I have got a question regarding IWAP and Worklight 6.1.
I have look on forums, official documentation but cannot found the answer.
We are using Worklight 6.1 and IWAP and it seems that the IWAP installation should be done in root, otherwise it doesn't work
> Do you know which folders or installed librairies required to be root during installation ?
Once installed with the following command line, the target analytics folder is in root permissions (wl-analytics)
./setup.sh stand-alone -n WLCLUSTER_DEV -s /opt/IBM/wl-analytics -d /opt/IBM/wl-analytics/data -l /opt/IBM/wl-analytics/logs -o 2000
See http://snag.gy/Q8r4A.jpg for screenshot
If I start IWAP with a no root user, IWAP is not started and I have got the following errors :
[wladmin#localhost wl-analytics]$ ./iwap.sh start
./iwap.sh: line 30: ulimit: open files: cannot modify limit: Operation not permitted
IWAP search engine starting ...
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
Waiting for search engine to become active.
IWAP search engine unable to start. Please look at search engine logs.
IWAP console starting ...
httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
(13)Permission denied: httpd: could not open error log file /opt/IBM/wl-analytics/HTTPServer/logs/error_log.
Unable to open logs
IWAP console unable to start. Please look at the web server logs.
It seems to be due to permissions on the wl-analytics folder so I have changed the permissions of this folder with : chown -R wladmin:adm /opt/IBM/wl-analytics
After that, I am able to launch IWAP as wladmin user (no root user), IWAP works fine but I have some warnings in the prompt :
[wladmin#localhost wl-analytics]$ ./iwap.sh start
./iwap.sh: line 30: ulimit: open files: cannot modify limit: Operation not permitted
IWAP search engine starting ...
Waiting for search engine to become active.
Waiting for search engine to become active.
IWAP search engine started.
IWAP console starting ...
httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain for ServerName
IWAP console started.
> Everything seems to work but do you know if there are some side effects?
> Do you know why also should be launch IWAP as root if I do not change the folder permissions of IWAP
> Do you have a technical documentation about IWAP ?
> Do you know how to change the port of IWAP without reinstalling IWAP ?
> Do you know how to monitor the IWAP module ?
I am asking these questions since we are implementing IWAP on Worklight 6.1 for a project and the project is blocked due to this (root execution of IWAP).
Thanks a lot.
Mat
Everything seems to work but do you know if there are some side effects?
Are you sure everything worked? Were you able to access the analytics console successfully? I've attempted to install IWAP as a non root user and was unsuccessful.
Do you know why also should be launch IWAP as root if I do not change the folder permissions of IWAP
My only guess is that the installation is doing things that can only be done by the root user.
Do you have a technical documentation about IWAP ?
The only documentation I know about is here
Do you know how to change the port of IWAP without reinstalling IWAP ?
I don't think it is possible without re installing since the port is defined at install time. In Workight 6.2, this port can be changed via JNDI properties.
Do you know how to monitor the IWAP module ?
I'm sorry, I don't think I understand what you're asking for here.
Related
I am trying to fix one venerability on my production web server(Apache), Venerability is "The HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and technologies used by the web server"
For this I have gone for some solutions , some where I found that to solve the above Venerability we need to edit the httpd.conf file on server but I did not find httpd.conf file in my entire system (using windows 10 os) can any one please let me know hot find that file or how to resolve that Venerability on production ?
You can find httpd.conf in
installed folder ex Apache24
Apache24/conf/httpd.conf
On Windows, I have seen people run Apache from all kinds of weird and wonderful places.
You need to track down where your Apache instance is running from, normally its running as a service on windows. If you open the properties on the service and look at the Path to executable, it should be something similar to the below.
"C:\Program Files\Apache24\bin\httpd.exe" -k runservice
Or it could be
"D:\Some Application\Version\WEB\tool\SOFTS\HTTPD\bin\httpd.exe" -k runservice
Unless there is an -f flag, setting the location of the conf. There will be a "conf" folder at the same level as the "bin" folder regardless of the path. This location is set at compile time so unless you have bespoke version off Apache this should be the location.
If you are struggling to find the service or a launcher that is running Apache. You can use WMI with a WQL query to look for processes which are called httpd.exe and get its executable path.
wmic process WHERE name="httpd.exe" GET ExecutablePath
In Xampp Control panel, in apache row, click on "config" button and then you see the term Apache(httpd.conf).
This is my first post under the Apache tag, so not sure if I have posted it in the correct spot. Apologies if it's not.
We recently had an audit done on our Apache server. It's running on a Windows Server 2012 R2, and I installed Apache 2.4.27 through WAMP.
The results from the Audit are fairly specific, but I don't know where to go in the Config file to fix these. My IMIT department has gone through a number of changes and we no longer have someone who can help me, so I'm stuck.
The three areas I need to correct are:
1) MISSING SECURITY HEADERS Recommendation: Implement HTTP security headers in the web applications to prevent exploitation of vulnerabilities.
2) Recommendation: Make sure that browsable directories do not leak confidential informative or give access to sensitive resources. Additionally, use access restrictions or disable directory indexing for any that do.
3) The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. Recommendation: Disable these methods.
I have looked in the config and in various documentation online but the Windows install for Apache seems to be unique, and I don't want to risk screwing up something that breaks the install.
Any ideas would be greatly appreciated.
Chris
Find httpd.conf file. It should be in the conf folder in the localization where Apache is installed like for ex:
C:/Apache/Apache/conf/httpd.conf
If you're not sure where that is - open task manager, find httpd.exe and check it's properties.
Then add required configuration there.
Check out this helpful github:
https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess
You can check your configuration files for syntax errors without starting the server by using apachectl configtest or the -t command line option.
I'm running MarkLogic 8 (developer edition) on Mac OS 10.10.1.
I'm a beginner with ML, and I'm reading the "Getting Started" material in the online docs, in particular the section "Sample XQuery Application that Runs Directly Against an App Server."
I created the "TestServer" app server just fine, following the instructions. I then copied and pasted the text for the four XQuery files in the exercise, load.xqy, dump.xqy etc.
My local copies of the four .xqy files are under ~/Library/MarkLogic/Apps/Test, per the instructions. Read and execute permissions are open along the entire filepath, down to the .xqy files themselves.
When I request http://localhost:8005/Test/load.xqy, as instructed, I get a 404 Not Found response.
lsof -i :8005 indicates that MarkLogic is indeed listening on port 8005.
I checked the TestServer configuration against the instructions, disabled and re-enabled TestServer, stopped and re-started ML--always with the same result: 404 Not Found.
I haven't been able to find anything in either the ML mail archives or Stackoverflow to get me past this sticking point.
Any ideas or suggestions would be very much appreciated. Thank you!
This seems like a permission issue. Does it work when you run it as the admin user?
Have check to make sure the files are loaded into the modules database?
Also check the permission got set with the correct role for those file.
Check to see that user that is running the app has the role that you used when setting permission on those file.
This worked for us:
In the TestServer configuration instead of just putting Test in root field, put Apps/Test/ which is the location of the 4 files (load.xqy,dump.xqy, update-form.xqy and update-write.xqy relative to the MarkLogic installation directory -- in our case, centos, this was at /opt/MarkLogic/)
And then issued this command
chmod +r *.xqy
If you follow all the instructions correctly just remove the Test from the url. If yours is "http://localhost:8005/Test/load.xqy" make it "http://localhost:8005/load.xqy"
I am facing problem in starting XAMPP. First of all it gives me error messages in RED when i start XAMPP control panel. When i click on START APACHE, it starts it but when i open localhost it gives me the following error message.
Not Found
HTTP Error 404. The requested resource is not found.
I have tried various ways to resolve this problem but it isn't solved yet. Kindly guide me.
Thanks.
checklist
first run XAMPP installer by UAC(User Account Control) and Antivirus off and run it as admin
uninstall previous XAMP installation
turn off IIS temporarily (which will use default port 80)
change the port to some free valid port by following below guide
summary (Locate the file httpd.conf. This file should be found in C:\xampp\apache\conf folder or via config button in XAMPP control panel and search for 80 port and change it to something like 1234
http://complete-concrete-concise.com/web-tools/how-to-change-the-apache-port-in-xampp
check services.msc if web deployment agent service is running.
check if IIS is running, stop it.
As some solutions may suggest you turn off the IIS or some windows related services, you should therefore take precaution since there are possibilities of stopping very useful user process
I run a django application over apache with mod_wsgi, using WAMP.
A certain URL allows me to stream the content of image files, the paths of which are stored in database.
The files can be located whether on local machine or under network drive (\\my\network\folder).
With the development server (manage.py runserver), I have no trouble at all reading and streaming the files.
With WAMP, and with network drive files, I get a IOError : obviously because the httpd instance does not have read permission on said drive.
In the task manager, I see that httpd.exe is run by SYSTEM. I would like to tell WAMP to run the server as [myself] as I have read and write permissions on the shared folder. (eventually, the production server should be run by a 'www-admin' user having the permissions)
Mapping the network shared folder on a drive letter (Z: for instance) does not solve this at all.
The User/Group directives in httpd.conf do not seem to have any kind of influence on Apache's behaviour.
I've also regedited : I tried to duplicate the HKLM\[...]\wampapache registry key under HK_CURRENT_USER\ and rename the original key, but then the new key does not seem to be found when I cmd this
> httpd.exe -n wampapache -k start
or when I run WAMP.
I've run out of ideas :)
Has anybody ever had the same issue?
Win+R, services.msc
edit wampapache and wampmysqld to log on as some user.
the tray icon is a convenient front end to "net start wampapache" and "net start wampmysqld"
The User/Group directives in httpd.conf do not seem to have any kind of influence on Apache's behaviour.
httpd.exe is started by the root user (this is probably why you see it running under SYSTEM). The user and group lines in httpd.conf determine what user the child processes (that httpd spawns) will run under. These forks are what actually handle page requests, etc. so it is possible that your configuration is already doing what you want it to, it is just unclear from looking at task manager.
You could also try using runas to start WAMP/Apache, though your mileage may vary.
I've just found that executing httpd.exe myself works for me... I just loose all the funky WAMP tray icon, and the "restart apache" menu item, really handy whenever I update my application code...
I'll have to make do with this for the moment...