Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

need to upgrade  apache version on centos 6.5. (as of now having 2.4.6)
apache2 on ubuntu(16.04), took to long to respond.
 it was working before update and upgrade. service is runnig and nagios on it it's ok but no page.
I am uploading images in the "images" folder on my web server and I want all uploaded images to be visible in a table in index.html page with a delete button for each uploaded image so that i can be able to delete any image i want to delete. I don't want anything to do with database and i will be the one uploading the images from my admin.
I only want a simple scripts that will do this job, thanks everyone


<form name="upload" action="upload.php" method="POST" enctype="multipart/form-data">
    Select image to upload: <input type="file" name="image">
    <input type="submit" name="upload" value="upload">


$uploaddir = 'images/';
$uploadfile = $uploaddir . basename($_FILES['image']['name']);
if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadfile)) {
    echo "Image succesfully uploaded.";
} else {
    echo "Image uploading failed.";
I have installed AWstats install on CentOS7, by following this guide https://panel.bullten.net/knowledgebase/59/Install-and-Configure-Awstats-in-CWP.html
When I visit http://mydomain.com/awstats/awstats.pl?config=mydomain.com all I get is a page of text as below,
# Free realtime web server logfile analyzer to show advanced web statistics.
# Works from command line or as a CGI. You must use this script as often as
# necessary from your scheduler to update your statistics and from command
# line or a browser to read report results.
# See AWStats documentation (in docs/ directory) for all setup instructions.
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
require 5.007;

#use warnings;		# Must be used in test mode only. This reduce a little process speed
#use diagnostics;	# Must

Open in new window

I had this problem with Google Chrome before, but now I have it with Firefox as well:

I'm running Ubuntu 17.10 on my laptop, with apache2. This is a development machine so I have numerous php sites defined as virtual hosts. This used to work perfectly on both chrome and firefox. But a couple of weeks (?) ago Chrome refused service, and now Firefox thinks it has to protect me from my own code.  I don't know if the problem is caused by a recent updat of Chrome or Firefox, or if this is caused by an apache update.

Now I can't access any of these virtual hosts anymore. I get some crap message about "Your connection is not secure" and some stuff about HSTS.
The thing is : I don't use https for these sites, and I don't want to use it.  All I'm developing are intranet applications NOT even accessible outside our company network, so I don't need HTTPS, and I couldn't even get certificates if I tried since there is no "official" domainname linked to these sites (they're all .lan, or .dev names)

I wasted a full day on this crap and nothing seems to work. How do I disable HSTS completely on my locally installed apache2 on MY OWN laptop? These sites on my laptop are development versions not accessible outside my laptop, so I don't need this.
Disabling HSTS for any .dev website would also be a solution.

Or alternatively does anyone know of a recent step by step "how to"  on using self-signed certificates that does work? I've tried several today but none of them seem to work…
Hi expertsAWS opened ports for reference,

   My web application is running on aws ubuntu 16.  I have the following ports open from aws.  
It has the following applications running on ubuntu

uwsgi with nginx -  i  Think it uses port 80
node.js with react - react is rendering on port 9009
webpack with webpack.config.js - which creates js file which will be using port 80
npm run django: runserver  uses port 8000
elastic search :9200 uses port 9200
postgresql used port:5432

Please see the opened ports on aws.  screenshot for reference.

With putty I connect to linux ubuntu machine with the following ip address

There is docker application which runs inside that linux box uses nginx, postgres, elasticsearch

When I run docker application, and I able to see from browser with

Where as when I run python manage.py runserver I am not able to see the application.

The site can't be reached refused to connect error.

Whereas I can see the docker application when the docker is run.

Please help me why the python application is not running on the browser, where as Docker application runs well.

With python manage.py runserver 0,0,0,0:8000 I am running from the source code.  Whereas with docker I am running the docker image.

Both are same application.  

Please help me in fixing this issue.

with many thanks,
Bharath AK
I'm trying to create a single .htaccess file that makes seo-friendly URL's for the root directory AND subdirectories. For example:

testsite.com/index.cfm?p=about > testsite.com/about


testsite.com/subdirectory/index.cfm?p=widgets > testsite.com/subdirectory/widgets

I can do the first with the following code...

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.cfm?p=$1 [NC,L]

Open in new window

...but this will send testsite.com/subdirectory/index.cfm?p=widgets to testsite.com/widgets

Can you help me with redirecting subdirectories properly? Everything I've found on Google just shows you how to redirect specific subdirectories, not how to capture the subdirectory you're currently in. Thanks!
After using apache and weblogic for more than 10 years(the last working module used is: mod_wl_22), I am ready to set up a replacement system with the newer version of the connector module (mod_wl_24) for our production.

