I have a custom software that runs it's own webserver. I then found instructions on how to use apache2 as a proxy that will enable ssl for that site. (long story short, my custom software doesn't support ssl and it's not an option)
My Linux Server's Http Daemon (Apache) would stop serving websites ever so often, as soon as apache is restarted the error fixes iteself only to resurface within few hours.
The apache process would still be running i.e. apache does not die but no websites hosted on my server would be accessible from browser. And when this happens the apache logs do not log any http requests.
Instead when this happens all http requests to my server would be redirected to some weird Trojan website and my Norton Antivirus would show an Alert/Warning, for example; "Browser exploit at www.xxx.xxx was blocked" Risk Name: MSIE WebViewFolderIcon ActiveX Control BO
or another error like; "Auto-Protect has detected Trojan.Fakeavalert".
At first i thought the problem could be with my Laptop/ISP so i logged on to the server via SSH and opened try to open a website using command line "lynx mywebsite.com" and it shows following error; "Alert!: HTTP/1.0 503 Service Unavailable".
Now if i assume my laptop were to be infected, then as soon as i restart my apache and visit mywebsite.com eveything returns to normal with no such warnings. Why do i see those norton error messages only when apache is down with 503, and when apache is down with 503 how come the http requests always get redirected to some suspicious websites and nothing gets logged in apache error log?
I think my server is being attacked causing http to get unresponsive and thereafter http requests to my server are redirected to some malicious website, is this correct?
Also, i suspect this is a php script exploit as some customers have reported that google have blocked their website due to security reasons, i found <iframe> tage inserted in some php pages which i fixed.
Also, another thinh i noticed; when apache responds with the 503 it is referencing PHP 5.1.4 in the header response:
[root@]# curl -I xxx.xxx.xxx.xxx (my server ip) HTTP/1.0 503 Service Unavailable Server: Apache X-Powered-By: PHP/5.1.4 Retry-After: 20
I am running PHP 4.3.9m why does apache responds with PHP 5.1.4 when this 503 error surfaces?
Also, since my apache was dowan with 503 error a customer mailed in today saying; "It seems that my site www.xxxx.com is regularly down, and the winlogon virus is involved."
I suspect this is again due to the fact that http requests start getting redirected?
I recently upgraded from Plesk 11.5 to 12.0. I also just got an extra IPv4-address for my server (provider is Strato), unfortunately I have some problems with adding it to Plesk.
The IP should be assigned automatically through DHCP, but when I did a Reread IP in Plesk, nothing happened. I tried to manually add the IP, but then Plesk manually configured it and I lost the IPv4-connectivity (IPv6 kept working though).
Now when I want to remove the IP, I get the following error:
Is this a bug or a problem with my specific configuration?
the hostname is www.domain.com also in the serversettings of plesk. When we go to http://www.domain.com:8443 we become redirected to https://www:8443. The only way to connect to plesk is to use https the redirect from http doesnt work.
I got rvskin with whm and it seems whm create account for itself.But every time when i load whm i getting popup with error Hostname A Entry Missing!
The server was unable to lookup an an A entry for its hostname (ns175.domain.com). This is generally because the entry was never added. However this could also be the result of your nameserver(s) being down. If you would like to attempt to automatically add the entry, And i am sure i have that A entry.Any idea why is that happening ?
On our production service, we've been getting numerous malformed POST requests to some of our CGI scripts that are showing up as 500 errors in our logs. They are malformed in the sense that the actual content length doesn't match the Content-Length specified in the request.
Here's the most trivial example I can come up with that reproduces the problem for us:
In addition to the 500 error in the access log, we see the corresponding error in the error log:
(70014)End of file found: Error reading request entity data
Based on the nature of the POST request and the error response, it does appear that Apache is doing the right thing here.
The POST never actually makes it as far as the script being targeted (/some_valid_alias in the above example); in other words, Apache returns 500 to the client, writes the error to the error log and never executes the script.
Is there a way to capture/avoid internal Apache errors like 70014, and return some other HTTP status besides 500 (like 403)? It's particularly annoying in our case, because our server sends us an email for all 500 errors.
So far, our best "defense" against these 500 errors is to disallow POST for these aliases, which normally just ignore the POST data anyway (when the request is not malformed):
I recently transferred my domain names from MyDomain.com to GoDaddy.com and now whenever you click on a link to my site from the search results it produces an HTTP 500 Error. I am using HostGator and they said that it is "not what they assist with". I know it could be a number of things but they told me to check with my redirects and there is nothing in the .htaccess file.
Someone tried to access their webmail from a remote location and got a page not found error. It did have the following error like this at the bottom though:
"HTTP 502 Proxy Error - The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. (12204)
Internet Security and Acceleration Server"
This is a cpanel server with Centos. I did not find any info via cpanel's forums about the 502 error.
I'm using IIS v5.1 on WinXP SP1 and I encountered this error (Page cannot be displayed.....HTTP 500 - internal server error) all of a sudden. now, i've been using my Web server with no hitches, but now I can't open any pages on the server that run server side scripts so i reinstalled it and still get the same "Page cannot be displayed" or I get part of the source code for the server side script. Pinging the server shows that its ok, it replies. and regular pages with no scripts still run with the http protocol in the address. Any ideas on how to get past this problem?
We have just installed the plesk version 12. All the installation completed without errors . then we restarted the server . and when we tried to open the plesk through the desktop shortcut we get the error " HTTP Error 503. The service is unavailable."
We have tried the following links fix HTTP , kb6735 .
I keep hearing that redirecting from http to https is not very secure [non-SSL to SSL]. Among other reasons, one reason is that the browser may continue to think it is communicating with non secure server and may not encrypt the data. Is it true? I hope not, I am using the following -
I was trying to set up a JBoss cluster with apache httpd mod cluster in windows.I was able to start the apache using the command 'httpd. exe'. But when I tried to access it using localhost:6666/mod_cluster_manager , the page was not accessible.I have the entry 127.0.0.1 localhost in my hosts file.
The http.conf contains lines as given below:
# MOD_CLUSTER_ADDS # Adjust to you hostname and subnet. <IfModule manager_module> Listen 127.0.0.1:6666 ManagerBalancerName mycluster <VirtualHost 127.0.0.1:6666>