, Tom Browder wrote:
>>>
I want to have NO http traffic on my site. Is this the correct way to...
...
> Nick's
If you want no traffic, don't listen.
Block on firewall w/ tcp-reject and don't use Apache to listen to http.
A more "friendly" way is to redirect VIA firewall all --dport 80 to --dport
443.
2012/7/12 Tom Browder
> On Thu, Jul 12, 2012 at 9:08 AM, Mark Montague wrote:
> > On July 12, 2012 8:0
On July 12, 2012 11:03 , Tom Browder wrote:
I like the "friendly" approach, but I made the statement. "I want to
have NO http traffic on my site," because I saw in a post from a
Mozilla Persona site a reference to another link that there is a
possibility of a man-in-the-middle attack using it.
That fixes it! Thanks!!
I'm using ap_hook_post_read_request and sandwiching it between
modsetenvif and another custom module with APR_HOOK_FIRST
On Wed, Jul 11, 2012 at 6:07 PM, Nick Kew wrote:
>
> On 12 Jul 2012, at 00:51, Andrew wrote:
>
>> Hi All,
>>
>> I'm seeing some unusual behavior with m
On Thu, 12 Jul 2012 11:32:01 -0400
Mark Montague wrote:
> On July 12, 2012 11:03 , Tom Browder wrote:
> > I like the "friendly" approach, but I made the statement. "I want to
> > have NO http traffic on my site," because I saw in a post from a
> > Mozilla Persona site a reference to another li
On Thu, Jul 12, 2012 at 11:20 AM, Nick Kew wrote:
> On Thu, 12 Jul 2012 11:32:01 -0400
> Mark Montague wrote:
...
>> HTTPS makes it harder to do man-in-the-middle (MITM) attacks, but MITM
>> attacks are still possible against HTTPS.
...
> Up to a point, Lord Copper.
...
>> If I were in your situa
On July 12, 2012 12:20 , Nick Kew wrote:
1. An HTTPS proxy.
Browser will warn you in no uncertain terms. You'd need a bit of
social engineering:
The browser won't warn you and you won't need social engineering if the
certificate presented by the proxy is signed by a CA trusted by the
user'
HI
*for loadbalancing I added following lines in **
httpd-ssl.conf
*
//certificates etc
ProxyPass / balancer://sakaiCluster/ stickysession=JSESSIONID nofailover=On
timeout=60
BalancerMember ajp://192.168.1.101:8009 route=tom121
BalancerMember ajp://192.168.1.102:8009 route=tom
20 matches
Mail list logo
