[users@httpd] Serving pre-compressed static content using httpd 2.2.x

All, I've been reading a bit lately about serving pre-compressed static content with httpd, and it looks like I have a few options that have various pros and cons. I'd like to make sure I have things straight because my testing so far has left me a bit frazzled. If I'm wrong about any of the

Re: [users@httpd] Serving pre-compressed static content using httpd 2.2.x

All, Replying to see if I can get a response. Anyone? Thanks, -chris On 3/22/12 3:10 PM, Christopher Schultz wrote: All, I've been reading a bit lately about serving pre-compressed static content with httpd, and it looks like I have a few options that have various pros and cons. I'd like

Re: [users@httpd] Httpd 2.4.1 Compatibility with mod_jk 1.2.35

Harsimranjit, On 3/29/12 12:48 AM, Harsimranjit singh Kler wrote: I have tested basic functionality of this combination and it works fine. Is there any issue or bug or i can use 1.2.35 with httpd -2.4.1 There are no issues I know of with mod_jk 1.2.35 and httpd 2.4.x, but the two previous

Re: [users@httpd] Logs analyse

Vitthal, On Jul 26, 2013, at 7:18, vitthal@tatamotors.com wrote: Can anyone tell me the name of apache logs analyzer tool which is free and easily available. You could use Webalizer or its more currently-maintained fork, awffull. -chris

[users@httpd] Limit and Satisfy in Location for mod_dav

All, I'm having trouble getting Limit and Satisfy to work within a Location. I'm using Apache httpd 2.2.22 on Debian Wheezy. Now, Satisfy is not documented to work under Location elements, but also Limit is not documented to work under Location, and seems to work without a problem. I was

[users@httpd] High CPU Usage in Amazon EC2

All, I'm having a problem in production I've never seem before. We are running a pair of AWS EC2 m1.micro web servers where only one of them in really in service at any given time. The httpd instance serves some static content and forwards a great deal of traffic via stunnel to a single back-end

Re: [users@httpd] High CPU Usage in Amazon EC2

All, I forgot to mention that most of our traffic is over SSL. OpenSSL version is OpenSSL 1.0.1e-fips 11 Feb 2013. Thanks, -chris On 4/3/14, 10:04 AM, Christopher Schultz wrote: All, I'm having a problem in production I've never seem before. We are running a pair of AWS EC2 m1.micro web

Re: [users@httpd] High CPU Usage in Amazon EC2

the processes be sitting idle waiting for blocking IO to return? I'm not surprised that the bytes are moving slowly, actually. I'm surprised that I'm pegging my CPU waiting for bytes to move... Thanks, -chris On 4/3/14, 40:23 PM, Christopher Schultz wrote: All, I forgot to mention that most of our

Re: [users@httpd] High CPU Usage in Amazon EC2

number I ever got was 133. On systems that have truly run out of randomness, I have seen this number drop to zero (it usually happens during OpenSSL server key generation :). I'm at a loss for what to check next. Any suggestions? Thanks, -chris On 4/3/14, 10:38 AM, Christopher Schultz wrote

Re: [users@httpd] High CPU Usage in Amazon EC2

Jason, On 4/3/14, 11:35 AM, Jason Cillo wrote: Have you looked at OpenSSL Cookbook? It's free. I find it very useful. (I even bought the larger book of which it is a chapter.) Did you have something in particular that you thought would be relevant from that book? -chris signature.asc

Re: [users@httpd] High CPU Usage in Amazon EC2

Igor, On 4/4/14, 5:39 AM, Igor Cicimov wrote: On 04/04/2014 1:05 AM, Christopher Schultz ch...@christopherschultz.net mailto:ch...@christopherschultz.net wrote: All, I'm having a problem in production I've never seem before. We are running a pair of AWS EC2 m1.micro web servers where

Re: [users@httpd] High CPU Usage in Amazon EC2

Igor, On 4/5/14, 4:57 PM, Igor Cicimov wrote: On 06/04/2014 5:51 AM, Christopher Schultz ch...@christopherschultz.net mailto:ch...@christopherschultz.net wrote: Igor, On 4/4/14, 5:39 AM, Igor Cicimov wrote: On 04/04/2014 1:05 AM, Christopher Schultz ch...@christopherschultz.net

