Lesley Kimmel | 25 Oct 15:16 2014

Compiling HTTPD from Source


I've had good success compiling HTTPD from source when compiling on RHEL5 
and running on RHEL5 or compiling on RHEL6 and running on RHEL6. I see there 
are library compatibility issues when compiling on RHEL6, for example, and 
trying to run on RHEL5. How can I compile in a more generic way to to be 
distro independent?

Thanks in advance,

Mercier, Justin (N-NDP LLC | 23 Oct 21:12 2014

Dynamic access control by remote hostname or IP

I am using chef-solo to provision systems and currently store the node definitions in Apache within
folders matching the simple hostname. I also have a need to store some sensitive files in this folder and
need to restrict access by IP or host name.

So assuming a docroot structure such as :


where serverX is a hostname of a chef client, how can I control access to those folders? I.e. something like:

<Directory /definitions/$remote_client>
order deny,allow
deny from all
allow from $remote_client

Obviously the above is invalid, but is there something similar that is valid that allows me to easily define
folder access control by the client's hostname without having to create a Directory resource hard-coded
for each?

Thanks in advance!

- Justin
Patton, Billy N | 22 Oct 22:10 2014

OO perl in CGI

I’ve just recently upgraded my mac to the new Yosemite.
My app was working before this upgrade.  I had no Idea that it would destroy so much, but I’ve got most of it back.
It’s the inheritance between perl modules that is killing me.
I know my machine candles inheritance(see example below).

Yesterday I was running Apache 2.2, today I’m running 2.4.9

I have a hierarchy like this

	use CP; 
	$cp = CP->new();

	use base “Base”;
        sub new { # tried this out of desperation
		my $self = shift;

	use base ‘CGI::Application’;
        sub new {
		my $self = shift;
(Continue reading)

Santiago DIEZ | 22 Oct 11:56 2014

What are the "deps" sources?

Hi there,

What is the difference between httpd-2.4.10.tar.gz and httpd-2.4.10-deps.tar.gz?

Thanks for your help
Santiago DIEZ
+33 6 37 90 81 98
Quark Systems & CAOBA
23 rue du Buisson Saint-Louis, 75010 Paris
Patton, Billy N | 21 Oct 17:54 2014

WWW::Mechanize for testing

Trying to use WWW::Mechanize for my unit testing of an app.
I requires a login, but this is something that comes before it hits my .cgi.

I believe it is using the .htaccess to get it’s data.

Here is my script using WWW::Mechanize.

#!/usr/bin/perl -w
use strict;
use warnings;
use Data::Dumper;
$Data::Dumper::Indent   = 1;
$Data::Dumper::Sortkeys = 1;
$Data::Dumper::Deepcopy = 1;
use Test::More qw (no_plan);
use Cwd;
use WWW::Mechanize;

my $loginID   = 'dogs';
my $password  = 'pigs';
my $url       = 'http://cats.sheep/cp.cgi';
my $mech      = WWW::Mechanize->new(); # start off the whole enchilada
$mech->set_visible($loginID, $password);  # enter in the loginid and password

The documentation I have read tells me to use set_visible.

When I have it before the get I get the following error.
HTML::Form::parse: No $base_uri provided at /Library/Perl/5.16/WWW/Mechanize.pm line 2759.

if I move it after the get I get the following error.

Error GETing http://billys-cportal-test.dfw0.hypercube-llc.com/cp.cgi: Authorization Required
at t/cportal.t line 31.

So how do I do a get when the login stuff is not controlled by my App?
Patton, Billy N | 20 Oct 13:58 2014

C module

I’m new to Apache.  I’ve gotten mod_perl, php, cgi and html to do my hello world.
I’m now trying to get a “c” module to print a simple “hello world”.
I know there is something very simple I’m missing.
I’ve read explanations and examples till they all seem to say the same thing.
I’ve copied examples word for word.
I can get it to compile and have the permissions of all the other .so files.

from my httpd.conf
LoadModule example_module libexec/apache2/mod_example.so

For the mod_perl and .cgi I had these lines
AddHandler cgi-script .cgi
AddHandler mod_perl .pl
AddHandler mod_perl .pm

But when the actions you want to take are in the module, how do I call it?
Since my file.c is called mod_example.c and it compiles/installs as mod_example.so
Do I need a bogus file IE mod_example
Then set a handle for mod_example

where mod_example would be a simple
touch mod_example

Then in my .config
AddHandler mod_example mod_example

Then call from Chrome as


I tried this, but all I got was a blank screen, no errors of any kind.

