CVE-2014-0227 – Apache Tomcat – Request Smuggling

CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: – – Apache Tomcat 8.0.0-RC1 to 8.0.8 – – Apache Tomcat 7.0.0 to 7.0.54 – – Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craft a malformed chunk as part of a chucked request that caused Tomcat to read part of… Continue reading CVE-2014-0227 – Apache Tomcat – Request Smuggling

Updating Apache to the latest version on DirectAdmin

You can check the current version of apache by running /usr/sbin/httpd -v CustomBuild – current If you’re using custombuild (as most new boxes are), run the following cd /usr/local/directadmin/custombuild ./build update ./build apache ./build php n ./build rewrite_confs CustomApache – end-of-life If you are using customapache with the 1.3 version of apache to the most recent, run… Continue reading Updating Apache to the latest version on DirectAdmin

Why do I need an owned IP for my own SSL certificate?

The reason you must have your own dedicated IP address when you want to use your own SSL certificate (when you don’t want the server wide shared certificate) is because of the way SSL and Apache (httpd) works. For name based web-hosting (when many domains are on one IP) the web browser will pass the… Continue reading Why do I need an owned IP for my own SSL certificate?

How to forward a website to another url

There are several ways to accomplish this task, but the simplest to understand is to use php. To do this, you need to create the page that will do the forwarding.  This can be any page, as long as it ends in “.php”.  If you are trying to redirect a domain, you’d create “index.php” inside… Continue reading How to forward a website to another url

Redirect domain.com to www.domain.com

If you want to force clients to use www.domain.com, you can redirect them from domain.com to the www version with an .htaccess file. In your public_html folder, create a file called .htaccess and add the code: RewriteEngine On RewriteCond %{HTTP_HOST} ^domain\.com RewriteRule ^(.*)$ http://www.domain.com/$1 [R=permanent] where you’d need to replace domain\.com and domain.com with your actual domain name.  Note the \ character must… Continue reading Redirect domain.com to www.domain.com

Adding custom modules to apache for custombuild – DirectAdmin

If you want to add any extra modules to apache in custombuild, they’ll need to be compiled in. Any module that needs to be compiled in will have a –with-module type flag which will need to be used. To add this flag, run the following:   cd /usr/local/directadmin/custombuild mkdir -p custom/ap2 cp configure/ap2/configure.apache custom/ap2/configure.apache vi… Continue reading Adding custom modules to apache for custombuild – DirectAdmin