Re: [users@httpd] AWS Network Loadbalancer’s ProxyProtocol V2 and HTTPD mod_remoteip

1.38.27:59548] AH00566: request failed: > malformed request line > > Thanks ! > > On 17 Oct 2019, at 15:52, William A Rowe Jr wrote: > > On Thu, Oct 17, 2019 at 9:04 AM David Tkacik < > dtka...@healthcoachinstitute.com> wrote: > >> >> But when I try to con

Re: [users@httpd] Is it possible to have in Apache 2.4 VirtualHosts, each with its own SSLProtocol ?

On Thu, Oct 17, 2019 at 2:06 AM Marian Ion wrote: > > Yes, that's why I set "SSLStrictSNIVHostCheck On" -> according to the > documentation "If set to on in the default name-based virtual host, > clients that are SNI unaware will not be allowed to access any virtual > host". > I set it in the

Re: [users@httpd] AWS Network Loadbalancer’s ProxyProtocol V2 and HTTPD mod_remoteip

On Thu, Oct 17, 2019 at 9:04 AM David Tkacik < dtka...@healthcoachinstitute.com> wrote: > > But when I try to connect I’m getting 400 Bad Request > Change your Apache LogLevel to 'debug' and repeat the attempt, examine the error log and feel free to quote it here for further guidance.

Re: [users@httpd] Can't get X-Forwarded-For to be passed through to app with apache reverse proxy

It's spelled out right in the docs, that header is consumed as decoded by httpd, and the effective remote IP address is what it decoded. If you want it seen by Tomcat, don't do that. https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html#processing On Mon, Sep 23, 2019, 12:45 John Pyeatt

Re: [users@httpd] Apache 2.4.6 - ErrorLog

On Fri, Sep 13, 2019 at 3:46 PM Jim Albert wrote: > In use of CentOS7 servers and the included apache, I'm moving to > Apache/2.4.6 > > It appears something related to ErrorLog has changed. > I'm using what I have always used: > ErrorLog "logs/error_log" > > and I do see messages going to

Re: [users@httpd] Crash of httpd in Endurance

Check the respective versions of apr and apr-util, perhaps that is the underlying change, since this is arch-specific? You can checking any existing MaxMemFree https://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxmemfree directive and perhaps toggle it down to 1MB (value 1024) persisting

Re: [users@httpd] Compiling Apache with Non-System OpenSSL

On Wed, Jul 31, 2019 at 7:27 PM Nigel B. Peck wrote: > > Setting up LD_LIBRARY_PATH in the envvars seems the best way to go in my > case then, with the need to avoid a system-wide install. Good to have > understood the options better. > w.r.t. Apache httpd, there is an installed script called

Re: [users@httpd] Issue with FastCGI module in Apache 2.4

mod_fastcgi is long abandoned and was not a part of the httpd project. A derivative work mod_fcgid is maintained (lethargicly) by the project as a separate download ... https://httpd.apache.org/mod_fcgid/ and a new *core* module was introduced, mod_proxy_fcgi that is part of the standard

Re: [users@httpd] Apache HTTP Server Prior to 2.4.12 Multiple Vulnerabilities

On Tue, Jun 18, 2019 at 6:41 AM Richard wrote: > > > Date: Tuesday, June 18, 2019 05:38:50 + > > From: Satish Chhatpar 02 > > > > How to patch Apache 2.4.6 to latest release on RHEL 7.4? > > > > RedHat backports patches to the base version, keeping the version > number stable within an OS

Re: [users@httpd] Can't connect to server on 443 ... no log information being generated

On Mon, Jun 3, 2019 at 11:08 PM Geoff Russell wrote: > Hi Douglas, > > Thanks for your help. I've spent about 6 hours on this problem and it > has just vanished ... > > I tried elinks as a substitute for telnet ... telnet does succeed in the > socket handshake, to is useful for quick test of

Re: [users@httpd] Receive openssl library version mismatch when enabling mod_ldap ??!!

