Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Experts

Could you pont a way to obtain the volume of accesses to a customer portals (Apache/ MSSQLServer) ?

Accordingly to:
 img002
The customer enter on some site's pages with it's credentials, choosing it's name on a combo, etc...

Is it possible to obtain the access volume by using the Apache default features, f.e. ?

Thanks in advance!
0
Web URL re-routing and questions about HTAccess

I have used HTAccess (originated with Apache) a few years ago on an MVC site to re-route the URL and am posting a few questions about how to do this today.

1) Is HTAccess still a viable option for web URL re-routing?
2) Is there a different way for a .NET MVC to get this capability?
3) Does HTAccess re-route WITHOUT needing a recompilation?
4) Is this considered "URL re-writing"?

Thanks
0
I would like my Apache server to automatically connect all requests for a specific website using https:

I use MAMP Pro 5, running on Mac OS X 10.11.6  I have set up multiple websites, and for one specific domain I have successfully installed a SSL certificate that I purchased from namecheap.com
I can connect to the website securely if I type in the complete address, with https://

If I connect to the website without typing in https://  MAMP PRO's Apache server only serves up the pages without the secure connection

How can I have MAMP/Apache only connect visitors securely?
I've tried Allow http connections, but that doesn't redirect connections from http to https

MAMP Pro SSL settings for domain
0
Hi I need to use phpmyadmin to replace one doman name with another

for example   replace google.com with yahoo.com

There are no http;// involved -- just the doman name as in this format  google.com

I want to replace it in the entire database.  All tables.

How can I do that within phpmyadmin

Thanks!

Rowby
0
Can anyone suggest any SW tools/utilities/commands to help manage disk space, identify space hogs, etc for a Linux Server?
(If it matters, it is a web server, headless CentOs 7 LAMP)
0
Dear Experts,

We have several forms on our website that send emails to various users in our organization.  I didn't create these but am only the sys admin for the server.

One user is being pestered by spam that seems to be generated by one particular form.  
The form has a few radio buttons, Name, address, phone number and comment fields.

The set up of our forms is this:
myForm.html  gets filled out by users.
When the submit is clicked, it executes a myForm.cgi.
This myForm.cgi calls a compiled c++ program myForm_comp.cgi which parses the information from the form and sends it using a mail package to the user.  The user's email address is hardcoded in the compiled coded.  

This set up is the same for all our forms however this user is the only one who gets the spam.  We have several forms (separate cgi compiles) that get sent to different users depending on topic. All simple forms with similar fields.

In reviewing the Apache logs, we see, for example, what appears to be a bot (same IP, hundreds of lines in a 30 second window) hitting all our webpages and especially hitting two of our forms.  One being myForm.cgi the other being otherForm.cgi.

The apache log shows 11 GETS of the myForm.html and then hundreds of GET/POST for myForm.cgi.
The user reported she got 10 spam emails.  

The same pattern shows for the otherForm.html but no spam emails arrived.

We think it must be a bot that reads the html, fills it in (it's always the same …
0
if the request header has remote client ip  having null value, we should  not be printing in apache logs.  

need solution using setenv or setenvif & logformat and custom logs
0
Hi all

I'm currently restricting access to a intranet site using a LDAP lookup and requiring a valid user, ip or host name. For some reason a wordpress site running on this cannot loopback and is coming up with a 401 error saying

"Unauthorized, This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required"

If I remove the code below all works fine so I'm asking for some guru help please how I can still use the below, but allow the machine to talk to itself (I guess) without authentication?
 
<Directory "D:/htdocs/intranet">

    Options Indexes FollowSymLinks
    AllowOverride All
    
    AuthType Basic
    AuthName ""
    
    AuthBasicProvider ldap  
    
    AuthLDAPURL "ldap://1.2.3.4:567/ou=#,dc=#,dc=#,dc=#?sAmaccountName"  
    AuthLDAPBindDN "cn=#,cn=#,dc=#,dc=#,dc=#"
    AuthLDAPBindPassword ####
    
    Require valid-user 

    Require ip ####
    Require host localhost
    
</Directory>

Open in new window

0
We're having issues with a client's Wordpress web site that we've 'adopted'. This site worked fine but we've installed a new theme and we're having issues with it. It works fine on our testing server which happens to be a Cpanel-based host. However, when placed on our live server (Plesk) it throws errors on and off (a bit randomly, it seems).

