DevHeads.net

Apache

Environment variables not being set by php module

Hi,

I'm trying to set an environment variable and run a program via php when
the page is loaded. This command runs fine when I use the php
interactive shell:///|putenv('TS_SOCKET=/tmp/test.socket'); echo
exec('tsp');|/

However, if I wrap that with php tags, throw it in a .php file and
access it via browser, the environment variable seems to not be set at
all (evidenced by the incorrect output of `tsp`). Setting the
environment variable in the exec() call doesn't work either.

Trouble using soft link when requesting image file

WHM v68.0.29
Apache/2.4.29
CENTOS 7.4

I am trying to configure Apache to follow a symbolic link from one account's
public_html folder to another account's public_html folder. So, if Account1
has a soft link "slink":

~account1/public_html/slink -> ~account2/public_html

Given the above, assets are available via two paths:

account2.com/index.html is the same as
account1.com/slink/index.html

account2.com/st/site.css is the same as
account1.com/slink/st/site.css

I added the symlink, and things seemed to work, including html, css, and
javascript files, files in subfolders, etc.

CPU usage in server-status and top not matching

Hello

Trying to match high %cpu httpd processes from "top" with what they are requesting and ip addresses

Any suggestions?

Thanks

Save the date: ApacheCon North America, September 24-27 in Montréal

Dear Apache Enthusiast,

(You’re receiving this message because you’re subscribed to a user@ or
dev@ list of one or more Apache Software Foundation projects.)

We’re pleased to announce the upcoming ApacheCon [1] in Montréal,
September 24-27. This event is all about you — the Apache project community.

We’ll have four tracks of technical content this time, as well as lots
of opportunities to connect with your project community, hack on the
code, and learn about other related (and unrelated!) projects across the
foundation.

The Call For Papers (CFP) [2] and registration are now open.

Apache 2.0 architecture

Hi All,

While Debugging apache, I encountered with following questions. I am unable
to get answers for the following questions, please help to answer them.

Q1. Startup process is reading configuration two times and creating
conftree. Why do we need to read configuration script twice? Is there any
difference in conftree after first and second read of configuration script.

Q2. When we start apache, it starts with startup process and then it
detaches and starts Master/Parent Process. After that Master Process take
control and spawn child processes.

Apache httpd 2.4.30-dev available for testing

The Windows lovers can test the soon coming httpd 2.4.30.

See <a href="http://www.apachelounge.com/viewtopic.php?p=36509" title="www.apachelounge.com/viewtopic.php?p=36509">www.apachelounge.com/viewtopic.php?p=36509</a>

Please let me us know how it goes.

Issues you can report here or at Apache Lounge.

Is it safe to run Apache HTTP Server binary on Windows?

I am running 64-bit version of Windows 10 and Windows Server 2016.

===BEGIN SIGNATURE===

Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017

[1] <a href="https://tdtemcerts.wordpress.com/" title="https://tdtemcerts.wordpress.com/">https://tdtemcerts.wordpress.com/</a>

[2] <a href="http://tdtemcerts.blogspot.sg/" title="http://tdtemcerts.blogspot.sg/">http://tdtemcerts.blogspot.sg/</a>

[3] <a href="https://www.scribd.com/user/270125049/Teo-En-Ming" title="https://www.scribd.com/user/270125049/Teo-En-Ming">https://www.scribd.com/user/270125049/Teo-En-Ming</a>

===END SIGNATURE===

SSL cipher suites

Hello,

I'm looking for recommendations. I'm running apache 2.4 and Openssl
1.0.2n.

rewrite not working, still going https

Hello,

I'm trying to get apache 2.4 not to rewrite urls with
.well-known/acme-challenge in them. I do not want these urls
redirected to https but all other urls to do so.