You need to build OpenLDAP against the OpenSSL in use (this is also true of curl for mod_md.) Every bit including APR-util are all going to need to agree on the flavor of OpenSSL in use. On Fri, May 3, 2019, 14:12 ken edward wrote: > Hello, > > I successfully built a FIPS openssl based

Re: [users@httpd] Ssl certificate ignored in virtual host

On Wed, Apr 17, 2019 at 4:08 PM Rose, John B wrote: > Why would ssl.conf certificate settings override the certificate settings > in a specific virtual host config file? > The concept is inheritance. Picture all the #include'ed .conf files flattened at the global scope, unless you actually do

Re: [users@httpd] Unexpected result of requesting client certificate when requesting locations with different SSLVerifyClient settings

On Wed, Apr 10, 2019 at 7:30 PM Du Hao wrote: > Is Apache HTTP Server going to drop TLSv1.2 support in near future? If > not, it is a bug that affects user who voluntarily choose to not use > TLSv1.3. > Because 2.4 dates all the way back to the now-unsupported 0.9.8 lifecycle, it seems unlikely

Re: [users@httpd] Unexpected result of requesting client certificate when requesting locations with different SSLVerifyClient settings

On Wed, Apr 10, 2019 at 10:48 AM Du Hao wrote: > > I suspect there is a bug involved in the SSL client verification type > changing and the re-negotiation flow. While I admit it may be a corner case > but the original use case is very crucial to my current user base. I > checked the Bug database

Re: [users@httpd] Re: CVE-2019-0211/0215/0217

In general, problems which stretch back to the initial 2.4.1 or commonly deployed 2.4.3 might also affect 2.2.x or 2.0.x. As users have had almost a decade to adjust and these versions are EOL, the project seems unlikely to care, and notices are everywhere that the old flavors are no longer

Re: [users@httpd] Strange responses

The requests processed asked to GET and POST to / in HTTP/1.1 protocol. Why do you suppose your server should reject a request for the content '/'? Seems like a very strange concern. Depending on the handler charged with processing '/', the remaining '?' query args are interpreted, or generally

Re: [users@httpd] Apache httpd 2.4.39 GA for Windows

On Tue, Apr 2, 2019 at 2:35 AM Steffen wrote: > The ASF HTTPD project did not mention security vulnerabilities fixed in > the initial changelog 2.4.39. To be 100% accurate, the ASF HTTP Server project had not announced the release of 2.4.39. It had concluded a vote, but only the RM's

Re: [users@httpd] WAMP64 Apache2.4 & PHP 5.2?

On Tue, Jan 29, 2019, 14:16 Jerry Malcolm On 1/29/2019 12:31 PM, William A Rowe Jr wrote: > > On Tue, Jan 29, 2019 at 12:27 PM Jerry Malcolm > wrote: > >> I'm running a very recent version of WAMP x64. I inherited an 'ancient' >> php app that requires php 5.2 and no

Re: [users@httpd] WAMP64 Apache2.4 & PHP 5.2?

On Tue, Jan 29, 2019 at 12:27 PM Jerry Malcolm wrote: > I'm running a very recent version of WAMP x64. I inherited an 'ancient' > php app that requires php 5.2 and no higher. I went through the > process of adding php 5.2 to WAMP, and I copied php5apache2_4.dll from > php 5.6 folder and did

Re: [users@httpd] Urgent: Need to compress only above 1MB files in Apache webserver

Compression on-the-fly is generally unwise. Incrementally better compression comes at an escalating server cpu penalty. There might be some way to trigger mod_deflate using mod_lua or mod_rewrite if you were adventurous, but see this page for info about expr tests for filesize you can use to

Re: [users@httpd] URGENT: Apache HTTP Migration from 1.3 to 2.4 UNIX Solaris

On Tue, Jan 8, 2019 at 10:48 AM wrote: > > I have migrated a user module mod_example from 1.3 to 2.4. But when I try > to start the apache it is giving a segmentation fault and creating a core. > > Following is the stacktrace while debug: > t@1 (l@1) signal SEGV (no mapping at the fault address)

Re: [users@httpd] Graceful shutdown of apache

On Mon, Dec 10, 2018 at 11:11 AM Hemant Chaudhary < hemantdude.chaudh...@gmail.com> wrote: > Hi, > > I have updated apache-2.4.29 to apache-2.4.37 but still I am not able to > graceful shutdown in debug mode. > > Can you please tell me how should achieve it. ? or let me know the > function which

Re: [users@httpd] Configuring redirects from http to https

On Fri, Nov 30, 2018 at 1:40 PM Jack M. Nilles wrote: > # http redirect >>> >>> >>> >>> >> Note you have an error there, the incoming request will be matched to only one list of matching VirtualHosts, host1.com alone on the first, and host2 alone on the second list. You surely meant these to

Re: [users@httpd] Using redis for caching Apache requests

You will have to go out of your way to disable TLS tickets. In the course of normal operations, you won't see many cached TLS sessions at all, because the ticket is returned to the client, and the client re-presents that ticket to reestablish the session; no session caching required.

