Apache Web Server

19K

Solutions

14K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

I had this question after viewing How Remove IP from IPset?.

How do I add a list of ip's to the ALLOW ipset?  Presently, they are in a text file single spaced separated by a return.  Here is a screenshot

https://gyazo.com/3ca73fc465513f6b9b09aa9104907d30

I have a similar list for ipv4's too.  Can both of them reside in the ALLOW subset?  If not, please tell me how to create one for ipv6.

Thanks,

Randal
0
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Phpmailer not able to send SSL emails.

Hi
I have website that sends SSL emails to a mail server.  I upgraded Wamp and am now using Apache 2.4.33 and PHP 7.2.4 and the mails that were working in the previous version of apache and Php now do not work.  
I get the following error Mailer Error: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting.    
When I look on the mail server I see that it can't decrypt the message
05/13/18 13:56:09      Couldn't decrypt, error 80090330
05/13/18 13:56:09      ME-I0069: (recv) socket [1920] was gracefully closed x.x.x.x before any command received. Remote client closed the connection.

I have enabled mod_ssl in apache and php and openssl  but it is not working.   One thing I did notice is that in wamp it doesn't show mod_ssl under the apache modules in the wampserver interface.

Attached are the conf files
http.txt
php.txt
0
I may want to give up/abandon a Domain Name that has old Nameserver names assigned to it.
How can I start with that domain (example.com) and find out:
1) What name servers EXIST (ns1.example.com etc)
2) Of these name servers, which ones are in use ... meaning, I want to know if I delete all name servers for this domain, and even give up the domain, what Websites might stop working
Any Mac, Linux, or online/server-side solution would be wonderful, though if you only have a Windows solution, I am sure I could find a Windows PC around here somewhere

Thx in advance all!

- B
0
Using a .htaccess file is there a way to hide a directory?  I currently allow people to browse my website's files and folders however there is one directory I want to hide from folks so they don't get confused.  Is this possible?
0
I need to create an ipset for ipv6 I have it for ipv4 already.  I want to use ipdeny.com and insert specific country blocks into the ipset which is connected to the iptables.
0
Wordpress I moved my site from Xampp to IIS 10, currently running the server copy as a local version for test it, but my images are not loading. and when I login the redirect back to the page not working as well any idea how to fix this.
0
I need to export a SSL certificate from Apache to IIS10,  How do I do this.

I have root.crt, Intermediate.crt and server.crt and server.key

Thanks
Manoj
0
Dear All

Preventing DoS attack on our Apache Web server is the most difficult and challenging problems we have ever faced.  I looked at different solutions on the website, they are all recommending to use IPTable to block such attack.  But I have come to a conclusion that IPTables has nothing to do with that.  I have done a lot of configuration on IPTables and listened to many advanced but with no concrete result.

There must be another way to prevent DoS attack.  I don't know if Apache configuration can prevent such attach.

Basically, I am getting hundreds of connection from a specific IP address, which drained out the server memory and kills it.  The current situation we are doing is to block that IP range.  which is not a solution.

If you believe this issue can be resolved from Apache, please let me know how to tweak the setting.  
We are a university, the web server we have is mainly for displaying information.  

I would really appreciate any advice.

Thanks in advance
0
How to redirect all http traffic to https on Ubuntu running Apache2.
Here is my sites conf file and I am not able to drive the traffic to https.

<VIRTUALHOST *:80>
        ServerName OldDomian.com
        ServerAlias www.OldDomian.com
        Redirect /  https://www.NewDomain.com
       	ServerName NewDomain.com
        ServerAlias www.NewDomain.com
        Redirect /secure https://www.NewDomain.com

	
</VIRTUALHOST>
<VIRTUALHOST *:443>
    ServerAdmin webmaster@localhost
    ServerName www.NewDomain.com
    ServerAlias NewDomain.com
    DocumentRoot /var/www/www.NewDomain.com/web
    SSLEngine on    
    SSLCertificateFile /etc/apache2/cert/359dc02304e01eae.crt    
    SSLCertificateKeyFile /etc/apache2/cert/hp.key
    #SSLCertificateFile /etc/apache2/cert/gd_bundle-g2-g1.crt
    <DIRECTORY />
        Options FollowSymLinks
        AllowOverride All
    </DIRECTORY>
    <DIRECTORY /var/www/www.NewDomain.com/web>
        Options +FollowSymLinks
        AllowOverride All
        #AuthType Basic
        #AuthName "Restricted Content"
        #AuthUserFile /etc/apache2/.htpasswd
        #Require valid-user

