I am trying to have PAM to use the hosting system's "passwd" and "shadow" file to authenticate a user who is using the web application. I am using RedHat 6, Apache is 2.2, module mod_authnz_pam for the Apache. PAM in apache (httpd.conf) is configured as such: AuthType Basic AuthName "basic_auth" AuthBasicProvider PAM AuthPAMService httpd Require valid-user I created a file named httpd in /etc/pam.d with the following configuration: auth required pam_unix.so account required pam_unix.so session required pam_unix.so SELinux is enabled. getenforce returns "Enforcing".  I also ran the following setsebool -P allow_httpd_mod_auth_pam 1 So I get prompted asking for user credentials when I try to visit the IP address. But when I entered my system credentials, I get the following logs > unix_chkpwd: check pass; user unknown > > unix_chkpwd: password check failed for user (username) > > localhost httpd: pam_unix(httpd:auth): authentication failure; > logname= uid=48 euid=48 tty= ruser= rhost=xxx.xx.xx.x user=username My user name definitely exists in passwd and shadow file, but somehow PAM is saying it doesn't exist. What else am I missing?

I've got a production server with **Apache 2.4.38** on **Debian 10** and sometimes the web server doesn't function properly and doesn't immediately send a response to the HTTP requests it gets (All virtual hosts requests on it are completely unresponsive (no matter what they reverse proxy to)). After a restart it immediately fixes itself or after being like this a while (seconds or even minutes) and starts sending A LOT of HTTP responses all of a sudden.

CPU and RAM usage seem to be fine, so it's definitely not that. I don't know what exactly is going on and why it's doing this. I've also changed mpm_event.conf settings, they currently are set to this:

StartServers                     2
        ServerLimit 100
        MinSpareThreads          25
        MaxSpareThreads          75
        ThreadLimit                      128
        ThreadsPerChild          25
        MaxRequestWorkers         400
        MaxConnectionsPerChild   5000

There are some errors I've seen in the Apache error log though:

[Tue Mar 22 19:53:38.339703 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 29595 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.339777 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 26190 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.339825 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 27903 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.339889 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 16907 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.339933 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 26880 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.340000 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 15384 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.340041 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 24971 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.340091 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 9780 still did not exit, sending a SIGKILL
[Tue Mar 22 19:53:38.340130 2022] [core:error] [pid 3375:tid 140244229465216] AH00046: child process 26317 still did not exit, sending a SIGKILL

What settings can I change that would fix this issue?

I have a redirect problem with 'RewriteRule', i have this in mt .htaccess: RewriteCond %{HTTP_HOST} ^foo.domain.com RewriteRule ^(.*)$ http://www.domain.com/foo/$1 [R=permanent,L] If i go to foo.domain.com redirect to www.domain.com/foo/ and it's ok, instead i go to foo.domain.com/bar i have an error, must go to www.domain.com/foo/bar. Where is error?