Re: [users@httpd] Graceful shutdown of apache

Graceful shutdown is a WINCH signal. In -X mode you don't have a parent -> children relationship with httpd, just the worker process. It isn't for normal operation. On Thu, Nov 22, 2018 at 7:28 AM Hemant Chaudhary < hemantdude.chaudh...@gmail.com> wrote: > Hi, > > I am not able to shutdown

Re: [users@httpd] URGENT: Apache HTTP Migration from 1.3 to 2.0 UNIX Solaris

already modules for authentication providers like ldap, content > caching, database access, etc. > > > > The time savings on the simplified troubleshooting steps are likely to > be far from insignificant, and you would have the benefit of a more > standardized/modern codebase. Fo

Re: [users@httpd] URGENT: Apache HTTP Migration from 1.3 to 2.0 UNIX Solaris

On Tue, Nov 13, 2018 at 11:04 AM wrote: > > Our main objective is to migrate to 2.4. Since I faced an issue while > doing so, I thought it would be better to first migrate to 2.0 then to 2.2 > and finally to 2.4. > While that is one approach, I'm afraid it won't speed up your exercise; it is

Re: [users@httpd] URGENT: Apache HTTP Migration from 1.3 to 2.0 UNIX Solaris

On Mon, Nov 12, 2018 at 10:38 AM wrote: > > I have installed and set up httpd 2.0.65 version of apache server on Solaris 11 Speaking for most readers of this list, we wonder why... what would lead you to such a silly act? Is this in the syllabus/exercises inflicted by a cruel teaching assistant?

Re: [users@httpd] Patch request for Apache 2.4.x for the CVE-2016-4975

On Mon, Nov 5, 2018 at 1:25 AM Andrew Joshwa <4andrewjosh...@gmail.com> wrote: > Hi, > > Can anyone please help me to get the patch for the CVE-2016-4975. > Yes, http://www.apache.org/dist/httpd/, obtain and build the latest version of 2.4. Or if you want to avoid the TLS 1.3 enhancement, you

Re: [users@httpd] RE: Warning from users@httpd.apache.org

It is a confusing message. Your mail server is rejecting some messages sent to you by the list server, perhaps because it detects spam, perhaps because there was a short window the server was down/in maintenance. On Sat, Nov 3, 2018, 08:26 Leland Your messages are the only ones being bounced.

Re: [users@httpd] unescape urlencoded

Hi Simon, you might want to express your interest/RFE to the d...@apr.apache.org list, since that is where the apr_* functions are maintained, and enhancement requests are always welcome. On Thu, Oct 25, 2018 at 8:37 PM Simon Walter wrote: > I see apr_escape_urlencoded, but not

Re: [users@httpd] Reverse proxy not sending certificate

A number of regressions are fixed in 2.4.35, please retest against that version. On Fri, Oct 12, 2018, 15:27 Schettler, Marty L. < martin.l.schett...@leidos.com> wrote: > My reverse proxy config doesn’t work with SSL any more as I try to upgrade > from 2.4.29 to 2.4.34. > > > > My config: > > >

Re: [users@httpd] Get request of large file size greater than 100KB

I've looked at the httpd and apr code, what source package were you using which started from a default MAX_IOVEC_TO_WRITE (APR_MAX_IOVEC_SIZE?) of 6? TIA, Bill On Thu, Sep 27, 2018 at 11:59 AM Hemant Chaudhary < hemantdude.chaudh...@gmail.com> wrote: > Hi, > > I have solved the problem by

Re: [users@httpd] Compiling 2.4.34 on linux against a non system openssl version

o apr-util and httpd are built with 1.0.0 and mod_ssl with 1.1.0 Guess I will try to contact some of the sites providing httpd 2.4.x binaries with 1.1.0 support and ask about how they are handling apr-util. Thanks, Matt On Tue, Sep 18, 2018 at 2:04 PM, William A Rowe Jr wrote: > On Tue,

Re: [users@httpd] Compiling 2.4.34 on linux against a non system openssl version

On Tue, Sep 18, 2018 at 10:24 AM Matthew Goebel wrote: > Ah, and I've been looking at httpd instead of mod_ssl.so, this does in > fact appear to be working... ugh... never mind me. > No worries, but please note that apr-util can be built linking to openssl, and if that optional

Re: [users@httpd] Unable to set ciphers string with space separated in apache

a single argument to SSLCipherSuite. It still may not work, we only "support" colon-separated lists, as documented, but pass the string given, and the rest is up to OpenSSL. > On Mon, Aug 27, 2018 at 7:03 PM, William A Rowe Jr > wrote: > >> A good argument for following htt

