Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am uploading images in the "images" folder on my web server and I want all uploaded images to be visible in a table in index.html page with a delete button for each uploaded image so that i can be able to delete any image i want to delete. I don't want anything to do with database and i will be the one uploading the images from my admin.
I only want a simple scripts that will do this job, thanks everyone


<form name="upload" action="upload.php" method="POST" enctype="multipart/form-data">
    Select image to upload: <input type="file" name="image">
    <input type="submit" name="upload" value="upload">


$uploaddir = 'images/';
$uploadfile = $uploaddir . basename($_FILES['image']['name']);
if (move_uploaded_file($_FILES['image']['tmp_name'], $uploadfile)) {
    echo "Image succesfully uploaded.";
} else {
    echo "Image uploading failed.";
Free Tool: ZipGrep
LVL 12
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

I had this problem with Google Chrome before, but now I have it with Firefox as well:

I'm running Ubuntu 17.10 on my laptop, with apache2. This is a development machine so I have numerous php sites defined as virtual hosts. This used to work perfectly on both chrome and firefox. But a couple of weeks (?) ago Chrome refused service, and now Firefox thinks it has to protect me from my own code.  I don't know if the problem is caused by a recent updat of Chrome or Firefox, or if this is caused by an apache update.

Now I can't access any of these virtual hosts anymore. I get some crap message about "Your connection is not secure" and some stuff about HSTS.
The thing is : I don't use https for these sites, and I don't want to use it.  All I'm developing are intranet applications NOT even accessible outside our company network, so I don't need HTTPS, and I couldn't even get certificates if I tried since there is no "official" domainname linked to these sites (they're all .lan, or .dev names)

I wasted a full day on this crap and nothing seems to work. How do I disable HSTS completely on my locally installed apache2 on MY OWN laptop? These sites on my laptop are development versions not accessible outside my laptop, so I don't need this.
Disabling HSTS for any .dev website would also be a solution.

Or alternatively does anyone know of a recent step by step "how to"  on using self-signed certificates that does work? I've tried several today but none of them seem to work…
Hi expertsAWS opened ports for reference,

   My web application is running on aws ubuntu 16.  I have the following ports open from aws.  
It has the following applications running on ubuntu

uwsgi with nginx -  i  Think it uses port 80
node.js with react - react is rendering on port 9009
webpack with webpack.config.js - which creates js file which will be using port 80
npm run django: runserver  uses port 8000
elastic search :9200 uses port 9200
postgresql used port:5432

Please see the opened ports on aws.  screenshot for reference.

With putty I connect to linux ubuntu machine with the following ip address

There is docker application which runs inside that linux box uses nginx, postgres, elasticsearch

When I run docker application, and I able to see from browser with

Where as when I run python manage.py runserver I am not able to see the application.

The site can't be reached refused to connect error.

Whereas I can see the docker application when the docker is run.

Please help me why the python application is not running on the browser, where as Docker application runs well.

With python manage.py runserver 0,0,0,0:8000 I am running from the source code.  Whereas with docker I am running the docker image.

Both are same application.  

Please help me in fixing this issue.

with many thanks,
Bharath AK
I'm trying to create a single .htaccess file that makes seo-friendly URL's for the root directory AND subdirectories. For example:

testsite.com/index.cfm?p=about > testsite.com/about


testsite.com/subdirectory/index.cfm?p=widgets > testsite.com/subdirectory/widgets

I can do the first with the following code...

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.cfm?p=$1 [NC,L]

Open in new window

...but this will send testsite.com/subdirectory/index.cfm?p=widgets to testsite.com/widgets

Can you help me with redirecting subdirectories properly? Everything I've found on Google just shows you how to redirect specific subdirectories, not how to capture the subdirectory you're currently in. Thanks!
I've supported SSL certs and configured servers for years, so no newb here.

Had an interesting issue on CentOS 7.  
Let's call my SSL domain www.domain.com, we'll say IP is setup in the virtual host directive (Apache 2.4.6 / OpenSSL 1.0.2k-fips
And the server hosting it linux.domain.local, a CentOS 7.4.1708 box.

Cert is installed, and answering to www.domain.com, everything is good.