Re: [users@httpd] High CPU Usage in Amazon EC2

All, On 4/8/14, 11:11 AM, Christopher Schultz wrote: I'm not sure I can chalk-up the above difference to simply network noise (specifically, average, max, 90% line). What I'm observing here is certainly not the extent of the problems we are experiencing, but I have noticed a difference

Re: [users@httpd] heartbleed and httpd configuration

Steven, On 4/12/14, 2:15 PM, Steven Siebert wrote: I think it would be unlikely because the httpd configuration data would be read into memory early on the heap (and in a very low volatile area where that memory wouldn't often be freed up), whereas the heartbeat would be much later in the

[users@httpd] Enabling ECDHE ciphers

All, I'm trying to enable (and prefer!) ECDHE ciphers for clients that can support them. I've done the obvious: SSLHonorCipherOrder Yes SSLProtocol ALL -SSLv2 SSLCipherSuite ECDHE:ECDH:..[other stuff] I have confirmed that, when running openssl ciphers [stuff above] that I get ECDHE ciphers

Re: [users@httpd] Enabling ECDHE ciphers

Hanno, On 4/17/14, 12:29 PM, Hanno Böck wrote: On Thu, 17 Apr 2014 12:27:37 -0400 Christopher Schultz ch...@christopherschultz.net wrote: I'm trying to enable (and prefer!) ECDHE ciphers for clients that can support them. I've done the obvious: [...] I'm running httpd 2.2.23 That's

Re: [users@httpd] Enabling ECDHE ciphers

Igor, On 4/17/14, 8:56 PM, Igor Cicimov wrote: On 18/04/2014 2:30 AM, Hanno Böck ha...@hboeck.de mailto:ha...@hboeck.de wrote: On Thu, 17 Apr 2014 12:27:37 -0400 Christopher Schultz ch...@christopherschultz.net mailto:ch...@christopherschultz.net wrote: I'm trying to enable (and prefer

Re: [users@httpd] NameVirtualHost address is not supported

Michael, On 4/18/14, 2:16 PM, Michael Peters wrote: I have a few sites I’d like to run on a single server with one IP on port 80 and 443. I’ve tried several configuration examples without success. I get error messages like this: Starting httpd: [Fri Apr 18 09:23:32 2014] [error]

Re: [users@httpd] Enabling ECDHE ciphers

John, On 4/18/14, 1:16 PM, John Iliffe wrote: Further to my previous post, the log reports: [Sun Apr 13 03:20:08.591247 2014] [mpm_event:notice] [pid 11737:tid 140478837470976] AH00489: Apache/2.4.9 (Unix) OpenSSL/1.0.1g configured -- resuming normal operations [Sun Apr 13

Re: [users@httpd] Apache and Upgrading OpenSSL

Jeff, On 4/18/14, 12:23 PM, Cabell, Jeff wrote: I'm working on doing some upgrade testing to mitigate the Heartbleed issue and some other vulnerabilities. Part of that is updating OpenSSL, but I'm a bit confused about something and am hoping that someone can help me. I've done at least a

Re: [users@httpd] Apache and Upgrading OpenSSL

JEff, On 4/18/14, 2:59 PM, Cabell, Jeff wrote: So you're saying that 2.2.27 and 2.4.9 are not actually current releases for Windows...just for *nix? The httpd project no longer provides binaries of any kind. Most Linux distros directly package httpd, and anyone can compile it themselves, too.

Re: [users@httpd] Enabling ECDHE ciphers

J.Lance, On 4/18/14, 2:55 PM, J.Lance Wilkinson wrote: Christopher Schultz wrote: ...snip... I don't get it. Both setups (2.2.26 and 2.4.9) have 1.0.1.e and have an update available to 1.0.1g (I haven't read the changelogs but I'll bet the difference is mostly the version-bump since

[users] Building apr on win32

All, I'm hoping this is the right mailing list: the apr project seems to have a dev list but no user one. I'm happy to move if appropriate. I'm trying to build apr on win32 from the command-line and I'm running into some resistance. I'm using Visual Studio 12 on Windows 8.1. I have installed the

