CheapWebHosting.co.nz
|
CheapWebHosting.co.nz
|
By the way, is 'nobody' a default user setup like
'root'?
no
some distros do create an account called nobody, but it's not
mandatory.
root doesn't have to be called root, either, for that
matter.
let's forget bob for the moment as he's really nobody and
consider gerald. gerald likes reading man chmod :-)
unix, internally, uses small integers as userids
noodl
- /etc/passwd (usually) contains a mapping from name to id,
but it's the id which counts.
the "root" account is id 0
if you are trying to imply I should read chmod in the man
pages. I assure you I use chmod frequently however, I wasn't sure
the connection you made between 'nobody' and world permissions. The
only one that has 'world permissions' as far as I know is the root
user....
root has root permissions
and everybody has world permissions, even bob, nobody &
gerald
owner, group, and world
and they also have an owner (id) and a group(id)
you get owner permissions on a file if your id matches the
file's owner id
similarly for group permissions
otherwise, you get world permissions, which are often zilch
or read-only
read-only is fine.
depending on the resource
(and they run with a group id which i've never understood.
what's the meaning of a process's group?)
it's just an integer
a process has a user id and a group id
and to permissions on an object are based on matching those in turn
to the user and group owner id of the resource
it's a very primitive mechanism
how do one add a user to a group?
a user "has" a group, which is set in /etc/passwd
are you in peru still?
you can add them to additional groups in /etc/group
it's where i live
thought that was work and oxford was home. i stand
corrected
no, vice versa
oxfam is work and peru is home
now, anyway. i'm actually canajun
most unix
host distros create a separate group for each user, which
makes the group mechanism even more primitive.
canadguns++
that's not necessary though.
except ubuntu now days, which puts your avverage user in a dozen
groups :-)
what different levels of users are there? You mentioned
different priviliges
root and everyone else
can you have multiple root users?
you can impose additional levels in various application-specific
manners
Just add them to the root group?
no, group 0 is not special
user 0 is special
you don't have to call it root; in fact, you can have several names
for the same userid but that's a bad idea.
if you want to set up a system with multiple administrators with
partial primitives,
use sudo, very carefully, after memorising the manpages
or investigate selinux or other acl-based systems which improve
granularity of security
that seems excessive for a mostly desktop distro
does that come from debian?
i guess
it has lots of groups like
video, audio, desktop, etc
which let you access /dev/ devices
mostly
we complicate it for you so you don't have to
lol
shall I?
that deserves factoid status
debian
debian is one of the worst offender see "debian config" see
"distro layout" see /usr/share/doc/apache*/README.Debian* or
http://wiki.apache.org/httpd/Platform/DebianLike
yup
so does it make sense to have group that no user belongs to?
Not that it is usefull, but is it allowed?
yes it's allowed
you can function just fine.
no fajita debian is "we complicate it for you so you don't have
to" or see /usr/share/doc/apache*/README.Debian* or http://wiki.apache.org/httpd/Platform/DebianLike
okay, noodl.
of course, some devices and paths might not be available to
you then.
best you join the 'users' group, at the very least
users and groups don't really exist in unix
they're just small integers
in effect, all of them "exist"
you don't need to do anything to create one, since god already
created small integers
you just need to guess the right integers?
heh
I always wondered who was responsible for those.
putting a line in /etc/groups maps a name onto a group
and when you have a cluster of 500 machines, for gods sake,
make the UID mappings consistent.
well having readable group names helps a lot.
you can assign a number as the group id of a file
sure, but it's not core
in the kernel, there are only small integers
names are userland
did god create pi? hope so, pi is good
granted, when your system has less then 10 groups, you can
get away without the names
for sake of sleekness.
i'm not saying it's a good idea
i was just trying to explain the non-existence
the group id is usable whether or not it has a name mapping
I understand it. I apologize if you believed I did not.
and if a file has group owner 1023, say, and you delete the name
associated with that group id,
the file still has group owner 1023
however, I can see some purists coming out and calling
/etc/groups 'bloat'
you only notice it in the case chipig mentioned, where you
have a bunch of servers
keeping the same name-id mappings is critical for your
sanity
or nfs shares.
hence things like netinfo
so how do I specify multiple names to same id mapping?
don't do it
but basically you just add a line to /etc/passwd or /etc/group
with the same number as some other line
it is really a bad idea
I'm aware of that, just curious....
there are much better ways of implementing an ACL
system.
indeed
and thats why god invented extended acls
but on the other hand, the more complicated an acl system is,
the harder it is to audit
besides, the basic unix permissions were not designed for that
purpose.
http://www.xkcd.org/c224.html
unix perms were invented in the days where every bit
counted
screw acls
if you don't trust your sysadmins
make everything else a web interface
it's much easier to manage than say, win32 ACLs
since inheritance now kicks in.
win32 acls fall into the category of "hard to audit"
quite so.
