|
Related Topic: |
ok
but that one if for when it worked it seems. the new entries in access.log doesn't even show the css files
like it doesn't even bother to fetch them
so it either isn't looking for them (not an apache problem)...
...or its looking in the wrong place (not an apache problem)
prior to this problem emerging, however, it appears to have succesfully asked for, and recieved the file. (not a problem at all)
so it seems like that there should be no problem even though there is :P
the html or whatever must refer to a specific css location... what is that location?
/css/base.css where base.css includes other css files
the site itself works and all the paths are ok, just not css
can you provide the line in the html host with that reference? (i.e. context)
I think I figured it out! for some reason if I make a html file and then access it, apache2 only shows the content of it
rather than actually using it
apache2doesn't show anything
no
well, what triggers this then?
seems like a mime type prob
wat browser are you using?
firefox
ok so you can view page source and page info with a right click on the page?
yes
correct path
but apache2 doesn't render my test html file. it just shows the source of it
in page info there might be a tab saying 'links'
apache2 doesn't render html
firefox reders html
yes, links. the css path isn't showing up
ok so in the page source, what is the entire line (verbatim) of the source referring to the css?
style type="text/css"@import url("/css/base.css");/style
hm.
it includes the file
hm... you don't want to include the file here
you just want to refer to it
replace that line so it contains no javascript
just tried that. same thing
what did you try?
It's usually better to go ahead and try, rather than asking if something will work. You learn more, and you annoy us less.
link rel="stylesheet" type="text/css" href="/base/css"/
a little update: it seems that it is only firefox users who are experiencing this problem
so after a reload
does the log show requests for the file?
after a reload? still works for them
refresh
hang on
yes, the requets are there when MSIE compatible
requests
requests is answered
?
if the user is using MSIE it requests for the css files
ok
ok, thanks for your help
definitively not an apache matter :-)
bad Content-Type on the HTML or CSS? IE will more aggressively guess I think
content type is text/html on the html host sites. I guess that's how it should be. the weird this is that it has always worked until I updated apache2
and the css?
i misunderstood what you were trying to do re 'including' the css fragment.
the css content type: text/css is defined before referring to the css file
oh okay well, I think it's just a faster way to referring to css files with the import
Hi
look at the content-type when you request the CSS file directly and make sure the mimetype is correct
Hi all, anybody want to help me with some rewrite stuff?
it's text/css
Got an external URL where FF doesn't display correctly?
can it be because I haven't declared css as a mime type yet in apache2 or is that completely wrong?
no, I'm afraid not
if you see it in the HTTP headers none of the other setup matters
the base.css does show up in the HTTP headers
oh yes. it works now. I knew it was something with my apache2.conf - I lacked the AddType text/css .css
thank you so much for helping me and znalo also much appreciated
Hi, I've searching docs but without much success... Which is the status of mod_dav acl in apache2?
what support does it implements?
Hello, how can one something 'strip' slashes when rewriting? so instead of rewriting from "/North/Something" to "/cache/North/Something.html", I would like to go to "/cache/North_Something.html". Is this possible?
multiviews
multiviews is http://httpd.apache.org/docs/mod/core.html#options or http://httpd.apache.org/docs/mod/mod_negotiation.html or http://httpd.apache.org/docs-2.0/content-negotiation.html
that's for me?
ooh
mod_dav has no support for access control. that's all dealt with by the auth(nz) modules
there's a file X_Y.html, but going to X/Y doesn't open even if multiviews is enabled in the directory
Oh.
You might really need mod_rewrite then...
muahaha
I did
RewriteRule ^(.*)/(.*)/(.*)$ cache/$1_$2_$3.html [L]
so I have max of three levels = ownage
thanks jMCg anyway
I suggest you use: ^([^/]+)/([^/]+)/[^/]+)$ cache/$1_$2_$3.html
[^/]+ one or more of anycharacter except /
sure jMCg
oh boy
Oh girl?
girl is coola major headache
oh fajita
i am a she.
oh my
we made fajita come out of the closet!
Uhm... wrong window?
3 women
i have a basic auth question. there is one IP range which is supposed to have access on a location, and there is one which should be authenticated.
how do I implement that ? I know how to allow basic out only from certain ips but how to allow another set of IPs to access the same locations without basic out, i have no clue
thats in the manual
basic auth
basic auth is an insecure password protection mechanism. see: http://httpd.apache.org/docs/2.2/howto/auth.html and http://httpd.apache.org/docs/2.2/mod/mod_auth_basic.html
shouldn't you be able to use Documentroot in the normal server config and in a vitual host without the virtual host document root always taking precedense?
the top virtualhost becomes the default always
then how do you server docuements out of multiple directories?
add several vhosts
hmm thought i tried that. Thanks i will try again.
i think you can define a _default_:80 virtual host cant you ?
basic auth insecure?
bugger all, i dunno, sayotte
botsnack?
thanks sayotte
can anyone help me with my basic auth issue ?
did you read the auth factoid?
auth?
http://httpd.apache.org/docs/2.2/howto/auth.html look at http://wiki.apache.org/httpd/Recipes/PasswordBasicAuth for some basic examples!
Or the basic auth factoid gidz supplied for that matter.
thats in the manual
basic auth
read this:
vhost examples
Look at these for examples http://wiki.apache.org/httpd/Recipes/ExampleVhosts :: http://httpd.apache.org/docs/2.2/vhosts/examples.html :: http://httpd.apache.org/docs-2.0/vhosts/examples.html :: http://httpd.apache.org/docs/vhosts/examples.html
doesnt mention anything about letting one group of ips in while asking for a password for another group does it ?
allow
allow is http://httpd.apache.org/docs-2.0/mod/mod_access.html#allow or http://httpd.apache.org/docs/mod/mod_access.html#allow http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html
satisfy any
satisfy any is the way to allow either password or ip address authorisation. or ask me about satisfy or http://wiki.apache.org/httpd/Recipes/BypassAuthenticationOrAuthorizationRequirements
^^
this links needs fixage.
slightly
be my guest, I have to run
well satisfy any lets you allow a ip address host based allow and ask the password for the rest
what i need to do is
ask password for a specific range
pass a specific range
heh
block eveything else
sounds unsecure
aha
read what?
