Apache :: Users ALWAYS Redirected To Page Specified In AuthFormLoginSuccessLocation After Login
Jul 4, 2013
I am using mod_auth_form.For security reasons, I would like to ensure that users are ALWAYS redirected to the page specified in AuthFormLoginSuccess Location after a successful login. Therefore, I would like to disable processing of the httpd_location form parameter.
The best I can do seems to be to use AuthFormLocation to set the field name to a hard-to-guess value, e.g. AuthFormLocation "32 b63 a#ve"
My Linux Server's Http Daemon (Apache) would stop serving websites ever so often, as soon as apache is restarted the error fixes iteself only to resurface within few hours.
The apache process would still be running i.e. apache does not die but no websites hosted on my server would be accessible from browser. And when this happens the apache logs do not log any http requests.
Instead when this happens all http requests to my server would be redirected to some weird Trojan website and my Norton Antivirus would show an Alert/Warning, for example; "Browser exploit at www.xxx.xxx was blocked" Risk Name: MSIE WebViewFolderIcon ActiveX Control BO
or another error like; "Auto-Protect has detected Trojan.Fakeavalert".
At first i thought the problem could be with my Laptop/ISP so i logged on to the server via SSH and opened try to open a website using command line "lynx mywebsite.com" and it shows following error; "Alert!: HTTP/1.0 503 Service Unavailable".
Now if i assume my laptop were to be infected, then as soon as i restart my apache and visit mywebsite.com eveything returns to normal with no such warnings. Why do i see those norton error messages only when apache is down with 503, and when apache is down with 503 how come the http requests always get redirected to some suspicious websites and nothing gets logged in apache error log?
I think my server is being attacked causing http to get unresponsive and thereafter http requests to my server are redirected to some malicious website, is this correct?
Also, i suspect this is a php script exploit as some customers have reported that google have blocked their website due to security reasons, i found <iframe> tage inserted in some php pages which i fixed.
Also, another thinh i noticed; when apache responds with the 503 it is referencing PHP 5.1.4 in the header response:
[root@]# curl -I xxx.xxx.xxx.xxx (my server ip) HTTP/1.0 503 Service Unavailable Server: Apache X-Powered-By: PHP/5.1.4 Retry-After: 20
I am running PHP 4.3.9m why does apache responds with PHP 5.1.4 when this 503 error surfaces?
Also, since my apache was dowan with 503 error a customer mailed in today saying; "It seems that my site www.xxxx.com is regularly down, and the winlogon virus is involved."
I suspect this is again due to the fact that http requests start getting redirected?
I allow my clients to access their mysql database through phpmyadmin, however I do not do it through cpanel or anything else like that. I run gameservers that utilize MySQL.
Usually when they login to phpmyadmin a window pops up and asks for login details, however I want to change it into a login page and I am not quite sure how to do so. I want to change it into something like this: [url]
What do I have to do to make a login page like this?
Normally when I log into phpMyAdmin, I am prompted with a standard pop-up box to enter my username and password. Is there a way I can login to phpMyAdmin through a web-page based login box?
Example of how I would like to login: [url]
I'm just having problems with pop-up based logins right now. Would prefer a web-based login system.
Any user that logs in, even with the format domainusername, get's the following error message: 530 User cannot log in.I have already tried the following:
I've recently upgraded squirrelmail to latest version, and now I get problem like 3 or 4 times when u login and logout and try to login again the page freezes and gets stuck it's saying "connected waiting for reply" it keeps happening not only to me but every user in the server (multiple connections and multiple computers)
I'm running plesk 11.0.9 on Centos 6. I can't login anymore, the administration login page is just a blank page. The error in the log file is:
(mod_fastcgi.c.2746) FastCGI-stderr: PHP Fatal error: Call to a member function getContext() on a non-object in /usr/local/psa/admin/plib/Navigation.php on line 54
I am having an issue where I have a server that Directadmin is installed on. I go to the a url that is on the server and all i see is the default page of apache saying congrats, it is installed. Although there is no file like that in the public_html any longer and I can see my files in the public_html folder of that specific site.
I have a situation where if domain2 or domain3 is offline, people visiting them will get redirected to domain1 (since domain1 is the top of the hierarchy in the virtualhost). If I type in the IP address 11.22.333.44, I get redirected to domain1. I don't want this to happen. I rather have it show an error page or something instead. Am I missing anything? Here's the sample from my httpd.conf file:
There seems to be some problem with my server, none of the websites hosted on my server are accessible, the http requests either return a blank page or a page with a red quare on the upper left hand corner.
I am not sure if this is some kind of infection or DNS problem or a problem with memory apache is taking up as i have thousands of virtualhost entries in my access log accumulated over the years out of which only a few 100 websites i am serving presently, but never deleted the non-exitent virtualhost blocks.
At times the websites are opening but most of the times they are not. And when they do not open my http requets are not logged in apacha access log.
Even the customers have reported the same problem.
Also, just four days back i had a strange issue where all http requests to my server would take me to [url].
I can SSH to server, and everything else is working fine.
When i try to open any website hosted on my server (around 50 of them) i am being taken to following malware website;
[url] [url] This is a problem with my Limnux server running Apache and not a virus on my local computer as customers from all over are reporting the same issue.
As soon as i restart Apache eveything returns to normal with no such redirects.
I think my server is being attacked causing http requests to get redirected to some malicious website.
This issue would resurface almost every hour and would not go away till i restart apache.
So far my Datacenter techs. have not been able to identify the cause of this.
I think I have tried everything else and userdir would work the best and is essentially what I am looking for. So basically I want be able to view all the folders in the /var/[folders]/www the problem here is that only one of the folders in there is a user. This user is called server. So when I go to http://myipaddress/~server I can view the files and its all fine, but I want to be able to go to http://myipaddress/~mark which would be /var/mark/www but "mark" is not a user. So I just get a 404 page not found error.
I am trying to deploy siteminder web agent on apache web server.They have a pre-req which says that while installing apache server, "install as a service, available for all users" "When an Apache-based web server is installed using a single user account, the Agent configuration cannot detect the Apache-based web server installation."
I don't see any msi installer anymore for apache web server, which had this option to select while installing.Now all i see is a zip file and i just have to unzip as part of installation. With this when I install httpd as a service, it is not detected by siteminder agent.So how can I set this "install as a service, available for all users" after installing from zip file?
I have a problem with my server: all my websites are shown correctly but when I try to login to the website's cpanel I get an "Unable to connect" page.
I tried to restart named and httpd but still no results.
If I restart my server I know that it will be fixed but I would like to see what I can do before restarting the whole server
I am having a problem getting Apache to allow access to IE 6/7/8/9 users with client certificates installed to access restricted resources. I have several servers (Windows and Linux) running various versions of Apache from 2.0 through 2.4, all behave the same way. I am simply unable to get client certificates to authenticate IE users. how I built the CAchain, CRLs, etc.
Note that using the same client certs from Firefox works just fine, users can successfully authenticate to the resource and get content.
##### ssl.conf SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite HIGH:MEDIUM
Sometime Apache Test Page opened insted to Home page of website, also sometime Network TCP/IP error occured to same site.
I didn't change any setting of httpd.conf last period. also because this problems manily happened in countries which access internet via proxy I check site via [url] and it's working fine
I am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