I have a CentOS 7 VPS where I am trying to install virtual host following the instruction from https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-7 . I have completed step five of this tutorial. Then when I try to restart apache I failed: $ sudo apachectl restart [sudo] password for student01: Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. $ sudo systemctl status httpd.service -l ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since বুধ 2018-04-11 14:29:55 +06; 4min 13s ago Docs: man:httpd(8) man:apachectl(8) Process: 11116 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE) Process: 11115 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Main PID: 11115 (code=exited, status=1/FAILURE) এপ্রি 11 14:29:55 localhost.localdomain systemd: Starting The Apache HTTP Server... এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service: main process exited, code=exited, status=1/FAILURE এপ্রি 11 14:29:55 localhost.localdomain kill: kill: cannot find process "" এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service: control process exited, code=exited status=1 এপ্রি 11 14:29:55 localhost.localdomain systemd: Failed to start The Apache HTTP Server. এপ্রি 11 14:29:55 localhost.localdomain systemd: Unit httpd.service entered failed state. এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service failed. Now, What can I do? **Edit** /var/log/httpd/error_log [Sun Apr 08 03:23:02.040472 2018] [auth_digest:notice] [pid 20339] AH01757: generating secret for digest authentication ... [Sun Apr 08 03:23:02.041376 2018] [lbmethod_heartbeat:notice] [pid 20339] AH02282: No slotmem from mod_heartmonitor [Sun Apr 08 03:23:02.094944 2018] [mpm_prefork:notice] [pid 20339] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 configured -- resuming normal operations [Sun Apr 08 03:23:02.094956 2018] [core:notice] [pid 20339] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' [Sun Apr 08 05:35:00.720095 2018] [autoindex:error] [pid 30351] [client 66.102.6.114:59512] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 09:42:05.222459 2018] [autoindex:error] [pid 30347] [client 52.34.24.33:31614] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 11:06:56.497939 2018] [autoindex:error] [pid 30790] [client 54.145.188.132:22136] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 14:13:12.731870 2018] [autoindex:error] [pid 32239] [client 185.198.167.29:51750] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 19:06:12.521882 2018] [autoindex:error] [pid 30348] [client 180.234.211.210:57961] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 19:06:15.004820 2018] [autoindex:error] [pid 30790] [client 159.203.81.93:36934] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive, referer: http://csedu.cf/noindex/css/open-sans.css [Sun Apr 08 21:20:59.825782 2018] [autoindex:error] [pid 1338] [client 66.102.6.114:52716] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 00:25:17.935192 2018] [autoindex:error] [pid 30348] [client 178.73.215.171:58579] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 02:50:04.593613 2018] [autoindex:error] [pid 30351] [client 141.8.142.139:50790] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 03:17:12.517868 2018] [autoindex:error] [pid 30347] [client 222.186.173.47:3128] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 04:10:37.253275 2018] [autoindex:error] [pid 31639] [client 164.132.91.1:38580] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 05:38:34.833406 2018] [autoindex:error] [pid 30350] [client 66.249.70.23:49821] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 05:42:25.297309 2018] [autoindex:error] [pid 30790] [client 66.102.6.118:49432] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 08:37:04.505363 2018] [autoindex:error] [pid 1338] [client 66.249.64.17:47360] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 11:34:29.890432 2018] [autoindex:error] [pid 30349] [client 60.10.114.129:4892] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 12:21:16.013396 2018] [autoindex:error] [pid 30351] [client 66.249.64.147:61628] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 13:16:44.877416 2018] [autoindex:error] [pid 30348] [client 66.249.64.18:48720] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 13:28:05.782783 2018] [autoindex:error] [pid 31639] [client 54.67.59.131:47628] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 15:59:59.764704 2018] [autoindex:error] [pid 30349] [client 66.102.6.116:50307] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:48:48.419540 2018] [autoindex:error] [pid 30349] [client 211.23.154.138:44382] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:49:19.596952 2018] [autoindex:error] [pid 30790] [client 146.185.223.240:61291] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:49:25.365282 2018] [:error] [pid 32239] [client 146.185.223.240:53694] script '/var/www/html/xmlrpc.php' not found or unable to stat [Mon Apr 09 20:49:30.881307 2018] [autoindex:error] [pid 1338] [client 146.185.223.240:57697] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 21:59:59.860423 2018] [autoindex:error] [pid 30790] [client 52.41.211.72:54578] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 22:40:17.025377 2018] [autoindex:error] [pid 32239] [client 66.102.6.118:63371] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 23:54:26.754931 2018] [autoindex:error] [pid 30350] [client 141.8.142.139:44732] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 02:04:12.364159 2018] [autoindex:error] [pid 30350] [client 66.249.64.17:46304] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 04:31:13.380666 2018] [autoindex:error] [pid 30349] [client 66.249.79.21:45988] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:11:35.587141 2018] [autoindex:error] [pid 32239] [client 66.249.79.19:52379] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:41:26.176137 2018] [autoindex:error] [pid 1338] [client 66.102.6.118:51864] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:57:36.520454 2018] [autoindex:error] [pid 30347] [client 66.249.79.110:36194] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 12:44:25.251573 2018] [autoindex:error] [pid 32239] [client 52.34.24.33:60587] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:08:39.896323 2018] [autoindex:error] [pid 1338] [client 141.8.142.139:53710] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:31:14.603115 2018] [autoindex:error] [pid 30790] [client 180.234.211.210:44472] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:42:16.181640 2018] [autoindex:error] [pid 30351] [client 107.170.192.57:54176] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 16:31:20.752769 2018] [autoindex:error] [pid 30349] [client 196.52.43.109:6666] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 17:43:24.572519 2018] [autoindex:error] [pid 1338] [client 66.102.6.118:64283] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 23:32:45.653283 2018] [mpm_prefork:notice] [pid 20339] AH00170: caught SIGWINCH, shutting down gracefully (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs

How do I manually update the certificates that Certbot would normally update? I did not change anything in my system so I am assuming it is because I have CentOS 6. I also have Apache. How do I update the certificates manually? SUBJECT: Cron scl enable python27 "/root/certbot-auto renew --quiet" Your system is not supported by certbot-auto anymore. Certbot will no longer receive updates. Please visit https://certbot.eff.org/ to check for other alternatives.