!rss-setsleeptime fajita 300
done
thumbs wanted you to read in the links fajita spewed out
ok
vhost examples
Look at these for examples http://wiki.apache.org/httpd/Recipes/ExampleVhosts :: http://httpd.apache.org/docs/2.2/vhosts/examples.html :: http://httpd.apache.org/docs-2.0/vhosts/examples.html :: http://httpd.apache.org/docs/vhosts/examples.html
you can't specify an IP range for auth
you CAN, however, tell it NOT to auth for a given range
192.168.1.* i think works..
or add an IP range to DENY
then use satisfy any
thanks
you can auth from a given range allow from IP , and basic auth on works
I have 3 PCs set up for development, testing, and production, and I want to use a simple permanent redirect on a file, product-info.php, and have it go to product-information.php in the same page. What would the redirect command look like?
I've tried Redirect permanent product-info.php product-information.php, but the last parameter needs to be a URL. This poses a problem, as if I put a static URL, I'll be naming the domain, and I'll have to change the .htaccess file so that it's different for each PC.
how can one 'duplicate' a row when using zend tables
whoops
HORROR
i'm an open proxy
what i can do against it?
i use several ProxyPass that _must_ be available for anyone
i just dont want that other people can do random proxy (noone needs todo this)
Got disconnected...did anyone have a solution for my Redirect issue?
yes, that was my piont
apachectl stop
lol
you cannot however, tell auth to apply to a range. You will have to allow the opposite range.
found it
I take it that's a no...
heh
ok, quit now, idiot.
Hey there, when I try to install php 5.2.1 on apache 2, using the following configure command (./configure --with-config-file-path=/usr/local/lib --with-apxs2 --with-mysql --with-zip --with-zlib --with-imap --with-kerberos --with-imap-ssl) I get the following error when starting apache:
Starting httpd: httpd: Syntax error on line 983 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/httpd/modules/libphp5.so into server: /usr/lib/httpd/modules/
any one have any ideas why i get that?
huh?
never mind
you compiled both from source?
only php web hosting from source. Used Yum for apache
don't mix them
do both from source, or both from ports/apt
well you can allow a specific range and deny anything else that works fine so far
k
ok.
Thing is though, it was working fine before. Then I added a virtual host to the httpd.conf and service httpd restart
and now the configuration has changed
but you cant make auth to apply only for a specific range thats true
not really quite sure why that would happen
what does the error log say, exactly?
used to work
also, why you use an old version of php to compile?
servertokens wootgnu.org
Apache/2.2.4 (FreeBSD) PHP/5.2.3 with Suhosin-Patch mod_ssl/2.2.4 OpenSSL/0.9.7e-p1
just the standard across all our servers atm
at least 5.2.3 is the newest
Theres nothing in the error_log
then everything is fine
moving along
httpd: Syntax error on line 983 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/httpd/modules/libphp5.so into server: /usr/lib/httpd/modules/libphp5.so: undefined symbol: _efree
[FAILED]
That says otherwise.
ok. So your php module is not compatible
Why is it a syntax error?
again, DO NOT mix distro packages and source compiles
ok
done
Thanks
learn to compile them both from source or convert to freebsd
:P
Is this channel for all Apache based projects or just httpd?
some of us know onr the other ASF ..thing.
so my virtual hosting is kinda working. I am running apache on a windows box(I usually run it on FreeBSD but this is an experiement) when i type the hostname minus the domain it pulls only the first virtual host. If i type hostname.domain.name then i get the appropriate sites. I want to be
able to just type host name. Is this an apache setting or do i need to change my a records to cnames in my DNS?
I dare you, ask!
We're having issues with Apache Commons DBCP
la la
Seems connections that are idle in the pool perform excessive table reads.
every hostname enumerated in your vhosts needs to resolve.
If I turn off pooling it'll only have about 500 reads, with pooling the connections cause over 65M reads on the table.
they do but it resolves like this. some.domain.tld instead of just as some minus the domain.tld
then you would need to fix your DNS system to cather your needs, don't you think?
unfortunately, there is no jakarta channel, it apears, but there apears to be a mailing list: http://jakarta.apache.org/commons/dbcp/mail-lists.html
http://www.google.com/search?client=opera&rls=en&q=site:mail-archives.apache.org/mod_mbox/jakarta-commons-user+pooling&sourceid=opera&ie=utf-8&oe=utf-8
maybe this is a start.
sounds good.
I have an apache 2.2.4 http server hosting an tomcat 6.0.13 on OS windows xp and as soon as I open up tomcat manager it saturates my cpu to 100% what are some possible problems with my configuration?
Is that a problem?
java?
java is great for engineering next generation solutions to enable maximization of developer income by means of enhanced buzzword useZthe future. assuming they can make the connector between tomcat/apache a little more solidQvery good at dumping meaningless exceptions giving no clue about the
real problemba funny little story at http://steve-yegge.blogspot.com/2006/03/execution-in-kingdom-of-nouns.html
java is great for engineering next generation solutions to enable maximization of developer income by means of enhanced buzzword useZthe future. assuming they can make the connector between tomcat/apache a little more solidQvery good at dumping meaningless exceptions giving no clue about the real
problemba funny little story at a href="http://steve-yegge.blogspot.com/2006/03/execution-in-kingdom-of-nouns.html"http://steve-yegge.blogspot.com/2006/03/execution-in-kingdom-of-nouns.html/a
is there a way to force rewrite engine to work befor basic_auth
how bout alias?
or Location?
alias
alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
Location
Location is http://httpd.apache.org/docs-2.2/mod/core.html#location
Location is a href="http://httpd.apache.org/docs-2.2/mod/core.html#location"http://httpd.apache.org/docs-2.2/mod/core.html#location/a
gidz++
hell i've been washing my clothes for two days soon..
why dont i ever learn. :
how long have you been working on making them dirty?
2-4weeks i think
. . .
or ok.. there was some stuff i skipped to wash for a while cus i dont needed to
bah...
humbug
didnt need to*
wikipedia only has telecommunications definition of saturation -- not that from computing :-/
And I always confuse saturation with utilization
whats the diff of saturation between telco or computer?
it's just overusage or more load the machine can handle in any way
I have no idea.. anyways... saturation can only be 100% but utilization can be more than that.
its not an option lamely
why?
because the environment doesnt allow me to use a path to solve my problem.
