Apache - Hombre (Voodoocuts Rework)
#JazzDeVille #Groove #NowPlaying #Apache
#Apache
Debugging this and… it looks like the problem might be the backref to a previous RewriteCond?
I've got a similar "block these hosts" RewriteMap using `%{REMOTE_ADDR}` as the key and that works. But using `%1` as a key when the previous RewriteCond is "extract a subset of the octets" fails to look up correctly. Which I've confirmed with a noddy "extract from the query string" lookup.
But then again, it's not working with an env var either. I can do a capture with a RewriteCond, set an env var with a RewriteRule, then do a second RewriteRule using the env var and it works. But if I use `${testmap:%{ENV:testvar}}` then it doesn't find anything. Even though I've shown that the env var on its own contains the expected value.
Apache httpd 2.4.64 has just been released, fixing 8 vulnerabilities (5 moderate, 3 low).
Two HTTP/2 related CVEs also fixed in the latest mod_h2 release v2.0.33.
https://httpd.apache.org/security/vulnerabilities_24.html
https://github.com/icing/mod_h2/releases/tag/v2.0.33
#Apache 2.4.64 is released! It fixes some vulnerabilities, listed here:
Seriously considering to substitute the Apache License for the MIT license due to the "Contributor issue," even for my small scripts. The APL is the only FOSS license that take into account that contributions to a project (think a patch or a pull request) are not the same thing as someone forking the project and adding their code. See APL2.0 section 5 (and section 1 for the definitions of "Contribution" and "Contributor").
Using the APL would allow for a legally coherent use of the generic "Copyright (C) Contributors of project whatever" copyright license that simplifies things a lot.
The only thing stopping me is that the text of the MIT License so short that "looks" right for scripts, but that's a totally extra-legal consideration 🤣
Claude Code を活用!ドラッグ&ドロップでログデータを解析できるデスクトップアプリを作ってみた
https://dev.classmethod.jp/articles/create-desktop-app-claude-code/
LAMP Stack is a combination of Linux, Apache, MySQL, and PHP, which are open-source tools and powerful for the development as well as hosting of web applications. For developers who work on creating web applications, LAMP Stack is a go-to tool as it comes with great efficiency, along with community support. 🛋️
Keep reading:👇
https://greenwebpage.com/community/how-to-install-lamp-stack-on-debian-12/
#lamp #linux #apache #mysql #php #debian #linuxadministration #greenwebpage
Mike Zaschka kicks off the #reCAP2025 talks in the blue room with his open source #SAPCAP plugin for #Apache #Kafka. Join the live stream via the links at https://recap-conf.dev/. #reCAP #CodeConnect
Claude Code 活用!ALB ヘルスチェックに失敗したwebサーバーのログから原因箇所を特定してみた
https://dev.classmethod.jp/articles/detect-healthcheck-failed-log-calude-code/
#dev_classmethod #Claude_Code #AWS #Application_Load_Balancer_ALB #Apache
Oh, FFS. Can't get this working. And can't get Apache to give me enough logging to understand why.
I've got a rewrite map in bdb, it contains IP blocks that are banned (generated from a Python script). I've got rewrite conds that match each of four, three, two or one octets and then try to look them up in the map. If there's a match then it gets tar-pitted. But I'm always getting failed lookups.
The annoying bit is that even trace4 isn't telling me what the input to the map lookup is. Only the result of the lookup when it is compared to the "was it blocked" value.
Maybe I need to drop the zero octets rather than filling them in? Hopefully it's not that RewriteCond captures can't be used as a key in the map lookup.