        # <IfModule mod_rewrite.c>
        # RewriteEngine On
        # RewriteBase /
        # RewriteCond %{REQUEST_FILENAME} -f [OR]
        # RewriteCond %{REQUEST_FILENAME} -d
        # RewriteRule ^.*$ - [S=40]
        # RewriteRule (.*)/(.*)/$ /index.php?page=$1&id=$2 [QSA,L]
        # RewriteRule (.*)/$ /index.php?page=$1 [QSA,L]
        # </IfModule>
      

Open in new window

0
i have a Ubuntu apache2 web server with ssl certificate .Every time when i restart apache ask password.
I found a script and work well .

SSLPassPhraseDialog exec:/path/to/passphrase-script

#!/bin/sh
echo "mypassphrase here"

Now certificate is old and got new certificate with new challange passord. Can you please explain me what do i need to do?  can i change my script easly or i need a new script ? or can i add new password under old one  like:

#!/bin/sh
echo "mypassphrase here"
echo "myNEWpassphrase here"



Thank you
0
Cloud Class® Course: Microsoft Azure 2017
LVL 12
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

I have a ubuntu apache2 server .I would like to my website security ans ssl https certificate creating.

can i free ssl certicate install if yes how ?please explain me.

Thank you
0
I am trying to enable SSL on my Ubuntu server running Apache2, but when I restart the Apache2 service it crashes silently.

I have a cloned copy of the Ubuntu server in my Dev location and I was able to apply this without any issues.

I made, what I think is the correct edits to the /etc/apache2/sites-enable/site-name.com.conf file.
Can someone please shed some light on this for me.

<VIRTUALHOST *:443>
    ServerAdmin webmaster@localhost
    ServerName www.contoso.com
    ServerAlias  contoso.com
    DocumentRoot /var/www/www.contoso.com/web
    SSLEngine on    
    SSLCertificateFile /etc/apache2/cert/contoso.crt
    SSLCertificateKeyFile /etc/apache2/cert/contoso.key
    SSLCertificateFile /etc/apache2/cert/gd_bundle-g2-g1.crt
    <DIRECTORY />
        Options FollowSymLinks
        AllowOverride All
    </DIRECTORY>
    <DIRECTORY /var/www/www.contoso.com/web>
        Options +FollowSymLinks
        AllowOverride All
        #AuthType Basic
        #AuthName "Restricted Content"
        #AuthUserFile /etc/apache2/.htpasswd
        #Require valid-user

        # <IfModule mod_rewrite.c>
        # RewriteEngine On
        # RewriteBase /
        # RewriteCond %{REQUEST_FILENAME} -f [OR]
        # RewriteCond %{REQUEST_FILENAME} -d
        # RewriteRule ^.*$ - [S=40]
        # RewriteRule (.*)/(.*)/$ /index.php?page=$1&id=$2 [QSA,L]
        # RewriteRule (.*)/$ /index.php?page=$1 [QSA,L]
        # </IfModule>
        # php_value auto_prepend_file 

Open in new window

0
Hi, My SEO team is having me create directories for certain keywords, like /affordable-meal-delivery/, so that the URL is mywebpage.com/affordable-meal-delivery/

The only way I know to do this is to create the directory and then have an index.html inside the directory. But I don't like having so many pages called index.html, for one thing I am afraid of overwriting one to another.

This site is able to do it without an index.html: www.freshnlean.com/gluten-free-meal-delivery/  - if I add index.html to that, it goes to a page not found.

We are on an Apache server. So it looks to me like this:



But I have ten or so of those directories with an index.html in each. How can I do this without the index.html. Ideally, I would want the page inside the directory to be affordable-meal-delivery.html. Can I use an htaccess file to do this?

Thanks.
0
I have a Linux ubuntu  Apache/2.4.7, OpenSSL/1.0.1 Server.

My Wildcard certificate(comodo) is expired. We have a New Wildcard(with Password ) certificate.
 I copied all files from comodo  
certificate.cabundle,
certificate.crt and  
certkey.key to my certificates Folder /etc/apache2/allcertificates/.