We're getting sporadic Internal Server 500 errors which, when we look at the logs, shows us this:
(104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server

We've tried switching from Fast CGI, to just CGI and FPM but then we get this error:
Unable to allocate shared memory segment of 67108864 bytes: mmap: Cannot allocate memory (12)

Lots of Googling has been done but we've not found a solution yet.

OS:      ‪CentOS 6.10 (Final)‬
Product:      Plesk Onyx
Version: 17.8.11 Update #38,

CPU      Intel(R) Xeon(R) CPU E5649 @ 2.53GHz (2 core(s))
3GB RAM (looking at it now, it's using 35% of that)

Any ideas we can look at would be appreciated please!
0
Dear Experts

We have CRM which is web application on a LAMP stack deployed on premise, the external users can access this application via 2FA, the 2FA solution that we have used is Duo Security (where CRM application uses Duo Access gateway and Duo Access Gateway use Windows AD for authentication).
  As We could not achieve advanced Reporitng though CRM application hence we went for custom development using .NET.   This takes csv output from CRM and generates the expected reports.
 We have to integrate these 2 applications and based on feasibility between 2 application implementers understood in the CRM application they will provide link of .NET application when click on it, this will open up the new tab of the Reporitng server from here the reports are fetched. CRM login user and reporting system login user will be same they will use the tokens for each user but the .net implementer says static token once in few days this can be changed.

Suggestion /advice requested.

From IT point of view:  CRM server URL is published to public/internet but reporting server URL is not published for public/internet, in this case when external user access the CRM application via 2FA and then click on advanced reporting will it resolve the reporting server URL (for the external user who has already gained access of CRM application please suggest). I think it is not possible please suggest.
Please help me with best way to ensure the security and reporting server URL also accessible …
0
apache rewrite rules to redirect http(s) olddomian.com to newdomain.com
i made a custom  VirtualHost .conf file for apache for my old domian to redirect every request to httpS new domain but it isn't working...?
i get either the old host or some an invalid URL... both FireFox and Chome show errors like this:
The owner of OldDomian.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. The certificate is only valid for NewDomain.com.

a copy of the apache.conf VirtualHost config:
<VirtualHost 129.125.125.128:80>
ServerName  OldSiteHost.com
ServerAlias www.OldSiteHost.com
ServerAlias OldSiteHost.com

RewriteEngine on
RewriteCond %{SERVER_NAME} =OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.OldSiteHost.com
RewriteRule ^ https://NewSiteHost.com/ [END,NE,R=permanent]

</VirtualHost>

Open in new window

0
We use a company called my contact form for our forms onsite.

https://www.magickitchen.com/contact-test.html

But they use a standard captcha where you have to enter text, and we have an older base, who have trouble with it, so we'd like to replace it with a recaptcha.

I've got the client side on that page, but I have no idea how to implement the server-side, I'm hoping someone can tell me how to so it with htaccess.

Google says:
When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required)      6LdfIn4UAAAAALJ-198KrFzDKKytHk5w9tTipp8m
response (required)      The value of 'g-recaptcha-response'.
remoteip      The end user's ip address.


The reCAPTCHA documentation site describes more details and advanced configurations. https://developers.google.com/recaptcha/docs/verify
0
Which data structure contains information corresponding to the DocumentRoot directive  in Apache 2.x?

I expected it to be path in server_rec, but server_rec->path returns null.  Nor is it in request_rec.

https://ci.apache.org/projects/httpd/trunk/doxygen/structserver__rec.html
https://ci.apache.org/projects/httpd/trunk/doxygen/structrequest__rec.html
0
Can someone check this please ... Is this the correct coding for robots.txt if I put a sitemap.xml file in the web root folder:
     User-agent: *
     https://EXAMPLE.COM/sitemap.xml
and
Is this the correct coding for .htaccess if I want to direct all requests to the Non-www https version of a URL:
     RewriteEngine On
     RewriteCond %{HTTP_HOST} ^www\.EXAMPLE\.com [NC]
     RewriteRule ^(.*)$ https://EXAMPLE.com/$1 [L,R=301]
     RewriteCond %{SERVER_PORT} 80
     RewriteRule ^(.*)$ https://EXAMPLE.com/$1 [L,R=301]
Any advice appreciated!
0
Hi guys

We have an Linux instance in the cloud with Nginx installed on it. However, whenever the server restarts, the Nginx services don't. I'm not overly familiar with Linux commands. Can anyone help me how we can automate the Nginx services to start on restarts automatically?

Thanks for helping
Yash
0
So, I have been reading about this for a long time and there's never a conclusive answer to be found anywhere.

