Re: [us...@httpd] best practices for mod_rewrite

LoD MoD wrote: > Hi List, > Is the best practice for using rewrites in multiple areas of a site to > use .htaccess files? Best practices in httpd disavow all use of .htaccess for performance, security and maintenance rationals. -

Re: [us...@httpd] After restart Vista, working Apache 2.2.11 stopped working, reinstall, google, etc to no avail

Abel Braaksma wrote: > Hi all, > > system: Windows Vista Business, latest SP's, Apache HTTPd 2.2.11, MSI > installation. > > I've had a long-running well-working Apache, no problems, changed some > configs today and restarted Apache and all was fine and dandy. Then I > installed a new video drive

Re: [us...@httpd] After restart Vista, working Apache 2.2.11 stopped working, reinstall, google, etc to no avail

Abel Braaksma wrote: > > maybe I should install the debugging environment after all, to see what > passes through there All you should need are to extract the -symbols.zip .pdb files and use good old windbg. >> Corrupted service? Might have to uninstall the service, reboot, then >> manually del

Re: [us...@httpd] After restart Vista, working Apache 2.2.11 stopped working, reinstall, google, etc to no avail

Abel Braaksma wrote: > > What can I still do? Is there someone around that can help me setup > Visual Studio to run Apache from the IDE and to step through the source? Did bin\httpd.exe -t tell you anything? Please note that uninstalling apache leaves logs/ and conf/ (as you might have noticed)

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

k...@redshift.com wrote: > I installed Apache as a service as normal, then tried to run it. It > ran...but it won't read the httpd.conf file. Even changing the service to > call httpd.exe -k runservice -f (path to conf file) *does not work*. I > can only run httpd manually, from the command prom

Re: [us...@httpd] Issue w/ Apache httpd 2.2.11 in Windows Vista

k...@redshift.com wrote: >> k...@redshift.com wrote: >>> I installed Apache as a service as normal, then tried to run it. It >>> ran...but it won't read the httpd.conf file. Even changing the >>> service to call httpd.exe -k runservice -f (path to conf file) *does >>> not work*. I can only run h

Re: [us...@httpd] Apache 1.3 on Vista Home issue

Darryle Steplight wrote: > Hi Evgeny, > I just installed Apache 2.2 on Windows Vista last week. I'm just > curious , how are you starting Apache? Are you using the "net" command > from the command line or are do you have it running as a windows > service? There is no difference above, the net

Re: [us...@httpd] Compiling Apache on windows VC9

Lester Caine wrote: > PHP have decided that PHP5.3 will be the last version available for > windows on VC6, and that PHP6 will be VC9 only, so is any work being > done on a VC9 version of Apache? This seems to be in line with making > IIS the default on Windows as there are no Apache modules in the

Re: [us...@httpd] Compiling Apache on windows VC9

William A. Rowe, Jr. wrote: > Lester Caine wrote: >> PHP have decided that PHP5.3 will be the last version available for >> windows on VC6, and that PHP6 will be VC9 only, so is any work being >> done on a VC9 version of Apache? This seems to be in line with making >> II

Re: [us...@httpd] Fixing HTTP Service / Server Version Detected

Singh, Sukhjeet wrote: > > The server allows capture of the HTTP service banner. Service banners > can contain sensitive information, such as application and Operating > System (OS) version numbers. An attacker can use the version information > from your Web server to determine if there are any kn

Re: [us...@httpd] Stable Release of Apache

Mohit Anchlia wrote: > We are using Apache 2.2. How can I find which one is most recent > stable version? I am trying to determine if we need to upgrade Apache. Have you visited http://httpd.apache.org recently? - The official Us

Re: [us...@httpd] Stable Release of Apache

Tom Evans wrote: > On Thu, 2009-06-11 at 07:57 -0700, Mohit Anchlia wrote: >> I see that apache 2.2.11 has been released but how do I find out if >> that's a stable release and something I can consider deploying in >> production? > > All releases of apache are stable releases; that is the definiti

Re: [us...@httpd] Configure Server To Run In Windows Vista

Sevis wrote: > > The "Start" shortcut (which works, but only after UAC prompting) is: > > "C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -w -f > "C:/Users/joeUser/AppData/Roaming/Apache/httpd.conf" -n "ApacheHttpd" -k start A fine mess you have gotten yourself into, eh?

Re: [us...@httpd] Apache 2.3 source?

Prasanna Ram Venkatachalam wrote: > > Is it possible to get a copy of the Apache 2.3 source? Looked around > on the source distribution site and can't find anything. > > > Might help. This is an automated snapshot system. Not sure if it > completely works!! :( > http://httpd.apache.org/

Re: [us...@httpd] Setting the Timeout directive to refrain a DoS attacks

André Warnier wrote: > fredk2 wrote: >> Would'nt you think that a (simple) timer for the header could fend off >> some >> of the effect. Can't we assume that if it takes more than 3 second to >> enter >> the header we do not want that client (i'll have to learn to type >> faster in >> telnet :-).

Re: [us...@httpd] Setting the Timeout directive to refrain a DoS attacks

André Warnier wrote: > William A. Rowe, Jr. wrote: >> André Warnier wrote: >>> fredk2 wrote: >>>> Would'nt you think that a (simple) timer for the header could fend off >>>> some >>>> of the effect. Can't we assume that if it takes

Re: [us...@httpd] Setting the Timeout directive to refrain a DoS attacks

Tom Evans wrote: > > It is a bit like an arms race - I guess a solution could be to use a > dedicated thread for reading in POST bodies. This is why IIS appears to the author that is invulnerable; IIS does fill an initial buffer, at least 64k worth. Exhaust that buffer and it should cripple IIS

Re: [us...@httpd] Serving subdomains - ProxyPassMatch issues

Karthik Manimaran wrote: > ProxyPassReverse too doesn't work when I use regex. Of course it does. You just need multiple ProxyPassReverse mappings to correct the myriad ways that the forward pass had occurred. Setting the back end server to use canonical server name and URI's sure helps.

Re: [us...@httpd] How can I secure my apache server from DoS attack ?

Damian Myerscough wrote: > > mod_evasive works against DOS attacks but is ineffective against the slowloris > attack Uhm, distinctions without a difference? How is slowloris not claiming to be a DOS attack? And there are a host of DOS vectors evasive doesn't claim to address. Very odd statemen

Re: [us...@httpd] Wrong charset convert SOLVED

Jiří Eichler wrote: > Ok, "AddDefaultCharset off" added to httpd.conf, charset spec in header > disappeared in both cases, It must be enough for this time. As regards > file uploads, I really want to use utf-8 for multilingual support and I > believe that it is technically possible even on Windows.

Re: [us...@httpd] apache modules

Boyle Owen wrote: > If you just load modules but don't actually use them (ie, no directives > in config), then no. That is not entirely true. Most register a hook provider to evaluate if they are the candidate for providing auth, injecting filters or handling the request. Those hooks do cost som

Re: [us...@httpd] Windows rotatelogs, cmd.exe permission

Philip J Dicke wrote: > I currently have httpd running as a windows service, logging on as a > restricted > user called "webserver". That account is very restricted in the folders that > it can read/execute. In order to follow the security policy, the webserver > account needs to be configured s

Re: [us...@httpd] Windows rotatelogs, cmd.exe permission

Philip J Dicke wrote: >> Ok; please explain how the process initially has rights to invoke cmd.exe >> and how these were subtracted after initialization? > Well it works now b/c the webserver user has access to the cmd.exe. Security > review revealed that access needs to be removed. Ok; that's no

Re: [us...@httpd] Reload httpd.conf on Windows

André Warnier wrote: > Vamshikrishna T wrote: >> Hi, >> >>> From your query, I observed that we can reload apache configuration file >> without restarting the apache web server on Linux. I would like to >> know, how can we do it? >> > See http://httpd.apache.org/docs/2.2/stopping.html or more impo

[us...@httpd] [Fwd: Application Period for Travel Assistance to ApacheCon US 2009 Opens Soon]

For our communities' attention, this is a few day's heads up before the applications actually open... Original Message Subject: Application Period for Travel Assistance to ApacheCon US 2009 Opens Soon Date: Wed, 22 Jul 2009 19:46:15 +1000 From: Gav... The Travel Assistance Com

Re: [us...@httpd] compilation of apache 2.2 on windows

walty wrote: > > By the way, the line of error seems to induced from somewhere inside > "srclib\apr-util\aprutil.dep" Right. set NO_EXTERNAL_DEPS=1 in the environment, that will actually bypass all broken (and working) dependency checking. > Do I miss something here? Nope, the new APR packages

[us...@httpd] ApacheCon opportunities

Questions and *very important* information for *everyone* in relation to httpd.conf - the HTTP Server conference at ApacheCon, which happens this November 2nd through 6th in Oakland CA US... Q. Users, is there interest in organizing an evening meetup with some short sessions, BoFs and user-to-user

Re: [us...@httpd] ApacheCon opportunities

William A. Rowe, Jr. wrote: > > Here is the very important information I promised... > > On Wed 9/4 on the Tomcat track, you'll find a very relevant session > On Thu 9/5 during httpd.conf track, users will discover > On Fri 9/6 during httpd.conf track, users and devs a

Re: [us...@httpd] DBDPersist Off in vhost causes startup error log entries

Nick Kew wrote: > > Problem: The user has got a confusing error message. > > Diagnosis: apr_dso_load and apr_dso_sym on Windows platform > return an OS error instead of an APR error on failure. > > As an APR user, mod_dbd handles the APR errors APR_EDSOOPEN > and APR_ESYMNOTFOUND and gives the u

Re: [us...@httpd] Can you supply username & password for AuthType Basic within a POST/GET?

Jeff Sherk Forerunner Ministries wrote: > Per Erics earlier response, if I encode the username and password in the > URL with https instead of > http, is it secure? > > Like this https://username:passw...@mydomain.com/foo Provided you are using https: SSL or TLS Upgrade you are assured it is secu

Re: [us...@httpd] Using environment variable in condition

Bhuvaneswaran A wrote: > > Short question: How do I use a environment variable in > condition in httpd.conf file? I like to use "SVN-ACTION" variable in > condition in order to define specific configuration for SVN > requests. You don't; IfDefine's are evaluated at server startup, not per-requ

Re: [us...@httpd] Apache for Windows won't start

John Oliver wrote: > So I installed 2.2.13 on W2K3 R2 Enterprise Edition SP2 When I try to > start it, I get a message about error code 1, and there is nothing in > the error.log This is the first time I've tried to do this under > Windows. With Linux/UNIX, there would be *something* in the erro

Re: [us...@httpd] apache approach to blocking external sites that invoke requests to my server via an iframe?

David Taveras wrote: > Hello, > > Ive been told that there a server level approach to be able to block > external sites which are calling my server for requests via an iframe. > Their idea is to steal my dynamic content and make it look like theirs. http://tinyurl.com/m7r86l

Re: [us...@httpd] Apache 2.0.63 log timestamps

Justin Amburn wrote: > Hi all, > > I’m new to the list—hello. I just wanted to ask you guys a question to > see if you might know “off the top” – Does anyone remember anything > about there being a known bug in Apache 2.0.63 that causes access log > timestamps to be out of order? A colleague men

Re: [us...@httpd] Apache for Windows won't install

John Oliver wrote: > Trying to install apache_2.2.13-win32-x86-openssl-0.9.8k.msi on a W2K3 > R2 Enterprise SP2 VM. After I click "Install", I get an error telling > me, "The system cannot open the device or file specified". The > Application Log says: > > Product: Apache HTTP Server 2.2.13 -- I

Re: [us...@httpd] Apache 64 bit ?

ricardo13 wrote: > Only one question. > > Is there Apache 64bit ??? > Where do I download ?? No, it's eight bit ASCII. http://httpd.apache.org/dist/httpd/ It's up to your compiler toolchain and CFLAGS (or CC command) to decide what it compiles when you ./configure and make. ---

Re: [us...@httpd] Apache 64 bit ?

William A. Rowe, Jr. wrote: > ricardo13 wrote: >> Where do I download ?? > > http://httpd.apache.org/dist/httpd/ sorry, that is http://httpd.apache.org/download for your nearest mirror, or http://www.apache.org/dist/httpd/ for th

Re: [us...@httpd] Apache 64 bit ?

ricardo13 wrote: > > I saw this http://www.blackdot.be/?inc=apache/binaries site . > And I have a server with Core 2 Quad (64 bits). You still haven't mentioned an operating system. - The official User-To-User support forum of

Re: [us...@httpd] Apache for Windows won't install

John Oliver wrote: > On Tue, Sep 08, 2009 at 06:27:00PM -0500, William A. Rowe, Jr. wrote: >> John Oliver wrote: >>> Trying to install apache_2.2.13-win32-x86-openssl-0.9.8k.msi on a W2K3 >>> R2 Enterprise SP2 VM. After I click "Install", I get an error tellin

Re: [us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

David Taveras wrote: > > I run apache 2.2.9 & apache 2.2.11 both with apr-1.2.11p2 & > apr-util-1.2.10p2 > > According to the CVE at > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 only 0.9.x > and 1.3.x are affected . Could anybody confirm that this is so? If > not.. how bad

Re: [us...@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?

David Taveras wrote: > > You mentioned as far as APR causing a DoS, how about the execution of > arbitrary code through apache as the CVE says..? No, you misinterpreted; the application developer must expose a DoS/memory exhaustion vector; where that exists, and the affected version of APR is use

Re: [us...@httpd] How does Transfer-Encoding: chunked work with CGI?

André Warnier wrote: > Hi. > As regarding the overall content-length header, has anyone re-checked > the relevant part of the HTTP RFCs ? I haven't yet, but I seem to > remember that for chunked encoding, each chunk has an individual length, > but there is no overall content-length. > Which would m

Re: [us...@httpd] virtualhosts: the default VH gets all trafic. why??

Eric Covener wrote: > On Mon, Sep 14, 2009 at 4:37 PM, André Warnier wrote: >> robert rottermann wrote: >> >> ... >> Nothing to do with your problem, but is the following normal/safe ? >> >> Server loaded: APR 1.3.8, APR-Util 1.3.4 >> Compiled using: APR 1.3.8, APR-Util 1.3.9 >> >> (I mean compil

Re: [us...@httpd] win32 install fails if drive letter removed

David Balažic wrote: > Hi! > > Just checking here if this is a know bug. > > I downloaded > http://www.apache.si/httpd/binaries/win32/apache_2.2.13-win32-x86-no_ssl.msi > on my Windows XP Pro SP3 system, started it, set some more or less > normal options ( > set hostname, domain and email, the u

Re: [us...@httpd] win x64

David Southwell wrote: > Can anyone tell me if it is possible to get apache 2.2.13 or 2.2.14 to > running > as a win XP x64 bit program with ssl or am I limited to 32 bit? I know a 32 > bit version is available and will run but I would like to take advantage of a > 64bit system with a quad pro

Re: [us...@httpd] ad-supported apache proxy

Marcos Mendez wrote: > Does anyone have any suggestions about what is the best way to > implement an ad-supported proxy? I've got mod_substitute injecting > some content, but it only seems to work on simple websites. Should I > be looking at redirecting urls to a frame, and putting the ads there? >

Re: [us...@httpd] apache 2.2 and mod_fcgid

Hendrik Schmieder wrote: > Hello, > > can somebody tell why mod_fcgid is not part of the apache distribution ? Mostly because it is evolving faster/out of sync with the httpd distribution, and applies to all of the 2.0, 2.2 and trunk distributions. Will it become part of the core once it is 'bak

Re: [us...@httpd] apache 2.2 and mod_fcgid

Peter Schober wrote: > * Hendrik Schmieder [2009-11-19 12:53]: >> Is mod_fcgid stable enough for production usage ? > > "Yes" agreed [1] [1] there is an issue handling large POST bodies in 2.3.4, you may wish to stay with 2.3.1 (not recommended though), or grab from subversion, or hold for 2.3.

Re: [us...@httpd] Adding module to Apache-httpd

Ruiyuan Jiang wrote: > I compiled remoteip module and loaded it without problem. > In one of my virtualhost of Apache reverse proxy, I added and tested: > > RemoteIPHeader X-Client-IP > Or > RemoteIPHeader X-Forwarded-For > > Or both > > I don't see the remote client IP is being forwarded to the

Re: [us...@httpd] Apache httpd does not respect the HTTP RFCs !

André Warnier wrote: > ;-) > I just wanted, once, to use a subject line with capitals and an > exclamation mark. > > It seems however that in this particular case, neither Tomcat nor Apache > httpd follow the rules, when they default to the .. default virtual host > in the case where they cannot f

Re: [us...@httpd] httpd translate to dutch

Teun wrote: > > Are there Dutch people who like to start translate apache httpd manual? :) We have about 5 Dutch committers or those who are fluent in the httpd project, unfortunately all are developers/overcommitted. I encourage you to email d...@httpd.apache.org with your suggestion, especial

Re: [us...@httpd] Passing remote client IP address to backend server and session stickness

I realize I just answered you, but in response to your explicit and specific questions; Ruiyuan Jiang wrote: > > Question 1: Is there a way to pass Internet users' IP address to backend > server through Apache reverse proxy server? I am testing that feature so far > no luck. My backend server g

Re: [us...@httpd] Re: Apache httpd does not respect the HTTP RFCs !

Carsten Wiedmann wrote: > William A. Rowe Jr. schrieb: >> I agree it should be easier, Rich and I have it down to 3-4 lines of rewrite >> magic >> to kick out a 400, but we should probably allow this to be explicit >> [default?] > > That would be nice. And if I

Re: [us...@httpd] Re: Apache httpd does not respect the HTTP RFCs !

Carsten Wiedmann wrote: > > Well, and the error document with [R=400] (or other status codes) is also > not multi language. Right; presume for a moment that anyone hitting your server with a bogus dns reference or by-ip is doing so in a less-than-friendly, spidery or malicious manner. Are they r

Re: [us...@httpd] Building Apache 2.2 without IPv6

Zachary Uram wrote: > Krist I prefer IPv4 addressing. I can remember 128.2.10.12 but I can't > remember some insane IPv6 hexadecimal address! lol. And I love my > commands such as ping, traceroute, dig, host, nslookup etc. This has nothing to do with why to enable IPv6 in APR. Look, the IPv6 API

Re: [us...@httpd] Building Apache 2.2 without IPv6

Daniel Reinhardt wrote: > From: "William A. Rowe Jr." > Sent: 04 December, 2009 7:03 > To: > Subject: Re: [us...@httpd] Building Apache 2.2 without IPv6 > >> Zachary Uram wrote: >>> Krist I prefer IPv4 addressing. I can remember 128.2.10.12 but I can

Re: AW: [us...@httpd] Silent Installation Apache HTTP Server

Buchbauer Thomas wrote: > Platform: Windows > Version: latest release (>= 2.2.13) I recently updated the docs; see http://httpd.apache.org/docs/trunk/platform/windows.html#advinst - The official User-To-User support forum of the

Re: AW: AW: [us...@httpd] Silent Installation Apache HTTP Server

Buchbauer Thomas wrote: > Sounds good! > > Is there also a way to provide an so called 'answer-file' instead of > specifying the values in the command-line? > See http://nsis.sourceforge.net/Docs/Chapter4.html#4.12 You know the variables; this isn't a Microsoft System Installer (msiexec) support

Re: AW: [us...@httpd] Silent Installation Apache HTTP Server

André Warnier wrote: > William A. Rowe Jr. wrote: >> Buchbauer Thomas wrote: >>> Platform: Windows >>> Version: latest release (>= 2.2.13) >> >> I recently updated the docs; see >> http://httpd.apache.org/docs/trunk/platform/windows.html#advinst >

Re: [us...@httpd] Code coverage while running web server

Krist van Besien wrote: > On Sat, Dec 19, 2009 at 1:30 AM, Guruprasad JG > wrote: >> I am referring to the Apache code written in C. I would like to see if all >> the paths are exercised for - request processing, resource management, >> connection pooling, and configuration directives of the apac

Re: [us...@httpd] Apache 2.2.14 - Win XP - requests hanging, nothing sent

On 1/13/2010 10:26 AM, Nathan Long wrote: > Hi! First time posting - will try to step lightly. > > I've got Apache 2.2.14 installed on a Win XP laptop. Some page loads > work fine, but others never complete. To rule out PHP or MySQL, I made > a 1 KB, static, HTML-only page, and I get the same hit-

Re: [us...@httpd] Apache on IA64

On 1/9/2010 9:58 AM, Jorge Schrauwen wrote: > I have not targetted IA64, but I've done a quite a lot of binaries for > EMT64/AMD64. Note the architectures are radically different, AIUI IA64 has a 64 bit default int, X86_64 is a 32 bit; IA64 is a big endian platform, IIRC, while X86_64 is small en

Re: [us...@httpd] %2F to /

On 1/16/2010 9:51 AM, Kpadvel wrote: > Okey, I wasn't aware of that. Starting a new thread. > > Experts plesae advise and here is the problem... > > We are getting a dummy 404-not found error on a page wherein which the URL > has %2F and it needs to be decoded as / but thats not happening. We do

Re: [us...@httpd] SSL error reported from windows socket

On 1/25/2010 10:05 AM, Tony Anecito wrote: > Hi All, > > I am getting intermittant windows ssl error regarding connections. Something > like socket error code 12157 ERROR_INTERNET_SECURITY_CHANNEL_ERROR. This message has no relationship to Apache httpd that I'm aware of, it is from a different s

Re: [us...@httpd] getting client ip address information from http request.

On 2/5/2010 7:13 AM, Arnab Ganguly wrote: > Hi All, > How do I retrieve client ip information from the http request in Apache > module ? Like the loadbalancer is putting it own ip in the place of > client ip address. We tried %{X-Forwarded-For} but this takes care of > access log not the module spe

[us...@httpd] Re: Fwd: Cron /root/bin/bugcron.sh

On 2/7/2010 6:45 PM, Sander Temme wrote: > > > Begin forwarded message: > >> ASF Bugzilla is running its weekly stats at Sun Feb 7 23:08:02 UTC 2010 > <..> >> 65 bugs for Apache httpd-1.3 > > Now that we have lowered the boom on 1.3, shall we close it out for new bugs? > > > Anyone ha

Re: [us...@httpd] IP address in access_log are always 0.0.0.0

On 2/24/2010 12:39 PM, Frank Chiulli wrote: > > I was asked to update subversion to 1.6.6 on this box as well as > others. As part of that update, I updated both apr and apr-util from > 0.9.4 to 0.9.13. Initially everything seemed to be ok. Then someone > noticed that all the IP addresses in /v

Re: [us...@httpd] Re: Upgrading from Apache1 1.x to 2.1.14

On 2/21/2010 12:07 PM, Paul McFerrin wrote: > I gave up on Xampp as a web server. Too many problems with not having > symbolic links. Went and got Apache version 2.0.63 and I'm trying to > port it to Cygwin. That's a really foolish idea, since the httpd security model depends upon a case sensiti

Re: [us...@httpd] FIPS 140_2 compliant for mod_proxy?

On 3/3/2010 8:34 AM, Mike Trent wrote: > > Unfortunatley restricting the algorithms to FIPS compliant algorithms in the > apache configs is not good enough to claim FIPS 140-2 compliance. The > openSSL library 'must' be running in FIPS mode. It is a requirement of FIPS > 140-2 that the module doin

[us...@httpd] [Announce] Apache HTTP Server (httpd) 2.2.15 Released

The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release and immediate availability of version 2.2.15 of the Apache HTTP Server ("httpd"). This version of httpd is principally a security and bug fix release. Notably, this release was updated to reflect

Re: [us...@httpd] How to apply patches that are in patches_applied directory

On 3/9/2010 12:35 PM, Jeff Trawick wrote: > 2010/3/7 Serj : >> Hi, >> There is no instructions how to apply patches >> http://www.apache.org/dist/httpd/binaries/win32/patches_applied/ to the >> source of Apache 2.2.15 before compiling and linking. How can I do it? > > Using some good build of GNU

Re: [us...@httpd] apache on windows

On 3/12/2010 3:59 PM, Brent Davidson wrote: > Can anyone out there tell me if is workable or not to install > Apache(most current version) on a Windows Web server? It seems folks have missed the crux of your question. You can run httpd.exe on any flavor of Windows, client or server. The client o

Re: [us...@httpd] 2.2.15-win32 compile failure (config-win.h)

On 3/15/2010 5:41 PM, Andy Wang wrote: > Hi all, > Just trying to build httpd 2.2.15 on Windows and I'm running into error: > > NMAKE : fatal error U1073: don't know how to make '"config-win.h"' > Stop. If you are building the "NT" targets, they no longer exist. I wasn't paying attention when we

Re: [us...@httpd] Is web server in front of app server necessary?

On 3/15/2010 8:52 PM, 夏蒸鑫 wrote: > maybe,I don't know. > but there is one point that we must believe. > that is,tomcat's stable version is more secure than devel version of httpd. Really? You have over a century, perhaps 2 centuries of security experience among the experts who monitor httpd commi

Re: [us...@httpd] 2.2.15-win32 compile failure (config-win.h)

On 3/16/2010 9:44 AM, Andy Wang wrote: > > Looking at the aprutil.mak, it looks like the default target is the > generic Win32 Release target. > The config-win.h failure is from aprutil.dep referenced by aprutil.mak > (line 425 under the .\dbd\apr_dbd_mysql target): >{$(INCLUDE)}"config-win.h"

Re: [us...@httpd] Locked Apache configuration file

On 3/20/2010 9:48 AM, Eric Covener wrote: > On Sat, Mar 20, 2010 at 9:23 AM, Marc Buyens wrote: >> Thanks for the suggestion. Unfortunately, it does not solve the mystery. I >> installed the tool and used the search option to find references to the >> file, but without result. I am not an expert i

Re: [us...@httpd] Locked Apache configuration file

On 3/20/2010 11:52 AM, Marc Buyens wrote: > Hello. Many thanks for this. I am new to W7 and wasn't aware of this. > This is clearly one more Bill Gates quirk. What's the use of assigning > administrator rights to users if they are not used? Anyway, you solved > my problem. Explicitly asking to run

Re: [us...@httpd] Locked Apache configuration file

On 3/20/2010 1:02 PM, Daniel Reinhardt wrote: > > Why not install Apache and other web serving stuff into a non-protected > directory like c:\usr\local\apache My c:\usr is quite locked down, thank you very much :) > You can customize your installation locations. We already enable that in the MS

Re: [us...@httpd] Locked Apache configuration file

On 3/20/2010 7:46 PM, Daniel Reinhardt wrote: > > -- > From: "William A. Rowe Jr." > Sent: 20 March, 2010 18:18 > To: > Subject: Re: [us...@httpd] Locked Apache configuration file > >> On 3/20/2010 1:02 PM, Da

Re: [us...@httpd] Apache 2.2 optimization -> Three tips

On 3/22/2010 3:34 AM, Geoff Millikan wrote: > Here's three things I wish I had read about Apache optimization that are not > commonly discussed (we found out by years of trial and error). Agreed, agreed, and *huh*? > 3. Increase your StartServers to the number of maximum requests on your > bigges

Re: [us...@httpd] Apache 2.2 optimization -> Three tips

On 3/22/2010 5:08 AM, Geoff Millikan wrote: >> if your server averages 300 simulatious connections, you need >> to start with 300 servers, and you never want it to drop >> below that number. > > Your experience might show otherwise however based on our experience - if we > averaged 300 new custome

Re: [us...@httpd] apache+mod_fcgid on windows

On 3/23/2010 11:32 AM, Brent Davidson wrote: > I have Apache 2.2.15 installed on Windows2008 box, along with mysql and > php. This is a test box right now, but will be a production server when > this testing is completed. > The msi download for windows does not include mod_fcgid. Nope but the bina

Re: [us...@httpd] apache+mod_fcgid on windows

On 3/23/2010 12:32 PM, Jeff Trawick wrote: >> >> http://www.apache.org/dist/httpd/binaries/win32/ > > FWIW, we didn't get a mod_fcgid 2.3.5 binary build prepared for Windows. Thanks for that point; one will be on its way shortly. --

Re: [us...@httpd] Multiple programs on port 80

On 3/25/2010 2:46 PM, Mark wrote: > On another server I run with IIS, I was able to configure it such that > different domain names (that led to the same server) would take users to > different websites, or, if none were met, would merely send it to > whatever other programs I had running on port 8

Re: [EMAIL PROTECTED] Here's a new one (to me).

Grant Peel wrote: index.html = 1401 bytes. ? Well that's good, you have to understand that without proxy module enabled, these are /local/ requests... Grant Peel wrote: On this past Saturday, my server started seeing sporadic spikes in CPU usage. As it turns out, somehow, some bot or some

Re: [EMAIL PROTECTED] Re: suExec and UserDir module

Juan Asensio Sánchez wrote: Does anyone know if this can be done? Any help? 2008/8/4 Juan Asensio Sánchez <[EMAIL PROTECTED] > Hi everybody I have just configured a LDAP based Samba Server. Now i want the users to publish their websites with the module Use

Re: [EMAIL PROTECTED] Re: Does Apache Support Piped Logs On Windows Platform

Yoann Roman wrote: William A. Rowe, Jr. wrote: Then it became 'run this shell command through cmd.exe' - which needed stdin/out/err all set up right to not-fail running as-a-service. Change it back from shellcmd to program and voila, the code works. We hacked at various handle

Re: [EMAIL PROTECTED] Re: Re: Does Apache Support Piped Logs On Windows Platform

Yoann Roman wrote: William A. Rowe, Jr. wrote: Oh - it still runs cmd.exe. The difference is - there are the correct pipes between apache and that cmd/invoked program/script. That's what I'm trying to avoid, actually. I have 2 vhosts with this install, each doing its own error

Re: [EMAIL PROTECTED] How to get SSL handshake errors logged

Wilda, Jet wrote: Hi, How do I get Apache httpd (2.0.X and 2.2.X) to log SSL handshake errors? I found that if I set ‘LogLevel info’ they will be logged to the error log. However it then logs way to much stuff. What I need is a way to just log all the SSL errors especially the hand

Re: [EMAIL PROTECTED] Problem with configs

Joseph S D Yao wrote: I have just joined this mailing list, but a Google indicates that this topic has not come up before. If I am wrong, I apologize, and ask for a pointer. Good way to attract attention of lurkers :) I understand that the argument to the Proxy directive is supposed to be a

Re: [EMAIL PROTECTED] Problem with configs

Joseph S D Yao wrote: I understand that the argument to the Proxy directive is supposed to be a shell-style wildcard (rather than a simple prefix match), as the argument to the ProxyMatch directive is supposed to be a Perl-style regular expression. Ok. So a shell style wildcard never hits on a

Re: [EMAIL PROTECTED] How to start Apache automatically with certificate?

Joseph S D Yao wrote: On Thu, Aug 28, 2008 at 10:31:42AM -0300, Tan, Liao wrote: Ok, ic I can simply remove the passphrase, and provided the new key be readabale by root only, I should not have any security problems... is it simply remove it? or any other settings, configuratios, re-installat

Re: [EMAIL PROTECTED] How to start Apache automatically with certificate?

Joseph S D Yao wrote: On Thu, Aug 28, 2008 at 05:42:59PM -0400, Eric Covener wrote: ... root-owned private key sure sounds wiser to me. ... Tell me three good reasons why. Bad ones don't count. I owe you one and that's all my time you'll waste. A root owned private key perms 400 is going t

Re: [EMAIL PROTECTED] Error when creating certificate in HPUX

Joseph S D Yao wrote: Long ago but not far away, when I had to implement this on HP-UX, I found that it had no "random" device. Not many systems did, then or now. So I got the Entropy Generating Daemon [egd, written in Perl], and it worked fine. Remember to have it start at boot BEFORE anythi

Re: [EMAIL PROTECTED] How to start Apache automatically with certificate?

Joseph S D Yao wrote: On Thu, Sep 04, 2008 at 03:55:33PM +0100, Tom Evans wrote: ... They've also suggested that their conf files be owned by root, and only readable by the apache user, which you also disagree with. ... Nobody has come up with a good argument for this, or a refutation of my ar

Re: [EMAIL PROTECTED] Prevent img smoothing?

Mike -- EMAIL IGNORED wrote: On my website I have a BMP picture that is 13x20 pixels. I want it displayed as a matrix of little squares. Displaying on Win2k with IE or Firefox, and on WinXP using IE, that is what I get. But on WinXP with Firefox, the picture is "smoothed" into a blurry mess. Is

Re: [EMAIL PROTECTED] How to start Apache automatically with certificate?

Joseph S D Yao wrote: On Thu, Sep 04, 2008 at 12:33:20PM -0500, William A. Rowe, Jr. wrote: Joseph S D Yao wrote: On Thu, Sep 04, 2008 at 03:55:33PM +0100, Tom Evans wrote: ... They've also suggested that their conf files be owned by root, and only readable by the apache user, which you

Re: [EMAIL PROTECTED] Content Negotiation problem

Keelan Long wrote: Anyone have any idea whats wrong? Try Options -multiviews in your config file above those directories. If you aren't serving one-of-several flavors, e.g. if you had five corresponding .html files with the same base name but different languages/character sets, then multiv

Re: [EMAIL PROTECTED] any reasons not to compile with -enable-exception-hook?

fredk2 wrote: Hi, is there any reasons why you would not want in production (or hardened server) an apache compiled with -enable-exception-hook? Yes. You can and should expect that once the server is compromised, it's possible although highly unlikely that the actual target of that hook is al

Re: [EMAIL PROTECTED] Configuration Problems

André Warnier wrote: Not knowing Vista, I have not much to contribute, the bit of information you are missing is file permissions and UAC (User Access Control). Clearly a file permission problem, because it didn't silently accept their change as a private copy that the system would ignore.

  1   2   3   4   5   6   7   8   9   10   >