Re: [users@httpd] Re: Cron job for Apache managed Letsencrypt TLS certs

2023-03-25 Thread Ruben Safir 
On 3/24/23 21:53, Tom Browder wrote:
> On Fri, Mar 24, 2023 at 20:26 Ruben Safir  wrote:
> 
>> On 3/24/23 20:53, Sean Conner wrote:
>>> /usr/local/apache2/bin/apachectl graceful
>>
>> that might not work if systemd is superving
> 
> 
> What would you recommend?
> 
> -Tom
> 
I perfer apachctl because my apache set up and administration is outside
of the OSs tools set or package management.

But I am not using systemd since I use artix linux.

systemd controlls sockets etc.  I had found that when systemd controlled
apache and apache died because of coding error, that systemd spun out of
control, repeatedly reboot apache over and over again in an endless
loop.  It is not the behavior I wanted.

not even killall -9 httpd would put that bad dog down.

Reuvain
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Re: Cron job for Apache managed Letsencrypt TLS certs

2023-03-24 Thread Ruben Safir 
On 3/24/23 20:53, Sean Conner wrote:
> /usr/local/apache2/bin/apachectl graceful


that might not work if systemd is superving


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Can I serve CLI Applications using Apache

2022-06-23 Thread Ruben Safir 
On Thu, Jun 23, 2022 at 11:15:13AM +0600, Ahmad Ismail wrote:
> I have already bumped into CGI (after asking the question here).
> 
> However, I have some issues with CGI. For example, I have to add HEADERS
> maintaining CRLF etc in the output. However, I want the CLI app to be
> totally independent. I mean, I want to output regular text or json
> without any header. So, what I really want is:
> 

Your trolling the internet?


> CLI_APP | ADD_UI | ADD_CGI_HEADER
> 
> Where CLI_APP gives me pure json. ADD_UI adds HTML, CSS, JS on the json
> output. And ADD_CGI_HEADER adds the extra stuff that is needed to make the
> final response sendable via the server.
> 
> Please note that when the user will send a request, it will have to go
> through the total pipeline. Also please note that, I can always call ADD_UI
> at the end of CLI_APP and call ADD_CGI_HEADER at the end of ADD_UI. But
> that way, I am not decoupling. And the later binaries will be dependent on
> the previous ones. This is not something I want. I want to *pipe the
> outputs to get the final response*.
> 
> How can I do that? Do I need to extend the apache server in any way (like
> creating any module or something like that).
> 
> *Thanks and Best Regards,Ahmad Ismail*
> 
> 
> On Wed, Jun 22, 2022 at 8:52 PM Eric Covener  wrote:
> 
> > you can use CGI to prototype it, and FastCGI later for performance (if
> > it matters)
> >
> > On Wed, Jun 22, 2022 at 10:28 AM Ahmad Ismail  wrote:
> > >
> > > I want to create a CLI app (in this case named CLI_APP), that will
> > > output json and can be accessed via web.
> > >
> > > In Linux terms, it will look like:
> > >
> > > Request | Web_Server | CLI_APP | ADD_UI | Web_Server > Response
> > >
> > > Now, I will run the app like `CLI_APP --output json`. Here, I am
> > > saying that the CLI_APP will output json (for REST API).
> > >
> > > Here, `ADD_UI --output web` will add HTML, CSS, JS etc. to the JSON
> > output.
> > >
> > > Can apache help me send the requests to CLI_APP via STDIN and serve
> > > the final output of `ADD_UI --output web`?
> > >
> > > Thanks and Best Regards,
> > > Ahmad Ismail
> > >
> > > -
> > > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > > For additional commands, e-mail: users-h...@httpd.apache.org
> > >
> >
> >
> > --
> > Eric Covener
> > cove...@gmail.com
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
> >

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Linking website pages with Apache on LocalHost

2022-05-03 Thread Ruben Safir 
On 4/27/22 12:25, DiversityLink/Milt Spain wrote:
> I have gotten Apache2.4 installed and running on my local computer. It’s
> on the C drive and the website is at C:/Apache24/htdocs/Milt.com.
>  
> The Milt.com folder contains Index (htm file) and Page1 (html file).
>  
> 127.0.0.1/Milt.com displays the Index.
>  
> Now I want a hyperlink on the Index page that will bring up Page1. I
> have been unable to make anything work. Is Page1 in the wrong place or
> could I be using the wrong path in the hyperlink (I’ve tried several
> without success)?
>  
> All assistance will be appreciated.
>  
> Milt Spain


I can't make heads or tails as to what your requestion?

Did you ty to make an index.html file with html?


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Unable to connect to Apache test website on LocalHost

2022-04-13 Thread Ruben Safir 
On 4/13/22 18:18, Knute Johnson wrote:
> What do you get when you ping localhost?
> 
> knute...


it is responding with a 403 which means there is nothing to ping about

403 Forbidden
The HTTP 403 Forbidden response status code indicates that the server
understands the request but refuses to authorize it.

Something is wrong in the authorization part of the response cycle.

https://httpd.apache.org/docs/2.4/howto/auth.html



-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Unable to load javascript files with the apache configuration file

2022-04-01 Thread Ruben Safir 
On 3/30/22 14:17, SAJESH PC wrote:
> Iam sharing a screenshot of the browser console errors. Hope this helps.
> 

fwiw apache looks like it is working just file

and it is not a great idea to send images on mailing lists.