I follow the official documentation from this link:


The server OS is:
root@server90 ~]# uname -a
Linux server90 4.1.12-94.3.9.el7uek.x86_64 #2 SMP Fri Jul 14 20:09:40 PDT 2017 x86_64 x86_64 x86_64 GNU/Linux

Open in new window

Apache version:
[root@server90 ~]# apachectl -version
Server version: Apache/2.4.6 ()
Server built:   Oct 19 2017 14:54:33

Open in new window

APACHE_HOME folder details
[root@server90 httpd]# pwd
[root@server90 httpd]# ll
total 8
drwxr-xr-x 2 root root   58 Mar 10 21:58 conf
drwxr-xr-x 2 root root  103 Mar 10 21:56 conf.d
drwxr-xr-x 2 root root 4096 Mar 10 21:42 conf.modules.d
drwxr-xr-x 2 root root 4096 Mar 11 15:31 lib
lrwxrwxrwx 1 root root   19 Feb 22 16:32 logs -> ../../var/log/httpd
lrwxrwxrwx 1 root root   29 Feb 22 16:32 modules -> ../../usr/lib64/httpd/modules
lrwxrwxrwx 1 root root   10 Feb 22 16:32 run -> /run/httpd
[root@server90 httpd]# 

Open in new window

I created a lib folder at the APACHE_HOME folder and copy all the lib files and this connection module(downloaded from Apache foundation website) into this folder
[root@server90 httpd]# cd lib/
[root@server90 lib]# ll
total 138808
-rwxr-xr-x 1 root root  6990875 Mar 10 21:00 libclntshcore.so
-rwxr-xr-x 1 root root  6990875 Mar 10 21:00 libclntshcore.so.12.1
-rwxr-xr-x 1 root root 58793741 Mar 10 21:00 libclntsh.so
-rwxr-xr-x 1 root root 58793741 Mar 10 21:00 libclntsh.so.12.1
-rwxr-xr-x 1 root root   409107 Mar 10 21:00 libdms2.so
-rwxr-xr-x 1 root root  1768370 Mar 10 21:00 libipc1.so
-rwxr-xr-x 1 root root   544150 Mar 10 21:00 libmql1.so
-rwxr-xr-x 1 root root  6747034 Mar 10 21:00 libnnz12.so
-rwxr-xr-x 1 root root   346242 Mar 10 21:00 libons.so
-rwxr-xr-x 1 root root    98521 Mar 10 21:00 libonsssl.so
-rwxr-xr-x 1 root root    72281 Mar 10 21:00 libonssys.so
-rwxr-xr-x 1 root root   567319 Mar 11 15:24 mod_wl_24.so
[root@server90 lib]# 

Open in new window

After that, I added directive for loading the module  into the $APACHE_HOME/conf/httpd.conf file:
[root@server90 httpd]# cd conf
[root@server90 conf]# ll
total 36
-rw-r--r-- 1 root root 11814 Mar 11 00:49 httpd.conf
-rw-r--r-- 1 root root 13077 Oct 19 17:55 magic
-rw-r--r-- 1 root root  4104 Mar 10 21:58 weblogic.conf
[root@server90 conf]# cat httpd.conf 
LoadModule weblogic_module /etc/httpd/lib/mod_wl_24.so

Open in new window

Then verify if this apache web server has included the dynamic sharing module: mod_so.c
[root@server90 conf]# apachectl -l
Compiled in modules:
[root@server90 conf]# 

Open in new window

the next step is to try to test the syntax of httpd.conf:
[root@server90 conf]# apachectl -t
httpd: Syntax error on line 355 of /etc/httpd/conf/httpd.conf: Cannot load modules/mod_wl_24.so into server: libonssys.so: cannot open shared object file: No such file or directory
[root@server90 conf]# 

Open in new window

it shows some error message:

Open in new window

Hi all, I know this is all over every forum and I have tried and tried but just can't get it to work.
It is for a free image hosting service that allows hotlinkning, but not abusive hotinking, so they need to stop images being hotlinked from certain outside domains only, all other websites/forums etc can hotlink, in the same way imgur block hotlinking to sites that break their terms of service.

The .htaccess file looks like this but images are still hotlinked to eBay, any ideas?

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^https://(.+\.)?vipr.ebaydesc\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^https://(.+\.)?vi.vipr.ebaydesc\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^https://(.+\.)?ebay\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^https://(.+\.)?ebaydesc\.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} ^https://(.+\.)?www.ebay\.com/ [NC]
RewriteRule .*\.(jpeg|jpg|gif|bmp|png)$ https://mydomain.com/nohotlinking.gif [L]

RewriteEngine on
RewriteRule \.(gif|jpe?g|png|bmp) 404.gif [NC,L]

Open in new window

The second rule is designed to show an image when the image at a particular url has been deleted, that works perfectly.

