Apache :: Users ALWAYS Redirected To Page Specified In AuthFormLoginSuccessLocation After Login
Jul 4, 2013
I am using mod_auth_form.For security reasons, I would like to ensure that users are ALWAYS redirected to the page specified in AuthFormLoginSuccess Location after a successful login. Therefore, I would like to disable processing of the httpd_location form parameter.
The best I can do seems to be to use AuthFormLocation to set the field name to a hard-to-guess value, e.g. AuthFormLocation "32 b63 a#ve"
View 1 Replies
ADVERTISEMENT
Jun 4, 2009
My Linux Server's Http Daemon (Apache) would stop serving websites ever so often, as soon as apache is restarted the error fixes iteself only to resurface within few hours.
The apache process would still be running i.e. apache does not die but no websites hosted on my server would be accessible from browser. And when this happens the apache logs do not log any http requests.
Instead when this happens all http requests to my server would be redirected to some weird Trojan website and my Norton Antivirus would show an Alert/Warning, for example;
"Browser exploit at www.xxx.xxx was blocked"
Risk Name: MSIE WebViewFolderIcon ActiveX Control BO
or another error like;
"Auto-Protect has detected Trojan.Fakeavalert".
At first i thought the problem could be with my Laptop/ISP so i logged on to the server via SSH and opened try to open a website using command line "lynx mywebsite.com" and it shows following error;
"Alert!: HTTP/1.0 503 Service Unavailable".
Now if i assume my laptop were to be infected, then as soon as i restart my apache and visit mywebsite.com eveything returns to normal with no such warnings. Why do i see those norton error messages only when apache is down with 503, and when apache is down with 503 how come the http requests always get redirected to some suspicious websites and nothing gets logged in apache error log?
I think my server is being attacked causing http to get unresponsive and thereafter http requests to my server are redirected to some malicious website, is this correct?
Also, i suspect this is a php script exploit as some customers have reported that google have blocked their website due to security reasons, i found <iframe> tage inserted in some php pages which i fixed.
Also, another thinh i noticed;
when apache responds with the 503 it is referencing PHP 5.1.4 in the header response:
[root@]# curl -I xxx.xxx.xxx.xxx (my server ip)
HTTP/1.0 503 Service Unavailable
Server: Apache
X-Powered-By: PHP/5.1.4
Retry-After: 20
I am running PHP 4.3.9m why does apache responds with PHP 5.1.4 when this 503 error surfaces?
Also, since my apache was dowan with 503 error a customer mailed in today saying;
"It seems that my site www.xxxx.com is regularly down, and the winlogon virus is involved."
I suspect this is again due to the fact that http requests start getting redirected?
View 3 Replies
View Related
May 4, 2008
I disabled ssh for my client in linux-cpanel server but I receive this alert from our firewall :
SSH login alert for user volcan
Time: Sun May 4 06:17:53 2008
IP: 89.165.68.116 (Unknown)
Account: volcan
Method: password authentication
volcan hacked and all index files modified .
It seem user can use ssh with script .
View 14 Replies
View Related
Aug 17, 2007
I allow my clients to access their mysql database through phpmyadmin, however I do not do it through cpanel or anything else like that. I run gameservers that utilize MySQL.
Usually when they login to phpmyadmin a window pops up and asks for login details, however I want to change it into a login page and I am not quite sure how to do so. I want to change it into something like this: [url]
What do I have to do to make a login page like this?
View 1 Replies
View Related
May 29, 2007
Normally when I log into phpMyAdmin, I am prompted with a standard pop-up box to enter my username and password. Is there a way I can login to phpMyAdmin through a web-page based login box?
Example of how I would like to login: [url]
I'm just having problems with pop-up based logins right now. Would prefer a web-based login system.
View 3 Replies
View Related
Jun 6, 2014
Any user that logs in, even with the format domainusername, get's the following error message: 530 User cannot log in.I have already tried the following:
net stop MSFTPSvc
net start MSFTPSvc
View 1 Replies
View Related
Jan 5, 2015
I want to permanent redirect some .html page from subdomain to main domain WordPress page,Redirect permanent /cat/FSBO76.URL....
