Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

In my .htaccess file, there are references to favicon. I want to delete my graphics folder. Is it of to move any favicon files to the root of my site, not inside a folder?

#do things different on prod
<IfDefine prod>
RewriteRule ^favicon\.ico$ /graphics/live_favicon.ico [L]
<IfDefine !prod>
RewriteRule ^favicon\.ico$ /graphics/test_favicon.ico [L]

and where is "prod" defined? Is that an Apache thing? Sorry for the newbness, Im taking over for a departed employee and trying to sort things out.
Hi all

I would like to display a certain path in the URL but actually server content from another path. How can I achieve the following using my .htaccess Apache file please?

I want to have a URL with the word attachments

but actually serve the content located at /images/plots/

Thanks in advance, Neil

I have changed part of  an old Drupal Site to a Wordpress site in a subdomain.  

The main part of the Drupal site still exists, I have just taken the shopping cart portion and built it in a Wordress, which sits in a subdomain

I am trying to redirect the old product pages ot the new ones, but my htaccess code is ignored..

Options +FollowSymLinks
RewriteEngine on

Redirect 301  /cgi-bin/commerce.cgi?preadd=action&key=A30-E https://resources.beststart.org/a30-e-risks-of-cannabis/

Open in new window

I have tried writing the redirect a few ways, all are ignored..  Redirect, RedirectMatch 301, redirectPermanent, etc.

I do have a lor of products as well, it would be good if I could do a wildcard for all /cgi-bin/commerce.cg*
I want any request that goes to mysite.com/index.html to be 301 redirected to mysite.com

Will the following mod_rewrite work in my htaccess file, is it comprehensive enough, and where would it need to be placed in the file?

RewriteCond %mysite.com/index.html HTTP [NC]
RewriteRule (.*)index.html$ /$1 [R=301,L]
I am trying to install Phpki on a SME-Server.   In the initial Setup screen I is asking the following.

"Storage Directory *
Enter the location where PHPki will store its files. This should be a directory where the web server has full read/write access (chown phpki ; chmod 700), and is preferably outside of DOCUMENT_ROOT (/opt/phpki/html). You may have to manually create the directory before completing this form. "

It gives the example of :


The server's Primary Dir has three  folders

Primary -  cgi-bin
               -  html
               -  folder  -  phpki-store

I was thinking  about putting  phpki-store under folder which is at the same level as the html folder,   I'm not sure what they are asking for.
Hi everybody.
So I'm using a cde in .htaccess to remove php extension from the url:
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteCond %{REQUEST_URI} ^(.+)\.php$
RewriteRule (.*)\.php$ /$1 [R=301,L]

Open in new window

It works fine. But I have some dynamic url I want to make SEO compliant. For instance, I would like that

Open in new window


Open in new window

So I looked around and I found this to put in my .htaccess
RewriteCond %{THE_REQUEST} \s/vinos\.php\?v=(\w+)\s [NC]
RewriteRule ^ /vinos/%1? [R=301,L]
RewriteRule ^vinos/(\w+)$ /vinos.php?v=$1 [L]

Open in new window

With this the url is rewritten as expected but in the page which is open php just doesn't work. And all css is lost...
Any idea about how can I remove the extension from the simple page and make dynamic urls seo friendly?
Thank you in advance for any suggestion :)
I have my domaing "www.myserver.com" and I got  customized my ".htaccess" file with the following rewrite rules:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/oculto/larespuesta.php$
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTP_HOST} !^www.myserver.com$ [NC]
RewriteRule ^(.*)$ https://www.myserver.com/$1 [L,R=301]

Open in new window

This set of lines allow me:
1.- redirect all calls of "http://" to "https://"
2.- redirect all calls of non "www" to "www"

I wanna know how to bybass of this rules using rewrite rules, subdomains in the same server? I tried with RewriteCond %{HTTP_HOST} !subdomain\.myserver1\.com$ [NC], but after I add that line I need to comment
   RewriteCond %{HTTP_HOST} !^www.myserver.com$ [NC]
   RewriteRule ^(.*)$ https://www.myserver.com/$1 [L,R=301]

Open in new window

Is there a way to add a bypass for my subdomains in my htaccess?
Difference between URL forwarding and re-routing?

I am curious what the difference is from an MVC .NET Framework perspective, if that makes any difference...

Hi Experts

Could you pont a way to obtain the volume of accesses to a customer portals (Apache/ MSSQLServer) ?

Accordingly to:
The customer enter on some site's pages with it's credentials, choosing it's name on a combo, etc...

Is it possible to obtain the access volume by using the Apache default features, f.e. ?

Thanks in advance!
Web URL re-routing and questions about HTAccess

I have used HTAccess (originated with Apache) a few years ago on an MVC site to re-route the URL and am posting a few questions about how to do this today.

1) Is HTAccess still a viable option for web URL re-routing?
2) Is there a different way for a .NET MVC to get this capability?
3) Does HTAccess re-route WITHOUT needing a recompilation?
4) Is this considered "URL re-writing"?

