I'm involved in migrating an existing, functional JSP/Struts2 app from Windows to Linux.
The former Windows environment was a Tomcat/Struts/Eclipse setup. The new environment is a standalone installation of Tomcat (which is already configured and serving several other applications).
The app in question, "MyJSPWebsite", was copied to the Linux/Tomcat webapps folder and correct permissions assigned. The database (mysql) was also copied over with user permissions established.
The site now opens, but none of the struts enabled content is functioning. For example, a drop-down list of data is not being populated. I'm not seeing any error SQL messages in catalina.out, and the username/password & query work fine from command line.
Are there separate, core struts files that have to be installed outside of those already included in the webapps/MyJSPWebsite folder?
post a comment
Hi all,
I have a few servers that run suphp, so basically all incoming requests are logged in suphp_log. What I found amazing is that pretty much all malformed requests (like attempting to execute a javascript in improper places or scan for phpmyadmin scripts or something similar) are, pretty much, the only requests that are logged in access_log (except for WHM status requests).
My question is - is there any automated tool that looks into access_log every now and then and comprises a report of such entries? I am no *nix admin, so I would appreciate any advise and leads.
Thanks a lot!
post a comment
Hello,
i would like to do this:
RedirectMatch 301 (.*)\.html$ $1
RedirectMatch 301 (.*)\.htm$ $1
but not to files in sub folders.
could some one please tell me how to do it?
thank you
3 comments | post a comment
Hi everybody,
first time poster.
This has me a little perplexed.
I don't have shell access to this machine so i can't check logs and such to see what is actually going on, but my .htaccess script works fine under http, but it fails to accept the same password with https accesss.
my thought is that perhaps there is some form of authentication difference, or perhaps i need to rebuild my .htpasswd file again.
however this is my .htaccess file
AuthUserFile /full/os/path/to/file/.htpasswd
AuthType Basic
AuthName "Admin Folder"
Require valid-user any ideas? ---- UPDATED 2008:10:08 ----got this from their tech today. > Subject: Re: Re: Https and basic authentication under apache. > > haven't had any success as yet. > > the problem appears to be that the username is being "lost" when > authenticating via the SSL server.. (the error_log shows a "blank > space" where the username should be....) >
2 comments | post a comment
Hi,
I'm looking for a way to construct a RewriteCond that returns true only when a URL is requested without proper HTTP authentication. (The rewrite rule will generate a 301 redirect forcing the request through a proxy, where proper HTTP auth will allow direct access). So far, The Googles have not been helpful; anyone here have an idea?
Effectively, I want
http://user:pass@example.com/path/to/object
to return the object directly, but
http://user:badpass@example.com/path/to/object
or
http://example.com/path/to/object
will return a 301 to:
http://proxy.example.com/path/to/object
(The proxy will use the proper u/p to access the server, so we won't have a redirect loop...)
3 comments | post a comment
Is there a non-telnet method of confirming whether TRACE is turned off? I've added TraceEnable off to my conf file but want to make sure everything is OK. Telnet is disabled on my server.
1 comment | post a comment
svn came installed on my RHEL5 box and I am working on configuring the system for use with Apache.
I am using the following tutorial: http://www.howtoforge.com/apache_subversion_repository_p2
Everything seemed OK (no errors) until the section "Setting up the initial repository layout:". When issuing the third command:
svn import /tmp/subversion-layout/ http://127.0.0.1/subversion/ The system returned the following error: [user@myserver directory]# svn import -m /tmp/svnmessage /tmp/subversion-layout/ http://127.0.0.1/subversion/svn: PROPFIND request failed on '/subversion' svn: PROPFIND of '/subversion': 405 Method Not Allowed ( http://127.0.0.1) I did not restart apache before issing the svn import command - is that necessary? Also, I created all of the directories as root. Would that cause this problem?
post a comment
So, three sites are hosted on a single RHEL5 box, with Apache 2x serving pages. Apache is using IP based virtual hosts.
Every once in a blue moon I try to access one of the sites and receive network timeout errors (doesn't matter if I access via IP or domain name). The other two sites are still up and serving pages quickly - no slowdown or timeouts.
After several minutes the network timeouts go away on their own.
Any ideas?
3 comments | post a comment
My server seems to think the following is PHP and serve it as such:
http://www.perturb.org/tmp/test.php.foo.bar
However... the same file (symlinked)
http://www.perturb.org/tmp/test.php.txt
Is served as text. In fact it appears that apache servers the content as whatever the "last recognizable" extension. Shouldn't apache only server files that END in .php as php files?
The configuration is very simple:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
2 comments | post a comment
When my system reboots Apache needs the passphrase to start. I'd like to remove this prompt so the server can start without human intervention. So, according to the docs I can do this:
openssl rsa -in server.key.current -out server.key.new
But I wasn't prompted to enter my passphrase when issuing this command. The resulting outfile is identical to server.key.current.
Suggestions?
post a comment
| Poster: |  ne_zanimatj |
| Date: | 2008-03-05 11:50 |
| Subject: | |
| Security: | Public |
Good day,
Can I somehow set specific virtualhost for resolving of unregistered in our system domains?
Thanks
post a comment
Some of our IE7 users receive security certificate mismatch warnings with every secure page view on subdomain.domain.net. The cert was originally issued to www.domain.net.
Is it possible to add aliases to existing certificates (my hunch is no, but I'm not well versed on them)?
1 comment | post a comment
I've thought of adding MediaWiki to my site just to make it super easy to add content whenever I wanted. I know I could make Apache serve the wiki user page if the ~username URL was requested, but is it possible to make it do that only if it couldn't be found in the more traditional location (like his home dir) first? Would that require some kind of handler script?
post a comment
Anyone here in Atlanta at ApacheCon?
Look for the guy in black with the pipe in one hand and a book in the other. That's me.
post a comment
Our project is interested in buying a solid analytics application for several sites hosted on an Apache server. What are our best options?
1 comment | post a comment
I want to generate links with my code like "index_flotsam.php" and "index_jetsam.php" and have apache ignore everything but "index.php". So if the user clicks on "index_flotsam.php" it will just take them to the file "index.php" but will still display the url "index_flotsam.php". I'm using Apache 2.2.4. I have a feeling I could probably do this with the FilesMatch directive, but I'm not entirely sure how. Any ideas?
Thanks!
4 comments | post a comment
We bought a certificate for a domain. I've set up a few sites with ssl before this, so I was careful to enter the FQDN in my csr request. A day later Verisign sent the cert in an email, which we copied into a sitename.crt file on the server. I made an unecrypted version of the key so I wouldn't have to enter the passphrase every time Apache starts. (yes I entered the passphrase, which was accepted)
So - I start the server without errors. When I access the site using https://sitename, the browser returns a certificate mismatch error. The cert details appear with localhost, localdomain, ect, which is not what I entered when creating the csr & key.
<VirtualHost 1.2.3.4:443>
ServerName sitename.department.domain.ext
ServerAdmin abc@123.def
DocumentRoot /www/virtualhosts/sitename
ErrorLog /var/log/httpd/sitename-error_log
CustomLog /var/log/httpd/sitename-access_log common
SSLEngine On
SSLCertificateFile /usr/local/ssl/crt/sitename.crt
SSLCertificateKeyFile /usr/local/ssl/crt/sitename_unencrypted.key
SSLCACertificateFile /usr/local/ssl/crt/intermediate.crt
</VirtualHost>
Is there a way to print out the details listed in a crt file, from command line? Can I do the same with the original csr file?
post a comment
I guess lots of people (including me) are having problems getting Apache to work on Vista. I don't know if anyone's already posted this solution, but I pieced it together from a few different sites that each offered their own little tidbit. I hope this helps someone:
1) if you have already been trying to make this work, make sure you completely remove and detele all evidence of apache 2.2.4 from your computer: program files, registry, etc. if you haven't had a failed install attempt and you're starting fresh, go on to step 2.
2) turn off User Access Control
2) run cmd.exe as an administrator. you can do this by right-clicking on the link in the start menu program list.
3) from the command line, go to the directory your apache msi file is in. enter: "msiexec /i .msi" (without the quotes obviously)
5) let the program run, check off everything as you see fit. when the program has finished running, it will most likely display an error popup. close this.
6) back on the command line (still running as administrator), go to \bin and enter: "httpd -k install"
7) now apache should show up as a service. but you're not done yet! go to the apache monitor/control thingy in your start menu. right-click it and go to properties->compatibility. set the compatibility mode to winxp sp2.
8) that's it! you may want to start your apache control, but it will run now without that.
post a comment
I created two name-based virtual hosts
NameVirtualHost *:80
<VirtualHost *:80>
ServerName siteone.subX.subY.com
ServerAdmin me@me.com
DocumentRoot /www/virtualhosts/siteone
ErrorLog /var/log/httpd/siteone-error_log
CustomLog /var/log/httpd/siteone-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerName sitetwo.subX.subY.com
ServerAdmin me@me.com
DocumentRoot /www/virtualhosts/sitetwo
ErrorLog /var/log/httpd/sitetwo-error_log
CustomLog /var/log/httpd/sitetwo-access_log common
</VirtualHost>
Shouldn't I be able to test them by adding entries in my local hosts file, and accessing via http://sitetwo.subX.subY.com? Well, when I do that, the site that displays is actually site one.subX.subY.com. So it's always displaying the default VH, no matter what domain I use.
4 comments | post a comment
Can Apache run under different instances, so that we can direct traffic to each Virtual Host under a different instance. Would doing so offer better security than simply using virtual hosting? One of our sites is internal, the others are public. We want to keep the internal site locked down extremely tight.
In that same light, is it possible to have different SSL certs for different Virtual Hosts running on the same physical box (under one IP)?
Thanks for suggestions/pointers.
7 comments | post a comment
|
blah