DevHeads.net

Apache

Options for characterizing module CPU consumption

Hi,

What options do I have for characterizing, on a per-prequest basis, how much CPU and/or clock time is consumed by each Apache module in request processing?

Regards,
Mark

No matter what I do, the httpd.pid file is created in the wrong location at runtime!

OK, I'm just trying to learn about building Apache httpd.

Apache out of memory

Hello,
I have ubuntu 16.04 server with 2.4.16 server
Yesterday server stop responding and when check logs it's shows
Out of memory: kill process 7986 (apache) score 1613 or a child.

When I restarted server it's started working,server is having 40gb ram and
same getting full after sometime

Please suggest.
Se

Compiling Apache with Non-System OpenSSL

Hi,

Having some trouble compiling Apache with non-system OpenSSL, any help
appreciated. Looked at many threads online but no answers so far.

I'm compiling Apache using non-system-installed libraries for APR,
APR-Util, OpenSSL and PCRE. It works fine, and compiles from the
provided libraries.

Using server variables in CustomLog Directives

I have a server application, and for security reasons I'm trying to prevent
requests, which provide 'username' and 'password' as query parameters, from
being logged (providing these parameters as query parameters is a user
mistake, but still...)

I've tried this way:

* SetEnvIf QUERY_STRING "username.*password|password.*username" dontlog
CustomLog logs/my_log common env=!dontlog*

But the unwanted requests were still being printed to the log.

AH02968: Can't check pipelined data

I am running 2.4.37. For certain requests (HTTP/1.1), I am receiving the following debug level message in the error log,, “AH02968: Can't check pipelined data”. This causes the response to hang until the configured keepalive timeout. Any ideas on what may be causing this?

Regards,
Tendai

Issue with FastCGI module in Apache 2.4

Team,
I am upgrading apache version from 2.0 - 32 bit to 2.4 - 64 bit on Linux.

I am not able to convert the httpd.conf file to newer version.
Please help.
Especially I m finding difficulty in migration the variable 'FastCgiServer'

Httpd.conf in 2.0 version

<IfModule mod_fastcgi.c>
AddHandler fastcgi-script .fcgi

# Launch the FastCGI processes
FastCgiIpcDir /tmp
FastCgiServer /datlib/advantage/pc/envs/fo_b2_a/manager/bin/pcwww_fastcgi.pl -idle-timeout 300 -processes 3 -initial-env LD_LIBRARY_PATH

<VirtualHost *>
DocumentRoot /datlib/advantage/pc/envs/fo_b2_a/ma

any users of mod_pagespeed?

Hello,

Do we have any users of mod_pagespeed with apache 2.4.x on a FreeBSD
system? I'm having no luck compiling it via system ports as one of
it's dependencies or one of it's dependencies dependencies requires
opencv which is failing to stage properly. I am therefor stuck.

Any ideas?

Thanks.
Dave.

Occasional "%T / The time taken to serve the request, in seconds" inaccuracy in Apache/2.4.39 access_log ?

Hello,

I am running Apache/2.4.39 on Linux.

I am using a custom log format, and have included "%T / The time taken to
serve the request, in seconds" in my LogFormat command.

I occasionally see a real outlier number for that %T -- say 10 seconds or
more -- for a page element that almost always takes less than 1 second.

This number is not backed up by my firewall logging or my other logging --
they always show a much more realistic and reasonable number for that exact
request (as per timestamp and requesting IP addy).

Is it possible that %T is occasionally inaccurate???

Sorry if this has a

Regex in ServerAlias

Hello,

i try somethink like

ServerAlias (www\.)(example)\.(com|info|foo.bar)

I have done, and reload config, no error is shown, but i do not see the
right page, only the default one.

Is there a way in Apache?

Best Regards,

Re: [users@httpd] Need Apache to return multiple error doc

Changing what an error return code points to should not effect your
server's ability to restart (even if there are errors in the
ErrorDocument itself).

Need Apache to return multiple error doc

Hi all,
I have a requirement where I need send different error docs for same
error code depending upon specific error returned by application..
For example, if application returns 400,it means error may be due to non
availability of query param or url doesn't have mandatory fields etc,and
depending upon this exact error, I need to send proper error doc with exact
error..

