|
Related Topic: |
how about suEXEC?
heya all
all is yango in disguise
suexec
suexec is http://httpd.apache.org/docs/2.0/suexec.html Enables you to run scripts under different user IDs. In case of Internal Server Error, check both Error Log and Suexec Log or It can't run CGI scripts through links, check http://archive.apache.org/gnats/9153
if you run your entire vhost with cgis, perhaps
I hope you won't
trailing slash
trailing slash is http://httpd.apache.org/docs/mod/mod_dir.html or http://httpd.apache.org/docs/misc/FAQ-E.html#set-servername or See http://httpd.apache.org/docs/2.2/rewrite/rewrite_guide.html#trailingslash for a mod_rewrite solution
^^
DirectorySlash
DirectorySlash is http://httpd.apache.org/docs/2.2/mod/mod_dir.html#directoryslash
problem is I ONLY want to do it for /store
no other directories or URRLs
what if i want to for example create directories, with other ownership, than the webserver, is that possible?
reading though
not without using CGI
Apache only need read access to files - they can be owned by anyone
directoryslash context
server config, virtual host, directory, .htaccess
nm, redirectpermanent worked
okey, lets just take it again
ok.
I want to be able to create directories (using some sort of webapplication), and let those directories that are created, be owned by another user than the one that runs the webserver
you could have aplied that to a directory block too.
for your information
err that was for Mrdini
you can't
then you need a CGI application
and run chmod from it.
but that sucks?
yes
that is the only option.
said cgi host has to be suid root
I meant chown, by the way
since one user cannor chown to another user
do we have any apache-developers here?
i want 'em to add that feature to apache
its basic Posix seciruty model
it's been asked before, and rejected.
thumbs, hmmm.... *ponders* will think it over - needed a solution "_yesterday_" :P
thumbs, hmmm.... *ponders* will think it over - needed a solution "_yesterday_" :P
Roobarb-Work: that a webserver can't be run as two different users?
no, that you can't create a directory with different ownership to the current user
unless you are running as euid root
ownership of web content is fine with one restricted user
Roobarb-Work: but i want to run a certain "virtual host" as another user, than the other virtual hosts
isn't that possible either?
as far as modifying content, that is EXTREMELY dangerous
no
as I said before, no.
then they should add that feature
no.
you can get round it by running multiple apache instances and using mod_proxy
why not?
because it's a 'stupid' feature
as I said, running as one restricted user is safe and sufficient.
because then apache can chown /etc/shadow and serve it up
when creating files with the webserver, directories are given the ownership of the daemon of the webserver
correct
no it wouldn't be able to chown /etc/shadow
if you setuid a cgi script, it could.
sure it can, as thumbs says
if i forexample have /home/user/public_html, i want to let the webserver create directories under that path
you 'solution' is inherently insecure.
with the user as owner
letting the webserver create content under the document root is insecure
to change the ownership of a directory you need to run with roots privileges, ant which point you can do anything
okey, thanks
I suspect you're trying to solve the wrong problem
the directories that are created are used in a network, shared with NFS
you'd need to be root to edit /etc/exports and reload nfsd
users just listen :P
just listen
as a matter of fact, all you need is to chmod your files to 644 in your ~/public_html, and apache will happily serve them
users have different UID's
on different machines
it does NOT matter if user.group owns them. If they're 644, apache can read them.
changing the owner will achieve nothing positive in this scenario
thats why i would like to be able to chown files :-)
chown them in your shell
that is your solution.
yes, but when apache creates 'em ... they are created with user = apache
apache does not create files.
yes it does
heh
no, it doesnt
if you mean files uploaded via php, that's different.
sidewalk:scripts creat files
this files WILL be owned by the apache or www user.
yeah okey, scripts do
s/this/those/
scripts run as apache:apache (or whatever you set in httpd.conf)
yep
that's the problem
No, it's the solution!
:P
one user cannot chown to another
you COULD chmod those uploaded files to 666
its not the chmoding that's the problem
it's the chowning.. cause files are created as the webserver-user
what does it matter who owns them?
weather i do it with scritps or not
ONE USER CANNOT CHOWN TO ANOTHER USER
period
if the user can read it, he can copy them.
Roobarb-Work: that's why i wanted a virtual host, running as a different user :-)
you're getting dense.
which one instance of Apache doesn NOT support.
why do you want to chown files ?
I suggest you start listening to us
http://wiki.apache.org/httpd/DifferentUserIDsUsingReverseProxy
read that
chown'ing files uploaded via php/cgi is NOT required.
i dont want to chown files
i just wanted a virtual host, running as another user :-)
but why ?
that would be the easiest thing to do
then what are you trying to achieve, exactly?
just give it up.
what thumbs said
guys hush, you aren't helping
One instance of Apache cannot run as two different users. Tell us what you want to *achieve* with that configuration, and we might be able to help. Otherwise, go away and leave us alone.
uOne instance of Apache cannot run as two different users. Tell us what you want to *achieve* with that configuration, and we might be able to help. Otherwise, go away and leave us alone./u
the problem stems from the fact that one process cannot run as two different UID's. Any of apaches child processes can serve content from _any_ vhost.
the solution is to run two instances od apache
im sharing a directory (in which the apache-daemon (with scripts) is creating directories owned by the user apache) and those directories should be owned by another user, because the UID which owns the files does not exist on the other machines on which the shared hosting directory is mounted over NFS
and this "problem" will never be "fixed" because of the one process/one uid issue
but if the other users can read the content, is it really necessary to have them own it ?
Make the files readable by everyone, and then any user on the other machines can read them. Make them writeable by world, and anyone can write to them, though that's a bit dumb.
Ned_/noirin - the issue isn't readong the content through Apache, its reading _and_ writing to it through NFS
yeah, well, due to issues it's not a good thing if they are readable and writeable to everyone
Roobarb-Work: 777 will make stuff writeable
777
it's another security issue
There is never an appropriate time to set a file mode of 777. And don't tell me it's just a test server
that achieves nothing
would not write privilege for group and maybe s bit for group be better
You can run apache - the whole thing - as a different user. But that's for all vhosts.
ffs, I've already pointed at a document providing the workaround
that's not so silly
Roobarb-Work: Is anyone listening?
nobod, apparently
Yeah =/
ping
pong.