Please stop
also they encourage micro-management of permissions,
providing jobs to netadmins and frustration to everyone
else
sssh, half of that stuff isn't about real security anymore,
its about 'complliance'
PCIS
run away!
if only it were so simple
I once saw a win32 workstations where NO ONE had read access
to any file or directory on the C: partition.
made for a ... quick computer
but, you could just boot an ubuntu live cd :P
i've been known to set up win32 workstations where noone had
write access,
in order to force people to use network storage
that is evil, heh
it made it easier to keep backups
but then you need to train your lusers how to save their
files.
i like that xkcd a lot but not knowing list.. aside from a
the 2001 reference, what's "My god, it's full of
'car's"?
if you set up the registry properly and have a decently fast
lan, they don't really notice
'car' is Lisp for "head of list"
'cdr' is tail
k
for obscure reasons which i happen to know, having been around
then.
but they've survived for geekupmanship
ohhh man... lisp
hehe, so leesiulung, clear now?
obviously, the god in that frame thinks perl is
better
almost as old as fortran
it is clearer, but begs more questions. I stopped asking, as it
will never end... he he he
yup, the original SLIP was written in FORTRAN
FORTRAN II iirc
so this is a personal web host
question, but how old r u guys?
do we have to answer?
I'm a little younger than most dirt
ony if fajita goes first
how old are you?
i am a she.
I think she doesn't undertand..
fajita++
rici either is as old as dirt, likes history boooks, or got a
hold of the beta of Google Time Machine that megaspaz has been
working on
or she's extremely clever
we're all 45 here.
i'm as old as dirt
although i have a friend here with a Mercedes which is older
than me
I'm as young as dirt -18
so i can't claim to be as old as methusaleh, although i have
done
i got started young, though.
we're all 16
RoUS likes digging through dirt
careful, I think you just admitted your age.
+- a few years
if you didn't notice, we're all trying to avoid the
subject
pfft 31, but feeling a much younger BLEEP
uh oh.
http://apps.facebook.com/apps/application.php?api_key=279476229e7a2df92108c458b1fe8519
blah
IRC - Where the men are men, the women are men, and anyone under 18
has a .gov ident.
I feel compelled to admit the same age now.
thats what I ment to paste
... facebook?
you didnt hear? they opened up their apps platform to third
party developers
I suspect rici and I are close in age, but I'm not
tellin.
no, I don't use those things they call 'online
communities'
i'm old enough to remember the cuban missile crisis, if
that's any help
to each his own
bonux karma to whoever can name that year.
bonus, rather.
without googling
I have communities around here that contain live people. I
find that concept much more appealing.
ah... this one is pretty funny: http://www.xkcd.org/c237.html
IRL around here is quite boring
by coincidence, it was the same time as joe weizenbaum was
writing SLIP
does the search box in FF count?
you got me by a few years
not far.
so how old's leesiulung?
18
for instance, there are tons of wonderful golf clubs to explore
in the area
as old as dirt minus 18
that is not a definite number.
aight... I was born on 11/27/1940
as evident by my name
lease my lung?
haha
you might be old, but you don't want my lungs
mine are clean, I never smoked in my life...
thankfully.
luckily im allergic to smoke, so Ill never have to worry
about that
uluckily im allergic to smoke, so Ill never have to worry about
that/u
hi all.
Oook!
all is not in today
I'm having a problem setting up virtual hosts.. well, it works,
but, If I try use the VirtualDocumentRoot, ALL domains I try just
gets to the doc.root specified there.. any solution to
this?
is godaddy down or really slow for anyone here?
faq1
exactly. For example, NameVirtualHost *:80 must be used with
VirtualHost *:80
read that ^^
oh, hm.. thanks, I'll check it out
leesiulung is chinese for bruce lee
interesting
and same for domain2.com, domain3 etc.. what should I make
the same? My VirtualDocument line just looks like this
"VirtualDocumentRoot /var/www/html"
I got to go now... but be back l8er... have to chomp down
dinner....
Thanks for all the help!!!
bah I just figured that out
where are you getting this crap?
container specifies the static ip hosting
number and port
you never said you used "VirtualDocumentRoot
vhost tutorial
vhost tutorial is (http://httpd.apache.org/docs-2.0/vhosts/
read that
oh, sorry..
