The purpose is to skip asking certificates with any browser that is not running on Windows NT. It works as expected with the android browser on the tablet, but there is a strange side-effect when I use a Windows client as following lines start to appear into the ssl-error.log
AH02261: Re-negotiation handshake failed: Not accepted by client!?
Any clue what is the problem? How should I do this?
I just started using lighttpd for download purpose.
I limited the number of connection per ip to 5 using mod_evasive .
When a user is downloading with a download manager the number of connection is reached to its maximum. I was wondering if there is a way to allow that same user to be able have 1 additional connection when an index.php is requested . That is, if the user is trying to view an index.php file it would ignore the rule evasive.max-conns-per-ip = 5 .
Each user have their download dir located on [url] in that same dir contains an index.php which contains login tab and integrated directory listing .
On our production service, we've been getting numerous malformed POST requests to some of our CGI scripts that are showing up as 500 errors in our logs. They are malformed in the sense that the actual content length doesn't match the Content-Length specified in the request.
Here's the most trivial example I can come up with that reproduces the problem for us:
In addition to the 500 error in the access log, we see the corresponding error in the error log:
(70014)End of file found: Error reading request entity data
Based on the nature of the POST request and the error response, it does appear that Apache is doing the right thing here.
The POST never actually makes it as far as the script being targeted (/some_valid_alias in the above example); in other words, Apache returns 500 to the client, writes the error to the error log and never executes the script.
Is there a way to capture/avoid internal Apache errors like 70014, and return some other HTTP status besides 500 (like 403)? It's particularly annoying in our case, because our server sends us an email for all 500 errors.
So far, our best "defense" against these 500 errors is to disallow POST for these aliases, which normally just ignore the POST data anyway (when the request is not malformed):
I am having an issue where I have a server that Directadmin is installed on. I go to the a url that is on the server and all i see is the default page of apache saying congrats, it is installed. Although there is no file like that in the public_html any longer and I can see my files in the public_html folder of that specific site.
I'm building a new server for a predominantly php5/mysql5 website and was wondering which version of apache to put on. I know there are some issues with PHP and Apache in MPM, but what's the performance comparison between Apache 1.3 and Apache 2 Prefork?
I am trying to install dedicated web server on my Slackware 12.0.0 machine. I am a novice in Linux, but succeeded in MySQL & proFTPd installation. The problem now in httpd compiling.
I downloaded the latest Apache 2.2.9, but it needs Apache Portable Runtime 1.3.2 installed. I downloaded 1.3.2 version and run ./configure
1. checking size of size_t... 4 2. checking which format to use for apr_size_t... %u 3. checking size of off_t... 4 4. checking for mmap64... yes 5. checking for sendfile64... yes 6. checking for sendfilev64... no 7. checking for mkstemp64... yes 8. checking for readdir64_r... yes 9. checking which type to use for apr_off_t... off64_t 10. checking whether ino_t and unsigned long are the same... yes 11. configure: using unsigned long for ino_t 12. checking size of pid_t... 4 13. checking whether byte ordering is bigendian... no 14. checking size of struct iovec... 8 15. checking for strnicmp... no 16. checking for strncasecmp... yes 17. checking for stricmp... no 18. checking for strcasecmp... yes 19. checking for strdup... yes 20. checking for strstr... yes 21. checking for memchr... yes 22. checking for strtoll... yes 23. 24. Checking for DSO... 25. checking for dlopen... no 26. checking for dlopen in -ldl... yes 27. adding "-ldl" to LIBS 28. checking for dlsym... yes 29. 30. Checking for Processes... 31. checking for waitpid... yes 32. checking for Variable Length Arrays... yes 33. checking struct rlimit... yes 34. 35. Checking for Locking... 36. checking for semget... yes 37. checking for semctl... yes 38. checking for flock... yes 39. checking for semaphore.h... (cached) yes 40. checking OS.h usability... no 41. checking OS.h presence... no 42. checking for OS.h... no 43. checking for library containing sem_open... none required 44. checking for sem_close... yes 45. checking for sem_unlink... yes 46. checking for sem_post... yes 47. checking for sem_wait... yes 48. checking for create_sem... no 49. checking for working sem_open... yes 50. checking for union semun in sys/sem.h... no 51. checking for LOCK_EX in sys/file.h... yes 52. checking for F_SETLK in fcntl.h... yes 53. checking for SEM_UNDO in sys/sem.h... yes 54. checking for POLLIN in poll.h sys/poll.h... yes 55. checking for PTHREAD_PROCESS_SHARED in pthread.h... yes 56. checking for pthread_mutexattr_setpshared... yes 57. checking for working PROCESS_SHARED locks... yes 58. checking for robust cross-process mutex support... yes 59. decision on apr_lock implementation method... SysV IPC semget() 60. checking if all interprocess locks affect threads... no 61. checking if POSIX sems affect threads in the same process... no 62. checking if SysV sems affect threads in the same process... no 63. checking if fcntl locks affect threads in the same process... no 64. checking if flock locks affect threads in the same process... no 65. checking for entropy source... /dev/urandom 66. 