Ping.
What exactly is it that people mean when they say "mod_rewrite doesn't support non-greedy matching"?
how ya doin
S'okay. And you?
eh. about the same.
well sidewalk seems to be set to implement his *own* solution
i don't really know. i know what he means in regexp world, but not how heretical it is in mod_rewrite world.
if he refuses to listen, let him try
(or even "true")
Well, it's not true, and never has been.
maybe he's reading the docs. Please, just drop it
However, I've heard, repeatedly, over the years, that mod_rewrite doesn't support non-greedy matching.
good. set him straight g
Which simply isn't the case.
? makes a match non-greedy
This is standard regex syntax.
Perl does it that way. egrep and php do it that way. Python does it that way.
.* is greedy. .*? is non-greedy.
T'was always thus.
Or, more generally. +? and *? are non-greedy.
fsvo always
what does "greedy" mean, in this context?
thanks for the comments.
(to the issue)
Roobarb-Work: + and * matches as much as possible. *? and +? stop as soon as possible.
So, for example, a+ will match aaaaaaa whereas a+? will stop as soon as it gets to a
It will be satisfied sooner.
I see
thanks
hi !
Hello, here's your extra space ' '
i have an amazing thing with site web
http://192.168.1.2/public_html/mediatheque.php5 don't work
it's source code php web hosting that appears
but if i do :
http://yoo.dyndns.org/public_html/mediatheque.php5
all work fine
somebody can explain that ?
Not without seeing your configuration file(s), no.
ok
i paste my 000-default is sites-avaible
DrBacchus, http://pastebin.ca/627591
this problem appears since i have configured virtual host
So, then, the reason is that you have enabled .php5 files explicitly within the bounds of that virtual host, but not within the 198.168.1.2 virtual host.
The probable solution is to change that to VirtualHost *:80
oh !
1
But as it is, you have it configured ONLY on the external IP address.
Which is the behavior you're seeing.
i change that
thanks
it's ok now !
i have a last question
http://www.art.homeunix.org/ and http://art.homeunix.org/ don't see me the same site web
why ?
(i have two virtual host)
do those hostnames resolve to the same static ip hosting address?
yes
http://pastebin.ca/627591 is the virtual host that see me http://www.art.homeunix.org/
then you would have two vhosts, one serving http://www.art.homeunix.org/ and one serving http://art.homeunix.org/
solution: edit the documentroot for the faulty vhost, or use serveralias
no
serveralias
serveralias is http://httpd.apache.org/docs/2.2/mod/core.html#serveralias or http://httpd.apache.org/docs/1.3/mod/core.html#serveralias
if different content is served, then separate vhosts are accessed, or you set the documentroot on the global scope
the latter would need to be fixed either way
type httpd -S to see your vhost configuration
http://pastebin.ca/627621 is virtual host http://art.homeunix.org
http://pastebin.ca/627591 is virtual host http://yoo.dyndns.org and also http://www.art.homeunix.org/
They point to different documentroots
what does httpd -S tell you?
So, yeah, of course they show different websites.
Am I missing something?
but i don't want this last virtual host is http://www.art.homeunix.org/
no
if both vhosts should serve the same content, take out the second vhost and use a serveralias in the first
If they are supposed to be the same, then delete one of the vhosts, and add the name as a ServerAlias to the other.
But at the moment, they point at different DocumentRoots
Gotta run to coffee hour. My presence is needed.
both DrBacchus and I gave you your solution.
ok
let me know if you don't understand what we said.
yes
i translate i'm french people
I assume that was merely an acknowledgement
thanks thumbs DrBacchus for the help
sure
hi, i get an error concerining mod_ftpd
[warn] _default_ VirtualHost overlap on port 21, the first has precedence
make_sock: could not bind to address 0.0.0.0:21
no listening sockets available, shutting down
lsof
lsof is your friend! lsof -i:80 to see what's using port 80. You may need to run lsof as root on some platforms
httpd -S
httpd -S tells you what your virtualhost configuration is.
but i have no other ftp service running
Amon-san: make sure you start it as root and that port 80 is free and that you don't have multiple Listen 80 directived
80 is up and running
the problem is port 21
ok
apply my statement to port 21
-bash: lsof: command not found
Amon-san: make sure you start it as root and that port 21 is free prior to starting apache and that you don't have multiple Listen 21 directives
well how would i make sure nothing else listens on port 21?
Make sure that you're not running something else on port 21 either
netstat
netstat prints network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. Use netstat -an grep -w 80 to check if port 80 is in use. (On linux, you can use netstat -pan to see which program uses the port, or -ltpn.) (For Windows use -ano to
show the state, PID, and connection in IP not name format, or -abn).
Amon-san: you can check with netstat prior to starting apache.
netstat says nothing about port 21, just a lot of high ports
then explore the last option I gave you.
and my only directive for :21 is in /etc/apache2/modules.d/mod_ftpd.conf
Amon-san: I gave you all possible causes
Amon-san: if none of those are present, then that error will not appear.
if the error appears, then check again.
if i remove the config file (backed it up) apache starts fine
guess i'll have to unspect the config
try stopping apache
then telnet localhost 21
if you get a response, something is listening on port 21
Amon-san: The normal Apache config doesn't use mod_ftp, which is why it starts fine
It only tries to listen on 80
-bash: telnet: command not found
Amon-san: Install telnet, and/or lsof
ok, installing lsof (did not find telnet)
gentoo--
magi ftp # /etc/init.d/apache2 stop
* Stopping apache2 ... [ ok ]
magi ftp # lsof -i:21
magi ftp #
so no other program slistening
Amon-san: ok, explore the other two causes
grep
grep is an extremely useful tool. If you want to learn anything, acquaint yourself with grep and grep for it
grep for Listen directives?
..or did we have that step olready.
