kevintynfron

Hi Srini The rewrite rule you've given won't work for https because the second line checks that it is not encrypted. in pseudo-code, you've got: if the requested host contains "test.com" ignoring case AND it is not an encrypted connection then re-write to the login page with a permanent redirect I'm having problems of my own along these lines, so I'm not really in a position to give you the answer. I do have a couple of suggestions/questions, though. 1. you'll need to re-write to https to make it use the encrypted connection.current encryption RewriteCond %{HTTP_HOST} test.com [NC] RewriteRule .* https://test.com/home/login.jsp [R=301] 2. As it stands, this rule will surely re-write for any and all requests that come to test.com domain - graphics, html, flash, everything will get redirected to the login. Once you've logged in, any other page will be re-directed to the login script. Sorry for not having a definitive answer. Kevin

I have a server that I'm trying to reduce the server load over xmas/new year by introducing far-future expires headers and removing Etags and last-modified headers. The problem is that there's a subdirectory that I can't have the expires headers on because they are 'featured' images that change daily and I can't change the location because it's part of an automated system, etc. Here's the code in httpd.conf: # Turn on caching for the main img directories <directory "/var/www/vhosts/example.co.uk/httpdocs/img"> <FilesMatch "\.(jpg|jpeg|png|gif|swf)$"> ExpiresActive on ExpiresDefault "access plus 1 year" Header set Cache-Control "max-age=31536000, public" Header unset Last-Modified Header unset ETag </FilesMatch> </directory> # Turn off caching for the featured directory as images always have the names featured01.jpg, etc. <directory "/var/www/vhosts/example.co.uk/httpdocs/img/featured"> <FilesMatch "\.(jpg|jpeg|png|gif|swf)$"> ExpiresActive off Header unset Cache-Control </FilesMatch> </directory> So in pseudo-code, I want <Parent directory> Far-future expires header Long Cache-Control expires No Etag No Last-Modified </Parent Directory> <Specific subdirectory> No Far-future expires header No Long Cache-Control expires Etag Last-Modified </Specific subdirectory> Any ideas? I'm sure I could use "header set last-modified" or something like that, but can't find the details I'm after. Cheers

Thanks corbin. Isn't that "if (the host is not exactly equal to "www.example.co.uk") {" ? I thought the '!' was a NOT operator In which case presumably changing the https to http would work. This seems like a bit of a quick'n'dirty way to do it, not that I know of any other way. Is there another way that anyone knows of? Cheers, Kevin

Hi all, We have a website where we want users to browse unencrypted for most of it, but move to encrypted when they move to other areas. We also want to make sure all URI start www. at the moment, .htaccess in the httpdocs root has the following RewriteEngine On RewriteCond %{HTTP_HOST} !^www.example.co.uk$ RewriteRule ^(.*)$ https://www.example.co.uk/$1 [R=301] RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} operator [OR] RewriteCond %{REQUEST_URI} your_account [OR] RewriteCond %{REQUEST_URI} buy_tickets/checkout [OR] RewriteCond %{REQUEST_URI} sell_tickets RewriteRule ^(.*)$ https://www.example.co.uk/$1 [R,L] I'm guessing that it's the first rewrite rule that's doing it with the "https". Does it then carry on after the re-write onto the second? On another note, would I be better off putting this in httpd.conf somewhere? I have been trying to test this, but am having real problems getting mod_ssl going on my test platform (but that's another story....) so thanks for any help. Cheers, Kevin

A quick-and-dirty check is if you have server-status enabled, the number of dots show how many clients you can have.

Thanks

Thanks alluoshi, I was aware of that, and have adjusted maxclients up a bit. How big can the queue be and can I see the size of it?

Just been on the BBC iPlayer website and have been told that the servers are too busy, can I come back later. How do I do that with Apache? There seems to be two cases on the face of it. In the first case, I have the BBC-type scenario where the web server itself is Ok, but the back-end is busy. The second case is when I run out of apache processes (Like in another thread) What happens then? I can't inform users to wait because there's no processes to give them the information. Do they all go in a big queue? Not after specifics, necessarily, as I imagine it may not be that simple. Big picture stuff will do. Cheers, Kevin

Hi there, Have you looked at the server status directive for apache? If you've changed the ThreadsPerChild, then I assume you've no problem editing httpd.conf. You're using the worker module, and I'm using the prefork module to achieve the same kind of thing, so I assume server-status will return something similar. http://www.apache.org/server-status shows what to expect. This has extended status on. Here's the code from my server. <Location /server-status> SetHandler server-status AuthType Basic AuthName "System Status" AuthUserFile /var/www/vhosts/example.co.uk/.htpasswd Require valid-user </Location> I'm using the password authentication because I can't guarantee my IP address like they use in the examples. You don't need to have the viewing restrictions, but I thought it was a good idea not to be broadcasting the workings of the server to the world. Hope this helps, Kevin

