httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Axel-St├ęphane SMORGRAV <Axel-Stephane.SMORG...@europe.adp.com>
Subject RE: [users@httpd] content of httpd.conf file
Date Fri, 21 Apr 2006 06:29:54 GMT
That does not sound right at all. 
 
1. AddHandler adds a handler for processing URLs having a specific extension. In the case
of the type-map handler, the default is the .var extension.
2. Apache does not modify the httpd.conf file so it should not grow or change.
3. You can safely remove that line since it is commented anyway.
4. You can try figuring out what process(es) has the file open for r/w. You do not mention
what OS you use, but on Solaris you can use pfiles or lsof. On Linux you can probably use
lsof.

Do you publish a PHP or CGI application on that server? Does it run with the same ownership
as the httpd.conf file?
 
In order to prevent Apache from beeing able to modify its configuration file should it be
compromised, change the ownership of the file to something else than the owner of the Apache
processes or change the ownership of the Apache process to something like "nobody" using the
User and Group directives in httpd.conf. 

As an example, do the following:

- Stop Apache.

- Put the following two lines in your httpd.conf, and make sure it does not contain anything
that could compromise the security of your server.

User nobody
Group nobody

- Make sure that Apache cannot write httpd.conf

chmod 644 httpd.conf

- Make sure that Apache can still write to its log files

chown -R nobody:nobody /var/logs/httpd

(replace the path with the path to where your Apache log files are)

- Start Apache


-ascs

________________________________

From: Charles Li [mailto:cli168@yahoo.com] 
Sent: Friday, April 21, 2006 2:50 AM
To: users@httpd.apache.org
Subject: [users@httpd] content of httpd.conf file


Hi,
I see the following in our httpd.conf file:
    #AddHandler type-map  var_123EOL321--123EOL321--123EOL321--
and it just repeats with 123EOL321 and fills up pages.  This section is in the same section
as the AddLanguage, which is inside the IfModule mod_mime.c.

On one of the servers, this line is so huge, it prevents vi opening the httpd.conf file.
Anyone know why its so huge?  
Why do it keep on growing?
What is the purpose of this line?

Thanks,
Charles Li



__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message