[users@httpd] mod_remoteip not setting client's ip with AWS ELB

All, I'm trying to get httpd working behind an AWS ELB but still using the remote client's information whenever possible. ELB provides the X-Forwarded-For, X-Forwarded-Port, and X-Forwarded-Proto HTTP headers. My configuration looks like this: RemoteIPHeader X-Forwarded-For

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

from the load-balancer. If that's not going to work, it's easily done at the OS or firewall level. Thanks, -chris On 10/1/2014 11:00 AM, Christopher Schultz wrote: All, I'm trying to get httpd working behind an AWS ELB but still using the remote client's information whenever possible. ELB

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mike, On 10/2/14 12:04 PM, Mike Rumph wrote: Since you are running 2.4.10, you have the latest mod_remoteip fixes. But I think the problem is in the directives that you are using: RemoteIPHeader X-Forwarded-For #RemoteIPTrustedProxy

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mike, On 10/2/14 12:37 PM, Christopher Schultz wrote: With my above configuration, I got a line in my (your) access log that looks like this: 10.32.219.77 71.178.180.80 10.32.219.77 xf=- - - [02/Oct/2014:16:33:39 +] GET GET /tools

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

10.0.0.0/8 Let us know if this works for you. Thanks, Mike Rumph On 10/2/2014 6:46 AM, Christopher Schultz wrote: Mike, On 10/1/14 5:40 PM, Mike Rumph wrote: What version of Apache httpd are you running? Thanks for the reply. We are running 2.4 and 2.2 on various servers, but I'm

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

will not be used. Try the following directives instead: RemoteIPHeader X-Forwarded-For RemoteIPInternalProxy 10.0.0.0/8 Let us know if this works for you. Thanks, Mike Rumph On 10/2/2014 6:46 AM, Christopher Schultz wrote: Mike, On 10/1/14 5:40 PM, Mike Rumph wrote: What version

Re: [users@httpd] mod_remoteip not setting client's ip with AWS ELB

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mike, On 10/2/14 2:27 PM, Mike Rumph wrote: On 10/2/2014 11:07 AM, Christopher Schultz wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mike, Okay, using %a works when using mod_remoteip. AWS Linux uses %h by default for its

[users@httpd] httpd 2.2 and 2.4; 500 errors with no logs at all

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Over the past week, I've had 4 separate httpd servers running 2.2 and 2.4 start failing with the generic Internal Server Error page and a 500 response. The only logs generated are the access log, which of course indicates a 500-response. So,

Re: [users@httpd] httpd 2.2 and 2.4; 500 errors with no logs at all

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 10/5/14 10:01 AM, Christopher Schultz wrote: All, Over the past week, I've had 4 separate httpd servers running 2.2 and 2.4 start failing with the generic Internal Server Error page and a 500 response. The only logs generated

Re: [users@httpd] httpd 2.2 and 2.4; 500 errors with no logs at all

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 10/5/14 10:23 AM, Christopher Schultz wrote: All, On 10/5/14 10:01 AM, Christopher Schultz wrote: All, Over the past week, I've had 4 separate httpd servers running 2.2 and 2.4 start failing with the generic Internal Server Error

Re: [users@httpd] How is this possible? Apache sends HSTS on a non valid cert but user can proceed, on compatible browser

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/6/14 5:52 PM, Scott (firstclasswatches.co.uk) wrote: Hello, Not strictly a httpd specific issue but nevertheless, Chrome/Firefox should ignore the header because it is not delivered with a valid certificate and thus there is no way of

Re: [users@httpd] httpd 2.2 and 2.4; 500 errors with no logs at all

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, Bump. Any ideas what might be causing this? Thanks, - -chris On 10/5/14 10:53 AM, Christopher Schultz wrote: All, On 10/5/14 10:23 AM, Christopher Schultz wrote: All, On 10/5/14 10:01 AM, Christopher Schultz wrote: All, Over

Re: [users@httpd] Cannot get certificate chain to work.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 De, On 10/7/14 11:27 PM, dE wrote: $ openssl x509 -noout -in server.pem -text Certificate: Data: Version: 1 (0x0) Serial Number: 13192573755114198537 (0xb7156feedab91609) Signature Algorithm: sha1WithRSAEncryption Issuer: C=AU,

