Apache Web Server

19K

Solutions

14K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm migrating my website to a secure server, but certain pages do not load.  Instead, the 404.htm page loads.  I don't understand why this is happening.  
For example if you navigate to https://secure.mauitradewinds.com/RezEasy/mobile/0001  you will see several files in that folder.  Clicking on any of them results in the 404 error.  This doesn't happen on the same site which is still hosted on our non-secure server at http://mauitradewinds.com/RezEasy/mobile/0001 .   I'd appreciate any insight about resolving this.
0
Get your problem seen by more experts
LVL 12
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

I hope you can help me with this

in my htaccess I add this rule RewriteRule ^pruebas/(.*).php$ /oculto/controladores/php/$1.php [L,NC,QSA]

This rule allow me to redirect this kind of url "http://grupossc.com/pruebas/the_test.php", this rule work without problems.

but when I try  to use for example that link with a php include statement like <?php include ("pruebas/the_test.php"); ?> to import a php file with some functions it doesnt work

What Im doing wrong??? it is possible to use a redirected url inside of a php include statement?
0
I can't figure out how to disable insecure cipher suites in openssl and Apache.

I've been messing around with the configuration and using ssllabs to test the results, but nothing I change seems to make any difference.
My current relevant item in the ssl.conf file are:
SSLProtocol all -SSLv2 -SSLv3 -TLSv1
SSLCipherSuite !aNULL:!MD5:!SEED:!IDEA:!RC4-MD5:!RC4-SHA:!ECDHE-RSA-RC4-SHA:HIGH

SSLabs reports among others, the following problem:
TLS_RSA_WITH_RC4_128_MD5 (0x4)   INSECURE
 
I found a site that converts RFC names to openssl names, and that's where I got the RC4-MD5... items. That protocol should be disabled by the !RC4-SHA directive but it's not.

As you can see I've asked apache not to accept TLSv1 and a couple of RSA ciphers.  I always restart the httpd service between tests, but I still get the same results.  I'm not sure what I'm missing.
0
I am moving a site to WooCommerce which uses different url's that my old Prestashop site.  I have found that the old url's are going to the home  page instead of showing a 404.  I need to remove whatever is going to the home page.  This is because I want to run xml-sitemaps.com to find the broken links.  However, they aren't showing up because they are going to the home page automatically.

This is the .htaccess in the public directory where wordpress resides

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Open in new window


Please tell me how to get these old links to show a 404.

Thanks,

Randal
0
this is make me crazy

check this link: http://www.gruposc.com/industrias/Aeroespacial-Defensa

I dont know why when you enter to any of my SEO links with "industrias/" you will redirected to "www.sancayetano.es" for example: http://www.sancayetano.es/industrias/Aeroespacial-Defensa

As far I do remeber I never add any redirection to that server,

In my htaccess this is the line that redirect my SEO links with "industrias/" to an internal page in my site: RewriteRule ^industrias/([a-zA-Z0-9-/?=&]*)$ /oculto/industria.php?rID=$1 [L]

Please help

Best regards.
0
I am attempting to enable HSTS on our local web server (running on Apache 2.4.16 - on Mac OS 10.10.5 Yosemite) along with disabling weak ciphers along with disabling SSL 2.0 and 3.0.  I've attempted to make use of guides provided by SSLShopper and Raymii to get this done. I feel like I'm pulling my hair out over something potentially simple but I've made the suggested additions to Apache config files (httpd.conf and ssl.conf). I've restarted Apache and every running subsequent checks via SSL Labs, etc. results in neither of these things being shown as accomplished.

Kinda inherited this server from a prior person who left zero documentation (which was originally on Windows Server 2008 R2 and was converted over to Mac OS Server). I'm not exactly well-versed in this sorta thing but I assumed I could follow the directions as stated :|

I'll include, for example, what's in the HTTPD-CONF file. Again, probably something really silly or simple I'm missing but I'm at a loss at this point:

#
# This is the main Apache HTTP server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see 
# 

Open in new window

0
This is a Heart Internet VPS.  

console is like this http://libguestfs.org/virt-rescue.1.html

this will be a gig unless an immediate easy answer is apparent, which I doubt, unless it's a resinstall without data loss, but I don't see that in the rescue console.