We have also tried variations such as,

RewriteCond %{HTTP_REFERER} ^http(s)?://(.+\.)?vi.vipr.ebaydesc(.+)?\.com [NC]

Open in new window


RewriteCond %{HTTP_REFERER} ^https://(.*\.)*ebay\.com [NC,OR]

Open in new window

But nothing works, now we know its possible as imgur do it.

Any ideas?

I've supported SSL certs and configured servers for years, so no newb here.

Had an interesting issue on CentOS 7.  
Let's call my SSL domain www.domain.com, we'll say IP is setup in the virtual host directive (Apache 2.4.6 / OpenSSL 1.0.2k-fips
And the server hosting it linux.domain.local, a CentOS 7.4.1708 box.

Cert is installed, and answering to www.domain.com, everything is good.

Here's where the issue rears it's ugly head -
For some local software, ansible + jenkins, we have to make a host file entry back to the machine's IP itself, so in my etc/host file, I placed:   www.domain.com

When I restart apache / openssl, I then get a domain mismatch warning in a browser when visiting the site. If I go to www.domain.com, it gives the mismatch , and when viewing the cert via the browser (view cert), it says the servername is actually linux.domain.local.

If I REM out the /etc/hosts file entry, and restart apache, SSL works as expected.

When the entry is in /etc/hosts, it appears to grab the rDNS name of the machine rather than serving up what I have specified in the <Virtualhost> directive.
To pre-answer, Yes, the directive ServerName is www.domain.com, and the virtual host is setup specifically with the IP:port (

Never seen this on any other Linux / RMP based flavor. One workaround seems to be setting the rDNS, but I don't want to rely on that for our production server(s).
I'd rather know WHY CentOS 7 …
I have configured Apache on Windows 7 machine to run our digital singage media on multiple screens which I got it working fine but I have got in to another problem I can't get to our own website now, every time we type our Web address www.example.com it takes us to Apache server page can you guy's please tell how to resolve this problem.
I have nginx running as a reverse proxy successfully. I am looking to simplify the listen ports..

Is there a way to create 2 or more listen ports for a given entry?

for example

server {
    listen 80, 443;
    server_name example.domain.com;
    location / {
I have uploaded a backup of a WordPress Site, including DB, but now the site will not load.

I get a HTTP-error 500

In the logfile I get:
AH01071: Got error 'PHP message: PHP Fatal error: Class 'Requests_Hooks' not found in /var/www/vhosts/domain.tld/httpdocs/wp-includes/class-wp-http-requests-hooks.php on line 17\n', referer: http://domain.tld/?page_id=1776.

Any Idea?

i have a web application that is work on wamp on windows server and its work fine, i moved the application folder to linux ubuntu 16.4 with apache.
i see the permission and apahe config.
when i try to open the application is't give me 404 page not found
under ci log the error is page not found index
so where is the problem?
I have a website/server where I would like the following to happen.

  • If a person types the URL: http://mydomain.com/apple it should go to: http://mydomain.com/pickfruit.php?a=apple
  • And if they enter: http://mydomain.com/pear it goes to: pickfruit.php?a=pear
  • I also have the need for the ability of legit sub-directories to exist. For example, http://mydomain.com/admin would to take you into that sub-directory and would NOT redirect to pickfruit.php?a=admin.

So what I am looking for is a solution where I do not have to create all of the individual fruit directories and then put a header redirect in each directory.  

I assume this can be done with the .htaccess file or something like that? Any insight would be appreciated. I can use .php if that helps as well.
Running the following CURL command:
curl https://tlstest.paypal.com

Open in new window

I am faced with an error to do with the  SSL certificate:

curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). The default
 bundle is named curl-ca-bundle.crt; you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.
[#### ~]$ curl --tlsv1.2 https://tlstest.paypal.com/
curl: option --tlsv1.2: is unknown
curl: try 'curl --help' for more information
[#### ~]$ curl --tlsv1 https://tlstest.paypal.com/
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA)
I'm getting the following error on my bluehost server when i use a certain script.

Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

I think it has something to do with the .htaccess file, if so how can I edit it to remove this issue ?

