Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

hi guys

I have an EC2 AWS instance running apache. We previously bought SSL certificates and had them installed. They have now expired. We renewed them with Godaddy.

I want to install them on the server, but I can't seem to find the location where they need to go. One of our techies who has left may have played with the http.conf file but I am unable to work this out.

Can someone give advice on how to work on this?

Thank you
Yash
0
Bootstrap 4: Exploring New Features
LVL 13
Bootstrap 4: Exploring New Features

Learn how to use and navigate the new features included in Bootstrap 4, the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites.

Can someone point me in the direction of a good site for PHP Pagination of my sql records
Including demos and file downloads, please
I would like to take the technique to a more advanced level
0
i have a centos 7 and installing httpd on it.
i open firewall for port 80 and start httpd services. service is running ok.

in my etc/hosts ihave
127.0.0.1 localhost localhost.localdomain
..
..
10.10.1.10  localhost

in my httpd.conf  ihave
ServerName 10.10.1.10

browse 10.10.1.10 says :  Not possible to connect to website 10.10.0.10

what is wrong here?
0
I'm using AWS linux, apache 2.4.25, PHP 7.0.27, phpMyAdmin 4.7.7, FireFox 68.

For security, I kept/changed/added the following lines in httpd.conf to prevent browser access to .php and .inc.php but full browser access to .menu.php and index.php ..

I kept ..
<Directory "/var/www">
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory>

Open in new window

I changed from None to All ..
# Further relax access to the default document root:
<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

Open in new window

And added ..
<Files *.php>
    Require all denied
    Require local
</Files>

# Browser & linux allowed access to .php files
<Files index.php>
    Require all granted
</Files>

 # Browser denied access to .inc.php files
 # linux allowed access to .inc.php files
<Files *.inc.php>
    Require all denied
    Require local
</Files>

# All menu files have this added name before the extn
# Browser & linux allowed access to .menu.php files
<Files *.menu.php>
    Require all granted
</Files>

Open in new window

My website app works perfectly. However, phpMyAdmin fails with 403 errors since I changed the above.

The directory structures ..
For the website: /html/appdirectory/index.php
For PMA: /html/phpMyAdmin/index.php

Since both index.php are allowed browser access through the above index.php granting, I don't understand why it should 403.
When I refer to Page Source in FF, it shows the HTML, yet doesn't render.

Chrome responded identically, and shows in dev tools, console ..

Open in new window

0
We have just migrated to a Centos server running Nginx/Apache

We have a website which allows users to create profiles and login and logout

Since moving to the new server we are experiencing a problem.

The problem after users log in with their credentials, are randomly taken to another user's account, as if they were logged in as the other user.

We don't know how to fix this and we have trouble duplicating it.

we have deleted all the session files in the tmp folder and subfolders (while we stopped httpd, nginx and php-fpm services first)

we restart the server.

our previous server did not have these issues.

CentOS Linux release 7.6.1810
PHP Version 5.6.40
Apache/2.4.39 (cPanel)
nginx version: nginx/1.16.1
mysql 5.6.45

any help and suggestions would be great

again, the code from the previous website is the same - - we think a configuration of the server is causing the issue
0
This is driving me a little crazy, as it "should" be very simple, but I am unable to get it to work.

All I want to do is replace the default tomcat error page for a 404, 403 and 500 errors with a custom html page.  There are plenty of examples on the web which I have found and implemented, but I am unable to get it to work.  Here is one such page that I used: https://www.yeahhub.com/set-custom-error-page-apache-tomcat-server/

After implementing the solution I either still get the default 404 page or a 404 error, but no custom error.html.  I can browse to the page just fine (http://10.XXX.YYY.77:8731/error/error.html) and here is my configuration in the web.xml file:

<error-page>
      <error-code>404</error-code>
      <location>/error/error.jsp</location>
</error-page>
<error-page>
      <error-code>403</error-code>
      <location>/error/error.jsp</location>
</error-page>
<error-page>
      <error-code>500</error-code>
      <location>/error/error.jsp</location>
</error-page>

I created error.html and also created a folder in winapps called error, so the path is /error/error.html  I can browse the page.  Here is the code:

<html>
      <head>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
            <title>Error</title>
      </head>

      <body bgcolor="#FFFFFF">

            <script language="Javascript">
                  function onClickWiki() {
                        alert("Under construction");
                  }
            </script>

            <h1 align="center">Error</h1>

      </body>
</html>

It all looks good to me and in …
0
I have an oracle HTTP server 12.3.1 which is based on Apache 2.2 running on RHEL 7.4 machine.

