ProxyPass is one way to do what you described. Rather than a redirect it
connects to example.com and passes traffic back and forth.
On Mon, Feb 8, 2021, 19:43 Edwardo Garcia wrote:
> Halo,
>
> I have situation where we have, let us say alpha.example.com
> bravo.example.com, we want to redirect
Halo,
I have situation where we have, let us say alpha.example.com
bravo.example.com, we want to redirect them and example.com to
zulu.example.com _but_for that and every page under, they
retain address bar of their original request hostname
ex: alpha.example.com click on subheading
Without knowing what your website is we can’t really see what is wrong. Have
you used chrome (or whatever browser you are using) developer’s tools to see
what is blocked by your content security policy (CSP)
From: Nick Folino
Sent: 08 February 2021 17:30
To: users@httpd.apache.org
Subject: Re:
What a great site! It consolidates weak servers for hackers to find easier.
On Mon, Feb 8, 2021 at 11:00 AM Jason Long
wrote:
> Thank you for your useful information.
> I checked my server with "https://securityheaders.com/; and result is:
> https://i.postimg.cc/SsBBtRsT/Header.png
>
> To
I found some help on writing modules in general, but nothing on
requirements specific to authentication modules. Would someone please
point me in the right direction.
--
Mark H. Wood
Lead Technology Analyst
University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan
Thanks Kyle.
Since this fix resulted in two 2.4 changes actually, it's possibly
worth mentioning them to the redhat team, that could help them:
- http://svn.apache.org/r1701404
- http://svn.apache.org/r1701405
Regards;
Yann.
On Mon, Feb 8, 2021 at 5:27 PM Kyle Hansen wrote:
>
> Good
-Original Message-
From: Eric Covener
Sent: 08 February 2021 13:13
To: users@httpd.apache.org
Subject: Re: [users@httpd] Which parameters must be set to solve these
Vulnerabilities? [EXT]
On Mon, Feb 8, 2021 at 6:24 AM Jason Long wrote:
>
> Hello,
> I scanned my Apache web server and
Good suggestion. Done here (https://bugs.centos.org/view.php?id=18053) for
anyone that may be interested.
-Original Message-
From: Yann Ylavic
Sent: Saturday, February 6, 2021 7:31 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] RE: Apache authorization using require
Thank you for your useful information.
I checked my server with "https://securityheaders.com/; and result is:
https://i.postimg.cc/SsBBtRsT/Header.png
To solve the Content Security Policy, I added below line to "httpd.conf":
Header set Content-Security-Policy "default-src 'self';"
But after it
> Hello,
> I scanned my Apache web server and below Vulnerabilities discovered:
There are many ways of solving those vulnerabilities. Most of them can be fixed
patching your
applications.
As rule of thumb, your application should:
- not use frames or iframes at all
- use only HTTPS everywhere,
On Mon, Feb 8, 2021 at 6:24 AM Jason Long wrote:
>
> Hello,
> I scanned my Apache web server and below Vulnerabilities discovered:
>
> 1- Content Security Policy (CSP) Header Not Set
> 2- HTTP to HTTPS Insecure Transition in Form Post
> 3- Reverse Tabnabbing
> 4- Source Code Disclosure - PHP
> 5-
Hello,
I scanned my Apache web server and below Vulnerabilities discovered:
1- Content Security Policy (CSP) Header Not Set
2- HTTP to HTTPS Insecure Transition in Form Post
3- Reverse Tabnabbing
4- Source Code Disclosure - PHP
5- Source Code Disclosure - Perl
6- Sub Resource Integrity Attribute
Hello,
Any idea?
On Friday, January 29, 2021, 04:07:30 PM GMT+3:30, Jason Long
wrote:
Thank you for your reply.
The "wp-content" directory is a sub-directory of "wp" directory:
$ ls /var/www/wp/
cgi-bin wp-content
error_log
13 matches
Mail list logo