O_o
s/ol/al/
...
i hav eexactly ***one*** listen directive for port 21
it's in the config i told you i deactivated
try to comment it out.
the listen directive/
now i only get
2 2007] [warn] _default_ VirtualHost overlap on port 21, the first has
but apache starts
it ignores my settings concerning dirctory tho
hi all
All is not in today, slopez
^^
excuse me?
ffs
^^ is quite similar tou
...but ^^ is reply...
good day fellows
*to
my apache error log is plagued with http://pastebin.ca/627676 im not sure whats causing this
could a friendly individual point me in the right direction?
with SSLEngine On but ssl is not being enabled!!!!
don't do that
do VH *:80 and VH *:443
also see:
vhost examples
Look at these for examples http://wiki.apache.org/httpd/ExampleVhosts : http://httpd.apache.org/docs/2.2/vhosts/examples.html
yeah I do that and I get an error about *:0
so, i've some trouble using AcceptPathInfo
what does the error log say, exactly?
when I'm going to http://mydomain.ltd/taiste/index.php there's no problems
I thought the default mutex was fnctl...
it tells me I am trying to use SSL but the service at port 443 is not ssl hosting enabled
bu when I'm going to http://mydomain.ltd/taiste/index.php/foo apache don't look where it have to so doesn't found /taiste
http://code.bulix.org/yi5dks-49486
yaya!
would someone please have a look at http://pastebin.ca/627676 for me.
cheers
VirtualHost *:80 and VirtualHost *:443 worked great
i do not understand why apache is loojing por /taiste in /var/www/ae/ and not in /var/www/ae/www/
if I go to http://mydomain.ltd/www/taiste/index.php/foo it's ok
that's quite strange for me
ok i guess i have no takers for my constant sighupping problem
it is friday after all
what is the problem, I checked the pastebin but problem is not obvious
except correcting your MimeMagicFile path
thanks. if i was to change my magic path what file is it looking for
i would like to find the correct path
thanks lamp i think ive sorted it
hi everyone
can someone help me with a small apache ant problem?
Nope.
question
If you have a question, please go ahead and ask it. We have the answers... or a whole lot of sarcasm...
pfft..spoiling all the fun!
that was the sarcasm jMCg
ok, i'll try
huh?
target name="compile" depends="settings,pdflatex,bibtex,pdflatex,pdflatex"/
only run that pdflatex target once
which is logical, but does anyone know how I can force it to run multiple times (in that order)?
no, lol in russian
ouch
Smack!!
is that ant or maven?
Looks like ant.
ant
ant is some java thing. Try ##ant or ##java (don't forget my HashHashJavaChannelFactory) or you may have better luck on the mailing lists than on irc or an apache project, haha
was that sarcasm again?
not by me, but it works
How add subdomain to virtual host ?
ServerAlias
(if it's a name-based vhost)
yes
thanks anyway guys
perlmodule
perlmodule is for the initial compilation
is the PerlModule directive part of mod_perl?
Yes.
hrm, i guess i'll need mod_perl then
That depends. What do you need PerlModule for?
The PerlModule directive isn't useful unless you're using mod_perl for something. Adding mod_perl purely to get PerlModule seems to indicate a misunderstanding.
best practical's RT
Well, RT will either run under mod_perl, or not, as you choose.
It runs *MUCH* faster under mod_perl.
it mentions fcgi, but i figured why have salad when you can have tofu?
bit mentions fcgi, but i figured why have salad when you can have tofu?/b
mis-quote from simpsons, the original involves some kind of meats
Thank you Tony.
I've never tried under fcgi. Seems like more trouble than it's worth.
noted
Just my opinion, of course. Some people apparently like fcgi.
hi!
hello! How are you today??
i have apache 2.2.4 with php 5.2.1 running on solaris, and i can't seem to get php files to work correctly - they are displayed instead of executed. http://apache.pastebin.ca/627766 has http.conf info and the text of the file i am trying to run.
http://webmail.coe.drexel.edu/test.php is the site/script.
did you read the php docs? possibly in /usr/share/doc/php*/
php handler
php handler is 'AddHandler application/x-httpd-php .php
The . is optional.
also check your php.ini and your source code. If you source code starts with instead of php chances are that it will be displayed, because as of php 5, short_open_tags defaults to Off [which is good]
i'll check that
http://webmail.coe.drexel.edu/test.php renders here
clear your browser cache
oh wait, I'm lying
ignore me
Hm.
if I copy that file here, it does render the php
Roobarb-Work: ergo...?
remove the AddType line, and change the AddHandler to the one DrBacchus gave
then restarte apache, restart your browser and clear the cache
how odd
if I view the source of that page, it doesnt have php but just
Roobarb-Work: i just changed that
.....
Someone misunderstood me.
it _should_ have php
that makes more sense
My sentence makes sense... to me.......
Any objections?
yes
Roobarb-Work: do tell.
If you source code starts with [[ instead of php ]] chances are that it will be displayed
I'd say that was the wrong way round
O_o
re-read the sentence again
If you source code starts with [[ instead of php ]] chances are that it will be displayed, because as of php 5, short_open_tags defaults to Off
Yes. That is correct.
if short_open_tags=off, wouldn't you _need_ php instead of
But I still blame my the fact that I speak german to ..okay.. another sentence borked.
Roobarb-Work: Yes, that's correct.
in which case the logic is wrong
wah
remove the bit in [[ ]]
Now you've confusedled me even more.
your code starts with
It will be displayed
If the source code contains (rather than the required php) then the source code will be displayed, rather than executed.
Because short_tags_open is off.
,
DrBacchus++
Thank you.
php--
One should use php rather than anyways, regardless of the setting of short_tags, in order for code to be portable.
short_tags is an abomination.
don't use "display", use "properly rendered" and "shown as raw php code"
ACK, will do.
otherwise I get confused
Yes, that would perhaps clarify it.
But, in general, one should always use php
agreed
wither way, it would appear wakejagr's php still isn't being rendered properly
well i'm glad that got cleared up
Yes. I feel better now.
I think I'll take the rest of the day off.
Same here.
works for me - its lashing it down here
heh, I bet your glad to be back now, hey DrBacchus?
Yes. That vacation stuff is for the birds.
:-)
Back to the grind is the way I want it.
Tedium and long meetings, that's the way for me.
Roobarb-Work: where's your "here"?
Malvern, UK
aha
AddHandler is back to the standard (application/x-httpd-php php). that setting doesn't seem to change anything . . . i've messed with about 5 different settings there
the weathermen said we'd be getting that, but it's been nowt more than a sharp shower this morning
is that setting in the global config?
mod_php *is* loaded, right..?