I should think so too
ok
you specify the servername to match as servername and
(optionally) serveralias
mass vhosts
ask about mass vhost
mass vhost
mass vhost is http://httpd.apache.org/docs/vhosts/mass.html
http://httpd.apache.org/docs-2.0/vhosts/mass.html
http://www.outoforder.cc/projects/apache/mod_vhost_dbi/
Lee Siu Lung
he fooled us by running it all together
that link might help too.
faq1 should still apply. Failing to respect it will make it so
all requests, regardless of the target hostname, will get served by
the first vhost.
they all lead to the VirtualDocumentRoot dir. again, uhm
hm!
(although I've set domain further down
like in ServerName and ServerAlias
where the hell did you get VirtualDocumentRoot?
?
is what you should be looking at
do you want to do mass vhosting?
uh.. dunno lol. I installed webmin and it seems to be there
when I started editing httpd.conf.. not sure if it was there by
default
not sure what mass vhosting is, but probably..
are those valid directives?
mod_vhost_alias
mod_vhost_alias is http://httpd.apache.org/docs-2.0/mod/mod_vhost_alias.html
or http://httpd.apache.org/docs/mod/mod_vhost_alias.html
or a pain in the arse
VirtualDocumentRoot
VirtualDocumentRoot is
http://httpd.apache.org/docs-2.0/mod/mod_vhost_alias.html#virtualdocumentroot
apparently.
I want requests targeted at just my IP to get to
/var/www/html, all requests where a domain is requested, shoudl go
to whereever I've specified in the VirtualHost directive
thanks, I'll check it out
didnt know that, and the other one?
then mass vhosts would not be a solution you should be
entertaining.
k
mass vhosts are useful when you host thousands of sites.
you should probably use NameVirtualHost *:80 and VirtualHost
*:80
oh.. ok. I only plan to have max. 10 domains on this
box
thanks, I'll try it out
and put a ServerName in each VirtualHost block
agreed.
also
default vhsot
huh?
lose the VirtualDocumentRoot directive
default vhhost
huh?
default vhost
The first-listed virtual host is always the default one when
using name based virtual hosts. See http://www.onlamp.com/pub/a/apache/2004/01/08/apacheckbk.html
for more details.
keep that fact in mind
right. the first one.
so put your DocumentRoot /var/www/html in the first one
it's actually pretty simple if you don't complicate it
I wonder where he got his original idea...
probably looking at the hatchet job from webmin
Now it says [warn] NameVirtualHost 207.210.106.1 :O has no
VirtualHosts. I thought this was supposed to be on a line for
itself? I've tried to set the below VirtualHosts to both *:80 and
domain.com without luck..
you need to specify :80 on both the NameVirtualHost and
VirtualHost
then do not define a NameVirtualHost that will not match and
VirtualHost definitions.
oh.. k, thanks, I'll try
they should be textually identicial
identical even
as in character by character
interesting word.
well now they are all NameVirtualHost *:80, and all the
VirtualHosts are also at *:80
..still no workie :/
faq1
exactly. For example, NameVirtualHost *:80 must be used with
VirtualHost *:80
there's only one NameVirtualHost directive
it goes before the first VirtualHost
check your whole config, and restart apache.
how can i know that my webserver support cgi?
hm
write a cgi host
script.
i wrote a cgi and ran it
and what happened?
but it couldn't run
and what happened?
it told me to look into the error log
and?
500 Internal server error
what does the error log tell you?
and i can't look into the logs :P
your cgi blew up
or it produced no output
i don't have access to the logs
either your CGI had an error, or running cgi hosting is not
allowed from that directory.
how can i know in which directory i put my cgi scripts
ugh, terrible grammar there.
they sit where you put them.
i put them in ~/public_html/
what kind of question was that?
you need to put them in a directory which allows cgi's to
run
i saw somewhere ~/public_html/cgi-bin/
in code e.g
that sounds plausible
it depends on how the admin set up apache
that would sound like a more probable location
so i guess i need to contact the admin
or place your CGI scripts in the right location.
didn't they give you a guideline to the setup or something?
maybe that's ask too much. why confuse the customer by telling
them how things are set up.
no. rici
it's cgi in a python script.
but then people are expected to know how web sites work if they
plan on running one.
sure, but a few details are always nice.
make sure you can run the script from the command line before
you try anything else
it's a free shell provider
it's well-known that CGI scripts should run in a directory named
'cgi-bin'
at least for seasoned users.
it's unlikely to give you the right answer, but at least you'll
have checked the shebang line and the execute permissions
how do i run that from command line. python test.cgi ?
cd directory
./test.cgi
where directory is where you put it
-bash: ./test.cgi: /usr/bin/python: bad interpreter: No such
file or directory
aha
python is there though.
there you go.
but i couldn't do whereis python
that will cause a 500 for sure
what does your first line look like, exactly?