FilterProvider - list of providers

Hi,

I am trying to get my head round what I can do with filters.

httpd running with uid - apache 2.4.29

All,

I am experimenting a scratch install of Apache 2.4 on RHEL. I noticed the
httpd process is running with UID instead of username. Any ideas?

root 30426 1 0 14:40 ? 00:00:00
/app/apache/apache24/bin/httpd -k start
30139 30427 30426 0 14:40 ? 00:00:00
/app/apache/apache24/bin/httpd -k start
30139 30428 30426 0 14:40 ? 00:00:00
/app/apache/apache24/bin/httpd -k start
30139 30429 30426 0 14:40 ? 00:00:00
/app/apache/apache24/bin/httpd -k start

The httpd.conf file has the user and group configured as apache

Apache httpd dynamically links to wrong ssl library on macOS causing a crash

Hi,

I’m currently working on a new php formula in the Homebrew package manager
project where we have noticed that httpd crashes on macOS High Sierra under
certain conditions.

Apache httpd directory listing no longer working

Directory listing inside one of our VirtualHost configurations has stopped working recently.
It now returns a 403 Forbidden when trying to access a directory.

The url is protected with basic authentication from a .htpasswd file.
Accessing a specific file under de location presents no problem.

"apachectl -S" and DocumentRoot

Hello

apachectl -S

is a nice command. We are looking for something that outputs the "DocumentRoot" for all virtual hosts

Is there some way to do that with a single command?

Thanks

upgrade or new install

All,

Looking for best practice upgrade method from Apache 2.2.29 to Apache
2.4.29.

Should i perform an in place upgrade or install a new version of Apache
2.4.29?

E-commerce Rewrite Rule

Good morning Team,

Below 4 URL in my e-commerce, please guide me right rewriterule for it.

1. domain.com / Clothing[Department] / Mens[Main Catagory] / Shirts[Sub
Catagory] / T-Shirts [Sub Sub Catagory] / White Shirt [product_id=15]

2. domain.com / Mens[Main Catagory] / Shirts[Sub Catagory] / T-Shirts [Sub
Sub Catagory] / White Shirt [product_id=15]

3. domain.com / Clothing[Department] / Mens[Main Catagory] / Shirts[Sub
Catagory] / White Shirt [product_id=15]

4.

Setting up Apache 2.4 with Letsencrypt

I have dehydrate properly renewing certs from Let's Encrypt (which I am using successfully for mail authentication) and I ma trying to get them working for Apache 2.4, but no luck so far.

I created aliases in /usr/local/etc/apache24/ pointing to the files in /usr/local/etc/dehydrated/certs/domain.tld/fullchain.pem and privkey.pem

in httpd.conf I have:

LoadModule ssl_module libexec/apache24/mod_ssl.so

Include etc/apache24/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

/etc/httpd/extra//httpd-ssl.conf:
Listen 443
SSLCipher

Apache Unable to reinitiate connection after application server's ip change.

Hello All,

I'm using Apache as my Webserver and we have Tomcat and Websphere as our application servers. We are making an IP change on application servers. On our application servers we don't specify any IP address in any of Tomcat or Websphere configuration. We only specify server name everywhere.

We are only changing IP address but not the server name.

apache 2.4 and python

Hello,

I'm trying to get mod python 3.5 working with apache 2.4. I keep
getting an error on the PythonHandler line. I've got python 3.5
installed, and mod_python 3.5 with apache 2.4, they are not talking to
each other.

Any ideas?

Thanks.
Dave.

Mutual authentication between Apache HTTP server and an application server.

Hi,

I'm using Apache HTTP server as a webserver and Websphere application server as an Application server. Apache is using Proxy to redirect requests from Apache to Websphere. On my websphere side security is enabled, and its looking for mutual authentication. Could you please help me with where I can add my Application server's root certificate on Apache end?

Could you please let me know how can I add websphere certificate in my Apache.

Set up an Apache HTTP server as a rotating proxy

Hi,

Suppose that I have many proxies that I can use (called secondary
proxies here). I'd like to create a master proxy that rotates its
connection to these secondary proxies. In this way, an application
only needs to connect to this master proxy and does not need to know
whether the master proxy rotates among these secondary proxies.

I see that apache reverse proxy probably may be able to do this. But I
am not very sure. Could anybody confirm whether this is the case? Is
there any specific configuration need to done to ensure a strict
rotation policy?