> On Wed, Mar 30, 2022 at 8:14 PM Richard
>  > wrote:
> 
> 
> 
> > Date: Wednesday, March 30, 2022 15:57:52 +0530
> > From: SAJESH PC  >
> >
> > Hi,
> > I have set up a http server with the configuration given as
> > attachment. But it is not serving javascript files from the folder
> > javascript. It is giving a 404 return code. The real intention here
> > is that the javascript files should not be accessible directly but
> > through html files only or when accessed through software only. How
> > to correct the configuration file.
> 
> Have you looked at the output in your errors file? It will likely be
> rather more informative than a simple "404".
> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> 
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Issue with Apache 2.4.51 hanging

2021-10-26 Thread Ruben Safir 
mpm_prefork has been problematic, FWIW


On Tue, Oct 26, 2021 at 11:17:31AM +0100, Patrick Verdon wrote:
> Hi Daniel,
> 
> Thanks for the feedback.
> 
> Unfortunately that's not really an option for us, as it's a major
> architecture change, and is only something we would consider as a
> last resort.
> 
> Using mod_php works well for us and our configuration/application has not
> changed in years - the crashes started very specifically when we upgraded
> to Apache 2.4.48 from 2.4.46.
> 
> From what I can see, mod_php is still used widely and I assume it is
> therefore still a supported module?
> 
> I'd be grateful for any other suggestions on how to get to the bottom of
> the issue.
> 
> Thanks.
> 
> Patrick
> 
> *--*
> 
> *Patrick Verdon  |  Founder*
> Web: www.youreko.com
> Mobile: +44 (0)7809 296438
> Skype: patrick_verdon
> 
> This entire communication is sent on behalf of
> Youreko Ltd and is strictly confidential to and
> for the sole use of the intended addressee.
> 
> Registered in England - 7448349
> 
> 
> 
> On Tue, 26 Oct 2021 at 09:56, Daniel Ferradal  wrote:
> 
> > Hello,
> >
> > Seems it is related to third party php module being loaded in Apache
> > HTTPD, no?
> >
> > It would be awesome if you can move your php files to be dealt with
> > php-fpm instead and from apache just proxy to php-fpm.. and see if
> > your Apache server would ever hang again (if you do it you could even use
> > mpm_event instead of prefork to have http/2 working).
> >
> > Cheers
> >
> > El vie, 22 oct 2021 a las 18:16, Patrick Verdon (<
> > patrick.ver...@youreko.com>) escribi??:
> >
> >> Hi Yann,
> >>
> >> I finally managed to provoke the crash - there were 6 core dumps, I
> >> followed your instructions and have pasted the gdb output below for each
> >> one.
> >>
> >> Let me know if this sheds any light on the problem.
> >>
> >> Thanks.
> >>
> >> Patrick
> >>
> >> --
> >>
> >> *# gdb /usr/sbin/httpd /tmp/core.1221*
> >> Thread 2 (Thread 0x7f5876bff840 (LWP 1221)):
> >> #0  0x7f587518e687 in kill () from /lib64/libc.so.6
> >> #1  
> >> #2  0x7f5861def0d8 in ?? () from /lib64/libgcc_s.so.1
> >> #3  0x7f5861deffd9 in _Unwind_Backtrace () from /lib64/libgcc_s.so.1
> >> #4  0x7f587526cbf6 in backtrace () from /lib64/libc.so.6
> >> #5  0x7f58751d0fb4 in __libc_message () from /lib64/libc.so.6
> >> #6  0x7f58751d8854 in malloc_consolidate () from /lib64/libc.so.6
> >> #7  0x7f58751d923e in _int_free () from /lib64/libc.so.6
> >> #8  0x7f5875963ded in apr_allocator_destroy () from
> >> /usr/lib64/libapr-1.so.0
> >> #9  0x7f586c276477 in ?? () from /etc/httpd/modules/mod_mpm_prefork.so
> >> #10 0x7f586c2764cb in ?? () from /etc/httpd/modules/mod_mpm_prefork.so
> >> #11 
> >> #12 0x7f587524bcfd in poll () from /lib64/libc.so.6
> >> #13 0x7f5868086682 in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #14 0x7f5867f8fb8b in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #15 0x7f586807ab3e in _php_stream_fill_read_buffer () from
> >> /etc/httpd/modules/libphp-7.0.so
> >> #16 0x7f586807afbb in _php_stream_get_line () from /etc/httpd/modules/
> >> libphp-7.0.so
> >> #17 0x7f586805012f in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #18 0x7f5868052148 in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #19 0x7f586807d079 in _php_stream_open_wrapper_ex () from
> >> /etc/httpd/modules/libphp-7.0.so
> >> #20 0x7f586801181b in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #21 0x7f585e957b3c in ?? ()
> >> #22 0x7f5866fcde00 in ?? ()
> >> #23 0x1c07 in ?? ()
> >> #24 0x7f585605b380 in ?? ()
> >> #25 0x7f585605b3a0 in ?? ()
> >> #26 0x7f5854859bd8 in ?? ()
> >> #27 0x7f5866fefe00 in ?? ()
> >> #28 0x7f5853291dc0 in ?? ()
> >> #29 0x7f586805cf01 in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #30 0x7f586805f6f4 in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #31 0x7f586810c57d in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #32 0x7f58680fe9eb in execute_ex () from /etc/httpd/modules/
> >> libphp-7.0.so
> >> #33 0x7f586814849f in zend_execute () from /etc/httpd/modules/
> >> libphp-7.0.so
> >> #34 0x7f58680c1e84 in zend_execute_scripts () from /etc/httpd/modules/
> >> libphp-7.0.so
> >> #35 0x7f5868064808 in php_execute_script () from /etc/httpd/modules/
> >> libphp-7.0.so
> >> #36 0x7f5868149dea in ?? () from /etc/httpd/modules/libphp-7.0.so
> >> #37 0x55e5af703bc0 in ap_run_handler ()
> >> #38 0x55e5af704109 in ap_invoke_handler ()
> >> #39 0x55e5af71a3ea in ap_process_async_request ()
> >> #40 0x55e5af71a6be in ap_process_request ()
> >> #41 0x55e5af716764 in ?? ()
> >> #42 0x55e5af70d810 in ap_run_process_connection ()
> >> #43 0x7f586c276b89 in ?? () from /etc/httpd/modules/mod_mpm_prefork.so
> >> #44 0x7f586c276dc0 in ?? () from /etc/httpd/modules/mod_mpm_prefork.so
> >> #45 0x7f586c277bc6 in ?? () from

