?

Log in

Apache Web Server Community
19 most recent entries

Poster:pkbarbiedoll
Date:2010-08-01 17:02
Subject:Newb question about Struts2 & JSP / Tomcat
Security:Public

I'm involved in migrating an existing, functional JSP/Struts2 app from Windows to Linux.

The former Windows environment was a Tomcat/Struts/Eclipse setup. The new environment is a standalone installation of Tomcat (which is already configured and serving several other applications).

The app in question, "MyJSPWebsite", was copied to the Linux/Tomcat webapps folder and correct permissions assigned. The database (mysql) was also copied over with user permissions established.

The site now opens, but none of the struts enabled content is functioning. For example, a drop-down list of data is not being populated. I'm not seeing any error SQL messages in catalina.out, and the username/password & query work fine from command line.

Are there separate, core struts files that have to be installed outside of those already included in the webapps/MyJSPWebsite folder?

post a comment



Poster:catbegemot
Date:2009-10-21 16:32
Subject:Apache logs analysis
Security:Public

Hi all,
I have a few servers that run suphp, so basically all incoming requests are logged in suphp_log. What I found amazing is that pretty much all malformed requests (like attempting to execute a javascript in improper places or scan for phpmyadmin scripts or something similar) are, pretty much, the only requests that are logged in access_log (except for WHM status requests).

My question is - is there any automated tool that looks into access_log every now and then and comprises a report of such entries? I am no *nix admin, so I would appreciate any advise and leads.

Thanks a lot!

post a comment



Poster:frazer
Date:2009-10-20 13:19
Subject:Redirect Match
Security:Public

Hello,

i would like to do this:

RedirectMatch 301 (.*)\.html$ $1
RedirectMatch 301 (.*)\.htm$ $1


but not to files in sub folders.

could some one please tell me how to do it?

thank you

3 comments | post a comment



Poster:bendog
Date:2008-10-07 16:20
Subject:.htaccess works in http, not in https
Security:Public

Hi everybody,
first time poster.

This has me a little perplexed.
I don't have shell access to this machine so i can't check logs and such to see what is actually going on, but my .htaccess script works fine under http, but it fails to accept the same password with https accesss.

my thought is that perhaps there is some form of authentication difference, or perhaps i need to rebuild my .htpasswd file again.

however this is my .htaccess file

AuthUserFile /full/os/path/to/file/.htpasswd
AuthType Basic
AuthName "Admin Folder"
Require valid-user



any ideas?


---- UPDATED 2008:10:08 ----
got this from their tech today.

> Subject: Re: Re: Https and basic authentication under apache.
>
> haven't had any success as yet.
>
> the problem appears to be that the username is being "lost" when
> authenticating via the SSL server.. (the error_log shows a "blank
> space" where the username should be....)
>

2 comments | post a comment



Poster:rekoil
Date:2008-09-19 18:12
Subject:triggering mod_rewrite rule via auth failure?
Security:Public

Hi,

I'm looking for a way to construct a RewriteCond that returns true only when a URL is requested without proper HTTP authentication. (The rewrite rule will generate a 301 redirect forcing the request through a proxy, where proper HTTP auth will allow direct access). So far, The Googles have not been helpful; anyone here have an idea?

Effectively, I want

http://user:pass@example.com/path/to/object

to return the object directly, but

http://user:badpass@example.com/path/to/object
or
http://example.com/path/to/object

will return a 301 to:

http://proxy.example.com/path/to/object

(The proxy will use the proper u/p to access the server, so we won't have a redirect loop...)

3 comments | post a comment



Poster:pkbarbiedoll
Date:2008-06-25 10:30
Subject:Confirming TRACE is off
Security:Public

Is there a non-telnet method of confirming whether TRACE is turned off? I've added TraceEnable off to my conf file but want to make sure everything is OK. Telnet is disabled on my server.

1 comment | post a comment



Poster:pkbarbiedoll
Date:2008-06-24 18:17
Subject:Configuring SVN and Apache
Security:Public

svn came installed on my RHEL5 box and I am working on configuring the system for use with Apache.