Re: [users@httpd] Reverse Proxy trouble with mod_substitute

The proxy response input is dechunked as it is retrieved from the back end. Any chunking to the client is introduced by httpd after filtering. It may be that the request deflate and inflate filters have comingled a zlib stream context? On Tue, Sep 4, 2018, 12:43 Maarten Boekhold wrote: > Hi, >

Re: [users@httpd] Large authorization header returning error 400

On Wed, Aug 29, 2018 at 3:12 AM, Audebert Bernard wrote: > > The request work fine with Authorization header line of up to at least > 5674 bytes but break with Authorization header of more than 6178 bytes with > the following answer : > > Here is an excert of the server-info page we have

Re: [users@httpd] Unable to set ciphers string with space separated in apache

A good argument for following httpd documented convention. If you want to continue exploring, you would want to quote the cipher string, since httpd would take apart unquotes, space separated tokens as different httpd directive arguments, and you surely don't want that. On Sat, Aug 25, 2018,

Re: [users@httpd] configuring mod_proxy_ftp for client ip logging

of other posts asking the same question. It's an entirely reasonable extension of FTP, which if it existed, mod_proxy_ftp could be enhanced to support. On Jul 25, 2018 23:34, "William A Rowe Jr" wrote: If I understand your question, mod_proxy_ftp does not speak ftp to the client; on

Re: [users@httpd] configuring mod_proxy_ftp for client ip logging

If I understand your question, mod_proxy_ftp does not speak ftp to the client; only between the httpd server and backend. So the only data channel is the one established by httpd to shuttle the data. On Tue, Jul 24, 2018, 12:28 Harbo, Peter wrote: > The mod_proxy_ftp module is working fine

Re: [users@httpd] "Permissions" lost after upgrade to 2.4.33

On Mon, Jul 16, 2018 at 4:53 PM, James Moe wrote: > > After the upgrade from v2.4.23 to v2.4.33, https requests yield error > 403: > Access forbidden! > You don't have permission to access the requested directory. There is > either no index document or the directory is read-protected. >

Re: [users@httpd] APR Table vs. Hash & Array vs. Skip List vs. Ring

On Sun, May 27, 2018 at 10:00 PM, Simon Walter wrote: > On 05/27/2018 05:49 PM, Nick Kew wrote: > >> On 27 May 2018, at 03:40, Simon Walter wrote: > >> > >> Hi everyone, > >> > >> First of all, I am not sure if this is the right place to ask this. > >> Please send me to the appropriate mailing

Re: [users@httpd] Apache as a Mutual SSL enabled Forward Proxy

Your next thing to test, from a vanilla/completely reset browser, would be to load up these corresponding cert+key and ca chain files into that blank slate, and ensure that these credentials actually work against your backend; * SSLProxyMachineCertificateFile

[users@httpd] [Appeal] zh Reviewers wanted (was: Attempting translating Chinese documentation)

On Sun, May 13, 2018 at 8:24 AM, CodeingBoy wrote: > Hello William, thanks for your information. I have completed the > translation progress of error messages. > I have translated these message to both Simplified Chinese(zh-cn) and > Traditional Chinese(zh-tw). One thing

[users@httpd] Re: [REQUEST] Httpd Webserver Training in French

Hi Sharan, it's usually more efficient to ask the community directly about project-specific asks. I've gone ahead and forwarded your note to the users and dev lists where we are more likely to find the right resources. I personally know at least a half dozen httpd committers proficient in French,

Re: [users@httpd] Is httpd 2.4.x is supported on CentOs6?

According to my notes, that is 2.2.15. As noted previously, turn to RH for support. The EOL was back in July and we will stop making public comments or security advisories once we have fewer than three active project members attending to this legacy version. On Nov 28, 2017 06:47, "chetan

Re: [users@httpd] RE: [ANNOUNCE] Apache HTTP Server 2.4.29 Released

Actually, that was in APR-util 1.6.1, see the APR release announcement and Craig's users@httpd post. On Wed, Oct 25, 2017 at 4:02 PM, Craig Young wrote: > I’m not sure if this is what is referred to in the Apache 2.4.29 > announcement, but please note that the Apache

Re: [users@httpd] [ANNOUNCE] Apache HTTP Server 2.4.29 Released

On Mon, Oct 23, 2017 at 11:53 AM, William A Rowe Jr <wr...@rowe-clan.net> wrote: > On Mon, Oct 23, 2017 at 11:45 AM, Jim Jagielski <j...@jagunet.com> wrote: >> Apache HTTP Server 2.4.29 Released >> >> October 23, 2017 >> >> The Apache S