I have spent some time searching online but none of what I found seems to help. I'm running CentOS 6 64bit and would like to compile Apache with mod_ssl and need to link it to my own OpenSSL build (which is newer than the OS provided version). OpenSSL 1.1.0i is configured with: ./config --prefix=/opt/openssl-1.1.0 --openssldir=/opt/openssl-1.1.0 shared Apache 2.4 is configured with: ./configure --enable-layout=mycustomlayout \ --prefix=/opt/httpd-2.4.34 \ --exec-prefix=/opt/httpd-2.4.34 \ --with-mpm=prefork \ --enable-so \ --enable-ssl \ --with-ssl=/opt/openssl-1.1.0 \ --enable-cgi \ --enable-http2 \ --enable-proxy-http2 \ --with-included-apr It appears to compile just fine but mod_ssl isn't aware of where OpenSSL 1.1.0 is installed: [root@host .libs]# ldd ./mod_ssl.so | grep -iP 'ssl|crypto' libssl.so.1.1 => not found libcrypto.so.1.1 => not found And so only works when you explicitly tell it where to look: [root@host .libs]# export LD_LIBRARY_PATH=/opt/openssl-1.1.0/lib:$LD_LIBRARY_PATH [root@host .libs]# ldd ./mod_ssl.so | grep -iP 'ssl|crypto' libssl.so.1.1 => /opt/openssl-1.1.0/lib/libssl.so.1.1 (0x00007f069149a000) libcrypto.so.1.1 => /opt/openssl-1.1.0/lib/libcrypto.so.1.1 (0x00007f069100a000) Even building mod_ssl statically into httpd binary with --enable-mods-static=ssl doesn't help. I tried --enable-ssl, --enable-ssl --enable-ssl-staticlib-deps, and --enable-ssl --enable-ssl-staticlib-deps --enable-mods-static=ssl and still the same result: libssl.so.1.1 => not found libcrypto.so.1.1 => not found Also tried, without luck, setting these variables before ./configure: export PKG_CONFIG_PATH=/opt/openssl-1.1.0/lib/pkgconfig:$PKG_CONFIG_PATH \ LD_LIBRARY_PATH=/opt/openssl-1.1.0/lib:$LD_LIBRARY_PATH \ LDFLAGS="-L/opt/openssl-1.1.0/lib" I know I can just add to /etc/ld.so.conf.d to autoload the new OpenSSL library or adjust Apache's init script to add to LD_LIBRARY_PATH but I'd much prefer to have it working properly, have the program where to look for libssl.so / libcrypto.so, just like my PHP build: [root@host php]# export PKG_CONFIG_PATH=/opt/openssl-1.1.0/lib/pkgconfig:$PKG_CONFIG_PATH \ LD_LIBRARY_PATH=/opt/openssl-1.1.0/lib:$LD_LIBRARY_PATH \ LDFLAGS="-L/opt/openssl-1.1.0/lib" \ PHP_PREFIX=/opt/php-7.2.9 \ EXTENSION_DIR=$PHP_PREFIX/usr/lib64/php/modules [root@host php]# ./configure […] \ --with-imap=shared \ --with-imap-ssl \ --with-openssl=shared \ --with-openssl-dir=/opt/openssl-1.1.0/bin [root@host php]# make [root@host php]# unset PKG_CONFIG_PATH LD_LIBRARY_PATH LDFLAGS [root@host modules]# ldd ./openssl.so | grep -iP 'ssl|crypto' libssl.so.1.1 => /opt/openssl-1.1.0/lib/libssl.so.1.1 (0x00007fc2220a6000) libcrypto.so.1.1 => /opt/openssl-1.1.0/lib/libcrypto.so.1.1 (0x00007fc221c17000) What am I doing wrong? Could this be a bug?