Re: [users@httpd] Cannot get certificate chain to work.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 dE, On 10/10/14 6:30 AM, dE wrote: On 10/09/14 23:47, Christopher Schultz wrote: De, On 10/7/14 11:27 PM, dE wrote: $ openssl x509 -noout -in server.pem -text Certificate: Data: Version: 1 (0x0) Serial Number: 13192573755114198537

Re: [users@httpd] require valid-user with ldap

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Marc, On 11/27/14 2:42 AM, Tobias Adolph wrote: do you have an other authorization modules (like mod_shib for shibboleth-authentication)? We had an issue concerning require valid-user, too. I guess that if several authorization handlers are

Re: [users@httpd] php.conf and PHP-FPM

John, On 11/13/15 2:53 PM, Rose, John B wrote: > Let me rephrase my question. > > I understand the .conf file names can be anything. > > I may should have asked it this way, do the settings such as ... > > > SetHandler application/x-httpd-php > > > > > AddType text/html .php > >

Re: [users@httpd] How to force browsers doesn't use cache

Pete, On 11/16/15 3:52 PM, Pete Houston wrote: > On Mon, Nov 16, 2015 at 06:19:37PM -0200, Ronaldo Luiz de Carvalho wrote: >> There are a way to setting apache in a way to force the users site browsers >> doesn't use their cache? > > You can use the Header directive to set the appropriate value

Re: [users@httpd] modifying Location header

Hleb, On 10/30/15 10:24 AM, Hleb Valoshka wrote: > On 10/29/15, John Iliffe wrote: >>> Is it possible to modify Location using mod_headers? I want to replace >>> http:// with https:// but Header edit http://(.*) https://$1 does not >>> work, neither with always. unset and

[users@httpd] Redirect[Match] behind load-balancer switching protocols

All, The docs for the Redirect directive state that a slash-prefixed replacement URL (relative) will use the current request's scheme and hostname to build the redirect URL. RedirectMatch doesn't say specifically, but what I'm observing is that: RedirectMatch permanent ^/$ /foo/ ... when

Re: [users@httpd] ProxyPass + Redirect

Bill, On 12/16/15 5:45 PM, William A Rowe Jr wrote: > On Wed, Dec 16, 2015 at 4:34 PM, Christopher Schultz > <ch...@christopherschultz.net <mailto:ch...@christopherschultz.net>> wrote: > > >RedirectMatch ^/foo(/)?$ /foo/someplace_specific.html >

[users@httpd] ProxyPass + Redirect

All, I've got a reverse-proxy in front of Tomcat that I'd like to configure. When using mod_jk, we have a configuration like this: RedirectMatch ^/foo(/)?$ /foo/someplace_specific.html RedirectMatch ^/foo/index.html$ /foo/someplace_specific.html JkMount /foo/*.do myWorker This works

Re: [users@httpd] ProxyPass + Redirect

Yann, On 12/17/15 3:51 AM, Yann Ylavic wrote: > On Thu, Dec 17, 2015 at 8:14 AM, Marat Khalili wrote: >> Crude, but what about: >> >> ProxyPassMatch "^/foo/(.+)$" "http://localhost:8009/foo/$1; > > or (along the lines): > ProxyPassMatch ^/foo/((?!index\.html$).+)$

Re: [users@httpd] Uneven load distribution in Tomcat application servers proxy balanced in front end Apache httpd web server

Gaurav, On 12/22/15 11:26 AM, Gaurav Kumar wrote: > I am using 6 Apache httpd 2.2.15 which are forwarding requests to the > Tomcat application servers (version: 7.0.41). Using mod_proxy, all the > application servers are balanced with proxy balancers. Below is the > similar configuration of

Re: [users@httpd] Is there a shell environment variable to direct httpd to a httpd.conf ?

