Hardening PHP And Apache

Nov 8, 2008

Does any one know of any good articles/tutorials on how to harden PHP and Apache on a cPanel VPS?

View 6 Replies


ADVERTISEMENT

Hardening My Server

Apr 16, 2009

So I did something terribly dumb early this AM...go me...and I had to reinstall. Yes, it was that bad. Kernel panics, a hoarked up bootloader, nothing in the execution path, etc. Let's just say that between the 2.6.18-128.el5 kernel (I've been reading that there are a lot of reports of file corruption after this update, something I saw as well...) and yum doing something it wasn't supposed to, I'm having to start over. Thank goodness for backups. Anyways, to my questions:

CentOS 5.3 64-bit, clean install, no CP yet. I'm trying to get the base OS clean, simple and hardened before I put DA on there again and restore my websites but I have a few questions since I'm a network dork and normally pay for people to do the extended server hardening for me.

/etc/passwd/ ....

View 1 Replies View Related

Server Hardening

Feb 6, 2008

I have a dedicated server, and want to make it safe...

I once had a HOWTO to do that with things as APF and such, but is there some howto out there that is recent?

View 3 Replies View Related

Exim Hardening

Jan 12, 2008

I want to restrict ALL port 25 and port 26 email only to users who authenticate first.

I thought it came this way on Cpanel boxes, but yet there's a ton of crap being relayed through my box and getting me on tons of blacklists.

View 0 Replies View Related

VPS Server Hardening

Sep 15, 2007

What a few things you would do to boost the security of your VPS? So far I have securing/restricting SSH access, installing chkrootkit and putting up a firewall. Any other things I should do?

Just noticed I put VPS Server Hardening, should be VPS Hardening

View 10 Replies View Related

Server Hardening

Oct 25, 2007

There are many people who sell server hardening for windows and linux and all the packages are pretty much the same. I don't want to give anyone outside access to my server no matter how much they claim to be good, fact is once it's out, it's out.

Is there an online resource with some sort of check list and links for a quality server hardening for windows and linux servers?

I.E. install this, install that, configure this?

Seems that do it yourself is worth the training and $100

View 5 Replies View Related

Hardening A Win '03 Server

Jul 22, 2007

Is there a guide or check list of settings to make on a new box that I can follow to lock it down?

View 1 Replies View Related

Debian Lenny Hardening

Mar 19, 2009

where I can find a guide or how-to to hardening Debian Lenny web server (a xen vps one)?

View 0 Replies View Related

ELS Script, CentOS 5 And /tmp Hardening

Nov 27, 2007

while the ELS script looks pretty sexy on paper, it appears that the hardening of the /tmp and /shm is fairly problematic on CentOS 5 systems. Apparently the entire process is mucking up /etc/fstab and yes, I know, I'm being 100% lazy by using a script...so sue me.

Wanted to see if anyone had any success or complete disaster stories running ELS on a CentOS 5, preferrably 64-bit, system in the past few months and would be willing to share their experience. There's more than just the filesystem hardening in it and I'm looking for some of the other aspects but that seems to be the reoccuring nightmare scenario people are having.

For those wondering what ELS is, here's a good (and bad) discussion about it on the DirectAdmin forums. I'm sure there's others but this is where my search started.

[url]

View 2 Replies View Related

Linux Server Hardening

Nov 23, 2007

1. I don't use nor will I EVER use cPanel (royal POS in my opinion). I might, however, have DirectAdmin installed (not sure yet)

2. CentOS 5, 64-bit edition

3. Apache 2.2 latest, MYSQL 5.1 latest, PHP 5.2 latest

I usually use appears to be super busy and just not able to get the job done. No slight on him, he has a busy work schedule. So I'm looking to go outside of my comfort zone and see other companies to use. I don't think I can use Platinum as I outright refuse to even discuss cPanel as an option. If I want an underperforming, unsecure and incompatible web and database server, I'll run Windows.

So I'm looking for the usual end-to-end hardening package. I'm too lazy to do it myself and I'll forget to do something. Any recommendations out there in WHT land?

View 3 Replies View Related

Cpanel /home Permission Hardening

Mar 26, 2009

Since this got lost (google cache of thread discussion so far)
[url]
im reposting because i think it was an interesting discussion.

I'm setting up a cpanel server for the first time. I was wondering if i could harden the default cpanel permissions for the user folders in /home The idea is to prevent users viewing each others files. Please don't suggest the php open_basedir option as its not secure and doesn't work with cgi based file browsers.