Location is not a path
...at least not a real one.
Or it doesn't have to be real.
Let's just assume you understand what I'm talking about.
bad assumption... :P
I know (:
hehe
That's why I like it so much
i do. i was able to save the problem with loaction. but then other problems occur
[pt]!
[pt] is pass through to next handler
etc..
me too
it's a priceless search engine marketing tool
mod_rewrite is both a problem and a good feature imo..
here: http://bash.org/?54343
we have mostly dynamic content
Google don't like it
http://www.idontlikeyouinthatway.com/
a href="http://www.idontlikeyouinthatway.com/"http://www.idontlikeyouinthatway.com//a
heh
like with any powerful tool, it's best work is done at the hands of a skilled master
hands off of it.
heh
mod_rewrite is being abused be herds of php proggers
mod_rewrite is being abused be herds of php webhosting proggers
jMCg++
granny
Granny Weatherwax tells us the most important thing about magic is when _not_ to use it. The same is true of mod_rewrite.
Actually... pathinfo() in PHP does something completely different.. but then again.. PHP sucks :-/
How would I append to an env variaable using SetEnv ?
I want to do SetEnv PYTHONPATH $PYTHONPATH:/some/other/path
seo without mod_rewrite
seo without mod_rewrite is http://seo.phpmagazine.net/2005/08/search_engine_optimization_les_2.html
^^
do you only want to do that in one section of the config?
yeah
I just need to appaned to a env var though
you could try ${PYTHONPATH} but i'm not sure it would work
RewriteRule ^ - [E:PYTHONPATH=%{ENV:PYTHONPATH}:/some/other/path
RewriteRule ^ - [E:PYTHONPATH=%{ENV:PYTHONPATH}:/some/other/path]
hmm
yeah, i wa just going to say, you could use mod_rewrite
it will do anything if you ask it nicely
hehe. is that the sort of thing mod_wombat/mod_lua will do too? hopefully with a less terse syntax?
that's the idea
guys i got a question
thanks for sharing that with us, zeus
why is it that when I access blahblahblah.com/directory i'd get a bad request, while blahblahblah.com/directory/
works
one's a file ones a dir
you don't have mod_dir loade
both are directories
loaded even
error log
Look for the ErrorLog directive in your configuration file. Common locations include /var/log/apache/error_log, /var/log/httpd/error_log, /usr/local/apache/logs/error_log, and "C:/Program Files/Apache Software Foundation/Apache/[version]/logs/error.log"
or you do and have DirectorySlash Off
or quite a number of other possibilities
sethandler for example
RedirectMatch ^/directory$ /directory/
alias
alias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#alias
Alias /poo/ /path/to/poo/
so may ways.
but isn't alias, like a short-term solution
many
to what could be a long-term problem?
step one
whatever the problem, step one is to look in the error log (and any other logs that may apply, such as suexec, mod_rewrite, or mod_security).
yes, you should figure out what's wrong, and fix it properly
strange my error logs doesn't show that error
what do you see in your error logs then?
teh alfabet
:P
oh wait, I've got it
9 +0800] "GET /invoice HTTP/1.1" 400 506 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.4) Gecko/20070515
that's the access log
error log
Look for the ErrorLog directive in your configuration file. Common locations include /var/log/apache/error_log, /var/log/httpd/error_log, /usr/local/apache/logs/error_log, and "C:/Program Files/Apache Software Foundation/Apache/[version]/logs/error.log"
also that's showing a successful request
oh, no, it's not.
400
400 is Bad Request
wierd
mang.
you've got to look in your error log
my error log doesn't show that error.
then your cgi/php/whatever is behind that url is sending the 400
or there's something even wierder going on
httpd.conf doesn't seem to have any directoryslash
if that error is not in your error log, then either:
1) you're looking in the wrong error log, or
2) the return code is being generated by a backend
my guess is #2
possible
Most things are possible. That doesn't mean they're sensible. Try telling us what problem you're trying to solve
without more information, it's very hard to do more than guess
i'm trying to get it to load this directory called invoice
w/o the trailing slash
i also had errors which arent shown in the error log but definitly was an apache error but yes not often hrhr
and mod_dir is loaded
you have to actually do something!
yeah. i couldn't figure out if he was serious or not
still it makes it look pretty simple.
morning. I just installed apache for the 1st time on windows and I don't really know how to use it. I'm used to the linux version with the commands that i can use to start restart etc. Anyway, so i just installed it.. what address should i type to see if it works?
i tried http://localhost:port
wait, don't answer that.
are you sure?
yeah, it seems to work. I just didn't know how to start it or stop it.
- tool
agreed
- big Tool fan.
jMCg - just a big tool.
:P (_._)
heh
Pretty please.
:P
hello all
All is not in today, welly
fajita++
i'm getting a "forbidden - you don't have permission to access / on this server." in apache 2.2 on os x
the directory is owned by user alastair and group alastair
what does the error log say, exactly?
7 2007] [error] [client 127.0.0.1] client denied by server configuration:
client denied by server configuration
client denied by server configuration is http://wiki.apache.org/httpd/ClientDeniedByServerConfiguration
consult the link above
cheers thumbs, i'll do that
greetings all..