Gary, On 11/20/15 4:44 PM, Gary M wrote: > I'm in a unique configuration dilemma where I need to place the location > of httpd.conf in a "soft" location. eg the shell environment variable. > > I did look and cannot find the answer. > > The question: "is there a shell environment variable read

Re: [users@httpd] proper MPM and mod_php

Eric, On 1/7/16 5:47 PM, Eric Covener wrote: > On Thu, Jan 7, 2016 at 4:51 PM, Rose, John B wrote: >> Is using "event" MPM and mod_php ok, or should "prefork" always be used with >> mod_php? > > The conventional wisdom is prefork-only if you must use mod_php. I was just looking

Re: [users@httpd] SVN checkout of latest official Apache release

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike, On 6/8/16 12:10 PM, Mike Rumph wrote: > > On 6/7/2016 5:54 PM, Balcos, Michael wrote: >> >> Hi Mike, >> >> >> >> Thank you for the reply. I believe that I’ll have to write a >> script in order to know what is the latest official release of

Re: [users@httpd] LetsEncrypt.org with Virtual Hosting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Filipe, On 6/14/16 3:15 PM, Filipe Cifali wrote: > Your are probably hitting the wrong cert file, check with: > > |openssl s_client -connect example.info:443 > | > > You can also try to disable the first SSL and check if

Re: [users@httpd] find IP and PORT in use by Apache

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mahmood, On 6/21/16 5:43 PM, Christopher Schultz wrote: > Mahmood, > > On 6/21/16 2:54 PM, Mahmood N wrote: >> You know, the problem is that compute nodes in Rocks >> distribution use Apache web server to locate the instal

Re: [users@httpd] find IP and PORT in use by Apache

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mahmood, On 6/21/16 2:29 PM, Mahmood N wrote: > How can I find which IP:PORT Apache web server is monitoring? There > are some network commands (netstat -pat), but they show the TCP > port in use. The machine has multiple network interfaces and the

Re: [users@httpd] find IP and PORT in use by Apache

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mahmood, On 6/21/16 2:45 PM, Mahmood N wrote: >> tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 28122/xinetd Shows the >> port, 5666, the PID, 28122, and the program name, xinetd > So, you still don't know what is the IP address (network > interface)? I

Re: [users@httpd] find IP and PORT in use by Apache

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Mahmood, On 6/21/16 2:54 PM, Mahmood N wrote: > You know, the problem is that compute nodes in Rocks distribution > use Apache web server to locate the install image. Currently, the > compute node, says Unable to retrieve >

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rich, On 2/9/16 6:21 PM, cloud force wrote: > On Tue, Feb 9, 2016 at 2:59 PM, Christopher Schultz > <ch...@christopherschultz.net > <mailto:ch...@christopherschultz.net>> wrote: > > Rich, > > On 2/9/16 4:09 PM, cl

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rich, On 2/10/16 1:12 PM, cloud force wrote: > I added the "SSLFIPS on" option to the httpd.conf as suggested in > the ssl_mod doc, and I got the following error: > > * Starting web server apache2 > > > Syntax error on line 1 of

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rich, On 2/10/16 11:24 AM, cloud force wrote: > Hi Chris, > > Please see my comments below. > > Thanks, Rich > > On Wed, Feb 10, 2016 at 7:20 AM, Christopher Schultz > <ch...@christopherschultz.net > <mailto:ch.

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rich, On 2/8/16 3:25 PM, cloud force wrote: > Hi All: > > From the mod_ssl doc, it mentioned: "If httpd was compiled against > an SSL library which did not support the FIPS_mode flag, |SSLFIPS > on| will fail." > > How do I compile apache (version

[users@httpd] Expiring DAV file locks with mod_dav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I've been searching for a bit and mostly people are having the opposite problem I'm having: they are having file locks expire too early . I have a lock on a file on the DAV that looks like it's no longer valid, but LibreOffice Writer won't open

[users@httpd] Proxy logging

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I'm using mod_proxy_http as a reverse-proxy to another origin server. It seems that httpd doesn't record access logs for stuff going over to the proxy. Is there a way to write an access log for requests handles by mod_proxy? Or is the best

Re: [users@httpd] Expiring DAV file locks with mod_dav

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, Ping. Any ideas? Thanks, - -chris On 2/5/16 4:04 PM, Christopher Schultz wrote: > All, > > I've been searching for a bit and mostly people are having the > opposite problem I'm having: they are having file locks expire too >

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rich, On 2/9/16 4:09 PM, cloud force wrote: > Yes I do have* *some regulatory requirement to use FIPS and I have > built the FIPS capable OpenSSL lib. Where is that library located on the disk? > I tried to add the "SSLFIPS on" parameter to the