#!/usr/bin/python
any way I can specify the default docroot without using the
VirtualDocumentRoot directive?
stanza
the binary might be there, but it might not be functional.
can you invoke it directly?
can you start up python with: /usr/bin/python
only with DocumentRoot directive in it?
i can run python
did you create the file with windows?
if the shebang line ends with a Windows line-end, it won't
work
aaha. the server has netbsd
python
the server will run a unix variant, of course.
/usr/bin/python
-bash: /usr/bin/python: No such file or directory
right, so python is not there
try /usr/local/bin/python
thanks all, finally got it working now!
congratulations.
no not there too.
try find or locate
or 'which'
i suppose it might be in /bin/python
seems a bit extreme
I am not used to this level of hand-holding
really?
this is getting uncompfortable
has #apache gotten more sophisticated lately?
not in /bin/python and whereis and which doesn't return
anything
i've noticed that it's quieter
I usually leave it up to the user at this point.
but you can start it up with just 'python'?
because we're more strict.
rici, yeah
I gave you two more commands. Have you tried them?
locate is giving alot of outputs
well, what do you make of them?
hi
privet, byon.
thumbs, locate python | grep bin worked
it found that in /usr/pkg/bin/python
im having a weird problem,
http://www.toribash.com/phpMyAdmin/themes/original/img/b_sbrowse.png
&&
http://morpheus.toribash.com/phpMyAdmin/themes/original/img/b_sbrowse.png'
we deal with people who can barely use a computer, at
times.
hosted on the same server, but the initial link is not
working
sure
it's hard to dedicate hours to help those out.
thanks alot guys for all the help.
both images show up.
I just made a new linux user and made a www folder in it,
which I made the document root for one of the domains. When I try
direct my browser at this domain I get a 403 - forbidden error.
I've tried to chmod it to 777 witout luck, any idea why I get this?
do I need to chown it to some other user or something like
that?
both images shows up!?!
affirmative.
OMG
what does the error log tell you, exactly?
change the permissions back to where they were
oh.. not sure I've setup any error logs :s
errorlog
errorlog is http://httpd.apache.org/docs-2.0/mod/core.html#errorlog
or the directive that specifies the file in which errors should be
recorded. (Hint: ask me about the error log)
I didnt change any permissions, I just changed the
docroot
you need to tell apache that it's ok to server files from
there
thanks, I'll try setup errorlogs then
oh, hm..
DocumentRoot --whatever--
Directory --whatever--
allow from all
allow from all is a whorehouse, innit?
/Directory
we have a factoid that covers those items.
^^ minimal configuration
i've been away too long
Client Denied by Server Configuration
Have a look at
http://wiki.apache.org/httpd/Errors/ClientDeniedByServerConfiguration
for a better idea of what this error message means
i don't remember them all any more
Oh yeah I've set the Directory.. directive with the same
directory there, and allow from all. but still it doesnt
work
I would venture his error log has that entry.
me too
what does your error log contain, exactly?
well?
guys i can run the script now but ./test.cgi but when i run it
via web it tells me to download the file. i have tried putting it
inside ~/public_html/cgi-bin/ and ~/public_html/ and permissions
are also correct. does that means i can't have cgi on the server
?
guys i can run the script now but ./test.cgi but when i run it
via web it tells me to download the file. i have tried putting it
inside ~/public_html/cgi-bin/ and ~/public_html/ and permissions
are also correct. does that means i can't have cgi on the server
?
cgi
cgi is http://httpd.apache.org/docs/2.0/howto/cgi.html
It just says "access to / denied"
you 'could' try to configure it yourself.
no, it says more than that.
consult the error log, not the access log.
well I put ErrorLog /path/here/errorlog, and thats what that
file contains
(under the VirtualHost entry for that domain, then I browsed to it,
before checkinig logs)
verbatim
Verbatim means "word for word" "copy and paste". It means we
want the exact error message from the error log. That also means
use a pastebin for 3 lines. Ask me about 'apc' for which pastebin
to use.
this is how you ask python where it lives:
python
Programming the way Guido indented it
import sys
print sys.executable
ctl-d
too late now, but wtf
quality of help
the level and quality of help you will receive is directly
proportional to the amount and accuracy of the information you
give.
