You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Suzy Fynes <su...@sentenial.ie> on 2005/11/29 13:34:37 UTC

[users@httpd] reverse proxy with Apache 2.0

Hi, 

I'm trying to run my Web Service
<http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21645323.html>
through apache with a reverse proxy and I'm having trouble setting up
the configuration. I set it up fine locally from a windows machine but
when i try to use it on a linux server
<http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21645323.html>
my web
<http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21645323.html>
service client just isnt going anywhere, not connecting to the server at
all! 

I have the following in my apache conf file

<VirtualHost *:443>

    SSLEngine on
   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL
<http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_21645323.html>
v2:+EXP 
   SSLCertificateFile /home/Service/certs/web_server_cert.pem
   SSLCertificateKeyFile /home/Service/certs/web_server_pk.pem  
  
    ServerName beta.testing.ie
    ErrorLog /home/logs/reverseProxy-error
    CustomLog /home/logs/web_services.access_log common

    #
    # The following is sample code to allow proxification
    #
    ProxyRequests Off
    <Proxy *>
    Order deny,allow
    Allow from all
    </Proxy>

    ProxyPass /webservices/Service/doc-literal
https://localhost:9000/Service/doc-literal
    ProxyPassReverse /webservices/Service/doc-literal
https://localhost:9000/Service/doc-literal
</VirtualHost>

The certs i want to use were created with OpenSSL and aren't
authenticated for the server, is there anyway i can tell my client to
just trust my OpenSSL certs without complaining???

Thanks!!
Suzy

[users@httpd] SuExec and symlinks, again

Posted by Oscar Haeger <Os...@nbit.sigma.se>.

Hi.

I have another question about SuExec and symlinks. Now I've found out 
that linking to executables via symlinks violates SuExecs security 
model.

However, suexec only checks for things inside docroot doesn't it? If a 
symlink is present outside of that it wouldn't violate the security 
model and would as such the cgis could be run, is this correct?

Could I symlink "public_html" to "my_own_private_html"-dir and things 
would work? What if my homedir was a link, would that work?

Any input is appreciated.

Oscar

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org