You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Roger Goudarzi <ro...@arkasoft.com> on 2014/08/11 11:30:58 UTC
[users@httpd] unsubscribe
Kind Regards
RMG
--
Roger Goudarzi
Email: rogerg@arkasoft.com
WWW: http://www.Arkasoft.com
T:+1-(408)-660-3635
F:+1-(408)-493-4576
UK: +44-779-461-5892
On Aug 11, 2014, at 10:27, users-digest-help@httpd.apache.org wrote:
>
> users Digest 11 Aug 2014 09:27:27 -0000 Issue 4869
>
> Topics (messages 109829 through 109853)
>
> Re: Use Allow from IP when there is a proxy exist?
> 109829 by: Pete Houston
> 109830 by: Igor Cicimov
> 109831 by: Mark jensen
> 109832 by: Igor Cicimov
> 109833 by: Tom Evans
> 109836 by: Igor Cicimov
>
> Rewrite and automount question
> 109834 by: Rose, John B
> 109839 by: Rose, John B
> 109840 by: Rich Bowen
> 109843 by: Rose, John B
> 109845 by: Nick Kew
>
> Re: Windows Apache 2.4.9 restarts itself
> 109835 by: Jeff Trawick
> 109846 by: Jeff Trawick
>
> Apache.org server-status
> 109837 by: Rose, John B
> 109838 by: Jeff Trawick
>
> Re: ApacheCon CFP closes June 25
> 109841 by: Rich Bowen
>
> Re: Order of applicatoin of sites-enabled configs
> 109842 by: Rich Bowen
>
> How to forbid browsers to cache some pages?
> 109844 by: Mark jensen
> 109847 by: fedora
> 109848 by: Mark jensen
>
> Apache 2.2:How to enable module: mod_expires.c
> 109849 by: Mark jensen
> 109850 by: Eric Covener
> 109851 by: Mark jensen
> 109852 by: Pete Houston
>
> SSL Library Error: error:2D06D075:FIPS routines:fips_pkey_signature_test:test failure (Type=RSA SHA1 X931)
> 109853 by: Abdul Anshad
>
> Administrivia:
>
> ---------------------------------------------------------------------
> To post to the list, e-mail: users@httpd.apache.org
> To unsubscribe, e-mail: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-digest-help@httpd.apache.org
>
> ----------------------------------------------------------------------
>
>
> From: Pete Houston <ph...@openstrike.co.uk>
> Subject: Re: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 7, 2014 at 22:49:55 GMT+1
> To: users@httpd.apache.org
>
>
> On Thu, Aug 07, 2014 at 09:19:10PM +0000, Mark jensen wrote:
>> How can I make Apache to deal with the client IP not the proxy IP?
>
> Use mod_remoteip.
>
> Pete
> --
> Openstrike - improving business through open source
> http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
>
>
>
> From: Igor Cicimov <ic...@gmail.com>
> Subject: Re: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 7, 2014 at 22:56:26 GMT+1
> To: users <us...@httpd.apache.org>
>
>
>
> > But what if we use proxy (squid) in front, then the source IP will be the proxy IP, How can I make Apache to deal with the client IP not the proxy IP?
> >
> You mean tell squid to send the source ip to apache? Check squid documentation how to do that or set proxy-for header. What can apache do about something it doesnt know about?
