Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

Whenever I make javascript changes people have to clear their cache etc. for the changes to properly take effect (most times for some people) . Is there a way I can perform a refresh on the web hosts side as I obviously can't email everyone telling them they need to clear their cache whenever I make a critical change.
Cloud Class® Course: Microsoft Exchange Server
LVL 12
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

I am trying to force https with my .htaccess file but when I do, the layout breaks and I get 404 errors in console for pretty much everything from css files to js files etc. I am using a MVC structure.

In my config file I have:

define('URLROOT', 'https://mysite.com');

Open in new window

In my header all my css files are called like this:

<link href="<?php echo URLROOT; ?>/css/style.css" rel="stylesheet">

Open in new window

My .htaccess looks like:

<IfModule mod_rewrite.c>
 RewriteEngine on
 RewriteCond %{HTTPS} off
 RewriteRule ^(.*)$ https://mysite.com [L,R=301]
 RewriteRule ^$ public/ [L]
 RewriteRule (.*) public/$1 [L]

Open in new window

I am trying to reverse engineer someone else's Apache web server configuration setup.      

There are two RHEL 6 servers running 2.2 Apache web services.   Apache is being used to front-end a JAVA tomcat application.
On one server, the Apache log files are owned by the tomcat user.  
On the second server, the logs are owned by root.    

By corporate standards, the designated Apache log directory only allows 2 GB worth of data.   We exceed that on a regular basis and must route the logs to a subdirectory of the application and allow that application's log maintenance system to periodically archive the files.   However, the root owned log file permissions do not allow the tomcat user to perform cleanup maintenance.   Making the tomcat user the log owner resolves that problem.

ps aux show that both servers run apache using the apache user.    

I've looked in httpd.conf (and secondary files included by it)  and logrotate.d and cannot find a config file entry which explains the difference in log owner.   Can someone point me to a likely suspect?   The tomcat application's documentation does not address this problem.

Thank you.
We are attempting to install an SSL certificate on a website which already has a sub-domain attached to it. So this is the picture:

The website has been installed on product.domain.com and we have an SSL certificate already installed on that domain URL. The Wordpress site is set to force SSL and it works fine. No problem. If someone types in https://product.domain.com the site comes up fine - all good. If someone types product.domain.com the site comes up perfectly with https://product.domain.com.

If someone types www.product.domain.com without the http or https,  the site works fine - it strips the www and reverts to https://product.domain.com so this is all OK.

However, if someone actually types the full thing - as https://www.product.domain.com the site does not strip the https:// or the www so the browser displays a security exception as if the site was not covered by an SSL certificate.

I've tried various configurations in the .htaccess file but nothing I do seems to work.

Any help with this sincerely appreciated.

I have a new installation of woo commerce and I have noticed the urls are inconsistent regarding my products on the site.  Some urls are showing the product id and others aren't.  My preference is to not show the id.

https://www.theherbsplace.com/product/sf_p_1458/[code] - With id


Open in new window

- Without id

It seems when the id is in the url it goes to a category page first rather than the single product page.

I have tried changing the perma-links to something else then saving them.  Then immediately putting them back to their original setting and save again but there was no change.

Please show me how to get the product url's consistent with no id on them.
I am trying to access an rss feed (https://www.thedailymash.co.uk/rss.xml) using file_get_contents() but it keeps returning false with the error

Unable to find the socket transport &quot;ssl&quot;

I have openssl enabled because in php.ini I have uncommented the line

From phpinfo
Apache Version      Apache/2.4.25 (Win32) PHP/7.2.8 OpenSSL/1.0.2k
SERVER_SOFTWARE      Apache/2.4.25 (Win32) PHP/7.2.8 OpenSSL/1.0.2k

On a machine running an apache server with php, not wamp or xampp or damp or mamp or camp, just apache, php and mysql.
I am trying to trace down a segfault error using SAR on a Linux 2 Apache Amazon instance.  I have SAR installed and can see when the memory spikes but how can I find out in the log files what process is causing the memory spike?

Here is what I am seeing using SAR


I just need to know what process is causing the memory to increase.  Normally memory usage is in the 40% area.

I want to install Fail2Ban on an Apache 2.4 Linux 2 machine.  As a Linux 2 user I can't download the epel repository according to Amazon engineers.

Consequently, I used wget and now have fail2ban-0.8.14 directory in my /etc folder.  I need to install fail2ban but the normal install commands aren't working.  I tried apt-get and it isn't on my server.  So how do I install fail2ban?

I have a script that reads the access_log files and counts how many times an ip has accessed the site.  This works great and helps me to find bots I want to remove.  My question is, how do I get the access files and error log files to look the same?