I'm using SSLVerifyClient w/ a Depth of 10 to verify the client is presenting a cert signed by my ca.
then I'm using SSLRequireSSL and SSLRequire to verify the serial of the cert.
to restrict access to specific Directory's.
was wondering the communities opinion on this setup and if there is a better/more secure methodology?
was wondering the communities opinion on this setup and if there is a better/more secure methodology?
hi
salut, medusaXX.
is it okay to paste a single line in channel?
yeah
go for it
[warn] _default_ VirtualHost overlap on port 80, the first has precedence
i dont understand that
it means you have conflicting namevirtualhost settings
i have listen directives for ports 80 and 443, so do i have namevirtualhost *:80 and namevirtualhost *:443 directives and all my vhosts have *:80 oder *:443 parameters
comcast-- ?
either you're mixing a default ip based vhost with namevirtualhost
no
just wrong term
so you're doing this to confuse people.
megaspaz--
can you explain it to me please
would yeild that warning...
ahhh
The dawn of understanding has arrived!
ok
just make the default one explicit?
no
if you're using name based vhosts, the first defined vhost is the default vhost
yes
you don't need the VirtualHost _default_:80
but i don't know what your config is like, so that's just an example
that was my idea and it's what the docs say
but why does it send the warning?
because in the case above you're overlapping port 80
o.O
Poke!
the support for _default_ is annoying feature
sorry, i forgot to tell that none of the virtualhosts work, it just displays always the first one
httpd -S
httpd -S tells you what your virtualhost configuration is.
you are missing NameVirtualhost
what does that mean "overlapping port 80"
i have NameVirtualHost *:80 and Namevirtualhost *:443
pastebin your httpd -S
debian-- # propogating namevirtualhost *:443
i've got the problem
httpd -S showed me that i forgot the port in one virtualhost
get rid of that line
you don't need it
it will cause you pain and suffering
i've had virtualhost * instead of virtualhost *:80
get rid of which line?
i thought you were talking about NameVirtualHost *
ah okay
that line... bad...
keep your namevirtualhost *:80
ok
well
httpd -S is a nice tool
blocks
yes, i put it above the first vhost
faq1
exactly. For example, NameVirtualHost *:80 must be used with VirtualHost *:80
that has been my mistake
mind if I pick your brain regarding SSLRequire and limiting directory access
well sslrequiressl doesn't really limit access to a directory. it just says i'll throw up a 403 error if you're not going through ssl
user still has access going through ssl
problem i have with it, is that you might overlook some real access issue with that directive
because everything 403 will be due to that directive
going through http
and it's not very user friendly, which ironically, i'm usually not too concerned with... :P
lol
I am using ssl, and verifing the cert/ca for the initial page load.
well, you did say you had sslrequiressl... that's the only thing i'm commenting on
and ...
as far as accepting certain fields in the subject with that other directive, i don't see any issues with that...
yeah..
i just don't like sslrequiressl for making sure the user goes through ssl
I'm using SSLVerifyClient w/ a Depth of 10 and SSLRequireSSL with SSLRequire to verify fields in the cert.
i got that
kk, sorry for the dup
SSLRequireSSL has nothing to do with the cert though
gotcha.
SSLRequireSSL means throw 403 error for http://foo.com/somedir
I guess I was too verbose pls forgive.
I guess my real question is if I verify the serial in the cert is that secure enough?
sure
well it's more restrictive in what will be accepted
which is probably what you want
right on!
when dealing with certs
cleaner then checking either the entire DN or each field in the conf too.
i mean if you're doing client certs signed by verisign, you might only want to accept certs with an O=your company as opposed to accepting any cert signed by verisign
yep..thx
don't use sslrequiressl
kk...it's actually not needed as my Virt is IP:443, so it does not respond on 80 anyways.
thanks!
exactly
sslrequiressl is a hack to let people sloppily use sloppy configs
the problem is that if you leave an ssl vhost open to plaintext requests,
the user may already have sent a plaintext password, even though they get a 403
so it's not being very protective
it's a lot better to never enable any form of auth on non-ssl services
to https:
sounds good
Thanks again for the time!
Hey, I installed php with imap a couple of days ago. All was working fine but i added a virtual host to httpd and restarted httpd and ever since then imap has dispappeared.
Anyone have any idea why this would happen?
i just remembered, make sure that SSLVerifyClient is set to always in the root of the vhost.
renegotiating client certs doesn't work reliably
apache's vhosts should have absolutely no bearing on php's ability to speak imap
exactly what im thinking
ok, thanks for the suggestion.
blame php
PHP should be presumed to be at fault until conclusively proven otherwise. And even thereafter, if it's convenient.
how often aday do you do this?
not very often
lately it's mostly been blame java
do you work with j2ee or with se?
just the standard se
And do you use any frameworks?
i should download the ee though since that's what most enterprises would use...
yeah
mostly doing axis stuff though
Do you use maven?
no
javac, etc... vim deploy.wsdd, etc...
i've got ant installed, but i've only used that to do other people's java packages...
your work got you doing java host stuff?
worse...
I am to integrate our maven builds into cruise control.
.
well Maven host is more than just builds though...
isn't supposed to be a complete project management tool?
Hi, can i get support for setting up PHP with apache here?
full throttle, no brakes!
php
is a scripting 'language' that is enabled by loading mod_php and by adding 'AddHandler application/x-httpd-php .php' or you can look at http://wiki.apache.org/httpd/PHPDownload
debian php
debian php is here http://wiki.apache.org/httpd/ScratchPad/DebianPHP
thars yer support ye scurvy dawg!
lol
i hope that'll work
cheers
lamp++ # heh heh... no brakes indeed
I know, I know.. I feel the pain everyday I look at a pom.xml......
gah... really man... i feel for you... doesn't sound like fun...
well i suppose that depends on how management defines "autopilot"
and what's possible with maven...
wtf.. why is it so freakin hot in here?
it's called summer... and you have no air conditioning
the problem is that with maven too much is possible -- and we already do too much with it -- now bend it over the knee and kick it so long until it fits into cruise control
I know summer.
And our air conditioning says it's got 25 deg C in here. Which should be fine.. but it feels like 30+
Which could also be me halucinating.....
Damn those drugs
arghmpf2aw
brb
i have looked at both of them sites, added the handlers..added the directory index but still it wont parse the PHP
you only need to follow one of them
if you're using debian, follow the debian php factoid
i followed the first
but looked at them both
wow
[ theuser] I don't know what su is
this is cool
im not actually on debain
what are you on?
fedora
fedora is http://fedoraproject.org/ - Fedora is a Linux operating system that showcases the latest in free and open source software. Fedora is always free for anyone to use, modify, and distribute. It is built by people across the globe who work together
as a community: the Fedora Project.
comcast--
link_stat "/root/." failed: No such file or directory (2)
oh ok... then the first one should work fine
but it didn't
all you're doing as adding an addhandler line
AddHandler application/x-httpd-php php
and browser cache and php make for good ol' fashioned head banging
browser cache
Browser caches can be very persistent. Restarting the browser, or even rebooting, will not necessarily clear the cache. You must expressly clear the cache via the menus.
and i tried AddHandler application/x-httpd-php .php
cleared the cache
yes yes
accessed it through different url aswell
sample url
Could you please give us a URL at which the behavior is demonstrated. This would help us troubleshoot the problem.
http://212.159.113.88/index.php
help me how to can i block the send mail for apache?