>
>
>
>
>
> From: Mark jensen <ng...@hotmail.com>
> Subject: RE: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 8, 2014 at 2:15:50 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> I have found something like that, iS it true to use it:
>
> Your .htaccess file:
> # ALLOW USER BY IP
> order deny,allow
> deny from all
> SetEnvIF X-Forwarded-For "1.2.3.4" AllowIP
> SetEnvIF X-Forwarded-For "5.6.7.8" AllowIP
> Allow from env=AllowIP
> allow from 1.2.3.4
> allow from 5.6.7.8source: http://frustratedtech.com/post/42641261089/htaccess-file-to-block-ips-coming-from-varnish
>
>
>
> From: Igor Cicimov <ic...@gmail.com>
> Subject: RE: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 8, 2014 at 9:23:40 GMT+1
> To: users <us...@httpd.apache.org>
>
>
>
> > Your .htaccess file:
> > # ALLOW USER BY IP
> > order deny,allow
> > deny from all
> > SetEnvIF X-Forwarded-For "1.2.3.4" AllowIP
> > SetEnvIF X-Forwarded-For "5.6.7.8" AllowIP
> > Allow from env=AllowIP
> > allow from 1.2.3.4
> > allow from 5.6.7.8source: http://frustratedtech.com/post/42641261089/htaccess-file-to-block-ips-coming-from-varnish
> >
> Looks sane to me although don't see the need for the last 2 allow since they are already included by the previous "Allow from env=AllowIP". You can also use regexp like:
>
> SetEnvIF X-Forwarded-For "1.2.3.4|5.6.7.8|7.8.9.[2-5]|3.4.5.[69]" AllowIP
>
> just as example.
>
>
>
> From: Tom Evans <te...@googlemail.com>
> Subject: Re: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 8, 2014 at 14:20:50 GMT+1
> To: users@httpd.apache.org
>
>
> On Fri, Aug 8, 2014 at 9:23 AM, Igor Cicimov <ic...@gmail.com> wrote:
>>
>>> Your .htaccess file:
>>> # ALLOW USER BY IP
>>> order deny,allow
>>> deny from all
>>> SetEnvIF X-Forwarded-For "1.2.3.4" AllowIP
>>> SetEnvIF X-Forwarded-For "5.6.7.8" AllowIP
>>> Allow from env=AllowIP
>>> allow from 1.2.3.4
>>> allow from 5.6.7.8source:
>>> http://frustratedtech.com/post/42641261089/htaccess-file-to-block-ips-coming-from-varnish
>>>
>> Looks sane to me although don't see the need for the last 2 allow since they
>> are already included by the previous "Allow from env=AllowIP". You can also
>> use regexp like:
>>
>> SetEnvIF X-Forwarded-For "1.2.3.4|5.6.7.8|7.8.9.[2-5]|3.4.5.[69]" AllowIP
>>
>
> Looks insane to me. If squid is setting X-Forwarded-For and you trust
> squid, use mod_remoteip or mod_rpaf2 so that apache knows the real
> client address and will use it in authentication and logging.
>
> Using string matching, or even worse, regexp matching on
> X-Forwarded-For is a mistake as it is error prone - you must specify
> your authentication as a string or regexp, not as it's native type -
> and worse it is potentially malicious as squid does not scrub
> X-Forwarded-For, it appends to it, making your simple string match
> easily exploitable.
>
> mod_remoteip and mod_rpaf both know about X-Forwarded-For, they allow
> you to specify which hosts you trust to add X-Forwarded-For, and they
> interpret the X-Forwarded-For correctly as an IP address, allowing you
> to specify your configuration in it's natural form.
>
> Cheers
>
> Tom
>
>
>
>
> From: Igor Cicimov <ic...@gmail.com>
> Subject: Re: [users@httpd] Use Allow from IP when there is a proxy exist?
> Date: August 8, 2014 at 15:40:47 GMT+1
> To: users <us...@httpd.apache.org>
>
>
>
> On 08/08/2014 11:21 PM, "Tom Evans" <te...@googlemail.com> wrote:
> >
> > On Fri, Aug 8, 2014 at 9:23 AM, Igor Cicimov <ic...@gmail.com> wrote:
> > >
> > >> Your .htaccess file:
> > >> # ALLOW USER BY IP
> > >> order deny,allow
> > >> deny from all
> > >> SetEnvIF X-Forwarded-For "1.2.3.4" AllowIP
> > >> SetEnvIF X-Forwarded-For "5.6.7.8" AllowIP
> > >> Allow from env=AllowIP
> > >> allow from 1.2.3.4
> > >> allow from 5.6.7.8source:
> > >> http://frustratedtech.com/post/42641261089/htaccess-file-to-block-ips-coming-from-varnish
> > >>
> > > Looks sane to me although don't see the need for the last 2 allow since they
> > > are already included by the previous "Allow from env=AllowIP". You can also
> > > use regexp like:
> > >
> > > SetEnvIF X-Forwarded-For "1.2.3.4|5.6.7.8|7.8.9.[2-5]|3.4.5.[69]" AllowIP
> > >
> >
> > Looks insane to me. If squid is setting X-Forwarded-For and you trust
> > squid, use mod_remoteip or mod_rpaf2 so that apache knows the real
> > client address and will use it in authentication and logging.
