Re: [users@httpd] CVE-2023-38709: Apache HTTP Server: HTTP response splitting

https://nvd.nist.gov/vuln/detail/CVE-2023-38909 MEDIUM Otis DeWitt Contractor with Concept Plus, LLC in support of NOAA Fisheries NMFS / ST6 | U.S. Department of Commerce Office: ‪(302) 648-7481 |

Re: [users@httpd] question on CVE-2023-36760

If you are not using "*Apache JServ Protocol (AJP)" *then the CVE does not pertain to your Apache server. On Mon, Feb 6, 2023 at 5:46 PM Thao, Pashia wrote: > PWEB server is running a version of Apache affected. > > > > Our prod web server is running a version of the Apache affected by by >

Re: [users@httpd] Httpd is hanging intermittently

nks Dewitt for very thorough and insightful explanation. We are using > Yocto packaged linux version with openssl version being OpenSSL 1.1.1k-fips > 25 Mar 2021. > > With Regards, > Venkatesh > > On Fri, Sep 24, 2021 at 12:11 AM Otis Dewitt - NOAA Affiliate > wrote: > >&g

Re: [users@httpd] Httpd is hanging intermittently

sue. > > Do you know, how to generate more entropy in system or via apache so that > it can never be deprived of entropy? > > With Regards, > Venkatesh > > On Thu, Sep 23, 2021 at 8:46 PM Otis Dewitt - NOAA Affiliate > wrote: > >> Hmm I see, I not sure why you did not

Re: [users@httpd] Httpd is hanging intermittently

haveged and try it out. > > > On Thu, Sep 23, 2021 at 4:57 AM Otis Dewitt - NOAA Affiliate > wrote: > >> >> I don't think "insufficient entropy" has anything to do with Apache, but >> you could try installing "haveged" rpm. >> That may

Re: [users@httpd] Httpd is hanging intermittently

I don't think "insufficient entropy" has anything to do with Apache, but you could try installing "haveged" rpm. That may solve your problem. On Wed, Sep 22, 2021 at 2:11 PM alchemist vk wrote: > Hi All, > We are using httpd version 2.4.46 and its working fine for a long time. > But recently,

Re: [users@httpd] mod_ssl: http to https ErrorDocument redirect stops working when only TLSv1.2 specified

28 bits) > [Thu Jun 24 08:07:11.478503 2021] [ssl:debug] [pid 2773:tid 27] > ssl_engine_kernel.c(415): [client 10.175.18.160:60710] AH02034: Initial > (No.1) HTTPS request received for child 344 (server 127.0.0.1:443) > [Thu Jun 24 08:07:11.478634 2021] [authz_core:debug] [pid 2773:tid 27] > mod_authz_core.c(815): [client 10.175.18.160:60710] AH01626: > authorization result of Require all granted: granted > [Thu Jun 24 08:07:11.478654 2021] [authz_core:debug] [pid 2773:tid 27] > mod_authz_core.c(815): [client 10.175.18.160:60710] AH01626: > authorization result of : granted > [Thu Jun 24 08:07:11.478675 2021] [core:info] [pid 2773:tid 27] [client > 10.175.18.160:60710] AH00129: Attempt to serve directory: > /var/apache2/2.4/htdocs/ > > > > čt 24. 6. 2021 v 3:46 odesílatel Otis Dewitt - NOAA Affiliate > napsal: > >> What does the /var/log/httpd/error_log say? Paste that. >> >>

Re: [users@httpd] mod_ssl: http to https ErrorDocument redirect stops working when only TLSv1.2 specified

What does the /var/log/httpd/error_log say? Paste that. On Wed, Jun 23, 2021 at 8:06 PM Pavel Heimlich, a.k.a. hajma < tropikha...@gmail.com> wrote: > st 23. 6. 2021 v 23:06 odesílatel Otis Dewitt - NOAA Affiliate > napsal: > >> Check your Openssl ciphers to see if it su

Re: [users@httpd] mod_ssl: http to https ErrorDocument redirect stops working when only TLSv1.2 specified

Check your Openssl ciphers to see if it supports TLS 1.2 Try: SSLProtocol -ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2 SSLCipherSuite

Re: [users@httpd] Expose my server to internet

You are being firewalld, those ports are not available from outside. On Tue, Jan 14, 2020 at 3:23 PM Larry Irwin (work) < larry.ir...@ccamedical.com> wrote: > nmap shows all ports as filtered: > > # nmap -Pn padmahasa.ddns.net > > Starting Nmap 7.01 ( https://nmap.org ) at 2020-01-14 15:17 EST >

Re: [users@httpd] Web sockets & proxypass - No protocol handler was valid for the URL