Note I'm using suexec/suphp.

currently new cpanel users folders are created with
group and user ownership and the permissions 755

I was thinking if i changed this to 711 would this break anything?

Could i lock this down even more by changing the group ownership to "nobody" and thus have permissions 710.

View 3 Replies View Related

Hardening Windows Server 2003

Dec 24, 2008

Other than anti-virus

View 8 Replies View Related

Mail Server Hardening Tips

Aug 15, 2008

We have a linux server running cPanel/WHM and using Exim for mail, we're also using SpamAssassin to label messages as spam. I have made a few modifications to settings and installed things like DomainKeys, but am wondering if I am doing enough.

My objectives are to:

1) Prevent mail users on the server from being inundated with spam, and/or be able to effectively manage any spam that does come through.

2) Ensure that messages that my mail users send out remains as highly deliverable as possible.

3) Make it difficult for third parties to exploit my mail server for their own spamming needs.

Are there any good tutorials out there on this stuff that should at least cover some of my bases? Where should I begin? The only thing preventing me from hiring out the work to someone else is that I'd like to learn how to do it myself.

View 3 Replies View Related

Recommended Security Hardening Procedures

Jan 26, 2007

I am compiling a list of security hardening procedures which should be performed to a server, with the goal of coming up with a comprehensive list of hardening procedures which should be implemented.

The following lists the details I have compiled so far. Please feel free to contribute additional hardening tips so we may come up with a full and thorough list:

Install mod_security
Install mod_evasive
Install mod_limitipconn
Install APF
Install BFD
Install PRM
Install SIM
Install portsentry
Install chkrootkit and configure reporting cronjob
Install rkhunder and configure reporting cronjob
Install snort
Install tripwire
Install libsafe
Install mail header patch to identify cause of spam sent through nobody
Limit compiler and fetch utilities access to root only
Correct folder permissions to prevent directory transversal
Remove unneeded OS packages
Upgrade kernal to latest OS release
Ensure MySQL password is set
Ensure OpenSSH protocol is only using protocol 2
Ensure cannot SSH directly to root. Must SSH to admin first.
Enforce noexec & nosuid on temporary directories /tmp and /var/tmp
Disable used services
Disable DNS recursion
Disable IP source routing
Disable IMCP redirect acceptance
Disable certain php functions (system, exec, shell_exec)
Enable IP spoofing protection
Enable Spoofing protection
Enable syncookie protection
Enable misc. sysctl settings
Harden host.conf

View 6 Replies View Related

Advanced Securing & Hardening Of Linux Server -cPanel

Oct 29, 2009

We have discussed all the basic methods of securing and hardening the server. Lets leave all the basic and general server securing and hardening I have started this to get advance knowledge in securing and hardening of the server so that it will usefull for all the person So i request all to provide all the vaulable tips and suggestions in advance securing and hardening of linux servers I welcome all the comments related to advance securing and hardening of linux servers.

View 5 Replies View Related

Hardening Windows 2003 + Secure Remote Admin

May 3, 2007

I've just ordered my new Windows 2003 server with 49Pence.com and will be taking "delivery" of it once they have commissioned it.

Anyway, I would appreciate some advice on how to secure it. I have been used to the luxury of a hardware firewall, but budgetary constraints mean I will have to rely upon a software firewall (something that scares me a little). It will be running our company websites, MSSQL and MDaemon mailserver.

I am not sure exactly how the server will be delivered, but I assume it will arrive fully patched with Remote Desktop access, and Windows Firewall installed.

First question: Is Windows Firewall sufficent? I am more used to configuring firewalls with Ports/Protocols/IP's rather than "applications". I also understand that Windows Firewall cannot restrict access to specific IP's.

I read that IPSec / TCP Filtering should also be used. I've looked at various links and have an idea how to do this, but I do not want to make a mistake and get "locked out". I saw a post saying that during testing they set up a scheduled job to reset the IPSec policies every x minutes so that they can log back in if they do make a mistake. How would this be done (in terms of IPSec) .. or is this a matter of stopping a service?

If I go with another software firewall, is there an easy way to install remotely without getting locked out of the Remote Desktop? KVM over IP is a charged by the hour.

It is "safe" to leave Port 3389 open and rely upon passwords (and potentially IPSEC IP policies), or should I administer by VPN?

If so, it seems that in order to create a VPN connection on the server, it requires that the Windows Firewall is shut down (at least on my test server here). Obviously this is something I don't want to do!