Roobarb-Work: yes
we have localised flooding already
I'm at a loss then - you should only need 2 lines; one to load the module and another to activate it for the .php extension
according to httpd -M, php5_module is loaded. the actual file is libphp5.so. is mod_php a different module, or another name for the same mod?
mod_php is the name of the module. libphp5.so is the name of the file containing that module.
libphp5.so is what you get when you don't specify to call it mod_php5.so
ah
some distros seem to prefer naming it mod_php to fit in with the other module naming
when i configure some virtualhost in apache2 on debian, is it i must modify the http.conf ?
debian--
distro layout
See http://wiki.apache.org/httpd/DistrosDefaultLayout for clues on how your distro mangles or organises its Apache package(s)
If you're using the default debian config file layout, you need to add file(s) to sites-enabled
What is the impact on http.conf on virtualhost on debian ?
just that !
i ask myself the question because i see DocumentRoot /mnt/var/www/ in http.conf
hello, is it possible to use "Redirect" for a url having GET parameters?
The Include directive allows the configuration file to be split into smaller chunks, and then loaded into a single configuration data structure.
Debian chooses to split the file more than most.
and i just create files in sites-avaibles for the moment
ok
Is it possible to set a custom error page that is a script?
RewriteRule is working now. But the source url parameters is passed to the destination url. It is possible to avoid it?
put a trailing ?
/path/destination-url.html?
ErrorDocument 404 http://www.example.com/error.cgi
Roobarb-Work, oh, sweet, so in other words if it's a doc that would normally be executed that is still true?
not sure I understand. As long as whatever you point the ErrorDocument at will be served correctly, you should be OK
you may even be able to use error.cgi?error=404, or similar
THANK YOU.
Hello, I have a problem and I think its apache's fault. I cant access a directory named "images" while the permissions are correct. Any clue whats wrong?
Roobarb-Work, ah, all right yeah that's what I was hoping for. Thanks
errorlog? permissions from root directory to images subdirectory? config?
error log says file not found
permissions are correct
and what about config?
and the thing is that if I rename images to something else
then it works perfectly so I guess something's wrong with naming it images.
hm I think this is the problem ? Alias /images/ /usr/share/images/ ?
Yes. If /images/ is aliased to another directory, then naming a directory 'images' won't be accessible.
yeah it works now
thx
hello, i have setup smb/winbind to auth off AD, I am now trying to setup apache 2.2 to path from pam
redirect
redirect is http://httpd.apache.org/docs-2.0/mod/mod_alias.html#redirect or http://httpd.apache.org/docs/mod/mod_alias.html#redirect or see 'Redirect
Context'
i've installed and configured auth-pam, but it complains about missing group files,
pam isn't our issue. try asking your distro
I have a simple cgi script in /var/www/foo.cgi
I get a Forbidden when trying to access it
http://pastebin.ca/627871
error log
Look for the ErrorLog directive in your configuration file. Common locations include /var/log/apache/error_log, /var/log/httpd/error_log, /usr/local/apache/logs/error_log, and "C:/Program Files/Apache Software Foundation/Apache/[version]/logs/error.log"
What, exactly, does the error log say?
be e
sorry...
be me
What, exactly, is happening, and how does it differ from what you wish to be happeningQQ
Oy
ExecCGI is turned off
doh fixed thanks for letting me type
but... I'm not sure how to turn it on, as it already appears to be in my conifg
Then it's probably in the wrong scope.
Where, exactly, do you have ExecCGI turned on?
oh, yeah
under Directory /
when it should be for the document root
directory /
is a filesystem directory, not a URL path. If you put options in this block, don't be surprised when whatever you're trying to do doesn't work.
groovy, works now
thanks
arreyder?
arreyder is sure there should be more, but it is a start. More fields would allow greater flexibility in searches and scoring I guess
Alias
Alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
thanks fatima
what's up?
forget arreyder
I forgot arreyder
can you prvt msg me I got a question about our firewalls
sure
my default server is default server art.homeunix.org
so when i do http://192.168.1.2 is this server that appears
but i have another server namevhost yoo.dyndns.org and i want it appears when i do http://192.168.1.2
what does httpd -S tell you, exactly?
please put it on a pastebin
ok
http://fr.pastebin.ca/627903
arreyder did you get any of that?
no, are you registered?
no
default vhost
The first-listed virtual host is always the default one when using name based virtual hosts. See http://www.onlamp.com/pub/a/apache/2004/01/08/apacheckbk.html for more details.
^^
i just want interrogate my two virtualhost by http://192.168.1.2/public_html or http://192.168.1.2/espace_art
the IP can only respond on ONE vhost.
i.e. serveralias 192.168.1.2
but as i have a default vhost it's him thats is interroged when i do http://192.168.1.2
that is the expected behaviour.
i can also puit IP in Serveralias !!!! great
if you need one of your vhosts to catch 192.168.1.2, add a serveralias in one of them
you CANNOT put it in both, however
yes i understand
dumb question, apache returns .html pages as text...how do i fix?
so i can interroged just one server mu ip 192.168.1.2
by local ip
what does the error log say, exactly?
indeed.
humm....
nothing, I figure it's a .conf error, access log returns 200's too.
i can't do http://192.168.1.2/espace_art for one and http://192.168.1.2 /public_html for the other
i thinked Alias can do this
does a server need to have internet access for apache to work on a LAN
dwschool no
exactly.
for some reason my lan server stopped working
an alias can definitely do this.
apache is running and when i type in the ip, i get nothing
no, it does not. What does your error log say, exactly?
it's been working for the past year without a problem
no, it does not. What does your error log say, exactly?
nothing
nothing is _ALWAYS_ a wrong answer/description.
then everythign is workign fine.
thumbs, no more advice other than echoing the channel topic?