Here is my htaccess file from the public_html folder (some URLs replaced with 'mydomain'):

RewriteEngine on
# Use PHP5.6 as default
# AddHandler application/x-httpd-php56 .php
RewriteCond %{HTTP_HOST} ^mydomain\.net$ [OR]
RewriteCond %{HTTP_HOST} ^www\.mydomain\.net$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^/?$ "http\:\/\/www\mydomain\.com\/" [R=302,L]

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php56” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-ea-php56 .php .php5 .phtml
# php -- END cPanel-generated handler, do not edit

Open in new window

Thanks a lot
I need to redirect most links of my website, including the home page, to a domain with a different domain prefix. But I need to NOT redirect all links that include a specific directory following the domain in the URL. Here's what it looks like:

All links from "admin.domain.com" must redirect to "www.domain.com" EXCEPT for all links that begin with "admin.domain.com/administrator".

What is the htaccess code that will do this, assuming it can be done?


I just stood up a new Apache server on a Ubuntu 14.04 VM.   My consultant requested this.   I am trying to get SSL to work and I'm stuck.   the site works if I access over http:// however   Every time I access the URL with https:// I'm getting

This site can’t provide a secure connection
authorize.mpbio.com sent an invalid response.
Try running Network Diagnostics.

Here is the .conf file.   I'm lost on figuring out why it's not working.  

Any help is greatly appreciated.  I'm sure the solution is something simple.

Thanks in advance.  

<VirtualHost *:80>
        ServerName mysite.com
        ServerAlias server.mysite.com
        ServerAlias dev-app-2
        DocumentRoot /var/www/vhosts/xxxxx
        <Directory /var/www/vhosts/xxxxx>
                Options -Indexes +FollowSymLinks -MultiViews
                AllowOverride All
                #Order deny,allow
                #Allow from all
                Require all granted
        CustomLog /var/log/apache2/xxxxx.log combined
        ErrorLog /var/log/apache2/xxxxx-error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
<VirtualHost *:443>
        ServerName mysite.com
        ServerAlias server.mysite.com
        ServerAlias dev-app-2
        DocumentRoot /var/www/vhosts/xxxxx
        SSLProtocol all -SSLv2 -SSLv3
        SSLEngine on
My web host is upgrading something so I have to redirect all my current Miva cart pages to new ShopSite URL's. I am trying to do that in my .htaccess file but the names of many of my products share similarities, as shown by the two examples below. What I have below always pulls up the first item in addition to pulling up the second item when I test the second redirect. How can I fix this?

RewriteCond %{QUERY_STRING} ^(.*)Product_Code=A363(.*)$ [NC]
RewriteRule .? https://shop.mysite.com/cgi-bin/sc/order.cgi?storeid=*14c90e&dbname=products&guid=da713abc-0c58-11e8-9836-002590155d56&function=add [QSD,L,R=301]

RewriteCond %{QUERY_STRING} ^(.*)Product_Code=A363DT(.*)$ [NC]
RewriteRule .? https://shop.mysite.com/cgi-bin/sc/order.cgi?storeid=*14c90&dbname=products&guid=da713abc-0c58-11e8-9836-002590155d56&function=add [QSD,L,R=301]

Open in new window

To completely prevent caching (storing it and using it), usually on the internet they are saying you have to use something like this in your .htaccess file:

<ifModule mod_headers.c>
     Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
     Header set Pragma "no-cache"
     Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"

Open in new window

I see this everywhere, but I don't understand it. What's the difference between the code above and this:

<ifModule mod_headers.c>
     Header set Cache-Control "no-cache, no-store"
     Header set Pragma "no-cache"

Open in new window

In my opinion you could use the last one. There is already "no-cache", so there will be anyway (re)validation. So "max-age=0", "must-revalidate", and "Expires" makes no sense to me?

So for what reason exactly people are adding those things to the .htaccess file?
I have a computer with Ubuntu installed and setup with Apache .  I have a domain name, and have pointed it to the IP address of the PC, which works, but I want it to go to a specific folder on the web server not the general folder, how can I do this.

Www.mydomain.com goes to but I want it to go to

My external IP address is obviously not

I am using sms panel to send OTP
but when I run my page in localhost
it show like this

Fatal error: Call to undefined function curl_init() in

i also  remove comment from ini file

but still it showing this fetal error
I am using Oracle 9i database and PHP(5.6.33) for an application.
Application is showing PHP extension issue "None of the supported PHP extensions (OCI8, PDO_OCI) are available".
But i have tried to download couple of php extension named as OCI8.dll and PDO_OCI.dll to my PHP configuration file, but
still error is not going.Please help me on so I can connect oracle database with PHP.
I am trying to configure an ubuntu (14.04 LTS) linux server with apparmor to protect the Apache2 web server, but I can't find any best practice or how-to guides for this specific purpose, only some basic guides for apparmor with the default profiles which do not include apache2 configuration. The ubuntu web server is running Apache2, Drupal 7, and MySQL. Is there a basic template for the AppArmor-Apache2 config that I should be implementing for basic security or is this something that has to be specific to the site?

Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.