This seems to an issue with the clients. Either they're behaving badly, or there's a DOS attack. The number of R processes comes and goes during normal use, and I can see that when the server was set up to only have 10 processes max, it could easily saturate them with 10 'R' processes. The example I posted at the start of this thread had maxprocesses set to 50, and I've upped it to 75. An 'R' process seems to be waiting in a FIN_WAIT_2 status, and there's notes on that here. The answer would appear to be to use the Timeout directive. The Apache Docs detail how it cuts off connections that are taking too long. At the moment timeout is set to 120 seconds. I've switched server-status to use extended mode, so I can see a bit more detail. Watching the processes, every now and a gain, I'll get one that is stuck on 'R'. After 120 seconds, it gets killed off, which is what I want. Monitoring the processes (although only for about 10 minutes), 'normal' requests come in generally below 10 seconds (well, I don't see them as R processes), but there's a few that can take up to 30 seconds, so I think I'll try lowering it to 30 seconds for now. Presumably the downside would be if there's a bandwidth issue, there could be a problem. Any ideas how files are uploaded to an apache server? Timeout will also affect "The amount of time between receipt of TCP packets on a POST or PUT request" So I may get problems if somebody's uploading stuff on a slow link. Unfortunately, one of the tricky things about this is that I can't actually tell if I've solved it, just that it hasn't happened for some times, and as the problem was random to start with, I'll never really know. Cheers, Kevin

That's great, thank you. Unfortunately, I'm doing my proper job for most of the day, so don't get to see it in this state very often. I shall attempt to fashion a script that others can run when the behaviour is noticed to a file that I can look at later. Many thanks, Kevin

Yes, minutes. When nobody had the ability to have a look, they used to just reset the server, I'm guessing it was the same issue, and that resetting the server killed the 'R' processes and allowed normal ones to start again when it restarted. At that point they had Maxprocesses set to 10 and keepalive off. I now have 50 MaxProcesses and keepalive turned on but at 2 seconds. It was doing what you explained with the default of 15s, so I turned it down). I would expect to see a load of 'K's if it was was that. I haven't turned extended status on ,but looking at www.apache.org/server-status, an 'r' process doesn't even have a client IP address, so what's going on? Thanks for the help, Kevni

Went with the comment in pgsql.ini and it worked great. Thanks again, Kevin

Hi ramow, I've just been/still going through the same kind of thing. What I found was that a soft refresh (F5) requests far more things than I expected. Using a navigation link on the web page made things behave as expected. i.e. hitting F5 when viewing the home page requested items with far future expires headers, whereas clicking on a link to the home page and bringing it up that way saw everything behave as I expected, and not request the items with expires headers. I have no idea why, but that's what I saw. See if you get the same. Cheers, Kevin

In what way evil? at the moment, KeepAliveTimeout 2 Thanks, Kevin

How about using VMWare? I've not used it, but you seem to be able to set up networks between virtual machines and state the bandwidth available.

Cheers, will try tomorrow morning when things aren't busy. The references I've found are below. Will it be enough to just add a ';' to comment out in pgsql.ini, or should I comment out everything in php.ini as well for good measure? Many thanks, Kevin in /etc/php.d/pgsql.ini ; Enable pgsql extension module extension=pgsql.so and in /etc/php.ini [PostgresSQL] ; Allow or prevent persistent links. pgsql.allow_persistent = On ; Detect broken persistent links always with pg_pconnect(). ; Auto reset feature requires a little overheads. pgsql.auto_reset_persistent = Off ; Maximum number of persistent links. -1 means no limit. pgsql.max_persistent = -1 ; Maximum number of links (persistent+non persistent). -1 means no limit. pgsql.max_links = -1 ; Ignore PostgreSQL backends Notice message or not. ; Notice message logging require a little overheads. pgsql.ignore_notice = 0 ; Log PostgreSQL backends Noitce message or not. ; Unless pgsql.ignore_notice=0, module cannot log notice message. pgsql.log_notice = 0

Hi all, I'm not sure where to ask this, but am getting the following in the error file for the server: '<b>Warning</b>: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/pgsql.so' - libpq.so.4: cannot open shared object file: No such file or directory in <b>Unknown</b> on line <b>0</b><br />' I'm guessing that this is to do with the postgres database engine. We're running mySQL, but using myISAM and InnoDB tables. It doesn't seem to be causing a problem in terms of site performance, but these warnings are merrily filling the error logs that are getting a bit big. It seems to be related to starting an Apache child process, as the number of warnings has increased since I increased the maxclients in Apache. We have no plans to use the postgres db system, so I'd rather just switch it off. Using Apache 2.054 on Fedora, PHP and mySQL. Cheers, Kevin

Hi all, I’m having a very strange problem where the web server seems to hang for several minutes. The actual server is just sitting there quietly, but the /server-status page shows all 50 of the 50 available Apache child processes as ‘R’. Server Version: Apache/2.0.54 (Fedora) Server Built: Aug 4 2006 14:38:17 ________________________________________ Current Time: Wednesday, 19-Nov-2008 11:55:00 GMT Restart Time: Sunday, 16-Nov-2008 03:40:58 GMT Parent Server Generation: 1 Server uptime: 3 days 8 hours 14 minutes 1 second 50 requests currently being processed, 0 idle workers RRRRRRRRRRRWRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR The single ‘W’ is, I assume, the child that’s writing the screen back to me. The top command wasn’t showing anything as being busy (didn't notice if it was waiting I'm afraid), but the web server isn’t handing anything out. After a couple of minutes, the ‘R’s go away and normal service resumes. What does the ‘R’ signify? Waiting for a client to finish asking for things? How do I/ Can I stop it happening. Cheers, Kevin