Re: [users@httpd] [ANNOUNCE] Apache HTTP Server 2.4.29 Released

On Mon, Oct 23, 2017 at 11:45 AM, Jim Jagielski wrote: > Apache HTTP Server 2.4.29 Released > > October 23, 2017 > > The Apache Software Foundation and the Apache HTTP Server Project > are pleased to announce the release of version 2.4.29 of the Apache > HTTP Server

[users@httpd] Fwd: [Announcement] Apache HTTP Server 2.4.28 Released

For anyone not subscribed to announce@, sorry I hadn't passed this on... -- Forwarded message -- From: "William A Rowe Jr" <wr...@apache.org> Date: Oct 5, 2017 13:48 Subject: [Announcement] Apache HTTP Server 2.4.28 Released To: <annou...@apache.org> Cc:

[users@httpd] Fwd: Flood 0.4 status? (was: flood 0.4 was never signed for?)

Copying users@ in case some of you are Flood subproject users, please make your voices heard. Thanks, Bill -- Forwarded message -- From: William A Rowe Jr <wr...@rowe-clan.net> Date: Thu, Sep 14, 2017 at 10:48 AM Subject: Re: Flood 0.4 status? (was: flood 0.4 was never

[users@httpd] Flood 0.4 status? (was: flood 0.4 was never signed for?)

What's our position on this? Is it time to declare flood abandoned? Are there any users of this tool who want to contribute to maintaining it? Offhand, I expect it does not support TLS/SNI. Nor HTTP/2. If abandoned, we can simply remove www.a.o/dist/httpd/flood to resolve Daniel's issue. If not

Re: [users@httpd] How to use binary to run httpd in different location

On Wed, Aug 2, 2017 at 6:24 AM, Eric Covener wrote: > On Wed, Aug 2, 2017 at 5:21 AM, Hemant Chaudhary > wrote: >> Hi >> >> I have ported apache on my machine. I have copied bin,lib.conf,modules, >> htdocs,logs to another location. Now I want to

[users@httpd] CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest

CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest Severity: Important Vendor: The Apache Software Foundation Versions Affected: all versions through 2.2.33 and 2.4.26 Description: The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or

[users@httpd] CVE-2017-9789: Read after free in mod_http2

CVE-2017-9789: Read after free in mod_http2 Severity: Important Vendor: The Apache Software Foundation Versions Affected: httpd 2.4.26 Description: When under stress, closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in

Re: [users@httpd] [ANNOUNCEMENT] Apache HTTP Server 2.4.27 Released

On Tue, Jul 11, 2017 at 9:13 AM, Hajo Locke wrote: > > Am 11.07.2017 um 15:58 schrieb Eric Covener: >> >> On Tue, Jul 11, 2017 at 9:41 AM, David Copeland >> wrote: o HTTP/2 will not be negotiated when using the Prefork MPM >>> >>> I'm

[users@httpd] [Announcement] Apache HTTP Server 2.2.34 Released

July 11, 2017 The Apache Software Foundation and the Apache HTTP Server Project announce the release of version 2.2.34 of the Apache HTTP Server ("Apache"), the final maintenance release of the 2.2 series. No further 2.2 releases are anticipated. This version of Apache is

Re: [users@httpd] Problems building httpd-2.4.26 with apr-1.6.2 and apr-util-1.6.0

On Fri, Jun 23, 2017 at 11:22 AM, Eric Covener wrote: > On Fri, Jun 23, 2017 at 10:55 AM, Martin Knoblauch wrote: >> Apparently apr-util no longer bundles "expat". So my question: what is the >> correct/intended way to work around this? > > > apr-util

Re: [users@httpd] if directive not being respected in Apache 2.4.6

On Wed, Jun 21, 2017 at 10:39 AM, Eric Covener wrote: > On Fri, Jun 9, 2017 at 12:36 PM, Day, Chuck wrote: >>Define locale1 fr-FR > > It is not currently documented or rejected, but "Define" can't be > wrapped in any of the normal configuration

RE: [users@httpd] Building httpd2.4.25 on powerpc-ibm-aix7.1.0.0

You'll need to provision libuuid and rebuild apr[-util] - a required prerequisite for httpd. On May 31, 2017 2:25 PM, "Joseph, Anselm" wrote: > Thank you all for your replies. > > So I got back on the horse and installed latest APRs and PCRE, then ran > configure again as

Re: [users@httpd] What is preferred PHP interface?