View 1 Replies
View Related
Jun 23, 2008
Do the hsting comapny provide a system for you website for users to login or register
or do i have to do it myself
View 13 Replies
View Related
May 31, 2009
I've recently upgraded squirrelmail to latest version, and now I get problem like 3 or 4 times when u login and logout and try to login again the page freezes and gets stuck it's saying "connected waiting for reply" it keeps happening not only to me but every user in the server (multiple connections and multiple computers)
View 4 Replies
View Related
Sep 10, 2014
I'm running plesk 11.0.9 on Centos 6. I can't login anymore, the administration login page is just a blank page. The error in the log file is:
(mod_fastcgi.c.2746) FastCGI-stderr: PHP Fatal error: Call to a member function getContext() on a non-object in /usr/local/psa/admin/plib/Navigation.php on line 54
View 2 Replies
View Related
Feb 24, 2015
When I try to goto mydomain.com:8443 the site looks like it's stuck in some sort of loop always refreshing and never getting to a login prompt.
Yesterday I ran into this problem and couldn't figure out how to fix it. Looking into it again this morning I found the poa-ui.log file.:
This is what I found:
Code:
2015-02-24 00:19:19,766 xec-5 DEBUG InjectionFilter Injection filter request:/servlet/Turbine/
2015-02-24 00:19:19,767 xec-5 DEBUG OUT implementation of com.plesk.p2.util.api.legacy.RunDataAccess
2015-02-24 00:19:19,767 xec-5 DEBUG OUT implementation of com.plesk.p2.util.api.legacy.RunDataAccessInitializer
2015-02-24 00:19:19,767 xec-5 DEBUG OUT WIF:servlet=/servlet/Turbine, bw_id=null, path=/, query=null
[Code] ....
That repeats as long as I'm trying to load the PPA login page.
View 5 Replies
View Related
Aug 25, 2014
On a couple of domains I get this error if I click on the domain in the domains option or in the Subscriptions list.
Unable to find row by field login with value domain.com in smb_users table.
How can I fix this?
View 1 Replies
View Related
Jul 10, 2014
I have a problem to login Parallels Plesk Panel, on a 1and1 vps.
When I click on "login", it just reload the page (I'm sure that username and password is correct).
View 1 Replies
View Related
Jun 22, 2007
I just deleted all the files in my public_html directory and uploaded Joomla ready for installation.
But now when I go to www.mysite.com I immediately get redirected to www.mysite.com/installation/index.php and I get this error:
Quote:
Not Found
The requested URL /installation/index.php was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
What is going on? I'm baffled!
View 4 Replies
View Related
Jun 1, 2007
I am having an issue where I have a server that Directadmin is installed on. I go to the a url that is on the server and all i see is the default page of apache saying congrats, it is installed. Although there is no file like that in the public_html any longer and I can see my files in the public_html folder of that specific site.
View 6 Replies
View Related
Jun 28, 2007
I have a situation where if domain2 or domain3 is offline, people visiting them will get redirected to domain1 (since domain1 is the top of the hierarchy in the virtualhost). If I type in the IP address 11.22.333.44, I get redirected to domain1. I don't want this to happen. I rather have it show an error page or something instead. Am I missing anything? Here's the sample from my httpd.conf file:
Code:
NameVirtualHost 11.22.333.44
<VirtualHost www.domain1.com>
DocumentRoot /home/domain1/public_html
ServerName domain1.com
ScriptAlias /cgi-bin /home/domain1/public_html/cgi-bin
</VirtualHost>
<VirtualHost www.domain2.com>
DocumentRoot /home/domain2/public_html
ServerName domain2.com
ScriptAlias /cgi-bin /home/domain2/public_html/cgi-bin
</VirtualHost>
<VirtualHost www.domain3.com>
DocumentRoot /home/domain3/public_html
ServerName domain3.com
ScriptAlias /cgi-bin /home/domain3/public_html/cgi-bin
</VirtualHost>
View 1 Replies
View Related
Oct 8, 2007
There seems to be some problem with my server, none of the websites hosted on my server are accessible, the http requests either return a blank page or a page with a red quare on the upper left hand corner.
I am not sure if this is some kind of infection or DNS problem or a problem with memory apache is taking up
as i have thousands of virtualhost entries in my access log accumulated over the years out of which only a few 100 websites i am serving presently, but never deleted the non-exitent virtualhost blocks.
At times the websites are opening but most of the times they are not. And when they do not open my http requets are not logged in apacha access log.