I have a Centos 6 LAMP web server which mostly hosts websites created by yours truly and the occasional website created by someone else.

Which is the most secure way to configure Wordpress folders ownership AND keep all the automatic features (updating, uploading and so on) without the need to insert ftp or sftp credentials each time?

Aside from permissions (which I always set to 755 for folder, 644 for files and 600 for special files, as suggested everywhere), there's a lot of different ideas about ownership.

Somebody says apache should be the owner of the whole folder. Somebody says that the owner should be your server user (root for instance, or a dedicated user) and never apache.

But if the owner is not apache, you have to use your ftp credentials to upload, update and so on.

So is there a way to actually have it all? What's the safest and smartest way to configure ownership for Wordpress?

Thanks guys.
1
hi all

I have an issue with my rewrite in a .htaccess file that I'm unsure how to fix.

I want to be able to pass parameters as a query variable when someone uses the url for example www.mysite.com/user/reset/asdfg12345 to be re-written as www.mysite.com/user/reset/?rp=asdfg12345

My code below works but only for the very last rule so in this case RewriteRule ^user/verify/([^/\.]+)/?$      user/verify/?uvc=$1 [L] , the rule or rules above it never work, If I change the order again the last one only ever works.

Sure it's a simple error but something I'm not sure about.

Thanks in advance all, Neil


RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$  

# allows reset URL like /user/reset/5d34f4e59c155566913f782a2e2557dc,234j5hj23k452hk
RewriteRule ^user/reset/([^/\.]+)/?$	user/reset/?rp=$1 [L] 

# allows verification URL like /user/verify/5d34f4e59c155566913f782a2e2557dc
RewriteRule ^user/verify/([^/\.]+)/?$	user/verify/?uvc=$1 [L]

ErrorDocument 404 404.php 

############################################
## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l

## rewrite everything else to index.php
RewriteRule .* index.php [L]

Open in new window

0
In a nutshell:
I use an apache2 as webdav server and have a nginx reverse proxy in front of it.
The download of larger files (~ 6 GB) works without problems only the upload of larger files (already from 450 MB) aborts exactly at the EOF with the error message "65 client intended to send too large body " (on nginx).

I tested all possible settings like client_max_body_size, proxy_buffering off; unfortunately without success. If I run apache2 without nginx reverse proxy everything works as expected.

Thanks for your help

reredok
0
A CSS question:

Let's take the <td> tag as an example

Is it possible to make a custom css tag and use that to dictate the styling of any <td> tags inside it
ie
css page:
customtag > td
{
some condition
}
php page:
<customtag><td> text </td></customtag>

The reason for this is that I want to add a specific condition to a set of <td> tag's which already have defined css conditions defined for that particular tag in the css page in the rest of the php page
0
Friend transferred a wordpress site to a new VPS, the new host is displaying SOME pages but not all pages.

For example /category/mypage works
but category/mypage2 returns 500 server error

Wp-admin works, so i dont htink its a database issue, i re created the htaccess file, no luck.

When i inspect the  broken page it says <!-- html is corrupted -->

They are using the wordpress fastest cache plugin, not sure if that helps (even though i look into the cache folder and not all the pages are in here? is it permissions? i set 777 temporarily on those folders but look slike Fastest Cache isnt loading those pages into the cache)


Any ideas other than corrupted pages one one page would return 500 server error?
0
I need to increase max_input_vars on an Apache 2.4, Amazon Linux with PHP 7.2 that is running php-fpm to 3000.  I changed php.ini restarted php-fpm and apache but there is no change.

Where do I make the change so that max_input_vars is changed?

Here is a screenshot of php info

https://gyazo.com/e1242115eabae9cc0b870bc7f9ab2ca3
0
Hello Htaccss  Experts :)

I have an htaccess file that has, near the end, a rewrite section that redirects the site to another url.

I don't want that redirect to happen, but I'm not sure how to change that htaccess file.

It's running on xampp that I installed on my local windows based server, for testing locally on Localhost.

I have changed the redirect to google, for privacy issues.   But I just want there to be NO redirect. It's a WordPress site that I just want to run locally for some testing. WordPress has been successfully installed.

Below is a snippet from the end of the .htaccess file   My snippet starts a few lines before the rewrite engine section -- and goes all the way to the end of the .htaccess file

ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
</IfModule>
## EXPIRES CACHING ##

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://www.google.com/$1 [R,L]
# Use PHP70 as default
AddHandler application/x-httpd-php70 .php
# BEGIN custom php.ini PHP70
<IfModule mod_suphp.c>
    suPHP_ConfigPath /home3/zzz/public_html
</IfModule>
# END custom php.ini

Open in new window


Would just changing "rewriteengine" to öff do it?

