Apache :: Session-Timeout Respecting Mouse Clicks But Not A Keypress
Feb 21, 2014
We have a screen where users are filling out a form on our website, but if they don't click "submit" before the session-timeout limit, they are logged out and lose their work when they click the button.
So for instance with a timeout of 10 minutes, if it takes 15 minutes to construct their message, the connection will silently time out in the background with no warning.
Is there a way to make Apache respect a keypress/keydown/keyup as "activity", and maintain the session while the user is still typing?
Our server reports that it is using Apache Tomcat/7.0.39
I am assisting a client who is linking to an online calculator, he is putting a frame on top of the calculator page, so people will still see his information. However, for some reason he is getting a Session Timeout Error in IE.
I don't get this error in Firefox using this method, or ever going to the direct page in IE.
Let me give a better explanation:
If you visit: [url]
Just put in a fake name and email, it loads a frame at top, and then the online calculator, which is this page: [url]
Why I am getting a Session Timeout? Is there a better solution. I never get the same error if I go directly too: [url]
We want a frame or better solution because we still want the contact information to be in front of the consumer.
Does this maybe have to do with a cookie and frame?
I'm currently a video sharing site and I'm aiming for large videos (around 500MB - 1GB), now I have to take into account an average user should only be able to do 30k-50k per sec.
So the session_timeout and upload_max need to be adjusted. Anybody with experience with large upload sites ?
I have installed apache 2.4.10 with tomcat-7 as backend .Proxypass has been added in apache to access tomcat via http port .now requirement is to restrict each Context to 100 sessions only , how i need to achieve this .
I have diesel generator controller card (IB Lite made by Comap) and the built-in webserver supports only a single user/session connected.
I want to set apache in front and serve multiple connection while apache is keeping a single session with the IB Lite card in background no matter how sessions it have.
I tried ProxyPass but it doesn't seems to be a solution.
The issue I'm having is that mod_deflate is compressing binary data, outputted from PHP scripts as well (undesirable).
The script sends a Content-Type: application/octet-stream header, so I'm guessing that mod_deflate is simply not looking at headers generated by the script before compressing output.
I've even changed the default MIME type for Apache to application/octet-stream but to no avail.
Note that static content which has a defined MIME type doesn't get compressed - it's only the output generated by scripts.
Also, there is no defined MIME type for the .php extension.
I've also tried to disable the filter for certain directories, however, Apache doesn't seem to have an opposite to AddOutputFilterByType (although it does for AddOutputFilter (RemoveOutputFilter)). Also, I can't seem to stick in a negative <Directory> command either, which is a pain :/
I have a new website that has a similar feature to tripadvisor's Reviews, where users share detailed thoughts and experiences. They fill in all this information on one form so there is no interaction with the system while they are writing.
I know Apache has the TimOut setting which is set to 5 minutes by default. This ensures that you do not have users using active memory and sessions for a long period of time.
But the problem I have seen is that some users are spending 15-20 minutes writing very detailed experiences and when they hit the submit button obviously their session has timed out and they lose everything and get a system error.
I really don't want to change the TimeOut value in Apache to 20 min due to resource constraints, but is this my only option?
I have a web server with Apache 2.4 VC11 [URL] .... running on Win 7.
On my server I have some mp3's. I can queue them up in Winamp and the 1st one will begin streaming. However, after it plays for about 20-30 minutes it stops streaming, almost as if some time limit has been reached, and advances to the next song. I can reselect the song and drag the position to where it stopped playing and it will continue to play for about 20-30 minutes from that position and stop again.
Is there a setting in the apache configuration I need to add/change to increase this limit?
We use CentOS Linux 7.0.1406 (Core) with Plesk Version 12.0.18 Update #27.
We have the following problem:
When a user clicks on a database in his account and tries to login with phpmyadmin, Plesk prompts for a Password of that specific user. The message is (in german):
Code:
The site https://........:8443 responded with: Enter the password to log in as the database user xxxxxx
When i enter the correct password a new phpmyadmin window opens and the user can use his database. A few days ago you didnt have to enter a password at all. When you were logged into Plesk as a user, you could just click "Databases -> Webadmin" and phpmyadmin opened up without Plesk asking for a password.
The question for the password is NOT coming from phpmyadmin. Its from Plesk itself. After i enter the correct password plesk hands the request over to PMA.
For debugging i created a new database for a user and i could enter its database without any problem. No password was required. But the existing old databases now all require a password. So obviously Plesk is not aware of these passwords anymore. I guess they are/were stored somewhere.