I use it to run a web oracle database application via mod_plsql.

It has been running fine for years.

Last week users started reporting outage and very slow reponse time.

I found out that this happens when the number of connections goes from 50 to several hundreds. See attached list.
This was as a result of foreign IPs running a scanner or Sync DoS attack. Security does not admit this is
a DoS attack but more of a public scanner that always run on most sites.

The traffic coming to my web server goes through an IDS, Load Balancer, Palo Alto Firewall, WAF and then my web server.

We added a rule on firewall to block all internation Ip but a few hours later I found a scan started from an IP in california.

Security claims they cant prevent these scanners to scan the public site and that I should fix the issue on web server by hardening or tuning the Apache server.

MY web server has 16 GB RAM. I upped the MaXCLients for Apache from 150 to 450 and added SYN_COOKIES to the linux machine.
I dont know if this will provide protection yet or not.

My questions,

1) Is what security say correct? Should not the SYN flood attacks be blocked on the IDS or firewall device?


2) what can i do for tuning in Apache to solve this problem and prevent of connection overload to hang the server?

3) Could it be that RHEL or Oracle web server is not killing open connections …
0
The web application in my organizations uses Apache web server that load balance across Application servers (Tomcat instance). There are two Apache (Web server) instances that route the traffic to 4 Application server instance.

The HTTPS traffic coming to the application terminates at the Web server layer, and then communication between Web server and App server is over HTTP. My assumption is that Web server and App-server communicates over HTTP and not over HTTPS.

However lately in a discussion with my IS team I came to know that Web server communication to App server over HTTP is not considered secure, and Web server should instead communicate to App server over HTTPS.

I would like to know your views on how generally this works in your organization?
0
Hi Experts,
 We have some application that we are migrating from one environment to another environment. We have some tomcat , Database server Apache and batch servers for this application. We will have new host/server for this application.  Our job is to find some old server name references and replace with new one specially database server for connection string for java application in config file or any location.

We are using Putty to log on those unix servers. We don't want to manually find one by one in all the file and replace it.

Is there any way or script to find those instances and replace automatically?
0
After enabling http/2 I am getting an error on my sites saying  Connection failed: could not find driver
I followed this article. https://helgeklein.com/blog/2018/11/enabling-http-2-in-apache-on-ubuntu-18-04/
I'm suspecting that it has to do with changing from php 7.3 to php fpm. How do I troubleshoot this error properly?
0
Introduction to R
LVL 13
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

Hi All,

I have a Moodle on-prem installation using Apache 2.4 on a Windows 2016 server. The systems works well however i want to secure it with an SSL now as external people will be accessing the site.

I used an online CSR generator and purchased a cert from GoDaddy.  I followed instructions from here https://www.digicert.com/csr-ssl-installation/apache-openssl.htm but it doesn't work.

I've seen so many articles but they mostly refer to linux servers.

Anyone care to assist?

Thanks
0
I have a Apache tomcat 8 webserver running on Windows 2008 server.

It is used to run crystal reports on port 443. it is configured in server.xml for that port.

I am having problem getting the new SSL certificate to work. The non-sslport 8080 works fine. Site is private and restricted to few IP addresses.

Is there a way to redirect any HTTPS requests to the server from port 443 to non-ssl port (http) running on port 8080 until I get SSL port working?
0
Hello,

I'm using WHM/Cpanel in my server, and want to access a user's web files with the browser using the server's IP: http://xxx.xxx.xxx.xxx/~username/ . When trying to activate mod_userdir from WHM's "Apache mod_userdir Tweak", I get this message:

Web server processes on this system currently run as the user. For security reasons, the system disabled mod_userdir. Any changes that you make in this interface will not take effect until you enable mod_userdir. To use mod_userdir, you must disable mod_ruid2, mod_itk, and mod_passenger and recompile EasyApache.

So the question is, how do I do all that? I have to disable mod_ruid2, mod_itk, and mod_passenger and recompile EasyApache. I've really tried searching online, but what I've found doesn't work for me. I'm using CentOS 7 and my CPanel version is 80. Thanks!
0
what is ideal log file size to be maintained in the servers to have  a optimal performance
Explain effect of file size in performance
0
I have a crystal reports server 2016 that uses tomcat 8 apache web server running on Windows 2008 server.