Re: [users@httpd] School Project cancelled

2021-04-30 Thread Ruben Safir 
On 4/30/21 6:36 PM, emily.bun...@aol.com.INVALID wrote:
> 
> My Daddy will help me to pursue legal action for obstructing me from
> doing my school project.

lovely

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Replays from Internet

2021-01-19 Thread Ruben Safir 
this has nothing to do with apache


On Tue, Jan 19, 2021 at 11:55:41AM -0500, John wrote:
> Since the beginning of 2021 we have encountered two online orders and
> possibly a third, where the customer denies making the order and the
> httpd log seems to confirm that.
> 
> In each case, the person made an order and a day or more later a
> second order was placed for the same item and carrying the same credit
> card information.  Since everything looked valid and the delay
> bypassed our duplicate order check, the order was accepted.  
> 
> Some background: a customer can connect to our catalogue and move
> around untracked for as long as they want until they decide to place
> an order.  At this point there is only one path to follow to enter
> address info, credit card, etc. This ends with a summary of the order
> and if they click to proceed, it POST's the server order processor
> with the relevant info causing the credit card to be charged and the
> order to be entered. In total 3 scripts must be processed in the
> correct order.
> 
> I scanned for the customer's IP in the httpd access log in each case
> and found that when they made the valid order they were on our
> catalogue and followed the correct path to place the order, confirming
> it as expected.
> 
> BUT, and here is what I am having trouble understanding, for the
> invalid order ONLY the last request was logged as received by httpd.
> It shows the correct source (ie the page that should have resulted in
> an order) yet that page does not show in the httpd log as having been
> served.  In one case, NO other page was served to that customer on
> that day ahead of the received order, at least judging from IP
> addresses in use. 
> 
> So what I appear to be seeing is a replay from the Internet which I
> find hard to accept as real.  Has anyone ever seen this before and if
> so what did they do to resolve it?  The only other possibility that I
> can think of is that their browser cached the page and re-transmitted 
> it. (a violation of the HTML standard I think for a form page).
> 
> The environment is Apache 2.4.25 on Fedora using php-fpm.
> 
> Thanks in advance and apologies for the length of this post.
> 
> John
> 
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache in under attack.

2021-01-11 Thread Ruben Safir 
On 1/11/21 6:06 PM, Jason Long wrote:
> Hello,
> On a CentOS web server with Apache, someone make a lot of request and it make 
> slowing server. when I disable "httpd" service then problem solve. How can I 
> find who made a lot of request?
> [url]https://imgur.com/O33g3ql[/url]
> Any idea to solve it?
> 
netstat (or ss) output)?

Apache logs?

> 
> Thank you.
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache shows PHP code instead of executing it

2021-01-06 Thread Ruben Safir 
On Wed, Jan 06, 2021 at 08:45:50PM -0500, Eric Covener wrote:
> On Wed, Jan 6, 2021 at 6:31 PM Ruben Safir  wrote:
> >
> > On 1/6/21 4:01 PM, d...@tuxweb.it wrote:
> > >
> > > This is because you did not tell apache to forward incoming HTTP
> > > requests to the PHP Engine.
> > > You can integrate Apache httpd with PHP in different ways, generally
> > > they are PHP-FPM (through fastcgi), mod_php (apache SAPI module) and CGI
> > > (discouraged because is very slow and does not scale well).
> >
> > Umm - use mod_php.  I know that the PHP website docs suggest otherwise,
> > but they are wrong.  It is the only way to integrate PHP into apache.
> > It might use more memory.  That is fine.  Memory is cheap.
> >
> > if you use Linux there is no problems and frankly threads and processes
> > both share light weight processes
> >
> > http://httpd.apache.org/docs/current/mpm.html
> > https://tldp.org/FAQ/Threads-FAQ/Types.html
> > https://www.kernel.org/doc/ols/2002/ols2002-pages-330-337.pdf
> > https://www.php.net/manual/en/faq.installation.php#faq.installation.apache2
> > https://www.php.net/manual/en/install.unix.apache2.php
> >
> >
> > Packing the PHP instance in a threaded fastcgi process is exactly what
> > you don't want.  Integrating it into the Apache runtime prevents needing
> > to create an entire clone call and all subsequent fork() calls,
> 
> Caveat: The above is not the conventional wisdom at all and
> misrepresents the tradeoffs.
> 


Who knows, maybe he can read for himself.  For almost 30 years we've
dealt with this.  I'm sorry, but fastcgi sucks.  It sucked in 1995, and
it is still sucks.  I mean it beats CGI and its better an nothing on
Windows for some time, but that is it.

unless you have something really short you have to do.  compiling mod_php
directly into apache allows you to not have to run an external module or
program, which is a smaller finger print, and allows you to use apache
memormy managment directly.