There is little activity on mod_fcgid because it works. There has been talk of tagging 2.3.10 at some point for very minor fixes. Mod_proxy_fcgi is a viable alternative, and offers the ability to load balance, but managing the process pool of available fcgi workers is offloaded from httpd and

Re: [users@httpd] Error nghttp2 version is too old

You really need to approach your package maintainer, I picked up nghttp2 around that same point a year ago and never had an issue. Anything to do with rpm installs is on the maintainer, and has nothing to do with this project, sorry we can't be of more help. On Sun, Mar 12, 2017 at 3:12 PM, John

Re: [users@httpd] URG:DocumentRoot relate query on WIndows

What you are seeing is correct behavior, DocumentRoot is an absolute path, whether you have specified this or not. If httpd sees an incomplete path, it is going to work out an absolute path from the ServerRoot If it appends the default and cannot establish a full path, you will receive the

Re: [users@httpd] Apache upgrade on Aix

There is a wealth of information in the build/ and build-1/ (APR) subdirectories about the compiler and linker choices that were used to create a build, if they are preserved. On Tue, Feb 7, 2017 at 8:38 AM, Chunduru, Krishnachaithanya wrote: > Hi

Re: [users@httpd] HTTPOxy vulnerability not posted to announce list?

https://lists.apache.org/list.html?annou...@httpd.apache.org:lte=1y:Httpoxy was the first release addressing the question by httpd project. Announce@ lists are used to broadcast release availability, making them less than ideal channels for this foundation-wide response;

Re: [users@httpd] Install and Configure Apache on Windows Server

There is a very recent skeleton on the wiki... https://wiki.apache.org/httpd/WindowsTrunkCompilation Aside from obtaining a release tarball, it is more straightforward than using the msvc studio build schema. On Nov 3, 2016 15:42, "Robert Ramoutar" wrote: > > Hello

[users@httpd] [Advisory] Apache Software Foundation Projects and "httpoxy" CERT VU#797896

Advisory: Apache Software Foundation Projects and "httpoxy" CERT VU#797896 Canonical URL: https://www.apache.org/security/asf-httpoxy-response.txt Publication: v1.0 18 July 2016 Audience This Advisory is directed to HTTP web server administrators and users of the software indicated

Re: [users@httpd] rpmbuild for httpd-2.4.23 failed missing mod_proxy_fdpass.so

This is a dev@ level regression, sharing with that list. Please confirm you are using httpd's own rpm. If not, the specific --enable-modules provided for your rpm.spec file may be at issue. On Jul 17, 2016 3:45 AM, "kohmoto" wrote: > I tried to rpmbuild the former

Re: [users@httpd] Apache fails to start after updating openssl from 1.0.1j to 1.0.2g

There was a well-documented binary breakage in 1.0.2g that has already been fixed in their source repository for the next openssl upgrades. That fix is here; https://github.com/openssl/openssl/commit/133138569f37d149ed1d7641fe8c75a93fded445 On Mon, Mar 14, 2016 at 12:05 PM, Ron Hawkins

Re: [users@httpd] SNI SSL per domain?

Sounds like you have mis-structured the config. Per servername - each can and should have its own cert and will be selected via SNI. If there are subadmins beneath each vhost section #include those snippets and they all still fall within the given host name. On Feb 1, 2016 11:21 AM, "Felipe

Re: [users@httpd] Blocking of users [was: Apache Server Access]

Precisely. We are likely to be switching mailing list mgmt platforms very soon, with luck we can preserve the subscribed address in such a way that unsubscribing users is less of a hassle. Right now the embedded list-unsubscribe fails to suggest the specific email address that needs to be

Fwd: [users@httpd] Possible virus via httpd server

, there is an offer for new translations of httpd that we would love proof-reading help with, if you are interested. Please join up with d...@httpd.apache.org if you would like to help review translated docs pages! Cheers, Bill -- Forwarded message -- From: William A Rowe Jr <

Re: [users@httpd] Circumstances when mod_php would run faster than PHP-FPM?

Mod_proxy_fcgi + php-fpm or mod_fcgid with php fcgi sapi should both be equivalent when tuned correctly. Your only option for running php in process efficiently is to use the non-threadsafe php in the httpd preform module. Your only option for running httpd efficiently is the event, or at least

Re: [users@httpd] ProxyPass + Redirect

On Wed, Dec 16, 2015 at 4:34 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > >RedirectMatch ^/foo(/)?$ /foo/someplace_specific.html >RedirectMatch ^/foo/index.html$ /foo/someplace_specific.html >ProxyPass /foo/index.html ! >ProxyPass /foo/

Re: [users@httpd] Buffer overrun in Apache 2.4.7-2.4.17

On Tue, Dec 15, 2015 at 2:34 PM, Mike Pastore wrote: > Hi folks, > > I believe I've found a buffer overrun affecting (at least) Apache 2.4.7 > and 2.4.17. I don't know enough about this sort of thing to determine how > serious it is and whether or not it is a potential security

Re: [users@httpd] Apache2 does not properly start

It's been too many years since I and others have looked at 2.4.7, if you can try this on a modern release of httpd and share those error logs, be glad to review. Bill On Dec 10, 2015 10:40 AM, "LVDave" wrote: > I have an Apache2 install (v2.4.7) running on Ubuntu 14.04 (32bit)

Re: [users@httpd] explicitly including other ciphers for use with https

On Tue, Dec 8, 2015 at 10:45 AM, Ron Croonenberg wrote: > I forgot, is there a "standard way" to create an rpm so I can install the > binaries somewhere? > Well, all the major linux distributions have their own forks, their own 'one right way' to package rpm/deb/etc, but have a

Re: [users@httpd] explicitly including other ciphers for use with https

On Dec 7, 2015 11:36 PM, "Marat Khalili" wrote: >> >> Everything *after* that handshake, in cleartext, is open for inspection or for manipulation > > Are you sure about the manipulation part? Why do you think encryption helps here then? To turn the question around, what gives you

Re: [users@httpd] explicitly including other ciphers for use with https

On Mon, Dec 7, 2015 at 7:40 PM, Jacob Champion <champio...@gmail.com> wrote: > On 12/07/2015 05:06 PM, William A Rowe Jr wrote: > >> On Mon, Dec 7, 2015 at 2:39 PM, Ron Croonenberg <r...@lanl.gov >> <mailto:r...@lanl.gov>> wrote: >> >> Hello

Re: [users@httpd] Apache2 and Tomcat : Simultaneously running both servers and Virtual Hosting.

Pretty simple answer, you either, 1. Change the Tomcat port, E.g. 8080 so it doesn't collide with httpd, or 2. Listen (IPaddr1):80 to httpd and bind (IPaddr2):80 to Tomcat. The second can be more confusing, since if you bind localhost:80 to Tomcat, httpd won't respond unless you make a request

Re: [users@httpd] explicitly including other ciphers for use with https

On Mon, Dec 7, 2015 at 2:39 PM, Ron Croonenberg wrote: > Hello, > > I a building a storage system, using HTTP/HTTPS for ingesting data. > > I would like to use the authentication over HTTPS, while after that I want > no encryption on the data because of peformance. > Then you

Re: [users@httpd] Apache modules built as .a and .la instead of .so libraries

Go back to how you initially built apr, that is going to be the origin of the libtool used by httpd. On Fri, Nov 20, 2015 at 8:23 AM, spggwp7q wrote: > Hi guys, > > I'm building apache 2.4.x (latest) for Solaris on Intel. I've built a > cross compiler for this, which seems

Re: [users@httpd] Is there a shell environment variable to direct httpd to a httpd.conf ?

On Fri, Nov 20, 2015 at 4:03 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > Gary, > > On 11/20/15 4:44 PM, Gary M wrote: > > I'm in a unique configuration dilemma where I need to place the location > > of httpd.conf in a "soft" location. eg the shell environment variable. > > >

Re: [users@httpd] how to compile apache httpd 2.4.17

On Nov 16, 2015 17:21, "David Long" wrote: > > I download Apache httpd 2.4.17 and want compile on Solaris 10 Sparc. > > It ask me to install APR. > > So I download APR 1.5.2 and try to configure it and following error. > > > > root@kiana# cd /www/apachesrc/apr-1.5.2 > >

RE: [users@httpd] how to compile apache httpd 2.4.17

nd compile it on the system yet. > > > > Thanks for your help. > > > > David Long > > > > *From:* William A Rowe Jr [mailto:wr...@rowe-clan.net] > *Sent:* Tuesday, November 17, 2015 11:36 AM > *To:* users@httpd.apache.org > *Subject:* Re: [users@httpd] how to c

[users@httpd] Re: FAQ?