Folder allcertificates has root permission :  root:root

i changed lines  under /etc/apache2/sites-enabled/default-ssl.conf

SSLEngine on

SSLCertificateFile               /etc/apache2/allcertificates/certificate.crt
SSLCertificateKeyFile        /etc/apache2/allcertificates/certkey.key
SSLCertificateChainFile    /etc/apache2/allcertificates/certificate.cabundle

when i restart or start Apache2   : /etc/init.d/apache2 restart     ,i got  error  and also certificate Password ask not. must be asking isnt it?

error log Apache:

 [ssl:emerg] [pid 138] AH02204: Init: Pass phrase incorrect for key of mydomain.com:443
 [ssl:emerg] [pid 138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
 [ssl:emerg] [pid 138] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[ssl:emerg] [pid 138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[ssl:emerg] [pid 138] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
 [ssl:emerg] [pid 138] SSL Library Error: error:04093004:rsa …
0
I have a Ubuntu apache2 server .I bought a ssl wildcard certificate from online .They send my new certificates zip format.
I have CERT.CABUNDLE and CERTIFICATE.CRT files in this zip.

before i used selfsigned certificate on my apache server.

please can you explain ,how can i install these new certificates on my apache server ?

Thanks
0
In Magento having 500 internal server error after clicked the Payment Methods button in admin. No log is captured in "var/log/system.log" nor "var/log/exception.log" when it happens.

The site has this Special Promotions extension installed https://amasty.com/special-promotions.html
When set one of its module at "app/etc/modules/Amasty_PromoBannersLite.xml" to be inactive, then there is no error. But this error never happen on Apache web server even if the module is active.

Need help to find out what is the cause of the issue and solve it.

This is the system specification that having error:
Magento CE 1.9.3.3
PHP 5.6.31
Windows Server 2012 R2
IIS 8.5
0
I am working on my own personal site and trying to make it so my URLs don't contain the .html or .php file extensions. As of right now I don't have any PHP files but it's something I am considering in the future so I figured adding it to my htaccess does no harm. That being said I have attached my htaccess file. The hope was to do 3 things.

1. Remove .html extension and allow for calling local files without the extension (<a href="/contact" instead of <a href="contact.html"). ==> This is not working properly except for index.html

2. Do the same for .php (see above why)

3. Get rid of the "www" but if you type it that doesn't hurt anything. (This is personal preference but if it's poor practice I can remove this).

So the main issue is linking to my file so that in the URL there is no .html extension. Any help would be greatly appreciated. I am still very much learning how to utilize htaccess files but see how powerful it is.
0
I have the below .htaccess for my website.
What I'm expecting is that when I login to my page, I suppose to have www.example.com/myusername to be generated from www.example.com/user.php?=myusername
But that doesn't happen automatically, rather I will see www.example.com/user.php?=myusername as my browser url. But if I edit the browser url by removing the user.php?=, leaving only www.example.com/myusername and then reload, I can still access the page.
Question 1: Is .htaccess rewrite not suppose to be done automatically? I would have expected that the browser url changed to the rewrite url by itself upon login.

When I access the url www.example.com/providers/myusername, if I point the mouse to any link on the web page, for example a link with this a tag  <a href="follow_page.php?u='.$log_username.'">, I expect it to show as www.example.com/followers/myusername at the base of the page based on my htaccess rules below, rather, it shows as  www.example.com/providers/follow_page.php?=myusername and when I click the link, it shows page not found.
Question 2: Why is it showing the original url instead of the rewrite url?
Question 3: Why is it adding providers to the url?

Options +FollowSymLinks 
RewriteEngine On
RewriteBase /
# Establish a custom 404 File not found page
ErrorDocument 404 /index.php

#Prevent directory file listing in all of your folder

Open in new window

0
I have downloaded and install httpd server omn AIX 7.1 from https://www-03.ibm.com/systems/power/software/aix/linux/toolbox/alpha.html

But I want to know if this package is 32 or 64 bits?

Thanks
0
Cloud Class® Course: Microsoft Windows 7 Basic
LVL 12
Cloud Class® Course: Microsoft Windows 7 Basic

This introductory course to Windows 7 environment will teach you about working with the Windows operating system. You will learn about basic functions including start menu; the desktop; managing files, folders, and libraries.

