Hey all I have a problem with an upload-script I wrote It worked fine until I edited upload_max_filesize and post_max

CheapWebHosting.co.nz

Hi folks I figure this is a decent enough place to ask this I own a domain that has never been added to a host

noodl, alright, can you give me an example of anything then that I can use to make sure it is working and configured properly before I start diving into the rules because until I know it works then I can't fault test my own interpretation of the rules

let's try another tact.. RewriteRule . http://apache.org/

you probably want to enable rewrite logging
that will help you debug your rules, too

noodl, so if I place that into a directory it will send me to that URL?
*directory

in to a directory? you didn't mention that before, and your paste doesn't include a directory block
http://wiki.apache.org/httpd/Rewrite/Context

but I am asking if what you were suggesting would would in a Directory
ubut I am asking if what you were suggesting would would in a Directory/u

and thank you rici and noodl so far

sorry didn't really understand what the answer is - any ideas where i should even search for solution

what does your error log say
.. that's step one

ok, so I got it working, RewriteRule . http://apache.org/ did what it was supposed to

9 2007] [error] [client 127.0.0.1] Symbolic link not allowed:

anyone know why MSIE (6&7) seem to only do HTTP/1.0 requests over HTTPS - high grade encryption enforced and have an initial 302 from http to https.

that's good, so mod_rewrite works. next we could fix your rewrite rules, bu like i said earlier, you shouldn't be using rewrite for a simple redirect

thats fine, I won't, like I said, that was just a sample to see if it was working or not
the real option now is I need to redirect all rules that grab images/image1.jpg to grab the image named slightly differently but with a common aspect from another server hosting and display it on my pages url

that's not the most useful log message ever.. you're linking to where from where?
i hope that wasn't a question as it's far to vague to answer

presumably from /home/nik/public_html/muz to somewhere
sounds like FollowSymlinks is not set

indeed, or isn't set at the right point

noodl, nah... it wasn't, lol
I figure at this point mastering the rules is my own journey here
I don't like to ask how to do everything, just when I cannot determine the answer or where the problem usually is etc

afaik, FollowSymlinks has to be set either on the common parent directory, or for both directories linked to or containing the linked file
i like to know which

i did smth like "ln -s /mnt/drive_d/docs ~/public_html/documents"

btw, didn't you stumble into the httpd is checking for foo/bar/file/.htaccess even if foo/bar/file is a file?

yes, ages ago

that's good, that's what we like to see. those pages i linked to on the wiki hosting aren't really 'public' yet but i'm getting there.. read the security one too

that lead to an issue with reiserfs

yeah.. it was brought up again on dev@httpd.. do you remember if there was a thread about it?

sounds good, and thanks again noodl

yes, there was.
if you search for reiserfs you should find it

k, i'll keep searching then. couldn't find it earlier today.
didn't remmeber the reiserfs part
http://issues.apache.org/bugzilla/show_bug.cgi?id=31126
thats it

isn't this issue specifically ext3? niq asked if reiserfs was in play..

well, the code path
it actually tries to open it

still having permission problems with apache/svn.... however, I checked the error_log and got ' client denied by server configuration'?

that caused the bug to stop httpd from working on reiserfs 4
on all other fs, it just fails

http://marc.info/?l=apache-httpd-dev&m=109470495819687&w=4
oh, you found it

client denied by server configuration

Have a look at http://wiki.apache.org/httpd/Errors/ClientDeniedByServerConfiguration for a better idea of what this error message means

^
if let's say one symlinks /home/pony/foo to /opt/tapir/best/nose/ever .. is it necessary to set Options FollowSymLinks on / (as the common parent of both) or on both of those directories?

just /home/pony/foo
i though.
t

me, too.
what is the problem with ext3?

i think there is a default directory stanza for "/" that disallows everything

k, then i've been handing out dodgy advice for a while. need to test..

usually, yes there is

httpd doesn't conacolize the path
we just test IS_SYMLINK
and then check for follow symlink
iirc
so, we still call open(/home/pony/foo/bar.txt)
even though the true path is /opt/tapir/best/nose/ever/bar.txt

um, ok, here is a question, I have used this token before but I forget what it is called, it is similar to servertokens except on error documents etc it will remove the "apache tag

so, we would never run the Directory/File containers against /opt*

does anyone know what that is?

that is interesting. Please continue.

ErrorDocument?
ErrorDocument

ErrorDocument is http://httpd.apache.org/docs/2.2/mod/core.html#errordocument and http://httpd.apache.org/docs/2.2/custom-error.html

ServerSignature

ServerSignature is http://httpd.apache.org/docs/2.2/mod/core.html#serversignature or http://httpd.apache.org/docs/1.3/mod/core.html#serversignature

oh, right.
that one.
we should put the mpm in the server host signature.
servertokens alpha.bloglines.com

Apache/2.2.5-dev (Unix) mod_ssl/2.2.5-dev OpenSSL/0.9.7a DAV/2

chipig, nope

servertokens msk3.ath.cx

Apache/2.2.4 (Fedora) DAV/2 SVN/1.4.3 PHP/5.2.2 mod_ssl/2.2.4 OpenSSL/0.9.8b mod_perl/2.0.3 Perl/v5.8.8

I think noodl may have it

is each process 40 megs?

servertokens web3.igeek.co.uk

Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8b DAV/2 SVN/1.3.2 PHP/5.1.4 igeeeeek

yep, thanks again noodl, it was serversignature

anyone know why IE (6&7) sometimes does HTTP/1.0 requests on HTTPS? i just got a list of useragent strings where it requested HTTP/1.0 (27144 requests) vs HTTP/1.1 (8483 requests) any ideas?

probably
0.86

keepalive over ssl is a tricky business website host because there's two levels, or something. chipig would know :p

yes.
the default httpd config disables http1.1 for IE
because IE is buggy with it

please

(1.1 in https)

hmmm, actually serversignature doesn't seem to be doing what I remember it doing on another server (which I no longer have access to)
I just ran ServerSignature Off and it still displays "Apache" at the bottom of error pages

you can use mod_security to change it to whatever you want

I am wondering if that is the tag I was looking for
imMute, that was at me?

yes

well, if you want to completely change the error docs
you can just write your own
html pages for them etc

i vaguely remember this one from aeons ago too
i think the pages use mod_include

thanks chipig but I am just looking for the quick solution to make the server host less identifiable to common script kiddies

the ones which say Apache

is there any pattern to which IE versions work and which ones don't?

and I know what I am asking is hopeless against an informed one

you can misinform them with mod_security

pretty much everyhting 7 doesn't work right in various ways for http 1.1 over SSL

IE 7 works?

I haven't done extensive testing with 7 in this regards though
some people say it does :-)

IE doesn't work

i'm willing to help give you data of which browsers work and which don't.. altho, this isn't a public site - we have corporate clients that have more or less homoganized environments - so probably not a whole lot of IE 7 in there..
^^

before I continue reading the doc I am reading, is it possible for me to use mod_rewrite to redirect drive a url request to get results from another server without actually changing the URL the client sees?

yes
[P]

[P] is a proxypass. See http://rewrite.drbacchus.com/rewritewiki/Flags_2fP

thanks rici
fajita, good girl

Not all girls are good you know!

it's not actually a redirect

well I will live with it

it will do what you want
if not, adjust your desires according to the possibilities

proxy sounds more like what I was looking for, just didn't have the wording

you can also do that with proxypass if the rewrite is not complicated.
they do the same thing

well at the moment I am dealing with a flash application that was written by someone in our company that started a week and a half vacation on friday and I don't own or use a windows computer let alone know the first fucking thing about flash
so my possibilities are limited untill he returns

it seems there are about 20 HTTP/1.0 requests from IE7 and about 700 HTTP/1.1 requests. rest are 7. sample of 35500. FYI.

that url you just posted rici, I just got a little confused by it, the first line says it allows proxying to be done through mod proxy and then on the same line it says mod_proxy is not required
so...

what?

lol
fajita, stfu

excuse me?

anyways, so I do or don't need mod_proxy?

you do need it
it says so
"you do need to have mod_proxy"
i think your brain interpolated a "not" into that sentence

be homer

Aw, Dad, you've done a lot of great things, but you're a very old man, and old people are useless.

ok
lol
anyways, thanks rici

be homer

Aw, Dad, you've done a lot of great things, but you're a very old man, and old people are useless.

be homer

Mmmm. Hog jowels..replyI am so smart! I am so smart! S-M-R-T!

no worries

pffft

don't do that, you fool

be quiet

shutting up

be homer

D'oh!

be homer

Oh I love your magazine, my favorite section is 'How To Increase Your Word Power'. That thing is really, really, really... good

ummm he says 'really' alot more
be homer

Mmmmmm. Hog jowels.