I use a vhosts.conf file and in one of the virtual directories we have the following:

        ServerName www.theherbsplace.com
        ServerAlias theherbsplace.com
        DocumentRoot /data/web/theherbsplace.com

        ErrorLog /data/log/php_errors_thp.log
        CustomLog /data/log/access_thp.log combined

        RewriteEngine On

<Directory /data/web/theherbsplace.com/>
     Require all granted

Open in new window

When I add the word combined to the error log format line I get the following error:

AH00526: Syntax error on line 7 of /etc/httpd/conf.d/vhosts.conf:
ErrorLog takes one argument, The filename of the error log

Open in new window

The format of the access_log is the one I want the errors log to follow.

So, how can I get the log format the same on both?  This is because it gives me the information I need and also will permit the script to read the error logs too.

I am on an Amazon Linux 2 AMI running Apache 2 and I need a software solution for security.  I have been told mod_security isn't a good choice.  So does anyone have experience with the AWS Waf?  If so, what rules are you using?

Or, do you have another idea altogether?

On my previous instance I used fail2ban but I found the bots could outsmart fail2ban so hopefully someone will have a better choice.

Let me clarify my biggest  problems are postfix issues, stopping ddos, bots running up and down my site stealing bandwidth, clicking on every link and having numerous disk i/o's which I have to pay for.

By the way, I am not interested in using another AMI due to the complexity of my existing AMI.
Get expert help—faster!
LVL 12
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

I have installed apache tomcat 7.0.90 on my windows 8 64bit system. This is how I have configured my tomcat-users.xml -

<?xml version='1.0' encoding='utf-8'?>
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements.  See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License.  You may obtain a copy of the License at


  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  See the License for the specific language governing permissions and
  limitations under the License.
  NOTE:  By default, no user is included in the "manager-gui" role required
  to operate the "/manager/html" web application.  If you wish to use this app,
  you must define such a user - the username and password are arbitrary. It is
  strongly recommended that you do NOT use one of the users in the commented out
  section below since they are intended for use with the examples web
  NOTE:  The sample user and role entries below are intended for use with the
  examples web application. They 

Open in new window

I need to upload a Wordpress theme and I am getting the message that I am exceeding the max_filesize.  I have change php.in, restarted Apache and still I get the same error.

These are the settings I have changed:

file_uploads = On

Open in new window

Please tell me what to fix.



I want to use imagemagick on the cloud, i have a Bluehost account that says it's available https://my.bluehost.com/hosting/help/imagemagick

I have very limited experience in unix (or whatever the operating system is?) and I'm unable even to find out how to get to a command line to test this.

This question is just to get me kicked in the right direction, so any of the following would be a good start:
1. getting onto a command line and verifying the statements form the link above
2. creating a simple script file that i can run on the server somehow
3. a dummies summary of how imagemagick could work on bluehost

Attached screenshot of some of the bluehost advanced options.


Related question resolved:

I would like to request an assistant.

I would like to make a redirect using .htaccess .

The condition that i would like to combined are as follows :

1. redirect any access from /supporttickets.php to https://support.domain.com

2. redirect any access from  /submitticket.php to  https://support.domain.com/Tickets/Submit

3. redirect any access from   /contact.php to https://www.domain.com/contact.php

4. redirect any access to "billing" folder to https://billing.domain.com

5. IGNORE all above rules if the access file are "fpx_indirectcallback.php" or "fpx_directcallback.php"

Appreciates anybody assistant on this issue.
I have a curl error 77
Update Failed: Download failed. cURL error 77: error setting certificate verify locations: CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none

Open in new window

whenever I try to update my plugins in wordpress.

The site is www.thefrugallife.com

I have an Apache 2.4 instance running Linux 2 from Amazon.

I have recently moved the site and switched it to https.  My site certificate is showing it gets a B on SSL Labs using ipv4.

I can't update anything on the site till this error goes away.  Please let me know how to get rid of that error.

I designed an API that looks like this:

http://mysite.com/subfolder/api.php?resource=items&action=getAll   (get all items)
http://mysite.com/subfolder/api.php?resource=items&action=getById&id=1234   (get item by id)

Open in new window


Open in new window

Desired Re-Write


Open in new window

Is this impossible because they use the same names???

I have no experience using re-write with Apache.

Thanks for looking.
Hello i'm configuring the Owncloud X Appliance and have some questions that i can't find answer

1- It’s now accesible from the web by here
but user can still access this page
Is there a way to deny access to this page https://owncloud.domain/univention/portal/#category=software and just have access to https://owncloud.domain/ownCloud

2- How can i change owncloud url to : https://owncloud.domain/ instead of https://owncloud.domain/ownCloud
i found this link https://doc.owncloud.org/server/10.0/admin_manual/installation/changing_the_web_route.html but it don't seem to be relate to the appliance

3- If i want to increase space on the appliance once ive add more space on my lun what other step i need to do

Thanks for helping me !
I need to disable the POODLE vulnerability.  I have Centos 7.5 and
OpenSSL 1.0.2k-fips  26 Jan 2017

Open in new window

and I have ran yum update openssl and nothing qualifies.  I added the line
SSLProtocol All -SSLv2 -SSLv3

Open in new window


Open in new window

- I then restarted httpd.