I am using the following tutorial: http://www.howtoforge.com/apache_subversion_repository_p2

Everything seemed OK (no errors) until the section "Setting up the initial repository layout:". When issuing the third command:

svn import /tmp/subversion-layout/ http://127.0.0.1/subversion/


The system returned the following error:

[user@myserver directory]# svn import -m /tmp/svnmessage /tmp/subversion-layout/ http://127.0.0.1/subversion/
svn: PROPFIND request failed on '/subversion'
svn: PROPFIND of '/subversion': 405 Method Not Allowed (http://127.0.0.1)

I did not restart apache before issing the svn import command - is that necessary? Also, I created all of the directories as root. Would that cause this problem?

post a comment



Poster:pkbarbiedoll
Date:2008-04-17 07:45
Subject:Sporadic network timeouts
Security:Public

So, three sites are hosted on a single RHEL5 box, with Apache 2x serving pages. Apache is using IP based virtual hosts.

Every once in a blue moon I try to access one of the sites and receive network timeout errors (doesn't matter if I access via IP or domain name). The other two sites are still up and serving pages quickly - no slowdown or timeouts.

After several minutes the network timeouts go away on their own.

Any ideas?


3 comments | post a comment



Poster:muerte
Date:2008-04-03 13:31
Subject:Apache serving non-php files as php?
Security:Public

My server seems to think the following is PHP and serve it as such:

http://www.perturb.org/tmp/test.php.foo.bar

However... the same file (symlinked)

http://www.perturb.org/tmp/test.php.txt

Is served as text. In fact it appears that apache servers the content as whatever the "last recognizable" extension. Shouldn't apache only server files that END in .php as php files?

The configuration is very simple:

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

2 comments | post a comment



Poster:pkbarbiedoll
Date:2008-03-05 09:25
Subject:Apache SSL, removing passphrase prompt
Security:Public

When my system reboots Apache needs the passphrase to start. I'd like to remove this prompt so the server can start without human intervention. So, according to the docs I can do this:

openssl rsa -in server.key.current -out server.key.new

But I wasn't prompted to enter my passphrase when issuing this command.  The resulting outfile is identical to server.key.current.
Suggestions?

post a comment



Poster:ne_zanimatj
Date:2008-03-05 11:50
Subject:
Security:Public

Good day,
Can I somehow set specific virtualhost for resolving of unregistered in our system domains?

Thanks

post a comment



Poster:pkbarbiedoll
Date:2008-03-03 14:40
Subject:IE7 cert mismatch errors
Security:Public

Some of our IE7 users receive security certificate mismatch warnings with every secure page view on subdomain.domain.net.  The cert was originally issued to www.domain.net. 

 

Is it possible to add aliases to existing certificates (my hunch is no, but I'm not well versed on them)? 

1 comment | post a comment



Poster:shamess_the_elf
Date:2008-01-26 11:24
Subject:
Security:Public

I was playing with my httpd.conf and changed... something apparently, and now (possibly unrelatedly) my .htaccess file for one of my projects isn't working, though it was working perfectly before.

So, I've come to ask what kind of thing within my http.conf could break rewrite rules in my .htaccess, that I could have changed.

PS. I'll remember to back up in future.

FIXED: I just deleted a random AllowOverride statement. Everything *seems* to be working now. And I don't put this server online, so it shouldn't be unsafe.

11 comments | post a comment



Poster:christtrekker
Date:2007-12-21 11:08
Subject:404 for user pages
Security:Public

I've thought of adding MediaWiki to my site just to make it super easy to add content whenever I wanted. I know I could make Apache serve the wiki user page if the ~username URL was requested, but is it possible to make it do that only if it couldn't be found in the more traditional location (like his home dir) first? Would that require some kind of handler script?

post a comment



Poster:tastypuppies
Date:2007-11-16 01:11
Subject:More advanced mod-rewrite
Security:Public

I've recently been switching my site over from a bunch of static HTML pages to PHP using Smarty templating

I've decided to use mod_rewrite to make more attractive and search-engine friendly canonical URLs

I've chosen this format:

http://example.com/some-words/some-more-words/
http://example.com/some-words/
(both are valid, up to 2 such sections as shown)


Notice no ".html"/".php". This is rewritten to

index.php?page=some-words/some-more-words/


The problems:

In the meantime, while I transition to this format, I'm keeping my old static pages up, because there's a lot of inbound links to them that aren't going to get changed (little websites, various forum and blog posts, etc)

I'll eventually get my pages switched over, but in the meantime there's at least one directory I would like to exclude from rewriting. Is there a way I can omit specific URLs from rewriting? I'd like for "example.com/particular-directory/" to be exempt from being rewritten

Another possibly related problem is that I have a few other domains hosted as "add-on" domains to the same hosting package, so their contents are in a subdirectory. So, of course, the URL re-writing directive cascades down and breaks those domains completely. Of course, it only took a few seconds to fix by adding an .htaccess to each subdirectory saying "RewriteEngine Off", but what if I wanted a separate URL-rewriting scheme on those directories? Can I tell it to ignore any other rules that might be applied and start fresh?


My current rewriting rule looks like this:

RewriteEngine On
RewriteRule ^/?([a-zA-Z0-9\-]+/?[a-zA-Z0-9\-]+/?)$ index.php?page=$1 [L]


Is there a flag or other rules that could help me?

(Note: I'm on shared hosting so http.conf etc are not an option)

3 comments | post a comment



Poster:walkingbear
Date:2007-11-14 13:50
Subject:Apache Con
Security:Public

Anyone here in Atlanta at ApacheCon?

Look for the guy in black with the pipe in one hand and a book in the other. That's me.

post a comment



Poster:pkbarbiedoll
Date:2007-09-11 11:01
Subject:Analytics
Security:Public

Our project is interested in buying a solid analytics application for several sites hosted on an Apache server.   What are our best options?

1 comment | post a comment



Poster:mausolos
Date:2007-08-27 11:38
Subject:FilesMatch
Security:Public

I want to generate links with my code like "index_flotsam.php" and "index_jetsam.php" and have apache ignore everything but "index.php". So if the user clicks on "index_flotsam.php" it will just take them to the file "index.php" but will still display the url "index_flotsam.php". I'm using Apache 2.2.4. I have a feeling I could probably do this with the FilesMatch directive, but I'm not entirely sure how. Any ideas?

Thanks!

4 comments | post a comment



Poster:pkbarbiedoll
Date:2007-06-28 10:32
Subject:Problem with verisign cert
Security:Public

We bought a certificate for a domain.   I've set up a few sites with ssl before this, so I was careful to enter the FQDN in my csr request.  A day later Verisign sent the cert in an email, which we copied into a sitename.crt file on the server.   I made an unecrypted version of the key so I wouldn't have to enter the passphrase every time Apache starts.  (yes I entered the passphrase, which was accepted)

So - I start the server without errors.  When I access the site using https://sitename, the browser returns a certificate mismatch error.   The cert details appear with localhost, localdomain, ect, which is not what I entered when creating the csr & key. 

<VirtualHost 1.2.3.4:443>
    ServerName sitename.department.domain.ext
    ServerAdmin abc@123.def
    DocumentRoot /www/virtualhosts/sitename
    ErrorLog /var/log/httpd/sitename-error_log
    CustomLog /var/log/httpd/sitename-access_log common
    SSLEngine On
    SSLCertificateFile /usr/local/ssl/crt/sitename.crt
    SSLCertificateKeyFile /usr/local/ssl/crt/sitename_unencrypted.key
    SSLCACertificateFile /usr/local/ssl/crt/intermediate.crt
</VirtualHost>


Is there a way to print out the details listed in a crt file, from command line?   Can I do the same with the original csr file?  

post a comment


browse
my journal