No help is available for me, unfortunately.
awesome... shows code
not what i want
lol
so where did you stick this addhandler line?
help me how to can i block the send mail for apache?
No help is available for me, so you'll have to figure it out yourself.
in httpd.conf
help me how to can i block the send mail for apache?
No help is available for me, I'm afraid.
help me how to can i block the send mail for apache?
No help is available for me, I'm afraid.
stop it
and apache doesn't come with a sendmail module
ok thanks
you got selinux disabled?
umm..bit of a noob, whats selinux?
selinux
selinux is The New Universal Scapegoat! http://www.nsa.gov/selinux/ httpd FAQ: http://fedora.redhat.com/docs/selinux-apache-fc3/ TIP: Use 'setenforce 0' to set permissive and test, man the
following: chcon, getsebool, setsebool - Use `ls -alZ` to see context; More: http://fedoraproject.org/wiki/SELinux - http://danwalsh.livejournal.com/
used in teh latest rh derivatives
not much is known about it here... so it's something we tell everyone to disable
for testing
so how do i disable it?
told you
i'm not following you...
hush
and she was doing so well...
setenforce 0?
setenforce 0 is disabling selinux
yeh
ok
disabled..restart apache?
chcon, getsebool, setsebool - Use `ls -alZ` to see context;
shouldn't have to...
but what do i know
better safe than sorry???
:P
lol
still showing the source
aaaaaaaaaaaaaaah
pastebin your httpd.conf
it's *showing* the source
apc
Try using http://apache.pastebin.ca - It's a good pastebin, and is even set up to highlight Apache 'stuff'.
fix your source then.
change to php
ah
it is php
php guru foo
O_o
well now I'm confuzzled.
well it is php
mmm
mmm, chocolate chipig cookies
Anyways.... /me be off o/~
megaspaz is guilty. Just look at him!
hypocrisy is replythe best kind of ocrisy!
OK, chipig.
gnarhpf
Windows sucks :-/
we just told them we had to have macbookpros
Well maybe tomorow o/~ off now
O_o
and then the one guy who was crazy abotu linux, well, he runs linux on a macbookpro
which is crazy in of itself.
how do I restart apache?
apachectl restart
apachectl restart is the command to restart apache
Whatever your apachectl is called.
default layout
Pop along to http://wiki.apache.org/httpd/DistrosDefaultLayout for an idea on where the main distros place Apache files.
OFF NOW
http://apache.pastebin.ca/612818
finally
lol
oh...
?
only 1 loadmodule line...
?
um... is this a compiled from sauce apache?
yup
no
yes i mean
lol
your borked teh compile
broiled fish with apache sauce
sorry
I should think so too
--enable-so
huh?
oh who's the fucker that deleted that factoid
;p;
lol
--enable-so flag allows the use of LoadModule and DSOs
httpd -l
Use httpd -l (small L) will show you what modules were compiled into apache, but only compiled-in; others can be loaded with LoadModule or httpd -L (capital L) will show you a list of available configuration directives provided by the currently compiled in module set (shown by httpd -l (small
L)) Where httpd is the name of the Apache HTTPd binary.
meaning i have to re install?
yeah
urgh
lol
./configure --enable-so?
something like that
you'll also want to check out --enable-mods-shared
all modules
sorry...
build all modules
frack
summon noodl
NOODL NOODL NOODL NOODL NOODL NOODL NOODL COME TO ME!!!!!!
do i need to remove apache somehow or do i just do it again?
eep
config all mods
config all mods is http://wiki.apache.org/httpd/Recipes/ConfigAllMods
you should be able to just install over, but you'll want to rename the httpd.conf file so you get the new httpd.conf file
depends on what you want to do
gah, that's wrong
kk
did you already configure httpd.conf?
no fajita config all mods is http://wiki.apache.org/httpd/ConfigAllMods
okay, noodl.
yes
ok
php was a right hastle to compile
this is probably what you want to do... install over your current install. your config'ed httpd.conf should be intact. go to original/conf/httpd.conf and copy the loadmodule lines and paste it to your httpd.conf
well you should've compiled apache right the first time... :P
./configure --help
./configure --help is always useful
Hey.
il just rm my current conf
start a fresh
that'll work as well...
how can i use AddType/Action to have programs in a user's userdir executed as that user? (like suexec will for ExecCGI)
cheers for the help..gonna take a while now, fedora is running on a pre win 95 laptop ^^
heh I just loaded Debian Etch on an LTE5400
150Mhz 32MB
Is there a way to define a .htaccess that prohibits access to a directory, but not its subdirectories?
cant remember the cpu on it now...16mb ram though
eep
I want to block access /var/www/html but allow access to /var/www/html/forum
yes. it's called put htaccess files in all the subdirectories
that allow access
lol nice and blunt there spaz
so i have to put 1 in each directory huh?
yeppirs
ok
thx
stanzas
g
either way
checking for APR-util... yes
error: Cannot use an external APR-util with the bundled APR
any ideas?
thinking is *hard*!
--with-included-apr
roger thank you
and that means uninstall your distro's apache package!
all of them
or you're going to have issues compiling 3rd party modules
i told it not to install apache :s
well it did
because you've got an external apr
any idea on how to remove it?
fedora 7
rpm -e
but you'll have to query the package name
i think rpm -qa | grep httpd will get you apache packages
kk
rpm -qa | grep -i php
thank you
rpm -qa | grep -i subversion
those are the only things at the moment that i can think of that depend on apache...
those are the only things at the moment that i can think of that depend on apache...
mostly the distro in question...
but yeha
all it found was httpd2.2.4 which is the one i installed
with rpm?
oh
no
ok i see
sorry, complete noob ^^
mmhmm...
httpd = 2.2.0 is needed by (installed) gnome-user-share-0.11-2.fc7.i386...uninstall gnome?
