You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by irisson jean-olivier <jo...@noos.fr> on 2004/06/11 19:21:36 UTC
[users@httpd] problem with distant vs. local acces with apache 2
hi everybody,
I encounter a problem that a search on google/groups/mailing list
archive cannot solve. I have seen a few somehow similar posts (so my
problem might not be completely unique) but no usefull solutions.
I've Apache 2.0.48 set up on a Mandrake Linux 10.0 (installed with rpms:
apache2-2.0.48-6mdk.rpm). All the options are the default ones.
I launch the server as root by typing:
> httpd2
Opening a browser on my machine I can see the content of /var/www/html/
(my DocumentRoot). I can either see the default page or any index.html
page I put there (in fact I'm mounting virtually my web site directory
in /var/www/html by:
> mount --bind /home/me/mywebsite/ /var/www/html/ ).
I can see the page either under the adress:
http://localhost/
of the adress:
http://my.ip.addr.ess/
The only warning I'm receiving when I launch httpd2 is:
> httpd2: Could not determine the server's fully qualified domain name,
using ##.##.##.### for ServerName
where the numbers are my ip adress. which is predictable as I haven't
set the ServerName in httpd2.conf. I'm installing this server on my
personal computer at home and therefore, I don't have a domain name as I
would in an organisation. But I do not think this is a problem (maybe my
mistake is there...)
Therfore LOCALLY everything seems to be working fine.
Nevertheless when I try to see the web site from a DISTANT computer I
receive a blank page and an error message saying that the browser cannot
connect to the page. I don't understand why because:
- I can ping my IP from the distant computer
- I have an SHH and an FTP server installed and I can access them from
distant machines with no problems
- I do not have a firewall blocking port 80
- I cannot see any access restriction in the default httpd2.conf I'm using.
any help would be welcome. I have the feeling that I'm missing something
obvious but I really can't find what.
thank you in advance.
JiHO.
PS:my httpd2.conf (if any other material is needeed I will send it):
### Main Configuration Section
### You really shouldn't change these settings unless you're a guru
###
ServerRoot /etc/httpd/2.0
#ServerName localhost
#LockFile /etc/httpd/httpd.lock
PidFile /var/run/httpd.pid
ErrorLog logs/error_log
LogLevel warn
DocumentRoot /var/www/html
### Dynamic Shared Object (DSO) Support
###
### You should always leave those three, as they are needed for
### normal use.
### mod_access (Order, Allow, etc..)
### mod_log_config (Transferlog, etc..)
### mod_mime (AddType, etc...)
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
##LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
##LoadModule charset_lite_module modules/mod_charset_lite.so
##LoadModule case_filter_module modules/mod_case_filter.so
##LoadModule case_filter_in_module modules/mod_case_filter_in.so
##LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
##LoadModule mime_magic_module modules/mod_mime_magic.so
##LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
##LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
##LoadModule cgid_module modules/mod_cgid.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
##LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
###
### Global Configuration
###
# We now support multiple apache configurations on the same server. In
# common.conf, we put all directives that are common to all implementations
# (httpd, httpd-perl, etc.)
# For Apache2 we load all conf files in conf.d
Include /etc/httpd/conf.d/*.conf
Include conf/commonhttpd.conf
###
### IP Address/Port and Proxied configuration section
###
# The APACHEPROXIED setting can be set in /etc/rc.d/init.d/httpd if you
# are using a proxy or accelerator, like the Apache-SGI or khttpd, so that
# the fast web server serves static content while Apache handles the
# cgi or php files
#BindAddress *
<IfDefine APACHEPROXIED>
Listen 8080
</IfDefine>
<IfDefine !APACHEPROXIED>
Listen 80
</IfDefine>
# Likewise, we can set apache as the server by default and send perl
# requests via ProxyPass to apache-mod_perl. It increases performance
# since the perl interpreter is only used for perl and the standard apache
# does all the html and image files, with a smaller footprint.
#
# If you install apache and apache-mod_perl, this is the default config.
# If you don't want two web servers to use perl, uninstall apache, and
# apache-mod_perl will not be proxied.
<IfDefine PERLPROXIED>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^proxy:.* - [F]
RewriteRule ^(.*\/perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
RewriteRule ^(.*\/cgi-perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
</IfModule>
</IfDefine>
###
### Log configuration Section
###
<IfModule mod_log_config.c>
#Single logfile with access, agent and referer information
#This is the default, if vlogs are not defined for the main server
CustomLog logs/access_log combined env=!VLOG
#If VLOG is defined in conf/vhosts/Vhost.conf, we use this entry
CustomLog "|/usr/sbin/advxsplitlogfile" vhost env=VLOG
</IfModule>
###
### Virtual Hosts
###
# We include different templates for Virtual Hosting. Have a look in the
# vhosts directory and modify to suit your needs.
Include conf/vhosts/Vhosts.conf
#Include conf/vhosts/DynamicVhosts.conf
#Include conf/vhosts/VirtualHomePages.conf
###
### Performance settings Section
###
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
# prefork MPM [THIS IS THE DEFAULT]
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# perchild MPM
# NumServers: constant number of server processes
# StartThreads: initial number of worker threads in each server process
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# MaxThreadsPerChild: maximum number of worker threads in each server
process
# MaxRequestsPerChild: maximum number of connections per server process
<IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
</IfModule>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Zoe Ballz <zo...@zoeballz.tv>.
Oops I just remembered - I actually set the servername to notavailable.com about a week ago, yet it still works. All my point is that perhaps you are better setting it to something rather than nothing.
Sorry for mix up !
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
----- Original Message -----
From: Zoe Ballz
To: users@httpd.apache.org ; xeon@xshellr8.com
Sent: Saturday, June 12, 2004 1:35 AM
Subject: Re: [users@httpd] problem with distant vs. local acces with apache 2
Hi there
I also have a server running with vhosts but the default server is set purely to serve requests with no domain name. Although mine is 1.3.31 on win32 the principle is the same.
You said you have:
#ServerName localhost
(commented out)
Try it as:
ServerName xxx.xxx.xxx.xxx
using your own IP address
It should be your EXTERNAL IP address if you are running through a router - not the local network IP address.
To see it work (if you want a laff) and are not easily offended http://82.34.88.179 !!!!!!!!!!
The virtual domains are hidden behind the page !!
