Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I never got those three rewrite lines (that everybody on the internet sites) to work. I finally resorted to mod_security. It's good to know now about TraceEnable...but does it actually work...
I recently found out I have the same problem with Apache.
The only drawback is, I'm running an older version of Apache Apache/1.3.27 (Unix) mod_perl/1.27 PHP/4.3.1 mod_mp3/0.39
so the TraceEnable Off is not an option for me.
Has anybody got the rewrite method to work?
because no matter what I try, it just doesn't seem to work.
btw...
upgrading Apache is not an option because I'm running Freesco Linux with a very old kernel.
It looks like TraceEnable is available for apache version > 1.3.34, so consider upgrading if it's possible
Regarding the mod_rewrite way to block TRACE, it also works, but you have to put the directives outside a <Directory ...> </Directory> definition, as opposed to post #1.
It looks like TraceEnable is available for apache version > 1.3.34, so consider upgrading if it's possible
Regarding the mod_rewrite way to block TRACE, it also works, but you have to put the directives outside a <Directory ...> </Directory> definition, as opposed to post #1.
Regards
The problem is, Apache 1.3.27 is the only Apache package available for Freesco Linux (as far as I know), so Upgrading is a no-go becuse I've got no experiance with compiling what so ever.
As for putting the 3 lines of code outside a </Dir...,
I've tried...
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
And I've tried it in various places in my httpd.conf. At the start, bottom and other places.
But each time I restarted Apache (or the machine) it didn't work.
I've just downloaded apache-1.3.27, compiled it using --enable-module=so --enable-module=rewrite and tested the rewrite rule. And it works!!!
I've added the directives just after the closing <Directory> tag of the DocumentRoot:
Well, despite some differences everything that is needed seems to be there. This is my origional httpd.conf in /usr/local/apache/conf
Code:
...
LoadModule vhost_alias_module libexec/mod_vhost_alias.so
LoadModule rewrite_module libexec/mod_rewrite.so <<<<<-----
LoadModule proxy_module libexec/libproxy.so
LoadModule info_module libexec/mod_info.so
LoadModule mp3_module libexec/mod_mp3.so
...
ClearModuleList
AddModule mod_vhost_alias.c
AddModule mod_env.c
AddModule mod_log_config.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c <<<<<-----
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_proxy.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_info.c
AddModule mod_mp3.c
<IfDefine SSL>
#AddModule mod_ssl.c
AddModule mod_php4.c
AddModule mod_perl.c
</IfDefine>
# must be last!
AddModule mod_dosevasive.c
...
DocumentRoot "/www"
#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
Options FollowSymLinks <<<<<-----
AllowOverride None
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/www">
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options Indexes FollowSymLinks MultiViews <<<<<-----
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
So I added the 3 lines right below the </Directory> part, but that didn't work.
I also changed the lines according to what you quoted in your post, but again... it didn't work.
If you want to have a look at my full httpd.conf, just let me know.
Running Freesco Linux 0.3.8 (www.freesco.org)
Kernel 2.0.39
Apache 1.3.27 (Unix) mod_perl/1.27 PHP/4.3.1 mod_mp3/0.39
Perl 5.6.1
Mysql 3.23.37
Is mod_rewrite compiled as a module or it's static. Because you don't need both "LoadModule rewrite_module libexec/mod_rewrite.so" and "AddModule mod_rewrite.c". What gives:
Code:
httpd -l|grep rewrite
Anyway you can add mod_rewrite logging and look what rewrite does:
Is mod_rewrite compiled as a module or it's static.
Well, that's where my knowledge ends .
Quote:
What gives:
Code:
httpd -l|grep rewrite
Well on Freesco that gives nothing because I think it's actually thttpd that is running the show, and it's called by rc_httpd.
So I'm not sure how to get this info.
Quote:
Anyway you can add mod_rewrite logging and look what rewrite does:
Code:
RewriteLogLevel 9
RewriteLog logs/rewrite_log
I added these lines and restarted the webserver, but all this does is create the rewrite_log file in /usr/local/apache/logs. But the file stays empty (0 bytes), even after trying the trace command several times.