HI,

I have created a php script for individuals to add a url to their calendar application such as outlook/ google calendar.


 I have validated the output on https://icalendar.org/ and get a header warning about the content type being text/html

Validator

Problem is when i add
           header('Content-Type: text/calendar; charset=utf-8');
	//		header('Content-Disposition: inline; filename=calendar.ics');

Open in new window


i get

chrome -> ERR_INVALID_RESPONSE
firefox -> file not found
ie -> i get a download prompt that could not be downloaded if save is clicked

if i add the URL to outlook it throws an invalid url error

Not sure whats going on here because i had it working last night


i am using plesk on my centos 7 server
0
I have a problem with a .htaccess file.

I have a domainname (test1234.com for this example), and if visitors go to http://www.test1234.com everything works fine.
If they go to http://www.test1234.com/files/blablabla/nonexistingsfile.pdf they are redirected to the index.php file, but the path is not changed. So any files used in index.php which are referenced by a relative path "./cssfiles/main.css" for example are not found. Images which are included with "./graphics/logos/mylogo.png" are not shown.

I've attached my htaccess file. Anyone have any idea how to get this right?
htaccess_for_expertsexchange.txt
0
Hi All,

I have httpd with worker MPM. I do want to limit that to 1 process with root and only 3 child processes under my account (guest).

Sometimes, I could see 5 or 6 or 7 httpd child processes running on my box.

how to limit the child processes for httpd ?

How to configure/fix this ?

Thanks,
bvm
0
Hi everybody.
I'm writing the php backend for an Android native app developed by another team.
They are sending to the server in the http headers the value of user_token but I'm not able to get it. I used getllheaders() functions but it doesn't return it.
I have added to .htaccess following lines:
RewriteEngine on
RewriteRule .? - [E=user_token:%{HTTP:user_token}]

Open in new window

and then tried to find the value in the superglobal $_SERVER. the index is present but it is empty.

I performed several tests using https://www.hurl.it/ but with no success (

I really don't know how to solve this issue: any idea?
Thank you
0
is a shared webserver a good place to store .pdf or .doc files

if not linked to by using html, can search engine find.

i have robots.txt ask (not demand) that search engines shouldnt show but i know robots.txt is not a solution
0
I have the following JavaScript making a call to a PHP page:

	function callPhpAPI(youdata) {
	
		$.post( "http://www.utahkidsfoundation.com/recsoap.php", { mes: youdata } );
	
	}

Open in new window



PHP page:

<?php

$mes=$_REQUEST['mes'];


    $emailto = 'xxx@gmail.com';
    $toname = 'Tom';
    $emailfrom = 'xxxr@xxx.com';
    $fromname = 'xxx';
    $subject = 'activity on xxx detected:  ' + $mes;
    $messagebody = 'There was a page hit on xxx:  ' + $mes;
    $headers = 
        'Return-Path: ' . $emailfrom . "\r\n" . 
        'From: ' . $fromname . ' <' . $emailfrom . '>' . "\r\n" . 
        'X-Priority: 3' . "\r\n" . 
        'X-Mailer: PHP ' . phpversion() .  "\r\n" . 
        'Reply-To: ' . $fromname . ' <' . $emailfrom . '>' . "\r\n" .
        'MIME-Version: 1.0' . "\r\n" . 
        'Content-Transfer-Encoding: 8bit' . "\r\n" . 
        'Content-Type: text/plain; charset=UTF-8' . "\r\n";
    $params = '-f ' . $emailfrom;
    $test = mail($emailto, $subject, $messagebody, $headers, $params);
    // $test should be TRUE if the mail function is called correctly

    header("Location: http://xxx.com");

    die();
?>

Open in new window



The email IS being sent, but the PHP variable $mes that I am attempting to make use of has a problem.


The email when it arrives looks like this:

zero

What I expected was to see the following subject and message body:

subject: 'activity on xxx detected:  content of param passed in
message body: 'There was a page hit on xxx:  content of param passed in

If I remove the $mes PHP variable I am trying to append to the end of the subject and message body (above) -- the subject and message body come through GREAT, minus the custom message(which is the entire point of all this)

zero
0

Apache Web Server

19K

Solutions

14K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.