^^
hm. any way I can get some more info from the error
log?
yes. Don't interpret it.
what do you mean? (srry my english aint the best..)
verbatim
Verbatim means "word for word" "copy and paste". It means we
want the exact error message from the error log. That also means
use a pastebin for 3 lines. Ask me about 'apc' for which pastebin
to use.
I have work to do, you better hurry.
well?
well, have fun
bedtime here
take care. Thanks for the help.
ah shit.. uhm.. hm! I dont think I interpret it? I just typed
"ErrorLog /path" :s
don't interpret THE CONTENT.
if necessary, pastebin its content on a pastebin
how do I avoid interpreting it? all it says is access denied to
/
*sigh*
copy the content of the error log, and paste it on a pastebin.
NOW.
and also AddHandler cgi-script .cgi does it means i am able to
run cgi on it ?
You have 2 minutes.
affirmative.
and it permits me to put them into ~/public_html. according
to the above settings ?
yes.
http://papernapkin.org/pastebin/view/542
anyone know to force apache to stopat Alias?
instead of passing it to proxy?
(13)
(13) indicates a file permissions problem. Make sure that Apache
can read the file(s) and directories being accessed. See also
http://wiki.apache.org/httpd/Errors/13PermissionDenied
so why does it happens that when i http://server.example.com/~user/test.cgi
it tells me to download the file and not run it
have fun reading. I'm off.
ok, thx for all. cya
permissions are -rwxr-xr-x 1 user group
whats a nice set of permissions to have for my docroot? 755
ok?
http://papernapkin.org/pastebin/view/543
won't this stop processing if its a valid directory?
tried chowning the new www dir to both apache and the new user,
aswell as chmoding it to 777 - still no workie :s
*sigh* I hate apache's proxy
http://papernapkin.org/pastebin/view/544
need to make sure it stops processing if it hits a directory
as in don't pass to proxy
if you want mod_rewrite to control proxying, you'll have to do
the proxying with mod_rewrite (see [P])
Last just means stop rewriting, not stop processing the
request
mod_security
mod_security is http://www.modsecurity.org/documentation/index.html
I'm running apache+mysql on a box with 64MB ram. what can I
do to optimize it except decreasing StartServers,
Min/MaxSpareServers and MaxClients ?
I mean like what modules should I be able to remove?
..or anything else?
buy more frickin' ram
can't, I think the DC is full :|
Its a $7 vps I've had for over a year now.. fun to play around
with.. takes only a few min to reload the OS/backup if I screw up..
pretty cool =p just afraid of it going really slow if its a couple
users browsing.. never tested .
anyways I have changed the docroot from the default to a newly
created users homedirectory. But when trying to browse the domain I
get access denied, errorlog just says "access to / denied" - any
way to fix it, or is there any new permissions I gotta
set?
you still there?
hi
salut, HombreMagique.
I realized my original question was never answered. Do I need to
setup a separate user for Apache through the system passwd
file?
yes, usually you set some user for running apache httpd
any gentoo user?
i can't start up apache service, and i get no errors in
logfiles
is there a nice naming convention for structuring user names
& groups for various programs?
hrm, apache complains about Apache2.pm not being in @INC, and
CPAN.pm claims to "know nothing about this Apache2 i speak
of"
well, I think characteristic name should be used. e.g. apache
or httpd for Apache HTTPd, tomcat for Apache Tomcat, mysql for
MySQL Database etc
or sometimes when you have multiple server instances, name that
describes the usage of instance
I was thinking something along the line of, how apache daemon is
known as httpd, perhas a username would be httpu? Kind'a like
variable names have certain conventions in naming.
However, there simply might not be one. Another issue is using
apache username is that not too obvious?
obvious for what?
ohh sorry, for guessing usernames
I think many linux distros use apache, Solaris10 has user
webservd by default and so on. I don't think there's any strict
naming convention.
is it a bad idea to group multiple internet facing programs
under one group for easy managment? It seems like it would defeat
the very purpose of running it as a separate username.