O_o
yup.. looks like gnome-user-share uses apache
whats gnome?
your desktop manager
i dont have a GUI..so does it matter?
I'm not even going to consider how it got there
heh
:|
just list the packages you're unfamiliar with
if you don't use X then feel free to remove the gnome-user-share
oi vay
what the heck is gnome-user-share?
public file sharing
google that and see if you need it
or even want it
yeah... basically what pickcoder already said
anybody home?
no
I'm at work
nobody here but us meeces
cool
well I'm not here either but can I ask a noob question anyway?
no
question
If you have a question, please go ahead and ask it. We have the answers... or a whole lot of sarcasm...
just ask
snarfleblax
ok I want to stop apache from using _all_ the processor
90% is fine, 100% makes everything else stop
mmhmm
is that possible?
I have never seen apache run @ 100% unless a CGI app was killing the machine
well it's a php app (coppermine)
normally it wouldn't but I'm importing loads of pics into the database
oh
ulimit
ulimit is set to unlimited
well not much you can do there
seriously big pics
php/inserting blobs to database == ugh
I think it's _really_ gd which is using the processor, but htop reports apache as doing it
apache is the parent
no... it's the storing of big images to the db
hmm
what kind of disk subsystem are you running?
it's not really a big deal, I just have to keep on restarting mysql which apparently doesn't like the no available processor situation
well it could be the creation of thumbnails as well
(even though it's totally OT)
megaspaz...shall i configure without the --with-included-apr parameter so i know the external one has actually gone?
serial ata
normal partitions
it's basically do the imports as chunks... and or scale the images smaller
give it a try
kk
ok
you'll find out if the package is really gone
a caching raid controller under RAID5 would help with the bursts
I've got opera to send only three requests at once
oh... i notice that on opera as well
not my server
well not physically
use ff or mozilla for uploading a buttload of pics
ff is the one giving me problems
ff seems to import just fine though
ha!
*shrugs*
yay for client software!
:P
it's basically do the imports as chunks... and or scale the images smaller
:P
basically cpg has a page with an img tag for each file to be imported and the src is a php script taking as a parameter the name of the file and returning a little pic that says ok or not ok
yeah, i know
so it's a pain...
brb
is there a best practice on what to set SSLVerifyDepth to?
well. client certs...
hey guys
I guess you want the rest of us to ignore you then, lkthomas
is there have any mod which protect site being attack by downloader ?
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
what kind of download attack?
can anyone tell me whats wrong with that rewrite rule?
I'm trying to redir plain to ssl
apache 1
couple of specific ip address keep using program/script to deal with multi-thread downloading from our site
http2https
http2https is http://rewrite.drbacchus.com/rewritewiki/SSL
read that
which cause the bandwidth load up
fajita thanks!
is it the same IPs over and over? You can specify IP denials in the site config
well, I want it to be auto rather than manual
auto block
look at fail2ban
you can scan the apache logs for a specific regex
and tell it to use iptables to drop packets
there are other ways to accomplish that with config directives and scripts
but fail2ban is easier to manage
IMO anyway
well
I though fail2ban is for ssh ?
Is setting up virtual hosts in apache2 AT ALL like in apache1?
I get the 400 page, that suggests the proper url with that rule
or Directory, but it doesn't seem possible, is there a way to do this without rewrite rules?
fail2ban can scan any log file, not just the auth.log
the recent versions come with examples for about 7 applications
including apache auth traps
which you can modify
heh, cool
I think I am going to install it
I actually use it for spam blocking with Postfix
WHAT?!
postfix ?!
you will certainly block gmail and hotmail then
nope
you want /cow to get served locally on the reverse proxy?
i want /cow to be served out of the filesystem...everything else (/) goes to localhost:someport
works nicely
any 500 or 450 errors generate a ban
i need to give the auditors proof that I have fixed the list of ssl ciphers that apache is offering/supporting
so it's driven by the postfix spamassassin clamav setup
ProxyPass /cow ! listed before your ProxyPass / http://somewhere/
what's the !?
the ! is the "not" or excitement
is there a way to use openssl (1ssl) to get a list of what ciphers an https server is offering? openssl s_client is not helpful
hmmm
means dont proxy this, handle it ourselves
where does it know to get the files from?
so i set the document root?
the example I saw it for apache auth error
yep
'k, thanks, i remember doing this before...it seems i did it different though
i somewhat remember a not
which seems not apply on download attack ?
you have to change the regex to match the URL request in the access.log
any example code ?
not without looking at the request log
the access_log only shows the ip and GET request
http://www.modsecurity.org/
failregex = ^(.+)GET /path/to/request(.*)$
LOL
you are blocking all GET request ip
, the first has precedence, perhaps you need a NameVirtualHost
I did try namevirtualhosts directives, to no avail
do what you want
When doing redirects, is there a way to make the rule ignore everything after the match? Ie, if I redirect /one/ to http://site.com, I don't want /one/two.html to go to http://site.com/two.html
then don't match after the trailing /
well I don't type anything to make it match. Just redirect permanent /one http://site.com
"SoftException in Application.cpp:199"
When tryin to execute PHP scripts
^one/$
won't that only cause it not to match additional stuff?
I want /one/two.html to forward to http://site.com
but NOT site.com/two.html
Hello. I've got an old site (say example.com/project/) with log of subdirs and files, and i want everything for those urls to be redirected to a simple url (newexample.com/MyProject).
I'm a little confused with the several kind of redirect/rewrite stuff
and i dont know which to use.
the new url doesn't have the same namespace/tree than the first one, that's why i want everything inside the first tree to be redirected to only one url (the new root)
^one/(.*)$ http://site.com
would you enlighten me which method is best suited for that?
thanks
you must use $1 to carry the regex wildcard across
come up with your translation map first
sorry?
only you can decide how you want your URLs to look
and also how they functional internally
mm... and? i'm not sure to follow you. I'm fine with my new page. i just want people going to the old one to be redirected.
if you are using applications that relied upon request paths for location information
those are all static pages. nothing dynamic
and you take them away by redirecting them all to a root directory, then the application looses the info
oh
i think i'm fine with that.
going from MyProject/* to /project/some/unknown/path/ is not doable
megaspaz still here?
you must have a direct correlation between the new path scheme and the old locations
somehow
or.. more all the files into one dir
s/more/move
i want (with the name i gave in example) people going from example.com/project/* to go to newexample.com/MyProject/
and also example.com/project/*/* and so on. But all of those going to the same destination url
so you are just replacing "project" with "MyProject"
i dont want a one-to-one mapping.