be family guy
be MacGyver
be sad
be homer

Can't talk. Eating. Go Hell.

finishing*

thanks chipig
later folks

hey noodl, thanks for ur help, i kept reading the discussion and i finally can follow the symlinks now - the httpd.conf wasn't set up correctly
be homer

Aw, Dad, you've done a lot of great things, but you're a very old man, and old people are useless.

where did you set FollowSymlinks in the end?

for the directory that contains the link - and i removed some parts of the options for "/" since i thought they might be overriding what i set
anyways, now it's working which was the objective, and now it's time to make sure the security wasn't altered.... thanks again

k, thanks. /me adjusts his usual stance on where fsl needs to be applied..

Quick help ... it's been about a year since the last time I modified anything on my Ubuntu Apache server. I want to add another domain (already have the domain host forwarded to my IP), I just need to refresh my memory on how to point hits to the correct folder ....

Em3rald, vhost
vhost

vhost is http://httpd.apache.org/docs-2.0/vhosts/ or http://httpd.apache.org/docs/vhosts/

thanx guys, I got 'er figured I just had to muddle about and "remember" how to edit the conf files ... was relatively painless.

it don't work
oops

oops is an understatement... :P

hello there, i have setup a basic authentication, it does work on I.E it prompts for user/pass but on firefox 2.0.x it does not ....

hmm, don't know what to tell you on that one zepmantra

quit and stop all instances of firefox, and move your profile aside (but don't erase), restart.

ok
it now work ! thanks

authentication was cached huh?

yes..

yes.. is you running a proxy

nope, direct on port 80

's a bot.
wow. my FF process was being a hog. down to 290mb ram used, from 850mb ram. :P

forget yes..

lamp, I didn't have anything matching yes

forget yes..

lamp, I didn't have anything matching yes

ok, now

now is the time for all good men to come to the aid of the ... oh, wait. now is now.

i got to pee

screen_away set (un)away, if screen is attached/detached (Andreas 'ads' Scherbaum ads@wars-nicht.de)
it's available on http://www.irssi.org/scripts iirc

directives with, in each one of them, the ServerName (aka the domain name) and the SSCertificateFile pointing on a specific certificate pointing on the domains certificate.

that will not work.

jMCg, and could it work ?

for SSL vhosts, you have to either go for static ip hosting based, or for wildcard certificates.

by using another method

ssl vhosts?

When using SSL, each virtual host must have either its own IP address or its own port. Or both. or for details see http://httpd.apache.org/docs-2.0/ssl/ssl_faq.html#vhosts2 or http://www.onlamp.com/pub/a/apache/2005/02/17/apacheckbk.html or see SNI or consider wildcard certificates or http://wiki.cacert.org/wiki/VhostTaskForce or see ip based vhosts

jMCg, ok
thx

Very welcome.

directive?

AllowOverride

AllowOverride tells Apache what things you wish to permit in .htaccess files. See http://httpd.apache.org/docs/2.2/mod/core.html#allowoverride

when you already have access to the httpd.conf... why then would you want to put it in a .htaccess anyways?

jMCg because to take effect without making restart of apache and to have protection at specific directory inside a virtualhost

apachectl graceful

apachectl graceful is how you restart apache without dropping any client connections. Workers in keepalive will retain old config until they time out. Be patient, or set KeepAliveTimeout lower

Hey all, I have a problem with an upload-script I wrote. It worked fine until I edited upload_max_filesize and post_max_size for uploading bigger files and restarted the server. Now if I upload a file, it won´t be stored on the server, it's just nowhere. What reason could this have?
I changed both values in the php.ini back to normal values, but still the same problem.

first of all, this sounds like PHP oddness. Anyways.. what does "it won't be stored on the server, it's just nowhere." mean?

i've got a problem, http://www.example.com/what.png is returning 404, while http://whatever.example.com/what.png?&& http://123.123.123.123/what.png is returning the images
has anybody met of such issue before?

not the way you describe it.

Well, the script uploaded the file in a folder on my linux-server and converted it (videos) with ffmpeg to flash-files. Now I can't find the files on the server, although the file is sent to the server.

You make no sense.

well yes. it makes no sense at all.
thats why im here.

what can you not find, the uploaded file, or the one you generate?

let's try like this:
elaborate?

