Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

I have below line in haproxy.cfg

server batch lb1.com:8080 weight 100 maxconn 150 check inter 1000 rise 10 fall 3 disabled

Open in new window


I would like to understand the role of 'disabled' here
0
I have below log from HA Proxy
Nov 17 09:16:41 lb1 haproxy[13135]: 10.2.148.1:40862 [17/Nov/2017:09:16:38.094] lb batch1 0/0/0/-1/3000 504 194 - - sH-- 2509/2509/2503/101/0 0/0 "GET /my_url HTTP/1.1"

Open in new window


Here I would to understand what is -1 in  "0/0/0/-1/3000"
and
what is these numbers separated with "/". I see two instances of it in the log above
0
I have below log from HA Proxy

Nov 17 09:15:41 lb1_server haproxy[14520]: 10.22.148.53:2102 [17/Nov/2017:09:15:40.191] lb in/batch31 0/0/0/1472/1473 503 5569 - - ---- 2106/2106/2098/79/0 0/0 "GET /my_url HTTP/1.1"

Open in new window


Here I would like to understand what is

 0/0/0/1472/1473 

Open in new window


and also using above log can I see how many requested were 'queued' as backend was not available ?
0
Parse error: syntax error, unexpected T_CONST in C:\wamp\www\codeigniter\system\core\CodeIgniter.php on line 58
0
Hello, so I'm trying to mirror some website from my LAMP server to my Windows 10 PC.
I am using WAMP server to do this but I have huge problems with permissions.

Apache can't seem to write stuff anywhere. The service runs as local system and the SYSTEM user has full control. I also tried giving EVERYONE full control, it still doesn't work. I keep getting errors like this:

Warning: error_log(../xxxxxxxxxxx/00000b015e503ae39081e38d06f1652e822b20171116.log): failed to open stream: Permission denied in B:\Siti\xxxxxxxxx\xxx.php on line 708

Open in new window


I also tried running Apache as a local administrator, still no go.

There must be a way to make this work. I have a CentOS vm on and I could use that, but it would be handier for me to go full local.
Also, I can't stand things not working.
0
We're getting the following error when the HTTP GET request is large:
mod_jk.log:[Wed Oct 18 11:37:20.232263 2017][12082:139812138850048] ajp_marshal_into_msgb::jk_ajp_common.c (517): failed appending the query string of length 7295

I've found several references to this error and I've tried the following, but it did not work:
1. Added worker.template.max_packet_size=65536 to this file: workers.properties
2. Added packetSize to file /usr/apache-tomcat/conf/server.xml:
    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <Connector port="8009" address="127.0.0.1" protocol="org.apache.coyote.ajp.AjpNioProtocol"
                        socket.directBuffer="true"
                        URIEncoding="UTF-8" redirectPort="8443" packetSize="65536" connectionTimeout="120000"  />
3. Added LimitRequestLine 65536 LimitRequestBody 0 LimitRequestFieldSize 65536 LimitRequestFields 10000 (to /nbsnas/http/conf/httpd.conf file)
Restarted Apache for each of the above and also when all of them are set to the values above.

I'm still getting the same error.
Any ideas/recommendations is greatly appreciated.
thanks!
0
Hi, just wondering if someone is able to help me re-write a URL in the following pattern...

https://url.domain.com/url/ --> https://www.domain.com/url/ 

So if you load the first part it shows the content where the second part is. So it's basically creating a sub-domain that points to a folder, but still shows the folder as part of the URL. (the /url/ at the end)

Thanking you in advance!!
Cheers
0
Does anyone have any experience with Apache mod_evasive? I've just installed that to try and mitigate DoS attacks, but it's not working as expected. My config is:
LoadModule evasive20_module lib64/httpd/modules/mod_evasive20.so

<IfModule mod_evasive20.c>
    DOSHashTableSize    3097
    DOSPageCount        2
    DOSSiteCount        100
    DOSPageInterval     1
    DOSSiteInterval     1
    DOSBlockingPeriod   10
  DOSEmailNotify        sysadmin@mydom.com
</IfModule>

Open in new window

As you can see, I've set the SiteCount to 100. I've had it at the default of 50, and tried 10 as well. No matter what I set it to it seems to generate the Blacklist message after some very few accesses. For example, it just blacklisted an IP that shows in the access_log only 9 times and over a 4 second period (not the supposed 1 second as defined by DOSSiteInterval).

As I said, it seems to blacklist with about this number of accesses regardless of what I set the DOSSiteCount to.
0
I have installed my app in a Bitnami Lamp stack subdirectory off of the root.  When I try to access it using abc.com/sub it doesn't work.  But if I put in a test program in abc.com/abc.php it works fine.   I need this stack to have 4 sites on it.  

How do I set it up so I can 4 vhosts?

The first vhost is only a test and isn't propogated.  The rest will be added after the first vhost is completed.