Centos 6 VPS Server down since 7am this morning. I have console access only , no server SSH and no WHM. So this is WHM/Cpanel.
I broke it by giving effect to this:

PHP Check
Check php version
Any version of PHP older than v5.6.* is now obsolete and should be considered a security threat. You should upgrade exclusively to PHP v5.6+:
Affected PHP versions:
5.4.45 (/opt/cpanel/ea-php54/root/usr/bin/php)
5.5.38 (/opt/cpanel/ea-php55/root/usr/bin/php)
Check php for disable_functions
You should consider disabling commonly abused php functions, e.g.:
disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open
Some client web scripts may break with some of these functions disabled, so you may have to remove them from this list:
Affected PHP versions:
/opt/cpanel/ea-php54/root/etc/php.ini (/opt/cpanel/ea-php54/root/usr/bin/php)
/opt/cpanel/ea-php55/root/etc/php.ini (/opt/cpanel/ea-php55/root/usr/bin/php)
/opt/cpanel/ea-php56/root/etc/php.ini (/opt/cpanel/ea-php56/root/usr/bin/php)
/opt/cpanel/ea-php72/root/etc/php.ini (/opt/cpanel/ea-php72/root/usr/bin/php)

WHM Settings Check
Check cPanelID for
0
I am trying to use SNMP to monitor some equipment made by Ubiquiti.
I have downloaded the MIB for their airmax radios.
I can run snmpget from a command line and retrieve the data correctly like this:

# snmpget -v1 -c xxxxxxxxxxxxxxxxxxxxxxx 192.168.130.144 UBNT-AirMAX-MIB::ubntRadioFreq.1 UBNT-AirMAX-MIB::ubntWlStatCcq.1
UBNT-MIB::ubntRadioFreq.1 = INTEGER: 5190
#

When I attempt to retrieve the same data withing PHP, no value is returned
excerpt:

<?php
$host="192.168.130.144";
$oid="UBNT-AirMAX-MIB::ubntRadioFreq.1";

$res=snmp2_get($host, $community, $oid);
if(is_array($res)) {
      print_r($res);
} else {
      echo("$res");
}
?>

There is no result returned. The Apache2 error log contains:
[Wed May 30 22:24:25.754967 2018] [:error] [pid 773] [client ::1:36908]
PHP Warning:  snmp2_get(): Invalid object identifier: UBNT-AirMAX-MIB::ubntRadioFreq.1 in /var/www/html/crmtest/snmptest.php on line 22

I can use snmp2_get() to retrieve the voltage of a battery bank at a solar site with the following:

<?php
$host = "192.168.130.140";
$oid="1.3.6.1.4.1.32050.2.1.27.5.12";

$res = snmp2_get("$host","$community","$oid") or die("didn't work");
if(is_array($res)) {
      echo"its an array ";
      print_r($res);
      echo"<BR>";
} else {
      echo "its not an array";
      echo("$res<br>");
}
?>
The result that I get from this is:
its not an array INTEGER: 2771

The difference is using a textual descriptor from the published MIB as opposed to the numeric OID.
The …
0
Hello, I am about to configure a backup server to my main hosting server.

The main server is a Centos LAMP gigabit server hosting many websites, they are enough now to allow me to afford a backup server.

So, I was wondering, is there a smart, fast way to keep two Centos 6 servers synchronized? I mean everything, from packets to settings and so on, not only website folders and databases.

Is there a way to automatize such a thing, or am I dreaming? Are there ways that almost get there, at least?