Re: [users@httpd] apache 2.4, APR and online prefix

Raf, On 2/24/16 4:41 AM, Raf Roger wrote: > Hi > > i'm trying to create a LAMP stack that allow user to synchronize LAMP > stack files and webapps among several computers. > > Instead of reinstalling everything identically on each computer, they > could just synchronize the stack and voila. >

Re: [users@httpd] image display error with stock icon

Douglas, On 2/14/16 9:44 PM, Douglas W. Goodall wrote: > I have written a very simple pair of cgi scripts in python that display > a toggle switch either > in the up position, or in the down position. When you click on the > switch, it toggles between > the two and switches between the images

Re: [users@httpd] Howto accept only one connection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oliver, On 2/18/16 8:31 AM, Oliver Graute wrote: > is it possible to configure Apache 2.4 to accept only one > connection at time on port 443? is this something I can configure > for my Virtual Hosts? For testing, or for long-term behavior? -

Re: [users@httpd] Howto accept only one connection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Oliver, On 2/19/16 10:11 AM, Oliver Graute wrote: > On 19/02/16, Aurélien Terrestris wrote: >> Hello, >> >> I'm not sure we can accept only one connection at a given time. I >> tested with the "prefork MPM", and I only achieve 1 concurrent >>

Re: [users@httpd] How to build Apache with FIPS mode capable?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yann, On 2/10/16 6:11 PM, Yann Ylavic wrote: > Hi, > > On Wed, Feb 10, 2016 at 11:14 PM, Christopher Schultz > <ch...@christopherschultz.net> wrote: >> >> To those down and dirty with httpd: is there a reason no

Re: [users@httpd] Apache permissions stabs new Linux user in face with icepick. Suggestions?

Eric, On 3/9/16 8:44 PM, Eric Covener wrote: > On Wed, Mar 9, 2016 at 8:40 PM, Francis Roy > wrote: >> drwxr-x--- username > > > If you want to serve out of your home directory, it needs to be > executable by "other". Or group-owned by whatever group httpd runs

Re: [users@httpd] Apache virus scanning

canned, or will it be streamed to a disk somewhere first? You don't want AV-scans to bust your memory cap. -chris > On 3/9/16 9:49 AM, "Christopher Schultz" <ch...@christopherschultz.net> > wrote: > >> John, >> >> On 3/8/16 6:02 PM, Rose, John B wrote: >>> I am i

Re: [users@httpd] Apache virus scanning

John, On 3/8/16 6:02 PM, Rose, John B wrote: > I am interested in both > > Thanks > > Sent from my iPad > >> On Mar 8, 2016, at 3:27 PM, Christopher Schultz >> <ch...@christopherschultz.net> wrote: >> > John > >>>> On 3

Re: [users@httpd] Load balancing based on header value

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Niranjan, On 3/30/16 3:02 PM, Niranjan Rao wrote: > I am using AJP to connect to tomcat. > > Entry in the config file looks like > > BalancerMember ajp://myserver:8009 > route=node2 ProxySet lbmethod=bytraffic ProxySet > stickysession=JSESSIONID

Re: [users@httpd] Load balancing based on header value

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Niranjan, On 3/30/16 2:15 PM, Niranjan Rao wrote: > Greetings, > > My first post to this mailing list. > > I have apache2 load balancing working perfectly based on session > affinity. Traffic does get directed properly to appropriate tomcat >

Re: [users@httpd] Self-compiled httpd and OpenSSL: Trying to start httpd without using LD_LIBRARY_PATH

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel, On 4/7/16 11:21 AM, Poggenpohl, Daniel wrote: > I'm working with Solaris 11.3 32Bit. > > I've compiled and installed OpenSSL 1.0.2g with SSLv2 support > (yeah, I know, but I can't get my setup to work without it) using: You need to fix that

Re: AW: [users@httpd] Self-compiled httpd and OpenSSL: Trying to start httpd without using LD_LIBRARY_PATH

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel, On 4/7/16 2:52 PM, Poggenpohl, Daniel wrote: > my setup is: I have a Moodle installation I need to run. So I need > Apache, PHP, OpenSSL, iconv, mbstring, curl, zip, etc. . The plan > is to have a relatively new PHP (5.6.20) and stay "new"