No i'm not, because 1)the server is not the same, 2)for example project/download.php should be redirected to MyProject/, and only that
not MyProject/download.php
(that's .html, actually :-)
where is download.php then?
it's gone.
or has a new name, (depending on which page)
so everything under ^project(.*)$ /MyProject/
there will no translations
will be
actually
^project/(.*)$
if I request /project/myproject/myimages/image1.gif then I will get a redirect to /MyProject/
there shouldn't be any external link to image such as that. But what is your regexp ? where should i put i ?
it
i guess under some rule in my virtualhost
I normally define them by directory
Apache is serving off .xhtml as application/xhtml+xml
where is this configured? :/
you can also use RedirectMatch
http://httpd.apache.org/docs/2.2/misc/rewriteguide.html
also see the context of use at http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriterule
so you use rewriterule.
i expected (hoped?) it to be less heavy using something like 'redirect' or some other that appears
RedirectMatch does similar.. read the rewriteguide
i didn't know about redirectmatch
reading right now
hey I need some help, my server stopped and I can login only via ssh
all other ssh login attempt return Systembootup in progress -- pleasewait
anyidea why this is happening
concerning apache, it refuses to restart
log says:
[alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "#ns22643.ovh.net\nvladimir.idoia.org"
Configuration Failed
is that my fault of my ISPs ?
since I did not touch to anything
what O/S
debian
debian is "we complicate it for you so you don't have to" or see /usr/share/doc/apache*/README.Debian* or http://wiki.apache.org/httpd/Platform/DebianLike
not now fajita
check /etc/resolv.conf
your hostname isn't resolvable
er.. the hostname of your server
you probably don't need mod_unique_id either
resolv.conf looks fine
so it might be my dns server ?
mod_unique_id is very picky about dns
do you need it for anything?
not that i know of
if you don't know what it does, the answer is probably no
it could be part of another package
but what is my first problem ?
try dig on your hostname
it's installed by default on debian for no reason whatsoever
mod_unique_id does a reverse lookup on your ip
and then a forward lookup on the name returned by that.
my hostname looks fine
the bizarre value it's giving you in that error is the reverse lookup on your ip
which seems to have a \n in it
Hey -- how do I enable virtual hosts to have cgi-bin directories
the same way you'd do it anywhere else
scriptalias
scriptalias is http://httpd.apache.org/docs/2.2/mod/mod_alias.html#scriptalias or Don't forget to load mod_cgi
ok so what can I do ?
thanks
it's not compiled in here.. or installed
i'd just comment out the loadmodule for mod_unique_id
it's available for activation, though
s/installed/loaded
compiling it in is really unfriendly
a2dismod unique_id
freeb used to do that by default
gah
a2dismod unique_id
yeah, i know the theory even though i'm not really a deb user
i have a feeling alexIdoia is running apache 1.3
what is that ?
How can I serve .xhtml as text/html when application/xhtml+xml is not listed in Accept?
I think I have a bigger problem
that's possible
luke-jr_work, most browsers still seem to render it correctly if it looks like html... if you aren't having any particular problems
I wouldn't be to bothered with it
5 2007] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of
Configuration Failed
I got rid of it; done a /etc/init.d/networking restart
I still have this error and apache won't restart
supposedly IE will work nicer if text/html
you need to stop apache and then start it
i don't know if networking restart does that
but apache do not run
is not running I meant
try setting the doctype in the file itself and see what happens?
and the error is the same?
?
blah can't switch nicks
any idea ?
looks like you've got 1 error
for a little bit
you get everything worked out?
are you sure that you fixed the /etc/hosts file?
well nothing looks wrong in it
I did not touch anything, its not even like if I updated anything
paste it
:P
the name lookup from mod_unique_id is bizarre
i mean it's not like we don't trust you
oh mod_unique_id... fbsd?
muhahaha
no, debian
oh
well that
is odd
i said, disable mod_unique_id. i don't know why it's enabled
but the hostname lookup is bizarre, anyway
ok how ?
debian from what i've known has never did mod_unique_id
in my conf ?
ok
maybe it's gentoo i was thinking of
the only time i've ever seen unique_id was with bsd
is that unique_id ?
*shrugs*
what's the issue?
vhost not working?
his server won't start because unique_id whines
oh
o.O
Poke!
yeah, never seen that in debian
but the servername being looked up has a \n in it
o.O
Poke!
wha?
seriously?
which seems ultra-wierd, indepedent of debian or unique_id
that's totally odd
well if unique_id is enabled, delete the symlink in mods-enabled
a2dismod unique-id
awesome... kudos to debian for line 2
hopefully disabling the module works everything out
but that server name is troubling
where the heck does the \n come from?
over there
I saw it sneak in
heh
sneaky ass newlines...
back on thanks
so that is weird still
anyone know about amazon s3 here ?
my hostname contained #nv.ovh.net and on another line myhostname
this is not it, apparently postfix and other services do not work
sounds like your isp did something then
or something happened to change your hostname to something invalid
that is what I though
tho my hostname is still the same
on my isp interface there is a warning about a new secondary dns can it be this ?
dunno
i've never seen a hostname with a newline in it before
what do you see when you use the hostname command?
/etc/hostname should only contain a valid hostname
yes I have one line, I had two though with a comment
weird
after reseting the hostname with the command hostname should I restart anything else ?
yes
the server
the server is currently running the 1.5 branch
heh
j/k
you can get by with the hostname command
you should probably restart all your daemons
and see if they do
ok restarted, but still the same problems
tell you
then compar that to dig -x ip address
such as host myboxipaddress ?
yes
61.6.121.91.in-addr.arpa domain name pointer ns22643.ovh.net.
so that my hostname should be ns22643.ovh.net
right ?
try dig
the command ?
the command is openserctl
dig -x ip address
a bunch of right settings to me
is your hostname listed?
as a PTR
hostname as in /etc/hostname
well no its an old one
which I changed, so somehow it went back to it
right ?