Another thought - on your network card - if you run though a router, have you got the gateway set to the routers address? Wrong gateway settings lead to all sorts of interests effects!
I say these comments as they are all problems I had when I 1st started.
Good luck.
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
Re: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Zoe Ballz <zo...@zoeballz.tv>.
Hi there
I also have a server running with vhosts but the default server is set purely to serve requests with no domain name. Although mine is 1.3.31 on win32 the principle is the same.
You said you have:
#ServerName localhost
(commented out)
Try it as:
ServerName xxx.xxx.xxx.xxx
using your own IP address
It should be your EXTERNAL IP address if you are running through a router - not the local network IP address.
To see it work (if you want a laff) and are not easily offended http://82.34.88.179 !!!!!!!!!!
The virtual domains are hidden behind the page !!
Another thought - on your network card - if you run though a router, have you got the gateway set to the routers address? Wrong gateway settings lead to all sorts of interests effects!
I say these comments as they are all problems I had when I 1st started.
Good luck.
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Michael <xe...@xshellr8.com>.
Are you typing in the IP of the machine in order to access the page at a
distance, such as http://xx.xx.xx.xx/index.html? Is it a static IP
being used?
Since you don't have a domain you will have to access it via an IP
address as shown above.
Hope this helps,
Michael
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: June 11, 2004 9:22 AM
To: users@httpd.apache.org.
Subject: [users@httpd] problem with distant vs. local acces with apache
2
hi everybody,
I encounter a problem that a search on google/groups/mailing list
archive cannot solve. I have seen a few somehow similar posts (so my
problem might not be completely unique) but no usefull solutions.
I've Apache 2.0.48 set up on a Mandrake Linux 10.0 (installed with rpms:
apache2-2.0.48-6mdk.rpm). All the options are the default ones.
I launch the server as root by typing:
> httpd2
Opening a browser on my machine I can see the content of /var/www/html/
(my DocumentRoot). I can either see the default page or any index.html
page I put there (in fact I'm mounting virtually my web site directory
in /var/www/html by:
> mount --bind /home/me/mywebsite/ /var/www/html/ ).
I can see the page either under the adress:
http://localhost/
of the adress:
http://my.ip.addr.ess/
The only warning I'm receiving when I launch httpd2 is:
> httpd2: Could not determine the server's fully qualified domain name,
using ##.##.##.### for ServerName
where the numbers are my ip adress. which is predictable as I haven't
set the ServerName in httpd2.conf. I'm installing this server on my
personal computer at home and therefore, I don't have a domain name as I
would in an organisation. But I do not think this is a problem (maybe my
mistake is there...)
Therfore LOCALLY everything seems to be working fine.
Nevertheless when I try to see the web site from a DISTANT computer I
receive a blank page and an error message saying that the browser cannot
connect to the page. I don't understand why because:
- I can ping my IP from the distant computer
- I have an SHH and an FTP server installed and I can access them from
distant machines with no problems
- I do not have a firewall blocking port 80
- I cannot see any access restriction in the default httpd2.conf I'm
using.
any help would be welcome. I have the feeling that I'm missing something
obvious but I really can't find what.
thank you in advance.
JiHO.
PS:my httpd2.conf (if any other material is needeed I will send it):
### Main Configuration Section
### You really shouldn't change these settings unless you're a guru
###
ServerRoot /etc/httpd/2.0
#ServerName localhost
#LockFile /etc/httpd/httpd.lock
PidFile /var/run/httpd.pid
ErrorLog logs/error_log
LogLevel warn
DocumentRoot /var/www/html
### Dynamic Shared Object (DSO) Support
###
### You should always leave those three, as they are needed for
### normal use.
### mod_access (Order, Allow, etc..)
### mod_log_config (Transferlog, etc..)
### mod_mime (AddType, etc...)
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
##LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
##LoadModule charset_lite_module modules/mod_charset_lite.so
##LoadModule case_filter_module modules/mod_case_filter.so
##LoadModule case_filter_in_module modules/mod_case_filter_in.so
##LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
##LoadModule mime_magic_module modules/mod_mime_magic.so
##LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
##LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
##LoadModule cgid_module modules/mod_cgid.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
##LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
###
### Global Configuration
###
# We now support multiple apache configurations on the same server. In
# common.conf, we put all directives that are common to all
implementations
# (httpd, httpd-perl, etc.)
# For Apache2 we load all conf files in conf.d
Include /etc/httpd/conf.d/*.conf
Include conf/commonhttpd.conf
###
### IP Address/Port and Proxied configuration section
###
# The APACHEPROXIED setting can be set in /etc/rc.d/init.d/httpd if you
# are using a proxy or accelerator, like the Apache-SGI or khttpd, so
that
# the fast web server serves static content while Apache handles the
# cgi or php files
#BindAddress *
<IfDefine APACHEPROXIED>
Listen 8080
</IfDefine>
<IfDefine !APACHEPROXIED>
Listen 80
</IfDefine>
# Likewise, we can set apache as the server by default and send perl
# requests via ProxyPass to apache-mod_perl. It increases performance
# since the perl interpreter is only used for perl and the standard
apache
# does all the html and image files, with a smaller footprint.
#
# If you install apache and apache-mod_perl, this is the default config.
# If you don't want two web servers to use perl, uninstall apache, and
# apache-mod_perl will not be proxied.
<IfDefine PERLPROXIED>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^proxy:.* - [F]
RewriteRule ^(.*\/perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
RewriteRule ^(.*\/cgi-perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
</IfModule>
</IfDefine>
###
### Log configuration Section
###
<IfModule mod_log_config.c>
#Single logfile with access, agent and referer information
#This is the default, if vlogs are not defined for the main server
CustomLog logs/access_log combined env=!VLOG
#If VLOG is defined in conf/vhosts/Vhost.conf, we use this entry
CustomLog "|/usr/sbin/advxsplitlogfile" vhost env=VLOG
</IfModule>
###
### Virtual Hosts
###
# We include different templates for Virtual Hosting. Have a look in the
# vhosts directory and modify to suit your needs.
Include conf/vhosts/Vhosts.conf
#Include conf/vhosts/DynamicVhosts.conf
#Include conf/vhosts/VirtualHomePages.conf
###
### Performance settings Section
###
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from
the
# same client on the same connection.
#
KeepAliveTimeout 15
# prefork MPM [THIS IS THE DEFAULT]
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept
spare
# MaxSpareServers: maximum number of server processes which are kept
spare
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process
serves
<IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server
process
# MaxRequestsPerChild: maximum number of requests a server process
serves
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# perchild MPM
# NumServers: constant number of server processes
# StartThreads: initial number of worker threads in each server process
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# MaxThreadsPerChild: maximum number of worker threads in each server
process
# MaxRequestsPerChild: maximum number of connections per server process
<IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
</IfModule>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Michael <xe...@xshellr8.com>.