I figure a rogue mime type might be at cause
when people tend to be helpless, I can't help them
the error log just says resuming normal operations after a restart
quality of help
the level and quality of help you will receive is directly proportional to the amount and accuracy of the information you give.
hey thumbs hows tricks mate?
wwhat address do you type in your browser?
not bad mate
thumbs, great
the ip, like i have for the past year, every say
day
good, good.
verbatim
Verbatim means "word for word" "copy and paste". It means we want the exact error message from the error log. That also means use a pastebin for 3 lines. Ask me about 'apc' for which pastebin to use.
please be precise
dwschool run netstat -an on the server it's running on, make sure it's listening on 80, then do a ifconfig and make sure it has an ip address
iends, done both
192.168.0.14
what does telnet 192.168.0.14 80 yield?
dwschool try pinging
hrmm
i can ping localhost, the ip, and the hostname
what does telnet 192.168.0.14 80 yield?
nothing
nothing is _ALWAYS_ a wrong answer/description.
nothing
nothing is _ALWAYS_ a wrong answer/description.
or a black, empty window
so apache seems not to be listening on that IP and port.
run netstat or lsof on that server, and see if port 80 is being used.
what is the different between tcp and tcp6
you can ask wikipedia
morning all
it has the full explanation.
ipv6 is basically the new version
anyway, i get tcp6 0 0 :::80
that means its listening right?
so it's listening on ipv6
does your computer have the ability to talk over ipv6?
no, how do i change
I recommend you tell the server to listen on ipv4 only
how
Im am FAIRLY adept at apache(1) config with th httpd.conf file and all that noise ... I am trying to migrate my server over to a fresh vps ... and the install of apache2 has a config on it that is, well, sort of confusing to men ... it has a directory called enabled-sites, and in that is a
file called 000-default that has the rules for the root directory and all that. (sets it in /var/www which I think is lame too but thats neither here nor there) is t
can i make the same thing the index for every directory, even if it's not in that directory?
what does your listen directive look like in your current config?
or can I reinstall it for a more standard config?
which conf file?
s/to men/to me/
that's just the debian layout
the apache config file.
default layout
Pop along to http://wiki.apache.org/httpd/DistrosDefaultLayout for an idea on where the main distros place Apache files.
^^
all you have to do is cat all your sites-enabled and stick them on the end of httpd.conf
place a line like DirectoryIndex foobar in the global scope
me?
which is basically anywhere OUTSIDE your vhosts.
no, I did not address you.
but i did ask about directory indexes
ok.
so perhaps it was for you
ok man
thanks
appreciated
assuming the script doesn't behave stupidly (which i'm sure it does)
live with the debian mess, or write your own config from nothing.
test it.
is it right to just say DirectoryIndex /the/full/path?
tho I admit the part about DirectoryIndex foobar confused me a tick, but, I am sure I will get it
sure.
it was not for you.
hehe
OH GOOD
lol
default layout
Pop along to http://wiki.apache.org/httpd/DistrosDefaultLayout for an idea on where the main distros place Apache files.
^^
place a line like DirectoryIndex foobar in the global scope
sure looked like it was for me lol
i can't find anything partaining to ipv4
that was for f00li5h
ok
lol
purr
thanks again all
for what it's worth, i like the debian layout
it doesn't seem to care much for that
so, do you add a new file to sites-enabled then for each vhost er whut?
I mean I am gonna go read about it
but
im just asking
it looked a lot like it was working, but only becuase the cgi script looked so much like a mod_autoindex listing -_-
think the ubuntu layout is the same for debian (etch) 4.0?
listing?
bugger all, i dunno
it is
it would be
the debian layout is a MESS
oh, how so?
(in a non-holywar type of context)
I don't have time to get into it
debian
debian is "we complicate it for you so you don't have to" or see /usr/share/doc/apache*/README.Debian* or http://wiki.apache.org/httpd/Platform/DebianLike
how can i get apache2 to only listen on ipv4
im not a fan
but I ph3ar change
what does your listen directive look like in your current config?
i like the a2ensite though, not having to edit the global config pleases me
i am having a problem with apache
ssl is not running
nor is apache installing
oh
I was unaware of that
i tried sudo apt-get install apache
debian is "we complicate it for you so you don't have to" or see /usr/share/doc/apache*/README.Debian*
...but debian is "we complicate it for you so you don't have to" or see /usr/share/doc/apache*/README.Debian* or http://wiki.apache.org/httpd/Platform/DebianLike...
lemme lookit
forget debian
you have no access to remove factoids
NO FACTOIDS FOR YOU
TWO WEEKS!
haha
I have fixed that one
debian
debian is "we complicate it for you so you don't have to" or see /usr/share/doc/apache*/README.Debian* or http://wiki.apache.org/httpd/DebianLikePlatform
Listen 80
you dont have access to delete factoids
thanks
for what?
fixing the factoid
can anyone lend a hand
with?
with is fine
forget with
I forgot with
question
If you have a question, please go ahead and ask it. We have the answers... or a whole lot of sarcasm...
lol
don't worry about it. If it needs fixing, we'll take care of it
f00li5h?
f00li5h is a nice fella
meow!
is it +m or something
hrm?
is what +m?
nm, thaught i was mute for a second
no
that article doesn't explain why the debian layout is a bad thing
but /me would like #apache to be +m sometimes
lol
personally, i like a2ensite ...
moderated
why?
no it doesn't. But it is
i'm going to need more than that, i'm afraid
lol
it can be +m, as long as i have +v
9, 8 users, load average: 0.17, 0.10,
heh
everyone would want that
apache2 is listening on the server but i cannot access webpage from LAN, i have the phpinfo.php on the server and when i type in 192.168.0.14/phpinfo.php it wants my to donwload it so there is something working
6, 3 users, load average: 0.65, 0.41,
64 days Netbsd, only 21 on my Debian box (but that's because i re-installed it 21 days ago
lol
just a hint, if you're thinking of messing aobut with /var, do it carefully
dws, i have the same problem, trying to install compiere2
particularly on a debian box o_O
when i telnet 80, i get connected to 192.168.0.14
how much memory does a default apache2.0 consume ? (without serving anything ? )
that depends
depends on loaded modules
is it bad when httpd -S core dumps?
generally, yes
is it anywhere upwards of 100mb ?
bugger, that'll be something not being compiled for the right something else, i'll warrant
how can i fix ssl, i followed direction on the install of ssl, and it still does not work
pctony, Roobarb , the default installation in ubuntu dapper
rss is ~8MB on my box
i think that's the minimal modules
0.00 /usr/sbin/httpd -f
for example
somehow i saw a child process with 200 something mb
:/
and i was like ...
i didn't think it'd be that much
wow, going from * to *:80 made it stop segfaulting... that was too easy
scary thought
are you sure the restart didn't solve the problem?