Re: [users@httpd] Self-compiled httpd and OpenSSL: Trying to start httpd without using LD_LIBRARY_PATH

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rainer, On 4/8/16 11:30 AM, Rainer Jung wrote: > Am 08.04.2016 um 10:41 schrieb Rainer Canavan: >> On Fri, Apr 8, 2016 at 12:31 AM, Yann Ylavic >> wrote: >>> On Thu, Apr 7, 2016 at 5:21 PM, Poggenpohl, Daniel >>>

Re: [users@httpd] url forwarding

=content=TVAR=HOT-TOPIC> " > on the redirect You can use mod_rewrite to do just about anything. You can even mutate the URL such that you don't even need to redirect the request. Hope that helps, -chris > On Fri, Apr 8, 2016 at 11:57 AM, Christopher Schultz > <ch...@christophe

Re: AW: [users@httpd] How to test my self-compiled Apache (overall and specifically LDAP)

uthentication using an LDAP server? The answer to that question is insanely easy to find: http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html - -chris > -----Ursprüngliche Nachricht- Von: Christopher Schultz > [mailto:ch...@christopherschultz.net] Gesendet: Montag, 11. April > 2016 1

Re: [users@httpd] Not able to make .so file during install apache-2.4.18

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hemant, On 4/12/16 6:40 AM, Yann Ylavic wrote: > Hello Hemant, > > On Tue, Apr 12, 2016 at 10:58 AM, Hemant Chaudhary > wrote: >> While installing apache-2.4.18 on Non Stop HP, I am not able to >> create .so

Re: [users@httpd] url forwarding

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 K, On 4/8/16 2:35 PM, K R wrote: > I have a need to setup a redirect for around 3000 pages which are > in below format > > http://myhost.com/index?page=content=TVAR=HOT-TOPIC > --> http://myhost.com/index?page=content=TVAR > > and here TVAR can be

Re: [users@httpd] How to test my self-compiled Apache (overall and specifically LDAP)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel, On 4/11/16 12:11 PM, Poggenpohl, Daniel wrote: > Hello everyone, > > now that I have a self-compiled httpd, I of course would like to > test its features, or rather if all features are working right when > it is running. Is there a way to

Re: [users@httpd] Apache virus scanning

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John On 3/8/16 2:43 PM, Rose, John B wrote: > Looking for comments on mod_clamav, and any other alternative > antivirus software for Apache on linux Are you trying to protect your clients or your servers? - -chris -BEGIN PGP SIGNATURE-

Re: [users@httpd] Apache mod_dav alternatives?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Bjoern, On 5/21/16 5:08 PM, Bjoern Voigt wrote: > I am using Apache as a web and proxy server, but I am unhappy with > Apache as a WebDAV file server. > > I am missing a good file permission or ACL configuration in Apache > mod_dav. > > My

Re: [users@httpd] One page hanging entire server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 D'arcy, On 5/9/16 2:16 PM, D'Arcy J.M. Cain wrote: > This weekend at various times my server was brought down. I saw > one process using over 99% of the CPU. No pages could be served > while this was going on. I found the culprit. It was a

Re: [users@httpd] Secured connection between Apache Httpd and Tomcat over AJP protocol

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mohanavelu, On 5/25/16 10:16 AM, Mohanavelu Subramanian wrote: > Hi All, > > Good Morning. > > I have Httpd process and Tomcat instances both running on 2 > different machines. The communication between them happens through > AJP protocol (mod_jk)

Re: [users@httpd] HTTPD asking for password after power failure

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, On 8/11/16 11:10 PM, Marat Khalili wrote: > From what I saw, this behavior of /dev/random is totally normal on > an idle Linux system. There seems to be some confusion about /dev/random on Linux systems. Yes, the behavior described here is

[users@httpd] Location location location

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I have a long-standing configuration for a private server where all users must authenticate against our LDAP server. Something like this: AuthType Basic Require ldap-group mygroup I'm trying to use certbot to get a TLS certificate for

Re: [users@httpd] Location location location

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Eric, On 7/18/16 2:12 PM, Eric Covener wrote: > On Mon, Jul 18, 2016 at 2:10 PM, Christopher Schultz > <ch...@christopherschultz.net> wrote: >> I believe by putting the exception-Location first in the >> configuratio