Even the customers have reported the same problem.
Also, just four days back i had a strange issue where all
http requests to my server would take me to [url].
I can SSH to server, and everything else is working fine.
View 3 Replies
View Related
Dec 25, 2008
I have installed LP on my system, but I have one problem...
The sites main apache runs well, but I can't get the users apache to start.
The two should be run from different ports?
View 11 Replies
View Related
Jul 24, 2009
When i try to open any website hosted on my server (around 50 of them) i am being taken to following malware website;
[url]
[url]
This is a problem with my Limnux server running Apache and not a virus on my local computer as customers from all over are reporting the same issue.
As soon as i restart Apache eveything returns to normal with no such redirects.
I think my server is being attacked causing http requests to get redirected to some malicious website.
This issue would resurface almost every hour and would not go away till i restart apache.
So far my Datacenter techs. have not been able to identify the cause of this.
View 14 Replies
View Related
Dec 31, 2012
- Apache version 2.2
- operating system Ubuntu
I think I have tried everything else and userdir would work the best and is essentially what I am looking for. So basically I want be able to view all the folders in the /var/[folders]/www the problem here is that only one of the folders in there is a user. This user is called server. So when I go to http://myipaddress/~server I can view the files and its all fine, but I want to be able to go to http://myipaddress/~mark which would be /var/mark/www but "mark" is not a user. So I just get a 404 page not found error.
View 1 Replies
View Related
Nov 25, 2014
I am trying to deploy siteminder web agent on apache web server.They have a pre-req which says that while installing apache server, "install as a service, available for all users" "When an Apache-based web server is installed using a single user account, the Agent configuration cannot detect the Apache-based web server installation."
I don't see any msi installer anymore for apache web server, which had this option to select while installing.Now all i see is a zip file and i just have to unzip as part of installation. With this when I install httpd as a service, it is not detected by siteminder agent.So how can I set this "install as a service, available for all users" after installing from zip file?
View 1 Replies
View Related
Mar 7, 2008
I have a problem with my server: all my websites are shown correctly but when I try to login to the website's cpanel I get an "Unable to connect" page.
I tried to restart named and httpd but still no results.
If I restart my server I know that it will be fixed but I would like to see what I can do before restarting the whole server
View 3 Replies
View Related
Jan 31, 2013
I am a beginner with Apache web server. Is it possible to fix the Apache instance login with httpd.conf ? I use proxypas :
</Location>
ProxyPass /test09 http://192.168.0.10:5109/test.ts max=1000 ttl=120 retry=0
<Location /test09>
AuthType Basic
AuthName "Password Required"
AuthUserFile "C:Usersusers.txt"
Require valid-user
</Location>
I need user can log in only once when downloading file ( I want to protect with a simultaneous download ) !
Apache is running on Windows.
View 3 Replies
View Related
Mar 15, 2013
I am having a problem getting Apache to allow access to IE 6/7/8/9 users with client certificates installed to access restricted resources. I have several servers (Windows and Linux) running various versions of Apache from 2.0 through 2.4, all behave the same way. I am simply unable to get client certificates to authenticate IE users. how I built the CAchain, CRLs, etc.
Note that using the same client certs from Firefox works just fine, users can successfully authenticate to the resource and get content.
##### ssl.conf
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM
[Code]....
View 1 Replies
View Related
Dec 24, 2007
Our servers Shared IP seems to be loading the first domain name in the httpd.conf file as the servers default page.
I want to change the default page to either our main domain or to the apaches "success!" default webpage.
We're using cpanel. I'm unsure why it's loading the first domain when you load the IP.
It used to load properly but for some odd reason stopped working. I suspect a cpanel update was the culprit.
View 2 Replies
View Related
Mar 19, 2007
Sometime Apache Test Page opened insted to Home page of website, also sometime Network TCP/IP error occured to same site.
I didn't change any setting of httpd.conf last period. also because this problems manily happened in countries which access internet via proxy I check site via [url] and it's working fine
View 4 Replies
View Related
Dec 5, 2010
I am unable to get A username and password requested by http://127.0.0.1:8080. "Tomcat Manager Application"..I created userid and password in tomcat-users.x.
View 4 Replies
View Related
Jan 25, 2014
Where can I get examples to create login ID and password with changing of password function for valid user to access apache web server?
View 3 Replies
View Related