> >
> > Using string matching, or even worse, regexp matching on
> > X-Forwarded-For is a mistake as it is error prone - you must specify
> > your authentication as a string or regexp, not as it's native type -
> > and worse it is potentially malicious as squid does not scrub
> > X-Forwarded-For, it appends to it, making your simple string match
> > easily exploitable.
> >
>
> Not if you use "forward-for truncate"
>
> > mod_remoteip and mod_rpaf both know about X-Forwarded-For, they allow
> > you to specify which hosts you trust to add X-Forwarded-For, and they
> > interpret the X-Forwarded-For correctly as an IP address, allowing you
> > to specify your configuration in it's natural form.
> >
> > Cheers
> >
> > Tom
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
>
> From: "Rose, John B" <jb...@utk.edu>
> Subject: Rewrite and automount question
> Date: August 8, 2014 at 14:51:56 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> We have experimented with using Rewrite to replace /~someuser with /someuser
>
> However there is a problem with systems using automounter in the case of an http request for a non-existing http://someserver.com/someuser
>
> Anyone have a way to implement the above without doing undesired automount attempts of a non-existent "someuser"?
>
> Thanks
>
>
>
>
>
> From: "Rose, John B" <jb...@utk.edu>
> Subject: Re: Rewrite and automount question
> Date: August 8, 2014 at 16:59:20 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> mod_userdir does not seem to cause superfluous automounter attempts when an http request to a non-existent web address, http://website.com/~someuser, is received
>
> Is there some way to implement that mechanism with http://website.com/someuser http requests for a nonexistent "someuser"?
>
> From: <Rose>, John Rose <jb...@utk.edu>
> Date: Friday, August 8, 2014 9:51 AM
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
> Subject: Rewrite and automount question
>
> We have experimented with using Rewrite to replace /~someuser with /someuser
>
> However there is a problem with systems using automounter in the case of an http request for a non-existing http://someserver.com/someuser
>
> Anyone have a way to implement the above without doing undesired automount attempts of a non-existent "someuser"?
>
> Thanks
>
>
>
>
>
> From: Rich Bowen <rb...@rcbowen.com>
> Subject: Re: [users@httpd] Re: Rewrite and automount question
> Date: August 8, 2014 at 20:24:44 GMT+1
> To: users@httpd.apache.org
>
>
>
> On 08/08/2014 11:59 AM, Rose, John B wrote:
>> mod_userdir does not seem to cause superfluous automounter attempts when an http request to a non-existent web address, http://website.com/~someuser, is received
>>
>> Is there some way to implement that mechanism with http://website.com/someuser http requests for a nonexistent "someuser"?
>
> What's automounter? Is that some process that mounts a user's home directory on a remote share or something?
>
> I suppose you could query a list of valid users on server startup, and use that (via mod_macro or something?) to generate a list of Alias directives? Or possibly use a RewriteMap to do the same thing based on a list of users, although RewriteMap can be a bit of a performance bottleneck.
>
> --Rich
>
>
>>
>> From: <Rose>, John Rose <jb...@utk.edu>
>> Date: Friday, August 8, 2014 9:51 AM
>> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>> Subject: Rewrite and automount question
>>
>> We have experimented with using Rewrite to replace /~someuser with /someuser
>>
>> However there is a problem with systems using automounter in the case of an http request for a non-existing http://someserver.com/someuser
>>
>> Anyone have a way to implement the above without doing undesired automount attempts of a non-existent "someuser"?
