Volunteers to drive an MSI build

William Rowe said he was working on a new WiX-based installer (that is the same installer that Microsoft now uses for Visual Studio). http://mail-archives.apache.org/mod_mbox/httpd-users/201210.mbox/%3c5085fe9a@rowe-clan.net%3e That should make the process significantly easier. - Y On

Re: Volunteers to drive an MSI build

On Sat, Nov 17, 2012 at 10:59 AM, Issac Goldstand mar...@beamartyr.netwrote: Why not go the IIS route and use a c:\wwwroot or the like for non program-file stuff (logs, cgi-bin, docs, htdocs, conf)? That is similar to what the Debian package maintainers do (see

Re: Volunteers to drive an MSI build

On Wed, Nov 28, 2012 at 10:35 AM, André Malo n...@perlig.de wrote: You know that, and I know that. Jst as our Windows users know they have no use for source code. The discussion is moot. The ASF will not provide binary software. Is that a new policy? ASF has provided (i.e. made available

Re: [users@httpd] Apache HTTP Server 2.4.x for Windows?

This arguement has been going on the HTTPD-dev list recently too. Defining some terms should answer your question. Binaries are provided by volunteers who have commit access to the HTTPD project. They are not formally provided by the Apache Software Foundation. There is ongoing discussion on the

Re: Win32 src bundles for Apache

On Tue, Dec 18, 2012 at 11:24 AM, Andy Wang aw...@ptc.com wrote: This was brought up a while ago that the Apache 2.4.x and 2.2.23 builds were lacking the win32 source bundle. There was some discussion about how to build these bundles:

Re: [Discuss] Time to rewrite/rethink modules.apache.org?

On Wed, Jan 23, 2013 at 4:04 AM, Daniel Gruno rum...@cord.dk wrote: If you find a bug, post it to me or on the list, whichever you think is appropriate. OK. Bug I found seems to be fixed (since about 2300 EST). When I clicked on the link to modules.lua on projects.lua, there was some error.

Re: New RewriteMap Help/Suggestions

On Thu, Apr 25, 2013 at 10:35 AM, Jim Riggs apache-li...@riggs.me wrote: So, I have created a crude, working proof-of-concept of this. It basically copies all of the functionality of the txt maps, including the cache, but in the lookup_map_regexpfile() function, it compiles the regexp for each

Re: URL scanning by bots

On Tuesday, April 30, 2013, Christian Folini wrote: But you can try it out for yourself easily with 2-3 ModSecurity rules and the pause directive. Someone suggested the same idea to me and I tried it out on one of my servers by setting PHP as the 404 handler and having it loop there. (which

Re: apache Binary called when php is run

If you just run a PHP script, none. If you mean that you go to a PHP script in the browser, then tt depends on how you have PHP configured. The choices are mod_php, fastcgi, cgi (and maybe other options that I am not aware of). If you can provide more information, you might get a better answer.

Re: Decrypting mod_session-created cookie

Here is the actual procedure (in TRUNK, but last modified 3 months ago, I did not look at what changed). http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_crypto.c?view=markup Ignoring the apache-specific configuration, it looks pretty standard to me (although I did not

Re: Decrypting mod_session-created cookie

Unfortunately not this week. Send me a reminder email next week and I should be able to look at it. - Y On Tuesday, July 9, 2013, Mikhail T. wrote: 08.07.2013 23:44, Yehuda Katz написав(ла): Ignoring the apache-specific configuration, it looks pretty standard to me (although I did not spend

Re: Need an example of a simple application and how to set it up on Apache 2.2

This is more appropriate for the HTTPD Users list. http://httpd.apache.org/userslist.html The DEV list is for the server development. You need to also include what language your application is. By default Apache will only serve HTML unless you set up cgi or some other language module. On Tue,

Re: Configuration error handling after httpd restart

Since this is up for discussion anyway, what if there was an option to set a directive as ignore-able. For example, PHP allows you to preface a function with `@` to ignore errors (http://www.php.net/manual/en/language.operators.errorcontrol.php). That way, if you restart and the error is Invalid

Re: SSL and NPN

I have not looked at the patches or ALPN in detail, but I think the important question is how hard it would be to change this for (or add) ALPN support. If Chrome is planning to remove NPN support, it does not seem very useful to add the feature to HTTPD. - Y On Mon, Apr 28, 2014 at 5:56 PM,