I have reset the hostname and rebooted
does apache needs to be updated to this new hostname somewhere ?
depends on whether you need mod_unique_id or not
I don't
then disable it
a2dismod unique_id
hopefully...
apache works fine
but lots of daemon don't
starting with ssh which does log anyuser but root
you never really answered me
there should be a PTR in dig that matches your /etc/hostname
else reverse lookups may not work
the same is true if something is in /etc/hosts that has a different IP for that hostname
ok I have a PTR but it did not match my hostname
so I reseted the hostname
then you don't have a DNS record for your hostname
and rebooted
but I still have the same problems
unless it's a CNAME
?
geez
the problem is your DNS
it's not apache
you can't change your PTR record from your machine, probably
you'll need to yell at your isp
I known so I changed my hostname
it might be my ISP that changed something
right now I can get around the problem
ok
if /etc/resolv.conf is pointing to your ISP's name servers then dig will report the DNS records as they stand
Has anyone heard of trouble with the /etc/init.d/apache2 script? Mine won't work, though /usr/sbin/apache2ctl start does.
Is this a question for #apache, or my distro room?
distro
what distro are we dealing with here?
Xubuntu
try them, i guess
good luck
It's not a matter of luck, it's a matter of precision, skill, and good keyboard skills. Also the amount of the monetary bribe matters.
But if I have to swear at that box much more, I've got a cent box waiting...
fajita, hehe
huh?
THere appears to be no reason for it not working. the script is pointing at /usr/sbin/apache2ctl, just like /etc/init.d/apache is (which does start up properly)
I have changed my hostanme to match the PTR record and still have the same problems
that is amazing
fajita, there was an etc/defaults/apache2 with a NO_START=1 line in it. CHanged it to 0 and was all set. Who in hell designed things that way I wonder?
i don't know, craigbass1976
Is that on other Linuxes that way?
no
just your fucked up distro
Have to complani to management. I wonder about on Debian...
See you guys later
the NO_START is a security block for people who get carried away with software installs
many services that operate on the network are considered potental security holes, so nothing is automatic
Hey, just got the word that this /etc/defaults/apache2 file exists in Debian as well (if you use the debian package) but by default it is set to 0.
how do you secure a website with a login?
do you need a DB?
you can store your passwords in multiple backends
plain text file,
db file
auth
Take a look at http://httpd.apache.org/docs/2.2/howto/auth.html or http://wiki.apache.org/httpd/PasswordBasicAuth for some basic examples!
sql db
ldap
Take a look at http://wiki.apache.org/httpd/Recipes/UseLDAPToPasswordProtectAFolder for an example LDAP configuration
etc
ok, a really simple method, without a db
FORTRAN!
Debian is cautious.. if that's "fscked up" then oh well!
the 2nd link fajita gave you
ooops
Put the text "Only enter if you are allowed to" the simplest way
that was for neverblue
yeah
i dont want to use LDAP either
can I do it right within apache?
oh wait
i see what you mean
don't mess with the bot! miserable human!
I'm using apache2's reverse proxy to serve several sites from different servers in a NAT behind my main webserver. From one of the sites, just one, I get "[error] proxy: HTTP: disabled connection for (192.168.2.6)" in my access logs when I try to use the site. What could cause this? The site
config is as identical as it can be (different ip addresses) to the other sites, and it works fine when contacted directly.
lookie at the error log
er. that is the error log. sorry.
any ideas?
thinking is *hard*!
?
so if I have a user access my site, they can surf around the pages, but say a day later they go to an internal page, and I want them to login, how can I do that?
since they login when they go to the index.html page first to login
auth
Take a look at http://httpd.apache.org/docs/2.2/howto/auth.html or http://wiki.apache.org/httpd/PasswordBasicAuth for some basic examples!
^^
thumbs, yeah, I was reading the second link
that covers it?
it achieves what you want to do, yes
thanks thumbs
I'm using apache2's reverse proxy to serve several sites from different servers in a NAT behind my main webserver. From one of the sites, just one, I get "[error] proxy: HTTP: disabled connection for (192.168.2.6)" in my error logs when I try to use the site. What could cause this? The site
config is as identical as it can be (different ip addresses) to the other sites, and it works fine when contacted directly.
is the backend or the reverse proxy logging that?
nvm, it's the proxy
show me your ProxyPass for that server please
it's getting marked unavailable i suspect, by mod_proxy
likely because it can't connect
ProxyPass / http://192.168.2.6/
ProxyPass /blah/ http://mybackendserver/ retry=1
yeah but by default it waits 60 seconds to try again
thats too long!
if apache isn't connecting in 1 second on a lan, there's an issue
no no
oh, he didn't say it was an apache backend
that value is the retry time aftre it is found to be failed
right, and that's too long
it's a full minute by default
oh, i see what you mean.
wahey, it worked! i put the retry parameter in, restarted the proxy, and it works
how long does it wait for a connect by default?
thanks, arreyder
I think 5 minutes
also too long
that's for a repsonse from backend
tcp connect time would be an os thing
?
i timeout sockets on connect time
sure, but apache doesnt give that option
at least that that I have seen
be george
0pm. she is hevening a presentation over power
Be roy
Be homer
I am back, anyone familiar with Virtual Hosts and ip:port based listening? (im using a dns service to cloak 8080)
yeah, i was just reading the docs
Hi, I am trying to set up logs apache to syslog-ng, CustomLog like this works perfect, CustomLog "| logger -t apache_access_clones -p daemon.info" combin
sorry
http://www.drbacchus.com/cgi-bin/be?roy wasn't successful
Oh I love your magazine, my favorite section is 'How To Increase Your Word Power'. That thing is really, really, really... good
You will be!!
but using the same for ErrorLogs does not work, any idea?
It is not possible to use ErrorLog "| logger to syslog" ?
it would nice to be able to influence that from the apache config.
oh, drb.com is down?
it isnt?
servertoekns www.drbacchus.com
what happened when you tried?
does not work errorlogs
but, Customlogs works clean
servertokens www.drbacchus.com
Apache
nothing
seen drbacchus
Related Topic: