Apache :: Does Virtualhost Environment Lower Web Or Server Security
Oct 11, 2012Does the apache virtualhost environment lower the web or apache server's security? virtualhost has no security issues.
View 3 Replies
ADVERTISEMENT
Security In Shared Hosting Environment
May 26, 2009I am in a shared hosting environment. Their php's setting does not have open_basedir set and safe_mode is off.
I was poking around their server and noticed that using some simple system() calls within a php script, I was able to access /etc/passwd and therefore access all their client's public_html.
I am currently calling them to let them know of the vulnerability. But out of curiosity, is it normal that I can read all the other site hosted? They do have config files with mysql pasword in it.
Configuring Apache Virtualhost SSL
Dec 10, 2013I am really having trouble getting a virtualhost to work for an SSL certificate.. my browser just will not load the page..I have tried several different articles on how to setup a virtualhost and none of them seem to work.
My ssl.conf [URL] .....
*Note: I did purchase an SSL certificate - it is not self signed.
Apache :: How To Perform Redirect Within VirtualHost
Oct 8, 2013What is the proper syntax to perform a redirect within the <VirtualHost:443> section of the httpd.conf file?
The issue is: I have an existing login URL path that has changed slightly. As an example, let's say the old URL is:
"https://www.something.net/item1/item2/login.jsp" but now there's a "new" name for 'item2'.
I only want a user to be automatically redirected to the "new" path, but is ONLY triggered when the "old" login URL path is entered and nothing else.
Apache :: VirtualHost - Configure Subdomains?
Jan 14, 2013I have substituted the domain names and DocumentRoot folders for generic titles, so I will refer to those where applicable in the thread as well.
Here is my httpd-vhosts.conf:
<VirtualHost *:80>
DocumentRoot "C:WebServerwww"
</VirtualHost>
<VirtualHost *:80>
[Code] ....
Apache :: Wordpress Redirect Breaks Virtualhost
Feb 9, 2014Running Apache 2.2.22 on Ubuntu 12.04...Here's (in addition to default) my papertower config in sites-available: URL....
When I restart, I get this message: [URL] ....
I'm coming from Apache on Windows and trying to set up the same workflow I had there. Basically, if I placed a folder in /www/papertower/ it would become accessible via directoryname.papertower.dev after adding the host.
I'm having a strange issue getting it going again. Oddly, when I didn't have the wordpress config set up properly and went to site.papertower.dev, it would give me the "failed to connect to database" message. This made me happy, as it meant it was pointing at the right folder. Once I fixed the database config file, however, and go to site.papertower.dev, it thinks for a moment, then goes to www.site.papertower.dev and gives me a "Oops! Google Chrome could not find www.site.papertower.dev".
I double-checked that all the appropriate mods were enabled (especially rewrite), but that hasn't made a difference.
Apache Virtualhost Order Deny - Allow Works Only On Localhost
Jun 17, 2013I have vhost setup for test of a new website. I want to allow access on the localhost, and, from one IP from the Internet (redacted). Apache serves the site just fine on the server but I can't access the site from my the "xxx...." IP.
I'm using a physical path to test from the public IP as follows:
xxx.xxx.xxx.xxx/~user/test/index.html
Apache :: Virtualhost Order Deny Allow Works Only On Localhost
Jun 17, 2013I have vhost setup for test of a new website. I want to allow access on the localhost, and, from one IP from the Internet (redacted). Apache serves the site just fine on the server but I can't access the site from my the "xxx...." IP.
I'm using a physical path to test from the public IP as follows:
Quote:
http://xxx.xxx.xxx.xxx/~user/test/index.html
Apache v2.2
RHEL6
UserDir configured/running
SuExec configured/running
Below is the relevant vhost block in httpd.conf:
Code:
<VirtualHost *:80>
ServerName test
ServerAlias test
DocumentRoot /home/user/public_html/test
<IfModule mod_fcgid.c>
[Code] .....