You can also check this URL: http://blog.revathskumar.com/2015/09/proxy-websocket-via-apache.html Thanks, Otis On Tue, Dec 27, 2016 at 9:07 AM, Adam Teale wrote: > ​Hi Daniel, > > Yes in the http_server_app.conf file it is activated: > LoadModule ssl_module

Re: [users@httpd] Web sockets & proxypass - No protocol handler was valid for the URL

Check this link out. http://stackoverflow.com/questions/17889676/apache-2-4-6-reverseproxy-mod-proxy-wstunnel-for-secure-websocket-wss-fails Thanks, Otis On Tue, Dec 27, 2016 at 8:55 AM, Daniel wrote: > Silly question perhaps, are you also loading mod_ssl? > > 2016-12-27

Re: [users@httpd] Apache says "It works" but also "Requested URL could not be found"

Try changing all your directories to lower case and check permissions and check selinux. Thanks, Otis On Fri, Nov 18, 2016 at 9:13 AM, Roparzh Hemon wrote: > Apache says "It works" but also "Requested URL could not be found" > > This problem seems to have jumped out

Re: [users@httpd] Apache ldaps ceritificate directive issue

[image: top] http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header LDAPTrustedCA DirectiveDescription: http://shib.ametsoc.org/manual/mod/directive-dict.html#DescriptionSets the file containing the trusted Certificate Authority certificate or databaseSyntax:

Re: [users@httpd] How to enable TLSV1.1 or above on Apache

Greetings, For httpd version 2.2.22 and older, only specify TLSv1. This is treated as a wildcard for all TLS versions. SSLProtocol TLSv1 ​ Thanks, Otis

Re: [users@httpd] Re: Keeping an archive of httpd processes

Greetings Rose, You could use SNMP MRTG or Catci. Thanks, Otis On Mon, Jul 21, 2014 at 3:40 PM, Rose, John B jbr...@utk.edu wrote: This is on Solaris 10 From: Rose, John Rose jbr...@utk.edu Date: Monday, July 21, 2014 2:47 PM To: users@httpd.apache.org users@httpd.apache.org Subject:

Re: [users@httpd] Hiding Query Strings

Greetings Paul, You could use code (php,ruby,asp . . .) to query the database without actually being on the page. I will try to use re-capture to prevent such actions. Thanks, Otis On Thu, Jul 10, 2014 at 2:00 PM, Stormy storm...@stormy.ca wrote: At 01:16 PM 7/10/2014 -0400, Otis Dewitt

[users@httpd] Hiding Query Strings

Greetings, I am having a problem hiding query strings: Example: Change: http://www.fishfry.gov/pls/webpls/car_1.data_in?jtype=IMPjmnth=01jyear=2014jcountry=USAjoutput=TABLE To Show: http://www.fishfry.gov on query return instead of showing the complete URL as above to help mitigate the public

Re: [users@httpd] localhost Forbidden

Greetings Eric, Try this: VirtualHost *:80 DocumentRoot /www/default/Site Directory /www/default/Site AuthType None Options FollowSymLinks AllowOverride None Order allow,deny Allow from all Require all granted /Directory /VirtualHost Thanks,

Re: [users@httpd] php fpm and ProxyPass

Greetings Lennsen, Something you should know about mod_proxy_fcgi is that currently it doesn’t support UNIX sockets, so you must start your PHP-FPM process using a TCP port, which is default when you install it. Daniel Garajau wrote a interesting document on this subject:

Re: [users@httpd] php fpm and ProxyPass

Thanks for that update. On Sun, May 4, 2014 at 9:36 PM, Eric Covener cove...@gmail.com wrote: On Sun, May 4, 2014 at 9:03 PM, Otis Dewitt - NOAA Affiliate otis.dew...@noaa.gov wrote: Something you should know about mod_proxy_fcgi is that currently it doesn’t support UNIX sockets

Re: [users@httpd] Change from ~username to /username questions

Greetings Yehuda, 1.) You can try something likfe this for one url: RewriteRule ^~blog/(.*)$ /site/legacy/users/blog/$1 [R=301,L] 2.) You can also play with this rewrite to make fit for you: RewriteEngine On #RewriteLog logs/rewrite.log # Uncomment for rewrite logging #RewriteLogLevel 3 #

Re: [users@httpd] Apache commercial support

Greetings Joe, Understand your frustration, had similar problems in the past. The price can vary depending on infrastructure setup. Please email at odew...@linusoft.com so we can talk further. Thanks, Otis On Wed, Apr 2, 2014 at 1:08 PM, Joe Jensen (ConAgra Foods) joe.jen...@conagrafoods.com

Re: [users@httpd] virtualhost redirects to root on mobiles

Try NameVirtualHost *:80 above VirtualHost *:80 Thanks, Otis On Thu, Jan 30, 2014 at 1:30 PM, Josh Stratton strattonbra...@gmail.comwrote: I tried that. I'm including the actual config file in sites-available if it helps. VirtualHost *:80 ServerAdmin webmaster@localhost ServerName