View 5 Replies View Related

Apache :: Capturing Internal Apache Errors Return Custom HTTP Status

Nov 15, 2013

Server Version: Apache/2.2.22 (Unix)

On our production service, we've been getting numerous malformed POST requests to some of our CGI scripts that are showing up as 500 errors in our logs. They are malformed in the sense that the actual content length doesn't match the Content-Length specified in the request.

Here's the most trivial example I can come up with that reproduces the problem for us:

POST /some_valid_alias HTTP/1.1
Host: example.org
User-Agent: Arbitrary/1.0
Content-Type: multipart/form-data; boundary=---------------------------41184676334
Content-Length: 769
-----------------------------41184676334

In addition to the 500 error in the access log, we see the corresponding error in the error log:

(70014)End of file found: Error reading request entity data

Based on the nature of the POST request and the error response, it does appear that Apache is doing the right thing here.

The POST never actually makes it as far as the script being targeted (/some_valid_alias in the above example); in other words, Apache returns 500 to the client, writes the error to the error log and never executes the script.

Is there a way to capture/avoid internal Apache errors like 70014, and return some other HTTP status besides 500 (like 403)? It's particularly annoying in our case, because our server sends us an email for all 500 errors.

So far, our best "defense" against these 500 errors is to disallow POST for these aliases, which normally just ignore the POST data anyway (when the request is not malformed):

RewriteCond %{REQUEST_METHOD} ^POST$
RewriteRule ^/(some_valid_alias)(.*)$ $1$2 [R]

But this won't work for all our scripts, because in some cases we do want to permit POST.

View 2 Replies View Related

Apache Procs Constantly Rise, Until Apache Is Restarted

Jul 23, 2007

I've had this problem a long time now with my hosting network and decided to ask here hoping I get some good solutions, or if someone is willing to looking at this (I'll pay if they want).

Here's what I mean:
[url]

Problem is as you can see apache processes constantly rise infinitely, at least until I restart apache (/etc/init.d/httpd restart). The point of restart is shown in red lines.

And after restart, it goes down again for X amount of hours then eventually rises again infinitely until it's restarted again.

But the fact that after restart it remains down, it means it had the potential to be down all along.

So my question is: what could be causing this and does anyone have solution to keep them low at all times (as per graphs)?

View 14 Replies View Related

Increasing The Apache ServerLimit In Apache 2.2.8 Version.

May 28, 2008

The Linux Server got down when the MaxClients 256 is reached.
Error Log:

"server reached MaxClients setting, consider raising the MaxClients setting"

So that I have tried to increased the MaxClients Value to 500, after changed the value in httpd.conf and restart I get following error message.

" [notice] SIGHUP received. Attempting to restart
WARNING: MaxClients of 500 exceeds ServerLimit value of 256 servers,
lowering MaxClients to 256. To increase, please see the ServerLimit
directive."

So that I tried changed the Server limit in /usr/local/apache/include/httpd.h header file. but it seems like there is no entry.

Apache Version : 2.2.8

So I have added the ServerLimit 500 entry in httpd.conf file and restart the httpd service. But still shows the same warning mesg. Please help me regarding this.

We have the Dedicated server for Flash Game Server with following configuration.

RHEL4 OS
2GB RAM
Intel(R) Xeon(R) X3210 @ 2.13GHz
Cpanel Installed.
Apache 2.2.8
PHP 5.2.4
MySQL 4.1.2 (MySQL Server is working in differend server)

View 7 Replies View Related

.htaccess Issue With Apache 1.3, But Works On Apache 2.2

Mar 22, 2008

I have the following Apache redirect code in .htaccess:

RewriteRule ^sap-latest-news/([0-9]*)/([A-Za-z0-9_-.]*).htm$ /domain.com/app/modules/content/latestNews.php?id=$1 [L]

This redirect works fine on Apache 2.2.8, but doesn't work on Apache 1.3.41

The following is the entry from error_log:
RewriteRule: cannot compile regular expression '^sap-latest-news/([0-9]*)/([A-Za-z0-9_-.]*).htm$'

A simple Rewrite is working fine in Apache 1.3, but the above regualar expression doesn't seem to be working on Apache 1.3. Does anyone know whether Apache 1.3 doesn't support it?

View 3 Replies View Related

Installed Apache And PHP Only Seeing Default Apache Page

Jun 1, 2007

I am having an issue where I have a server that Directadmin is installed on. I go to the a url that is on the server and all i see is the default page of apache saying congrats, it is installed. Although there is no file like that in the public_html any longer and I can see my files in the public_html folder of that specific site.

View 6 Replies View Related

Downgrade CentOS 5's Apache 2 To Apache 1.3

Jan 3, 2008

I've been searching around with google regarding how to downgrade the Apache 2.2 which comes with CentOS 5 to Apache 1.3.39.

View 2 Replies View Related

Performance: Apache 2 Prefork Vs Apache 1.3

Jan 12, 2008

I'm building a new server for a predominantly php5/mysql5 website and was wondering which version of apache to put on. I know there are some issues with PHP and Apache in MPM, but what's the performance comparison between Apache 1.3 and Apache 2 Prefork?

View 4 Replies View Related

Can Not Compile Htppd Apache Because Of Apache APR

Aug 6, 2008

I am trying to install dedicated web server on my Slackware 12.0.0 machine. I am a novice in Linux, but succeeded in MySQL & proFTPd installation. The problem now in httpd compiling.

I downloaded the latest Apache 2.2.9, but it needs Apache Portable Runtime 1.3.2 installed. I downloaded 1.3.2 version and run ./configure

1. checking size of size_t... 4
2. checking which format to use for apr_size_t... %u
3. checking size of off_t... 4
4. checking for mmap64... yes
5. checking for sendfile64... yes
6. checking for sendfilev64... no
7. checking for mkstemp64... yes
8. checking for readdir64_r... yes
9. checking which type to use for apr_off_t... off64_t
10. checking whether ino_t and unsigned long are the same... yes
11. configure: using unsigned long for ino_t
12. checking size of pid_t... 4
13. checking whether byte ordering is bigendian... no
14. checking size of struct iovec... 8
15. checking for strnicmp... no
16. checking for strncasecmp... yes
17. checking for stricmp... no
18. checking for strcasecmp... yes
19. checking for strdup... yes
20. checking for strstr... yes
21. checking for memchr... yes
22. checking for strtoll... yes
23.
24. Checking for DSO...
25. checking for dlopen... no
26. checking for dlopen in -ldl... yes
27. adding "-ldl" to LIBS
28. checking for dlsym... yes
29.
30. Checking for Processes...
31. checking for waitpid... yes
32. checking for Variable Length Arrays... yes
33. checking struct rlimit... yes
34.
35. Checking for Locking...
36. checking for semget... yes
37. checking for semctl... yes
38. checking for flock... yes
39. checking for semaphore.h... (cached) yes
40. checking OS.h usability... no
41. checking OS.h presence... no
42. checking for OS.h... no
43. checking for library containing sem_open... none required
44. checking for sem_close... yes
45. checking for sem_unlink... yes
46. checking for sem_post... yes
47. checking for sem_wait... yes
48. checking for create_sem... no
49. checking for working sem_open... yes
50. checking for union semun in sys/sem.h... no
51. checking for LOCK_EX in sys/file.h... yes
52. checking for F_SETLK in fcntl.h... yes
53. checking for SEM_UNDO in sys/sem.h... yes
54. checking for POLLIN in poll.h sys/poll.h... yes
55. checking for PTHREAD_PROCESS_SHARED in pthread.h... yes
56. checking for pthread_mutexattr_setpshared... yes
57. checking for working PROCESS_SHARED locks... yes
58. checking for robust cross-process mutex support... yes
59. decision on apr_lock implementation method... SysV IPC semget()
60. checking if all interprocess locks affect threads... no
61. checking if POSIX sems affect threads in the same process... no
62. checking if SysV sems affect threads in the same process... no
63. checking if fcntl locks affect threads in the same process... no
64. checking if flock locks affect threads in the same process... no
65. checking for entropy source... /dev/urandom
66.
67. Checking for File Info Support...
68. checking for struct stat.st_blocks... yes
69. checking for struct stat.st_atimensec... no
70. checking for struct stat.st_ctimensec... no
71. checking for struct stat.st_mtimensec... no
72. checking for struct stat.st_atim.tv_nsec... yes
73. checking for struct stat.st_ctim.tv_nsec... yes
74. checking for struct stat.st_mtim.tv_nsec... yes
75. checking for struct stat.st_atime_n... no
76. checking for struct stat.st_ctime_n... no
77. checking for struct stat.st_mtime_n... no
78. checking for inode member of struct dirent... d_fileno
79. checking for file type member of struct dirent... d_type
80.
81. Checking for OS UUID Support...
82. checking uuid.h usability... no
83. checking uuid.h presence... no
84. checking for uuid.h... no
85. checking uuid/uuid.h usability... yes
86. checking uuid/uuid.h presence... yes
87. checking for uuid/uuid.h... yes
88. checking for library containing uuid_create... no
89. checking for library containing uuid_generate... -luuid
90. checking for uuid_create... no
91. checking for uuid_generate... yes
92. checking for os uuid usability... yes
93.
94. Checking for Time Support...
95. checking for struct tm.tm_gmtoff... yes
96. checking for struct tm.__tm_gmtoff... no
97.
98. Checking for Networking support...
99. checking for type in_addr... yes
100. checking if fd == socket on this platform... yes
101. checking style of gethostbyname_r routine... glibc2
102. checking 3rd argument to the gethostbyname_r routines... char
103. checking style of getservbyname_r routine... glibc2
104. checking if TCP_NODELAY setting is inherited from listening sockets... yes
105. checking if O_NONBLOCK setting is inherited from listening sockets... no
106. checking whether TCP_NODELAY and TCP_CORK can both be enabled... yes
107. checking for TCP_CORK in netinet/tcp.h... yes
108. checking for TCP_NOPUSH in netinet/tcp.h... no
109. checking for SO_ACCEPTFILTER in sys/socket.h... no
110. checking whether SCTP is supported... no
111. checking for struct ip_mreq... yes
112. checking for set_h_errno... no
113.
114. Checking for IPv6 Networking support...
115. checking for library containing getaddrinfo... none required
116. checking for library containing gai_strerror... none required
117. checking for library containing getnameinfo... none required
118. checking for gai_strerror... yes
119. checking for working getaddrinfo... yes
120. checking for negative error codes for getaddrinfo... yes
121. checking for working getnameinfo... yes
122. checking for sockaddr_in6... yes
123. checking for sockaddr_storage... yes
124. checking for working AI_ADDRCONFIG... yes
125. checking if APR supports IPv6... yes
126. checking langinfo.h usability... yes
127. checking langinfo.h presence... yes
128. checking for langinfo.h... yes
129. checking for nl_langinfo... yes
130.
131. Restore user-defined environment settings...
132. restoring CPPFLAGS to ""
133. setting EXTRA_CPPFLAGS to "-DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -D_LARGEFILE64_SOURCE"
134. restoring CFLAGS to ""
135. setting EXTRA_CFLAGS to "-g -O2 -pthread"
136. restoring LDFLAGS to ""
137. setting EXTRA_LDFLAGS to ""
138. restoring LIBS to ""
139. setting EXTRA_LIBS to "-luuid -lrt -lcrypt -lpthread -ldl"
140. restoring INCLUDES to ""
141. setting EXTRA_INCLUDES to ""
142. configure: creating ./config.status
143. config.status: creating Makefile
144. config.status: creating include/apr.h
145. config.status: creating build/apr_rules.mk
146. config.status: creating build/pkg/pkginfo
147. config.status: creating apr--config
148. config.status: WARNING: 'apr-config.in' seems to ignore the --datarootdir setting
149. config.status: creating apr.pc
150. config.status: creating test/Makefile
151. config.status: creating test/internal/Makefile
152. config.status: creating include/arch/unix/apr_private.h
153. config.status: executing default commands
154. config.status: include/apr.h is unchanged
155. config.status: include/arch/unix/apr_private.h is unchanged