Spurious access denied errors

Dear list,

I've installed and configured mediawiki as follows (on top of default
Ubuntu 16.04 Apache/2.4.18 installation):

Help with ProxyPass and ProxyPassReverse

I have a HTTP mail client running on port 7080 on the server that must be
proxied through Apache.

Using a workstation, I can enter:

<a href="http://192.168.1.7:7080/mail.html" title="http://192.168.1.7:7080/mail.html">http://192.168.1.7:7080/mail.html</a>

and it brings up the mail client correctly.

I tried to use ProxyPass/ProxyPassReverse to move the mail client to run on
port 80 with the following configuration:

# Surgemail redirect to allow web based e-mail
<VirtualHost *:80>
ServerName mail.mymaildomain.ca
ProxyPass "/" "http://127.0.0.1:7080/"
ProxyPassReverse "/" "http://127.0.0.1:7080/"
ProxyPassReverseCookieDomain "127.0.0.1" "mail.mymaildomain.ca"
</V

Re: [users@httpd] websocket header not passing a long with ProxyPass and mod_headers

On Thu, Feb 8, 2018 at 1:33 PM, <users-digest- ... at httpd dot apache.org> wrote:
Hi Rainer,

Thanks. Yes, I am using mod_proxy_wstunnel and it appears that that is
the issue.

~Mark

websocket header not passing a long with ProxyPass and mod_headers

Hello, I have an operational setup where Apache httpd is proxying secure
websockets traffic to an Apache Tomcat server. In other words, I'm using
ProxyPass to pass traffic along to a WSS url.

I'm now having some issues trying to throw mod_headers into the mix.

SSL Certificate Validation

Dear users,
We are currently using Apache 2.2.22 (mod_ssl 2.2.22, OpenSSL/0.9.8t) and we have a security concern since developers are able to bypass the SSL certificate verification when using HTTPS calls. Kindly advise what configuration is needed to enforce the certificate verification?

symbol SSLv2_client_method

hello

i have a solaris zone whit apache:

# /app/apache/bin/httpd -version
Server version: Apache/2.0.59
Server built: Jun 18 2007 14:27:08

when a try to start receive this error:

yntax error on line 32 of /app/apache/conf/httpd.conf:
Cannot load /app/apache/modules/mod_ssl.so into server: ld.so.1: httpd:
fatal: relocation error: file /app/apache/modules/mod_ssl.so: symbol
SSLv2_client_method: referenced symbol not found

# ldd /app/apache/modules/mod_ssl.so
libc.so.1 => /lib/libc.so.1
libgcc_s.so.1 => /usr/sfw/lib/libgcc_s.so.1
libm.so.2 => /lib/li

Virtual/Proxy setup to internal webserver

I have apache24 running on freebsd.

Can I configure virtual host to direct a request for forum.mydomain.com
to an internal webserver on my network

eg; DocumentRoot "forum.mydomain.com"
or "xxx.xxx.xx.xxx"

I tried using Proxy mod but not sure how to setup.

Any hints welcome

Probably small problem with SSL config

I'm setting up an Apache server 2.4.25 in our DMZ for the first time,
and having an issue with getting SSL configured correctly.

I am using links text based browser to connect from a second machine
to the first machine.

apxs tool for Windows x64

Hi All,

Is there apxs tool for Windows x64?
I could only find a very old version for Win32 at <a href="https://www.apachelounge.com/download/additional/" title="https://www.apachelounge.com/download/additional/">https://www.apachelounge.com/download/additional/</a> .

Thanks

How to build httpd module on Windows

Hi All:

How can I build a module on Windows platform without apxs tool?
I downloaded and installed Apache httpd binaries for Windows. Httpd runs and is functional. I would like to build my own module on Windows.
When I try to start up httpd with my custom *.so module built on VS2015, I receive and error, as expected:

C:\Apache24\bin>httpd.exe
httpd.exe: Syntax error on line 181 of C:/Apache24/conf/httpd.conf: Can't locate API module structure `example_module' in file C:/Apache24/modules/mod_example_post.so: No error

Thanks

Help: Vhost default whit other IP.