i didn't restart
as do I
i presume $httpd -S would just check the configs
and not interact with the running httpd
strangeness
so how does doing that change without restart httpd stop the segfaults?
it was httpd -S that was dumping it's core
the running instance has no requests
sounds fishy
it does
but not to worry, it's all fixed now
if that was the case every debian/ubuntu system would be borkened.... more so than normal
bif that was the case every debian/ubuntu system would be borkened.... more so than normal/b
this is a NetBSD box
should be irrelevent
should i be getting a ping reply from google.ca
no. because google.ca hates you
can you tell me how to use a particular file for directory listings, for all directories? DirectoryIndex won't
what do you mean? what do you want?
every directory, one script
DirectoryIndex is what you'd use
but it can't have a full path, so i'd have to stick that script in every directory
if you put it in a global scope it should be just fine, unless you override it like a directory or some other scope
and if it's a script, you'll need to make sure that you set up your script handler right
so i can't get the behaviour i want from a .htaccess?
hi
salut, eew232.
wha?
htaccess is directory scope
it will apply to all subdirs in that that dir
how can I make directory outside htdocs accessible?
unless you do some other htaccess file in a subdir that overrides the parent htaccess
alias
alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
^^
but they try to include the script listing in their own directory, they don't use the same file that the directory below them would
you can use a relative path
i.e. /foo/foobar.php
if you're using htaccess for your directory index, you need to use an absolute path to the script
but then i'd have to do ../listing and ../../listing etc
no
yes?
start with /
that's an absolute path by the way
and put it in the config file.
path relative to the docroot?
/foo/blah.php
yes
that's not a relative pat at all
sorry
You will be!!
silly fajita
got a million things happening here
read fajita's reply
gah
hi
hey, cseader.
how can I make directory outside htdocs accessible? directory ???
whats up
sky, clouds, taxes, opposite of down, etc.
alias
alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
^^
read that
whats down
alias
alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
^^
would you like us to repeat it again?
getting this error in apache2
`jk_module' in file /usr/lib/apache2/mod_jk.so is garbled - perhaps this is not an Apache module DSO?
what can i do about it
how do i check if ssl is actually running
reinstall the module.
how
/listing (relative to ~) and /home/f00li5h/public_html/listing both cause the script to be ignored -_-
use the right jkmodule for the version of apache it was compiled for
that depends on your distro
reinstall the rpm
im on SUSE
see ##distronamehere
hmmmm
you just can't plop in modules from an old apache install into a new higher version apache install
doesn't work that way
?
n31?
https://localhost mebbe?
i nkow that
heh, the answer was in the docs all the time, silly old me... it's a "local url" not a path at all
but the build service i thought built if for this version of apache
i guess i will check with the SUSE folk
probably not.
depends on what you did
thanks
if you've got 2 apache installs, you're asking for this kind of thing to happen
especially, if one's distro package and the other's source
I het an error message 'localhost has sent an incorrect or unexpected message. error code -12263
then you've misconfigured ssl
You don't have permission to access /abc on this ser
sure... let me put on my telepathy hat here...
elaborate
You make no sense, try to rephrase your question and elaborate on what you want, what you tried, and what didn't work (paste the error message you see in the error log, usually named error_log or error.log). Also tell us what platform you are on and what version of apache you are
using.
grrrr
what net
alias did not work, apache 1.3
step one
whatever the problem, step one is to look in the error log (and any other logs that may apply, such as suexec, mod_rewrite, or mod_security).
what you said, will be logged in the error log
and you haven't posted anything on what you did
so no one will really know what's not working
esr
esr is http://www.catb.org/~esr/faqs/smart-questions.html
0 2007] [error] [client 172.16.31.9] (13)Permission denied: access to /edi failed because search permissions are missing on a component of the
and what alias are you using? and what is this search permissions? what is the purpose of this url?
How can I figure out what is causing apache to run 100% CPU ?
purpose to read another dir
megaspaz I am sorry
osmosis PHP
Hello
bonjour, _oldc.
alias /edi /mnt/nxt1/edilogs
I need a little help. But it should be fairly simple for you experts...
help
Hi, what can we do for you today?
with the right access setup?
^^
Order allow,deny Allow from all /Directory
hmm...is it normal that a server is reporting that 100GB has been downloaded in a single day, while there hasn't been downloaded more than 20GB in the past week for what my scripts could track?
How do I delete the access_log? Or atleast replace it with a new one?
then there's something else going on... possibly your mount permissions, but i have no idea what search parameters are in your error log
eh?
stop apache, delete log, restart apache
and then look into rotatelogs
i think mod_python is taking all the CPU, but im not sure.
guess
or set up your system for log rotation
I know nothing about apache... How do I stop it? Telnet?
i just see the apache process at 100% CPU in top.
rotate logs
rotate logs is see rotatelogs
rotatelogs
rotatelogs is http://httpd.apache.org/docs-2.0/programs/rotatelogs.html or http://httpd.apache.org/docs/programs/rotatelogs.html or http://httpd.apache.org/docs/2.2/programs/rotatelogs.html
ahh, thanks!
um... what kind of access do you have to the apache machine? local, remote?
Remote I believe? I usually just logon to the FTP whenever I need to change something
:|
well ftp ain't gonna do it
ask
If you have an apache related question, please go ahead and ask it. We will not beat it out of you. We won't bite you either, at least until we get to know you better
i did just ask :|
50 lines up doesn't count!
hmm...is it normal that a server is reporting that 100GB has been downloaded in a single day, while there hasn't been downloaded more than 20GB in the past week for what my scripts could track?
if 5 times as many people have been downloading your pr0n, yes, of course
uif 5 times as many people have been downloading your pr0n, yes, of course/u
er.. sorry, 35 times as many
it's a filehosting website
well, you should define the limits, then
and for some reason the server statistics say there has been downloaded over 100GB
"for some reason" ?
which server statistics?
So what do I need to turn off apahce?
while my scripts only seem to have tracked 20GB in the past week :|
so is there any deeper stats I can get on what is causing apache to run at a high load. Probably from a single mod_python thread, but since I can't look inside the apache process I have no way of knowing.
you need root access to the apache machine
the scripts are tracking just fine
blame php
i must be missing something, i can telnet into port 80 on my apache server, but i cannot get it to serv webpages
PHP should be presumed to be at fault until conclusively proven otherwise. And even thereafter, if it's convenient.