Ahh I see, it's a .gif
Michael
-----Original Message-----
From: Michael [mailto:xeon@xshellr8.com]
Sent: Saturday, June 12, 2004 3:13 PM
To: users@httpd.apache.org
Subject: RE: [users@httpd] problem with distant vs. local acces with apache
2
I want a copy of that page LOL!
Michael
-----Original Message-----
From: Zoe Ballz [mailto:zoe@zoeballz.tv]
Sent: Saturday, June 12, 2004 3:08 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Damn - It was late at night and had been a longgggg day !!!!!!!! was meant
to be http://82.34.88.178 . Sorry !!!!!
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
----- Original Message -----
From: irisson jean-olivier
To: users@httpd.apache.org
Sent: Saturday, June 12, 2004 2:43 PM
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
> To see it work (if you want a laff) and are not easily
> offended http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect
to the IP without success (exactly as the distant instance of lynx I'm
running to try to view the pages I'm serving...). May be you have the
same problem that me!!
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Michael <xe...@xshellr8.com>.
I want a copy of that page LOL!
Michael
-----Original Message-----
From: Zoe Ballz [mailto:zoe@zoeballz.tv]
Sent: Saturday, June 12, 2004 3:08 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Damn - It was late at night and had been a longgggg day !!!!!!!! was meant
to be http://82.34.88.178 . Sorry !!!!!
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
----- Original Message -----
From: irisson jean-olivier
To: users@httpd.apache.org
Sent: Saturday, June 12, 2004 2:43 PM
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
> To see it work (if you want a laff) and are not easily
> offended http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect
to the IP without success (exactly as the distant instance of lynx I'm
running to try to view the pages I'm serving...). May be you have the
same problem that me!!
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Zoe Ballz <zo...@zoeballz.tv>.
Damn - It was late at night and had been a longgggg day !!!!!!!! was meant to be http://82.34.88.178 . Sorry !!!!!
Zoe
http://zoeballz.net - Website Hosting for the Transgendered Community
----- Original Message -----
From: irisson jean-olivier
To: users@httpd.apache.org
Sent: Saturday, June 12, 2004 2:43 PM
Subject: Re: [users@httpd] problem with distant vs. local acces with apache 2
> To see it work (if you want a laff) and are not easily
> offended http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect
to the IP without success (exactly as the distant instance of lynx I'm
running to try to view the pages I'm serving...). May be you have the
same problem that me!!
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Michael <xe...@xshellr8.com>.
Well I'm sorry to hear that this is the case, but I'm also glad you finally
did determine it was indeed from 80 being closed as I suspected.
Take care and good luck on finding a legitimate ISP.
Michael
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: Monday, June 14, 2004 10:44 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Vasiliy Boulytchev wrote:
> Vasiliy Boulytchev wrote:
>>My first guess with Md 10.0 is msec :)
>
> I guess this was a joke but sorry, my english/computer knowledge is not
good
> enough to understand this one... :-(
>
> No joke, with Mandrake 10.0 you get msec. Mandrake Security. Adds neat
> and easy lock downs to your system.
ok thanks. I found about this after sending you my reply. sorry. I'll
check for this but in fact I don't really need a very secure system not
beeing on a network or having much network activity (apart from a simple
Apache web server!). In addition I do not really know who would want to
break into my computer ;-)
Anyway I think I dicovered something while trying to set up this:
Apache is great but my ISP is crap!!!
After several emails they finally sent me back to (paying) technical
phone assistance which was barely capable of understanding my problem.
They conclude by saying that port 80 should indeed be blocked and that
there was nothing to do about it.
I'm therefore sorry to have wasted your time, the problem apparently
came from something independant of Apache. I am nevertheless willing to
thank you for the great deal of assistance I found here: quick and
efficient (the complete opposite of my ISP's ;-) ). I'll might contact
you in the future if I have a problem with another server... as soon as
I've changed my ISP! thank again and I'll keep reading this list anyway.
> What does your firewall rules say? Iptables -L
In case you still want to know ;-). my firewall is supposed to block
everything except acces to a ftp, ssh and web server (so 21, 22 and 80
should be open)
here is the output of iptables -L:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
eth0_in all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:INPUT:REJECT:'
reject all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROP !icmp -- anywhere anywhere state INVALID
eth0_fwd all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:FORWARD:REJECT:'
reject all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
fw2net all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:OUTPUT:REJECT:'
reject all -- anywhere anywhere
Chain Drop (1 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
DropSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain DropDNSrep (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp spt:domain
Chain DropSMB (1 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:135
DROP udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
DROP udp -- anywhere anywhere udp
dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:135
DROP tcp -- anywhere anywhere tcp
dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain DropUPnP (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:1900
Chain Reject (4 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
RejectSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain RejectAuth (2 references)
target prot opt source destination
reject tcp -- anywhere anywhere tcp dpt:auth
Chain RejectSMB (1 references)
target prot opt source destination
reject udp -- anywhere anywhere udp dpt:135
reject udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
reject udp -- anywhere anywhere udp
dpt:microsoft-ds
reject tcp -- anywhere anywhere tcp dpt:135
reject tcp -- anywhere anywhere tcp
dpt:netbios-ssn
reject tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain all2all (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:all2all:REJECT:'
reject all -- anywhere anywhere
Chain dropBcast (2 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
Chain dropNonSyn (2 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:!SYN,RST,ACK/SYN
Chain dynamic (2 references)
target prot opt source destination
Chain eth0_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
Chain eth0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
net2fw all -- anywhere anywhere
Chain fw2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain icmpdef (0 references)
target prot opt source destination
Chain net2all (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Drop all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:net2all:DROP:'
DROP all -- anywhere anywhere
Chain net2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport
dports http,https,ssh,ftp-data,ftp
ACCEPT icmp -- anywhere anywhere icmp
echo-request
net2all all -- anywhere anywhere
Chain reject (11 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
DROP all -- broadcast.net81-66-123.noos.fr anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
REJECT tcp -- anywhere anywhere reject-with
tcp-reset
REJECT udp -- anywhere anywhere reject-with
icmp-port-unreachable
REJECT icmp -- anywhere anywhere reject-with
icmp-host-unreachable
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited
Chain shorewall (0 references)
target prot opt source destination
Chain smurfs (0 references)
target prot opt source destination
LOG all -- broadcast.net81-66-123.noos.fr anywhere
LOG level info prefix `Shorewall:smurfs:DROP:'
DROP all -- broadcast.net81-66-123.noos.fr anywhere
LOG all -- 255.255.255.255 anywhere LOG level
info prefix `Shorewall:smurfs:DROP:'
DROP all -- 255.255.255.255 anywhere
LOG all -- BASE-ADDRESS.MCAST.NET/4 anywhere LOG
level info prefix `Shorewall:smurfs:DROP:'
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Vasiliy Boulytchev <va...@boulytcheva.com>.
