I've been trying to configure my Apache Httpd 2.4 server to use mod_cache and mod_cache_disk to do caching for a Wordpress site. It should have a big improvement of performance. I have followed all the guides and done everything right, and yet... no files get saved in the cache.
I enabled logging of cache errors and I see this error coming up: "cache miss: cache unwilling to store response". Ok... I looked in the source code of mod_cache.c and it looks like that happens when cache_create_entity() returns anything other than OK. So I looked at the souce of mod_ccache_disk.c and I can see that in create_entity(), it silently fails if conf->cache_root == NULL. In all other cases, it would log an error or return OK.
I can only assume that it's failing because conf->cache_root is null. Where does that come from? It would come from ap_get_module_config to get the config of the cache_disk_module.
How can that possibly be returning null? And more annoyingly, why does the Apache server give some log message when there's a major error condition, such as loading a module but not having a config object for it?
Really stumped on this one... Thank you.
Problem solved: SELinux was blocking files from being created in the CacheRoot I specified. I had to put it in the right directory that had permissions, or I could have added permission to the directory.
Related
I got a strange situation where my Apache Server is adding a piece of Javascript code just before closing tag of the served HTML content.
I tried to find out but could not success what is going here on the server. I restarted the server and then it went away, but after sometime I'm facing same issue.
I'm sure my server is compromized and someone is doing this act. Kindly help me where to look to check how Apache can add such code on the fly on CentOS 7.
If you do not have set up anything like this, it's likely that your server got compromised.
As a first step, I suggest you check, if anything like this has been configured.
Beware though, if your server has been compromised, it's very likely that the attacker still maintains access to your server. If you can, nuke it, rotate credentials and look into hardening your servers.
This is my first post under the Apache tag, so not sure if I have posted it in the correct spot. Apologies if it's not.
We recently had an audit done on our Apache server. It's running on a Windows Server 2012 R2, and I installed Apache 2.4.27 through WAMP.
The results from the Audit are fairly specific, but I don't know where to go in the Config file to fix these. My IMIT department has gone through a number of changes and we no longer have someone who can help me, so I'm stuck.
The three areas I need to correct are:
1) MISSING SECURITY HEADERS Recommendation: Implement HTTP security headers in the web applications to prevent exploitation of vulnerabilities.
2) Recommendation: Make sure that browsable directories do not leak confidential informative or give access to sensitive resources. Additionally, use access restrictions or disable directory indexing for any that do.
3) The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. Recommendation: Disable these methods.
I have looked in the config and in various documentation online but the Windows install for Apache seems to be unique, and I don't want to risk screwing up something that breaks the install.
Any ideas would be greatly appreciated.
Chris
Find httpd.conf file. It should be in the conf folder in the localization where Apache is installed like for ex:
C:/Apache/Apache/conf/httpd.conf
If you're not sure where that is - open task manager, find httpd.exe and check it's properties.
Then add required configuration there.
Check out this helpful github:
https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess
You can check your configuration files for syntax errors without starting the server by using apachectl configtest or the -t command line option.
I have a 1GB ram Apache 2.4.10 (MPM event) VPS, my user complained that they always encounter broken webpage or image was loaded frquently, when I try to use fiddler to investigate, I found content length mismatch problem occurred in those broken image/pages. Seems that Apache sometimes did not sent the whole file to the client. I already disable HTTP/206 in Apache server but problem still persisted.
Any idea on it ? Or i need to install the newest version 2.4.16 ?
Thanks.
I think you need to check your apache services error logs file so that you can find out the exact root cause of this issues. Please check that and let us know what error are you getting in error logs file ? We will try to help you on this with the that error logs.
Sometimes, for no real reason I get the following console message and a completely blank screen after deploying code to the server:
net::ERR_INCOMPLETE_CHUNKED_ENCODING
An Apache restart fixes it but I can't see why it happens. The file system changes but not any config. I've never encountered it when not doing a deployment, so something about the file system changing whilst apache is running seems to cause it.
The document root is a symlink (current/) to the latest release folder.
This might not be your problem, but it solved it for me so i'm going to throw it out there anyway - setting opcache.fast_shutdown=0 fixed it. It is disabled by default according to the php docs
but had been enabled in our setup.
I had this problem with phpmyadmin. Try disabling your antivirus.
A client has a website running on a dedicated host (either developed, nor managed by myself) in which Apache is generating a very strange behavior.
When the requested url is of the type:
http://obituarieshelp.org/aboutus.html/whatever_here
it actually loads 'aboutus.html' if it exists, even though 'whatever_here' does not exist, and 'aboutus.html' is not a directory.
I took a look at the htaccess file, and everything seems to be fine. I am sure it is apache misconfigured somehow, but for the love of me, I cannot seem to find anything that could point to the problem in httpd.conf
Has anyone experienced the same, or has any suggestions as to why this would be?
This is controlled by the AcceptPathInfo HTTPd directive. The remainder of the path after the file is made available in the PATH_INFO environment/server variable, and scripts can use it to discern additional information about the request.