67. Checking for File Info Support... 68. checking for struct stat.st_blocks... yes 69. checking for struct stat.st_atimensec... no 70. checking for struct stat.st_ctimensec... no 71. checking for struct stat.st_mtimensec... no 72. checking for struct stat.st_atim.tv_nsec... yes 73. checking for struct stat.st_ctim.tv_nsec... yes 74. checking for struct stat.st_mtim.tv_nsec... yes 75. checking for struct stat.st_atime_n... no 76. checking for struct stat.st_ctime_n... no 77. checking for struct stat.st_mtime_n... no 78. checking for inode member of struct dirent... d_fileno 79. checking for file type member of struct dirent... d_type 80. 81. Checking for OS UUID Support... 82. checking uuid.h usability... no 83. checking uuid.h presence... no 84. checking for uuid.h... no 85. checking uuid/uuid.h usability... yes 86. checking uuid/uuid.h presence... yes 87. checking for uuid/uuid.h... yes 88. checking for library containing uuid_create... no 89. checking for library containing uuid_generate... -luuid 90. checking for uuid_create... no 91. checking for uuid_generate... yes 92. checking for os uuid usability... yes 93. 94. Checking for Time Support... 95. checking for struct tm.tm_gmtoff... yes 96. checking for struct tm.__tm_gmtoff... no 97. 98. Checking for Networking support... 99. checking for type in_addr... yes 100. checking if fd == socket on this platform... yes 101. checking style of gethostbyname_r routine... glibc2 102. checking 3rd argument to the gethostbyname_r routines... char 103. checking style of getservbyname_r routine... glibc2 104. checking if TCP_NODELAY setting is inherited from listening sockets... yes 105. checking if O_NONBLOCK setting is inherited from listening sockets... no 106. checking whether TCP_NODELAY and TCP_CORK can both be enabled... yes 107. checking for TCP_CORK in netinet/tcp.h... yes 108. checking for TCP_NOPUSH in netinet/tcp.h... no 109. checking for SO_ACCEPTFILTER in sys/socket.h... no 110. checking whether SCTP is supported... no 111. checking for struct ip_mreq... yes 112. checking for set_h_errno... no 113. 114. Checking for IPv6 Networking support... 115. checking for library containing getaddrinfo... none required 116. checking for library containing gai_strerror... none required 117. checking for library containing getnameinfo... none required 118. checking for gai_strerror... yes 119. checking for working getaddrinfo... yes 120. checking for negative error codes for getaddrinfo... yes 121. checking for working getnameinfo... yes 122. checking for sockaddr_in6... yes 123. checking for sockaddr_storage... yes 124. checking for working AI_ADDRCONFIG... yes 125. checking if APR supports IPv6... yes 126. checking langinfo.h usability... yes 127. checking langinfo.h presence... yes 128. checking for langinfo.h... yes 129. checking for nl_langinfo... yes 130. 131. Restore user-defined environment settings... 132. restoring CPPFLAGS to "" 133. setting EXTRA_CPPFLAGS to "-DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE" 134. restoring CFLAGS to "" 135. setting EXTRA_CFLAGS to "-g -O2 -pthread" 136. restoring LDFLAGS to "" 137. setting EXTRA_LDFLAGS to "" 138. restoring LIBS to "" 139. setting EXTRA_LIBS to "-luuid -lrt -lcrypt -lpthread -ldl" 140. restoring INCLUDES to "" 141. setting EXTRA_INCLUDES to "" 142. configure: creating ./config.status 143. config.status: creating Makefile 144. config.status: creating include/apr.h 145. config.status: creating build/apr_rules.mk 146. config.status: creating build/pkg/pkginfo 147. config.status: creating apr--config 148. config.status: WARNING: 'apr-config.in' seems to ignore the --datarootdir setting 149. config.status: creating apr.pc 150. config.status: creating test/Makefile 151. config.status: creating test/internal/Makefile 152. config.status: creating include/arch/unix/apr_private.h 153. config.status: executing default commands 154. config.status: include/apr.h is unchanged 155. config.status: include/arch/unix/apr_private.h is unchanged
After that I am trying make and have error at the end:
In the middle of recompiling apache (via whm) after upgrading postgresql to 8.3, apache went down and remains down even after restart. Recompile is still in progress (about 15 minutes in)
tail -f /usr/local/apache/logs/error_log [Wed Nov 12 15:24:44 2008] [warn] No JkShmFile defined in httpd.conf. Using default /usr/local/apache/logs/jk-runtime-status [Wed Nov 12 15:24:44 2008] [notice] ModSecurity for Apache/2.5.7 (http://www.modsecurity.org/) configured. [Wed Nov 12 15:24:46 2008] [warn] No JkShmFile defined in httpd.conf. Using default /usr/local/apache/logs/jk-runtime-status [Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive [Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive [Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive [Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive [Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive [Wed Nov 12 15:24:46 2008] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/188.8.131.5235 mod_jk/1.2.25 PHP/5.2.6 configured -- resuming normal operations [Wed Nov 12 15:24:46 2008] [alert] Child 22588 returned a Fatal error... Apache is exiting! httpd configtest Syntax OK ps -ef | grep ^httpd (no result) Cpanel/Centos
if you were to be presented with a choice to run Apache 1 or Apache 2 given you'd have more or less the same support requests etc, and the same underlying user requirements to implement either one or the other, which one would you choose and why?
I noticed that Hsphere Parallels control panel 3.2 release as may well other control panels, offers such possibility. Personally I've been educated from senior members of previous organizations to appreciate Apache 1 as the defacto version of the web hosting industry (choice here being apache 1 and 2, not IIS or any other web servers) Could you kindly simply attempt to enlighten me given, indeed support for both will/might remain the same in the future?
I am facing while upgrading the current Apache version 2.2.11 to Apache 2.4.4. IIS 7.5 on Windows Web Server 2008 R2 is not redirecting requests to the Apache 2.4.4 which is on Windows Server 2003 R2. I checked the access and error logs of Apache 2.4.4 and there is no entry. The existing 2.2.11 is working completely fine with IIS 7.5. IIS is working as a load balancer in my environment, takes the https requests and forwards that to Apache, then it goes to the App servers. Here, self signed certificate is used between the Load balancer and the Web server.
I have followed exact same configuration as it was used in Apache 2.2.11 but installed it with a different port (444), later changed it to 443 before running Apache 2.4.4 as a service, turning off the Apache 2.2.11 service. And also, my Apache 2.4.4 is working completely fine when I access it through the Web Server level URL (through the server machine name). But it throws me an error 502 when I hit the Load Balancer level URL. Here is the complete error:
"502 - Web server received an invalid response while acting as a gateway or proxy server. There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy)contacted the upstream content server, it received an invalid response from the content server."
how I can solve the issue? I am stuck with this portion for about 2 weeks now, it's really urgent to get it solved!
My observation that came through lots of trial and error, I believe that this has something to do with Windows registry!! I came to this conclusion as I uninstalled the existing Apache 2.2.11 and installed it back again, it throws me the same error that I am getting for Apache 2.4.4. Then, I matched it with the other web server, found out some differences in the registry created for 2.2.11 and changed in this one accordingly- now 2.2.11 worked fine in this web server.
I currently have a dedicated server running centOS5 and webmin. With help of folks here
I was able to bind additional IP numbers using webmin.
I have a small problem now. The idea of binding the IPs was so that I could create "true port 80" shoutcast connections on the new IP numbers. However, when I try this I am taken to the control panel home page (home page to that server). The config on the shoutcast server is set properly (using proper IP #) as I have been able to listen to a stream using the new ip number's (higher ports), but not the main IP number.
My questions, I hope, are simple.
1. Am I able to use these additional IP numbers for Shoutcast Port 80 (true port 80 - only one per IP #)?
2. If yes, do I have to make Apache use ONLY my main IP number, thereby releasing the others for Port 80 use? If so, how do I do this.
i am using 2.0.63 version and already having high load issue becoz of apache so should i have to upgrade to new version 2.2.11 ? is new versin liter as compared 2.0.63 please suggest what should i do know i am running a forum on the server.
configuring servers but have a very big website I want to put a new box I'm building, but am not sure if I should install Apache 1.3.xx or 2.xx. I see a TON of web hosts still use Apache 1.3.xx, but it seems that most books now a days say to install Apache 2.xx.
what is the best, most secure, and fastest Apache version right now?
I have Apache 1.x installed on my server. I don't know why. I like to always use the newest and most up to date version for my site. I know the 1.x series is still being updated, but what's the difference between 1.x and 2.x and 2.2.x?
I think I may want to use 2.2.x but don't want to use compatibility etc.
My sites only use 301 redirects, modrewrite, and http hosts [url]to [url]-
Just took control of a fresh server which has been setup with Apache/2.0.63 with red hat and cpanel. Is there any reason not to use apache 2.2.10? I have a feeling when i question the version they will say its the most stable version they are happy with. What would be the benefits/negatives for the current version?
form last three days my server stopped responding and after restarting everything becomes normal. I am using Plesk 8.4. I found the following SSL error in /var/log/httpd/error_log
[root@kkj1 conf.d]# tail -f /var/log/httpd/error_log [Mon Aug 11 15:18:35 2008] [warn] Init: SSL server IP/port conflict: doamin.com:443 (/var/www/vhosts/doamin.com/conf/httpd.include:12) vs doamin1.com:443 (/var/www/vhosts/domain1.com/conf/httpd.include:12) [Mon Aug 11 15:18:35 2008] [warn] Init: SSL server IP/port conflict: default-79-125-179-18:443 (/etc/httpd/conf.d/zz010_psa_httpd.conf:84) vs. domain1.com:443 (/var/www/vhosts/domain1.com/conf/httpd.include:12) [Mon Aug 11 15:18:35 2008] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL! [Mon Aug 11 15:18:35 2008] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
I am unable to understand this problem. Because of this error server suddenly stopped working (Even I cannot ping to the server) and if i stopped Apachi everything becomes normal.