Yet when I run my cert against https://www.ssllabs.com free ssl checker I still show a POODLE vulnerability.

Please tell me how to get rid of this vulnerability.

I'm migrating my website to a secure server, and there is an issue with a page which isn't loading all the content.  Google Chrome Developer Console reports an "uncaught DOMException".  I'm not a programmer, and don't know how to interpret or correct this.  I've uploaded a screen shot.

The website is under development on a server which is not open to the public.  If you are sufficiently interested in visiting the page in question, the Windows hosts file would need to be modified by adding "  mauitradewinds.com www.mauitradewinds.com secure.mauitradewinds.com   m.mauitradewinds.com".  In that case, the page with the issue could be visited at https://mauitradewinds.com/RezEasy/mobile/0001/cl0001.html    Otherwise, perhaps the screen shot is adequate for you to provide some guidance for me.  Thank you. Screenshot of DOMException error
Get your problem seen by more experts
LVL 12
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

I am managing  a very old XAMPP installation (1.7.3) which has been absolutely rock-solid for years.  Now, unfortunately, the company that provides a payment gateway that the system has been connecting to has decided to upgrade from TLS1.0 to TLS1.2 (for obvious reasons).  The version of PHP running on the install is 5.3.1 which comes with CURL 7.19.6

This version of CURL does not support TLS 1.2 encryption, the earliest version that does is CURL 7.34.0

As a quick fix, I've tried to upgrade the PHP installation to the latest one (7.26 I think) however, both methods I've tried result in Apache failing to restart - does anyone have any suggestions as to how I can upgrade the CURL or PHP?  Failing that, is there any alternative to CURL which will encrypt the data correctly, i.e. to TLS1.2 standard.

The XAMPP is running on Windows 7 64 bit
Dear Experts

We are using nextcloud which is on ubuntu 16.04 with php, mysql and apache until now we were using within the local network but now there is a requirement to enable this to external network that is from internet hence would like to procure ssl certificate and install the same,
1.  can you please suggest the good source to purchase the ssl certificates
2. at present users are using this solution  by installing the ssl certificates will it have any impact of not functioning or breaking down the system please suggest.
3. can you please help me how to install the ssl certificate in this server instance
This is to migrate the existing SuSE Linux Enterprise server 11 (think with SP1) to another newly-setup SuSE Linux Enterprise 11 with SP4. This existing server is hosting apache, and supporting an oracle via PHP. The main thing is, we also have to configure the new SuSE to have PHP supporting Oracle with the following working descriptions from the application owner as follows,

           - Apache connecting to PHP accessing a Oracle table through Oracle instant client

with this requirement:
1)      the PHP has to be compiled to enable Oracle instant client
2)      apache has to have the connector configured (not shown here ) and recompiled

So far, on this new SuSE, a apache and associated modules were installed. When typing "rpm -qa |grep apache", the results shows,


How should we proceed from here?

thanks in advance.
Running WampServer 2.2 on a Windows 7 platform, a problem has developed.  I am unable to start the WampApache service.  There are Event Viewer errors specifying a syntax error at the line which designates the documentroot, and the statement "DocumentRoot must be a directory".  The document root IS a directory, and I have not changed hppd.conf for many years.  WampServer worked fine until just now.  I experimented with the syntax, even changing the DocumentRoot to "C:\", and got the same errors.  I am inexperienced with this application, and would appreciate suggestions.
Hello Fellow Experts,

I'm trying to get PHP PDO to work with an MS SQL database.  PHP returns a "driver not found" error. I've tried copying the "sqlSvr" driver files to the extensions folder and editing the ini file as suggested by various forums and tutorial, but the error still shows up.  

This needs to be done both on my local Windows Xampp (PHP v5.6) installation and on the remote Linux server (PHP v5.3).  Niether works, what am I possibly missing?

Also, where do the extensions go on the Linux server? Can I just create an "ext" folder in the remote server's "root" folder?  The folder structure looks different on the remote server; there isn't an "ext" folder like in my Xampp environment.

I'm troubleshooting a site which resides on a secure server, not available to the public.   It would be helpful if my browser could access the cgi-bin directory, but this is apparently forbidden by default on an Apache server.  Is there a client-side solution to allow browser access, such as htaccess?  If so, could you provide code?

Apache Web Server





The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.