Not only that, but you can cache results, which is a major advantage.

Regardless of the snippiness, I ACTUALLY posted the documentation with
the recomemdnations so he could read them for himself...you education,
so he could make up his mind.

> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache shows PHP code instead of executing it

2021-01-06 Thread Ruben Safir 
On 1/6/21 4:01 PM, d...@tuxweb.it wrote:
> 
> This is because you did not tell apache to forward incoming HTTP
> requests to the PHP Engine.
> You can integrate Apache httpd with PHP in different ways, generally
> they are PHP-FPM (through fastcgi), mod_php (apache SAPI module) and CGI
> (discouraged because is very slow and does not scale well).

Umm - use mod_php.  I know that the PHP website docs suggest otherwise,
but they are wrong.  It is the only way to integrate PHP into apache.
It might use more memory.  That is fine.  Memory is cheap.

if you use Linux there is no problems and frankly threads and processes
both share light weight processes

http://httpd.apache.org/docs/current/mpm.html
https://tldp.org/FAQ/Threads-FAQ/Types.html
https://www.kernel.org/doc/ols/2002/ols2002-pages-330-337.pdf
https://www.php.net/manual/en/faq.installation.php#faq.installation.apache2
https://www.php.net/manual/en/install.unix.apache2.php


Packing the PHP instance in a threaded fastcgi process is exactly what
you don't want.  Integrating it into the Apache runtime prevents needing
to create an entire clone call and all subsequent fork() calls,
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache shows PHP code instead of executing it

2021-01-06 Thread Ruben Safir 
On 1/6/21 11:09 AM, Kaushal Shriyan wrote:
> When I invoke it from the browser Apache shows PHP code instead of
> executing it. Please let me know if you need any additional information.
> Thanks in Advance


trun it on and read the docs.  You need to turn it one from httpd.conf
and assign it to a php enabled uri


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] SentEnvIf and multiple X-Fowarded-For headers

2019-10-23 Thread Ruben Safir 
On Wed, Oct 23, 2019 at 01:25:57PM +0200, Maxime VEROONE wrote:
> Hi,
> 
> This question was previously sent to StackOverflow (ID 57206362), but
> I believe it belongs here more than there.
> 
> We are using this kind of configuration to grant access to one of our
> sites (here with RFC1918 CIDR ranges as an example, but you may
> imagine different restrictions using public IP addresses)
> 
> 
> Order deny,allow
> Deny from all
> Allow from 127.0.0.0/8
> SetEnvIf X-Forwarded-For "(,| |^)192\.168\." WhiteIP
> SetEnvIf X-Forwarded-For "(,| |^)172\.(1[6-9]|2\d|3[0-1])\." WhiteIP
> SetEnvIf X-Forwarded-For "(,| |^)10\." WhiteIP
> Allow from env=WhiteIP
> 
> 


Just out of curiosity, where is this documented?

Ruben

> Indeed, there is another reverse proxy in front of this Apache server
> so all clients will have the header, and all Source IP address would
> be the same, thus disabling the possible usr of Allow/Deny IP
> directives.
> 
> Problem is sometimes client have others proxies on their side and the
> X-Forwarded-For Header will be either duplicated or concatenated. We
> handle the concatenation correctly with the (,| |^) regexp trick, but
> the problem is that Apache seems to run the SetEnvIf only against the
> first occurrence of the Header.
> 
> Documentation is unclear to me about this behavior. Any idea on how to
> handle this kind of case ? (note: we cannot control how our reverse
> proxy works, only Apache) Could that be qualified as a bug ? Searching
> through this mailing list archives led to interesting threads, but
> nothing like this exact topic.
> 
> Precision : CentOS 6, Apache 2.2.15 latest patch version
> 
> Maxime V??roone
> Omnicommerce Operations
> Capensis SA on behalf of Decathlon
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Basic Authorization & autoindex enabling

2019-09-27 Thread Ruben Safir 
apache doesn't know the user.  The user would have to log in itentify
themselves first.

you can drop authentication into ./.htaccess in the defined user root
directors



On 9/27/19 10:30 AM, Jack Simmons wrote:
> Good day everyone! I've got a question related to Basic Authorization and 
> Home directory detection.  Namely, I want to configure the webserver in such 
> a way that it allows to do autoindex if user is browsing their home 
> directory.  I tried to declare an environment variable first, but then 
> realized that I am unable to use it inside If directive.
> 
> For example:
> 
> SetEnvIf Request_URI ^/(.*)/ URI_HOME=$1
> SetEnvIf Authorization "^Basic (.*)$" X_HTTP_AUTHORIZATION=$1
> SetEnvIfExpr "unbase64(%{ENV:X_HTTP_AUTHORIZATION}) -strcmatch 
> '%{ENV:URI_HOME}:*'" USER_IS_IN_HOME_DIR
> 
> Then it tried to put the extraction of username info If clause.  But I cannot 
> figure out how to use regexp inside it or some substring function to remove 
> "Basic " prefix.
> I have seen how it is done on wiki page:
> https://cwiki.apache.org/confluence/display/httpd/LogBasicauthenticationusername
> But again, RequestHeader runs after any If directove so I am unable to 
> configure Autoindex for my purposes.
> Any ideas how it can be done?
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Basic Authorization & autoindex enabling

2019-09-27 Thread Ruben Safir 
On 9/27/19 10:30 AM, Jack Simmons wrote:
> Good day everyone! I've got a question related to Basic Authorization and 
> Home directory detection.  Namely, I want to configure the webserver in such 
> a way that it allows to do autoindex if user is browsing their home 
> directory.  I tried to declare an environment variable first, but then 
> realized that I am unable to use it inside If directive.
> 
> For example:
> 
> SetEnvIf Request_URI ^/(.*)/ URI_HOME=$1
> SetEnvIf Authorization "^Basic (.*)$" X_HTTP_AUTHORIZATION=$1
> SetEnvIfExpr "unbase64(%{ENV:X_HTTP_AUTHORIZATION}) -strcmatch 
> '%{ENV:URI_HOME}:*'" USER_IS_IN_HOME_DIR
> 
> Then it tried to put the extraction of username info If clause.  But I cannot 
> figure out how to use regexp inside it or some substring function to remove 
> "Basic " prefix.
> I have seen how it is done on wiki page:
> https://cwiki.apache.org/confluence/display/httpd/LogBasicauthenticationusername
> But again, RequestHeader runs after any If directove so I am unable to 
> configure Autoindex for my purposes.
> Any ideas how it can be done?
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 

https://httpd.apache.org/docs/2.4/env.html
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] URL question

2019-05-26 Thread Ruben Safir 
On 5/26/19 9:37 AM, Stephen wrote:
> Try changing the filename from bar.html to index.html
> 
> Stephen
> www.roissy.ca

you can actually filter with a regex to bar to bar.html or redictect it
within the apache config file.

you can also turn off directory access.


> 
> On 2019-05-26 8:59 a.m., Robert Moskowitz wrote:
>> I have a web site accessible by:  www.foo.com/bar.html
>>
>> But users that use: www.foo.com/bar
>>
>> get a directory content of the files in directory bar.
>>
>> What do I need to add so that those that use the shortcut of leaving
>> off .html still get the full web site.
>>
>> thanks
>>
>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] RE: Need some advice - thread safe php module

2019-05-22 Thread Ruben Safir 
On 5/22/19 4:11 PM, Jeff Cauhape wrote:
> Hi,
> 
> I am porting some older web pages from Apache 2.4.6 to Apache 2.4.37 on Linux
> and apparently need to find a thread-safe version of libphp5.so to use, since 
> we're
> running MPM.
> 
> 
>   *   Does anyone know where I can download the apache thread safe php module?
>   *   If not, can someone give me a clue about the configuration options I 
> should use
> to build a new version of PHP which contains the php module for Apache?
> 
> I have been unable to find a download for the php module, and building PHP is 
> not
> producing a php module either.
> 
> Thanks,


thread safety is not a magic trick.  It requires that code be written
correctly and that Mutex is used appropriately.  To a degree you are
protected by the Linux kernel because processes and threads are actually
all the same in linux.  But the locking language remains constant.

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Port Forwarding Help?

2019-01-21 Thread Ruben Safir 
On 1/21/19 3:07 PM, Osman Zakir wrote:
> I can see the app on localhost on either port 8000 or port 8081.  What am I 
> doing wrong?
> 


fix your network then.


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Port Forwarding Help?

2019-01-21 Thread Ruben Safir 
On Mon, Jan 21, 2019 at 04:19:00PM +, Osman Zakir wrote:
> Wait, so it's fine if I use my internal IP address?  The app will be 
> available on my public IP address in that case too?


you app is being called by apache so it doesn't matter were it is  as
long as apache can reach it.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Port Forwarding Help?

2019-01-21 Thread Ruben Safir 
On Mon, Jan 21, 2019 at 04:27:38PM +, Osman Zakir wrote:
> This is what I have in the conf file at the bottom:
> "
>  "E:/programming/visual_studio_2017/Projects/currency_converter/x64/Release">
> Options All???
> Options Indexes FollowSymLinks???
> AllowOverride None???
> Require all granted???
> ???
> ???
> ???

YOUR BOX is listening on port 8000

> ServerAdmin osmanzaki...@hotmail.com???
> ServerName dragonosman.dynu.net???
> ServerAlias www.dragonosman.dynu.net???
> ErrorLog "logs/dragonosman.dynu.net-error.log"???
> CustomLog "logs/dragonosman.dynu.net-access.log" common???
> ProxyPass "/" "http://192.168.10.12:5501/;???
> ProxyPass "/?q=accesskey" "http://192.168.10.12:5501/?q=accesskey;???
> ???
> "
> 
> And I added a forwarding rule for port 8000 for the router.  But I still 
> can't see the app at my public IP address on port 8000.

Your box doesn't LIVE on your router.  Is your box where the webserver lives 
assigned the
public IP address?

what is ifconfig on the webserver box?

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Updating to php 7.0 and having apache still work?

2018-09-30 Thread Ruben Safir 
On 9/30/18 5:43 AM, Carmel NY wrote:
> I am running FreeBSD 11.2 p4 / amd64 with php72 install. I upgrade from php56
> as follows.
> 
> First I got a list of all the php56 modules installed
> 
> pkg info -r php56 > php56-modules.txt


You can't be sure that scripts that work on PHP65 will work on PHP7, but
this is a PHP problem, and while you might find some help here, you will
be better off talking the NYPHP or a PHP forum/usenet

Ruben

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] virtual host

2018-09-28 Thread Ruben Safir 
Sorry, I need to correct my English.  Seems my fingers don't find the
right keys all the time ;)


On 9/28/18 7:10 AM, Carmel NY wrote:
> Okay, on a stock FreeBSD installation, maybe on others too, there is an
> index.html file in the document root that displays,


In my experience you can't expect a stock instllation to work,
especially since you seem to be pointing at different directories than
the stock installation.