Hi, i've http(apache2) in debinan 8 and my setup a second vhost(
<a href="http://www.hostB.com" title="www.hostB.com">www.hostB.com</a>) with ip: 192.168.1.51:8000 but my default host in apache is
<a href="http://www.hostA.com" title="www.hostA.com">www.hostA.com</a>.
My apache with received request from browser in 192.168.1.51:8000, redirect
my request for <a href="http://www.hostA.com" title="www.hostA.com">www.hostA.com</a>
I need help
[]'s

Retry connection to reverse proxy backend

Hello,

I've configured Apache as a reverse proxy for my application server.
When the backend server isn't available, Apache quickly responds the
browser with an error 503.

There are short downtimes while I'm upgrading the application server.
But Apache doesn't even care to retry and make the connection request
succeed maybe a few seconds later. It always raises error 503.

Can I configure Apache to try a little harder, and if the backend isn't
responding, wait a second and try again a couple times?

apache httpd2.4.29 error when running make command

Hello group,

I am getting following error when running the make command for httpd2.4.28
on RHEL6

Please advice.

*make[2]: Entering directory
`/app/apache/httpd-2.4.29/support'/app/apache/httpd-2.4.29/srclib/apr/libtool
--silent --mode=link gcc -std=gnu99 -g -O2 -pthread -o htpasswd
htpasswd.lo passwd_common.lo
/app/apache/httpd-2.4.29/srclib/apr-util/libaprutil-1.la
<http://libaprutil-1.la> /app/apache/httpd-2.4.29/srclib/apr/libapr-1.la
<http://libapr-1.la> -lrt -lcrypt -lpthread
-lcrypt/app/apache/httpd-2.4.29/srclib/apr-util/.libs/libaprutil-1.so:
undefined refe

How to retrieve variables from POST XML data

Hi All,

Can please someone provide an example of how to retrieve values from POST xml data.

I use ap_xml_parse_input() to get and parse XML POST.

At the moment I can retrieve everything, including elements, attributes, cdata, but the actual string values.

stable version of 2.4 running in production?

I am planing to upgrade Apache from 2.2 to 2.4 on RHEL 6.6.

I am looking for best practice, should i perform an upgrade from 2.2 or
install 2.4?

Thank you.

Apache responding with wrong protocol

I'm trying to set up Apache 2.4.25 with a Let's Encrypt certificate on
Raspian Stretch. However, I can't get SSL working. Apache keeps
responding with a 400 using HTTP instead of doing the SSL handshake.
What's most confusing is that the log produces lines like:

hostname:80 148.72.168.62 - - [31/Jan/2018:18:23:13 +0100]
"\x16\x03\x01" 400 0 "-" "-"

i.e. it says the request was coming in through port 80, even though it
didn't. I changed my configuration to include 'Listen 443 https' and
disabled the default listener on port 80.

apache 2.4, git smart http, and gitweb configuration

Hello,

I'm trying to host a git repository via smart http on apache 2.4. I'm
also trying to make it viewable using gitweb. The goal is for all
transactions to happen over https so I've got a letsencrypt
certificate. Both reading and writing to the repo on the server should
prompt for a password.

Open Position: Webserver Engineer in Switzerland

Hi there,

My company, netnea.com, is a small consulting / contracting company based in
Berne, the capital of Switzerland. We specialize in network monitoring and
Apache / ModSecurity.

We have an open position for a webserver engineer with a strong interest in
security.

I am the author of the 2nd Edition of the ModSecurity Handbook, I maintain
a popular set of Apache / ModSecurity tutorials on the netnea.com website
and I am one of the co-leads of the OWASP ModSecurity Core Rule Set project.

Obviously, the new netnea employee would work with me and with our
customers on these topics.

Mutex at run time

Hi,

I set Mutex to default, sysvsem but when I am checking error_log
AcceptMutex is none.

My httpd.conf:
Mutex sysvsem
Mutex sysvsem mpm-accept

My error_log :
worker.c(1885): AH00294: Accept mutex: none (default: sysvsem)

Where am I going wrong to use mutex ?