I mean username = user.
apache user don't need to login, the account should be
non-login / locked (depending on what possibilities os
offers)
so I don't set it up in passwd file?
leesiulung, it is in the passwd file, just without a pw
yes you do but you set password in /etc/shadow e.g. to *LK* or
NP (check you OS docs, those are Solaris values)
or with the shell as something like /bin/nologin
I see, that is what the shadow file is for....
bingo
and bingo was his name-o.
can someone tell me why apache 1.3 returns errors while
apache 2 works with this mod_rewrite rule? RewriteRule
^page/([A-Za-z0-9-\/._]+)?/?$ page.php?/$1 [R]
apache 1.3 shows me an internal error page or something
does anyone know if there is some php thing I can download so
that people can upload files to my server
over http
that are hundreds of php file manager thingies
do any of them not require a SQL database?
i want my friends to be able to upload stuff to my server
do you want user authenticatoin?
i'll add "how hard is it to set up an sql database
anyway?"
mod_perl2
excuse me?
mod_perl
mod_perl is another way for Apache to run perl code;
documentation and downloads are at http://perl.apache.org
anybody here has issues with iPowerWeb as a hosting
company?
or something??
ssi
ssi is http://httpd.apache.org/docs/howto/ssi.html
or http://httpd.apache.org/docs-2.0/howto/ssi.html
^^
Checking it out
Thanks
file within another
possible to include depending on GET/POST parameters? ( is it
possible to handle get/post in Apache )
wow
[ Jinx_Dojo] capitalization is aesthetically pleasing to the
eyes.
not really - HTML isn't designed for that - use something
like CGI or PHP instead
hello, with .htacces i can setup a condition like this;
RewriteCond %{REQUEST_URI} !index.php... Is it somehow possible to
extend that condition to something like this? RewriteCond
%{REQUEST_URI} !index.php?p=whatever
I don't believe that Apache will see the Query String
but try it
Roobarb-Work: i have tried it, but all i get is some
proxy-error
good morning
Good morning, sunshine! Welcome to another fabulous day in
#apache.
IIRC, in .htaccess all you get is the REQUEST..uhm.. yeah.. I
forgot.
Hello pctony
what does the browser send when the Cancel button is pressed
on a password prompt dialog?
hey guys how do I find out if my apache server is using
worker mpm or prefork mpm
httpd -V
httpd -v returns Apache's version number. httpd -V returns
compile settings.
thank you
I'm not certain that this is related to apache, but wondered
if you guys have any ideas. Sometimes performance over SSL is
pretty bad, sometimes its fine, and it changes between the two
frequently. non-ssl performance is always good
it appears that the time is taken in 'beginning' the connection
is there anything obvious i can check?
tim^: your bandwidth sucks?
jMCg, that crossed my mind, but i dont think that's it. once
the data starts coming it comes quickly
it seems to be in establishing the connection, but that's really
just a guess i don't know much about this
hi
hi MicW
i want a rewrite rule within a .htacces fille. it should
rewrite anything.htm to page.php. all files are within a
subdirectory of the document root.
when i specify (subdirectory)/page.php as rewrite target, it
works
tim^: you do not happen to exchange certificates of some
2305492358 TB or something..?
but i have different subdirectories on my local server and
the online server
so i would like to avoid that extra path
who can i do this?
a) rename the subdirectory b) put the htaccess file in the
subdir
.htaccess is in the subdir
jMCg, im not sure what you mean, which i guess means i'm
probably not?
then what's the exact problem, MicW ?
tim^: how big are your certificates?
Oh, I think I get it now.. try with RewriteBase /thesubdir
and just put page.php without subdir
then you'll only have to change the RewriteBase line in the
htaccess file
but it's still easier to rename the subdirs :P
but i dont's want to have the name of the directory in my
.htaccess (because i want to use in on both servers)
jMCg, apache.pem is 2.2k (and there's a symlink to it called
214663b8.0)
and i have the line SSLCertificateFile /etc/apache2/ssl/apache.pem
in the config (just to make sure thats what you meant by the size
of the certificate)
2.2k is one shitload of data.. I mean.. you'd need TWO floppy
disks to fit that!
k yeah not mb
not even one track of one floppy disk
(DSQD with 512 byte sectors)
Well.. almost.
about 18 x 2 sectors per track I think ?
anyone know that :p
??
i didn't :p
ta for the suggestions anyway jMCg, i'll let you know when i
eventually get to the bottom of it
tim^: I suggest you bug lamp -- he's the local SSL hero.
heh, don't suppose you're aroudn at the moment are you
lamp?
He probably hid the moment I said his name
bi all!
goodby yourself!
does anyone has experience on meassuring transfer rate of
apache? or wich logs should be enabled for logging the transfer
rate on .log files?
;P yango
stats
3 2007, there have been 400 modifications and 374 questions.
I have been awake for 1 day, 12 hours, 46 minutes, 28 seconds this
session, and currently reference 166314 factoids. Addressing is in
optional
transferlog?
transferlog is
http://httpd.apache.org/docs-2.0/mod/mod_log_config.html#transferlog
you mean....
analysis
analog awstats webalizer visitors webtrax http-analyze awffull
sawmill summary hitbox webtrends
statistics?