I have an Apache Server (2.4.3) and a Tomcat Server (7.0.36) and have some Java Applications deployed.Everything works fine, but when we start a quite long Ajax process, I see in my Java Application, that a Ajax request is received and starts processing - everything fine. But during processing of the first request, I see a second request starts after 5 minutes.
I have a large survey (I use phpsurveyor) on my reseller webdomain running. It takes about 30 minutes to fill in the complete survey. After 24 minutes my respondents get a session error and their data is lost.
Code: Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/myhope/public_html/pro/index.php:1) in /home/myhope/public_html/pro/index.php on line 2
It could've gone into the php section as well...I think.
I got a dedicated server 2 days ago, but the "session.save_path" is not set. What I did was create a "php.ini" file, put the following code into it and uploaded it to my public directory.
When i try to login my linux server from GUI i put my username "root" and then put the password, i am not able to login and getting following error
"Your session only lasted less then 10 sec. If you have not logged out yourself this could mean that there is some installation problem of that you may be out of disk space. Try logging in with one of the failsafe sessions to see if you can fix this problem view details in ~/.xsession.error file "
when I install Joomla, it said session.save_path = /tmp is unwriteable. however, following phpinfo(), the session.save_path on server is /tmp, and all my php sites are working fine, I can see many sess_ files in /tmp. That means the sessions are still written into /tmp by user apache, is that correct?
so, why Joomla instalation saying it's unwriteable? i am on a linux server
I had done a program in early 2006 for a site in php-mysql. At the time of doing the code, The code written was not so standard and it contained uninitialized variables used for include file paths (eventhough values are assigned to it before using) and the "sess" folder was created within the website folder. Also the parameters for the SQL query were not escaped, but everything was working fine.
And now i was informed that the insecure code in my program caused the server crash and i have to pay the penalty for the same. Can anyone let me know whether the below code / keeping the session variables within a folder inside the /www/ will make the sites hosted on the server where this program runs to stop/crash for ever ?
------------------------------------------------------------------ function update_region($id,$regname,$regcom) { $query = "UPDATE taxregion_mast SET taxregion_name = '". $regname."', region_comments = '". $regcom."' WHERE region_id =" .$id; mysql_query($query);
Is it possible to have 1 session under XXX.XXX.XXX.XXX IP and the 2 session under a different IP allocated by your DC?.
The box is in Europe ..I need to log-in one session and download some files from a server so whenever the master sees it will see one IP and the other session from another.
Two of the reasons I need this done is 1. privacy 2. avoiding of buying another box.
I've come across an issue where our users are not logging out of their terminal services session properly. Whether via TSWeb or MSTSC (remote desktop), if they close the browser or RDP window using the x it keeps the session alive for upto 1 minute.
The problem with this is that we use terminal services to host an application for users who can't install it, so other users that login (using a generic username and password) are adopting/hijacking the original session and seeing someone elses data.
Does anyone know of a way to force a new session each time a user connects to RDP? Whether via TSWeb or MSTSC (remote desktop)?
if it's possible to log all ssh commands to a file by session. For example, if I log in as user 'test123', once I close the session, all commands I ran will be saved to a file and either emailed to my server logs email address or saved to a file.
I have a website where people perform a number of tasks, saving some data to temporary session files. If the user is idle for a certain amount of time, then performs an action, his/her work will be gone.
I'd like to set the sessions to never expire, so that only a browser close would delete the temporary files.
I've tried looking around in the IIS manager, but I cannot find a way to do this.
I have a Cpanel box, in WHM I used the "PHP Configuration Editor" and changed the php execution time (minor change). After clicking save I now get the following error on any php using sessions:
Warning: session_start() [function.session-start]: open(/tmp /sess_1d374c43a0f726cd43776f9f92485bec, O_RDWR) failed: No such file or directory (2) in /home/continou/public_html/control/index.php on line 4
One thing I noticed it did was turn on PHPSuexec which generally causes problems for me. I turned that off and the error response changed slightly (to above) but the problem is not solved.
I tried rebooting the server. /tmp does exist, I am now rebuilding apache in hopes that corrects the problem.
and i get the error ----------------------------------------------------- Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0 -----------------------------------------------------
I'm looking at allowing remote telnet into my server.
like any security-minded administrator, I want to log what my users type on the telnet session.
I'm using the script command to generate transcripts of the users session.
I have /etc/profile set to automatically start the script command to log user activity, and in /etc/bash.bash_logout I have a command that emails me the transcript of the users' session.
All of the above works well except for one thing:
the users can type "exit" to escape from my script logging and any commands they type won't get logged.