Here's where the issue rears it's ugly head -
For some local software, ansible + jenkins, we have to make a host file entry back to the machine's IP itself, so in my etc/host file, I placed:   www.domain.com

When I restart apache / openssl, I then get a domain mismatch warning in a browser when visiting the site. If I go to www.domain.com, it gives the mismatch , and when viewing the cert via the browser (view cert), it says the servername is actually linux.domain.local.

If I REM out the /etc/hosts file entry, and restart apache, SSL works as expected.

When the entry is in /etc/hosts, it appears to grab the rDNS name of the machine rather than serving up what I have specified in the <Virtualhost> directive.
To pre-answer, Yes, the directive ServerName is www.domain.com, and the virtual host is setup specifically with the IP:port (

Never seen this on any other Linux / RMP based flavor. One workaround seems to be setting the rDNS, but I don't want to rely on that for our production server(s).
I'd rather know WHY CentOS 7 …
I have nginx running as a reverse proxy successfully. I am looking to simplify the listen ports..

Is there a way to create 2 or more listen ports for a given entry?

for example

server {
    listen 80, 443;
    server_name example.domain.com;
    location / {
I have uploaded a backup of a WordPress Site, including DB, but now the site will not load.

I get a HTTP-error 500

In the logfile I get:
AH01071: Got error 'PHP message: PHP Fatal error: Class 'Requests_Hooks' not found in /var/www/vhosts/domain.tld/httpdocs/wp-includes/class-wp-http-requests-hooks.php on line 17\n', referer: http://domain.tld/?page_id=1776.

Any Idea?

I have a website/server where I would like the following to happen.

  • If a person types the URL: http://mydomain.com/apple it should go to: http://mydomain.com/pickfruit.php?a=apple
  • And if they enter: http://mydomain.com/pear it goes to: pickfruit.php?a=pear
  • I also have the need for the ability of legit sub-directories to exist. For example, http://mydomain.com/admin would to take you into that sub-directory and would NOT redirect to pickfruit.php?a=admin.

So what I am looking for is a solution where I do not have to create all of the individual fruit directories and then put a header redirect in each directory.  

I assume this can be done with the .htaccess file or something like that? Any insight would be appreciated. I can use .php if that helps as well.
I'm getting the following error on my bluehost server when i use a certain script.

Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

I think it has something to do with the .htaccess file, if so how can I edit it to remove this issue ?

Here is my htaccess file from the public_html folder (some URLs replaced with 'mydomain'):

RewriteEngine on
# Use PHP5.6 as default
# AddHandler application/x-httpd-php56 .php
RewriteCond %{HTTP_HOST} ^mydomain\.net$ [OR]
RewriteCond %{HTTP_HOST} ^www\.mydomain\.net$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^/?$ "http\:\/\/www\mydomain\.com\/" [R=302,L]

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php56” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-ea-php56 .php .php5 .phtml
# php -- END cPanel-generated handler, do not edit

Open in new window

Thanks a lot
I need to redirect most links of my website, including the home page, to a domain with a different domain prefix. But I need to NOT redirect all links that include a specific directory following the domain in the URL. Here's what it looks like:

All links from "admin.domain.com" must redirect to "www.domain.com" EXCEPT for all links that begin with "admin.domain.com/administrator".

What is the htaccess code that will do this, assuming it can be done?


Free Tool: Path Explorer
LVL 12
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I just stood up a new Apache server on a Ubuntu 14.04 VM.   My consultant requested this.   I am trying to get SSL to work and I'm stuck.   the site works if I access over http:// however   Every time I access the URL with https:// I'm getting

This site can’t provide a secure connection
authorize.mpbio.com sent an invalid response.
Try running Network Diagnostics.

Here is the .conf file.   I'm lost on figuring out why it's not working.  

Any help is greatly appreciated.  I'm sure the solution is something simple.

Thanks in advance.  

<VirtualHost *:80>
        ServerName mysite.com
        ServerAlias server.mysite.com
        ServerAlias dev-app-2
        DocumentRoot /var/www/vhosts/xxxxx
        <Directory /var/www/vhosts/xxxxx>
                Options -Indexes +FollowSymLinks -MultiViews
                AllowOverride All
                #Order deny,allow
                #Allow from all
                Require all granted
        CustomLog /var/log/apache2/xxxxx.log combined
        ErrorLog /var/log/apache2/xxxxx-error.log
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
<VirtualHost *:443>
        ServerName mysite.com
        ServerAlias server.mysite.com
        ServerAlias dev-app-2
        DocumentRoot /var/www/vhosts/xxxxx
        SSLProtocol all -SSLv2 -SSLv3
        SSLEngine on
My web host is upgrading something so I have to redirect all my current Miva cart pages to new ShopSite URL's. I am trying to do that in my .htaccess file but the names of many of my products share similarities, as shown by the two examples below. What I have below always pulls up the first item in addition to pulling up the second item when I test the second redirect. How can I fix this?