Oops, you don't run apache, but thttpd!!!
So everything in the above post will not work, because it's specific to apache.
I've read that there is an apache package for Freesco, if you want to install and use instead of thttpd
Oops, you don't run apache, but thttpd!!!
So everything in the above post will not work, because it's specific to apache.
Well, Freesco is a different story and I'm not sure how things actually run. (That's the n00b part in me )
And I think I might have made a false conclusion...
Freesco can run 2 web-server.
One public on port 80 (www)
and one private (for setup and control) on port 82 (wwa).
When having installed Apache, it seems the public server (httpd) is replaced by Apache.
whilst the private server is still running thttpd.
And it seems that rc-httpd calls them both...
Code:
[n00b@linux]rc_httpd status
Running control http server:
3207 S 1 thttpd thttpd-p82-uroot-d/wwa
3240 S 1 httpd /usr/local/apache/bin/httpd-DSSL
3254 S 3240 httpd /usr/local/apache/bin/httpd-DSSL
3255 S 3240 httpd /usr/local/apache/bin/httpd-DSSL
4596 S 3240 httpd /usr/local/apache/bin/httpd-DSSL
Apache Server Status for thasaidon.homeip.net
Server Version: Apache/1.3.27 (Unix) mod_perl/1.27 PHP/4.3.1
mod_mp3/0.39
Server Built: Apr 13 2003 12:43:15
_________________________________________________________________
Current Time: Sunday, 24-Jan-2010 11:09:02 ???
Restart Time: Sunday, 24-Jan-2010 05:11:36 ???
Parent Server Generation: 0
Server uptime: 5 hours 57 minutes 26 seconds
1 requests currently being processed, 2 idle servers
W__.............................................................
................................................................
................................................................
................................................................
Scoreboard Key:
"_" Waiting for Connection, "S" Starting up, "R" Reading Request,
"W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup,
"L" Logging, "G" Gracefully finishing, "." Open slot with no current
process
[n00b@linux]
So yes, Apache is defenately installed and running on Freesco.
So since it's apache running on port 80 and "httpd -l|grep rewrite" gives nothing, then mod_rewrite is compiled as a DSO.
Comment out the "AddModule mod_rewrite.c" and restart apache using:
Code:
/usr/local/apache/bin/apachectl restart
to rule out any strange options that rc_httpd may use.
How do you do your tests. I'm using:
I restarted Apache, and now it seems to have started ok.
but when I run an apache statustest" I get this:
Code:
[n00b@linux] apache configtest
Syntax OK
[Mon Jan 25 16:18:08 2010] [error] Cannot remove module mod_rewrite.c: not found in module list
[n00b@linux]
So it would seems that mod_rewrite.c is required...
Code:
[n00b@linux] apache stop
Stopping Apache... /usr/local/apache/bin/apachectl stop: httpd stopped
Done
[n00b@linux] apache start
Starting Apache... [: syntax error
/usr/local/apache/bin/apachectl start: httpd started
Done Port 80
[n00b@linux] apache configtest
Syntax OK
[Mon Jan 25 16:28:26 2010] [error] Cannot remove module mod_rewrite.c: not found in module list
[n00b@linux]
As for testing, I found this "problem" when I was fooling around with w3af (w3af.sourceforge.net) on my Ubuntu laptop.
but to do a quick test, I too use telnet.
telnet 127.0.0.1 80
TRACE / HTTP/1.1
Host: 127.0.0.1
testing123
testing123
HTTP/1.1 400 Bad Request
Date: Mon, 25 Jan 2010 16:21:09 GMT
Server: Apache/1.3.27 (Unix) mod_perl/1.27 PHP/4.3.1 mod_mp3/0.39
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
173
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.<P>
Request header field is missing colon separator.<P>
<PRE>
testing123</PRE>
<P>
<HR>
<ADDRESS>Apache/1.3.27 Server at thasaidon.homeip.net Port 80</ADDRESS>
</BODY></HTML>
0
Connection closed by foreign host.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
.
