I have installed mod_python and the mods-enabled directory in the Apache2 directory looks correct (links to the available directory and the .load file), but I can't get Apache2 to process Python coded files.
I have vista installed and I need a few applications to run in XP from time to time, so I decided to try to set up a dual boot config. Well unfortunately I couldn't get very far because the partition I made with disk manager, and in fact the unpartitioned free space as well, is not being seen by windows XP when I go to install it.
I have a client that is certain someone is trying to hack her web-portal. I need to set up something that will alert me on suspicious activity on the server. For example someone fiddling with requests trying to make SQL / shell .. injection and similar threats.
Does any tool (for example bash script with grep) exist that would parse the raw apache logs and report if something is suspicious. Apache logs don't show the POST data so I am talking to admin to setup dump_io apache mod that enables this.
Or am I going into wrong direction here and there is whole another way to do this? I searched the web and forums for anything like this and didn't find anything.
I have moved my sites from old server with Apache 1.3 to new one with Apache 2.2.4. Since that time, the error log is full of these lines:
Code: [Wed Jul 04 05:36:32 2007] [error] [client 184.108.40.206] File does not exist: /home/domain/public_html/russia [Wed Jul 04 05:36:39 2007] [error] [client 220.127.116.11] File does not exist: /home/domain/public_html/russia [Wed Jul 04 05:36:45 2007] [error] [client 18.104.22.168] File does not exist: /home/domain/public_html/italy [Wed Jul 04 05:36:57 2007] [error] [client 22.214.171.124] File does not exist: /home/domain/public_html/mexico The access logs show even more accesses, so sometimes the same page is ok, sometimes it is logged here. The strange thing is that these files (pages) exist! They are accessible through the browser without any problem.
Do you have any idea where could be the problem? It would helped me lot, I am unable to find any real problem now, when error log is full of these.
My OS is Ubuntu 6.06. I use mod_rewrite through .htaccess. I can provide list of apache modules, if it helps.
I'm moving to a dedicated server for first time in my life and I have some questions that I want to share with you all.
I have run many scripts like joomla, vbulletin, etc, and I have found that when I install a module or template or when I upload images using this scripts, the permisions of this files are wrongly assigned as they belong to apache:apache instead of myuser:mygroup.
The problem is that as my new server is going to be fully managed, I am not going to have root access to chmod this files to the right myuser:mygroup and as a consecuence I'm going to be unable to dmove or delete them usinf my ftp or shh user acount.
Hope you can help me this this issue. I need to tell my hosting company what I want to do to avoid this way of working but I have no idea of how can this be solved
I recently upgraded my Apache 2.2.22 installation on Win 8.1 to 2.4.9, making all necessary changes (I believe) to the conf files. I am puzzled that two files in the format authdigest_shm.xxxx now appear in my logs directory when the server is restarted. (Edit: there is also no httpd.pid file)I assume this is to do with running digest authentication, but is a new phenomenon since the upgrade.what conf file setting(s) have I screwed up?!
When a user enters the whole url to a file on the webserver he/she can view this file. I want to prevent this and only allow access to the files from within the application (under apache). How can I do that? I already tried:
<Directory /var/www/html/folder/files> order deny,allow allow from localhost </Directory>
This works BUT the file also isn't viewable from within the application anymore.
I own a VPS server running CentOS with Cpanel WHM where no one can watch videos i post on any apple product.
The file plays fine on iphones when watching it on that website. BUT if i download that mp4 file and upload it to my own server, anyone with any iphone cant watch that video on my own server. I do now modify the file in any way. It plays fine on a PC or android phone / table but not Ipad and iphone...
Here is an example of hosting the above file on my server and linking it externally on my server. [URL] ....
I have a apache server, and i'd love to find a way to be able to upload files to my server, allowing me to view the files on my server or in a folder, allowing me to download these files, edit them and re-upload them, replacing them such as files like word documents. I want it to be web-based as i'll be using it for school work, so i can upload them.