Thanks,
0
I have a new Ubuntu web server running with Apache.
I have setup 1 website using the default conf file.

I want to make sure that if anyone visits the domian using httpS that it redirects to http.

I don't have any SSL certificates and am not planning on using any.

can someone advise how to do this?

thanks

Steve
0
On a customer's request I have to create a reverse proxy for following URL on customer's server running Apache on CentOS 6.

URL of the back end is https://94.57.252.195/gateway/order.json

I have added following lines in a virtualhost on Apache:

SSLProxyEngine          On
ProxyPass / https://94.57.252.195/
ProxyPassReverse / https://94.57.252.195/


But when I access http://mydomain/gateway/order.json I get "Bad Request Your browser sent a request that this server could not understand." . No errors in error_logs of Apache.

I would be thankful if someone can help.
0
We're currently experiencing an issue with our SSL configuration whereby after a short while (after an Apache restart) the ssl handshake seems to take a silly amount of time, ~20-30 seconds!

We have the same certificate on another server with similar setup (albeit older versions) and it's running fine.

Main differences are:

Newer version of apache (2.4.18 on new, problematic server | 2.2.16 on old, performant one)
New server running Ubuntu 16.04 as oppose to Debian 6 on old one
New server allowing TLSv1, TLSv1.1, TLSv1.2 but old server only accepting TLSv1
Different cyphers:

NEW: AES256+EECDH AES256+EDH AES256-SHA AES128-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 AES256-GCM-SHA384 AES256-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 AES128-GCM-SHA256 AES128-SHA256

OLD: DES-CBC3-SHA AES256+EDH AES256-SHA AES128-SHA

Key things tried:

Check that we are using /dev/urandom
Check keepalive_timeout (currently 100)
SSLHonorCipherOrder on
SSLHonorCipherOrder on
StartServers 5
ServerLimit 400
MaxClients 400
MinSpareServers 10
MaxSpareServers 50
MaxRequestWorkers 400
MaxConnectionsPerChild 0
using mpm_perfork (got 196G RAM!)
We've been through all of the StackOverflow posts we can find on the problem but nothing seems to resolve it.

The problem only seems to occur under real world load and not when using apache ab to try and simulate load.

Has anyone experiences …
0
Hi,
I have WordPress installed for an intranet site, and ask working except the home page link when being accessed from different computers on the same network.
It defaults to http://localhost/ and on every other computer than the server itself, this returns a 404.
Is there a way to set the home page link to be the ip of the server instead?
Thanks in advance for assistance...
0
Hi experts 

As per your old post ,We installed mod-security on apache 2.2.

but facing some issue on xss cross script.

for example:
www.abc.com/aaa/home.html/?×=@scripts 

the above url is getting blocked by apache and redirecting to domian url.

www.abc.com/aaa/home.html/×=@scripts 

this url where query string is not their is not detecting by apache and going to 404 error page.

where to add the rule to block xss cross script issue.
0
I recently installed LAMP, then set up virtual sites by running sudo mkdir example.com.

I don't remember if I did this from root or from my limited user account.

When I log into SFTP from my limited user account it says permission denied in my FTP client.

Is this because I created the directories from the root account?

is it safe to be able to read and write files from a limited user account?

What command should I run to set the proper permissions?

thanks
0
I have a Centos 6.9 machine with Apache 2.2.15 and OpenSSL 1.0.1e which according to my research supports SNI.
I have "NameVirtualHost *:443" defined in the main httpd.conf file.

The difestyle certificate is a purchased one. The one for darksidediving was created using the letsencrypt certbot tool and it created the additional configuration file for the darkside ssl config .

The issue I am having is that when I go to the darkside https page I get a certificate warning and looking at it I am being given the divestyle certificate instead of the darkside one. I tried the ssllabs tools just to make sure it was not my browser.

divestyle.conf
# live site
<VirtualHost *:80>
  ServerName www.divestyle.co.uk
  ServerAlias divestyle.co.uk
  DocumentRoot /var/www/htdocs
  <Directory "/var/www/htdocs">
    AllowOverride all
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

# live secure site
<VirtualHost *:443>
  ServerName www.divestyle.co.uk
  ServerAlias divestyle.co.uk
  DocumentRoot /var/www/htdocs
  SSLEngine on
  SSLProtocol All -SSLv3 -SSLv2
  SSLCipherSuite HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH
  SSLCertificateFile /etc/httpd/conf.d/ssl/www_divestyle_co_uk.crt
  SSLCertificateKeyFile /etc/httpd/conf.d/ssl/www_divestyle_co_uk.key
  SSLCACertificateFile /etc/httpd/conf.d/ssl/www_divestyle_co_uk.int.crt
  <Directory "/var/www/htdocs">
    AllowOverride all
    Order allow,deny
    Allow from all
  </Directory>
</VirtualHost>

Open in new window


darkside-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
  ServerName darksidediving.co.uk
  ServerAlias www.darksidediving.co.uk
  DocumentRoot /var/www/www.darksidediving.co.uk
  <Directory "/var/www/www.darksidediving.co.uk">
    AllowOverride all
    Order allow,deny
    Allow from all
  </Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/darksidediving.co.uk/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/darksidediving.co.uk/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/darksidediving.co.uk/chain.pem
</VirtualHost>
</IfModule>

Open in new window

0
Hello experts,

I have a site where I need to add 300  301redirects.