>>
>> Thanks
>>
>>
>
> --
> Rich Bowen - rbowen@rcbowen.com - @rbowen
> http://apachecon.com/ - @apachecon
>
>
>
> From: "Rose, John B" <jb...@utk.edu>
> Subject: Re: [users@httpd] Re: Rewrite and automount question
> Date: August 8, 2014 at 20:40:18 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> "What's automounter? Is that some process that mounts a user's home directory on a remote share or something?"
>
> Yes. But only when it is requested. I.e. When you login via ssh, or access a web site via http whose content is in the remote filesystem, etc. You may refer to it as autofs.
>
>
> From: Rich Bowen <rb...@rcbowen.com>
> Reply-To: "users@httpd.apache.org" <us...@httpd.apache.org>
> Date: Friday, August 8, 2014 3:24 PM
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
> Subject: Re: [users@httpd] Re: Rewrite and automount question
>
>
> On 08/08/2014 11:59 AM, Rose, John B wrote:
>> mod_userdir does not seem to cause superfluous automounter attempts when an http request to a non-existent web address, http://website.com/~someuser, is received
>>
>> Is there some way to implement that mechanism with http://website.com/someuser http requests for a nonexistent "someuser"?
>
> What's automounter? Is that some process that mounts a user's home directory on a remote share or something?
>
> I suppose you could query a list of valid users on server startup, and use that (via mod_macro or something?) to generate a list of Alias directives? Or possibly use a RewriteMap to do the same thing based on a list of users, although RewriteMap can be a bit of a performance bottleneck.
>
> --Rich
>
>
>>
>> From: <Rose>, John Rose <jb...@utk.edu>
>> Date: Friday, August 8, 2014 9:51 AM
>> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>> Subject: Rewrite and automount question
>>
>> We have experimented with using Rewrite to replace /~someuser with /someuser
>>
>> However there is a problem with systems using automounter in the case of an http request for a non-existing http://someserver.com/someuser
>>
>> Anyone have a way to implement the above without doing undesired automount attempts of a non-existent "someuser"?
>>
>> Thanks
>>
>>
>
> --
> Rich Bowen - rbowen@rcbowen.com - @rbowen
> http://apachecon.com/ - @apachecon
>
>
>
> From: Nick Kew <ni...@webthing.com>
> Subject: Re: [users@httpd] Rewrite and automount question
> Date: August 8, 2014 at 22:36:43 GMT+1
> To: users@httpd.apache.org
>
>
>
> On 8 Aug 2014, at 14:51, Rose, John B wrote:
>
>> We have experimented with using Rewrite to replace /~someuser with /someuser
>
> How very 1997.
>
>> However there is a problem with systems using automounter in the case of an http request for a non-existing http://someserver.com/someuser
>
> That's your filesystem. Apache has no knowledge of whether a directory
> exists until it performs a lookup. And it's the lookup that triggers the automount.
> Check your NFS options.
>
> Using NFS with apache - or anywhere exposed to the public 'net -
> is not encouraged. Not good for either security or performance.
>
>> Anyone have a way to implement the above without doing undesired automount attempts of a non-existent "someuser"?
>
> Most simply, make sure AllowOverride is set to None.
>
> You could also see if mod_cache helps, and if it doesn't
> then you've diagnosed a major inefficiency in your server.
> But mod_cache will only reduce, not eliminate, NFS accesses.
>
> --
> Nick Kew
>
>
>
> From: Jeff Trawick <tr...@gmail.com>
> Subject: Re: [users@httpd] Windows Apache 2.4.9 restarts itself
> Date: August 8, 2014 at 15:21:37 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> On Thu, Aug 7, 2014 at 9:45 AM, Agnetta Kamugisha <ka...@nccommunitycolleges.edu> wrote:
> Jeff,
>
> Check this link.