I don't have a FQDN as yet, so I just made a entry in /etc/hosts as follows:
Code:
127.0.0.1 test
Here is an excerpt from the Apache error log:
Quote:
[Mon Jun 17 12:02:16 2013] [error] [client xxx.xxx.xxx.xxx] client denied by server configuration: /home/user/public_html/test/index.html
I've checked the firewall and the /etc/hosts.allow- that's not it. I've read the Apache docs and in the vhost block Allow should be evaluated last, and apparently is matching localhost but is not matching my IP.
Apache :: How To Log Environment Variables
Jun 19, 2013Apache (2.2) logs. How can i log the environment variables? (pls do not send me link to manpages - i have it - at least not at this point).I added in apache.conf to the LogFormat combined line for test purposes one environment variable which is valid for sure....
View 1 Replies View RelatedLower CPU Mhz In WHM, Server Information
Jan 31, 2008I was checking my server information today on WHM panel and this is what I saw:
Processor #1 Vendor: GenuineIntel
Processor #1 Name: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
Processor #1 speed: 1596.000 MHz
Processor #1 cache size: 4096 KB
Processor #2 Vendor: GenuineIntel
Processor #2 Name: Intel(R) Core(TM)2 CPU 6700 @ 2.66GHz
Processor #2 speed: 2660.000 MHz
Processor #2 cache size: 4096 KB
Why is the Processor #1 speed labeled as 1.6 ghz? Processor #2 speed never goes down no matter how high the load is. Could it be the reason that my server can't handle 4 websites with a cumulative total of 20k unique hits per day?
Apache :: Adding Variables To Environment
Nov 25, 2014I was trying to get the OCI8 and PDO_OCI extensions of PHP to work with Apache 2.4 and one of the things that needed to be done was to add a couple of variables to the Apache environment, but when I added these:
ORACLE_HOME="/some/path"
LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$ORACLE_HOME/lib"
Apache took ORACLE_HOME fine, but LD_LIBRARY_PATH never took the values of the variables, I had to put the absolute value of them in order for it to take it.
How I can get Apache to take variables?
This is on Linux.
How To Lower High Server Load
Feb 13, 2008When i check the server status is shows a high server load.
How do I lower the server load? it looks like for mysql activity.
Apache :: How To Access Linux Environment Variables
Mar 7, 2014I am developing a php web application using Apache on CentOS6. I have set a custom environment variable in CentOS on command line by using: export test_var=3
View 1 Replies View RelatedToo Many DNS (Domain Name Server) Requests. How To Make It Lower ?
May 8, 2007I host my DNS with DNSmadeeasy.com , I noticed that I have daily more than 350.000 DNS requests for main domain, This domains got about 80.000 uniqes/day, so this is strange how can there be 350.000 DNS requests/day. Seems that I'll go over the quota because of this.
The TTL for all domains is set to 86400.
Is there a way to discover how its possible ? And also is there a way to do something to make this number lower (DNS requests)
Your Server Environment
Mar 30, 2008what others are doing within their hosting environment in which they are providing servers to their customers, either dedicated or shared. Do you build custom servers, use desktops or buy name brand like Dell, HP or IBM. I am curious as to why you take what approach you do. How large is your environment as far as servers go and how many customers you have.
Secondly are you currently taking advantage of virtualization technologies within your server environment. If so for what main purpose? Consolidation of server sprawl, availability, reduced hardware costs, heating/cooling, floor space, etc.
Virtualized Windows Environment On Linux Server
May 7, 2008i have a high end linux server, low load. i'm looking for ideas as to how i can get a windows 2003 machine hosted up onto it (i have a license already) on one of the machine's dedicated IPs, and set it up to host ASP based websites with MS access (have the license already too). Any tutorials or suggestions how this can be set up?
View 3 Replies View RelatedApache Log 404-security
Feb 19, 2008I have a freshly installed Redhat Enterprise 5 box running Apache/MySQL/PHP. Currently it is only hosting the Red Hat default server page and I've noticed a few strange entries in the apache log file. For example there is this:
xx.xxx.xxx.x - - [17/Feb/2008:16:25:37 -0500] "GET xxxx://xxx.xxxx***********/xxx.php xxxx/1.1" 404 289 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
I edited out the IP and domain but neither belong to me. Do I have a security problem here with my server?
Lower Ttl On Domain
Feb 14, 2009I'm hosting some domains on a whm setup. One of the domains has outgrown the shared hosting setup, so I'm moving it to it's own vps. I want to limit the downtime, and I understand I should lower the TTL on the domain.
The registrar is Network Solutions and the nameservers are pointing to the shared host (which is on a whm/cpanel setup). How can I lower the ttl on this domain? Do I have to move the domain to a more advanced DNS service to achieve this, or is this something I can do within whm?
Lower Nfs Resources
Feb 23, 2008I don't mind have nfs running, but how do I keep it running at the lowest as possible... seems like it's hogging up all my usage/cpu's...
View 2 Replies View RelatedGood Rules For Mod Security / Apache 2.2x
Dec 31, 2007Anyone can give me good rules for apache 2.2.6 / Cpanel , i'm new with this, i've use Apache 1.3.x before.
View 0 Replies View RelatedApache Mod_rewrite Security Exploit
Feb 11, 2007One of my servers is running Apache 1.3.34 (Unix), and I recently noticed that there was a rather large mod_rewrite security exploit found:
[url]
I can't seem to figure out if this affects me with the version I am running? Can anyone help me out on this to determine if I need to upgrade or if I am already patched up?
Lower MySQL CPU Usage
Aug 14, 2008I'm having a problem with high MySQL CPU usage on my server, one of my sites is getting hit pretty hard right now and MySQL is just killing the box. Its averaging a load of over 20, CPU usage is around 130%.
here is my my.cnf file. is there anything in their that should be changed to help lower the CPU usage?
# The MySQL server
[mysqld]
port= 3306
socket= /var/lib/mysql/mysql.sock
skip-locking
key_buffer = 256M
max_allowed_packet = 1M
table_cache = 512
max_connections=500
sort_buffer_size = 2M
read_buffer_size = 2M
read_rnd_buffer_size = 8M
myisam_sort_buffer_size = 64M
thread_cache_size = 8
query_cache_size = 32M
# Try number of CPU's*2 for thread_concurrency
thread_concurrency = 2
[mysqldump]
quick
max_allowed_packet = 16M
[mysql]
no-auto-rehash
# Remove the next comment character if you are not familiar with SQL
#safe-updates
[isamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M
[myisamchk]
key_buffer = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
Server Specs.
Pentium E 2.0Ghz
2GB ram
2x 320GB hard drives.
Cent OS 5
Cpanel
Will RAM Lower Load During Backups
Jun 18, 2007On a Cpanel server, lightly loaded, but some fairly large sites (~3GB stored) loads get pretty high during CP backups (D/W/M to secondary drive, compression on). It looks like RAM is showing mostly used during this time (977,555 out of 1,026,348), and iowait is ~50, sometimes quite a bit higher at ~80 on the larger accounts. Not pegged at that amount, but fairly steady. This box only has 1GB RAM, so I'm thinking adding another Gig would alleviate this issue.
OS: CentOS 4.x
Hardware: Intel P4 3.6HT/1024MB/2x160GB
Price Of Dedicated Lower Than Colocated
Jun 27, 2009I'm gathering info for getting a new dedicated server, planning on using my own colocated hardware, but still looking at what's available in dedicated servers at the same time.
There are lot's of dedicated servers being offered at prices lower than 1U colocated rackspace. How's that possible, what am I missing?
SSH Unzip Command Changes Files To Lower Case
Oct 4, 2008I have a small issue that's probably easy to answer. If I upload a zip file to a Linux server, and run this command via SSH:
Code:
unzip -a name_of_zip.zip
Although it does unzip the directories as expected, it makes all file names and folders lowercase. This is a problem when trying to install software that relies on case sensitive names.
Does anyone know what command tells the server to retain the file names and not alter them?
Apache :: Security Challenge - Rejecting Specific Requests Without Blocking IP
Jan 21, 2014I have been trying to solve a big problem for the last 2 weeks with one of our servers.
The client using our system (web based w/ apache and php) is a contact center firm. They have about 120 operators, all connect to our websever with the same IP.
We have been suffering DoS attacks from some of these operators. This are simple, browser attacks , namely 5 or 10 operators will just hold F5 key and bombard the server with requests when they shouldnt.
We did manage to produce a php protection which will recognize the multiple requests and blacklist the user, but its "too late" because the request have already been sent and processed by the webserver.
We use the user ID in the system to control who should be blacklisted, so this is all dependent on our own authentication.
Ideally, we need something EXACTLY like mod_evasive, but for rejecting single requests instead of blocking the IP. Exemplifying : if a user calls the same url, 5 times, in a 3 second spawn, we will reject every next request for 30 seconds, but only the requests by that user.
If the webserver can make any use of it, the user id is stored in a cookie.
Virtualhost
Jan 10, 2007Virtualhosts have got me stuck, I was wondering if someone could help me out.
It seems as though no matter what I try, even though I've read over 3 tutorials I can't get virtualhosts working properly.
Basically I have the
documentroot set to /var/www/html/
I'd like to create a virtualhost (I guess name based?) which has a document root of
/var/www/userdata/
Something like this is what I'm trying to accomplish:
Code:
<VirtualHost data.jcink.com:80>
ServerAdmin bleh@bleh.net
DocumentRoot /var/www/html/userdata
ServerName data.jcink.com
</VirtualHost>
So when someone goes to data.jcink.com it loads up /userdata/. And have all the other subdomains on my site continue to stay where they are.
But every time I try to do anything like that, it doesnt work. All I'm looking for is the proper code to put in the config to get it done, and if that's possible...
VirtualHost
Mar 1, 2007I'm trying to configure name-based virtual hosting, and I'm SO close, but I've got a question...
First off, here is the relevant info from httpd.conf
Code:
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/thatscri/public_html
ServerName thatscriptguy.com
<Directory "/home/thatscri/public_html">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/thatscri/public_html
ServerName www.thatscriptguy.com
<Directory "/home/thatscri/public_html">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/home/billiards/public_html"
ServerName www.billiardstalk.com
<Directory "/home/billiards/public_html">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot "/home/billiards/public_html"
ServerName billiardstalk.com
<Directory "/home/billiards/public_html">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
1. Does that look alright? Is there anything in there that should be changed up any?
2. The only way that I could get the websites to work with www and without www was to add two virtualhosts for each site. Is there a way around this?
Virtualhost On FTP
Nov 10, 2007I'm trying to configure my ftp server (lateste proftpd) and I am stucked on virtualhosts.
I'd like to have two different domains have each their own anonymous access, but I only have one IP on my server.
As you might know, ftp does not handle the HOST field in its header as the HTTP protocol does... so I just can't seem to get it work out... I tried adding an alias IP to my main interface, it works great of course but only when I connect from my server to my server...
Currently working on debian ETCH with latest bind, mysql, proftpd and apache2
USA To Europe :: Latency Ping Time :: Lower Than 100ms
Mar 9, 2008to buy a good dedicated server to serve my clients here. So im looking from advices on a good hosting company USA based.
But i have been ping several major hosting USA company (like, mediatemple, theplanet, etc...) and i still didnīt get a Ping under 130ms.
If i ping a good EU company i get 60 to 90ms.
I know that the distance is bigger but,
Does anyone knows any good USA hosting company with a Ping to Europe lower than 100ms?
My budjet goes up to 800 $/moth