Re: [users@httpd] virtualhost redirects to root on mobiles

NameVirtualHost *:80 VirtualHost *:80 ServerAdmin webmaster@localhost ServerName www.morebearsmore.com http://morebearsmore.com ServerAlias morebearsmore.com http://www.morebearsmore.com On Thu, Jan 30, 2014 at 1:30 PM, Josh Stratton strattonbra...@gmail.comwrote: I tried that. I'm

[users@httpd] Reverse Proxy Issue on Apache version 2.0.65

Greetings, I am constantly getting this error below in my log file: *[error] (20014)Error string not specified yet: proxy: pass request body failed to 172.16.11.212:7705 http://172.16.11.212:7705 (www.example.com http://www.example.com) from 192.168.100.34 ()* [Thu Jan 09 15:52:47 2014] [error]

[users@httpd] Reverse Proxy Issue on Apache version 2.0.65

Greetings, I am constantly getting this error below in my log file: *[error] (20014)Error string not specified yet: proxy: pass request body failed to 172.16.11.212:7705 http://172.16.11.212:7705 (www.example.com http://www.example.com) from 192.168.100.34 ()* [Thu Jan 09 15:52:47 2014] [error]

Re: [users@httpd] #error mod_ssl requires OpenSSL 0.9.8a or later

Try: First make sure openssl-devel-1.0.1e is installed. --with-ssl=path to openssl include directory Example: --with-ssl=/usr/include/openssl Thanks, Otis On Mon, Dec 16, 2013 at 1:58 AM, Abdul Anshad ab...@visolve.com wrote: Hello All, I'm trying to compile httpd-2.4.7 from source,

Re: [users@httpd] Access controls

What do you mean? * Since our requirement is to control access based on a path.* Location /example1 AuthType basic AuthName Example 1 use your LDAP login. AuthBasicProvider ldap AuthLDAPURL ldaps://

Re: [users@httpd] diagnosing an httpd memory leak

Very weird scenario, I can only think of a couple of reason's this can be happening. 1. Enable debug on loglevel and see what happens in that 15mins. 2. Try removing the httpd.conf and put a default httpd.conf in place and start it to see if the same thing happens. if not then you know it's in

Re: [users@httpd] Only garbage was found in the patch input - httpd-2.4.7-sslsninotreq.patch

. Could you please guide me ? http://koji.fedoraproject.org/koji/buildinfo?buildID=483947 Regards, Abdul On 12/12/2013 12:32 PM, Otis Dewitt - NOAA Affiliate wrote: This patch is corrupt, it is missing content . contact the submitter of the patch. On Thu, Dec 12, 2013 at 12:23 AM

Re: [users@httpd] Only garbage was found in the patch input - httpd-2.4.7-sslsninotreq.patch

This patch is corrupt, it is missing content . contact the submitter of the patch. On Thu, Dec 12, 2013 at 12:23 AM, Abdul Anshad ab...@visolve.com wrote: Hello All, I can't apply a patch named *httpd-2.4.7-sslsninotreq**.patch*, when i try to build the package httpd-2.4.7 it throws out

Re: [users@httpd] Can not Find Apache 2.4 Installable Version (Binary or .msi)

Try: http://www.anindya.com/apache-http-server-2-4-2-x86-and-x64-windows-installers/ On Thu, Dec 12, 2013 at 1:35 AM, Yogesh patel yogeshpateldai...@gmail.comwrote: HI I am not able to find apache 2.4 installable version. Apache official site provides source code of it. Can i anywhere find

Re: [users@httpd] Web Site Testing

Take a look at awstats. On Thu, Dec 12, 2013 at 1:51 AM, Jim Barchuk j...@jbarchuk.com wrote: On Wed, 11 Dec 2013, Roman Gelfand wrote: I think I was misunderstood. I am looking for a web site monitoring software that periodically downloads a page from that site and records statistics

[users@httpd] Mod_Proxy Bug in Apache 2.0.65

Greetings, I am using Apache 2.0.65 with mod_proxy as a reverse proxy, this proxy sits in the DMZ and serves to the backend servers. I am getting constant errors in the log file stating whats below. *[Tue Dec 10 12:33:17 2013] [error] (20014)Error string not specified yet: proxy: pass request

[users@httpd] Mod_Proxy Bug in Apache 2.0.65

Greetings, I am using Apache 2.0.65 with mod_proxy as a reverse proxy, this proxy sits in the DMZ and serves to the backend servers. I am getting constant errors in the log file stating whats below. *[Tue Dec 10 12:33:17 2013] [error] (20014)Error string not specified yet: proxy: pass request