Hemant

compiling Apache httpd 2.4 with mod_nss - configure.sh ignoring --with-nss= option

Apache 2.4.29 on RHEL 7.4

I need to compile Apache with --prefix so that I can manage it with a
non-privileged account, thus I am avoiding the RHEL provided RPMs. I am
trying to compile Apache 2.4.29 from scratch with mod_nss included.

I am configuring using:

./configure --with-apxs --prefix=/opt/apps/httpd-2.4.29
--enable-mods-shared="all cgi nss" --enable-mpms-shared='all'
--with-nss=/opt/local/ --with-nspr=/opt/local/ --enable-mods-shared

However, I do not see that any action is taken on the --with-nspr or
--with-nss options.

proxy_fcgi - force flush to client

Hello List,

currently i compare features and behaviour of proxy_fcgi to classical
methods like mod_fastcgi/mod_php.

mod_php/fastcgi have options to send every output from backend
immediately to client.

virtual host gives unexpected network read error

Hello,

Can someone take a look at the below virtual host configuration?
Whenever I put it in my apache 2.4 the server returns an alert
unexpected network read error connection aborted message. If I take it
out the server behaves normally. Of course nothing is in any of the
logs I've got LogLevel set to warn.

minimal custom modul with no functionality

Hello List,

i try to remove mod_php and switch to php-cgi with proxy_fcgi and mpm_event.
An example setup is running well.  But by removing libphp7.so i want to
keep support for php_value/php_flag directives  in .htaccess
This is done by php-htscanner extension.

Apache child process crashing frequently

We have four Windows Servers running Apache 2.4.27 acting as load balancers for our application server cluster, which is running Tomcat. Recently, we have started to experience a high number of crashes with the web servers.

How to determine if some hook functions are registered for e.g the "Check User ID" phase

Is there some way to determine in a c-module which registered a authn
hook for authorization, if any other hook is configured in the "Check
User ID" phase of request processing?

Looking at:

<a href="https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#writinghooks" title="https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#writinghooks">https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#writinghooks</a>

i can register a hook to negotiated the user ID (in any arbitrary way
and set r.user = 'foo').

How can any other module in the auth stack chain determine if there is
some auth hook registered for e.g.

Successful arbitrary authentication with denied access on the resource results in a core:error AH00571 message in the logs about a missing AuthType

I am using an arbitrary authentication with mod_lua which works so far.

Authentication is done via mod_lua:

<a href="https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#luahookcheckuserid" title="https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#luahookcheckuserid">https://httpd.apache.org/docs/2.4/de/mod/mod_lua.html#luahookcheckuserid</a>

Authorization is done via mod_authz_svn.

I did that and set r.user = 'foo' to the request - just always the same
for this example, which is neither None, Form, Basic, or Digest
AuthType.

If a later authz_module in the stack, e.g.

Can't contact LDAP server

Hello all,

I'm doing SSO using auth_kerb_module with Active Directory and
authnz_ldap_module as fallback (Apache 2.4, FreeBSD 11.1, Windows Server
2012R2):

PassEnv MACHINE_DNSNAME
PassEnv MACHINE_DOMAINNAME_UPPER
<IfModule auth_kerb_module>
LoadFile /usr/lib/libgssapi_krb5.so.10
LoadFile /usr/lib/libgssapi_spnego.so.10
AuthType Kerberos
AuthBasicAuthoritative off
KrbAuthRealm ${MACHINE_DOMAINNAME_UPPER}
KrbServiceName HTTP/${MACHINE_DNSNAME}@${MACHINE_DOMAINNAME_UPPER}
Krb5Keytab /var/www/passwords/auth_kerb.keytab
KrbMethodNe

h2load http/2 benchmarkingresults using different mpm/php configurations

Hello List,

separatly from other mail with proxy_fcgi/enablereuse problem i want to
tell about my results.

Apache 2.4 order mpm issue

Apache 2.4
CentOS 7
Apache has numerous times today hung on me.

difference in alias lines?