The biary might be fine but you need to make sure your set up conforms
to the expectations of the binary or that your apachectl is called
correctly.

Don't be affarid to call your apache directly:
[www3 bin]# ./httpd -V
Server version: Apache/2.4.27 (Unix)
Server built:   Sep 30 2017 13:13:14
Server's Module Magic Number: 20120211:68
Server loaded:  APR 1.6.3, APR-UTIL 1.6.1
Compiled using: APR 1.6.2, APR-UTIL 1.6.0
Architecture:   64-bit
Server MPM: prefork
  threaded: no
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/usr/local/apache2"
 -D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"
[www3 bin]# ./httpd -l
Compiled in modules:
  core.c
  mod_so.c
  http_core.c
  prefork.c

./httpd -t


You also need to find your log files and tail them

tail -f /usr/local/apache/logs/*

On top of that, FWIW, virtual hosts are very dependent on fuinctioning
DNS, and your DNS is being setup dynamically with dynamicdns etc.  That
has often been a source of trouble, to say the least.

Look, if it is real trouble, you can call me if you want on Sunday.

Ruben
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] virtual host

2018-09-28 Thread Ruben Safir 
On 9/28/18 7:10 AM, Carmel NY wrote:
> Okay, on a stock FreeBSD installation, maybe on others too, there is an
> index.html file in the document root that displays,


In my experience you can't expect a stock instllation to work,
especially since you seem to be pointing at different directories that
the stock installation.  The biary might be find but you need to make
sure your set up conforms to the expectations of the binary or that your
apachectl is called correctly.

Don't be affarid to call your apache directly:
[www3 bin]# ./httpd -V
Server version: Apache/2.4.27 (Unix)
Server built:   Sep 30 2017 13:13:14
Server's Module Magic Number: 20120211:68
Server loaded:  APR 1.6.3, APR-UTIL 1.6.1
Compiled using: APR 1.6.2, APR-UTIL 1.6.0
Architecture:   64-bit
Server MPM: prefork
  threaded: no
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/usr/local/apache2"
 -D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"
[www3 bin]# ./httpd -l
Compiled in modules:
  core.c
  mod_so.c
  http_core.c
  prefork.c

./httpd -t


You also need to find your log files and tail them

tail -f /usr/local/apache/logs/*

On top of that, FWIW, virtual hosts are very dependent on fuinctioning
DNS, and your DNS is being setup dynamically with dynamicdns etc.  That
has often been a source of trouble, to say the least.

Ruben
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] virtual host

2018-09-28 Thread Ruben Safir 
On 9/28/18 5:21 AM, Sander Smeenk wrote:
> Quoting Carmel NY (carmel...@outlook.com):
>> This is my first attempt to set up a virtual host with apache24 on a
>> FreeBSD 11.2 machine, and it is not working out so well.
> 
> Please elaborate on the 'not working out so well' bit.
> 
> 
>> Assuming a site name of example.net, I tried to configure a simple vhost.
>> 
>> ServerAdmin webmas...@example.net
>> DocumentRoot "/usr/local/www/testdir"
>> ServerName stem.example.net:80
> 
> The port addition here is not needed and might interfere with your
> configuration.
> 
> 
>> ServerAlias www.stem.example.net
>> ErrorLog "/var/log/stem.error.log"
>> CustomLog "/var/log/stem.access.log" common
>>
>> AcceptPathInfo On
>>
>>   
>> AllowOverride all
>> Order Allow,Deny
>> Allow from all
>> # For Apache 2.4 add:
>> Require all granted
> 
> Remove the 'Order' and 'Allow' lines if you're running Apache 2.4
> Leave the 'Require all granted' line in that case.
> 
> 
>>   
>> 
> 
> Otherwise this vhost config looks just dandy!
> 
> 
>> apachectl -S
>> VirtualHost configuration:
>> *:80   stem.example.net 
>> (/usr/local/etc/apache24/extra/httpd-vhosts.conf:24)
>> *:443  example.net 
>> (/usr/local/etc/apache24/extra/httpd-ssl.conf:121)
> 
> It shows up here on port 80 too!
> 
> 
>> Obviously, I am dong something wrong, but I have no idea what.
> 
> Please tell us what is not working for you!
> 
> 
> Regards,
> -Sndr.
> 


I think it is not reading from his specified directories which are
/usr/local/www

Sounds like hist apachectl is not reading the config file.

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache crashes with: AH03104: apr_thread_create

2018-09-22 Thread Ruben Safir 
On 9/22/18 5:12 PM, Rainer Jung wrote:
> Since your system seems to have lots of free memory, I don't expect a
> memory shortage unless there's a memory leak and the memory numbers you
> showed below would be very different when the crash actually happens.
> Each thread needs a thread stack in memory.
> 
> What could happen is that the limit of threads your use can create (sum
> over all of his processes) hits the nproc limit. Note that although it
> is called nproc = number of processes, what it limits on Linux is
> actually the (much bigger) number of threads per user.


You can fix this by recompiling the kernal to allow for more shared
memory.  There might be a better way to design your apache set up,
though.  If you are using a VM it needs more memory

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Testing for apache open relaying

2018-09-05 Thread Ruben Safir 
On 9/5/18 4:47 PM, Robert Moskowitz wrote:
> There is a way with open proxies to PUT content that goes out on port 25.


but that doesn't turn Apache into a mail server


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Testing for apache open relaying

2018-09-05 Thread Ruben Safir 
How do you think Apache will relay mail?  Apache has nothing to do with
email.