Expose my server to internet

Hello,

Out of curiosity, I just want to access my server over internet.
I have forwarded port 80.
I have got a free domain in NoIP.
In my router I've also configured the settings and successfully logged in.
But when I test whether my port 80 is accessible, it's not opened.
This is my home system, using Ubuntu 18.04. I've not enabled any firewall
by myself.

So just wanted to know whether should I configure anything in Apache httpd
to make port 80 accessible?

Thank you.

Looking for advice re getting mod_xml2enc for Apache 2.4.39

Folks,

I built and have been using the 2.4.39 version of Apache for a while, and
been reasonably happy with it. However, I am porting some web pages
that require mod_proxy_html which in turn requires mod_xml2enc.

The problems are that I can’t seem to find mod_xml2enc anywhere,
and my 2.4.39 build environment got toasted.

Blocking particular URL/file patterns

apache 2.4.39
linux 4.12.14-lp151.28.7-default x86_64

Our site has beset with numerous search engine queries for URLs that
have *never* existed on the site. They have the form:

/condalia1398.xml.gz
/heling348628-h1819-746-be2dochmiacal-97a2-/6a465d7hll78i1/

where the digits are randomly changed. The search bots of Google and
Bing are the most prevalent producing 1000s of 404s per day. Not a
particular CPU burden, to be sure.

Rewriting

Hello, at this day i didn t find the answer to the following question :

RewriteRule ^that-and-that$ talent\.php\?id=(.+)[E=BREAK:1,L]
RewriteCond %{ENV:REDIRECT_BREAK} !^1$
RewriteCond %{QUERY_STRING} ^id=([0-9]+)$ [NC]

RewriteRule ^this\.php$ /that-and-that [QSD,R=301,L]

This code works actually but it doesn t display the right product. I found
my php var_dump display this info ...["QUERY_STRING"]=> string(20)
"id=(.+)[E=BREAK:1,L]. ...

Apache 2.4.39 upgrade issue

Hello Team,

We have Cakn application which use mod_WSGi module for calling python web
interpreter same s is working fine on apache 2.4.18 on *Ubuntu 16.04* , now
internal security team has notified us to upgrade Apache with 2.4.39.

when i did "*apt-cache policy Apache"* its shows installed & candidate
version same i.e *2.4.18*, so i added repo *add-apt-repository
ppa:ondrej/apache2 *and upgraded to 2.4.39 .
after upgrading same site stops working and shows below errors in
error.log and application specific logs.

1.

Confirm new format for IP restriction paweez?

Trying to figure out why my apache server is blocking and denying
different. Essentially trying to setup a "deny by default" unless it's from
given networks.

in vhost.conf file

<directory /var/www/html>
<RequireAll>
Require All denied
Require not ip 10.0.0.0/24
Require not ip 192.168.0.0/24
Require not host externalwebserver.net
</RequireAll>
</directory>

Boyd H.

Adding perl-cgi in apache 2.4

I need to enable perl-cgi for a specific directory local to a single site.

Comments unusable?

At the bottom of documentation pages at
<a href="http://httpd.apache.org/docs/current/en/" title="http://httpd.apache.org/docs/current/en/">http://httpd.apache.org/docs/current/en/</a>, it says:
"Comments
Notice:
This is not a Q&A section. Comments placed here should be pointed towards
suggestions on improving the documentation or server, and may be removed
again by our moderators if they are either implemented or considered
invalid/off-topic. Questions on how to manage the Apache HTTP Server
should be directed at either our IRC channel, #httpd, on Freenode, or sent
to our mailing lists."

Unfortunately I could not see any way to comment.

Apache HTTP Server Prior to 2.4.12 Multiple Vulnerabilities

How to patch Apache 2.4.6 to latest release on RHEL 7.4?

Thanks

Satish

IBM Bangalore

::DISCLAIMER::

APACHE MODULE CSRF

Guys, good afternoon ...

How to configure a "Location"-block for URLs containing spaces?

Hi all,

I'm hosting some SVN-repos using mod_dav_svn and am running into
problems when using URLs with spaces.

