Apache :: Allow Access From Webserver - Block From HTTP
Mar 13, 2015
I want to run an HTML webpage that accesses an MP3 resource that's also on my website. However, I only want the webpage to have access to the file and block access from those attempting to access the file directly. That leaves me with two options:
1. Block access through the Apache configuration so that only my Webserver can access the resource, or
2. Hide the URL in the code.
How I can go about doing this?
View 1 Replies
ADVERTISEMENT
Sep 30, 2014
I made the idiotic move of not making a backup of the default configs and now I can't access my http website externally. ssl works fine, but I need http to work too.
View 3 Replies
View Related
Jun 19, 2013
I'm currently struggling with an issue on our Apache 2.2.24 home-rolled installation on an OEL 6.2 x64 linux server that front-ends for a Glassfish cluster via proxypass.The httpd.conf manages 4 virtual hosts with each virtual host entry rewriting to HTTPS.
Anyone trying to access the HTTP address redirects to HTTPS just fine.The issue is that anyone using the HTTPS address gets redirected to the Document Root defined in Apache instead of being proxypassed to Glassfish.
I had set up a dummy DocumentRoot with a simple index.html meta redirect and what happens is that anyone directly accessing HTTPS will hit the index.html file which redirects to the the https site. At this point it simply loops to infinity.
View 1 Replies
View Related
May 19, 2009
I have an Ubuntu server and have installed AMP. The server is behind a router (2wire).
I have a static IP address which i use for the webserver. I have enabled the router firewall to allow all the typical webserver ports. When I am on the network (in the vicinity of the network) i am able to connect wirelessly to the server via ssh and also access the domains via my web browser.
But when i connect to the net via another router I am unable to gain ssh access or access the websites from a browser.
When i initiate a connection with putty all i get is a black screen and when i connect to the website i get
Quote:
The operation timed out when attempting to contact www.globalexpatservices.com.
View 3 Replies
View Related
Jun 24, 2007
I want to block all http requests coming to my website via proxy. Is there any way/script to achieve this on the server?
View 5 Replies
View Related
Sep 12, 2013
I moved a tomatocart website with its database, www-root. + keeping all its file and folder permissions.The username on the new server is the same, same id same name same permissions ect. The database name is the same the passwords are the same, location of www-root server same.
The website works it fetches and stores in the mysql database.At the old server with the same tomatocart website you could browse to example domain. ex/1-catagory-bananas and you would see a nice grid of bananas you can order. But there is no folder 1-catagory-bananas on the old or new server you just stay on the index.php but the url goes exampledomain.ex/1-catagory-bananas and the viewed website reloads
On the new server with the same URL i get a "NOT FOUND /1-catagory-bananas ect."so the website works perfeclty on the new server?
View 1 Replies
View Related
Dec 2, 2013
production looking to use latest version of apache from apache lounge:
Apache 2.4.7 Win64
Which version of PHP is recommend?
Which version of WinCache is recommended?
Which version of mysql is recommended?
I've looked into WinCache how to install it and hook it up to php, but i'm guessing you add the extensions in the php.ini?
View 5 Replies
View Related
Jun 11, 2007
I have a series of web services that are exposed to the world via IIS. The problem is I only want users to have HTTPS access to these.
At the moment everything is working fine, however users can access services via HTTP (port 80) and HTTPS (port 443). Using the IIS manager I have attempted to remove port 80, however it will not allow me to do this.
So the question is, how can I close of HTTP access within IIS?
View 5 Replies
View Related
Mar 10, 2008
I've setup a dedicated server that is currently running with a domain bound to it. However this time I want to setup a centos 5.1 + latest apache 2 + bind 9 server that can only be connected to by IP address and doesn't have a domain name. So what do I need to modify in the below files to do so:
First of all will I even need bind at all? I already have it setup and (mis-)configured but I guess if I don't need it I can just take if off of autostart and stop the process "named".
Named.conf
options {
pid-file "/var/named/chroot/var/run/named/named.pid";
directory "/var/named/chroot/var/named";
query-source address * port 53;
allow-query { any; };
allow-transfer { };
recursion no;
notify no;
version "unknown";
};
logging {
category default { null; };
};
zone "server.domain.com" { type master; file "server.domain.com.db"; };
I don't even want the zone have domain.com in its name but that's just there so I could show you how I'd include server.domain.com.db.
server.domain.com.db
$TTL 14400
@ IN SOA ns1.domain.com. root.server.domain.com. (
2007052503
14400
3600
1209600
86400 )
server.domain.com. 14400 IN NS ns1.domain.com.
server.domain.com. 14400 IN NS ns2.domain.com.
localhost 14400 IN A 127.0.0.1
www 14400 IN A 78.129.174.164
I'm not sure what to do about those references to domain.com here, they shouldn't be needed but without them I don't know what to put here. ^^
Obviously I can't use those nameservers...
resolv.conf
nameserver 127.0.0.1
nameserver 78.129.143.155
nameserver 87.117.198.200
nameserver 87.117.196.200
The only thing missing from this file is "search domain.com" at the top, is that needed even though I won't really have any domains used by this server?
/etc/hosts:
# Do not remove the following line, or various programs
# that require network functionality will fail ....
View 7 Replies
View Related
May 15, 2008
I have been searching for a non web UK proxy. I need to view UK search results and ads
Should I just use ssh tunneling? If so any suggestions on a cheap UK shell account?
View 4 Replies
View Related
May 1, 2014
On a webserver (apache, mysql, php), which values comes to your mind can have bigges impact on a website load time?
we talking about webserver which host like 100 websites, mostly a classic wordpress blog.
I have keep alive turned on. Now i want to do some test playing with various values of apache, php...
View 8 Replies
View Related
Oct 16, 2009
Exist a domain (domain.fm), this domain receives constant DDoS attacks and the webmaster of domain.fm has pointed the domain to my server and the DDOS attack has been redirected to me.
Is it possible to block this domain?
I noticed that the webmaster of domain.fm only points the domain to
my server when attacked.
Yesterday my apache has been down for several hours.
I would like to block access to my servers from the domain domain.fm
View 6 Replies
View Related
Jul 1, 2007
I recently looked at my secure and mesaages log and have been getting a lot of failed SSH root login attempts. So I thought I better do something about it.
Ideally I want to allow SSH login from just 3 remote public IP's, and block all others from even trying
How would you go about implementing this?
I have tried using IPTables, but I think im getting the rule wrong somewhere.
Here is what I have:
Code:
## Access to SSH from Pre-approved IP Addresses ONLY ##
iptables -I INPUT 1 -p tcp --dport 22 -s 123.123.123.123 -j ACCEPT
iptables -I INPUT 2 -p tcp --dport 22 -s 123.123.123.124 -j ACCEPT
iptables -I INPUT 3 -p tcp --dport 22 -s 123.123.123.125 -j ACCEPT
iptables -I INPUT 4 -p tcp --dport 22 -s 0.0.0.0 -j DROP
However this still lets me login from IPs not in the list above?
View 8 Replies
View Related
Jun 2, 2008
if it is possible to block external access to Cpanel through port 2082?
View 7 Replies
View Related
Oct 21, 2014
I've seen a number of exploit attemps on the default website which I believe has come via direct access via ip address i.e http://xxx.xxx.xxx.xxx.I have tried to block with .htacess but it seems to be being ignore (possibly by parallels or nginx configuration).how I can block access to the default site to all but 127.0.0.1, server external ip and my ip?
View 19 Replies
View Related
Nov 15, 2013
Server Version: Apache/2.2.22 (Unix)
On our production service, we've been getting numerous malformed POST requests to some of our CGI scripts that are showing up as 500 errors in our logs. They are malformed in the sense that the actual content length doesn't match the Content-Length specified in the request.
Here's the most trivial example I can come up with that reproduces the problem for us:
POST /some_valid_alias HTTP/1.1
Host: example.org
User-Agent: Arbitrary/1.0
Content-Type: multipart/form-data; boundary=---------------------------41184676334
Content-Length: 769
-----------------------------41184676334
In addition to the 500 error in the access log, we see the corresponding error in the error log:
(70014)End of file found: Error reading request entity data
Based on the nature of the POST request and the error response, it does appear that Apache is doing the right thing here.
The POST never actually makes it as far as the script being targeted (/some_valid_alias in the above example); in other words, Apache returns 500 to the client, writes the error to the error log and never executes the script.
Is there a way to capture/avoid internal Apache errors like 70014, and return some other HTTP status besides 500 (like 403)? It's particularly annoying in our case, because our server sends us an email for all 500 errors.
So far, our best "defense" against these 500 errors is to disallow POST for these aliases, which normally just ignore the POST data anyway (when the request is not malformed):
RewriteCond %{REQUEST_METHOD} ^POST$
RewriteRule ^/(some_valid_alias)(.*)$ $1$2 [R]
But this won't work for all our scripts, because in some cases we do want to permit POST.
View 2 Replies
View Related
Aug 15, 2007
Someone seems to be flooding our HTTP server somehow. We use the latest version of Apache on Windows.
Is there any Windows modules that can filter the total amount of IP connections, or something built into Windows that could filter this?
View 2 Replies
View Related
Jan 6, 2015
I'm in the process of trying to pin down a couple errors I've been running into, and after installing and configuring SSL I have occasionally been receiving the following error:
View 2 Replies
View Related
Oct 9, 2012
Suddenly on a particular website (possibly following an easyapache php minor version update) if I specify a folder rather than a specific file I get a 503 response.
If I do the same on https it's ok. But http always gets a 503.
If I specify a file it's fine, but the folder always hits a 503.
I have removed the htaccess file and php.ini to rule that out and indeed they weren't factors - it seems like it goes wrong before reading the htaccess file.
View 3 Replies
View Related
Aug 7, 2008
I have two domains that are sharing one IP address. One site is meissenation.com and the other is mifbody.com.
My httpd.conf file looks like this: ...
View 2 Replies
View Related
Mar 3, 2007
Does anyone know if there is an Apache directive where you can have Apache call a script on HTTP PUTs to a specific location and also for HTTP GETs?
View 0 Replies
View Related
May 4, 2015
I keep hearing that redirecting from http to https is not very secure [non-SSL to SSL]. Among other reasons, one reason is that the browser may continue to think it is communicating with non secure server and may not encrypt the data. Is it true? I hope not, I am using the following -
<VirtualHost 12.34.567.89:80>
ServerName www.mysite1234.com:80
Redirect / https://www.mysite1234.com/
</VirtualHost>
View 1 Replies
View Related
Jun 27, 2013
its possible to do a P2V migration of a Apache http server 2.2
Present environment:
Windows 2003
Apache http server 2.0.63
There are 2 webservers (running Apache) for load balancing. The backend server runs an application which uses an oracle database. Is a P2V migration of the web servers possible?
View 2 Replies
View Related
Aug 30, 2013
I was trying to set up a JBoss cluster with apache httpd mod cluster in windows.I was able to start the apache using the command 'httpd. exe'. But when I tried to access it using localhost:6666/mod_cluster_manager , the page was not accessible.I have the entry 127.0.0.1 localhost in my hosts file.
The http.conf contains lines as given below:
# MOD_CLUSTER_ADDS
# Adjust to you hostname and subnet.
<IfModule manager_module>
Listen 127.0.0.1:6666
ManagerBalancerName mycluster
<VirtualHost 127.0.0.1:6666>
[code]....
View 2 Replies
View Related
Mar 3, 2015
I'm using a turnkey image for smallmachineforum system, installed on amazon aws instance.
In the default configuration I can't use the http version of the site, only the https.
It does not seem to be a network issue, a telnet on port 80 opens.
The server is apache version 2.2.22, on a Debian 3.2.57-3+deb7u2 x86_64
View 2 Replies
View Related
Aug 17, 2013
I am trying to find out if redirecting an https URL to an http URL will still provide the security of the original https? Should the page information for the redirected http page show it as being unencrypted or shouldn't it have the same encryption as the original https?
View 3 Replies
View Related
Jun 28, 2015
I have a regular visitor from 1999521.videos-for-your-business.com/ and I am aware this is spam from semalt.com, the trouble is I have tried blocking this but it keeps coming back the number 1999521 changes frequently
I have the following in my htaccess file
## STOP REFERRER SPAM
RewriteCond %{HTTP_REFERER} semalt.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-offer.com [NC,OR]
RewriteCond %{HTTP_REFERER} videos-for-your-business.com [NC,OR]
RewriteCond %{HTTP_REFERER} semaltmedia.com [NC,OR]
RewriteCond %{HTTP_REFERER} best-seo-solution.com
RewriteRule .* - [F]
View 3 Replies
View Related
Sep 22, 2009
I installed apache, mysql, php on my windows vista laptop, and want to test http downloading. This means when selecting a file (for example, contact.php) from a page, and then click download, it will be downloaded to my desktop.
Do we need to install any other softwares to do that?
View 10 Replies
View Related