Ah! Post-Code-Red / slash / control system. Well, if you want, check out
our website, you can have simple hosting for under 10 bucks. If you want to
play with Apache (which is always great), find a normal ISP. :)
Vasiliy Boulytchev
Colorado Information Technologies, Inc.
http://www.coinfotech.com
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: Monday, June 14, 2004 11:44 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Vasiliy Boulytchev wrote:
> Vasiliy Boulytchev wrote:
>>My first guess with Md 10.0 is msec :)
>
> I guess this was a joke but sorry, my english/computer knowledge is
> not good enough to understand this one... :-(
>
> No joke, with Mandrake 10.0 you get msec. Mandrake Security. Adds
> neat and easy lock downs to your system.
ok thanks. I found about this after sending you my reply. sorry. I'll check
for this but in fact I don't really need a very secure system not beeing on
a network or having much network activity (apart from a simple Apache web
server!). In addition I do not really know who would want to break into my
computer ;-)
Anyway I think I dicovered something while trying to set up this:
Apache is great but my ISP is crap!!!
After several emails they finally sent me back to (paying) technical phone
assistance which was barely capable of understanding my problem.
They conclude by saying that port 80 should indeed be blocked and that there
was nothing to do about it.
I'm therefore sorry to have wasted your time, the problem apparently came
from something independant of Apache. I am nevertheless willing to thank you
for the great deal of assistance I found here: quick and efficient (the
complete opposite of my ISP's ;-) ). I'll might contact you in the future if
I have a problem with another server... as soon as I've changed my ISP!
thank again and I'll keep reading this list anyway.
> What does your firewall rules say? Iptables -L
In case you still want to know ;-). my firewall is supposed to block
everything except acces to a ftp, ssh and web server (so 21, 22 and 80
should be open) here is the output of iptables -L:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
eth0_in all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:INPUT:REJECT:'
reject all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROP !icmp -- anywhere anywhere state INVALID
eth0_fwd all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:FORWARD:REJECT:'
reject all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
fw2net all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:OUTPUT:REJECT:'
reject all -- anywhere anywhere
Chain Drop (1 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
DropSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain DropDNSrep (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp spt:domain
Chain DropSMB (1 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:135
DROP udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
DROP udp -- anywhere anywhere udp
dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:135
DROP tcp -- anywhere anywhere tcp
dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain DropUPnP (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:1900
Chain Reject (4 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
RejectSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain RejectAuth (2 references)
target prot opt source destination
reject tcp -- anywhere anywhere tcp dpt:auth
Chain RejectSMB (1 references)
target prot opt source destination
reject udp -- anywhere anywhere udp dpt:135
reject udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
reject udp -- anywhere anywhere udp
dpt:microsoft-ds
reject tcp -- anywhere anywhere tcp dpt:135
reject tcp -- anywhere anywhere tcp
dpt:netbios-ssn
reject tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain all2all (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:all2all:REJECT:'
reject all -- anywhere anywhere
Chain dropBcast (2 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
Chain dropNonSyn (2 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:!SYN,RST,ACK/SYN
Chain dynamic (2 references)
target prot opt source destination
Chain eth0_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
Chain eth0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
net2fw all -- anywhere anywhere
Chain fw2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain icmpdef (0 references)
target prot opt source destination
Chain net2all (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Drop all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:net2all:DROP:'
DROP all -- anywhere anywhere
Chain net2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport
dports http,https,ssh,ftp-data,ftp
ACCEPT icmp -- anywhere anywhere icmp
echo-request
net2all all -- anywhere anywhere
Chain reject (11 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
DROP all -- broadcast.net81-66-123.noos.fr anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
REJECT tcp -- anywhere anywhere reject-with
tcp-reset
REJECT udp -- anywhere anywhere reject-with
icmp-port-unreachable
REJECT icmp -- anywhere anywhere reject-with
icmp-host-unreachable
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited
Chain shorewall (0 references)
target prot opt source destination
Chain smurfs (0 references)
target prot opt source destination
LOG all -- broadcast.net81-66-123.noos.fr anywhere
LOG level info prefix `Shorewall:smurfs:DROP:'
DROP all -- broadcast.net81-66-123.noos.fr anywhere
LOG all -- 255.255.255.255 anywhere LOG level
info prefix `Shorewall:smurfs:DROP:'
DROP all -- 255.255.255.255 anywhere
LOG all -- BASE-ADDRESS.MCAST.NET/4 anywhere LOG
level info prefix `Shorewall:smurfs:DROP:'
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem with distant vs. local acces with apache
2
Posted by irisson jean-olivier <jo...@noos.fr>.
Vasiliy Boulytchev wrote:
> Vasiliy Boulytchev wrote:
>>My first guess with Md 10.0 is msec :)
>
> I guess this was a joke but sorry, my english/computer knowledge is not good
> enough to understand this one... :-(
>
> No joke, with Mandrake 10.0 you get msec. Mandrake Security. Adds neat
> and easy lock downs to your system.
ok thanks. I found about this after sending you my reply. sorry. I'll
check for this but in fact I don't really need a very secure system not
beeing on a network or having much network activity (apart from a simple
Apache web server!). In addition I do not really know who would want to
break into my computer ;-)
Anyway I think I dicovered something while trying to set up this:
Apache is great but my ISP is crap!!!