I'm trying to replace a Directory option from apache configuration with sed replace command, but I cannot understand why it doesn't work; it changes nothing. What I'm missing? This is the config example: # Sets the default security model of the Apache2 HTTPD server. It does # not allow access to the root filesystem outside of /usr/share and /var/www. # The former is used by web applications packaged in Debian, # the latter may be used for local directories served by the web server. If # your system is serving content from a sub-directory in /srv you must allow # access here, or in any related virtual host. Options FollowSymLinks AllowOverride None Require all denied AllowOverride None Require all granted Options Indexes FollowSymLinks AllowOverride None Require all granted And this is my sed command, which unfortunately makes no changes: sed -E 's/()/\1All\2/' /etc/apache2/apache2.conf (-i option is missing for testing purposes) My goal is to set AllowOverride All only to `` sentence.

I am using Pacemaker with Corosync to set up a basic Apache HA cluster with 3 nodes running CentOS7. For some reasons, I cannot get the apache resource started in pcs. Cluster IP: 192.168.200.40 # pcs resource show ClusterIP Resource: ClusterIP (class=ocf provider=heartbeat type=IPaddr2) Attributes: cidr_netmask=24 ip=192.168.200.40 Operations: monitor interval=20s (ClusterIP-monitor-interval-20s) start interval=0s timeout=20s (ClusterIP-start-interval-0s) stop interval=0s timeout=20s (ClusterIP-stop-interval-0s) # pcs resource show WebServer Resource: WebServer (class=ocf provider=heartbeat type=apache) Attributes: configfile=/etc/httpd/conf/httpd.conf statusurl=http://localhost/server-status Operations: monitor interval=1min (WebServer-monitor-interval-1min) start interval=0s timeout=40s (WebServer-start-interval-0s) stop interval=0s timeout=60s (WebServer-stop-interval-0s) # pcs status Cluster name: WARNING: corosync and pacemaker node names do not match (IPs used in setup?) Stack: corosync Current DC: server3.example.com (version 1.1.18-11.el7_5.2-2b07d5c5a9) - partition with quorum Last updated: Thu Jun 7 21:59:09 2018 Last change: Thu Jun 7 21:45:23 2018 by root via cibadmin on server1.example.com 3 nodes configured 2 resources configured Online: [ server1.example.com server2.example.com server3.example.com ] Full list of resources: ClusterIP (ocf::heartbeat:IPaddr2): Started server2.example.com WebServer (ocf::heartbeat:apache): Stopped Failed Actions: * WebServer_start_0 on server3.example.com 'unknown error' (1): call=49, status=Timed Out, exitreason='', last-rc-change='Thu Jun 7 21:46:03 2018', queued=0ms, exec=40002ms * WebServer_start_0 on server1.example.com 'unknown error' (1): call=53, status=Timed Out, exitreason='', last-rc-change='Thu Jun 7 21:45:23 2018', queued=0ms, exec=40003ms * WebServer_start_0 on server2.example.com 'unknown error' (1): call=47, status=Timed Out, exitreason='', last-rc-change='Thu Jun 7 21:46:43 2018', queued=1ms, exec=40002ms Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled The httpd instance is **enabled** and **running** on all three nodes. The cluster IP and individual node IPs are able to access the web page. The ClusterIP resource also works well for failover. What may go wrong for the apache resource in this case? Thank you very much! Update: Here is more information from the debug output. It seems the Apache is unable to bind to the port, but there is no error from the apache log, and systemctl status httpd gave all green on all nodes. I can open web pages via the cluster IP and each every node IP. The ClusterIP resource failover works fine, too. Any idea on why Apache resource doesn't work with pacemaker? # pcs resource debug-start WebServer --full Operation start for WebServer (ocf:heartbeat:apache) failed: 'Timed Out' (2) > stderr: ERROR: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:80 (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down AH00015: Unable to open logs > stderr: INFO: apache not running > stderr: INFO: waiting for apache /etc/httpd/conf/httpd.conf to come up > stderr: INFO: apache not running > stderr: INFO: waiting for apache /etc/httpd/conf/httpd.conf to come up > stderr: INFO: apache not running > stderr: INFO: waiting for apache /etc/httpd/conf/httpd.conf to come up > stderr: INFO: apache not running

I have a litle problem with my virtual host configuration on Apache2. Context : I have a Raspberry Pi with Apache2 installed. I want to access to my test directory in : "/var/www/html/test". So I modified my 000-default.conf in "/etc/apache2/sites-available" like this and this worked: ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined NameVirtualHost 192.168.1.29:80 ServerName raspyvan DocumentRoot /var/www/html/test # vim: syntax=apache ts=4 sw=4 sts=4 sr noet *(raspyvan is my servername on my router ans host file)* But I would deny the access with IP adress "192.168.1.29" So I modified in a second time my 000-default.conf file like this : Listen 192.168.1.29:80 ServerName DefaultServer DocumentRoot /var/www/html NameVirtualHost 192.168.1.29:80 ServerName 192.168.1.29 Deny from all ServerName raspyvan DocumentRoot /var/www/test # vim: syntax=apache ts=4 sw=4 sts=4 sr noet Now the problem is that the access by IP and hostname are denied and I don't know why. Edit : My nameserver is apply on the DNS router config and hosts apache file.

My error_log is filling up with tons of entries like: www.mine.com [Sun Dec 29 09:29:59 2024] [warn] [pid 903933] ssl_engine_mutex.c(105): (22)Invalid argument: [client AH02027: Failed to release SSL session cache lock www.mine.com [Sun Dec 29 09:30:00 2024] [warn] [pid 1177911] ssl_engine_mutex.c(92): (22)Invalid argument: [client AH02026: Failed to acquire SSL session cache lock www.mine.com [Sun Dec 29 09:30:00 2024] [warn] [pid 1177911] ssl_engine_mutex.c(105): (22)Invalid argument: [client AH02027: Failed to release SSL session cache lock www.mine.com [Sun Dec 29 09:30:00 2024] [warn] [pid 1177911] ssl_engine_mutex.c(92): (22)Invalid argument: [client AH02026: Failed to acquire SSL session cache lock www.mine.com [Sun Dec 29 09:30:00 2024] [warn] [pid 1177911] ssl_engine_mutex.c(105): (22)Invalid argument: [client AH02027: Failed to release SSL session cache lock The host solved it at first with: > I've set the following option in your MySQL configuration file: > > log_warnings = 0 > > This will prevent the logging of warnings, but won't interfere with > normal error logging. But after another MySQL upgrade they now say: > This should be resolved now. The problem was the old setting used to > suppress these of "log_warnings" was deprecated in 5.7 and removed in > mySQL 8.0. I have updated the configuration file with the new mySQL > directive below. > > log_error_verbosity = 1 > > This will result in the same behavior of warnings being suppressed and > only actual errors will be logged going forward. It didn't work so they replied back: > Our lead sysadmin has looked into this and unfortunately could not > find a way to suppress those warnings, so I'm afraid those are > "normal" for all intents and purposes. They provided some additional information: > The only mutex value set in any of the active Apache configuration > files is the following: > > Mutex default:/usr/nobody > > 'DUMP_RUN_CFG' returns these mutex values: > > Mutex default: dir="/usr/nobody" mechanism=default Mutex > ssl-cache: using_defaults Mutex mpm-accept: using_defaults Mutex > authdigest-opaque: using_defaults Mutex rewrite-map: using_defaults > Mutex ssl-stapling-refresh: using_defaults Mutex authdigest-client: > using_defaults Mutex ssl-stapling: using_defaults Mutex proxy: > using_defaults > > There had been a reported bug that caused this error in much earlier > versions of Ubuntu + Apache, such as: > > https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1565744 > > but in those cases the mutex mechanism returned by 'DUMP_RUN_CFG' was: > > mechanism=fcntl > > and we haven't been able to find anything relevant to the version of > Apache running on your server (2.4.62). Does anyone know how to stop all this logging, it makes it hard to find actual things in error_log that need to be looked at. TIA!!

I'm running Apache with PHP-FPM on a RHEL 9 server. After updating Apache from version 2.4.57 to 2.4.62, all HTTP responses now include the T**ransfer-Encoding: chunked** header, even when the PHP script explicitly sets the Content-Length header. I haven't made any changes to the Apache or PHP configuration files. Here’s a simple PHP script I used to test the response behavior. When I run this on Apache 2.4.57, it works correctly and the response includes the **Content-Length** header. However, the same PHP script on Apache 2.4.62 results in a response with the **Transfer-Encoding: chunked** header instead. true]); header("Content-length: ".strlen($response)); header("Content-type: application/json"); echo($response); ?> Here is my site conf file LoadModule rewrite_module modules/mod_rewrite.so LoadModule status_module modules/mod_status.so Listen 443 ServerAdmin admin@smartySSL.com DocumentRoot /var/www/smarty SSLEngine On SSLOptions +StrictRequire SSLProtocol +TLSv1.2 -TLSv1.1 -TLSv1 -SSLv3 SSLCipherSuite HIGH:!MEDIUM:!LOW:!NULL:!aNULL:!MD5:!RC4 SSLCertificateFile /etc/pki/tls/certs/ca.crt SSLCertificateKeyFile /etc/pki/tls/private/ca.key KeepAliveTimeout 10 SetEnvIf Request_URI ".*" no-gzip SetEnv proxy-sendcl LogLevel proxy:trace6 TraceEnable Off Options -Indexes # Proxy declaration # we must declare a parameter in here (doesn't matter which) or # it'll not register the proxy ahead of time ProxySet disablereuse=off # Note: If you configure php-fpm to use the "pm = ondemand" #then use "ProxySet disablereuse=on" SetHandler proxy:fcgi://php-fpm SetEnv proxy-sendcl 1 LogLevel debug ErrorLog logs/smartySSL.com-error.log LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\" \"%{Connection}i\" %k" my_combined CustomLog logs/smartySSL.com-access.log my_combined Alias /prodTest /var/www/prod_testing_smarty #disabilita il listing Options -Indexes Require ip 127.0.0.1 SetHandler server-status Allow from 127.0.0.1 Allow from ::1 Deny from all Order Allow,Deny Allow from 127.0.0.1 Allow from ::1 ProxyPass unix:/run/php-fpm/www.sock|fcgi://localhost/fpm-status RewriteEngine on RewriteRule ^/TcpWeb/rest/FWUpdate/(v[0-9]+)/([A-Z][0-9]+) /rest/get_fwUpdate.php?version=$1&id=$2&%{QUERY_STRING} [END] RewriteCond %{QUERY_STRING} ^([^&]+) RewriteRule ^/TcpWeb/rest/GetAll/(v[0-9]+)/([A-Z][0-9]+)/?$ /rest/get_all.php?version=$1&id=$2&%{QUERY_STRING} [END] RewriteRule ^/TcpWeb/rest/PutAll/(v[0-9]+)/([A-Z][0-9]+) /rest/put_all.php?version=$1&id=$2 [END] RewriteRule ^/TcpWeb/rest/DiagnosticLog/(v[0-9]+)/([A-Z][0-9]+) /rest/put_diagnosticLog.php?version=$1&id=$2 [END] RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* -[F] I can't use **Transfer-Encoding: chunked** header since is not supported by our embedded devices. Any ideas ? Thanks

My server information is Server version: Apache/2.4.6 (CentOS) Server built: Nov 19 2015 21:43:13 I am trying to configure virtual host for 2 different sites: biz.example.com and pin.example.com which are hosted on the same server. There are 2 different folders located under 'var/www/html/' named 'biz' and 'pin' with their respected project files for the above mentioned 2 websites. I am trying to configure it on the below way. Within /etc/hosts below configuration 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 xxx.xxx.xxx.xxx biz.example.com xxx.xxx.xxx.xxx pin.example.com xxx.xxx.xxx.xxx is replaced by the server IP address. Within /etc/httpd/conf/httpd.conf IncludeOptional sites-enabled/*.conf Now, under /etc/httpd/sites-available there are biz.conf and pin.conf file. I also have the folder sites-enabled under /etc/httpd which has 2 files that points to the biz.conf and pin.conf of sites-available folder using the below command ln -s /etc/httpd/sites-available/biz.conf /etc/httpd/sites-enabled/biz.conf ln -s /etc/httpd/sites-available/pin.conf /etc/httpd/sites-enabled/pin.conf biz.conf has the followings ServerName http://biz.example.com/ ServerAlias http://biz.example.com/ DocumentRoot "/var/www/html/biz" Options Indexes FollowSymLinks AllowOverride all Order Deny,Allow Allow from 127.0.0.1 And the configuration within pin.conf file is mentioned as ServerName http://pin.example.com/ ServerAlias http://pin.example.com/ DocumentRoot "/var/www/html/pin" Options Indexes FollowSymLinks AllowOverride all Order Deny,Allow Allow from 127.0.0.1 On this setup, if i try to access http://biz.example.com/ , the correct website (biz website) is loading. But if i try to access http://pin.example.com/ , then also biz website is loading instead of pin website. Multiple configuration is not working together. I also tried to merge the virtual configuration of biz.conf and pin.conf within a single file, biz.conf, but it didn't work as well.

I'm trying to install apache2.4.23 on centos 6.8 and i'm getting this : ab.c: In function 'main': ab.c:2398: warning: implicit declaration of function 'SSLv2_client_method' ab.c:2398: warning: assignment makes pointer from integer without a cast ab.c:2412: warning: 'TLSv1_1_client_method' is deprecated (declared at /usr/local/include/openssl/ssl.h:1604) ab.c:2414: warning: 'TLSv1_2_client_method' is deprecated (declared at /usr/local/include/openssl/ssl.h:1610) ab.c:2417: warning: 'TLSv1_client_method' is deprecated (declared at /usr/local/include/openssl/ssl.h:1598) ab.c:2468: warning: implicit declaration of function 'CRYPTO_malloc_init' /usr/share/apr-1/build/libtool --silent --mode=link gcc -std=gnu99 -g -O2 -pthread -L/opt/httpd-2.4.25/lib -lssl -lcrypto -lrt -lcrypt -lpthread \ -o ab ab.lo /usr/lib64/libaprutil-1.la -ldb-4.7 -lexpat -ldb-4.7 /usr/lib/libapr-1.la -lrt -lcrypt -lpthread -lm ab.o: In function `main': /opt/httpd-2.4.25/support/ab.c:2468: undefined reference to `CRYPTO_malloc_init' /opt/httpd-2.4.25/support/ab.c:2398: undefined reference to `SSLv2_client_method' collect2: ld returned 1 exit status make: *** [ab] Erreur 1 make: quittant le répertoire « /opt/httpd-2.4.25/support » make: *** [all-recursive] Erreur 1 make: quittant le répertoire « /opt/httpd-2.4.25/support » make: *** [all-recursive] Erreur I tried installing openssl 1.1.0 and reconfigure the installation of apache with : ./configure --enable-layout=admin --enable-mpms-shared=all --with-ssl=/usr/local/bin/openssl Still getting the same problem, any ideas ?

I have installed Linux Mint 18.1 Serena and I have XAMPP 5.6.28-1 on my computer. After I turn on my computer, I must run the XAMPP control panel and I must start Apache and MySQL manually. Does anyone know how this can be done automatically? I don't want to turn on Apache and MySql every time when I start / restart my computer.

The Mandatory Access Controls or MAC labels are different for NFS which are different for httpd, and different yet again for SaMBa. What is the proper way nowadays to label a SINGLE shared filesystem hierarchy on the server such that it is properly re-labelled by restorecon, can be accessed successfully server-side by all three services, and survives system updates? In other words, when the server side fs hierarchy is labelled for sharing over NFS, then that breaks access by httpd and smb daemons on the same server. If labelled for httpd, then NFS and SMB services stop sharing because the files are labelled httpd only, so are denied rw. And finally, SMB Labels break both NFS and httpd services. Is their a modern devops approach to this such as an Ansible playlist? I had made custom labels before but having to remake them after system updates caused too much friction. Wondering if custom labels are still the way, but now with automation?

On my Linux Ubuntu system I run apache2 web server in the context of a PHP based web application. phpinfo() reports the following error_log /opt/unetlab/data/Logs/php_errors.txt I.e. error_log() is supposed to send messages to /opt/unetlab/data/Logs/php_errors.txt file. On PHP code that handles the application's REST API, I use error_log() function to log some debugging info. The weird thing is that sometimes error_log() doesn't write anything on the log file. Nevertheless error_log() called from other PHP code's files (e.g.functions.php) works as a charm. Which could be the problem ?

One of the HTTP headers that the Apache httpd sends back with response data is "Server". For example, my web server machine is relatively up-to-date Arch Linux. It sends back headers closely resembling the following: HTTP/1.1 404 Not Found Date: Thu, 10 Apr 2014 17:19:27 GMT Server: Apache/2.4.9 (Unix) Content-Length: 1149 Connection: close Content-Type: text/html I have ServerSignature off in /etc/httpd/conf/httpd.conf, but the "Server:" header still appears. I have experimented with mod_headers . I have it enabled, and I've tried a few things: Header set ProcessingTime "%D" Header set Server BigJohn After stopping and starting httpd with the above configuration, the HTTP headers include something like ProcessingTime: 1523, but the "Server:" header line remains unchanged. So I know that "mod_headers" is installed and enabled, and working, but not as I desire. I see that something called "mod_security" claims to do this, but I don't want all the rest of the baggage that mod_security carries with it. **UPDATE:** Once you get mod_security installed, you only need a few directives: SecRuleEngine on ServerTokens Full SecServerSignature "Microsoft-IIS/6.0" That's for mod_security 2.7.7

I'm currently dealing with a real threat: the trojans Troj/PHPShel-CE and PHP/Agent-BJNA showed up on my system. I've decided to move to another provider – the first server IP was already blacklisted, and I want to stop any further damage. As a first step, I disabled apache2 and blocked all incoming/outgoing ports except SSH (port 22). I'm now backing up only the important data (like .pdf, images, etc. – no .php, .exe, .com or anything executable). But I'm still confused why Sophos didn’t detect the full extent of the infection. Here's what it found: Severity,When,Event,User,"User Groups",Device,"Device Groups","IP Address" Low,"2025-05-30T22:51:14+02:00","Scan 'Scan Now' completed",n/a,,mail,,xx.xx.xx.xx High,"2025-05-30T22:39:03+02:00","Outbreak detected",n/a,,mail,,xx.xx.xx.xx Medium,"2025-05-30T22:39:02+02:00","Malware detected: 'Troj/PHPShel-CE' at '/var/www/clients/client1/web7/web/wp-includes/l10n/class-wp-translation-file-security.php'",n/a,,mail,,xx.xx.xx.xx Low,"2025-05-30T22:38:45+02:00","Malware cleaned up: 'PHP/Agent-BJNA' at '/var/www/clients/client1/web3/web/wp-content/plugins/wpforms-lite/vendor_prefixed/apimatic/jsonmapper/tests/namespacetest/model/.1748559585'",n/a,,mail,,xx.xx.xx.xx more... about 150 times... After scanning multiple times, some of the same files were detected again – so clearly something is still active. I chatted with Claude (AI assistant), and he suggested checking all user crontabs, using this: echo "Checking crontabs..." for user in $(cut -f1 -d: /etc/passwd); do echo "--- Crontab for $user ---" crontab -u "$user" -l 2>/dev/null || echo "No crontab for $user" done At first, nothing suspicious came up – but then I found something under a user called web10: root@mail:/usr/local/sbin# crontab -u web10 -l * * * * * /usr/bin/php -r 'eval(gzinflate(base64_decode("jVJtj5pAEP7**** LOT MORE ****=="))); ###### My question: When we move to a new (managed) hosting provider, is there a risk that some infected files could sneak into the new system during the migration – even if we’re careful and avoid transferring obvious malware like .php and .exe files? ###### My setup: Ubuntu 24.04.2, apache2, php 8.3/8.4, ispconfig3

I'm following this guide to setup Tomcat 8 on Ubuntu Server 16.04 using Apache2's mod_jk module as a reverse proxy: https://www.digitalocean.com/community/tutorials/how-to-encrypt-tomcat-8-connections-with-apache-or-nginx-on-ubuntu-16-04 Everything works until the last step, which is to change the HTTP and AJP Connectors in server.xml to only listen on localhost. Here's the change I made to the AJP Connector: Before this change, typing https://myhostname takes me to the Tomcat administration page; after it, I get "503 Service Unavailable". I've temporarily turned off my firewall and removed AppArmor. Here's the relevant portion of mod_jk.log: jk_open_socket::jk_connect.c (817): connect to ::1:8009 failed (errno=111) ajp_connect_to_endpoint::jk_ajp_common.c (1068): (ajp13_worker) Failed opening socket to (::1:8009) (errno=111) ajp_send_request::jk_ajp_common.c (1728): (ajp13_worker) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=111) What could be causing this, and how can I resolve it?

**UPDATE** learning that application/javascript has been deprecated, this has now been updated to read: text/javascript. Issue persists. I have verified that this is not an actual 404. a file of that name exists at that path, with ownership and permissions which should make it accessible to the webserver user. Following Marcus Müller's suggestion below, that the AddType directives I added years ago to an apache2 virtual host template are now redundant, I commented those out, and ran a stop / start on apache and the php-fpm. I'm still seeing the same results in the network tab. ----- for a couple of years now, my apache2 virtual host containers include, in the top scope, unaffected by conditionals, these two lines: AddType text/css .css AddType application/javascript .js and there is this: $ apache2ctl -M | grep mime mime_module (shared) still the firefox network tab reports that multiple files are giving me 404s, and errors reading: NS_ERROR_CORRUPTED_CONTENT. Each is clearly identified with their .css or .js extensions and are all being seen in the browser as malformed html code. Any thoughts on how to further diagnose or resolve this issue would be greatly appreciated. -- Hugh Esco