97.3% of all statistics are made up.
s/you/do &/
hmmm
sorry but don't see transfered bytes anywere... look one
line...
huh?
6 +0200] "GET / HTTP/1.1" 200 3862 "-" "Mozilla/4.0
(compatible; MSIE 6.0; Windows
5.1; SV1)"
excuse me?
where is here the transfer rate?
3862?
that is the bytes transferred..
aahm..
there's that kind of logging...
mod_logio
mod_logio is http://httpd.apache.org/docs-2.0/mod/mod_logio.html
Nah.. there must be more...
looking at...
mod_log_forensic
mod_log_forensic is http://httpd.apache.org/docs/2.2/mod/mod_log_forensic.html
mod_usertrack
mod_usertrack is http://httpd.apache.org/docs/2.2/mod/mod_usertrack.html
http://httpd.apache.org/docs/2.0/mod/mod_usertrack.html
http://httpd.apache.org/docs/1.3/mod/mod_usertrack.html
None of which log the actual rate.
not locking
loging
Ola.
I think you're better off with some analysis tool... I think
those *might* do the kind of thing you're looking for, right yango
?
wich kind of tools you'd say?
analysis
analog awstats webalizer visitors webtrax http-analyze awffull
sawmill summary hitbox webtrends
so then there's no way of knowing the transferred bytes
modifying loging format or with any apache module?
what's wrong with the number of bytes transferred?
yes, analysis tools do that, but they base their calculus on
that number
blind guessing?
he's looking for a transfer *rate*
nothing but in the line passed before for example I don't
have any send or received bytes... so...
what line?
6 +0200] "GET / HTTP/1.1" 200 3862 "-" "Mozilla/4.0
(compatible; MSIE 6.0; Windows
this is my transfer log
there you have a nice 3862
anyone know how to handle a request first using mod_python
and then using mod_php?
so we could say 200 received and 3862 sent?
no, 200 is the status code and 3862 sent
received would be "GET / HTTP/1.1"
wow... uhm.. let's start the other way around... what are you
trying to accomplish?
ok let's check....
plus some headers...
I guess the best you can do is to place a sniffer just after httpd
and capture everything for you, or to use a proper network
monitoring tool
monitoring?=
monitoring?
monitoring is see munin, mrtg, cacti, mod_status
I have an auth system written in Python, and I want to be able
to protect PHP applications (and potentially other types of
applications) using it
it seems the best way would be to write a Python filter to
"fixup" some headers which would then be passed to the underlying
application to indicate which user is currently logged
in
you could hook up your script as Input filter.
inputfilter?
Or not...
not is mandatory, but recomended
ok but then if I entered %I and %O as said in the web you passed
me http://httpd.apache.org/docs/2.0/mod/mod_logio.html
I entered that and then why am only receiving sent packets?
or another way question
where could I download mod_logio?
is it enabled by default? although is not listed in
mods-enabled?
httpd -M
httpd -M lists both statically and dynamically loaded modules
for apache version 2.2 and higher
what's your concrete need? you should probably look at some of
those monitoring tools instead of diggind deeper in this
path
http://httpd.apache.org/docs/2.2/filter.html
take a look at this.. might help you.. or confuse you.
have not that command
although I'm running apache etch that is 2.2.3...
but apache2ctl -M works
logio is loaded
and then why could I not been receiving received bytes+
Hello. I installed apache 2.2 on my ubuntu machine through
apt-get and everything was ok, but apache2.conf does not have
anything about ScriptAlias, neither I can find in my filesystem any
folder named cgi-bin. How can I fix this?
Ind[y]: cgi-bin should be in /usr/share/apache2/ IIRC
Or maybe not.
default layout
Pop along to http://wiki.apache.org/httpd/Info/DistrosDefaultLayout
for an idea on where the main distros place Apache files.
thanks, I'll check it out
ok
thx
working know
:?
thanks a lot mates lol
one momment
can I ask a question
well dont know what damn has happened to this xp box thatI
cant write ok
but is solved
any experts on the HTTP protocol here?
thanks a lot mates truthly
bye!!!!
take care, hon
can I ask a question
ask
so, when a server sends UNAUTHORIZED for password prompt, what
is the code that should be sent if the pass is right?
ACCEPTED?
question?