As I said, I am running this on my local computer using xampp   (which I haven't used for a while, but I got localhost working on it.)

Thanks!
Rowby
0
The following .htaccess files is in the following directory and is working correctly:

C:\xampp\htdocs

AuthName "TickTockIT Int Protected"
AuthType Basic
AuthUserFile C:/xampp/apache/bin/passwordfile
# require valid-user
Require user admin
Order Deny,Allow
Deny from all
Allow from ::1
Satisfy Any

The above is only accessed by admin

I want to allow access to another sub directory to other specific users:
Directory: C:\xampp\htdocs\newsite\site
Access for users a and b
How do I do this - with a separate .htaccess file or a redirect from the .htaccess file above
If I use a separate .htaccess file how do I stop authentication being required by the parent .htaccess file (c:\xampp\htdocs) above?
Basically what is the best way to do this
0
Need expires headers to satisfy yslow on GMetrix.  I am on an Apache 2.4 Linux system.

When I use this code I get an 500 Internal Server Error

# Optimize cache-control
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault “access plus 1 month”
ExpiresByType image/gif “access plus 1 month”
ExpiresByType image/png “access plus 1 month”
ExpiresByType image/jpg “access plus 1 month”
ExpiresByType image/jpeg “access plus 1 month”
ExpiresByType text/html “access plus 3 days”
ExpiresByType text/xml “access plus 1 seconds”
ExpiresByType text/plain “access plus 1 seconds”
ExpiresByType application/xml “access plus 1 seconds”
ExpiresByType application/rss+xml “access plus 1 seconds”
ExpiresByType application/json “access plus 1 seconds”
ExpiresByType text/css “access plus 1 week”
ExpiresByType text/javascript “access plus 1 week”
ExpiresByType application/javascript “access plus 1 week”
ExpiresByType application/x-javascript “access plus 1 week”
ExpiresByType image/x-ico “access plus 1 year”
ExpiresByType image/x-icon “access plus 1 year”
ExpiresByType application/pdf “access plus 1 month”
<IfModule mod_headers.c>
Header unset ETag
Header unset Pragma
Header unset Last-Modified
Header append Cache-Control “public, no-transform, must-revalidate”
Header set Last-modified “Mon, 1 Oct 2018 10:10:10 GMT”
</IfModule>
</IfModule> 

Open in new window


my headers in htaccess looks like this

# BEGIN Really_Simple_SSL_UPGRADE_INSECURE_REQUESTS
<IfModule mod_headers.c>
Header always set Content-Security-Policy "upgrade-insecure-requests;"
</IfModule>
# END Really_Simple_SSL_UPGRADE_INSECURE_REQUESTS

Open in new window


The log says
[Sun Dec 23 12:59:33.053088 2018] [core:alert] [pid 7617:tid 140692416341760] [client 1.1.1.1] /data/web/abc.com/.htaccess: ExpiresDefault takes one argument, an expiry date code

Open in new window


Seems everything on the internet and the plugins are not suited for Apache 2.4.  Please help.

Thanks,
0
I need some mod rewrite help with a regex.  This is an example url - https://www.thefrugallife.com/12all/lt.php?c=1728&m=2981&nl=1&s=c9b91a7ca200a96e668e515ecf49b34c&lid=19221&l=-http--www.theherbsplace.com/Shop_A_Z_page_1_c_28.html

I am trying to get it to redirect to the url after the last equals sign - http--www.theherbsplace.com/Shop_A_Z_page_1_c_28.html

I have 2,000 links like this all with a different url after the last equals sign.

Here is my code

RewriteCond %{REQUEST_URI} /?12all/lt\.php$
RewriteCond %{QUERY_STRING} c=(.*)$ [NC]
RewriteCond %{QUERY_STRING} m=(.*)$ [NC]
RewriteCond %{QUERY_STRING} nl=(.*)$ [NC]
RewriteCond %{QUERY_STRING} s=(.*)$ [NC]
RewriteCond %{QUERY_STRING} lid=(.*)$ [NC]
RewriteCond %{QUERY_STRING} l=-http--(.*)$ [NC]
RewriteRule ^.*$ https://%6/? [NC,L,R=301]

Open in new window


Please tell me what I am doing wrong so I can get this cleaned up for Google.

Thanks,
0

Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.