Apache httpd Users mailing list, but nobody there has responded in several days. I'm using mod_alias to map URLs to directories that are outside of Apache's DocumentRoot. However, it seems that .htaccess files are being ignored in these directories.
I have installed Apache httpd and setup a SSL/TLS connection. SSL/TLS is working without a problem. I can clearly see httpS address in browser.
What I have found out that if browser gets some SSL/TLS error like trying to establish SSL/TLS connection with old protocol and web server refuses connection there is no error in SSL/TLS log recorded. I would like that every SSL/TLS attempt with error is recorded in ssl_error.log file. How to define settings in Apache config files to enable SSL/TLS error logging?
Is there a way to get Apache to tell me which .conf file it is loading at start-up?
There's a box that's misbehaving and Apache is running on port 80 and 8080 on the box... but we can't locate *why* it's running on port 8080. I can't find any Listen 8080 statement in the typical config files. If I knew which config files it was loading, I could go through all of the files in more detail.
I have a tiny "webpage" in an Apache server running on my computer. I've got for it this .htaccess file: URL...I have written it by googling,.(I don't really know very much about Apache HTTPD, but my Java suite requires this stuff, so here I am). Supposedly the first paragraph is to avoid Google Chrome from caching my files and the second part (the Order sentences) are to allow anyone to view only those kinds of files (which is otherwise let them see everything but folder roots.
And here is the httpd.conf, which I've modified almost only to change the listen port, the server name, and to replace the AllowOverride None into AllowOverride All so that .htaccess is actually used (I've deleted the comments for readability).URL....
I had never heard of something similar, "I can only load one instance of each file". In explanation, the only html file there's, runs from time to time a PHP script. Let's say I run it on localhost for example. Then everything is going fine. But I open a new tab, and load the same page (while the another one is yet open), and I'll get a 412 HTTP error. Similar thing happens if I try to load the webpage from another device. And, with my little experience with Apache HTTPD, I guess it's because of this .htaccess or httpd.conf files. Why does this happen or how can I solve it (either it be or not related to one of these files, I'll do whatever is needed)?
Apache 2.2.22 which can be found [link URL....]here[/link] in Windows 8 x86.
We have three virtual hosts on our Apache 2.2 installation on Windows Server 2003. For some reason, I'm unable to open log files (error.log and each virtual hosts-specific log), even though I have full administrator rights. (The log folder is full access to admins.) Every time I try to open the file or even copy it to another location, it just says "Access Denied." I temporarily solved the issue for one of the logs by adding BufferedLogs On
In web application we are facing high vulnerability issue based on the session validation.
We can download the files from the server whenever we are passing the link even without login. The links are directly hit into the server and download the files any type of files extension such as .txt, .xml, .zip and so on.
Need the solution for this issue: How will we resolve the issue using validate the session in apache side?
Scenario as below:
When user manually passing the request if user logged they should access the files When user manually passing the request if user is not login they shouldn't access the files
Here both the scenarios they can access the files but we want to restrict when the request is coming to apache without login.
EX: [URL] ....
When i tried above link I can able to view the file in browser. Even able to download all different fies extension which are having in the under tomcat webapps dir.
How we can restrict this in apache code or any other files in apache side or is there any way to validate the request is logged one or not?.
How to increase the Open Files limits descriptor in Apache. In the earlier version of Cpanel, we had an option of Raise FD Size Limit to 16384, but the option no longer appear while rebuilding Apache. What is the way to do it and make the change permanent?
I use the Apache server included with Mac OSX as my local development and testing environment for front-end web coding work. On the latest update to Yosemite (10.10), all of my .shtml files stopped processing my include virtual statements (or any SSI statements, for that matter).
I'm not seeing any errors, but the includes just show up like commented out code in the HTML when I view source. I've set up Apache to use a httpd-vhosts.conf for my various local dev servers (project1.local, test.local, etc...) Nothing seems to work.