Re: [users@httpd] Is it possible to set different protocol for particular User-Agent?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 8/3/16 4:55 AM, Daniel wrote: > No, by the time the user agent or any actual http data gets to be > seen the protocol/cipher and complete ssl connection has already > been stablished. > > 2016-08-02 23:26 GMT+02:00 ghost

Re: [users@httpd] Configuring redirects httpd behind a TLS-terminating proxy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Konstantin, On 1/24/17 3:53 AM, Konstantin Kolinko wrote: > 2017-01-24 1:07 GMT+03:00 Christopher Schultz > <ch...@christopherschultz.net>: >> >> I've got an EC2 instance behind a load balancer where TLS is >> b

[users@httpd] Configuring redirects httpd behind a TLS-terminating proxy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, I've got an EC2 instance behind a load balancer where TLS is being terminated. I've arranged for two separate httpd (2.4.25) VirtualHosts: one for the secure connections (proxied from the lb) and another for the non-secure connections. I have

Re: [users@httpd] Processes starts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hement, On 2/15/17 6:05 AM, Hemant Chaudhary wrote: > When I am stating my httpd-2.4.23 servers, sometime 6 process id's > or sometimes 7 process id's are generated. Can I edit how many > process id's I want to start. Yes. > I am assuming 1

Re: [users@httpd] proxypass does'nt seem to work on apache 2.4.25

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Stéphane, On 2/17/17 11:06 AM, Stéphane Laurencelle wrote: > i try to implment the proxypass and proxypassreverse in apache 2.4 > vhost file on oel 6.8 to redirect does to tomcat apps web page but > nothing seem to work like in apache 2.2.x > > is

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 2/9/17 4:53 PM, Daniel wrote: > Try manually: > > SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2 And, please, for the love of god, add these, too: SSLHonorServerOrder On SSLCipherSuite TLSv1.2:TLSv1.1:TLSv1:SSLv3 This will cause "better"

[users@httpd] authnz_ldap with fallback to file

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All, (Running Apache 2.2.22 with Debian patches) I've got some services that use LDAP for authentication. One specific service is our Nagios monitor. When the LDAP service is down, we get notifications that (duh) it's down, but because Nagios uses

Re: [users@httpd] How to restart apache after reboot on ubuntu 16.04?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 8/17/16 4:12 PM, Dr James Smith wrote: > It may be possible to write your own auto-renewal script > relatively easily for LetsEncrypt. I have done for Apache as (a) I > don't use the standard paths and setup, (b) I wish to use HPKP on > my

Re: [users@httpd] questions about IPv6 and SSL

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Andreas, On 8/31/16 10:56 AM, Andreas Meyer wrote: > Just subscribed to this list because people reported my web server > is not reachable anymore. > > A few days ago I added IPv6-connectivity to the web server and > changed the Listen-directives

Re: [users@httpd] questions about IPv6 and SSL

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Andreas, On 8/31/16 6:05 PM, Andreas Meyer wrote: > Christopher Schultz <ch...@christopherschultz.net> schrieb am > 31.08.16 um 17:28:04 Uhr: > >>> A few days ago I added IPv6-connectivity to the web server and >>&

Re: [users@httpd] Apache losing its connection from Tomcat in few minutes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 James, On 9/4/16 5:16 AM, Dr James Smith wrote: > You don't give enough information about the setup to solve any of > your problems really. > > Are the apache/tomcat/cms on the same box or different > > We have seen big problems with mod_jk when

Re: [users@httpd] 32 bit - httpd-2.2.31 Binary distribution for linux

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Manjusha, On 8/30/16 4:09 AM, Gole, Manjusha (Manjusha) wrote: > Does anyone has a 32 bit - httpd-2.2.31 Binary distribution for > linux? Can anyone share instructions to build one? Most Linux distributions have httpd available through the package

Re: [users@httpd] Showing exact filesize in bytes instead of shortform in directory listing

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Cie, On 9/30/16 5:59 AM, Cie wrote: > In Apache server 2.4, when activating the IndexOptions > +FancyIndexing in the httpd.conf, the directory listing shows the > file size of a file like in the following example: > > exported_file.pdf 2.1M > >

  1   2   >