On Sun, Nov 15, 2015 at 11:09 AM, yousuf sharief wrote: > Hi All, > > Please share the FAQ's to update my skills on Apache. > At this time there isn't an actively maintained FAQ, but the historical one is editable at http://wiki.apache.org/httpd/FAQ If folks on users@

[users@httpd] Re: merging Apache context

d to properly unbox and re-box the managed data when passing it back and forth from unmanaged httpd "C" code. That source code lives http://sourceforge.net/p/mod-aspdotnet/code/HEAD/tree/mod_aspdotnet2/trunk/ if it is of some help to compare how I handled similar issues. Enjoy your weekend... You

[users@httpd] Re: Festina Lente - Nóirín Plunkett / Shirley

On Wed, Jul 29, 2015 at 2:05 PM, Jim Jagielski j...@jagunet.com wrote: If you have ever read the httpd doccos, there are many people who made them what they are, and are deserving of thanks. But today we have lost one of the main and core talents behind them. Nóirín was a bright light and a

[users@httpd] [Announcment] Apache HTTP Server 2.2.27 Released

Apache HTTP Server 2.2.27 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.27 of the Apache HTTP Server (Apache). This version of Apache is principally a security and bug fix

Re: [users@httpd] Win32 Binary without crypto (no mod_ssl) (MSI Installer): httpd-2.2.23-win32-x86-no_ssl.msi

On 10/22/2012 1:18 PM, Yehuda Katz wrote: Any idea what would be required for someone who wanted to volunteer to manage windows builds? Binaries are created/distributed only by httpd committers as a matter of policy (irrespective of platform). This is due to the ASF's own liabilities and web

Re: [users@httpd] Segmentation fault error

You didn't dump the offending stack, you dumped the first stack. It's highly unlikely there was a segfault in _read. You need to dump all the thread stacks, and work out the offending one; this is usuallly designated FAULT or some other indication of where the fault occured. On 5/30/2012

Re: [users@httpd] LD_LIBRARY_PATH issue in 2.2.22 and earlier

On 5/24/2012 12:05 PM, Luke Lozier wrote: One of the PCI scanning companies is demanding an upgrade to 2.4.2 due to the issues described in this CVE: Changes with Apache 2.2.23 *) SECURITY: CVE-2012-0883 (cve.mitre.org http://cve.mitre.org) envvars: Fix insecure handling of

Re: [users@httpd] Denial of Service due to multiplication of httpd running

On 5/22/2012 12:02 PM, Bill Unruh wrote: Eg, here is one entry from the ps auxww list apache 18137 0.0 0.5 26844 5744 ?S09:34 0:00 /usr/sbin/httpd -f /etc/httpd/conf/httpd.conf -DAPACHE2 -DHAVE_PERL -DHAVE_PHP5 -DHAVE_ACTIONS -DHAVE_ALIAS -DHAVE_ASIS

Re: [users@httpd] Denial of Service due to multiplication of httpd running

On 5/22/2012 6:00 PM, Bill Unruh wrote: On Tue, 22 May 2012, William A. Rowe Jr. wrote: On 5/22/2012 12:02 PM, Bill Unruh wrote: At that time in the access_log I have a whole bunch of entries like ::1 - - [22/May/2012:09:34:22 -0700] OPTIONS * HTTP/1.0 200 - - Apache/2.2.22 (Mandriva

Re: [users@httpd] mod_fcgid + daemon implemented in C

On 5/9/2012 8:41 AM, Henrik Strand wrote: I want to use mod_fcgid (http://httpd.apache.org/mod_fcgid/) with a daemon implemented in C. Is there a lib available like the one from the FastCGI project (http://www.fastcgi.com/) to use for a fcgi_accept() function? Or do I have to implement one

Re: [users@httpd] How to differentiate between Graceful restart and stop in apache extended module

On 5/7/2012 6:37 AM, vk.indushekar VK wrote: Hi, We developed a apache module mod_xx.so. We have a requirement where in we need to differentiate between apache graceful restart and normal stop. We need to execute certain part of the code for graceful restart only. So how do we differentiate

Re: [users@httpd] Upgrading OpenSSL without upgrading Apache. Can it be done???

On 4/24/2012 3:09 PM, TFML wrote: I'm assuming you're using some sort of Windows operating system. I haven't done one in a few years, but I would assume the 1.0 version from http://slproweb.com/products/Win32OpenSSL.html should work like installing any other Windows Installer. If someone

Re: [users@httpd] Upgrading OpenSSL without upgrading Apache. Can it be done???

On 4/24/2012 4:05 PM, bfinkel...@aaamissouri.com wrote: Great thanks for the info! Where can I find out when apache.org will be bundling the latest version of OpenSSL with apache? PCI compliance calls for using level u as of today. If you had read the notices from the OpenSSL project

Re: [users@httpd] PHP doesn't process pages

On 4/22/2012 6:08 AM, Noel Butler wrote: John, On Sun, 2012-04-22 at 17:34 +1000, Noel Butler wrote: I note your using php 5.4.0 - all my testing has been with 5.3.10 and is done on Slackware, but I do have one RHEL 5.2 I'll throw 5.4 on the dev box if I get a chance later (almost

  1   2   3   4   5   6   7   8   9   >