After several emails they finally sent me back to (paying) technical
phone assistance which was barely capable of understanding my problem.
They conclude by saying that port 80 should indeed be blocked and that
there was nothing to do about it.
I'm therefore sorry to have wasted your time, the problem apparently
came from something independant of Apache. I am nevertheless willing to
thank you for the great deal of assistance I found here: quick and
efficient (the complete opposite of my ISP's ;-) ). I'll might contact
you in the future if I have a problem with another server... as soon as
I've changed my ISP! thank again and I'll keep reading this list anyway.
> What does your firewall rules say? Iptables -L
In case you still want to know ;-). my firewall is supposed to block
everything except acces to a ftp, ssh and web server (so 21, 22 and 80
should be open)
here is the output of iptables -L:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
eth0_in all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:INPUT:REJECT:'
reject all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROP !icmp -- anywhere anywhere state INVALID
eth0_fwd all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:FORWARD:REJECT:'
reject all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
DROP !icmp -- anywhere anywhere state INVALID
fw2net all -- anywhere anywhere
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:OUTPUT:REJECT:'
reject all -- anywhere anywhere
Chain Drop (1 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
DropSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain DropDNSrep (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp spt:domain
Chain DropSMB (1 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:135
DROP udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
DROP udp -- anywhere anywhere udp
dpt:microsoft-ds
DROP tcp -- anywhere anywhere tcp dpt:135
DROP tcp -- anywhere anywhere tcp
dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain DropUPnP (2 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:1900
Chain Reject (4 references)
target prot opt source destination
RejectAuth all -- anywhere anywhere
dropBcast all -- anywhere anywhere
RejectSMB all -- anywhere anywhere
DropUPnP all -- anywhere anywhere
dropNonSyn all -- anywhere anywhere
DropDNSrep all -- anywhere anywhere
Chain RejectAuth (2 references)
target prot opt source destination
reject tcp -- anywhere anywhere tcp dpt:auth
Chain RejectSMB (1 references)
target prot opt source destination
reject udp -- anywhere anywhere udp dpt:135
reject udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
reject udp -- anywhere anywhere udp
dpt:microsoft-ds
reject tcp -- anywhere anywhere tcp dpt:135
reject tcp -- anywhere anywhere tcp
dpt:netbios-ssn
reject tcp -- anywhere anywhere tcp
dpt:microsoft-ds
Chain all2all (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Reject all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:all2all:REJECT:'
reject all -- anywhere anywhere
Chain dropBcast (2 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
Chain dropNonSyn (2 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:!SYN,RST,ACK/SYN
Chain dynamic (2 references)
target prot opt source destination
Chain eth0_fwd (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
Chain eth0_in (1 references)
target prot opt source destination
dynamic all -- anywhere anywhere state NEW
net2fw all -- anywhere anywhere
Chain fw2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
Chain icmpdef (0 references)
target prot opt source destination
Chain net2all (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Drop all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level
info prefix `Shorewall:net2all:DROP:'
DROP all -- anywhere anywhere
Chain net2fw (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport
dports http,https,ssh,ftp-data,ftp
ACCEPT icmp -- anywhere anywhere icmp
echo-request
net2all all -- anywhere anywhere
Chain reject (11 references)
target prot opt source destination
DROP all -- anywhere anywhere PKTTYPE =
broadcast
DROP all -- anywhere anywhere PKTTYPE =
multicast
DROP all -- broadcast.net81-66-123.noos.fr anywhere
DROP all -- 255.255.255.255 anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
REJECT tcp -- anywhere anywhere reject-with
tcp-reset
REJECT udp -- anywhere anywhere reject-with
icmp-port-unreachable
REJECT icmp -- anywhere anywhere reject-with
icmp-host-unreachable
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited
Chain shorewall (0 references)
target prot opt source destination
Chain smurfs (0 references)
target prot opt source destination
LOG all -- broadcast.net81-66-123.noos.fr anywhere
LOG level info prefix `Shorewall:smurfs:DROP:'
DROP all -- broadcast.net81-66-123.noos.fr anywhere
LOG all -- 255.255.255.255 anywhere LOG level
info prefix `Shorewall:smurfs:DROP:'
DROP all -- 255.255.255.255 anywhere
LOG all -- BASE-ADDRESS.MCAST.NET/4 anywhere LOG
level info prefix `Shorewall:smurfs:DROP:'
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Vasiliy Boulytchev <va...@boulytcheva.com>.
Vasiliy Boulytchev wrote:
> My first guess with Md 10.0 is msec :)
I guess this was a joke but sorry, my english/computer knowledge is not good
enough to understand this one... :-(
No joke, with Mandrake 10.0 you get msec. Mandrake Security. Adds neat
and easy lock downs to your system.
What does your firewall rules say? Iptables -L
Vasiliy Boulytchev
Colorado Information Technologies, Inc.
http://www.coinfotech.com
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: Saturday, June 12, 2004 7:44 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Thank you for all the answers I got. nevertheless, the server is still not
working properly. here are my reactions to your suggestions. hope that
helps...
Vasiliy Boulytchev wrote:
> My first guess with Md 10.0 is msec :)
I guess this was a joke but sorry, my english/computer knowledge is not good
enough to understand this one... :-(
> Check the following files:
> /etc/hosts.allow
> smtp : ALL : allow
> httpd : ALL : allow
> sshd: All: allow
> mysqld: ALL: allow
> in.ftpd : ALL : allow
I modified my /etc/hosts.allow and add these lines. reboot. nothing changed.
:(
> On you LAN, bring up any shell, and give this command
> telnet web.ip.whatever.it.is 80
> after you get into the box (if you do), give
> get/
> do you get HTTPBLAH? If yes, lookat your logs/error.log on the server.
I don't really have a LAN as I'm setting this on my personnal computer which
is not part of a network (just connected to the internet).
nevertheless I tried to telnet my machine on port 80 from a distant one and
I can't get into it. :( again
Michael wrote:
> Are you typing in the IP of the machine in order to access the page at a
> distance, such as http://xx.xx.xx.xx/index.html? Is it a static IP >
being used?
I'm typing exactly this. my IP is kind of static (my provider changes it
from time to time but something like every two months).