After that I am trying make and have error at the end:

make[1]: Entering directory `/root/build/apr-1.3.2'
/bin/sh /root/build/apr-1.3.2/libtool --silent --mode=link gcc -g -O2 -pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -.....

View 0 Replies View Related

Apache Down In The Middle Of Recompiling Apache (via Whm)

Nov 12, 2008

In the middle of recompiling apache (via whm) after upgrading postgresql to 8.3, apache went down and remains down even after restart. Recompile is still in progress (about 15 minutes in)

tail -f /usr/local/apache/logs/error_log
[Wed Nov 12 15:24:44 2008] [warn] No JkShmFile defined in httpd.conf. Using default /usr/local/apache/logs/jk-runtime-status
[Wed Nov 12 15:24:44 2008] [notice] ModSecurity for Apache/2.5.7 (http://www.modsecurity.org/) configured.
[Wed Nov 12 15:24:46 2008] [warn] No JkShmFile defined in httpd.conf. Using default /usr/local/apache/logs/jk-runtime-status
[Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Wed Nov 12 15:24:46 2008] [alert] getpwuid: couldn't determine user name from uid 4294967295, you probably need to modify the User directive
[Wed Nov 12 15:24:46 2008] [notice] Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.7a mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_jk/1.2.25 PHP/5.2.6 configured -- resuming normal operations
[Wed Nov 12 15:24:46 2008] [alert] Child 22588 returned a Fatal error... Apache is exiting!
httpd configtest
Syntax OK
ps -ef | grep ^httpd (no result)
Cpanel/Centos