RewriteCond %{QUERY_STRING} ^(.*)Product_Code=A363(.*)$ [NC]
RewriteRule .? https://shop.mysite.com/cgi-bin/sc/order.cgi?storeid=*14c90e&dbname=products&guid=da713abc-0c58-11e8-9836-002590155d56&function=add [QSD,L,R=301]

RewriteCond %{QUERY_STRING} ^(.*)Product_Code=A363DT(.*)$ [NC]
RewriteRule .? https://shop.mysite.com/cgi-bin/sc/order.cgi?storeid=*14c90&dbname=products&guid=da713abc-0c58-11e8-9836-002590155d56&function=add [QSD,L,R=301]

Open in new window

To completely prevent caching (storing it and using it), usually on the internet they are saying you have to use something like this in your .htaccess file:

<ifModule mod_headers.c>
     Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
     Header set Pragma "no-cache"
     Header set Expires "Wed, 11 Jan 1984 05:00:00 GMT"

Open in new window

I see this everywhere, but I don't understand it. What's the difference between the code above and this:

<ifModule mod_headers.c>
     Header set Cache-Control "no-cache, no-store"
     Header set Pragma "no-cache"

Open in new window

In my opinion you could use the last one. There is already "no-cache", so there will be anyway (re)validation. So "max-age=0", "must-revalidate", and "Expires" makes no sense to me?

So for what reason exactly people are adding those things to the .htaccess file?
I have a computer with Ubuntu installed and setup with Apache .  I have a domain name, and have pointed it to the IP address of the PC, which works, but I want it to go to a specific folder on the web server not the general folder, how can I do this.

Www.mydomain.com goes to but I want it to go to

My external IP address is obviously not

I am using sms panel to send OTP
but when I run my page in localhost
it show like this

Fatal error: Call to undefined function curl_init() in

i also  remove comment from ini file

but still it showing this fetal error
I am using Oracle 9i database and PHP(5.6.33) for an application.
Application is showing PHP extension issue "None of the supported PHP extensions (OCI8, PDO_OCI) are available".
But i have tried to download couple of php extension named as OCI8.dll and PDO_OCI.dll to my PHP configuration file, but
still error is not going.Please help me on so I can connect oracle database with PHP.
I am trying to configure an ubuntu (14.04 LTS) linux server with apparmor to protect the Apache2 web server, but I can't find any best practice or how-to guides for this specific purpose, only some basic guides for apparmor with the default profiles which do not include apache2 configuration. The ubuntu web server is running Apache2, Drupal 7, and MySQL. Is there a basic template for the AppArmor-Apache2 config that I should be implementing for basic security or is this something that has to be specific to the site?
I have an AWS EC2 instance running Amazon Linux running Wordpress MultiSite. I'd like the sites in the Network to be able to resolve to HTTPS.

What's the best way to install multiple SSL's on a single Wordpress Server? Is is possible to list multiple SSL's in the ssl.conf file?

Thanks for your help.
I need to have IIS on one server and Apache Tomcat on a separate server.   Can this happen?  I have seen many pieces of how to set them up on the same server.  I need to have the IIS server send requests to the Tomcat server and then have IIS serve the requests up from Tomcat.  How would one set this up?
Free Tool: SSL Checker
LVL 12
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.


We have an Apache webserver running Perl + Template Toolkit and a MySQL database for user access on a VM running Windows 2012 R2.

We have recently made some tweaks to the Perl code, nothing big, just a few edits and extra templates and some design changes (CSS etc). this was tested for several months on an identical dev server and we didn't see any issues.

We went live with the changes and everything was fine for about a week but now we are seeing an odd issue where the site hangs when navigating between pages then works fine for a bit and then hangs again. No pattern to this at all. Sometimes its fine for a few minutes, other times its seconds before it hangs again.

CPU usage is about 15%, Ram is at 80% but always as been as we only have 2GB on here. Neither of them peak or change when the browser hangs.

The issue we are seeing is if we browse the website using the local IP then we see this issue.

If we browse the site using localhost in the same browser (different tab) we never see this issue.

So we can be sat with the site hanging on the IP tab but still able to browse about in the other tab on localhost.

Our db is tiny (only about 200 users, the site isn't hugely busy and nothing else has changed.

Before we go rolling the system back, should we be looking anywhere in particular that could cause this disparity between browsing using the local IP and localhost?


Reset the IP stack, reinstalled VMtool drivers and reset up the …
After a security review of our new WordPress site it was pointed out that we're vulnerable to "External Service Redirecton - DNS". Specifically, if a URL is entered into the "Your Name" field of our Contact 7 Form then the testers have found that: "It was possible to induce the application to perform server-side DNS lookups of arbitrary domain names"

The suggested remedial action is to implement a whitelist of permitted services and hosts and to block interaction not on this whitelist.

I'm something of a newbie when it comes to this, and it occured to me (perhaps wrongly!) that there may be different whitelists; one for those who cannot enter the site, and a separate for sites to which our server is allowed to speak. Or does a whitelist imply both ways?

Anyway, all help on this gratefully received and I'm imagining this is something that's been done a zillion times before!

I'm using IIS and would prefer that answer, although Apache related help just as good because I've realised I can kind of 'translate' how to do it once I've got the idea.

Incidentally, we definitely want to avoid editing the Contact 7 form's code too much becasue this may be lost when we upgrade, even though I dare say this would fix the issue. Unfortunately the latest version has the same problem, although will let the Contact 7 team know to look into this. Would ideally like to use another form for data collection of this sort although i'm a part of a team that prevents this!

And so, in …
after I ran below, my owncloud become like this, any idea how to fix it ?

semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/data'
restorecon '/var/www/html/owncloud/data'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/config'
restorecon '/var/www/html/owncloud/config'
semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/html/owncloud/apps'
restorecon '/var/www/html/owncloud/apps'

setsebool -P httpd_unified 1
setsebool -P httpd_execmem 1

A ways back, I'd set up nameservers on my VPS (let's call them 'ns1.mydomain.com' and 'ns2.mydomain.com').  I host a couple of dozens websites on that VPS.

For all of my domains, on the domain registrar's site, I'd set the Nameservers for that domain to Custom Nameservers:  'ns1.mydomain.com' and 'ns2.mydomain.com'.

Recently, I had to ask my VPS provider to create a new server for me (let's call it 'newVPS'), leaving my previous VPS (let's call it 'oldVPS') active so I could migrate or re-create accounts and contents from the oldVPS to the newVPS.

Both the oldVPS and newVPS use WHM/CPanel admin interfaces.  
The oldVPS is setup as (cut and pasted from the WHM panel banner): 'CENTOS 6.9 i686 virtuozzo – oldvps  WHM 56.0 (build 52)'
The newVPS is setup as (cut and pasted from the WHM panel banner): 'CENTOS 7.4 virtuozzo [newvps]  v68.0.21'

My understanding (which is limited in these areas) is that the nameservers I setup on my VPS have to be associated with one of the domains I own/host on that VPS.

The nameservers which I had previously setup on oldVPS were associated with 'mydomain.com' one of the domains/accounts hosted on oldVPS.  

For simplicity, I'm thinking of creating new nameservers on newVPS and associate them with 'myotherdomain.com', another domain/account to be hosted on newVPS.

How do I create my new nameservers on newVPS, say 'ns1.myotherdomain.com' and 'ns2.myotherdomain.com', presumably from newVPS's WHM (I'm …
I have two servers right now that are set up on my local network.

I know using Apache on Ubuntu that I edit the /etc/hosts file to create hosts (i.e. phppatternsobjectsandpractice.local) - set it to, and I can visit it on my local computer.

I want to host intranet site on one of my servers, and allow people who are connected to my network to type in a site (phppatternsobjectsandpractice.localhost) and visit the site.

Do I edit the /etc/hosts file or do I set up Bind on my two servers?

Hello experts
Today i let my desktop install the latest updates and after that the apache server does not start.
I read about the port issues with skype and i uninstalled the app but the problem remains.
Any help to solve my problem?

software information:
Windows 10
Apache 2.4
error code 1

Thank you

Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.