On 9/5/18 11:58 AM, Robert Moskowitz wrote:
> My mail server is being blocked by barracuda and spamexperts.
> 
> I have tested my mail port via mxtoolbox.com and I came out clean and no
> relaying.
> 
> So I suspect my apache server as a proxy relay.
> 
> Is there a similar site to mxtoolbox that will test apache for improper
> relaying?
> 
> thanks
> 
> I thought I had it blocked for this:
> 
> # cat 01-allow.conf
> 
>     Options Indexes FollowSymLinks
>     AllowOverride None
>     Order deny,allow
>     allow from 192.168.96.0/255.255.255.0
>     allow from 50.253.254.0/255.255.255.240
>     deny from all
> 
> 
> # more roundcubemail.conf
> 
> 
>     ServerName webmail.htt-consult.com
>     ServerAlias webmail
> 
>     RewriteEngine On
>     RewriteCond  %{SERVER_PORT} !^443$
>     RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
>     ExpiresDefault "access plus 10 years"
>     AddOutputFilterByType DEFLATE text/html text/plain text/xml
>     php_admin_flag session.cookie_secure "1"
> 
> 
> 
> 
> 
> 
> 
> # Round Cube Webmail is a browser-based multilingual IMAP client
> #
> 
>     ServerName webmail.htt-consult.com
>     ServerAlias webmail
> 
>     SSLEngine On
>     SSLCertificateFile /etc/pki/tls/certs/webmail.htt-consult.com.crt
>     SSLCertificateKeyFile /etc/pki/tls/private/webmail.htt-consult.com.key
> 
>     DocumentRoot /usr/share/roundcubemail
> 
> #    Alias /roundcubemail /usr/share/roundcubemail
> #    Alias /webmail /usr/share/roundcubemail
> 
>     
>         Order Deny,Allow
>         Allow from all
>         php_admin_flag session.cookie_secure "1"
>     
> 
> 
> 
> 
> 
> # Round Cube Webmail is a browser-based multilingual IMAP client
> #
> 
>     ServerName web2mail.htt-consult.com
>     ServerAlias web2mail
> 
>     SSLEngine On
>     SSLCertificateFile /etc/pki/tls/certs/webmail.htt-consult.com.crt
>     SSLCertificateKeyFile
> /etc/pki/tls/private/webmail.htt-consult.com.key
> 
>     DocumentRoot /usr/share/roundcubemail
> 
>     
>     Order Deny,Allow
>     Allow from all
>     php_admin_flag session.cookie_secure "1"
>     
> 
> 
> 
> 
> =
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
> 
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Fw: unsubscribe

2018-02-09 Thread Ruben Safir 
On 02/08/2018 09:18 PM, Richards, Toby wrote:
> ?I sent my unsubscribe message over seven hours ago. Why am I still getting 
> messages?
> 
>

why take personal problems to the list?

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] how to get post data when using shell script as cgi script.

2018-01-03 Thread Ruben Safir 
On 01/03/2018 10:21 PM, Keva-Slient wrote:
> i use set in script printing all environment variables.
>  there is no variable named "QUERY_STRING_POST"
> 
> 
> using shell script getting post data is found in  this webpage.
> 
> 
> http://www.team2053.org/docs/bashcgi/postdata.html
> 
> 
> 
https://httpd.apache.org/docs/2.2/env.html


> 
> apache version:
> Server version: Apache/2.4.10 (Debian)
> Server built:   Sep 20 2017 04:37:43
> 
> 
> 
> --
> .
>  Vanity...My favourite sin.
>  --<>
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] how to get post data when using shell script as cgi script.

2018-01-03 Thread Ruben Safir 
On 01/03/2018 10:21 PM, Keva-Slient wrote:
> i use set in script printing all environment variables.
>  there is no variable named "QUERY_STRING_POST"
> 
> 
> using shell script getting post data is found in  this webpage.
> 
> 

set is a shell script command not an HTTPD command.

http://www.cgi101.com/book/ch3/text.html


> http://www.team2053.org/docs/bashcgi/postdata.html
> 
> 
> 
> 
> apache version:
> Server version: Apache/2.4.10 (Debian)
> Server built:   Sep 20 2017 04:37:43
> 
> 
> 
> --
> .
>  Vanity...My favourite sin.
>  --<>
> 


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Re: mirror a html site

2017-12-24 Thread Ruben Safir 
On 12/24/2017 01:49 PM, Miguel González wrote:
> On 12/24/17 12:53 AM, Good Guy wrote:
>> On 23/12/2017 10:26, Miguel González wrote:
>>>   A hosting company with their builder tool created a static html site
>>> that can´t be downloaded.
>>>
>> Did you try this tool?
>>
>> 
>>
>> If not please provide a link of the site because there is no such thing
>> as "can´t be downloaded" when the site is visible to the public.
> What I mean is that the company doesn´t provide any FTP access to
> download the files.
> 
> I did use httrack and at least I could keep a backup of the website (not
> complete, because It wasn´t able to download links with spanish characters).
> 
> Unfortunately as I said, it creates folders for the cdn entries and the
> structure of the website is using www.mysite.com/www.mysite.com/
> structure with subfolders for each cdn.
> 
> For the time being I am using wget -mkEp which is still using the cdn
> entries from the company. It´s not the best solution but in case they
> turn of the cdns It will be much "easier" to change links manually.
> 
> thanks!


Scraping the website largely depends on the amount of javascript garbage
on the pages.  The straight html and source can be pulled by LWP and
w3m, fairly easily.