Thanks.
0
Hello

For some reasons I need to access https://api.postcodeapi.nu/ with http instead of https. I have created a reverse proxy in my Apache as following:

<VirtualHost 127.0.0.1:80>
ServerName api.postcodeapi.nu.local
SSLProxyEngine on
ProxyPass / https://api.postcodeapi.nu/
ProxyPassReverse / https://api.postcodeapi.nu/
</VirtualHost>

Open in new window


Added following line in /etc/hosts

127.0.0.1      api.postcodeapi.nu.local

Open in new window


and accessing with curl but get Bad gateway:

# curl http://api.postcodeapi.nu.local
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>502 Bad Gateway</title>
</head><body>
<h1>Bad Gateway</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />
</p>
</body></html>

Open in new window

0
Free Tool: SSL Checker
LVL 12
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

I am following the directions to retrieve my CSR key for my site certificate from a Linux box form the site below. After following the instructions, nothing happens and I do not get a private key. As you can see from the screenshot, I follow the instructions but it goes back to the root prompt.  

What am I doing wrong? Where does Linux store the key?

https://medium.com/@sslsecurity/how-to-generate-csr-certificate-signing-request-in-linux-ee4d9bc52837
Capture.PNG
0
CENTOS 6.5 Server running Apache 2.2.15

We are running a Secure Site on this server and thus have a SSL cert from GoDaddy. The Cert from Godaddy is current but recently the Server-Cert expired.

Followed the instructions here to generate a new Server-Cert
https://serverfault.com/questions/578069/ssl-library-error-8181-certificate-has-expired

Then here to generate a new CSR
https://tecadmin.net/simple-steps-to-generate-csr-on-centos/#
 

Then we went and Re-Keyed our SSL cert with Godaddy, plugged in the new cert details and restarted HTTPD.

When I run : nmap -sT xxxxx.xxxxxxx.com
Get this
Host is up (0.00044s latency).
Not shown: 993 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
80/tcp    open  http
111/tcp   open  rpcbind
3306/tcp  open  mysql
8443/tcp  open  https-alt
10000/tcp open  snet-sensor-mgmt

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds

It appears that it is not listening on 443. If I add a "Listen 443" directive to the HTTPD Conf though it resolves to the Centos Apache default screen versus the site root.

In the SSL_ERROR Log I am seeing the following
[Tue May 22 15:09:11 2018] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue May 22 15:09:11 2018] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue May 22 15:09:42 2018] [warn] RSA server certificate is a CA certificate
0
I had this question after viewing How Remove IP from IPset?.

How do I add a list of ip's to the ALLOW ipset?  Presently, they are in a text file single spaced separated by a return.  Here is a screenshot

https://gyazo.com/3ca73fc465513f6b9b09aa9104907d30

I have a similar list for ipv4's too.  Can both of them reside in the ALLOW subset?  If not, please tell me how to create one for ipv6.

Thanks,

Randal
0
I may want to give up/abandon a Domain Name that has old Nameserver names assigned to it.
How can I start with that domain (example.com) and find out:
1) What name servers EXIST (ns1.example.com etc)
2) Of these name servers, which ones are in use ... meaning, I want to know if I delete all name servers for this domain, and even give up the domain, what Websites might stop working
Any Mac, Linux, or online/server-side solution would be wonderful, though if you only have a Windows solution, I am sure I could find a Windows PC around here somewhere

Thx in advance all!

- B
0
I need to create an ipset for ipv6 I have it for ipv4 already.  I want to use ipdeny.com and insert specific country blocks into the ipset which is connected to the iptables.
0
Wordpress I moved my site from Xampp to IIS 10, currently running the server copy as a local version for test it, but my images are not loading. and when I login the redirect back to the page not working as well any idea how to fix this.
0
Dear All

Preventing DoS attack on our Apache Web server is the most difficult and challenging problems we have ever faced.  I looked at different solutions on the website, they are all recommending to use IPTable to block such attack.  But I have come to a conclusion that IPTables has nothing to do with that.  I have done a lot of configuration on IPTables and listened to many advanced but with no concrete result.

There must be another way to prevent DoS attack.  I don't know if Apache configuration can prevent such attach.

Basically, I am getting hundreds of connection from a specific IP address, which drained out the server memory and kills it.  The current situation we are doing is to block that IP range.  which is not a solution.

If you believe this issue can be resolved from Apache, please let me know how to tweak the setting.  
We are a university, the web server we have is mainly for displaying information.  

I would really appreciate any advice.

Thanks in advance
0
How to redirect all http traffic to https on Ubuntu running Apache2.
Here is my sites conf file and I am not able to drive the traffic to https.

<VIRTUALHOST *:80>
        ServerName OldDomian.com
        ServerAlias www.OldDomian.com
        Redirect /  https://www.NewDomain.com
       	ServerName NewDomain.com
        ServerAlias www.NewDomain.com
        Redirect /secure https://www.NewDomain.com

	
</VIRTUALHOST>
<VIRTUALHOST *:443>
    ServerAdmin webmaster@localhost
    ServerName www.NewDomain.com
    ServerAlias NewDomain.com
    DocumentRoot /var/www/www.NewDomain.com/web
    SSLEngine on    
    SSLCertificateFile /etc/apache2/cert/359dc02304e01eae.crt    
    SSLCertificateKeyFile /etc/apache2/cert/hp.key
    #SSLCertificateFile /etc/apache2/cert/gd_bundle-g2-g1.crt
    <DIRECTORY />
        Options FollowSymLinks
        AllowOverride All
    </DIRECTORY>
    <DIRECTORY /var/www/www.NewDomain.com/web>
        Options +FollowSymLinks
        AllowOverride All
        #AuthType Basic
        #AuthName "Restricted Content"
        #AuthUserFile /etc/apache2/.htpasswd
        #Require valid-user

        # <IfModule mod_rewrite.c>
        # RewriteEngine On
        # RewriteBase /
        # RewriteCond %{REQUEST_FILENAME} -f [OR]
        # RewriteCond %{REQUEST_FILENAME} -d
        # RewriteRule ^.*$ - [S=40]
        # RewriteRule (.*)/(.*)/$ /index.php?page=$1&id=$2 [QSA,L]
        # RewriteRule (.*)/$ /index.php?page=$1 [QSA,L]
        # </IfModule>
      

Open in new window

0
i have a Ubuntu apache2 web server with ssl certificate .Every time when i restart apache ask password.
I found a script and work well .

SSLPassPhraseDialog exec:/path/to/passphrase-script

#!/bin/sh
echo "mypassphrase here"

Now certificate is old and got new certificate with new challange passord. Can you please explain me what do i need to do?  can i change my script easly or i need a new script ? or can i add new password under old one  like:

#!/bin/sh
echo "mypassphrase here"
echo "myNEWpassphrase here"



Thank you
0
Cloud Class® Course: Microsoft Exchange Server
LVL 12
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

I have a ubuntu apache2 server .I would like to my website security ans ssl https certificate creating.

can i free ssl certicate install if yes how ?please explain me.

Thank you
0
I am trying to enable SSL on my Ubuntu server running Apache2, but when I restart the Apache2 service it crashes silently.

I have a cloned copy of the Ubuntu server in my Dev location and I was able to apply this without any issues.

I made, what I think is the correct edits to the /etc/apache2/sites-enable/site-name.com.conf file.
Can someone please shed some light on this for me.

<VIRTUALHOST *:443>
    ServerAdmin webmaster@localhost
    ServerName www.contoso.com
    ServerAlias  contoso.com
    DocumentRoot /var/www/www.contoso.com/web
    SSLEngine on    
    SSLCertificateFile /etc/apache2/cert/contoso.crt
    SSLCertificateKeyFile /etc/apache2/cert/contoso.key
    SSLCertificateFile /etc/apache2/cert/gd_bundle-g2-g1.crt
    <DIRECTORY />
        Options FollowSymLinks
        AllowOverride All
    </DIRECTORY>
    <DIRECTORY /var/www/www.contoso.com/web>
        Options +FollowSymLinks
        AllowOverride All
        #AuthType Basic
        #AuthName "Restricted Content"
        #AuthUserFile /etc/apache2/.htpasswd
        #Require valid-user

        # <IfModule mod_rewrite.c>
        # RewriteEngine On
        # RewriteBase /
        # RewriteCond %{REQUEST_FILENAME} -f [OR]
        # RewriteCond %{REQUEST_FILENAME} -d
        # RewriteRule ^.*$ - [S=40]
        # RewriteRule (.*)/(.*)/$ /index.php?page=$1&id=$2 [QSA,L]
        # RewriteRule (.*)/$ /index.php?page=$1 [QSA,L]
        # </IfModule>
        # php_value auto_prepend_file 

Open in new window

0
Hi, My SEO team is having me create directories for certain keywords, like /affordable-meal-delivery/, so that the URL is mywebpage.com/affordable-meal-delivery/

The only way I know to do this is to create the directory and then have an index.html inside the directory. But I don't like having so many pages called index.html, for one thing I am afraid of overwriting one to another.

This site is able to do it without an index.html: www.freshnlean.com/gluten-free-meal-delivery/  - if I add index.html to that, it goes to a page not found.

We are on an Apache server. So it looks to me like this:



But I have ten or so of those directories with an index.html in each. How can I do this without the index.html. Ideally, I would want the page inside the directory to be affordable-meal-delivery.html. Can I use an htaccess file to do this?

Thanks.
0
I have a Linux ubuntu  Apache/2.4.7, OpenSSL/1.0.1 Server.

My Wildcard certificate(comodo) is expired. We have a New Wildcard(with Password ) certificate.
 I copied all files from comodo  
certificate.cabundle,
certificate.crt and  
certkey.key to my certificates Folder /etc/apache2/allcertificates/.

Folder allcertificates has root permission :  root:root

i changed lines  under /etc/apache2/sites-enabled/default-ssl.conf

SSLEngine on

SSLCertificateFile               /etc/apache2/allcertificates/certificate.crt
SSLCertificateKeyFile        /etc/apache2/allcertificates/certkey.key
SSLCertificateChainFile    /etc/apache2/allcertificates/certificate.cabundle

when i restart or start Apache2   : /etc/init.d/apache2 restart     ,i got  error  and also certificate Password ask not. must be asking isnt it?

error log Apache:

 [ssl:emerg] [pid 138] AH02204: Init: Pass phrase incorrect for key of mydomain.com:443
 [ssl:emerg] [pid 138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
 [ssl:emerg] [pid 138] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[ssl:emerg] [pid 138] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[ssl:emerg] [pid 138] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
 [ssl:emerg] [pid 138] SSL Library Error: error:04093004:rsa …
0
I have a Ubuntu apache2 server .I bought a ssl wildcard certificate from online .They send my new certificates zip format.
I have CERT.CABUNDLE and CERTIFICATE.CRT files in this zip.

before i used selfsigned certificate on my apache server.

please can you explain ,how can i install these new certificates on my apache server ?

Thanks
0
HI,

I have created a php script for individuals to add a url to their calendar application such as outlook/ google calendar.


 I have validated the output on https://icalendar.org/ and get a header warning about the content type being text/html

Validator

Problem is when i add
           header('Content-Type: text/calendar; charset=utf-8');
	//		header('Content-Disposition: inline; filename=calendar.ics');

Open in new window


i get

chrome -> ERR_INVALID_RESPONSE
firefox -> file not found
ie -> i get a download prompt that could not be downloaded if save is clicked

if i add the URL to outlook it throws an invalid url error

Not sure whats going on here because i had it working last night


i am using plesk on my centos 7 server
0

Apache Web Server

19K

Solutions

14K

Contributors

The Apache HTTP Server is a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Typically Apache is run on a Unix-like operating system, but it is available for a wide variety of operating systems, including Linux, Novell NetWare, Mac OS-X and Windows. Released under the Apache License, Apache is open-source software.