Re: MAJOR SECURITY-PROBLEM Apache 2.4.6

On Wed, Oct 1, 2014 at 2:19 PM, Eric Covener cove...@gmail.com wrote: On Wed, Oct 1, 2014 at 2:16 PM, Eric Covener cove...@gmail.com wrote: To me, this does not exonerate mod_php, it implicates it. I suspect your source code is served because PHP swallowed the LimitRequestBody​ and then

Fwd: [users@httpd] Looking for a new maintainer for FableTech Server Status for Apache

Dev list is probably a better place to ask this. -- Forwarded message -- From: Morten Shearman Kirkegaard m...@fabletech.com Date: Tue, Feb 17, 2015 at 1:37 PM Subject: [users@httpd] Looking for a new maintainer for FableTech Server Status for Apache To: us...@httpd.apache.org

Documentation: Chrome breaks localhost resolution

I had several people contact me recently about broken Apache installation where the issue was actually with Chrome (I think starting with 43). When a system has IP-based vhosts on 127.0.0.0/8 besides 127.0.0.1 and uses the hostname anything.localhost, Chrome will no longer load those pages. This

APLOGNO() in mod_rewrite

I noticed today that errors about invalid flags on rewrite rules do not have APLOGNO() on them. cmd_rewriterule calls cmd_rewriterule_setflag and if a string is returned, prefixes "RewriteRule: " and returns that as an error. Should these have APLOGNO()? They are errors, but they don't use

[PATCH 58985] Add 451 status code

Hello all, I looked into the missing 451 status code because someone asked about it on the users list. It seems like a simple enough patch - since it is just copying an existing feature. I am looking at possible contributing more and I am interested in feedback.

Re: Did someone take over my JIRA account?

This mailing list is for HTTPD dev. I think you want to contact infra ( http://www.apache.org/dev/infra-contact) for Jira issues. It is possible someone on this list has the necessary access to Jira to help you, but HTTPD uses Bugzilla, not Jira, so you are not likely to get help here. - Y On

Broken Chunking with Fallback Resource

I was asked to look at a FreeBSD server with HTTPD 2.4.18 (mod_php - 5.6.17). The site experiencing the issue is running WordPress. There appears to be an issue with chunked responses not being delivered properly when using FallbackResource. Chrome and the W3 Validator both complain about missing

Re: Missing reference...

On Wed, Jan 27, 2016 at 10:51 PM, William A Rowe Jr wrote: > I noted that https://en.wikipedia.org/wiki/Apache_HTTP_Server > doesn't contain a "References in Popular Culture" section... > > ... does anyone have the link to Bill's Foxtrot panels about > Jason grabbing his

Re: [PATCH] Add "FreeListen" to support IP_FREEBIND

On Mon, Mar 7, 2016 at 9:06 PM, William A Rowe Jr wrote: > On Mar 7, 2016 13:54, "Jan Kaluža" wrote: > > > > On 03/07/2016 04:17 PM, Jim Jagielski wrote: > >> > >> Intstead of adding YAD (yet another directive ;) ), would it > >> be possible to somehow

Re: access control for dynamic hosts

dyndns is a company name, but it seems to be synonymous for a lot of systems with dynamic-dns. That would make a recognizable option for a lot of people. - Y On Tue, Mar 1, 2016 at 10:00 AM, Eric Covener wrote: > On Tue, Mar 1, 2016 at 9:53 AM, wrote: >

Re: Query on linking Apache Mailing list with GitHUub Commits

HTTPD uses SVN, Github is just a nice mirror. Each git commit should have a line that starts "git-svn-id". The SVN commit number and canonical link is there. - Y On Mon, Nov 14, 2016 at 8:45 PM, Mehvish.Rashid wrote: > I see code commits on this link:

Re: The Version Bump fallacy [Was Re: Post 2.4.25]

On Wed, Dec 28, 2016 at 12:35 AM, William A Rowe Jr wrote: > Our adoption is *broadly* based on the OS distributions > from vendors, not from people picking up our sources. > Yes - some integrate directly from source, and others > use a non-OS distribution. > I think a

Re: [users@httpd] URG:DocumentRoot relate query on WIndows

environment working, but if someone has seen this before, it might save me the time. - Y On Fri, Mar 10, 2017 at 11:27 AM, Yehuda Katz <yeh...@ymkatz.net> wrote: > You can set the DocumentRoot to "C:/" (note the forward slash instead of > the backslash). > You can technicall

Re: Tool to analyze and minimize loaded modules.