If you have a question, please go ahead and ask it. We have
the answers... or a whole lot of sarcasm...
how can we help?
what question shall I ask?
byon, see above, I need help with statuscodes for http
servers
IIRC, none, it should just send 200.
what question shall I ask
O_o
cant find your text
went above my limited buffer
I want to ask a question
Hi
how to restrict url with password ?
hi! how to brake down apache logs by months?
I want to ask a question?
auth
http://httpd.apache.org/docs/2.2/howto/auth.html
look at http://wiki.apache.org/httpd/Recipes/PasswordBasicAuth
for some basic examples!
^
by using a logrotate or rotatelogs or cronolog
I want to ask a question
tag ?/
excuse me?
I want to ask a question
fajita, if I use userdir module
i'm not following you...
I want to ask a question
files
files is http://httpd.apache.org/docs-2.2/mod/core.html#files
you're a bot, right?
yes, I am a bot. and you suck
just a bored kid
hi folks, do we have any splashcache experts in the
house?
spashcache?
i don't know, jmcg
affectionately know as splatcrash IMLE
known
hi all
All is not in today, kokoko1
cool
i am getting this http://rafb.net/p/WRmAS153.nln.html
in daily logwatch
any idea what does it mean, this virtual machine is hosting lot of
sites and from last few days its going unresponsive after running
for few hours.
someone is trying to access your http site with ssl or vice
versa.
it was cool from last 2 years but recently it start giving
problem 'unresponsive' to http request and not even let me ssh, i
have to rebooted it from host
jMCg, does it effect httpd?
Either that, or someone is trying to exploid you
it shoot the vm load to 30+
consequently vm gone unresponsive
so... lamp, yango, pctony - ssl stuff or exploit?
I suggest you go for
mod_security
mod_security is http://www.modsecurity.org/documentation/index.html
I do believe that this is some or the other form of
exploit.
jMCg, we are also hosting lot of php site, so you thinks it
should be some php code ?
if it's PHP, you can never be sure
Anyone know where I can find precompiled versions of the ssh2
and/or curl?
jMCg, now where to go
This httpd pita for me, its awake me in the middle of
sleep
usually from your Operating System vendor, Distributor or
from third parties offering packages for those.
hi there, anyone knows if i could get apache to resolve
hostnames through my local /etc/hosts file? it seems to completly
ignore my entries there
what hostnames? Those of clients?
example.com" to my hosts file
but i always get a proxy loop error
thanks for taken your time @JMCg
looping?
looping is http://rewrite.drbacchus.com/rewritewiki/Looping
maybe you could use RewriteMap for that?
set this back to default
http://httpd.apache.org/docs/2.2/mod/mpm_common.html#maxrequestsperchild
[it's usually set to 0, which means infinite, which is not good if
you have sucky applications/modules]
hi again lamp , you recently helped me with using an other name
(badthing)
Rewriterule / http://vhost/
jMCg, okay setting it to 0 atm its MaxRequestsPerChild
100
if i would get apache to check my /etc/hosts before doing a
dns query it should point to a differen server and not back to
itself
it's WHAT?
it should be, as I said set to default, which is 10000
0 = bad, but 100 is even worse!
hmm right
jMCg, setting it to 1000, this host giving me very taugh time form
last 5 days
duno what has been changed, but i am sure we didn't changed any
httpd.conf settings.
i don't see how rewritemap could help in this case :/
when 'graceful' it gives the below error in err.log
7 2007] [error] (9)Bad file descriptor: apr_socket_accept:
(client
is it okay, can i ignore it?
however not on stopping/starting
well, you could use http://vhosts.internal/ as target and
then edit vhost.internal in hosts-table. and use ProxyPreserveHost
if needed
no, YOU CANNOT IGNORE ERRORS.
Right i'll not but apparently google not showing anything
useful for this error.
pointing same name to different places in different networks
often causes troubles
did you upgrade httpd/apr without upgrading apr/httpd?
you may have just found the solution and (second time within
one week) made my day
thx will try that
jMCg, i have to check yum logs, we usually keep hosts updated
using yum
8 Updated: httpd.i386
its been more then one month the httpd has been updated, however
httpd giving problem from 6 days
hmm, my outputfilter isn't being run on 404 errors
you could specify the script to be run on 404 as well..
Errordocument
Errordocument is http://httpd.apache.org/docs/2.2/mod/core.html#errordocument
and http://httpd.apache.org/docs/2.2/custom-error.html
hmm, maybe I'll just try not using an output filter
That of course is an alternative.
Related Topic:
Can someone answer me the question if i can connect my apache with an active directory 2000 server through mod_authnz_ldap