>
> We had to implement this workaround.
> https://www.apachelounge.com/viewtopic.php?t=6037
>
> FWIW, AH00344 after AH00356 shouldn't be interesting. The listening socket got closed as part of shutting down after the original problem. I hope to improve logging of that in the shutdown scenario so that people don't worry about that.
>
> This "netsh winsock reset" hint is interesting. With the report we have on 2.4.10, which tells us which handle goes bad (thus triggering AH00356), the bad handle is a rather generic handle. (CreateEvent(NULL, TRUE, FALSE, NULL);)
>
> When, or how often, do you need to use "netsh winsock reset"?
>
> Please confirm that you were seeing AH00356 without "netsh winsock reset".
>
> (I can imagine that there are situations with third-party winsock layers where "netsh winsock reset" helps with the AH00344 error which doesn't come right after the AH00356 error.)
>
> Thanks!
>
>
>
> From: Jeff Trawick <tr...@gmail.com>
> Subject: Re: [users@httpd] Windows Apache 2.4.9 restarts itself
> Date: August 9, 2014 at 1:34:03 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> On Fri, Aug 8, 2014 at 10:21 AM, Jeff Trawick <tr...@gmail.com> wrote:
> On Thu, Aug 7, 2014 at 9:45 AM, Agnetta Kamugisha <ka...@nccommunitycolleges.edu> wrote:
> Jeff,
>
> Check this link.
>
> We had to implement this workaround.
> https://www.apachelounge.com/viewtopic.php?t=6037
>
> FWIW, AH00344 after AH00356 shouldn't be interesting. The listening socket got closed as part of shutting down after the original problem. I hope to improve logging of that in the shutdown scenario so that people don't worry about that.
>
> This "netsh winsock reset" hint is interesting. With the report we have on 2.4.10, which tells us which handle goes bad (thus triggering AH00356), the bad handle is a rather generic handle. (CreateEvent(NULL, TRUE, FALSE, NULL);)
>
> When, or how often, do you need to use "netsh winsock reset"?
>
> Uhh, for those trying this, be aware that after doing that it says to restart the computer ;)
>
>
> Please confirm that you were seeing AH00356 without "netsh winsock reset".
>
> (I can imagine that there are situations with third-party winsock layers where "netsh winsock reset" helps with the AH00344 error which doesn't come right after the AH00356 error.)
>
> Thanks!
>
>
>
> --
> Born in Roswell... married an alien...
> http://emptyhammock.com/
> http://edjective.org/
>
>
>
>
> From: "Rose, John B" <jb...@utk.edu>
> Subject: Apache.org server-status
> Date: August 8, 2014 at 15:56:06 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> Looking at the apache.org server-status I do not see any of these …
>
> "OPTIONS * HTTP/1.0"
>
> In the "Request" column
>
> While I see quite a few in ours.
>
> Why does apache.org not have any of these entries?
>
> thanks
>
>
>
>
>
> From: Jeff Trawick <tr...@gmail.com>
> Subject: Re: [users@httpd] Apache.org server-status
> Date: August 8, 2014 at 16:02:51 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> On Fri, Aug 8, 2014 at 10:56 AM, Rose, John B <jb...@utk.edu> wrote:
> Looking at the apache.org server-status I do not see any of these …
>
> "OPTIONS * HTTP/1.0"
>
> In the "Request" column
>
> While I see quite a few in ours.
>
> Why does apache.org not have any of these entries?
>
> thanks
>
>
>
> You're using prefork MPM and your configuration (MinSpareServers/MaxSpareServers/etc.) results in child processes being created and destroyed on a somewhat regular basis?
>
> The prefork MPM will wake up processes with an OPTIONS request as part of process management.
>
> apache.org runs the event MPM.
>
>
> --
> Born in Roswell... married an alien...
> http://emptyhammock.com/
> http://edjective.org/
>
>
>
>
> From: Rich Bowen <rb...@rcbowen.com>
> Subject: Re: [users@httpd] ApacheCon CFP closes June 25
> Date: August 8, 2014 at 20:26:31 GMT+1
> To: "J.Lance Wilkinson" <jl...@psu.edu>
> Cc: users@httpd.apache.org
>
>
>
> On 08/06/2014 01:18 PM, J.Lance Wilkinson wrote:
>> Rich Bowen wrote:
>>>
>>> On 06/16/2014 11:06 AM, J.Lance Wilkinson wrote:
>> ...snip...
>>>> Those of us at edu sites sometimes need to put in for travel/training
>>>> funding as much as a year in advance, and my own institution's
>>>> budgeting process cuts of June 30th for the Fiscal Year 2014-2015.
>>>
>> ...snip...
>>> ACNA 2015 will be in roughly the same timeframe as ACNA 2014 was (ie, April) and we're currently working on locations. I'll be announcing dates and location at ACEU, at the very latest. Hopefully well before then.
>>
>> Anything firmer yet besides "roughly April 2015" for those of us who
>> desperately need to put in for funding?
>
> I should have a firm answer to this (which will be announced on this list, among other places) within the next week, or two at most.
>
>
> --
> Rich Bowen - rbowen@rcbowen.com - @rbowen
> http://apachecon.com/ - @apachecon
>
>
>
>
>
> From: Rich Bowen <rb...@rcbowen.com>
> Subject: Re: [users@httpd] Order of applicatoin of sites-enabled configs
> Date: August 8, 2014 at 20:31:24 GMT+1
> To: users@httpd.apache.org
>
>
>
> On 08/07/2014 05:16 PM, M Busche wrote:
>> Frank,
>>
>> I don't think you understood what I was trying to say. My complaint was that in the pre-packaged configuration made with the ubuntu distribution, the default vhost configuration is placed in a file prefixed with the string 000 which causes it to be loaded first. I renamed it to have a prefix 999, so that it was loaded (and processed) last.
>
> Note that 999 still comes before abc, so you might consider zzz instead of 999 in order to avoid the same surprise later.
>
>> I think we are in complete agreement. My original query was to find out whether there was something I was confused about, or alternatively an explanation as to why-on-earth the people who put together the ubuntu distribution would set things up that way.
>>
>>
>
> The short answer is that Debian did this in order to make it easier to do stuff from the command line with the various utilities that they ship with their Apache httpd packages. The longer answer has to do with how good ideas mutate into complicated systems over the decades.
>
> --
> Rich Bowen - rbowen@rcbowen.com - @rbowen
> http://apachecon.com/ - @apachecon
>
>
>
> From: Mark jensen <ng...@hotmail.com>
> Subject: How to forbid browsers to cache some pages?
> Date: August 8, 2014 at 22:11:24 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> How to configure Apache to want to forbid browsers from caching all web pages in www1.example.com/public
> and in www1.example.com/books so every time I ask the browser about any page it brings it from source.
> but I want it to cache the pages under: www1.example.com?
>
>
> From: fedora <fe...@ayni.com>
> Subject: Re: [users@httpd] How to forbid browsers to cache some pages?
> Date: August 9, 2014 at 5:59:28 GMT+1
> To: users@httpd.apache.org
>
>
> I thought there was a <META ...> Tag in HTML, something linke NO-CACHE. Whether the browsers respect it, is another question...
>
> suomi
>
>
> On 2014-08-08 23:11, Mark jensen wrote:
>> How to configure Apache to want to forbid browsers from caching all web pages in www1.example.com/public
>> and in www1.example.com/books so every time I ask the browser about any page it brings it from source.
>> but I want it to cache the pages under: www1.example.com?
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>> For additional commands, e-mail: users-help@httpd.apache.org
>>
>
>
>
>
> From: Mark jensen <ng...@hotmail.com>
> Subject: RE: [users@httpd] How to forbid browsers to cache some pages?
> Date: August 9, 2014 at 13:42:57 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> I have found a good tutorial for my goal:
>
> http://support.tigertech.net/prevent-caching
>
>
>
> From: Mark jensen <ng...@hotmail.com>
> Subject: Apache 2.2:How to enable module: mod_expires.c
> Date: August 9, 2014 at 15:04:15 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> doing httpd -l returns:
>
> core.c
> prefork.c
> http_core.c
> mod_so.c
>
> How to enable the mod_expires module?
>
>
>
> From: Eric Covener <co...@gmail.com>
> Subject: Re: [users@httpd] Apache 2.2:How to enable module: mod_expires.c
> Date: August 9, 2014 at 15:09:34 GMT+1
> To: users@httpd.apache.org
>
>
> Load it with LoadModule
>
> (use -M to show dynamically loaded modules.)
>
> On Sat, Aug 9, 2014 at 10:04 AM, Mark jensen <ng...@hotmail.com> wrote:
>> doing httpd -l returns:
>>
>> core.c
>> prefork.c
>> http_core.c
>> mod_so.c
>>
>> How to enable the mod_expires module?
>>
>
>
>
> --
> Eric Covener
> covener@gmail.com
>
>
>
>
> From: Mark jensen <ng...@hotmail.com>
> Subject: RE: [users@httpd] Apache 2.2:How to enable module: mod_expires.c
> Date: August 9, 2014 at 15:14:36 GMT+1
> To: "users@httpd.apache.org" <us...@httpd.apache.org>
>
>
> Doing httpd -M | grep expire:
>
> expires_module (shared)
> Syntax OK
>
> and I have found this line in conf file:
>
> LoadModule expires module modules/mod_expires.so
>
> but "ExpireDefault" didn't work
>
>
>
> From: Pete Houston <ph...@openstrike.co.uk>
> Subject: Re: [users@httpd] Apache 2.2:How to enable module: mod_expires.c
> Date: August 9, 2014 at 16:22:18 GMT+1
> To: users@httpd.apache.org
>
>
> On Sat, Aug 09, 2014 at 02:14:36PM +0000, Mark jensen wrote:
>> and I have found this line in conf file:
>>
>> LoadModule expires module modules/mod_expires.so
>>
>> but "ExpireDefault" didn't work
>
> There's no such directive in Apache 2.2 as "ExpireDefault". Perhaps if
> you tried "ExpiresDefault" you might have more success. Note that it
> takes an argument, so using it without one should still result in a
> syntax error.
>
> Pete
> --
> Openstrike - improving business through open source
> http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
>
>
>
> From: Abdul Anshad <ab...@visolve.com>
> Subject: SSL Library Error: error:2D06D075:FIPS routines:fips_pkey_signature_test:test failure (Type=RSA SHA1 X931)
> Date: August 11, 2014 at 10:26:44 GMT+1
> To: users@httpd.apache.org
>
>
> Hello All,
>
> I have a set up which runs Apache http-2.4.10 and openssl-1.0.1i, when I try to start the http server with FIPS mode i get the following error.
>
> [Mon Aug 11 14:39:24.407781 2014] [suexec:notice] [pid 380] AH01232: suEXEC mechanism enabled (wrapper: /apps/apache/2.4.10/bin/suexec)
> [Mon Aug 11 14:39:24.428616 2014] [ssl:emerg] [pid 380] AH01885: FIPS mode failed
> [Mon Aug 11 14:39:24.428656 2014] [ssl:emerg] [pid 380] SSL Library Error: error:2D06D075:FIPS routines:fips_pkey_signature_test:test failure (Type=RSA SHA1 X931)
> [Mon Aug 11 14:39:24.428663 2014] [ssl:emerg] [pid 380] AH02312: Fatal error initialising mod_ssl, exiting.
> AH00016: Configuration Failed
>
> Could somebody help me out with this issue ? Thanks in advance.
>
> --
> Regards,
> Abdul
>
> ---
> This email is free from viruses and malware because avast! Antivirus protection is active.
> http://www.avast.com
>
>
>
>