The server-info handler can give you some of that information, but not 100%. It lists each module and the relevant configuration, but mod_info itself is an example of that not being enough: SetHandler server-info is listed in core.c and for me there is no configuration listed under mod_info. I

Re: open tags - minimal example

AM, "Nick Kew" <n...@apache.org> wrote: On Sun, 2018-01-28 at 08:31 -0500, Yehuda Katz wrote: > HTTPD doesn't see the tags in the file at all. The way the file is > processed is determined by which Handler you set in the > configuration: > https://httpd.apache.org/docs/2.

Re: open tags - minimal example

HTTPD doesn't see the tags in the file at all. The way the file is processed is determined by which Handler you set in the configuration: https://httpd.apache.org/docs/2.4/handler.html To have your wrote: Hi Eric, Thank you for the Link. I mean: "writing module to interpret codes like PHP."

Re: Revisit Versioning? (Was: 2.4.3x regression w/SSL vhost configs)

On Sat, Apr 14, 2018 at 9:48 AM, Jim Jagielski wrote: > IMO, the below ignores the impacts on OS distributors who > provide httpd. We have seen how long it takes for them > to go from 2.2 to 2.4... I can't imagine the impact for our > end user community if "new features" cause

Re: Load balancing and load determination

HAProxy has a similar feature called agent-check ( https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-agent-check) although in their case, the backend server specifies it's own weight. Either way - whether the frontend or backend determines the weight - it would be useful. - Y

Re: Help regarding an issue with Apache Tomcat

This list is for Apache HTTPD. You can find support for Tomcat here: http://tomcat.apache.org/lists.html#tomcat-users - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Fri, Feb 7, 2020, 2:35 AM Cheeneebash, P. wrote: > Hello, > > We need help regarding an

Re: Use of [skip ci] in commit messages to avoid Travis builds

On Sat, Feb 8, 2020 at 6:01 AM Luca Toscano wrote: > I didn't find a way to instruct Travis to avoid triggering a build if only > certain file types are committed, so the only solution for the moment is to > manually add the aforementioned sequence :( > For the record, this has been a really

Re: "Forbid" directive in core?

On Mon, Apr 27, 2020 at 11:37 AM Eric Covener wrote: > On Sat, Sep 28, 2013 at 12:21 PM Tim Bannister > wrote: > > The second time in a few days, I'm going to suggest adding an optional > parameter to a directive. > > > > Taking a leaf out of cascading stylesheets, how about “Forbidden On >

Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?

2.4.44 and 2.4.45 were never released. Everything that was in 44 and 45 is in 46. - Y Sent from a device with a very small keyboard and hyperactive autocorrect. On Tue, Aug 11, 2020, 8:46 AM Pavel Lyalyakin wrote: > Hello, > > The version 2.4 vulnerabilities page[1] tells that CVE-2020-9490, >

Re: APLOGNO number range for vendors?

Would a crazy option 4 be to add VENDOR_APLOGNO() which could add a prefix to the log number to be used in any patches? For example, V_APLOGNO('R', 123) could produce AHR123 This would make it clear that the error comes from a patch from another distribution. - Y Sent from a device with a

Re: [GitHub] [httpd-site] rbowen merged pull request #7: Drops link to 1.3 docs, which are gone.

Since 1.3 isn't supported, it would probably be better to remove the entries from Wikipedia or point them to the Internet Archive. Happy to do that. On Sun, Jan 23, 2022 at 6:24 AM Graham Leggett wrote: > On 21 Jan 2022, at 19:48, GitBox wrote: > > > rbowen merged pull request #7: > > URL:

Instrumenting HTTPD

I am working on a research paper related to server configuration. I am trying to collect some measurements or static analysis comparing the number of system calls with overrides off vs. on and also with different path lengths (i.e. what is the actual performance impact of checking .htaccess