The SSL certificate expires soon so we purchase a new one for the same domain.

I ran same steps to install the SSL certificate as 3 years ago on Tomcat 7 but Whenever I call the web server via browser I get a spinning wheel for a while and then this error

I also updated the tomcat "Server.xml" config file to reflect the new java keystore name and new keystore password and restarted the web server.

This page can’t be displayed
Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://psscr.xyz.com  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator. 

Open in new window



Here are the steps i used to create the keystore and import certificate to it.

1) Generate a Keystore

cd C:\Program Files\Java\jre7\bin

keytool -keysize 2048 -genkey -alias tomcat -keyalg RSA  -sigalg SHA256withRSA -keypass secret19 -keystore tomcat10.keystore

Open in new window



2) Create a CSR

keytool -certreq -alias tomcat -keyalg RSA -sigalg SHA256withRSA -keystore tomcat10.keystore -file 
file10.csr

Open in new window



1. Install root, intermediate and user certificate

keytool -importcert -alias root -file c:\cert_2016\Apache\GoDaddyRoot.cer -keystore tomcat10.keystore

keytool -importcert -alias intermediate -file c:\cert_2019_new\gd_bundle-g2-g1.crt -keystore tomcat10.keystore

keytool -trustcacerts -importcert -alias tomcat -file c:\cert_2019_new\7e73f2ce88c70361.crt -keystore tomcat10.keystore

Open in new window



Do you know what could be the problem?

I tried to check the tomcat  log for any hints but there does not seem to be any errors.
0
How to setup JNDI in apache, better method to connect DB

Please advice the steps
0
Hello everyone !

I ask for your help because my host refuses to help me correct this problem that I encounter in my logs.
My domain is www.sivop.com and in my error logs I encounter this error which however should not be generated since all this content & lang = en_CI & lang = en_CI & lang = en_CI ....... does not exist since several months.
[Thu Jul 04 11:56:35 2019] [error] [client 66.249.64.23] [host www.sivop.com] (36)File name too long: AH00036: access to /www.sivop.com&lang=fr_CI&lang=en_CI&devise=USD&devise=EUR&lang=en_CI&devise=EUR&devise=EUR&devise=EUR&lang=fr_CI&devise=EUR&devise=EUR&devise=XOF&devise=XOF&lang=fr_CI&lang=fr_CI&lang=fr_CI&lang=fr_CI&devise=EUR&lang=en_CI&devise=XOF&devise=USD&devise=USD&lang=fr_CI&lang=en_CI&lang=en_CI&devise=XOF failed (filesystem path '/homez.520/sivop/www/www.sivop.com&lang=fr_CI&lang=en_CI&devise=USD&devise=EUR&lang=en_CI&devise=EUR&devise=EUR&devise=EUR&lang=fr_CI&devise=EUR&devise=EUR&devise=XOF&devise=XOF&lang=fr_CI&lang=fr_CI&lang=fr_CI&lang=fr_CI&devise=EUR&lang=en_CI&devise=XOF&devise=USD&devise=USD&lang=fr_CI&lang=en_CI&lang=en_CI&devise=XOF')
[Thu Jul 04 11:56:41 2019] [error] [client 66.249.70.4] [host sivop.com] (36)File name too long: AH00036: access to 

Open in new window

0
I am using JK_MOD load balancer to connect my apache to Tomcat AJP port for accessing my application, it works. My question is do i need to SSL protect the AJP port? If yes, how? Thanks, Aneesh.
0
Hi Team,

We are facing issue with one of our web URL it configured in IIS & Apache Tomcat on (windows server 2012 R2)

While accessing the URL the web portal is not getting open. we are trying to do IIS restart it work sometime but now it is not working.

we have checked the connectivity from remote site the Ping & Telnet is happening.

Below are the URL.

htpp://192.168.207.36:7070/omni/login.do

we also trying access http://192.168.207.36:7070/omni in that we are getting welcome screen.
0
Learn SQL Server Core 2016
LVL 13
Learn SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

I am using a java web application on Tomcat 9.0 server with ActiveMQ 5. Below is the broker config at context.xml, it works.

<Resource   name="jms/ConnectionFactory"
            auth="Container"
            type="org.apache.activemq.ActiveMQConnectionFactory"
            description="JMS Connection Factory"
            factory="org.apache.activemq.jndi.JNDIReferenceFactory"
            brokerURL="vm://localhost"
            brokerName="LocalActiveMQBroker"
            useEmbeddedBroker="true"/>

    <Resource name="jms/queue/MyQueue"
              auth="Container"
              type="org.apache.activemq.command.ActiveMQQueue"
              factory="org.apache.activemq.jndi.JNDIReferenceFactory"
              physicalName="MTFQ"/>

It always creates the persistence store directory activemq-data inside tomcat bin folder, adding what parameter I can redirect the store content to my own directory which is outside of tomcat folder. Please help.
0
I´m using this configuration for a HA web server. I´ll have 2000 simultaneous connections. It that ok, or I´ll have to change any value ?
It´s centos 7.6  with 64 Gb RAM

<IfModule prefork.c>
StartServers 5
MinSpareServers 20
MaxSpareServers 40
MaxRequestWorkers 1000
MaxConnectionsPerChild 1000
ServerLimit 100
</IfModule>
0
Hi,

I am in trouble running a WordPress site on Bitnami WordPress on ec2 instance.

It seems that apache is running, but no http response from the server.
Port 80 is not listened by any service.

bitnami@ip-:~$ lsof -i # no output
bitnami@ip-:~$ 

Open in new window


Apache seems to be runnning.
bitnami@ip-172-31-33-101:~$ ps aux | grep apache
root      1910  0.0  2.9 203384 30288 ?        Ss   07:35   0:00 /opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf
daemon    1915  0.0  1.5 812444 15968 ?        Sl   07:35   0:00 /opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf
daemon    1916  0.0  1.5 812444 15892 ?        Sl   07:35   0:00 /opt/bitnami/apache2/bin/httpd.bin -f /opt/bitnami/apache2/conf/httpd.conf
bitnami   2996  0.0  0.1  14224  1084 pts/1    S+   07:37   0:00 grep --color=auto apache

Open in new window


I restarted apache, mysql, php as follows.
bitnami@ip-172-31-33-101:~$ sudo /opt/bitnami/ctlscript.sh start
/opt/bitnami/mysql/scripts/ctl.sh : mysql  started at port 3306
/opt/bitnami/php/scripts/ctl.sh : php-fpm started
Syntax OK
/opt/bitnami/apache2/scripts/ctl.sh : httpd started at port 80

Open in new window


But no response.

bitnami@ip-172-31-33-101:~$ curl localhost:80

Open in new window


Any advise would be very appreciated.

Thanks!
0
I am using CentOS 6. I had PHP 5.x on my machine and I updated PHP 7.2 using a Blog: https://tecadmin.net/nstall-php7-on-centos6/

However after updating PHP 7.2 Apache doesn't show the output of the PHP file but it downloads the source file itself.

Command line shows PHP 7.2:

# php --version
PHP 7.2.17 (cli) (built: Apr  3 2019 10:16:22) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies

Open in new window


#apachectl -M
Loaded Modules:
 core_module (static)
 mpm_prefork_module (static)
 http_module (static)
 so_module (static)
 auth_basic_module (shared)
 auth_digest_module (shared)
 authn_file_module (shared)
 authn_alias_module (shared)
 authn_anon_module (shared)
 authn_dbm_module (shared)
 authn_default_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 authz_owner_module (shared)
 authz_groupfile_module (shared)
 authz_dbm_module (shared)
 authz_default_module (shared)
 ldap_module (shared)
 authnz_ldap_module (shared)
 include_module (shared)
 log_config_module (shared)
 logio_module (shared)
 env_module (shared)
 ext_filter_module (shared)
 mime_magic_module (shared)
 expires_module (shared)
 deflate_module (shared)
 headers_module (shared)
 usertrack_module (shared)
 setenvif_module (shared)
 mime_module (shared)
 dav_module (shared)
 status_module (shared)
 autoindex_module (shared)
 info_module (shared)
 dav_fs_module (shared)
 vhost_alias_module (shared)
 negotiation_module 

Open in new window

0
Would like to understand whether pandas(python) can be used to convert from oracle pl/sql to python(accessing hive) and later ported into spark(Big data) environment or development.

Is to be done using Pyspark for executing in spark(Big data) environment?
0
apache file.

what is wrong with this file? i upload it into my ftp , but my login is still not working!

must be a formatting error.
.htpasswd
0

Apache Web Server

19K

Solutions

15K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.