Apache Lucene 10.2.2
Apache - Hombre (Voodoocuts Rework)
#JazzDeVille #Groove #NowPlaying #Apache
Tonight film is Broken Arrow a 1950 American revisionist Western film directed by Delmer Daves and starring James Stewart, Jeff Chandler, and Debra Paget. The film is based on historical figures, but fictionalizes their story in dramatized form. It was nominated for three Academy Awards, and won a Golden Globe Award for Best Film Promoting International Understanding. Film historians have said that the film was one of the first major Westerns since the Second World War to portray Native Americans sympathetically - Wikipedia
#brokenarrow #western #revisionistwestern #jamesstewart #cowboys #apache #technicolour #1950infilm
GeoParquet and Iceberg vs. OGC API-Features: Ingo Simonis, Chief Technology Innovation Officer at #OGC, has published an article asking the question “Does #GeoParquet Replace OGC API-Features?”. The article positions GeoParquet (and #Apache #Iceberg) vis-à-vis OGC API-Features, the successor...
https://spatialists.ch/posts/2025/07/06-geoparquet-and-iceberg-vs-ogc-api-features/ #GIS #GISchat #geospatial #SwissGIS
🛡️ HIGH severity: CVE-2025-27446 in Apache APISIX Java Plugin Runner (0.2.0–0.5.0) allows local privilege escalation via incorrect file permissions. Upgrade to 0.6.0+ ASAP. https://radar.offseq.com/threat/cve-2025-27446-cwe-732-incorrect-permission-assign-287204e3 #OffSeq #Apache #Vuln #PrivilegeEscalation
The people committed to DDoSing the #Apache #SpamAssassin RuleQA server seem to have substantial resources. I’ve blocked a lot of them, but they keep coming, asking about things like the May 7 2017 performance of a single rule in one contributor's stats. Not stuff real people want.
Of course, there's a resource they do not have. Our sysadmins, both those employed by #TheASF to watch all of our infra and the volunteer cadre focused on SA. We'll keep whacking the moles...
Apache - Hombre (Voodoocuts Rework)
#JazzDeVille #Groove #NowPlaying #Apache
Apache Under the Lens: Tomcat's Partial PUT and Camel's Header Hijack
In March 2025, Apache disclosed three critical vulnerabilities: CVE-2025-24813 in Apache Tomcat and CVE-2025-27636 and CVE-2025-29891 in Apache Camel. These flaws allow remote code execution, affecting millions of developers. The Tomcat vulnerability exploits partial PUT requests and session persistence features, while the Camel vulnerabilities involve header manipulation. Exploit attempts were observed from over 70 countries, with a surge in activity immediately after disclosure. The article provides detailed analysis of the vulnerabilities, including source code examination, exploitation methods, and telemetry data. It also outlines protection measures and mitigation strategies for affected systems.
Pulse ID: 6866650f9a525176d0fa51dc
Pulse Link: https://otx.alienvault.com/pulse/6866650f9a525176d0fa51dc
Pulse Author: AlienVault
Created: 2025-07-03 11:10:07
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APAC #AWS #Apache #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #RCE #RemoteCodeExecution #Tomcat #Vulnerability #bot #developers #AlienVault
Note to self: quando le richieste websocket non funzionano in una applicazione proxata con Apache 2 questa pagina può essere di aiuto : https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html
In caso in futuro non sia più disponibile la configurazione che che ho usato e’
ProxyPass / http://example.com:9080/
RewriteEngine on
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond […]
#apache #apache2 #proxypass #websocket
https://www.b0sh.net/2025/07/websocket-su-proxypass-con-apache-2/
«Зачем нужна шина данных, если есть Apache Kafka?» и еще 3 популярных аргумента против ESB
На связи Сергей Скирдин, технический директор ИТ-интегратора «Белый код». Недавно получил такой комментарий к одному из обзоров ESB : «Я считаю, что интеграционные платформы больше не нужны», а спустя время в Телеграм-сообществе «Шины не для машины» развернулась дискуссия на тему «Паттерн ESB безнадежно устарел». Решил собрать в одной статье популярные вопросы по теме и ответить на них.
https://habr.com/ru/companies/w_code/articles/923708/
#apache_kafka #apache_nifi #open_source #esb #шина_данных #брокеры_сообщений #apache
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst