I'm in the process of trying to pin down a couple errors I've been running into, and after installing and configuring SSL I have occasionally been receiving the following error:
View 2 RepliesWe are getting the below message produced in error.log when accessing from mobile application. Even I have updated apache from 2.4.9 to 2.4.10 also. Still facing the same error like below.
[Thu Jul 31 15:27:10.934564 2014] [ssl:error] [pid 12000:tid 6520] AH02032: Hostname teampark3.sogeti.com. provided via SNI and hostname teampark3.sogeti.com provided via HTTP are different
How to resolve the issue?
I have a script that makes a request via telnet and it worked on my old server, but not on the new one.. Heres what I'm doing
telnet localhost 80
GET /files/downloadFLV.php HTTP/1.1
Host: www.soybe.com
I get this back:
HTTP/1.1 404 Not Found
Date: Sun, 08 Jun 2008 06:34:25 GMT
Server: Apache
Last-Modified: Tue, 18 Mar 2008 06:52:59 GMT
I know that /files/downloadFLV.php does exist, so I'm thinking it could be an issue with the Host: part of it, any ideas?
the hostname is www.domain.com also in the serversettings of plesk. When we go to http://www.domain.com:8443 we become redirected to https://www:8443. The only way to connect to plesk is to use https the redirect from http doesnt work.
View 1 Replies View RelatedServer Version: Apache/2.2.22 (Unix)
On our production service, we've been getting numerous malformed POST requests to some of our CGI scripts that are showing up as 500 errors in our logs. They are malformed in the sense that the actual content length doesn't match the Content-Length specified in the request.
Here's the most trivial example I can come up with that reproduces the problem for us:
POST /some_valid_alias HTTP/1.1
Host: example.org
User-Agent: Arbitrary/1.0
Content-Type: multipart/form-data; boundary=---------------------------41184676334
Content-Length: 769
-----------------------------41184676334
In addition to the 500 error in the access log, we see the corresponding error in the error log:
(70014)End of file found: Error reading request entity data
Based on the nature of the POST request and the error response, it does appear that Apache is doing the right thing here.
The POST never actually makes it as far as the script being targeted (/some_valid_alias in the above example); in other words, Apache returns 500 to the client, writes the error to the error log and never executes the script.
Is there a way to capture/avoid internal Apache errors like 70014, and return some other HTTP status besides 500 (like 403)? It's particularly annoying in our case, because our server sends us an email for all 500 errors.
So far, our best "defense" against these 500 errors is to disallow POST for these aliases, which normally just ignore the POST data anyway (when the request is not malformed):
RewriteCond %{REQUEST_METHOD} ^POST$
RewriteRule ^/(some_valid_alias)(.*)$ $1$2 [R]
But this won't work for all our scripts, because in some cases we do want to permit POST.
Someone seems to be flooding our HTTP server somehow. We use the latest version of Apache on Windows.
Is there any Windows modules that can filter the total amount of IP connections, or something built into Windows that could filter this?
Suddenly on a particular website (possibly following an easyapache php minor version update) if I specify a folder rather than a specific file I get a 503 response.
If I do the same on https it's ok. But http always gets a 503.
If I specify a file it's fine, but the folder always hits a 503.
I have removed the htaccess file and php.ini to rule that out and indeed they weren't factors - it seems like it goes wrong before reading the htaccess file.
I have two domains that are sharing one IP address. One site is meissenation.com and the other is mifbody.com.
My httpd.conf file looks like this: ...
Does anyone know if there is an Apache directive where you can have Apache call a script on HTTP PUTs to a specific location and also for HTTP GETs?
View 0 Replies View RelatedI keep hearing that redirecting from http to https is not very secure [non-SSL to SSL]. Among other reasons, one reason is that the browser may continue to think it is communicating with non secure server and may not encrypt the data. Is it true? I hope not, I am using the following -
<VirtualHost 12.34.567.89:80>
ServerName www.mysite1234.com:80
Redirect / https://www.mysite1234.com/
</VirtualHost>
its possible to do a P2V migration of a Apache http server 2.2
Present environment:
Windows 2003
Apache http server 2.0.63
There are 2 webservers (running Apache) for load balancing. The backend server runs an application which uses an oracle database. Is a P2V migration of the web servers possible?
I made the idiotic move of not making a backup of the default configs and now I can't access my http website externally. ssl works fine, but I need http to work too.
View 3 Replies View RelatedI was trying to set up a JBoss cluster with apache httpd mod cluster in windows.I was able to start the apache using the command 'httpd. exe'. But when I tried to access it using localhost:6666/mod_cluster_manager , the page was not accessible.I have the entry 127.0.0.1 localhost in my hosts file.
The http.conf contains lines as given below:
# MOD_CLUSTER_ADDS
# Adjust to you hostname and subnet.
<IfModule manager_module>
Listen 127.0.0.1:6666
ManagerBalancerName mycluster
<VirtualHost 127.0.0.1:6666>
[code]....
I'm using a turnkey image for smallmachineforum system, installed on amazon aws instance.
In the default configuration I can't use the http version of the site, only the https.
It does not seem to be a network issue, a telnet on port 80 opens.
The server is apache version 2.2.22, on a Debian 3.2.57-3+deb7u2 x86_64
I am trying to find out if redirecting an https URL to an http URL will still provide the security of the original https? Should the page information for the redirected http page show it as being unencrypted or shouldn't it have the same encryption as the original https?
View 3 Replies View RelatedI installed apache, mysql, php on my windows vista laptop, and want to test http downloading. This means when selecting a file (for example, contact.php) from a page, and then click download, it will be downloaded to my desktop.
Do we need to install any other softwares to do that?
The problem is that HTTP file download speed is nearly 10 times lower than FTP download speed. What could be limiting it? It's about 7Mb for FTP and 70-100Kb for HTTP. Strangely, download speed is OK when browsing from the server itself (e.g. via RDP)
View 2 Replies View RelatedI have an Xitami server and am migrating to apache httpd. I have the regular server working fine. I tried configuring ssl, but no requests are coming through. I know 443 is open on the router because it works fine under Xitami. I checked the logs and it si starting fine. I am attaching my httpd.conf and the startup log. If I try to access the website using https, it just times out and nothing goes in the log file. I replaced my domain with domain.com. I have tried many different examples, but cannot get it to work and am not sure what to do.
View 5 Replies View RelatedI want to run an HTML webpage that accesses an MP3 resource that's also on my website. However, I only want the webpage to have access to the file and block access from those attempting to access the file directly. That leaves me with two options:
1. Block access through the Apache configuration so that only my Webserver can access the resource, or
2. Hide the URL in the code.
How I can go about doing this?
I have to create a structure in which there is a client, a server and an authentication authority.
The authentication authority verifies the identity of both the client and server before they can communicate, so that the client can access the content offered by the server. Everything must be made using HTTP with SSL (HTTPS).
For now I have installed xampp on my pc with ubuntu, I performed the initial configuration and was able to view a test page locally hosted by entering the URL of the virtual server "www.server.it" (added to the configuration of apache2).
I have a custom software that runs it's own webserver. I then found instructions on how to use apache2 as a proxy that will enable ssl for that site. (long story short, my custom software doesn't support ssl and it's not an option)
View 2 Replies View RelatedI recently got a SSL-certificate for my website. Now the old links to my website (using only http) doesnt work, the visitors just getting redirected to my index page. How can I change my .htaccess so both http and https works, but keep https as the preferred? Or even better, redirect old http links to https? I'm not using www.
My current .htaccess:
RewriteCond %{HTTPS} off
RewriteRule (.*) https ://%{HTTP_HOST}%{REQUEST_URI}
i want to redirect main domain http //, www request to https://
i added this code
RewriteCond %{HTTPS} off# First rewrite to HTTPS:# Don't put www. here. If it is already there it will be included, if not# the subsequent rule will catch it.RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]# Now, rewrite any request to the wrong domain to use www.RewriteCond %{HTTP_HOST} !^www.RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Apache2.4.6
apr-1.4.8
openssl-1.0.1c
arm-linux-gcc4.4.4
Recently I cross compiled Apache2.4.6 to run in my ARM cpu, and I found that http can work well if only it's own port such as 80 is listened, but if add one more port to be listened in conf file, http fails. That means http is good, but after https is on, http stop working and https is good. At the same time, I built the same apache2.4.6 in X86 gcc4.6.1, http and https can both work well. In addition, I also tried apache1.3.33 in the same ARM system, http and https can work well too. It seems like that in apache2.4.6, http can't work well if there is one more port listened in ARM system. Actually http port is listening and is established when using netstat to monitor it.
root@freescale /usr/local/apache/bin$ netstat -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 :::www :::* LISTEN
tcp 0 0 :::443 :::* LISTEN
tcp 0 0 (null):www (null):3705 ESTABLISHED
tcp 0 0 (null):443 (null):3720 ESTABLISHED
I am using an apache reverse proxy :
httpd -version
Server version: Apache/2.2.15 (Unix)
Server built: Oct 16 2014 14:48:21
In front of an internet liferay server, I m forcing https connexion and my reverse proxy is the SSL endpoint, and it is working fine.
But inside the liferay page there are "http" link to other webserver, and browser are refusing to load them because they are http and not https.
Is there a way in the reverse proxy to rewrite "on the fly" "http" link to "https" so that everything would be load on the browser ?
I was thinking mod_proxy_html but it doesn't seams to do what I want.
I want to rewrite my all site urls from http to https and also preserve URL canonicalation like all url redirected to http://www. How to achieve this goal?
View 1 Replies View RelatedI'm trying to set up password protection on an Apache HTTP server, and it's not working.
First, the environment: Apache 2.4.4 installed with XAMPP Control Panel 3.2.1 under Windows 7 Professional.
http.config says "AllowOverride All."
The .htaccess file in the protected directory says:
Code:
htpasswd -c .htpasswd samples
htpasswd prompted me for the password twice, and I entered it twice. When it quit I had a file named .htpasswd in the subsidy directory. I typed it and its contents looked correct according to the examples I've seen.
Then I restarted Apache and tried to load a page from the directory. The browser simply prompted me for the username and password over and over.
The Apache error log says, "AH01617: user samples: authentication failure for "/subsidy/filename.html": Password Mismatch."
I deleted the .htpasswd file and ran htpasswd again, specifying a different (very simple) password. I also confirmed that caps lock was not on both before and after. I restarted the server, tried to load a page, and got the same problem.
Apache seems to think I'm entering the wrong password, but that seems impossible when I've just defined it myself -- and I've tried twice, intentionally choosing a very simple password the second time. If the message means what it says, the cause must be something very different from the obvious one.
I have been trying to install apache server on a windows pc which will deliver adobe HDS content. there is a specific tutorial for this in the adobe site, can be found here. I have been following it to the word, but when I try to start apache after asking it to load new modules (mod_f4fhttp), it returns me an error saying that the file is not readable/not found. I have installed the proper visual c++ libraries and also checked the permissions and spellings. This seems to be a common error with php modules in apache, but none of the solutions seems to work.
View 1 Replies View RelatedI have installed Apache 2.2.22 in Windows Server 2008 R2 Operating System. I want to upload a file using HTTP put command to "uploadtest" folder of the server
1. I have configured "uploattest" folder to accept file without any authentication (Anonymous_NoUserID On)
<IfModule alias_module>
Alias uploadtest G:DataImportSvcUploadTest
</IfModule>
<Directory "G:DataImportSvcUploadTest">
<FilesMatch ".(enc|xml|zip)$">
[Code] ....
We are using .enc files so I allowed that file type
2. "uploadtest" folder has right permission to everybody.
3. We are using WindowsCE client to send file using HTTP put command . Use HttpOpenRequest to send files with lpszVerb = PUT
HINTERNET WINAPI HttpOpenRequest(
HINTERNET hConnect,
LPCTSTR lpszVerb,
LPCTSTR lpszObjectName,
LPCTSTR lpszVersion,
LPCTSTR lpszReferrer,
LPCTSTR* lplpszAcceptTypes,
DWORD dwFlags,
DWORD dwContext
);
4. We are getting error as "Method Not Allowed"
TTP/1.1 405 Method Not Allowed
Date: Thu, 18 Apr 2013 07:26:25 GMT
Server: Apache/2.2.22 (Win32) DAV/2
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 241
Content-Type: text/html; charset=iso-8859-1
5. I tried enable WebDav in Apache and tried with BitKinex WebDav client and still gives the same error
I just wondering PUT may be barred by any other allowed module. Please find the modules allowed.
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
[Code] .....
I'm running Apache 2.4.7 on a RHEL 6.4 server. I'm using the Oracle WebLogic Proxy Plugin ver 12.c to connect to a back end server.What's happening is that Apache answers URL.. and proxies the request via the WebLogic Proxy Plugin to internal.blah.com. Unfortunately, the downstream system encounters a problem and issues an http 302 redirect to internal.blah.com/whathappened. I would like to have Apache intercept this http 302 and redirect the client to URL...
View 1 Replies View Related