I would like my Apache server to automatically connect all requests for a specific website using https:

I use MAMP Pro 5, running on Mac OS X 10.11.6  I have set up multiple websites, and for one specific domain I have successfully installed a SSL certificate that I purchased from namecheap.com
I can connect to the website securely if I type in the complete address, with https://

If I connect to the website without typing in https://  MAMP PRO's Apache server only serves up the pages without the secure connection

How can I have MAMP/Apache only connect visitors securely?
I've tried Allow http connections, but that doesn't redirect connections from http to https

MAMP Pro SSL settings for domain
Hi I need to use phpmyadmin to replace one doman name with another

for example   replace google.com with yahoo.com

There are no http;// involved -- just the doman name as in this format  google.com

I want to replace it in the entire database.  All tables.

How can I do that within phpmyadmin


Can anyone suggest any SW tools/utilities/commands to help manage disk space, identify space hogs, etc for a Linux Server?
(If it matters, it is a web server, headless CentOs 7 LAMP)
Dear Experts,

We have several forms on our website that send emails to various users in our organization.  I didn't create these but am only the sys admin for the server.

One user is being pestered by spam that seems to be generated by one particular form.  
The form has a few radio buttons, Name, address, phone number and comment fields.

The set up of our forms is this:
myForm.html  gets filled out by users.
When the submit is clicked, it executes a myForm.cgi.
This myForm.cgi calls a compiled c++ program myForm_comp.cgi which parses the information from the form and sends it using a mail package to the user.  The user's email address is hardcoded in the compiled coded.  

This set up is the same for all our forms however this user is the only one who gets the spam.  We have several forms (separate cgi compiles) that get sent to different users depending on topic. All simple forms with similar fields.

In reviewing the Apache logs, we see, for example, what appears to be a bot (same IP, hundreds of lines in a 30 second window) hitting all our webpages and especially hitting two of our forms.  One being myForm.cgi the other being otherForm.cgi.

The apache log shows 11 GETS of the myForm.html and then hundreds of GET/POST for myForm.cgi.
The user reported she got 10 spam emails.  

The same pattern shows for the otherForm.html but no spam emails arrived.

We think it must be a bot that reads the html, fills it in (it's always the same …
if the request header has remote client ip  having null value, we should  not be printing in apache logs.  

need solution using setenv or setenvif & logformat and custom logs
Hi all

I'm currently restricting access to a intranet site using a LDAP lookup and requiring a valid user, ip or host name. For some reason a wordpress site running on this cannot loopback and is coming up with a 401 error saying

"Unauthorized, This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required"

If I remove the code below all works fine so I'm asking for some guru help please how I can still use the below, but allow the machine to talk to itself (I guess) without authentication?
<Directory "D:/htdocs/intranet">

    Options Indexes FollowSymLinks
    AllowOverride All
    AuthType Basic
    AuthName ""
    AuthBasicProvider ldap  
    AuthLDAPURL "ldap://,dc=#,dc=#,dc=#?sAmaccountName"  
    AuthLDAPBindDN "cn=#,cn=#,dc=#,dc=#,dc=#"
    AuthLDAPBindPassword ####
    Require valid-user 

    Require ip ####
    Require host localhost

Open in new window

We're having issues with a client's Wordpress web site that we've 'adopted'. This site worked fine but we've installed a new theme and we're having issues with it. It works fine on our testing server which happens to be a Cpanel-based host. However, when placed on our live server (Plesk) it throws errors on and off (a bit randomly, it seems).

We're getting sporadic Internal Server 500 errors which, when we look at the logs, shows us this:
(104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server

We've tried switching from Fast CGI, to just CGI and FPM but then we get this error:
Unable to allocate shared memory segment of 67108864 bytes: mmap: Cannot allocate memory (12)

Lots of Googling has been done but we've not found a solution yet.

OS:      ‪CentOS 6.10 (Final)‬
Product:      Plesk Onyx
Version: 17.8.11 Update #38,

CPU      Intel(R) Xeon(R) CPU E5649 @ 2.53GHz (2 core(s))
3GB RAM (looking at it now, it's using 35% of that)

Any ideas we can look at would be appreciated please!
Dear Experts

We have CRM which is web application on a LAMP stack deployed on premise, the external users can access this application via 2FA, the 2FA solution that we have used is Duo Security (where CRM application uses Duo Access gateway and Duo Access Gateway use Windows AD for authentication).
  As We could not achieve advanced Reporitng though CRM application hence we went for custom development using .NET.   This takes csv output from CRM and generates the expected reports.
 We have to integrate these 2 applications and based on feasibility between 2 application implementers understood in the CRM application they will provide link of .NET application when click on it, this will open up the new tab of the Reporitng server from here the reports are fetched. CRM login user and reporting system login user will be same they will use the tokens for each user but the .net implementer says static token once in few days this can be changed.

Suggestion /advice requested.

