Apache is Adding Javascript in HTML File - apache

I got a strange situation where my Apache Server is adding a piece of Javascript code just before closing tag of the served HTML content.
I tried to find out but could not success what is going here on the server. I restarted the server and then it went away, but after sometime I'm facing same issue.
I'm sure my server is compromized and someone is doing this act. Kindly help me where to look to check how Apache can add such code on the fly on CentOS 7.

If you do not have set up anything like this, it's likely that your server got compromised.
As a first step, I suggest you check, if anything like this has been configured.
Beware though, if your server has been compromised, it's very likely that the attacker still maintains access to your server. If you can, nuke it, rotate credentials and look into hardening your servers.

Related

Fileupload with CMIS + Apache fails due to "Proxy Error"

We developed a web application which uses opencmis and a windows client which uses dotcmis. The web application runs behind an apache httpd.
We are facing the following problem:
Small files can be uploaded by the client without problems (< 1,5 gigabytes).
However, if we try to upload larger files, we get a "Proxy Error". The stacktrace does not give any more information.
We also tried to upload via cmis workbench with the same result...
Are there any configuration parameters for apache we maybe overlooked? Or do you think the problem should be searched elsewhere?
EDIT: I should mention, that the file is uploaded completely nevertheless. And also: We tried disable apache, connect via http instead of https and upload a file and it works perfectly.
EDIT2: We found a solution, although it does not seem to be a very good one... We set the following configuration entries in httpd.conf:
Timeout=500 and ProxyTimeout=500. Default value is 60 for these entries.
This solved the problem. However, it would be nice to know, why this problem occures in the first place.
Greets

Bad request error in Apache2 when accessing http instead of https

I am a noob and I have recently started playing with my apache2 installation and trying to see how things are working. Also this exercise helps me figure out more things about apache2 than just reading some manual online.
But I am unable to figure out what I did now ?
So, here is my question: I enabled default-ssl (and have disabled default, i.e., have closed port 80, so that you can only connect the server with https)> I remember previously (say couple of days back) when i did the same and tried to access my website using http, it was giving me some error in the browser saying the web page could not be found or something. But today, doing the same thing give a nice error page saying one should use https instead of http.
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
Hint: https: // 127.0.1.1/
And, I actually like this. But, I am trying to remember what things I might have done in between to activate such nice error page which was previously not shown.
I know I did something and I cannot remember what I did and asking you to figure that out. I feel bit stupid out there. But, it would be great if any Apache Sherlock out there who could help me. BTW, I am using Ubuntu 12.10.
Thanks

CPanel cache issue

I have made some changes in my site and updated them in the server via CPanel, but I can't see the changes affected.
I have changed one pdf but still old pdf is displaying. Help me if anybody knows why this is happening? Thanks.
Try
dig +trace domain.com
And make sure that domain is pointed to the correct server IP (The one you have made changes)
There is no such things like cPanel cache. Otherwise try
telnet server_IP 25
make sure that its points to the correct server IP.
If the domain points to the correct server where you have made changes, then you need to investigate based on the script or code .check whether the pdf file uploaded correctly
Some its happens to me too but even though we upload it corrected its our browser cache which still shows the old pages and does not reflect the new changes. Most of time i do check it in private browser or via proxy urls :D

Why is my favicon appearing on Amazon S3 endpoint but not on the forwarded domain?

I have tried everything possible and am out of ideas as to why my favicon is still not appearing. If I told you how much time I've spent trying to figure this out you'd understand why i'm on the verge of losing my mind.
Here's the rundown [i'm not technical- just starting to learn so please bear with me]:
I'm using Amazon S3 as my host. GoDaddy is the DNS and I have forwarding with a mask setup so that the amazon endpoint is directed to the actual domain.
Here's the strange thing-- the favicon appears on the amazon endpoint but doesn't on the forwarded domain which is where I want it to appear. The favicon also appears when I do some testing using Dreamweaver.
I can assure you that it isn't a matter a clearing the cache as I've done that numerous times and have ran tests to make sure that it's working. I've tried all the possible different types of variations of code and nothing works. I'm led to believe that it's not an issue with the code, cache, file but rather something else that is out of my realm of knowledge.
So I come to Stackoverflow.
Please-- any help will be GREATLY appreciated!
For anyone having such problem - making the favicon public and using a direct link found in the file's properties on s3 did the charm.
That means use a full URL that is always going to work from everywhere. Depending on how things are set-up a hostname could resolve to something like localhost on multiple machines, so you want to make sure that the host name you're using always has the resource at that location. CORS should have anything to do with it as it is a standard full GET request.

CryptAcquireCertificatePrivateKey failed when using SelfSSL on IIS6 with multiple Websites

I have two "Web Sites" running under IIS6 (Windows Server 2003R2 Standard), each bound to a separate IP address (one is the base address of the server).
I used SelfSSL to generate and install an SSL certificate for development purposes on one of these sites and it works great. I then run SelfSSL to generate a certificate for the second site and the second site works, but now the first site is broken over SSL.
I run SSL Diagnostics and it tells me:
WARNING: You have a private key that corresponds to this certificate but CryptAcquireCertificatePrivateKey failed
If I re-run SelfSSL on the first site (to fix it), the first site works but then the second site is broken.
It seems like SelfSSL is doing something in a way that is designed to work with only one Website, but I can't seem to put my finger on exactly what it's doing and figure out how to suppress it. I would manually configure SSL but I don't have a certificate server handy, but maybe there is a way to get SelfSSL to just gen the cert and let me install it?
FWIW I have also followed the guidance of several posts that indicate changes to the permissions of the RSA directory are in order, etc. but to no avail. I don't work with SSL everyday so I may be overlooking something that someone with more experience might notice, or perhaps there is a diagnostic process that I could follow to get to the bottom of the issue?
We had a similar problem today. Our IT guy said he solved it by basically using ssldiag instead of selfssl to generate the certs.
See the reply from jayb123 at this URL: http://social.msdn.microsoft.com/forums/en-US/netfxnetcom/thread/15d22105-f432-4d8f-a57a-40941e0879e7
I have to admit I don't fully understand what happened, but I'm on the programming side rather than the network admin side.