Here is my mod_example.c

/* Include the required headers from httpd */
#include "httpd.h"
#include "http_config.h"
#include "http_core.h"
#include "http_protocol.h"
#include "http_request.h"

/* Define prototypes of our functions in this module */
static void register_hooks(apr_pool_t *pool);
static int example_handler(request_rec *r);

/* Define our module as an entity and assign a function for registering hooks  */

module AP_MODULE_DECLARE_DATA   example_module =
    NULL,            // Per-directory configuration handler
    NULL,            // Merge handler for per-directory configurations
    NULL,            // Per-server configuration handler
    NULL,            // Merge handler for per-server configurations
    NULL,            // Any directives we may have for httpd
    register_hooks   // Our hook registering function

/* register_hooks: Adds a hook to the httpd process */
static void register_hooks(apr_pool_t *pool)

    /* Hook the request handler */
    ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);

/* The handler function for our module.
 * This is where all the fun happens!
static int example_handler(request_rec *r)
    /* First off, we need to check if this is a call for the "example-handler" handler.
     * If it is, we accept it and do our things, if not, we simply return DECLINED,
     * and the server will try somewhere else.
    if (!r->handler || strcmp(r->handler, "example-handler")) return (DECLINED);

    /* Now that we are handling this request, we'll write out "Hello, world!" to the client.
     * To do so, we must first set the appropriate content type, followed by our output.
    ap_set_content_type(r, "text/html");
    ap_rprintf(r, "Hello, world!");

    /* Lastly, we must tell the server that we took care of this request and everything went fine.
     * We do so by simply returning the value OK to the server.
    return OK;
Matthew Hughes | 17 Oct 19:49 2014

mod_ssl, poodle and SSLv2Hello

Many SSL clients, notably JDK 6, use the SSLv2Hello protocol to handshake with the server.  Using this
protocol does *not* mean you are using SSL 2.0 or 3.0 for that matter; it is merely a handshake to determine
*which* protocol to use.  [http://tools.ietf.org/html/rfc5246#appendix-E.2]

However, in Apache, if you disable SSLv3 support, this apparently removes support for the SSLv2Hello
protocol.  Apache Tomcat has explicit support for SSLv2Hello; that is, you can enable that, but not enable

Is there any way to do this in Apache?  
Tom Purcell | 17 Oct 18:10 2014

Apache HTTPD sends a 400 the client gets a 200


We have an application that consists of REST endpoints on a jboss server(5.1.0) fronted by Apache httpd(2.2.15). When a client makes a bad request it usually gets the expected 400 http response code but sometimes the client sees a 200. This happens sporadically. Two days ago I ran a test where it happened 11 out of 20 times. Today the highest occurrence has been 3 out of 40.

To add some context here's some output from the test. Note both calls are identical but one gets a 400, the other 200: 

curl -s -D- -u user:passwd -X POST --data <at> uc.json https://ourdomain.com/ourapp/rest/v3/subscriber/<id>/user/0 2>&1

21 :  HTTP/1.1 400 Bad Request^M Date: Wed, 15 Oct 2014 18:44:22 GMT^M X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1^M Content-Type: application/json^M Content-Length: 361^M Connection: close^M ^M^M { "ErrorMessage" : { "errorMessage" : "Json validation failure: {level=\"error\", schema={\"loadingURI\":\"#\",\"pointer\":\"/properties/userConfig/properties/userType\"}, instance={\"pointer\":\"/userConfig/userType\"}, domain=\"validation\", keyword=\"enum\", message=\"instance does not match any enum value\", enum=[\"0\",\"1\",\"3\"], value=0}" } }

curl -s -D- -u user:passwd -X POST --data <at> uc.json https://ourdomain.com/ourapp/rest/v3/subscriber/<id>/user/0 2>&1

22 :  HTTP/1.1 200 OK^M Date: Wed, 15 Oct 2014 18:44:24 GMT^M Transfer-Encoding: chunked^M Content-Type: text/plain; charset=UTF-8^M ^M { "ErrorMessage" : { "errorMessage" : "Json validation failure: {level=\"error\", schema={\"loadingURI\":\"#\",\"pointer\":\"/properties/userConfig/properties/userType\"}, instance={\"pointer\":\"/userConfig/userType\"}, domain=\"validation\", keyword=\"enum\", message=\"instance does not match any enum value\", enum=[\"0\",\"1\",\"3\"], value=0}" } }

The following are the Apache ssl_access.log entries that correspond to the above calls. Note both got a 400: - - [15/Oct/2014:14:44:22 -0400] "POST /ourapp/rest/v3/subscriber/<id>/user/0 HTTP/1.1" 400 361 - - [15/Oct/2014:14:44:24 -0400] "POST /ourapp/rest/v3/subscriber/<id>/user/0 HTTP/1.1" 400 361

More context: 

  • This never happens going directly against the jboss server
  • It does happen both with and without SSL when hitting Apache
  • The tests results shown above were run with using curl as a client but we have also seen it happen with other clients(Charles, wireshark, IOS apps, etc)
  • Note that the 200 response above does not mention the jboss server but that the 400 does. I have verified that both requests hit the jboss server by locating the stack traces in the jboss log.
  • Normally there is an F5 in the mix and when hitting the app through it we get the same results. That said the tests referred to here bypassed the F5 and hit the Apache server directly 
So we should get a 400 but when it gets to the client the response code is 200. Any thoughts?

Tom Purcell
Cell: 215-779-1963

Marcelo Custódio | 17 Oct 16:45 2014

RewriteCond not working ...

hey I need a condition + rule like this: wheter I go to www.example.com it serves me index.php but otherwise if I go to www.example.com/my-article it points me out to show_post.php?url=$1

I´ve tried this: http://apaste.info/6i2 . Please note RewriteRule ^viewpost-([^/]*)$ show_post.php?url=$1 [L] is just a workaround and not my final intention ( it works when I request www.example.com/viewpost-my-article but my intention is www.example.com/my-article )

Thanks in advance !
pratibha.dhankhar | 17 Oct 12:53 2014

Apache Upgrade

Hi All,



Can someone please suggest steps to upgrade Apache 2.2.21 to 2.2.29? It’s a little urgent requirement.









The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.


Mimiko | 16 Oct 11:57 2014

Load module .a


I've compiled httpd 2.4.11 and in modules directory are only *.a and 
*.la modules. How can I load them? This modules where specified to be 
shared, but no *.so is created. At minimum I have mod_mpm_prefork.a and 
no mod_mpm_prefork.so. httpd cant start without a mpm, so LoadModule 
mpm_prefork_module modules/mod_mpm_prefork.a gives this error:

httpd: Syntax error on line 130 of /opt/httpd/conf/httpd.conf: Cannot 
load modules/mod_mpm_prefork.a into server: 
/opt/httpd/modules/mod_mpm_prefork.a: invalid ELF header

How to load such a module? Or how to compile *.so module?

./configure --prefix=/opt/httpd --enable-option-checking 
--enable-hook-probes=no --enable-exception-hook --enable-modules=all 
--enable-mods-shared=all --with-apr=/opt/apr-1 
--with-apr-util=/opt/apr-util --with-pcre=/opt/pcre --with-z=/opt/zlib 
--with-libxml2=/opt/libxml2/include/libxml2 --with-lua=/opt/lua 
--with-ssl=/opt/openssl --with-mpm=prefork --enable-mpms-shared=all 


Mimiko desu.