Hello,

What is the difference between the two below alias lines?

Alias /.well-known/acme-challenge/ /usr/local/www/.well-known/
Alias /.well-known/acme-challenge "/usr/local/www/.well-known/"

Thanks.
Dave.

Problem with authorized user and SVN access

Hello,

I have an observation on the mod_authz_svn Module in combination with an authorized user.

I have a configuration with an Apache 2.4, mod_lua and Subversion modules 1.9.xx. This is my repo conf:
<Location /svn/repo>
DAV svn
SVNPath "/.../repo"
LuaHookCheckUserID "/etc/apache2/lua/hook.lua" authcheck_hook
AuthzSVNAccessFile "/.../repo.access"
Require valid-user
</Location>

As you can see, the authorization is done by the Lua-script. As I understand it, this can be used a full replacement to, for example Basic Authentication.

Integrate Apache-2.4.25 with tomcat-8.5.23

Hi,

My apache is running on 15.213.91.33:5643 at location "/home/hemant/apache"
and tomcat-8.5.x is running on 15.213.91.33:8009 at location
/home/hemant/tomcat.

To integrate apache with tomcat I used mod_proxy and mod_proxy_ajp.
My httpd.conf looks like this :
<Location /ajp>
ProxyPass "ajp://15.213.91.33:8009"
ProxyPassReverse "ajp://15.213.91.33:8009"
</Location>

My server.xml is configured like :
<Connector port="8009" protocol="AJP/1.3" proxyName="15.213.91.33"
proxyPort="5643" />

When I am accessing "15.213.91.33:5643/ajp" then index.html of tomcat
appears, but If I click on any tab

problems benchmarking php-fpm/proxy_fcgi with h2load

Hello list,

i do some http/2 benchmarks on my machine and have problems to finish at
least one test.

System is Ubuntu16.04, libnghttp2-14 1.7.1, Apache 2.4.29, mpm_event

I start h2load with standard-params:

h2load  -n100000 -c100 -m10 <a href="https://example.com/phpinfo.php" title="https://example.com/phpinfo.php">https://example.com/phpinfo.php</a>

first steps are really quick and i can see a progress to 50-70%. but
after that requests by h2load to server decrease dramatically.
it seems that h2load ist stopping requests to server, but i dont see any
reason for that on serverside.

Understand Webdav and Apache

It's being a week I'm trying to get webdav working on a Vhost without any success....

disk cache block on a vps?

Hello,

I've got an apache 2.4 system running on a vps. Is the below block
needed? Currently it is set in all virtual hosts, if it is needed can
it be set globally? If options are not needed let me know.

Re: [users@httpd] Setup SquirreMail with Virtual Host

Sorry I was too fast.

I use the also Login Manager ("Vlogin") plugin for SquirrelMail

<a href="https://squirrelmail.org/plugin_view.php?id=47" title="https://squirrelmail.org/plugin_view.php?id=47">https://squirrelmail.org/plugin_view.php?id=47</a>

there you see that you need also Compatibility plugin version
2.0.14+, <a href="http://www.squirrelmail.org/plugin_view.php?id=152" title="http://www.squirrelmail.org/plugin_view.php?id=152">http://www.squirrelmail.org/plugin_view.php?id=152</a>

When I recall (about 10 years ago I set it up) I did not needed to
setup vlogin.

It should work together with the line in the main squirrel
config.php : $domain =
preg_replace("/^www\./i","",$_SERVER['SERVER_NAME']);

On Thursday 18/01/2018 at 17:01, Rodrigo Cunha wrote:

Re: [users@httpd] Setup SquirreMail with Virtual Host

I have in Apache my regular vhosts, nothing specific Squirrel in the
Apache config.

I have in config.php

$domain =
preg_replace("/^www\./i","",$_SERVER['SERVER_NAME']);

And that does the trick here.

Cheers,

Steffen

Setup SquirreMail with Virtual Host

Dear, i have a problem in config vhost squirremail.
I'm following the steps in the tutorial [
http://www.100security.com.br/postfix-squirrelmail-outlook/] .

Syndicate content