Will that many redirects slow down a site?   Personally, I do not think so. But I thought I should ask the experts here first.

Would there be any other issues with so many redirects in an Htaccess file that I should be aware of?

Thanks!

Rowby
0
I had to change the filenames of most pages for my site from .html to .php.
Offhand I see 2 snags with this:
1.  SEO:  Does anyone have an example of the code to do 301 Redirects on all .hmtl pages to help pass Google SEO credit thru to the .php files of the same name?
2.  EXISTING EXTERNAL LINKS:  Does this 301 redirect ALSO forward Browser Users to the new .php page, or do I need to handle that separately so that the hundreds of eternal .html links do not 404 ?
0
Hello  

My saturday seems to be filled with htaccess issues :)  BTW this is a different site than my earlier question today.

I have a client who needs to have a few generic php and html files in the root of the server.  The existing Htaccess file apparently is disallowing files to be in the root -- which gives a 404 errors -- even though the physical files exist in the root (/public_html)

The files mainly have htm and php extensions, but there may be jpg, gifs and perhaps swf extensioins.

It''s a Joomla site, and I'm thinking it might be a security feature.  (His old joomla site let him have these kinds of files in the root.  But I guess Joomla hyped up the security and is not letting them be viewed by the public.

Please look at the htaccess file and let me know if indeed there is a rule prohibiting this, and how I can eliminate that rule.  BTW there is nothing in the code that will identify the actual site.....)
### ===========================================================================
### Security Enhanced & Highly Optimized .htaccess File for Joomla!
### automatically generated by Admin Tools 3.5.1 on 2015-05-15 14:49:25 GMT
### Auto-detected Apache version: 2.2 (best guess)
### ===========================================================================
###
### The contents of this file are based on the same author's work "Master
### .htaccess", published on http://snipt.net/nikosdion/the-master-htaccess
###
### Admin Tools is Free Software, 

Open in new window

0
Hi htacess Exoerts!

I would like to write an htaccess rule that does the following example:

If the url is /17-the-mobile-experience-conference
It would do an automatic redirect to.  /the-mobile-experience-conference

Specifically a global rule where if ANY url starts with a /17-       It would “remove “ the 17-     and do a redirect.

Thanks,

Rowby
0
I keep getting this error:

https://gyazo.com/e42f6ac2d15e502aec32cbb0588408a8

I have reloaded the software twice now.

I am on a Bitnami Debian stack.

This is a new test site.
0
Hi Experts,

Please let me know why my mod-security module is not detecting xss cross script issue

I am using red hat with Apache 2.2 .Do we need to change any conf file?
0
Hi experts,

I am trying to edit my hosts file C:\Windows\System32\drivers\etc\hosts  but it won't let me save it and tells me it is being used by another program.  I have no other apps open, and apache is stopped.

When I try to delete the file (I have a copy waiting) I am told that the file is being used by system.

Any ideas on how I can edit and save the file please?

Cheers
0
Hello

I am running Nginx version 1.10.2 on Centos 6.9 for a long time. Nginx serves as a reverse proxy to Glassfish 3 running some application.

Today when I rebooted my machine and I opened the URL to Nginx I got Bad Gateway. The error logs show following:

2017/10/01 05:28:48 [crit] 11408#0: *5 SSL_do_handshake() failed (SSL: error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small) while SSL handshaking to upstream, client: 123.456.789.123, server: mydomain.net, request: "GET /apex/f?p=123 HTTP/1.1", upstream: "https://127.0.0.1:9191/apex/f?p=123", host: "www.mydomain.net", referrer: "http://www.mydomain.net/"

Open in new window


I am able to access Glassfish with https://Hostname:9191/apex ... without a problem.

I am not sure what to do to fix this issue.

OpenSSL version is following:

-bash-4.1# rpm -qa openssl*
openssl098e-0.9.8e-20.el6.centos.1.x86_64
openssl-devel-1.0.1e-57.el6.x86_64
openssl-1.0.1e-57.el6.x86_64

Open in new window


I will be really thankful if someone can help.
0
Hi All,

just now we installed MOD security module on Apache
after that we are getting bellie error.

ModSecurity: Warning. Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:host. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "810"] [id "920350"] [rev "2"] [msg "Host header is a numeric IP address"] [data "x. x. x. x:81"] [severity "EMERGENCY"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag

 "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "x. x. x. x"] [uri "/health/check.sh"] [unique_id 

please assist
0

Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.