From Apache point of view...
* Don't use .htaccess files... put everything in httpd.conf (or
equivalent) there is a huge file system performance hit {Apache has
to look for .htaccess files in the directory and any parent directories}
include AllowOverride None in httpd.conf
* Remove
The documentation recommends a higher value for the sslsessioncache, probably
for performance reasons. I wonder if you can unset that ssl header variable
when your user hits the error page or before they try again, using mod_headers
unset directive, configured only on that directory or file?
Hi Team,
we are facing issues while performing Mutual SSL Authentication between Apache
HTTPD Proxy and Server (using BW as Server)
Scenario is: HTTP Client --- (http connection)--- Apache HTTPD --- (https
connection) ---HTTPS Server.
Server side authentication is working fine on both Linux
Hi James,
On 06/09/2015 03:59 PM, James Smith wrote:
In many cases it will only be a few packets anyway so won't actually
make that much difference!
The point is that it is better to stop the request in the first place
by setting the appropriate expires/cache control header... than use
the
On Tue, Jun 9, 2015 at 9:29 AM, Karan Mengi karan_me...@infosys.com wrote:
The problem appears to be that HTTPD does not include the issuer details
while presenting its certificate to the server, so probably its failing
chain verification. We have tried many options found on the net like
I need step-by-step to upgrade to apache v7.0.40, what to download and how
to apply this on production environment.
*SALAMI KEHINDE R*
Thanks for your suggestions!
Thanks,
Motty
On 06/09/2015 06:59 AM, James Smith wrote:
In many cases it will only be a few packets anyway so won't actually
make that much difference!
The point is that it is better to stop the request in the first place
by setting the appropriate
On Tue, Jun 9, 2015 at 11:41 AM, Salami Kehinde Rasheed
kennysal...@gmail.com wrote:
I need step-by-step to upgrade to apache v7.0.40, what to download and how
to apply this on production environment.
*SALAMI KEHINDE R*
This is the wrong mailing list; this list is for supporting Apache
When using Sugar CRM under mod-fcgid, we encounter a problem after a few days
of running. The error logged by httpd is:
[Tue Jun 09 09:32:33.423239 2015] [fcgid:warn] [pid 5202:tid 140367450076928]
(20014)Internal error: [client 75.147.140.126:5] mod_fcgid: can't get tmp
dir, referer:
Hello Jeff,
I need step-by-step to make apache-httpd-upgrade-2_2_29, what to download
and how to apply this on production environment(Window Server 2008 and
2012R2)
I want to close *Apache HTTPD: mod_status buffer overflow (CVE-2014-0226)*
vulnerability,
I want to close *Apache HTTPD: insecure
Thanks,
seem to be blocking me when accesssing from a different IP now:
here is the code am using:
# defese agains brute force attacks
Directory ~ /administrator
order deny,allow
Deny from all
allow from 192.168.1.65
/Directory
yes! I am using Apache 2.4 version.
On
Hello,
I am trying to restrict access to joomla Administrator directory by IP:
# defese agains brute force attacks
Directory /administrator
order deny,allow
Deny from all
Require ip 192.168.1.65
/Directory
this code on httpd.conf is not stopping me from logging onto
Date: Tuesday, June 09, 2015 02:11:55 PM -0700
From: Motty Cruz motty.c...@gmail.com
Hello,
I am trying to restrict access to joomla Administrator directory
by IP:
# defese agains brute force attacks
Directory /administrator
order deny,allow
Deny from all
Thanks for your support;
I changed my code to this:
Directory ~ /administrator
Require all denied
Require ip 192.168.1.65
/Directory
now is working fine.
Thanks,
Motty
On 06/09/2015 02:27 PM, Richard wrote:
Original Message
Date: Tuesday, June 09,
Original Message
Date: Tuesday, June 09, 2015 09:18:02 PM +
From: Richard lists-apa...@listmail.innovate.net
Date: Tuesday, June 09, 2015 02:11:55 PM -0700
From: Motty Cruz motty.c...@gmail.com
Hello,
I am trying to restrict access to joomla
Yes - it is the request over head - the client will still make the
request at which point the server has got to decide has it changed
before even - which for most static requests is the heaviest (slowest)
part before returning the not-changed response - and then serving the
content!
You
Hi James,
On 06/09/2015 10:24 AM, James Smith wrote:
From Apache point of view...
* Don't use .htaccess files... put everything in httpd.conf (or
equivalent) there is a huge file system performance hit {Apache
has to look for .htaccess files in the directory and any parent
Remove etags (Header unset Etag/FileETag None)
Won't this disable conditional requests, ex. If-None-Match and friends? Is
your recomendation because of the header overhead or am I missing something?
Just if-None-Match. If-Modified-Since would still work. I believe
people recommend disabling
Hi Rainer,
On 06/09/2015 02:53 PM, Rainer Canavan wrote:
Remove etags (Header unset Etag/FileETag None)
Won't this disable conditional requests, ex. If-None-Match and friends? Is
your recomendation because of the header overhead or am I missing something?
Just if-None-Match.
It's not the etag calc it's actually the round tripping to the server
that is the main over head - better to get the client to cache content...
Apache will still have to touch the file system to see if the content
has changed (however it is done) and on some filesystems just
locating the file
Hi James,
On 06/09/2015 02:36 PM, James Smith wrote:
Yes - it is the request over head - the client will still make the
request at which point the server has got to decide has it changed
before even - which for most static requests is the heaviest
(slowest) part before returning the
In many cases it will only be a few packets anyway so won't actually
make that much difference!
The point is that it is better to stop the request in the first place by
setting the appropriate expires/cache control header... than use the
etag mechanism...
James
On 09/06/2015 14:56,
On Tue, Jun 9, 2015 at 2:45 PM, Salami Kehinde Rasheed
kennysal...@gmail.com wrote:
I need step-by-step to make apache-httpd-upgrade-2_2_29, what to download
and how to apply this on production environment(Window Server 2008 and
2012R2)
I want to close *Apache HTTPD: mod_status buffer
At 09:24 AM 6/9/2015 +0100, James Smith wrote:
[snip good advice]
* For minifying CSS/JS: look at yui compressor and google closure
compiler... (Use jshint to check your js to make sure that it will
merge/compress OK)
* Can use a number of build tools to do some of this
24 matches
Mail list logo