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] mirror a html site

2017-12-24 Thread Ruben Safir 
On 12/24/2017 01:54 PM, Jonathan Sélea wrote:
> Offtopic, but why do is your email "miguel_3_gonza...@yahoo.es.INVALID"?
> 
> Is it my postfix who has somekind of breakdown?


email the list instead?


-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache2 php not responding

2017-12-12 Thread Ruben Safir 
On 12/12/2017 12:56 PM, Robert Steinmetz AIA wrote:
> I run a server on Ubuntu 16.04 and recently did some updates, after the
> updates the Apache2 server does not run php correctly. the pages simply
> time out. I'm running a php Application Egroupware, which is written in
> php.
> 
http://php.net/mailing-lists.php

https://lists.ubuntu.com/


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Apache 2.4 DoS?

2017-11-10 Thread Ruben Safir 
On 11/10/2017 12:41 PM, Douglas Duckworth wrote:
> Hi
> 
> I am running old PHP under Apache httpd-2.4.
> 
> During a typical day:
> 
> Server load: 0.03 0.03 0.05
> Total accesses: 16028 - Total Traffic: 1.4 GB
> CPU Usage: u20.92 s1.24 cu.01 cs.23 - .00163% CPU load
> .0116 requests/sec - 1104 B/second - 92.7 kB/request
> 2 requests currently being processed, 8 idle workers
> 
> Though, ever few weeks, we see sudden increase in workers who never seem to
> retire:
> 
> [Fri Nov 10 02:43:20.019924 2017] [mpm_prefork:error] [pid 13584] AH00161:
> server reached MaxRequestWorkers setting, consider raising the
> MaxRequestWorkers setting
> 
> user@server[/var/www]$ ps aux | grep [h]ttpd | wc -l
> 257
> 
> It's my belief that this occurs due to malicious activity involving our old
> PHP sites, given this version has multiple known denial of service
> vulnerabilities, however the only thing I see in logs, during the time when
> workers were spawned, are light spider and bot activity.
> 
> We are running mod_security, mod_evasive, and mod_reqtimeout.
> 
> apachectl -t -D DUMP_MODULES | grep -e timeout -e security -e evasive
> 
> reqtimeout_module (shared)
> security2_module (shared)
> evasive20_module (shared)
> 
> httpd.conf:
> 
> MaxKeepAliveRequests 50
> KeepAlive On
> Timeout 30
> KeepAliveTimeout 10
> 
> 
>   RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
> 
> 
> 
>StartServers5
>MinSpareServers 2
>MaxSpareServers 10
>MaxRequestWorkers 128
>MaxRequestsPerChild 50
>MaxRequestWorkers 100
> 
> 
> modsecurity.conf:
> 
> SecRuleEngine on
> 
> mod_evasive.conf:
> 
> DOSPageCount50
> DOSSiteCount   100
> DOSPageInterval 1
> DOSSiteInterval 1
> 
> php.ini:
> 
> max_execution_time = 10
> max_input_time = 10
> memory_limit = 32M
> error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
> log_errors = On
> 
> I set MaxRequestWorkers to 100 though it seems that threshold was passed
> meanwhile the server's no longer serving data, as the failover's now
> active, but these httpd workers *refuse to die*!
> 
> If my VirtualHosts were under DoS, in a manner that exploits PHP, then
> would I even be able to detect them in the logs?
> 
> Based upon my limited experience, I should be protected against both "slow"
> and "fast" DoS though of course not DDoS.  Greatly appreciate the insight
> and assistance.  We plan on replacing our old PHP sites but until then I
> want to do what I can to ensure this stops happening other than bringing up
> the failover.
> 
> Thanks,
> 
> Douglas Duckworth, MSc, LFCS
> HPC System Administrator
> Scientific Computing Unit
> Physiology and Biophysics
> Weill Cornell Medicine
> E: d...@med.cornell.edu
> O: 212-746-6305 <(212)%20746-6305>
> F: 212-746-8690 <(212)%20746-8690>
> 


Did you try the PHP mailing list?

That version of PHP is like Swiss cheese and you are not going to be
able to avoid a complete rebuild of the server which should be chrooted,
or in a readonly file system, and analysis is of minimal value, if not
counter productive.


Ruben Safir. MS Comp Sci (Computational Evolutionary Biology), BS Pharm RPh
NYLXS Chief Technologist
Free Software Education and Advocacy since 1997
E: ru...@mrbrklyn.com
O: 718-715-1771
-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] comfil problem with 2.4.23

2017-09-30 Thread Ruben Safir 
I am having trouble compiling mod_perl and the docs recommend 2.4.23

is I tried it and I get this compile error

make[2]: Entering directory '/home/ruben/src/httpd-2.4.23/support'
/usr/share/apr-1/build/libtool --silent --mode=link gcc  -pthread   -lssl 
-lcrypto  \
  -L/usr/lib   -o ab  ab.lo  -L/usr/lib -R/usr/lib -laprutil-1 -ldb-5.3 
-lgdbm -lexpat -L/usr/lib -R/usr/lib -lapr-1 -lm
ab.o: In function `main':
ab.c:(.text+0x64b4): undefined reference to `SSLv2_client_method'
ab.c:(.text+0x675b): undefined reference to `CRYPTO_malloc_init'
collect2: error: ld returned 1 exit status

I installed with pacman openssl on this arch based system

2.4.27 compiled without a hitch

-- 
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com 

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive
http://www.coinhangout.com - coins!
http://www.brooklyn-living.com

Being so tracked is for FARM ANIMALS and and extermination camps,
but incompatible with living as a free human being. -RI Safir 2013

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org