From IT point of view:  CRM server URL is published to public/internet but reporting server URL is not published for public/internet, in this case when external user access the CRM application via 2FA and then click on advanced reporting will it resolve the reporting server URL (for the external user who has already gained access of CRM application please suggest). I think it is not possible please suggest.
Please help me with best way to ensure the security and reporting server URL also accessible …
apache rewrite rules to redirect http(s) olddomian.com to newdomain.com
i made a custom  VirtualHost .conf file for apache for my old domian to redirect every request to httpS new domain but it isn't working...?
i get either the old host or some an invalid URL... both FireFox and Chome show errors like this:
The owner of OldDomian.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. The certificate is only valid for NewDomain.com.

a copy of the apache.conf VirtualHost config:
ServerName  OldSiteHost.com
ServerAlias www.OldSiteHost.com
ServerAlias OldSiteHost.com

RewriteEngine on
RewriteCond %{SERVER_NAME} =OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =newcorp.OldSiteHost.com [OR]
RewriteCond %{SERVER_NAME} =www.OldSiteHost.com
RewriteRule ^ https://NewSiteHost.com/ [END,NE,R=permanent]


Open in new window

We use a company called my contact form for our forms onsite.


But they use a standard captcha where you have to enter text, and we have an older base, who have trouble with it, so we'd like to replace it with a recaptcha.

I've got the client side on that page, but I have no idea how to implement the server-side, I'm hoping someone can tell me how to so it with htaccess.

Google says:
When your users submit the form where you integrated reCAPTCHA, you'll get as part of the payload a string with the name "g-recaptcha-response". In order to check whether Google has verified that user, send a POST request with these parameters:
URL: https://www.google.com/recaptcha/api/siteverify
secret (required)      6LdfIn4UAAAAALJ-198KrFzDKKytHk5w9tTipp8m
response (required)      The value of 'g-recaptcha-response'.
remoteip      The end user's ip address.

The reCAPTCHA documentation site describes more details and advanced configurations. https://developers.google.com/recaptcha/docs/verify
Which data structure contains information corresponding to the DocumentRoot directive  in Apache 2.x?

I expected it to be path in server_rec, but server_rec->path returns null.  Nor is it in request_rec.

Can someone check this please ... Is this the correct coding for robots.txt if I put a sitemap.xml file in the web root folder:
     User-agent: *
Is this the correct coding for .htaccess if I want to direct all requests to the Non-www https version of a URL:
     RewriteEngine On
     RewriteCond %{HTTP_HOST} ^www\.EXAMPLE\.com [NC]
     RewriteRule ^(.*)$ https://EXAMPLE.com/$1 [L,R=301]
     RewriteCond %{SERVER_PORT} 80
     RewriteRule ^(.*)$ https://EXAMPLE.com/$1 [L,R=301]
Any advice appreciated!
Hi guys

We have an Linux instance in the cloud with Nginx installed on it. However, whenever the server restarts, the Nginx services don't. I'm not overly familiar with Linux commands. Can anyone help me how we can automate the Nginx services to start on restarts automatically?

Thanks for helping
So, I have been reading about this for a long time and there's never a conclusive answer to be found anywhere.

I have a Centos 6 LAMP web server which mostly hosts websites created by yours truly and the occasional website created by someone else.

Which is the most secure way to configure Wordpress folders ownership AND keep all the automatic features (updating, uploading and so on) without the need to insert ftp or sftp credentials each time?

Aside from permissions (which I always set to 755 for folder, 644 for files and 600 for special files, as suggested everywhere), there's a lot of different ideas about ownership.

Somebody says apache should be the owner of the whole folder. Somebody says that the owner should be your server user (root for instance, or a dedicated user) and never apache.

But if the owner is not apache, you have to use your ftp credentials to upload, update and so on.

So is there a way to actually have it all? What's the safest and smartest way to configure ownership for Wordpress?

Thanks guys.
hi all

I have an issue with my rewrite in a .htaccess file that I'm unsure how to fix.

I want to be able to pass parameters as a query variable when someone uses the url for example www.mysite.com/user/reset/asdfg12345 to be re-written as www.mysite.com/user/reset/?rp=asdfg12345

My code below works but only for the very last rule so in this case RewriteRule ^user/verify/([^/\.]+)/?$      user/verify/?uvc=$1 [L] , the rule or rules above it never work, If I change the order again the last one only ever works.

Sure it's a simple error but something I'm not sure about.

Thanks in advance all, Neil

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP_REFERER} !^$  

# allows reset URL like /user/reset/5d34f4e59c155566913f782a2e2557dc,234j5hj23k452hk
RewriteRule ^user/reset/([^/\.]+)/?$	user/reset/?rp=$1 [L] 

# allows verification URL like /user/verify/5d34f4e59c155566913f782a2e2557dc
RewriteRule ^user/verify/([^/\.]+)/?$	user/verify/?uvc=$1 [L]

ErrorDocument 404 404.php 

## never rewrite for existing files, directories and links
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l

## rewrite everything else to index.php
RewriteRule .* index.php [L]

Open in new window


Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.