I have root access... my login for the FTP is root
wow
too big to fit on the internet?
highcpu is from all the malware fighting for cpu time
lets see what happens if i stop the unique download counter :x
you need shell access
ftp access don't count for shit
is there a way to neatly clean the apache logs with screwing up?
neatly clean? with screwing up? parse error...
*without
ah
megaspaz I can blind-type you a tool for *that*
heh
i bet
#rm -rf *log
that's definitely *with* screwing up
aren't you supposed to truncate instead of removing?
and how would you do that ?
foo
oh you mean that
you mean that is *all i had to say to get a /quit out of him
yes, girl
girl is coola major headache
sheel access = telnet right?
fajita shell is replyoooh pretty!
/dev/hda1
...but shell is so much more powerful...
damn
no wait
thats bad
you don't say ?
did too
try it out
k
don't
brb
megaspaz dd requires the use of if= and of=, okay ?
*requires*
word
In the beginning was the Word, and the Word was with God, and the Word was God. (John 1:1)
exactly
so dd blah foo does... nothing
hehehehe
exactly
as in don't waste your time
haha
dats funny stuffs
I gotta sammich, but fergot to getta soda ... and that sucks
mmhmm
that's a funny accent you have... you must be from UhrMerkia
and then sum
i can see that apache2 is listening on port 80 yet i cannot access the webpage
the log is not tellng me anything
permissions?
Files need to be readable by the Apache user (e.g. 644). Directories and scripts need the X bit too (e.g. 755). That includes *all* parent directories of a resource. If you have a symlink, check both the source and target. If you have AllowOverride for an unreadable directory, the error
message will refer to .htaccess. See also selinux
permissions seem ok
is there a way that I can confirm that apache (apache2) is listening on port 80 using ipv4? I am having some issues and I need to confirm that is working properly...
netstat -ltpn | grep 80
telnet to port 80 and see what answers.
connected
thansk :-)
it sayd connected
tcp6 0 0 :::80 :::* LISTEN 2797/apache2 -- that works with normal ipv4 or ? (sorry I do not know)
ftp3 yes, it listens on both
thanks.. my firewall must be crazy today... back to work.. thanks again
Well, ok, I wasn't talking to you, but if you then type "GET /" and hit return a few times ...
have you tried the telnet tip ? that's the one way to be sure
i get html code
title 302 found /title
what does that mean ?
DrBacchus?
DrBacchus will always be my first father!
are you around?
this command "telnet localhost 80" should return something?
sorry, that must be terribly obtuse.. it means that *something* is listening
i get the document has moves
ftp3 it should *do*s something, at least
what's the easiest way to just make my apache server broadcast my htdocs directory so I can view it from other computers
DrBacchus, I want to get rid of the htaccess file like we've discussed, is there another thing I need to do in order to make apache not even check if there's an .htaccess file?
"broadcast" ? heh
adaptr, it does connect.. just not show anything..
I like using that word.
"Premature end of script headers" errors even when the first 2 lines are printing the headers etc.. i have a funny feeling the mod_perl somehow isnt working w/ apache2 or i've missed something
rake I can see why you would.. you'd immediately invalidate any meaningful conversation you might ever have with a network administrator
ftp3 type get / and hit return
that's GET SPACE /
adaptr, exactly! Who likes talking to them anyways
AllowOverride None
rake well, I do, but that's mainly because I talk to myself a lot
Monster = Bestest drink ever
DrBacchus, thank you
that worked.. showed the html...
damn firewall
thanks again. !
dns opinion poll ... BIND or djbdns?
adaptr, what's the word that I'm looking for then
rake erm.. "publish" ? "serve" ?
BIND (not to start a holy war)
what's the easiest way to just make my apache server serve my htdocs directory so I can view it from other computers
web-http-blog-thingy-nutoob-publicify ?
install it with the default options
vertex_, I did
rake yes the easiest way (in fact, the only way) is to edit http.conf and restart apache
adaptr, that's what I'm wondering
I don't think I changed anything in it.
so it should just... work...
who says it doesn't ?
just change the DocumentRoot to where your documents are rake
in your httpd.conf
what OS are you on?
vertex_, linux (gentoo)
vertex_, gidz I just edited my Server Root directory... gonna go test it see if it works
cool.
err no.
wait.
that was bad idea.
wrong thing
wrong thing is n. A design, action, or decision that is clearly incorrect or inappropriate. Often capitalized; always emphasized in speech as if capitalized. The opposite of the {Right Thing}; more generally, anything that is not the Right Thing. In cases where `the good is the enemy See: Wrong
Thing2
got firewall?
wow DrBacchus!!
DrBacchus will always be my first father!
DrBacchus, I already see a huge difference!
That's good to hear.
?
rake, didnt i say DOCUMENTroot?
Techdeck a very large one, yes
what is it?
or in .htaccess
entry is located in the vhost itself, of course
Techdeck the same difference as between rm -rf /tmp and rm -rf / ?
adaptr, but the directory entry is located in the vhost of the chosen site
gidz, I can't find that in my httpd.conf
Techdeck directories are, by definition, absolute filesystem pathnames
isn't it's / the same as the directoryroot?
yes, it is the same as the root directory
so it's the same? :p
no idea what you think "directoryroot" means
never search for DocumentRoot and change back the ServerRoot to what it was by default
errr, rootdirecotry
let me show you the vhost
sec
gidz, I can't find document root in my httpd.conf
documentroot
DocumentRoot specifies where apache should look for content. See: http://httpd.apache.org/docs/2.2/mod/core.html#documentroot or http://httpd.apache.org/docs/2.0/mod/core.html#documentroot or default layout.
is always a full filesystem path.
s/never//
I tried to tell him that
http://rafb.net/p/GS0q7I65.html
is /path/to/the/vhost/rootdir
DrBacchus, ah I see, so even when it's in a vhost .. it's not like it's chrooted or something
No, it's not chrooted.
gotcha, thanks!
is it normal for a single IP to start 200 downloads?
of the same file?
DrBacchus, btw, can you think of another way to optimize this vhost?
Fushuing not very, no - also indicative of horribly bad caching
Anyone able to help? Random Perl problems
*client-side* caching, that is
how do you mean an indicative of horrible bad caching?
ah
because he's pretty much using up all the server resources o.o
gidz, where is it? =\
Fushuing any sane client would cache static content, so this is either a very bad client, or a DoS attempt
hmm...
best case scenario would be what?
Fushuing in case of the latter, you need to do some rate limiting
rake what os/dist your using etc?
of course, It'S AOL -_-
there is no best scenario, it already happened
gidz, linux/gentoo
owww
hmm...how do you rate limit with apache? :X
wtf is AOL doing in the UK o.o
who says it's the UK ?
whois the IP, only then shall ye know
i whois'd it
http://whois.domaintools.com/172.202.42.35
Fushuing several modules exist - google for apache bandwidth
aha rake !
i hate to use apache modules :|
gidz, aye sir?
nano -w /etc/apache2/vhosts.d/00_default_vhost.conf
rake ^
Fushuing then you'd better stop using apache altogether...
isnt there a mod_bandwidth...
in the sense that it would be a pain in the ass to replicate the setup to more machines
because ?
if you habitually do this anyway, then you would #include most of your main config from NFS shared dirs in any case
gidz, I have VirutalHost 127.0.0.1:80
well
rake that's not accessible from anywhere but the local machine
DocumentRoot = /var/www/locahost/htdocs/
RAKE
I figured.
i can telnet into port 80, type in GET / and get the code for the page, yet i cannot access it from my browser
well i just now gave up on you
dwschool both using the same hostname ?
rake, search the gentoo-wiki
adaptr yes
or rake did you use a tarball from httpd.apache.org ?
gidz, nope, got it from the gentoo repository
gidz gentoo is uber-customised to the point of guaranteed failure.. don't bother, advise him to reset his flags to a sane default
well
that is a great summary of gentoo
I had to edit that file because I was recieving a default virtual host on port 80 error.
well i love gentoo myself
So... it might be broken!
well rake you can add contents int /var/www/localhost/htdocs if you want
I did
or change the DocumentRoot
any idea what could be wrong
I put everything there
but as always after you changed the apache config youll have to restart apache
/etc/init.d/apache2 restart
holy hell
I go by "rake" sometimes!
never seen anyone else go by it!
rage|work, I have proudly registered rake on freenode since like 04
hi I'm using a debian/ubuntu apache configuration. I have more than one SSL cert - how do I configure this ?
I've tried what's suggested here without success - http://www.stombi.net/blog/post/2005/07/14/30-apache2-multiple-ssl-virtual-hosts
can only use one afaik
on more than one IP
gidz - I have multiple ip addresses on my server
aha
do they publicly resolve correctly?
yes they do
then your out of my league!
so what isn't working ?
no they don't resolve - the first one declared in the name virtual host interferes with the second
default vhost
The first-listed virtual host is always the default one when using name based virtual hosts. See http://www.onlamp.com/pub/a/apache/2004/01/08/apacheckbk.html for more details.
I put it on a different name virtual host
NameVirtualHost 64.79.199.65:444
if you want to avoid this behaviour, you *must* define a dummy
port 444 ?
yeah the how-to said to put it on a different port
does ssl only call on port 443 ?
well that's nonsense
ok
there's a lot of that out there
your browser won't go to a different port by itself, no
just create one namevirtualhost for each SSL site, and be sure to specify both IP and port in the NVH definition AND *all* vhosts
as per
faq1
exactly. For example, NameVirtualHost *:80 must be used with VirtualHost *:80
there cannot be enough emphasis on the *exactly*
problem is I already have NameVirtualHost *:443 above for a different ip
and ?
43 has no
indeed
so define at least one
I have
by the way, if you run only these SSL sites, why are you using namevirtualhosts at all ?
just use real virtual hosts
minskmaz apache says you have not, I'm inclined to believe it above you.. sorry
ok
pastebin the relevant config snippets, perhaps ?
thank you - I figured it out
you are awesome
nonono, I *made* you figure it out!
practically forced you, too
stream of consciousness helps
erm... you think so ? really ?
yep
remind me not to hire you for webstie admin
I'd hire you adaptr
that's not what I said....
thanks I actually write web apps - server management is a side effect
but I'm getting there - thanks adaptr - definitely need to take apache more seriously - never enough time
indeed
oh come on. I've got hire someone!
wasn't niq interested ?
not for FTE
but Niq has some things I'm interested in
count yourself lucky you didn't say "bits", or you'd never have lived it down
Or worse yet, "opening to be filled"
"Hi, do you have any openings I might be interested in filling ?"
that's gonna be my next pickup line!
lol
A better pickup line, under the same theme is "Something has come up, I'll fill you in"
A better pickup line, under the same theme is "Something has come up, I'll fill you in"
Gargantua, WAKE UP!!!
mornin' fellas
How nice of you, fajita.
huh?
hello
hi, swarog.
Greetings
greetings user
what can I do you for today?
i have strange apache2 problem. i have .htaccess file with rewrite rule similar to this "RewriteRule ^view/([a-zA-Z]+).html/?$ view.php?s=$1 [L]"
after deleting this file, and apache restart it still is opening http://url/view/blabla.html/
like .htaccess is cached somehow
Sorry, can't help there, anyone else?
if i edit .htaccess file server acts like its not edited at all
garbage
try putting junk in your htaccess file. If it's being read, you will get an Internal Server Error when accessing that resource.
hm no, no error
i'm not following you...
RewriteLog
RewriteLog is http://httpd.apache.org/docs-2.0/mod/mod_rewrite.html#rewritelog http://httpd.apache.org/docs/mod/mod_rewrite.html#rewritelog.
Use this logging to help design and track rewrite; see also rewriteloglevel; and cannot be used from .htaccess
and also
RewriteLogLevel
RewriteLogLevel is http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html#rewriteloglevel. RewriteLogLevel 9 is log everything...
but ive turned off rewrite by removing .htaccess and all of its rules?
i don't know
is fajita bot?
fajita is a bot
No, I just type really really fast.
yea i got that
the problem is way too ill-defined. why do you suppose you .htaccess is doing anything?
Related Topic: