Skip to main content

tag: apache


Apache 2.4 Upgrade and the “Invalid Command ‘Order'” Error

The new Apache 2.4 has been released a few weeks ago and I decided to use this version while installing a new server (I compiled it from scratch rather that using an rpm or deb). After using one of my tried and true Apache configuration files, I received this error on start: Starting httpd: AH00526: […]

The first inkling that I had a problem with a DDoS (Distributed Denial of Service) attack was a note sent to my inbox:

lfd on High 5 minute load average alert – 89.14

My initial thought was that a site on my server was getting Slashdotted or encountering the Digg or Reddit effect. I run Chartbeat on several sites where this occasionally happens and I will usually get an alert from them first. A quick look at the Extended status page from Apache showed that I had a much different kind of problem.

Came across this little maddening issue again today after fixing it a few months back. I created a directory that is password protected using a .htaccess file. However, when trying to access this folder or anything under this directory, a File Not Found 404 error from WordPress is displayed before it even prompts you for […]

If you are running Apache for your web server, and mod_rewrite is installed (this is a pretty typicaly module on all installations) this is actually pretty easy. RewriteEngine on RewriteCond %{HTTP_HOST} ^subdomain\.yourdomain\.com RewriteRule ^(.*)$ http://www\.yourdomain\.com/subdomain/$1 [L] Add this code to your apache configuration file – the easiest location is in the .htaccess file in your […]

If you upload those new fancy-shmancy file formats to your web server – namely .docx, .pptx and .xlsx – and you are running Apache; chances are that your web server doesn’t know how to serve those files because they are unknown file formats. Your browser may try to download them as a .zip file (IE) […]

The goal here is to watermark all images in a certain directory, except for thumbnails or other selection. You can either do this on each file prior to placing on your webserver – which is probably wise for CPU load issues – but let’s just say you want to do this for all files served […]

The situation is: you have an web application or URL that you would like to force your users (or yourself) to use the secure https protocol rather than the unencrypted http protocol. This is easy to do with Apache and .htaccess. Create or add to the .htaccess file in the root of the web directory […]

Cacti remote exploit

There appears to be an exploit in the wild which is automating the Cacti Command execution and SQL Injection Vulnerability [see Secunia alert 23528]. Via this exploit, any server running an older version of Cacti from before December 28th. Of course it’s always best to keep your software up to date. Other tricks to keep […]

Problem: Checking the apache server status with the command “apachectl status”, “service httpd fullstatus” or by viewing http://server/server-status I get the message: “The requested URL /server-status was not found on this server” or your alternative 404 page not found error. Answer: Assuming you have the module loaded and set up per the documentation of mod_status, […]

  • 1
  • 2