You make no sense, try to rephrase your question and elaborate on what you want, what you tried, and what didn't work (paste the error message you see in the error log, usually named error_log or error.log). Also tell us what platform you are on and what version of apache you are using.

and like this:
sample url

Could you please give us a URL at which the behavior is demonstrated. This would help us troubleshoot the problem.

the uploaded file.. the script checks if it´s existant and then starts ffmpeg. But it can´t find it, the folder is empty.

you should be getting errors from PHP.. either on the screen or in the httpd's error log....

I need help with .htaccess. I have set it up and a .passwd file. in my conf I have allowoverride authconfig and it doesn't work. I can still get into that directory (with the .htaccess file)

paste config

hmmm okay.

Ok, I'll check

could i private message you instead?
.. not really wise pasting the url of the domain im having problem with here

Roobarb-Work: config of what? .htaccess or httpd.conf ?

your .htaccess for starters

boohoohooo.. hire someone for handholding. We're here for helping to solve problems. -- also google already has a log thiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiis looooooooooooooooooooooooooooooong of your problem. So if someone is trying to exploit you, he won't be waiting for you to come here, but instead just take the initiative.

oh shutup then.
sound like a kid wannabe.
:/

oi!

you*

if you want us to help diagnose and fix a configuration problem, we need to see the configuration....

play nice!

Yeah, play nice boys and girl!!)replyAsk me nicely and I might join in

how do i redirect *.html to /process.php ?
using mod rewrite

you don't need to

what?

make html be handled by the php handler

that, or use redirectmatch

I need one script to be called withing eny query .html

AddHandler application/x-httpd-php .html
for example

no, I mean using mod_rewrite

granny

Granny Weatherwax tells us the most important thing about magic is when _not_ to use it. The same is true of mod_rewrite.

sorry. It's just that everytime someone comes here who has some or the other kind of problem he things he cannot reveal, it's REALLY REALLY painful to help him.

pastebin it, and chaneg the url to www.example.com

process.php to be ran when someone calls a .html file

does process.php need any argument?

it's really just easier to have the config, and the maybe a sample url too, or at least the output for httpd -S to diagnose and fix.

yes
?pagenamme

hmm lemme pastebin it then

okay, and you don't want the user to see it's not a html file, right?

yes

then RewriteRule (.*\.html) process.php?page=$1 should work in .htaccess files, or prepend a / for main config

I can't find a http-error.log, only the apache-log, and there are no errors.

prepand where? I need it in httpd.conf

*httpd-error.log

http://www.pastebin.ca/561035

what OS are you running apache on?

default layout

Pop along to http://wiki.apache.org/httpd/Info/DistrosDefaultLayout for an idea on where the main distros place Apache files.

Ubuntu Linux

/var/log/apache2/error.log ---- dantist

ok, no error-messages in this file
So, nothing happens at all when I try to upload a file..
But it worked before the apache-restart

this is not an apache problem...
as far as i can tell
is your disk full?

no..

I think not even php is that stupid.. It SHOULD say that it's full...

What else could it be?
You think it's a PHP issue?

that's the general idea here in this channel.
blame php

PHP should be presumed to be at fault until conclusively proven otherwise. And even thereafter, if it's convenient

anyhow, is it your code? if it is, check the error member of the returned structure by file_upload and derivatives

you did not just so happen to have set error_reporting to E_PRETTY_MUCH_NOTHING?

All default values

oh... hm

I need help with .htaccess. I have set it up and a .passwd file. in my conf I have allowoverride authconfig and it doesn't work. I can still get into that directory (with the .htaccess file) It's like apache ignores my .htaccess. The htaccess is = AuthUserFile /var/www/.htpasswd AuthName"name" AuthType Basic require username. Both .htaccess and .htpasswd are chmod 755. AllowOverRide AuthConfig is on .... What's up?

Could you say that again in noob-language?

grep -i max php.ini | grep -v '^;' paste that somewhere.
paste it, most preferably, in ##PHP :P

pastebin your config please
all the irc formatting has screwed it up

Require valid-user?

heh
good man

yes. Tried it

pastebin your config please
apc

Try using http://apache.pastebin.ca - It's a good pastebin, and is even set up to highlight Apache 'stuff'.

your htaccess contents, and the part of your httpd.conf where you have allowoverride

I'm getting a consistent 8 second download time for a 3KB png ...

alternatively read this http://wiki.apache.org/httpd/Recipes/PasswordBasicAuth

can anyone explain that to me on a 100MBs connection and an idle server ... ?

not without more info, or mod_esp

the same connection downloads a 29KB html file in 400ms ...

what file system are you on?
and platform etc
distro

what distro are we dealing with here?

platform

'What Operating System and apache version are you using?'

the server is on ext3 CentOS
apache2

apache2 is a name debian based distros give to the httpd-2.0 release

which is the difference between ServerPath and DocumentRoot? In ServerPath what means "legacy URL"?

not only. "The Apache HTTP Server Project" Apache version 2 is legit to say on redhat based as well.

OK, okstock.

right
http://apache.pastebin.ca/561055

ok, thanks so far.. bbl maybe

you are missing the actual restriction part...
Order allow,deny

Order allow,deny is The Allow directives are evaluated before the Deny directives. Access is denied by default. Any client which does not match an Allow directive or does match a Deny directive will be denied access to the server

Deny from all

Deny from all is Denies access to the resource. See also Order, Allow, and Satisfy.

or Allow from all
this assuming your .htpasswd is correct, and readable, and etc.
and your .htaccess is all well too

brb
Order allow,deny
Allow from all

why didn't you paste it?
this way we'll be pulling information out of you until 2008

sorry

paste all relevant config

You will be!!

also look at the error log

ServerPath in virtualhost is like ServerRoot for the whole server?

it's a couple of line
s

garbage

try putting junk in your htaccess file. If it's being read, you will get an Internal Server Error when accessing that resource.

good thinking
brb
nothin
htaccess is 100% ignored..

ServerPath

ServerPath is 9http://httpd.apache.org/docs-2.0/mod/core.html#serverpath

then you have an allow override none or similar somewhere in your config, overriding your AllowOverride AuthConfig

got it

Hello folks

Hello yourself.

http://apache.pastebin.ca/561070
sorry yango

If I have a ssl cert for *.domain.com I can use it even if I have the subdomains hosted on another IP? b) on the same box?

there you go

section

yes

or in THE (you probably have one alreadu)

Roobarb-Work: multiple IPs on the same box but 1 *.domain.tld ssl cert

I'm going to go. I don't have it here.

still "yes"

Roobarb-Work: ..and for multiple IPs on different boxes but 1 *.domain.tld ssl cert?

hehe

so no point in going

yango++ #food feef

SSL Certificates are tied to HOSTNAMES not IP Addresses

:o
I was of the view (and was told that) I need 1 IP address per 1 ssl cert

in your case they're tied to *.example.com
you do :o)

Roobarb-Work ServerPath in virtualhost is like ServerRoot for the whole server?

but the IP Address doesn't matter
only the ServerName matters - it has to be within example.com
ssl vhost

see 'ssl vhosts'

Great!

ssl vhosts

similarly, if I have multiple domains hosted on a single IP, each can have their own ssl cert installed on the same IP ?

The apache's ssl guide doesn't have these details

read the first link above
SSL handshake happens BEFORE the http request containing the ServerName. Therefore, Apache doesn't know which VHost (ie: certificate) to use.
Ideally you have one IP Address for one SSL VirtualHost

in that case since its NameBasedVirtualHosting, I need 1 cert per 1 IP

The only exception is when you use a wildcard certificate

aha!

since the same certificate is used regardless of the ServerName

I need a little more about wild card cert
and its allowed to be used?

Wildcard certificates are like normal ones, except they match any host in example.com

So I could have multiple *.domain.tld on the same IP for different domains?

foo.example.com and bar.example.com can use the same wildcard cert for *.example.com

yeah, wildcard certs is so going to work for big hosting companies that hosts million of sites

WildCard (2 years $496)

I need these! details to be put in the apache ssl guide

So I could have multiple *.domain.tld on the same IP for different domains? -- NO!

how many IPs per cert or how many cert per IP can be used .. stuff like that

you cannot have more than one 1 cert per ip

the main issue against wildcard certs is that if they get misapropriated, they can be used to make nastysite.example.com look legitimate

1cert = 1IP, and 1vhost
you can however reuse a wildcard, on multiple IP addresses

wildcard cert = many IP and may vhosts
but that is the ONLY way to violate pctony's comment

so if you have 5 vhosts, you can reuse your wildacrd, but apache would need to bind to 5 ip addresses

but still wildcard cert for domain2 will need IP2
and for domain3 an IP3

yes

not true - NameVirtualHost will work with 5 domains and 1 vhost, with a wildcard cert

if you have 1-2-1 NAT to the WAN then you will need lots of WAN IP addreses

*5 vhosts

Roobarb-Work: you are not supposed to use name based vhosts for SSL
read the docs

as I said, wild card certs are the exception to this
precicely because it doesn't matter which cert/key you use fo rht eSSL handshake, because they're all the same across vhosts

Roobarb-Work: do you have that working?

I've used it, yes
I don't like it, but it worked
I'd be the first to say "1 IP per SSL Vhost", unless someone says they have a *.example.com cert
maybe I should write some explicit configs showing what you can and can't get away with.

Roobarb-Work: have you read: http://httpd.apache.org/docs/trunk/ssl/ssl_faq.html#vhosts2

yes I have

which is why i am preaching it wont work

This is an amazing limitation
without any need

no its not

no it aint
SSL handshake happens before you know the VHost to look at (to get the certificate)

the http host header is in the SSL payload, and cannot be determined until it has been handled

I do understand that part

as Roobarb-Work just said

That's ok

Roobarb-Work: jot down a wiki page for this

if I setup some configs to demonstrate wildcard + NameVirtualHost, will you believe me then? :o)

update the httpd ssl page with these facts

wiki.a.o/httpd/

and it'll be cool

Roobarb-Work: if you show me it working, I'll submit a patch to the docs, and wiki
how's that for faor?

works for me

s/faor/fair/

I'll do it on 2.2.4, ok?
just to check it's not an oddity with 2.0.x

trunk, aye

you want to submit a patch so it won't work?

servertokens www.apache.org

Apache/2.3.0-dev (Unix)

a patch to show how "it can be achieved"
Roobarb-Work: 2.3.0 ^^

it IS an amazing limitation. The fact that there's no massively implemented working workarounds yet doesn't make it less of a limitation

ok it is a limitation

Which was my point

but one that has been around for ages

i guess what should be pointed out is that it's not an Apache limitation

very strong caveats need to be taken with this though - it still won't let you do mass-hosting for different domains on the same IP

and has not (thus far) had a suitable workaround

but a protocol limitation

That's supposed to be an excuse?

no carrier: transceiver cable problem?

what, the heck?

what, is 9it time for the quarterly reorganization / office moving?

forget what,

I forgot what,

lol at that
you have the learn mod on it too?

what is supposed to be an excuse?

BOFH was here

shut it

huh?

shush

it not having a solution for ages
That's great
shush
hehe
*laugh*

ssl vhosts

Roobarb-Work: yes agreed, still only one ssl vhost per ip

there are people working on it for ages
too

caveats etc ^^

one _domain_ per IP

yip

Ok, I need to see that patch :p

sni?

sni is Server Name Indication - A way to run https namevirtualhosts. It is currently only supported by Opera 8.0. or See http://journal.paul.querna.org/articles/2005/04/24/tls-server-name-indication?postid=70

aghh good old chipig ^^

Talking about browsers
I heard Apple has a competitor for IE
for windows

Safari, and it's been twatted already

hrmm.. language, please

?
sorry, the "t" word is not regarded as very offensive in the UK
either way - http://erratasec.blogspot.com/2007/06/niiiice.html

Roobarb-Work: indeed it is not, but alas, we are multi-cultural in 'ere

culture? in here?!?
well, theres fe fungus in the corner I guess...

hehe
.uk is a wash with lack of culture (in parts) and then at the same time it is overrun with it

is it bad if your ip-conntrack table fills up on your webserver and you start dropping packets?

is "Alias /foo /bar" enough to tell apache that if a request comes for http://myhost/foo that it should "connect" that request to the /bar directory on my harddisk?

yes

ok, it works (ssl)

which catches all requests made to that ip. Now when I do a http://myip/foo it goes into that virtualhost, instead of that Alias. Is it possible to override that?

Roobarb-Work: pastebin it?

http://apache.pastebin.ca/561149

or email it to me
he
h

I created a sel-signed *.example.com certificate
I have a index.html in each DocumentRoot, containing the ServerName
and I can see both

smart...
ill see if I can wikify that
or you can if you prefer

to be honest, although I have an account, I have no Idea how to put anything a wiki
:o)

put the Alias inside the VirtualHost definition

Roobarb-Work: its easy, add the content

ok, I'll give it a try

then just below the entry box you can use the formatting. I can format it for you later if you want
s/use/see/
Roobarb-Work: just add it to the ScratchPad area please
the rest can be massaged as needed