Zoe Ballz wrote:
> You said you have:
> #ServerName localhost
> (commented out)
>
> Try it as:
> ServerName xxx.xxx.xxx.xxx
> using your own IP address
Zoe Ballz wrote:
> Oops I just remembered - I actually set the servername to >
notavailable.com about a week ago, yet it still works. All my point is >
that perhaps you are better setting it to something rather than nothing.
I tried this before my first post and it was ineffective. anyway, by default
when apache is not provided with a ServerName, it uses the ip adress so I
guess it works the same.
> It should be your EXTERNAL IP address if you are running through a >
router - not the local network IP address.
I don't think I'm running behind a router (I've a direct cable connection to
the internet but I don't really know what's exactly behind this cable plug
of mine ;-) ). Anyway, I can ping this IP and access to it via SSH of FTP
from a distant computer so I guess I should be an external address.
> To see it work (if you want a laff) and are not easily > offended
http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect to
the IP without success (exactly as the distant instance of lynx I'm running
to try to view the pages I'm serving...). May be you have the same problem
that me!!
> The virtual domains are hidden behind the page !!
????
> Another thought - on your network card - if you run though a router, >
have you got the gateway set to the routers address? Wrong gateway >
settings lead to all sorts of interests effects!
I don't think I'm behind a router so this should be OK.
too bad all this doesn't work... any new ideas giving what I'm sending you?
here is a summary of my situation:
- linux Mandrake 10 box serving pages with apache 2.0.48 through a basic
cable connection (should be the same as an ADSL I guess). all apache default
config.
- a browser opened on this machine displays any index.html page in the
DocumentRoot at the adresses http://localhost/ and http://##.###.###.###/
where the numbers are my static IP.
- I ssh to a distant machine of one of my friends and lauch:
> lynx http://##.###.###.###/
nothing happens (lynx keeps trying to connect to my IP without success) and
finally lynx quits (delay overpassed).
On this same machine:
> ping ##.###.###.###
answers:
> ##.###.###.### is alive
but
> telnet ##.###.###.### 80
cannot get me into the box.
Heeeeeeelllllllllp ;-(
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Tim Burden <ti...@burden.ca>.
netstat -a
man netstat
telnet ip_address:80
On the host, try lynx localhost
I can imagine where some ISPs would indeed block port 80.
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: June 12, 2004 2:43 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Michael wrote:
> Based on what you've said here I would say that your port 80 isn't open
for
> connections. If you try to telnet and can't connect on this port, that's
a
> pretty good indication that's what's happening.
>
> You should check your machines config's to ensure that this port is open
for
> connections.
Hi again,
indeed I should have checked this earlier. thanks. it seems that my port
80 is closed. an online portscan gives me only 21 (FTP) and 22 (SSH)
open within 0 to 139 ports.
but the reason why I didn't check before is because I have never done a
thing to close this port (my firewall is supposed to let specifically
this one open!! furthermore after disabling the firewall, the result is
the same...)
Do you know how I can check directly on my computer if my settings let
this port open? (like a port list, a configuration file that I can check
or something. apart from my firwall settings. I'm running Mandrake 10.0
official).
I've read about Internet Providers that do not let people access to your
port 80 (and charge you extra if you want to setup a web server) but
keep it open anyway to fetch information on your usage of your
connection. is it a simple rumor or does that exists for real?
dear apache users, thank you again in advance for your lights on this
matter!!! ;-)
Jean-Olivier
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem with distant vs. local acces with apache
2
Posted by irisson jean-olivier <jo...@noos.fr>.
Michael wrote:
> Based on what you've said here I would say that your port 80 isn't open for
> connections. If you try to telnet and can't connect on this port, that's a
> pretty good indication that's what's happening.
>
> You should check your machines config's to ensure that this port is open for
> connections.
Hi again,
indeed I should have checked this earlier. thanks. it seems that my port
80 is closed. an online portscan gives me only 21 (FTP) and 22 (SSH)
open within 0 to 139 ports.
but the reason why I didn't check before is because I have never done a
thing to close this port (my firewall is supposed to let specifically
this one open!! furthermore after disabling the firewall, the result is
the same...)
Do you know how I can check directly on my computer if my settings let
this port open? (like a port list, a configuration file that I can check
or something. apart from my firwall settings. I'm running Mandrake 10.0
official).
I've read about Internet Providers that do not let people access to your
port 80 (and charge you extra if you want to setup a web server) but
keep it open anyway to fetch information on your usage of your
connection. is it a simple rumor or does that exists for real?
dear apache users, thank you again in advance for your lights on this
matter!!! ;-)
Jean-Olivier
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Michael <xe...@xshellr8.com>.
Based on what you've said here I would say that your port 80 isn't open for
connections. If you try to telnet and can't connect on this port, that's a
pretty good indication that's what's happening.
You should check your machines config's to ensure that this port is open for
connections.
Hope this helps,
Michael
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: Saturday, June 12, 2004 6:44 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] problem with distant vs. local acces with apache
2
Thank you for all the answers I got. nevertheless, the server is still
not working properly. here are my reactions to your suggestions. hope
that helps...
Vasiliy Boulytchev wrote:
> My first guess with Md 10.0 is msec :)
I guess this was a joke but sorry, my english/computer knowledge is not
good enough to understand this one... :-(
> Check the following files:
> /etc/hosts.allow
> smtp : ALL : allow
> httpd : ALL : allow
> sshd: All: allow
> mysqld: ALL: allow
> in.ftpd : ALL : allow
I modified my /etc/hosts.allow and add these lines. reboot. nothing
changed. :(
> On you LAN, bring up any shell, and give this command
> telnet web.ip.whatever.it.is 80
> after you get into the box (if you do), give
> get/
> do you get HTTPBLAH? If yes, lookat your logs/error.log on the server.
I don't really have a LAN as I'm setting this on my personnal computer
which is not part of a network (just connected to the internet).
nevertheless I tried to telnet my machine on port 80 from a distant one
and I can't get into it. :( again
Michael wrote:
> Are you typing in the IP of the machine in order to access the page at a
> distance, such as http://xx.xx.xx.xx/index.html? Is it a static IP
> being used?
I'm typing exactly this. my IP is kind of static (my provider changes it
from time to time but something like every two months).
Zoe Ballz wrote:
> You said you have:
> #ServerName localhost
> (commented out)
>
> Try it as:
> ServerName xxx.xxx.xxx.xxx
> using your own IP address
Zoe Ballz wrote:
> Oops I just remembered - I actually set the servername to
> notavailable.com about a week ago, yet it still works. All my point is
> that perhaps you are better setting it to something rather than nothing.
I tried this before my first post and it was ineffective. anyway, by
default when apache is not provided with a ServerName, it uses the ip
adress so I guess it works the same.
> It should be your EXTERNAL IP address if you are running through a
> router - not the local network IP address.
I don't think I'm running behind a router (I've a direct cable
connection to the internet but I don't really know what's exactly behind
this cable plug of mine ;-) ). Anyway, I can ping this IP and access to
it via SSH of FTP from a distant computer so I guess I should be an
external address.
> To see it work (if you want a laff) and are not easily
> offended http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect
to the IP without success (exactly as the distant instance of lynx I'm
running to try to view the pages I'm serving...). May be you have the
same problem that me!!
> The virtual domains are hidden behind the page !!
????
> Another thought - on your network card - if you run though a router,
> have you got the gateway set to the routers address? Wrong gateway
> settings lead to all sorts of interests effects!
I don't think I'm behind a router so this should be OK.
too bad all this doesn't work... any new ideas giving what I'm sending
you? here is a summary of my situation:
- linux Mandrake 10 box serving pages with apache 2.0.48 through a basic
cable connection (should be the same as an ADSL I guess). all apache
default config.
- a browser opened on this machine displays any index.html page in the
DocumentRoot at the adresses http://localhost/ and
http://##.###.###.###/ where the numbers are my static IP.
- I ssh to a distant machine of one of my friends and lauch:
> lynx http://##.###.###.###/
nothing happens (lynx keeps trying to connect to my IP without success)
and finally lynx quits (delay overpassed).
On this same machine:
> ping ##.###.###.###
answers:
> ##.###.###.### is alive
but
> telnet ##.###.###.### 80
cannot get me into the box.
Heeeeeeelllllllllp ;-(
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] problem with distant vs. local acces with apache
2
Posted by irisson jean-olivier <jo...@noos.fr>.
Thank you for all the answers I got. nevertheless, the server is still
not working properly. here are my reactions to your suggestions. hope
that helps...
Vasiliy Boulytchev wrote:
> My first guess with Md 10.0 is msec :)
I guess this was a joke but sorry, my english/computer knowledge is not
good enough to understand this one... :-(
> Check the following files:
> /etc/hosts.allow
> smtp : ALL : allow
> httpd : ALL : allow
> sshd: All: allow
> mysqld: ALL: allow
> in.ftpd : ALL : allow
I modified my /etc/hosts.allow and add these lines. reboot. nothing
changed. :(
> On you LAN, bring up any shell, and give this command
> telnet web.ip.whatever.it.is 80
> after you get into the box (if you do), give
> get/
> do you get HTTPBLAH? If yes, lookat your logs/error.log on the server.
I don't really have a LAN as I'm setting this on my personnal computer
which is not part of a network (just connected to the internet).
nevertheless I tried to telnet my machine on port 80 from a distant one
and I can't get into it. :( again
Michael wrote:
> Are you typing in the IP of the machine in order to access the page at a
> distance, such as http://xx.xx.xx.xx/index.html? Is it a static IP
> being used?
I'm typing exactly this. my IP is kind of static (my provider changes it
from time to time but something like every two months).
Zoe Ballz wrote:
> You said you have:
> #ServerName localhost
> (commented out)
>
> Try it as:
> ServerName xxx.xxx.xxx.xxx
> using your own IP address
Zoe Ballz wrote:
> Oops I just remembered - I actually set the servername to
> notavailable.com about a week ago, yet it still works. All my point is
> that perhaps you are better setting it to something rather than nothing.
I tried this before my first post and it was ineffective. anyway, by
default when apache is not provided with a ServerName, it uses the ip
adress so I guess it works the same.
> It should be your EXTERNAL IP address if you are running through a
> router - not the local network IP address.
I don't think I'm running behind a router (I've a direct cable
connection to the internet but I don't really know what's exactly behind
this cable plug of mine ;-) ). Anyway, I can ping this IP and access to
it via SSH of FTP from a distant computer so I guess I should be an
external address.
> To see it work (if you want a laff) and are not easily
> offended http://82.34.88.179 !!!!!!!!!!
I can't see anything at this address. My browser keeps trying to connect
to the IP without success (exactly as the distant instance of lynx I'm
running to try to view the pages I'm serving...). May be you have the
same problem that me!!
> The virtual domains are hidden behind the page !!
????
> Another thought - on your network card - if you run though a router,
> have you got the gateway set to the routers address? Wrong gateway
> settings lead to all sorts of interests effects!
I don't think I'm behind a router so this should be OK.
too bad all this doesn't work... any new ideas giving what I'm sending
you? here is a summary of my situation:
- linux Mandrake 10 box serving pages with apache 2.0.48 through a basic
cable connection (should be the same as an ADSL I guess). all apache
default config.
- a browser opened on this machine displays any index.html page in the
DocumentRoot at the adresses http://localhost/ and
http://##.###.###.###/ where the numbers are my static IP.
- I ssh to a distant machine of one of my friends and lauch:
> lynx http://##.###.###.###/
nothing happens (lynx keeps trying to connect to my IP without success)
and finally lynx quits (delay overpassed).
On this same machine:
> ping ##.###.###.###
answers:
> ##.###.###.### is alive
but
> telnet ##.###.###.### 80
cannot get me into the box.
Heeeeeeelllllllllp ;-(
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: [users@httpd] problem with distant vs. local acces with apache 2
Posted by Vasiliy Boulytchev <va...@boulytcheva.com>.
My first guess with Md 10.0 is msec :)
Check the following files:
/etc/hosts.allow
smtp : ALL : allow
httpd : ALL : allow
sshd: All: allow
mysqld: ALL: allow
in.ftpd : ALL : allow
If this still does not work, do this:
On you LAN, bring up any shell, and give this command
telnet web.ip.whatever.it.is 80
after you get into the box (if you do), give
get/
do you get HTTPBLAH? If yes, lookat your logs/error.log on the server.
Keep us posted
Vasiliy Boulytchev
Colorado Information Technologies, Inc.
http://www.coinfotech.com
-----Original Message-----
From: irisson jean-olivier [mailto:jo.irisson@noos.fr]
Sent: Friday, June 11, 2004 11:22 AM
To: users@httpd.apache.org.
Subject: [users@httpd] problem with distant vs. local acces with apache 2
hi everybody,
I encounter a problem that a search on google/groups/mailing list archive
cannot solve. I have seen a few somehow similar posts (so my problem might
not be completely unique) but no usefull solutions.
I've Apache 2.0.48 set up on a Mandrake Linux 10.0 (installed with rpms:
apache2-2.0.48-6mdk.rpm). All the options are the default ones.
I launch the server as root by typing:
> httpd2
Opening a browser on my machine I can see the content of /var/www/html/ (my
DocumentRoot). I can either see the default page or any index.html page I
put there (in fact I'm mounting virtually my web site directory in
/var/www/html by:
> mount --bind /home/me/mywebsite/ /var/www/html/ ).
I can see the page either under the adress:
http://localhost/
of the adress:
http://my.ip.addr.ess/
The only warning I'm receiving when I launch httpd2 is:
> httpd2: Could not determine the server's fully qualified domain name,
using ##.##.##.### for ServerName where the numbers are my ip adress. which
is predictable as I haven't set the ServerName in httpd2.conf. I'm
installing this server on my personal computer at home and therefore, I
don't have a domain name as I would in an organisation. But I do not think
this is a problem (maybe my mistake is there...)
Therfore LOCALLY everything seems to be working fine.
Nevertheless when I try to see the web site from a DISTANT computer I
receive a blank page and an error message saying that the browser cannot
connect to the page. I don't understand why because:
- I can ping my IP from the distant computer
- I have an SHH and an FTP server installed and I can access them from
distant machines with no problems
- I do not have a firewall blocking port 80
- I cannot see any access restriction in the default httpd2.conf I'm using.
any help would be welcome. I have the feeling that I'm missing something
obvious but I really can't find what.
thank you in advance.
JiHO.
PS:my httpd2.conf (if any other material is needeed I will send it):
### Main Configuration Section
### You really shouldn't change these settings unless you're a guru ###
ServerRoot /etc/httpd/2.0 #ServerName localhost #LockFile
/etc/httpd/httpd.lock PidFile /var/run/httpd.pid ErrorLog logs/error_log
LogLevel warn DocumentRoot /var/www/html
### Dynamic Shared Object (DSO) Support
###
### You should always leave those three, as they are needed for ### normal
use.
### mod_access (Order, Allow, etc..)
### mod_log_config (Transferlog, etc..)
### mod_mime (AddType, etc...)
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
##LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
##LoadModule charset_lite_module modules/mod_charset_lite.so
##LoadModule case_filter_module modules/mod_case_filter.so
##LoadModule case_filter_in_module modules/mod_case_filter_in.so
##LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
##LoadModule mime_magic_module modules/mod_mime_magic.so
##LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
##LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
##LoadModule cgid_module modules/mod_cgid.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
##LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
###
### Global Configuration
###
# We now support multiple apache configurations on the same server. In #
common.conf, we put all directives that are common to all implementations #
(httpd, httpd-perl, etc.) # For Apache2 we load all conf files in conf.d
Include /etc/httpd/conf.d/*.conf Include conf/commonhttpd.conf
###
### IP Address/Port and Proxied configuration section ### # The
APACHEPROXIED setting can be set in /etc/rc.d/init.d/httpd if you # are
using a proxy or accelerator, like the Apache-SGI or khttpd, so that # the
fast web server serves static content while Apache handles the # cgi or php
files
#BindAddress *
<IfDefine APACHEPROXIED>
Listen 8080
</IfDefine>
<IfDefine !APACHEPROXIED>
Listen 80
</IfDefine>
# Likewise, we can set apache as the server by default and send perl #
requests via ProxyPass to apache-mod_perl. It increases performance # since
the perl interpreter is only used for perl and the standard apache # does
all the html and image files, with a smaller footprint.
#
# If you install apache and apache-mod_perl, this is the default config.
# If you don't want two web servers to use perl, uninstall apache, and #
apache-mod_perl will not be proxied.
<IfDefine PERLPROXIED>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^proxy:.* - [F]
RewriteRule ^(.*\/perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
RewriteRule ^(.*\/cgi-perl\/.*)$ http://%{HTTP_HOST}:8200$1 [P]
</IfModule> </IfDefine>
###
### Log configuration Section
###
<IfModule mod_log_config.c>
#Single logfile with access, agent and referer information #This is the
default, if vlogs are not defined for the main server CustomLog
logs/access_log combined env=!VLOG #If VLOG is defined in
conf/vhosts/Vhost.conf, we use this entry CustomLog
"|/usr/sbin/advxsplitlogfile" vhost env=VLOG </IfModule>
###
### Virtual Hosts
###
# We include different templates for Virtual Hosting. Have a look in the #
vhosts directory and modify to suit your needs.
Include conf/vhosts/Vhosts.conf
#Include conf/vhosts/DynamicVhosts.conf
#Include conf/vhosts/VirtualHomePages.conf
###
### Performance settings Section
###
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300
#
# KeepAlive: Whether or not to allow persistent connections (more than # one
request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow # during a
persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 15
# prefork MPM [THIS IS THE DEFAULT]
# StartServers: number of server processes to start # MinSpareServers:
minimum number of server processes which are kept spare # MaxSpareServers:
maximum number of server processes which are kept spare # MaxClients:
maximum number of server processes allowed to start # MaxRequestsPerChild:
maximum number of requests a server process serves <IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start # MaxClients:
maximum number of simultaneous client connections # MinSpareThreads: minimum
number of worker threads which are kept spare # MaxSpareThreads: maximum
number of worker threads which are kept spare # ThreadsPerChild: constant
number of worker threads in each server process # MaxRequestsPerChild:
maximum number of requests a server process serves <IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
# perchild MPM
# NumServers: constant number of server processes # StartThreads: initial
number of worker threads in each server process # MinSpareThreads: minimum
number of worker threads which are kept spare # MaxSpareThreads: maximum
number of worker threads which are kept spare # MaxThreadsPerChild: maximum
number of worker threads in each server process # MaxRequestsPerChild:
maximum number of connections per server process <IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
</IfModule>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org