My approach is simply to have a directory structure of SVN-repos
grouped by customers or some topic and for each of those groups I want
to configure a corresponding URL as entry point into mod_dav_svn.

caching of HTML5 <video> (MP4)

Hi folks,

When I'm serving up many (huge) MP4 files via HTML5 <video>, and want
heavy caching to keep traffic down, is the following suitable
public_html/.htaccess content?

=====
<IfModule mod_expires.c>
<FilesMatch "\.(mp4)$">
ExpiresActive On
Header set Expires "Mon, 27 Mar 2038 13:33:37 GMT"
</FilesMatch>
</IfModule>
=====

Thanks!

Best regards,
Norbert

ApacheCon North America 2019 Schedule Now Live!

Dear Apache Enthusiast,

(You’re receiving this message because you’re subscribed to one or more
Apache Software Foundation project user mailing lists.)

We’re thrilled to announce the schedule for our upcoming conference,
ApacheCon North America 2019, in Las Vegas, Nevada. See it now at
<a href="https://www.apachecon.com/acna19/schedule.html" title="https://www.apachecon.com/acna19/schedule.html">https://www.apachecon.com/acna19/schedule.html</a> The event will be held
September 9th through 12th at the Flamingo Hotel.

Reverse proxy server - SIGSEGV

Hello. Recently, we ran a stress test (using Loadrunner) against our backend server using Apache as a reverse-proxy server. We've been running this way for some years. It's not clear when the last time (or if ever) this stress test was run, but we noticed that we were getting SegVs in various locations (mainly in mod_proxy). We're running version 2.4.39 of httpd and version 1.7.0 of APR. We're also using worker mpm and if we switch to the event or prefork mpms, we don't get any errors.

mod_rewrite question on directory

We have a test server, with test sites that are in two different branches
of development, but essentially the same base content. They live at
/x/y/z/testsite and /x/y/z/test-site.

css files not loading

Hello,
I am hoping to get some help with an issue concerning a reverse proxy
setup and static files.

I have two domains that I purchased from Google Domains, johndavidhock.net
and johndavidhock.com and have created very simple websites for both of the
domains which consist of a single html file and a css file, index.html and
main.css respectively.

My home network is setup as follows:
Server location: 192.168.1.103 - hosts the <a href="http://www.johndavidhock.net" title="www.johndavidhock.net">www.johndavidhock.net</a> site
Server location: 192.168.1.104 - host the <a href="http://www.johndavidhock.com" title="www.johndavidhock.com">www.johndavidhock.com</a> site

I also have a server at 192.168.1.105 which acts as a reverse pr

Searching for Apache Test Framework or Test Harness

Hi,

Is there any Open Source Apache Test Framework or Test Harness available
for Apache 2.4?

Basically I want to run the complete test for my Apache installation.

For e.g. The test framework should be able to test all the Modules
available with Apache 2.4

Regards,
Andrew

Can't connect to server on 443 ... no log information being generated

Hi ...

My apache2 server was working perfectly and then it stopped. I can connect
on port 80
but not on port 443.

Server version: Apache/2.4.18 (Ubuntu)
Server built: 2019-04-03T13:34:47

--------------------------Good
$ telnet ajp.geoffrussell.com.au 80
Trying 203.122.232.225...
Connected to geoffrussell.com.au.

---------------------------------Good
$ telnet localhost 443
Trying 127.0.0.1...
Connected to teddy.geoffrussell.com.au.

---------------------------Bad
$ telnet ajp.geoffrussell.com.au 443
Trying 203.122.232.225...

Nothing happens.

403 Forbidden on symbolic links - totally won't do it.

I have spent the past two hours trying to find the magic needed to get
my external drive symlink to be part of a friend's website. I've
never been able to do this in the past and have simply reinstalled
linux on larger and larger volumes as a solution to running out of
free space, but I'm simply too busy to deal with a reinstall this
month.

I get a 403 Forbidden error at <a href="https://sellfam.com/minecraft/www/" title="https://sellfam.com/minecraft/www/">https://sellfam.com/minecraft/www/</a>

I told it to follow symlinks in the sites-available files and it
should just work, but doesn't... What on earth is wrong?

Urgent: Apache log is not rotating after the upgrade

Hello,

We have upgraded Apache 2.2 version to Apache 2.4.34 version on Red Hat Enterprise Linux Server release 6.10 (Santiago) server . After the upgrade the log is not rotating and we also check the log rotation file config looks good .

Can some one help me to figure out the issue..

Below is the config details of log rotation policy.

Log revoked certificate information

Hi,

I'm looking for a way to track users who is using client certificate to log
in to Apache HTTPD. Especially, I wanted to know who is trying to use
revoked certificates to attempt login. Is there any possible way to log
some of the certificate information, such as the certificate's serial
number into the log so that whenever a revoked certificate is used, some
information about the specific certificate is logged instead of just
showing "certificate revoked" in error_log?

Thanks.

Regards,
Hao

URL question

I have a web site accessible by:  <a href="http://www.foo.com/bar.html" title="www.foo.com/bar.html">www.foo.com/bar.html</a>

But users that use: <a href="http://www.foo.com/bar" title="www.foo.com/bar">www.foo.com/bar</a>

get a directory content of the files in directory bar.

What do I need to add so that those that use the shortcut of leaving off
.html still get the full web site.

thanks

Reverse Proxy Configuration

Hi everyone, I am looking for some help configuring Apache Web Server as a
reverse proxy.

A little background: I have a Debian 9 (stretch) server at my home, running
Nextcloud on Apache2. I have a static IP from my ISP, and a domain I own is
pointed to it. I have forwarded ports 80 and 443 on my router to the LAN IP
of my Debian server. Everything is configured and working, and I can access
my Nextcloud instance at <a href="https://mydomain.com" title="https://mydomain.com">https://mydomain.com</a>

What I would like – and tell me if I'm barking up the wrong tree here – is
a secure way of accessing different services on my home network from the
internet.

confirming proper heders

Hello, I have a project I have been working on where I need to dend "201
Created" then "Loction <a href="http://IPADDRESS/result" title="http://IPADDRESS/result">http://IPADDRESS/result</a>.

I am setting headers i PHP and have checked in wireshark and although I did
see 201 Creater and Location <a href="http://IPADDRESS/result" title="http://IPADDRESS/result">http://IPADDRESS/result</a> I was later informed
that the PHP code I was using needed to have a comma removed between 201
and Created. I then re-confirmed and see no difference.

My headers being set
header('HTTP/1.1 201 Created');
header('Location: http://localhost/eSCL/Scans', false);
header( 'Expires: Sat, 26 Jul 1997 05:00:00 GMT' );
header( 'Last-Modified: ' .

Need some advice - thread safe php module

Hi,

I am porting some older web pages from Apache 2.4.6 to Apache 2.4.37 on Linux
and apparently need to find a thread-safe version of libphp5.so to use, since we're
running MPM.

* Does anyone know where I can download the apache thread safe php module?
* If not, can someone give me a clue about the configuration options I should use
to build a new version of PHP which contains the php module for Apache?

I have been unable to find a download for the php module, and building PHP is not
producing a php module either.

Thanks,

Jeffrey Cauhape - IT Professional III - Linux and Solaris

Control / Modify the HTTP Status Line

Hello,
This is my first message on this user list, hope that's the right place for
my question.

I am using Apache for proxying a backend server.
The backend server may return, in some occaisons, a 302 response code for
successful requests.
As I cannot alter the backend behavior nor the client's to consider such
302 responses as successful, I am looking for a way to manipulate the
response code on Apache.

While going through the options in and trying ways to alter data which is
sent back to clients I found two:
1. mod_substitute - to manipulate respose body.
2.

Files POSTed are not saved, instead 404

Hi I am new to the list .

I posted this earlier but am afraid for lack of subject it was ignored.
Posting here again with update.

I have an issue which I believe to be an apache configuration issue

When I POST a file with CURL or android app I get 404 error however the
path exists.

As I understand It i do not need a handler to POST and the file should
appear.

Hi I am new to the list .

I have an issue which I believe to be an apache configuration issue

When I POST a file with CURL or android app I get 404 error however the
path exists.

As I understand It i do not need a handler to POST and the file should
appear. I am trying to replicfate AirScan/eSCL Protocol

I have tried numerous solutions from modifying .htaccess, php.ini and
apache2.conf.

Thanks in advance for any advice .

how to put geodata into $_SERVER for php-fpm using proxy_fcgid

Hello List,

we use latest apache 2.4.39 and various php-version connected with
proxy_fcgid.

previously we used mod_fastcgi to bind php-fpm to apache.  Watching a
phpinfo() in this scenario offered also complete geodata section in
phpinfo.
mod_geoip ist installed and mod_fastcgi put this into $_SERVER
Environment for phpfpm, so geodata was easys to use in scripts.

Now with new method using proxy_fcgid this geo-section is lost.  As an
alternative we could install geoip-extension for php.

mod_proxy_balancer / mod_proxy_http question - stick tables support based on url

Hi all,

I've got a question about:

<a href="https://httpd.apache.org/docs/2.4/mod/mod_proxy_http.html" title="https://httpd.apache.org/docs/2.4/mod/mod_proxy_http.html">https://httpd.apache.org/docs/2.4/mod/mod_proxy_http.html</a>
and
<a href="https://httpd.apache.org/docs/2.4/mod/mod_proxy_balancer.html" title="https://httpd.apache.org/docs/2.4/mod/mod_proxy_balancer.html">https://httpd.apache.org/docs/2.4/mod/mod_proxy_balancer.html</a>

Can balancing of apache httpd be configured to use stick tables to
balance requests (having HAProxy in mind)?

With HAProxy you could define something like:

stick-table type string len 256 size 1M expire 1h
stick on path,field(3,/) table mytable

I want to balance requests with httpd based on a part of the URL (no
cookies there) (/r/${balancePart}/...) and it should balance that in a
way that there are some preferred rules like:

Collecting Metrics from Apache Server

Hi all,

I'm investigating ways of collecting metrics from the Apache server.
Specifically, I'm trying to figure out a way to collect throughput
(req/sec) and the average latency. I have tried using mod_status, but it
only gives throughput. I'm thinking of using the following approach.

Current Approach:
1. Create a new Log Format including the request processing time.
2. Use Logstatsh to read Apache access logs.
3. Output the timestamp and request processing times to Elasticsearch
4.

Why am I getting Openssl library mismatch with mod_ldap??

Hello,

I successfully built a FIPS openssl based mod_ssl for Apache 2.4.39.
Everything works great via SSL when I boot Apache, EXCEPT when I then
turn on mod_ldap/mod_authnz_ldap, THEN I get the below openssl library
version mismatch.

2.2 to 2.4 upgrade

Hello apache web community,

I upgraded apache web server on RHEL 7 from v 2.2 to v 2.4. I have a question about the procs that are spawned after the web server is started up.

For example, when I would start v2.2 (./apachectl start) it would have the root process and spawn 2 additional apache procs. This would give me a total of 3 like so:

root 29124 1 0 12:14 ? 00:00:03 /opt/apache-2.2/bin/httpd -k start
apache 29129 29124 0 12:14 ? 00:00:00 /opt/apache-2.2/bin/httpd -k start
apache 29131 29124 0 12:14 ?

Simple file listing issue in browser, 2.2 vs 2.4

Folks,

This is probably a simple issue, but so far I haven't found anything in the
doc that addresses this directly.

A user has pointed out that a listing of a directory on one system running
Apache 2.2.3 shows files with their details - mod time, file size, etc., while
a nearly identical set up (pathnames differ) on a system running Apache 2.4.29
shows only the file names with no other details.

The files ownership and permissions are the same.
Files are accessible in both cases.
Configuration info in the httpd.conf files are identical.

Receive openssl library version mismatch when enabling mod_ldap ??!!

Hello,

I successfully built a FIPS openssl based mod_ssl for Apache 2.4.39.
Everything works great via SSL when I boot Apache, EXCEPT when I then
turn on mod_ldap/mod_authnz_ldap, THEN I get the below openssl library
version mismatch. The SSL will still work, but it display the below
warning.

I tried to rebuild apr-util with openssl +ldap and integrate with the
apache build but same issues...

RHEL6 software collections mod_rewrite not working

We are trying to use the software collections version of apache 2.4
(httpd24-httpd package) on RHEL6 and it claims mod_rewrite is being loaded
but none of our previously working rewrites seem to be doing what we
expect.

Tuning Apache Web Server Parameters

Hi all,

I'm working on a project to dynamically tune the parameters of the Apache
web server. I'm particularly looking at changing MaxRequestWorkers
(formerly known as MaxClients) parameter by looking at runtime
characteristics. I have tried setting the parameter using the
/etc/apache2/apache2.conf file, and gracefully restarting the server.
However, the value set for MaxRequestWorkers does not seem to get reflected
after the restart (I checked the running processes).

撤回: RewriteRule overbinding in 2.2

付 传淮 将撤回邮件“RewriteRule overbinding in 2.2”。

RewriteRule overbinding in 2.2

I have a problem with a RewriteRule where it appears to be over-binding in the REGEX:

RewriteRule ([0-9]{4,6}(?:-[0-9]{1,2})?\.jpg)$ /cgi-bin/logo-image.pl?image=$1 [L,PT]

What it should do is bind a 4-6 digit number, followed by an optional - and a 1-2 digit number, and finally .jpg, at the end of the URL, and send them as a query string to the backend.

CGI scripts generating 503 error

So I am really having a difficult time figuring out this problem.  Tried
to do some searching of the archives here, didn't come up with anything.

Recently had a server die, but was in the process of replacing it at my
leisure.

Apache 2.4.33 download data size limit to 124MB

Hello,

We identified an issue with Apache 2.4 that seems to be a regression
compared to 2.2. Any binary data stream will be truncated to 124MB on a low
bandwidth of 100Mpbs.

Is there any known workaround, configuration change? Why do we have this
limit?

Thank you,
Silvia

ssl stapling error - sectigo

Hello List,

Apache is 2.4.39, System is Ubuntu 18.04 and 16.04

since yesterday evening we have massive mod_ssl problems with ssl stapling:

Apr 24 11:20:59 myhostname apache2[16094]: [ssl:error] [pid 16094]
AH01941: stapling_renew_response: responder error

We had complaints about slow webpages, this forced us to deactivate
stapling on all our servers.
Affected are certificates of sectigo (previously comodo) with ocsp-url
<a href="http://ocsp.sectigo.com" title="http://ocsp.sectigo.com">http://ocsp.sectigo.com</a>
I cant confirm for other providers, we use comodo/sectigo the most.

But it seems there is no basic problem on our system/network because i
can manu

issue with mod_reqtimeout in Httpd server 2.4.39

Hi Team,

We are facing timeout issue while uploading long file, when I enable debug log and found that traces of

[reqtimeout:info] [pid 25680:tid 140121479206656] [client 192.168.33.1:61857] AH01382: Request body read timeout

While looking into release notes of 2.4.39 there are some changes in mod_reqtimeout area, we never face that issue in 2.4.38, so please guide me how should I proceed to fix the issue. Please let me know if more details are required.

Thanks and Regards,
Rajendra Rathore
9922701491

443 section of name based virtual host conf file being ignored

It seems my Port 80 settings are functioning properly, but the

<VirtualHost *:443>

section contents are being ignored

Any ideas why that would be happening?

this is the original, or base virtual host .conf

Thanks

Ssl certificate ignored in virtual host

Why would ssl.conf certificate settings override the certificate settings in a specific virtual host config file?

Sent from my iPad

Need help getting php7 working..

Hello - I guess I need to appeal to some kind gurus for help, I've been
racking my brains out trying to get PHP scripts working under Apache2
and just not getting any traction... I am running the following Apache2
server -

which supports a number of virtual hosts. I need to be able to get the
server to support PHP scripts so as to run applications like WordPress
and phpMyAdmin amongst others.

Apache converts GZIPed data into UTF-8 - bug or feature?

Hello,

Configuring a REVERSE PROXY, I try to *relocate* the "mountpoint"
URL; i.e.

SSLKeyLogFile

Hi, 
 
is there a simple configuration in Apache Http server for logging TLS secrets into a file that can be used in Wireshark to decrypt captured TLS network traffic? 
 
I found this link https://gist.github.com/schierlm/fef3d79818f5561cd87991c89b81122f that seems to provide such a keylog file.

Syndicate content