Re: [users@httpd] Re: Choosing Windows platfrorm

2021-10-23 Thread Andrea Croci 

On 23.10.21 10:28, Marc wrote:

With over 1.4 billion devices now running Windows 10/11, customer
satisfaction is higher than any previous version of windows.



WTF WTF I @#$@#$@#$ hate windows 10. Customer statisfaction with Microsoft is 0
https://www.reddit.com/r/aargh_Microsoft/
-


This is off topic, but I feel I have to contribute to it.

It was most certainly meant sarcastically: nobody can really be
satisfied with Microsoft (besides they are not actually customers, in
the sense that they don't choose to buy Windows: they are forced to live
with it).


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Can't get the list of loaded modules with apache2 -M

2021-07-26 Thread Andrea Croci 

Thank you for your help. I found out

apache2 -M

works great without sudo. I would have never expected that.

On 26.07.21 20:20, Eric Covener wrote:



On Mon, Jul 26, 2021 at 2:09 PM Marc Serra mailto:mse...@manxa.com>> wrote:

Try to source your envvars by running it like this

source /etc/apache2/envvars

and then

/usr/sbin/apache2 -M


or apachectl -M

[users@httpd] Can't get the list of loaded modules with apache2 -M

2021-07-26 Thread Andrea Croci 

Hi, I have Apache 2.4.48 installed in Ubuntu 20.04 by adding the
ondrej-ppa. When I do

sudo apache2 -M

(and other apache2 commands as well) I get

[Mon Jul 26 19:03:15.930435 2021] [core:warn] [pid 10739] AH00111:
Config variable ${APACHE_RUN_DIR} is not defined
apache2: Syntax error on line 82 of /etc/apache2/apache2.conf:
DefaultRuntimeDir must be a valid directory, absolute or relative to
ServerRoot

The envvars file does define those variables and I didn't touch it from
installation. The only thing I did is to add to the apache2.conf file a
global ServerName directive, because it was complaining by reloading
that it couldn't find the fully qualified domain name.

Now it reloads and restarts fine, but I get that error. The error log
only shows my restarts and reloads, nothing else. I didn't find anything
useful on the net. How could I go about troubleshooting this?

Thanks,

Andrea

Re: [users@httpd] Application Developer, ICO watchdog

2021-05-18 Thread Andrea Croci 

That's very true, but I still had a good laugh reading that idiocy. I'll
give her an A grade for that.

BTW, watch your language, or her father will sue you!

On 18.05.21 20:42, Nick Folino wrote:

You're an idiot.

Nick age 50

On Tue, May 18, 2021 at 2:28 PM  wrote:


I have completed my school project.
I showed it to my Daddy.

I showed him how easy it is to setup a website if you have Ubuntu
and even better with Ubuntu-mate.
ALT + CTL + T
type  couple of commands and everything is done for you including
security.

He said if I show the effort I put in to the teacher in the
accompanying project documentation ,
the teacher will marked me down for choosing a project makes which
required little effort. It was too easy! for your age group.

I asked what should do I then Daddy ?
He said  tell the teacher  you followed the documentation provided
here by the https://httpd.apache.org/docs/2.4/
 to do your assignment.

When the teacher makes an assessment of the work required to setup
a website  using the Apache documents  you will get an A grade for
sure !


He also said do keep in mind  these web servers is admin work like
DBAs and operating system admins.

When you grown up make sure you aim for something substantial like
Application Developer.
That is real professional work.
This admin work we call secretarial work. It is not even
technician level.


My Daddy, who is a barrister  said he will see about the " socket
puppy "  remarks
and he will take up the matter with the ICO   watchdog for breach
of privacy.
This apache foundation had their warning.

https://www.bbc.co.uk/news/technology-54568784


https://www.forbes.com/sites/carlypage/2020/10/16/ico-hits-british-airways-with-record-breaking-fine-for-2018-data-breach/?sh=a954e0f481ac




Best Regards
Emily age 14

Re: [users@httpd] Aw: Re: [users@httpd] Apache in under attack. [EXT]

2021-01-13 Thread Andrea Croci 

Hi James,

what was the command you used to see that apache uses ~1GB of memory? I
deleted the mail and that was a bad idea: there were some very useful
commands you were giving us here.

On 12.01.21 12:17, James Smith wrote:

That shows you only have 2 incoming requests. How many lines if you remove the 
TIME_WAIT

Try: netstat -n | grep ':80 ' | wc

This may show lots of short requests happening over time

But to be honest the host important thing you need to do is strip down the list 
of modules you are using - that is what is causing you problems - the apache 
processes are so large you are causing the server to swap -

If you are permanently using a lot of swap then that slows down your processes 
and can cause your request to back up (a bit like a traffic jam)

You should only really have about 20-30 modules running.

-Original Message-
From: Jason Long 
Sent: 12 January 2021 11:14
To: users@httpd.apache.org
Subject: Re: [users@httpd] Aw: Re: [users@httpd] Apache in under attack. [EXT]

It show me:

# netstat -n | grep ':80 ' | grep -v TIME_WAIT
tcp6       0      0 X.X.X.X:80        X.X.X.X:16126      FIN_WAIT2
tcp6       0      0 X.X.X.X:80        X.X.X.X:64595      FIN_WAIT2






On Tuesday, January 12, 2021, 02:20:00 PM GMT+3:30, James Smith 
 wrote:





If you want incoming traffic you can do:

netstat -n | grep ':443 ' | grep -v TIME_WAIT

The incoming IP should be the 2nd address

(or ':80 ' if you aren't doing SSL)

Remove the grep -v TIME_WAIT to see all connections {and recent connections}

-Original Message-
From: Jason Long 
Sent: 12 January 2021 10:33
To: users@httpd.apache.org
Subject: Re: [users@httpd] Aw: Re: [users@httpd] Apache in under attack. [EXT]

Output is:

1688 323400 80850   0 /usr/sbin/httpd -DFOREGROUND
  6384 517620 129405   0 /usr/sbin/httpd -DFOREGROUND
1163280 3898288 974572  63 /usr/sbin/httpd -DFOREGROUND
1250040 3912624 978156  64 /usr/sbin/httpd -DFOREGROUND
1299300 3986396 996599  84 /usr/sbin/httpd -DFOREGROUND
1367304 4012976 1003244  74 /usr/sbin/httpd -DFOREGROUND

How can I see the IP addresses and their incoming traffic?






On Tuesday, January 12, 2021, 01:49:21 PM GMT+3:30, James Smith 
 wrote:





Another thing to look at is to restart the apache process and see memory usage. 
You can either use top. Or you can use a cron job which emails you the output 
of:

ps -e -o rsz,vsz,sz,cp,cmd | grep apache2 | grep -v grep | sort -k 1 -n

to see if you start or if it grows gradually

-Original Message-
From: Jason Long 
Sent: 12 January 2021 10:01
To: users@httpd.apache.org
Subject: Re: [users@httpd] Aw: Re: [users@httpd] Apache in under attack. [EXT]

I did below rule, but not worked:
# iptables -A INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 
-j REJECT --reject-with tcp-reset







On Tuesday, January 12, 2021, 01:15:40 PM GMT+3:30, Florian Schwalm 
 wrote:






It can be done with iptables or take a look at fail2ban:
https://urldefense.proofpoint.com/v2/url?u=https-3A__security.stackexchange.com_q_35773_213194=DwIFaQ=D7ByGjS34AllFgecYw0iC6Zq7qlm8uclZFI0SqQnqBo=oH2yp0ge1ecj4oDX0XM7vQ=I9F0cXVKI5lNIkmNjSJUj4c7qqr061vJX88jzcMLpvA=_jkuSoCIH2P5CqYmZuedFXUmuuq3Uf5PkIKE5nk_B3o=

Am 12.01.21, 10:26 schrieb Jason Long :

   Thank you, but "Firewalld" or "iptables" can't do it automatically? When an 
IP sending many request then it automatically blocked.






On Tuesday, January 12, 2021, 12:49:50 PM GMT+3:30, James Smith 
 wrote:





Jason,

I would also query why your process are ~ 1G resident that seems quite large 
for apache.

What modules do you have enabled  - even with mod_perl embedded I would not 
want them to go about 500-800M depending on the site of your box.

I know Apache is very good at grabbing memory for each process - but it doesn't 
tend to hand it back - and just keeps it (just in case)

It looks like you either have a memory leak - or the code is collecting too 
much data before squirting it out

There are other setups that you may want to look at if you have large dynamic 
requests and a lot of small static request (images/css/js) where you run two 
web servers - one serving static content and proxying back to dynamic content.

James

-Original Message-
From: James Smith 
Sent: 12 January 2021 09:09
To: users@httpd.apache.org
Subject: RE: [users@httpd] Apache in under attack. [EXT]

Put a firewall rule into block whatever that first IP address is then.

Something like:

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source 
address='X.X.X.X' reject"

If you are seeing a current attack then you can tweak Charles' command line to:

tail -1 access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head

or I often use cut instead of awk..

tail -1 access.log | cut -d ' ' -f 1 | sort | uniq -c | sort -nr | head

-Original Message-
From: Jason Long 
Sent: 12 January 2021 08:53
To: users@httpd.apache.org
Subject: Re: [users@httpd] Apache in under attack. [EXT]

Re: [users@httpd] rpmbuild for httpd-2.4.23 failed missing mod_proxy_fdpass.so

2016-07-17 Thread Andrea Croci 
[httpd-2.4.23] mod_porxy_fdpass.la is missingIs this your typo or is it in your conf/build files?

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache LoadBalancer goes into 302 infinite loop

2016-06-13 Thread Andrea Croci 

Just my two cents: Directives

Order Allow,Deny
Allow from all

are typical of 2.2.x. Although they can be used in 2.4.x, I'm not sure 
it's a good idea. Any reason for not replacing them with the "Require" 
directive?


On 13.06.2016 15:44, Jim Jagielski wrote:

2.4.2 is quite old, and there have been numerous fixes and
improvements to the reverse proxy and load-balancer code
since then... Is upgrading to 2.4.20 an option?


On Jun 13, 2016, at 9:39 AM, Baruch Volkov  wrote:

I do see thousandths posts on Apache LoadBancer and quite a few on infinite 
loop with 302, but so far could not be able to fix my issue and would 
appreciate a comment/suggestion.

I have installed Apache/2.4.2 (Win64) with the following configuration:

ProxyPass /rcm59018ora balancer://mycluster/rcm59018ora

SetHandler balancer-manager
AuthType Basic
AuthName "Balancer Manager"
AuthUserFile "D:\Apache2.4\conf\.htpasswd"
Require valid-user
SetEnvIf X-Forwarded-Proto https HTTPS=on


BalancerMember ajp://nyvmcs6:9011/rcm59018ora route=server1
BalancerMember ajp://nyvmcs6:9012/rcm59018ora route=server2
ProxySet lbmethod=byrequests
Order Allow,Deny
Allow from all
SetEnvIf X-Forwarded-Proto https HTTPS=on

StartUp log:

[Sun Jun 12 08:38:25.733749 2016] [mpm_winnt:notice] [pid 7060:tid 584] 
AH00455: Apache/2.4.2 (Win64) configured -- resuming normal operations
[Sun Jun 12 08:38:25.734725 2016] [mpm_winnt:notice] [pid 7060:tid 584] 
AH00456: Server built: May 11 2012 20:42:30
[Sun Jun 12 08:38:25.734725 2016] [core:notice] [pid 7060:tid 584] AH00094: 
Command line: 'D:\\Apache2.4\\bin\\httpd.exe -d D:/Apache2.4 -f 
D:\\Apache2.4\\conf\\httpd.conf -d D:\\Apache2.4\\.'
[Sun Jun 12 08:38:25.734725 2016] [mpm_winnt:notice] [pid 7060:tid 584] 
AH00418: Parent: Created child process 3332
[Sun Jun 12 08:38:26.033565 2016] [mpm_winnt:notice] [pid 3332:tid 540] 
AH00354: Child: Starting 64 worker threads.
Two Apache Tomcat/7.0.47 with following configuration:




and




Startup logs:

INFO: Starting ProtocolHandler ["ajp-apr-9011"]
Jun 12, 2016 7:50:13 AM org.apache.catalina.startup.Catalina start

INFO: Starting ProtocolHandler ["ajp-apr-9012"]
Jun 12, 2016 7:50:13 AM org.apache.catalina.startup.Catalina start
Whenever I try to access - http://nyvmcs6/rcm59018ora it hangs and I see in 
Apache log endless:

xxx.xxx.xxx.xxx - - [12/Jun/2016:08:39:22 -0400] "GET /rcm59018ora HTTP/1.1" 
302 -
xxx.xxx.xxx.xxx - - [12/Jun/2016:08:39:22 -0400] "GET 
/rcm59018ora/acegi/acegilogin.jsp HTTP/1.1" 302 -
xxx.xxx.xxx.xxx - - [12/Jun/2016:08:39:22 -0400] "GET 
/rcm59018ora/acegi/acegilogin.jsp HTTP/1.1" 302 -

xxx.xxx.xxx.xxx - is my machine from where I access


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org




-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] 502 Proxy Error when redirecting URL

2015-06-28 Thread Andrea Croci 

Hello Group,

I googled for this fairly long, and I did find a lot of help indeed, but 
I still can't get it.


I'm on a Ubuntu 14.04.2 LTS machine with Apache 2.4 and Red5 for 
Openmeetings to work.


What I'm trying to achieve is: I have mydomain.eu in a host service, 
where my website runs (this also with Ubuntu 14.04, by the way). Since I 
can't install Openmeetings on that server, because I have no root access 
to it, I thought I would install it in my server, reachable under 
myname.ddns.net. Openmeetings is now installed under directory 
presentations-en on port 5080 and works fine both local and from the net.


However, because I wouldn't like people to see myname.ddns.net as an 
address in their URL-bar in the browser, I tried redirecting 
mydomain.eu/presentations-en with an .htaccess file to 
http://myname.ddns.net:5080/presentations-en; with this directive


RewriteRule ^(.*) http://myname.ddns.net:5080$1 [P] # I tried also with 
a / between 5080 and $1


This gives me a 502 Proxy Error

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request /GET /presentations-en/ 
http://www.ophaniel.eu/presentations-en//.


Reason: Error reading from remote server

I enabled mod_proxy, mod_proxy_http and mod_proxy_html in the 
myname.ddns.net server and wrote this in the apache2.conf file:


ProxyPass /presentations-en http://localhost:5080/presentations-en
ProxyPassReverse /presentations-en http://localhost:5080/presentations-en

I tried with a lot of other configurations of directory structure and 
substituting localhost with myname.ddns.net to no avail. I tried a 
lot of other directives that I found in forums and mailing lists, but 
none of them worked. On some occasions I even get a different error by 
not changing absolutely anything. Once with this same configuration I 
got the URL changed to


http://myname.ddns.net:5080/presentations-en/presentations-en # (it 
rewrote presentations-en twice for whatever reason)


and obviously the error 404 Resource not found.

I looked at the log files for apache2 and access, but didn't find 
anything helpful there. I'll be more than glad to attach whatever log 
file can be helpful to you.


Thank you very much,

Regards, Andrea.