View 4 Replies View Related

Apache 1.3 And PHP4 With Apache 2.2 And PHP5

Jun 1, 2008

I have apache 1.3 and PHP 4.4 installed on my CentOS 4.4

Can I install apache 2.2 and PHP 5.x on the same server? I want to test my scripts for compatibility and also to check the performance.

I dont want to break my current setup because it's a production server.

View 5 Replies View Related

Apache 1 Or Apache 2 , All Else Being Equal

Nov 13, 2008

if you were to be presented with a choice to run Apache 1 or Apache 2 given you'd have more or less the same support requests etc, and the same underlying user requirements to implement either one or the other, which one would you choose and why?

I noticed that Hsphere Parallels control panel 3.2 release as may well other control panels, offers such possibility. Personally I've been educated from senior members of previous organizations to appreciate Apache 1 as the defacto version of the web hosting industry (choice here being apache 1 and 2, not IIS or any other web servers)
Could you kindly simply attempt to enlighten me given, indeed support for both will/might remain the same in the future?

View 5 Replies View Related

Apache :: IIS 7.5 And Apache 2.4.4 Not Working Together

Jun 25, 2013

I am facing while upgrading the current Apache version 2.2.11 to Apache 2.4.4. IIS 7.5 on Windows Web Server 2008 R2 is not redirecting requests to the Apache 2.4.4 which is on Windows Server 2003 R2. I checked the access and error logs of Apache 2.4.4 and there is no entry. The existing 2.2.11 is working completely fine with IIS 7.5. IIS is working as a load balancer in my environment, takes the https requests and forwards that to Apache, then it goes to the App servers. Here, self signed certificate is used between the Load balancer and the Web server.

I have followed exact same configuration as it was used in Apache 2.2.11 but installed it with a different port (444), later changed it to 443 before running Apache 2.4.4 as a service, turning off the Apache 2.2.11 service. And also, my Apache 2.4.4 is working completely fine when I access it through the Web Server level URL (through the server machine name). But it throws me an error 502 when I hit the Load Balancer level URL. Here is the complete error:

"502 - Web server received an invalid response while acting as a gateway or proxy server. There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy)contacted the upstream content server, it received an invalid response from the content server."

how I can solve the issue? I am stuck with this portion for about 2 weeks now, it's really urgent to get it solved!

My observation that came through lots of trial and error, I believe that this has something to do with Windows registry!! I came to this conclusion as I uninstalled the existing Apache 2.2.11 and installed it back again, it throws me the same error that I am getting for Apache 2.4.4. Then, I matched it with the other web server, found out some differences in the registry created for 2.2.11 and changed in this one accordingly- now 2.2.11 worked fine in this web server.

View 5 Replies View Related

ASP.NET On Apache

Jul 9, 2007

I need to run asp.net on apache does anyone know how i can set this up ....

View 5 Replies View Related

Apache On Just One IP

Jan 4, 2009

I currently have a dedicated server running centOS5 and webmin. With help of folks here

I was able to bind additional IP numbers using webmin.

I have a small problem now. The idea of binding the IPs was so that I could create "true port 80" shoutcast connections on the new IP numbers. However, when I try this I am taken to the control panel home page (home page to that server). The config on the shoutcast server is set properly (using proper IP #) as I have been able to listen to a stream using the new ip number's (higher ports), but not the main IP number.

My questions, I hope, are simple.

1. Am I able to use these additional IP numbers for Shoutcast Port 80 (true port 80 - only one per IP #)?

2. If yes, do I have to make Apache use ONLY my main IP number, thereby releasing the others for Port 80 use? If so, how do I do this.

View 4 Replies View Related

Apache 2.2.14 Vs 1.3.41

Oct 20, 2009

I am trying to decide on upgrading our Apache version from 1.3.41 to 2.2.14.

From what I can tell 2.2 is MUCH faster, but I have seen many reports of 2.* version crashing more frequently than 1.3.

Does anyone have some solid information on the reliability of 1.3.41 vs 2.2.14?

Also, any other items I may love/miss from upgrading?

We are running php4 (default) + 5.

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved