Security problem with virtual host

Similar Messages

• Problem with Virtual Host

  i create a virtual host on infrastructure and midtier
  if i connect to the home page (http://www.virtualhost.it:7779) it works. if i connect to the http://www.virtualhost.it:7779/pls/portal i get the original page http://server.rsdom.com:7779/pls/portal.
  how can i understand the problem?
  thanks in advance
  giorgio

  Sounds like you edited the HTTP Server for the virtual host, but did not update the portal configuration within the repository. If you have access to metalink, see:
  Note:218031.1
  Subject: Configuring Multiple URLs With Portal 9.0.2 Using Virtual Hosts

• Apache-weblogic bridge problems with virtual hosting

  Hi,
  Can we set apache-weblogic bridge where apache webserver is configured
  as virtual hosts and each Virtual Host is mapped to a WebLogic server
  instance running on separate port ?
  Please provide doc or reference or your comments if you have solved this
  problem
  Thanks
  Shriniwas

  The above comments notwithstanding, there's one outstanding line in your post that seems crucial:
  Also if I type on my browser the name of another secondary (or virtual) domain name in the form http://domain2.com it brings the website hosted under the primary domain which is domain1.com. In case I type http://www.domain2.com than it works as it should and displays the website hosted under this domain name.
  As far as Apache is concerned, 'domain2.com' and 'www.domain2.com' are completely separate entities. They have to be otherwise if all domain2.com traffic went to this site you'd never be able to host different sites within the domain (e.g. blogs.domain2.com, wiki.domain2.com, blah.domain2.com, etc.). In other words, there is no automatic relationship between a hostname and sub-records of that hostname.
  So what's happening here is Apache is seeing a request for 'domain2.com' which does not match any of its configured virtual hosts, so it handles the request via the default site. If you request www.domain2.com this matches your virtual host configuration so Apache serves the alternate content.
  The fix is simple - trivial, even - you just need to tell Apache all the hostnames that match this site - in this case if you've configured the site's primary address as 'www.domain2.com' and you want it to also respond to requests to 'domain2.com' then add 'domain2.com' to the list of Server Aliases in Server Admin.

• Problem with Virtual Hosts Individual Config Files and OSX 10.7 Lion (AllowOverride Setting)

  I am hoping some other Xserve users running OSX 10.7 (Lion) can offer some additional input or help in a couple of issues I am running into with the Apache settings on my server.
  Below is an example site config file on our server. We are hosting a number of sites and are using .htaccess files and apache's rewrite module to create vanity URLs. In order for the .htaccess files to be used AllowOverride has to be set to "All" instead of "None"
  The problem I am running into is everytime I stop and restart the web service on the machine it keeps changing this setting back in the individual site configuration files. I will change it to AllowOverride All and next time the server has to be restarted or the web service has to be restarted it is defaulting every site back to None which has become quite frustrating.
  Is there somewhere I can set this default setting to prevent this from occuring and forcing every site and site config to default to "AllowOverride All" ?
  Should I be researching this somewhere specific? OSX 10.7 changed the entire Apache Interface and the manner in which it runs and I am finding little to no documentation on it.

  Are you using the default Server.app, or have you downloaded and installed the (proper) Server Admin tools?
  Server Admin.app isn't included as part of the Lion Server distribution, but if you download it and install it you get the same set of admin tools as you're used to with previous versions. From there you should be able to set the 'Allow All Overrides' setting for your site.

• Configuring webclient  with Virtual Host

  i configure portal with a virtual host.
  Portal it is ok. i can navigate and login with the virtual host server. But the collaboration portlets (Message portlet, calendar portlet) link to the original server.
  what can i do to work also with virtual host?
  my original server is the internal host name.
  the virtual host is the public server name.
  thanks in advance
  Regards
  giorgio

  no problem from flex side.. need to escape crossdomain.xml
  file in htacess for codeigniter i.e RewriteCond $1
  !^(index\.php|images|application|uploads|robots\.txt|crossdomain\.xml)
  in htaccess file.

• Security problem with Google Recaptcha plugin

  Hi all,
  Found a security problem with Google Recaptcha plugin. If I delete the tag containing the recaptch(on some page) with Firebug, I can authorize myself without validating with Recaptcha. If someone knows how to fix this problem, I'll be be very thankful.
  Thanks in advance,
  Regards Ivan

  Hi Ivan,
  you can secure it by adding an "Item specified is NOT NULL" validation to your page.
  Will update the documentation and try to add a permanent fix in a new version of the plug-in.
  Thanks for letting us know!
  Patrick
  My Blog: http://www.inside-oracle-apex.com
  APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
  Twitter: http://www.twitter.com/patrickwolf

• I used to have a podcast that had been accepted on Itunes, but my I began to have problems with my host, so I changed host and created a new podcast, and I submitted my new podcast, Apple refused, and now says the feed has already been submitted??

  I used to have a podcast that had been accepted on Itunes, but my I began to have problems with my host, so I changed host and created a new podcast, and I submitted my new podcast, Apple refused, and now says the feed has already been submitted? Maybe Itunes thought that I was someone trying to copy my old podcast because I kept the same name, I tried to change the names but it looks like I'm on a blocked list...

  There is a procedure for changing the feed URL for a podcast, which it seems you haven't followed: you have to add a special tag to the old feed - just submitting a new feed will have exactly the effect you describe. The proper method is described here:
  http://www.wilmut.webspace.virginmedia.com/notes/podcast.html#move

• Possible security problem with my iPhone4, it seems like it has been hacked into and my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice.

  I seem to be having security problems with my iPhone4, it seems like someone has hacked into my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice and I have not left my phone unattended at any time that I can recall nor have I accessed these accounts from another source (i.e. computer/laptop) since changing my passwords after the first hacking occurred. Please help.

  Anyone else at your university complaining about the same thing?  It is more likely someone is stealing passwords by sniffing traffic over the university wifi or with a man-in-the-middle attack or by other means external to your phone.  Try a Google search on "steal password" (without quotes) or "steal SSL password" and you'll learn more than you wanted to know about how passwords get stolen.
  Some related info:
  http://en.wikipedia.org/wiki/Session_hijacking
  http://en.wikipedia.org/wiki/Man-in-the-middle_attack

• Wf component container not starting with Virtual host

  Hi,
  We have setup fresh instance of R 12.1.1 on Solaris with Virtual host. Did installation with rapidwiz -servername virtual.
  Now when we end setting up wfmailer setup it refused to start saying component services are not up. While looking at it, it is still looking for Physical host rather Virtual. Can anyone suggest how to resolve this.
  Thanks

  Post in 11i thread closing it

• SSL with virtual hosting in Weblogic Server 5.1(WLS5.1)

  Hello,
  I am tasked with implementing a virtual hosting situation that must
  use SSL. It goes like this: https://www.aaa.com, https://www.bbb.com
  and https://www.ccc.com all having separate IPs. These URLs must
  forward the request to the same WebLogic Server instance. The problem
  is each URL must have its own certificate while WLS 5.1 only uses one
  certificate per instance.
  I was thinking about using a proxy server such that all three Web
  servers that would host the URLs would be sent to a proxy server which
  would redirect to the WLS 5.1 instance.
  My questions are, would this be feasible using WLS 5.1 as the Web
  Server and again WLS as the App Server? How secure is this
  arrangement? Is it preferable to use another vendor's software as the
  WebServer(IPlanet, Apache)

  Hi Andy,
  I think a good approach for you would be to use a proxy server --
  browser -> proxy that supports virtual hosting -> WebLogic
  Use a proxy which supports virtual hosting, and which can have a separate
  certificate bound to each virtual host.
  That way you can do SSL between the browser and the proxy, and you can
  have the proxy do cleartext to WebLogic.
  This situation gets around WebLogic's limitation of allowing only one
  certificate per instance of the server.
  You could also use 5.1 as the proxy in the following manner:
  Run 3 instances of Weblogic, each as a proxy server, each bound to a
  different IP address and DNS name, having its own certificate --
  one instance for aaa.com, another for bbb.com, and a third for ccc.com
  Then have each of these three instances of WebLogic proxy to your "app
  server" instance of WebLogic on the backend.
  Hope this makes sense.
  Joe Jerry
  Andy Walker wrote:
  Hello,
  I am tasked with implementing a virtual hosting situation that must
  use SSL. It goes like this: https://www.aaa.com, https://www.bbb.com
  and https://www.ccc.com all having separate IPs. These URLs must
  forward the request to the same WebLogic Server instance. The problem
  is each URL must have its own certificate while WLS 5.1 only uses one
  certificate per instance.
  I was thinking about using a proxy server such that all three Web
  servers that would host the URLs would be sent to a proxy server which
  would redirect to the WLS 5.1 instance.
  My questions are, would this be feasible using WLS 5.1 as the Web
  Server and again WLS as the App Server? How secure is this
  arrangement? Is it preferable to use another vendor's software as the
  WebServer(IPlanet, Apache)

• Problem with Virtual PC and Network Connection - VPC gets disconnected

  Hi,
  I've been having a few problems with a virtual computer and its network connection.  I've set up a few computers the same way over the years and they all work fine except this one.  We use the Virtual PC and XP mode to access our data from an older
  program.  The databases are on a server, which are accessed as a mapped drive.  Every once in a while (with no particular pattern, sometimes it doesn't happen all day, sometimes it happens every 5 mins), the VPC gets disconnected from the network,
  my program returns a file read error and then everything is frozen.  When I try to ipconfig/release and renew, it releases correctly then it won't renew.  I need to shut down the VPC from the Win7 task manager and even so, it doesn't shut it down,
  even when I try to kill the vpc process.  The only way it'll come back up is if I restart the computer.  The network connection on the Win7 computer doesn't do that.
  Is there anything I can do to fix this ?
  Thanks,
  Melanie

  Hi,
  Does it become more stable now, actually, I'm afraid that this issue is not related with the drive letter or name. Since you're using bridge mode, the I would suggest you use NAT as a test, it is the default network configuration, which allows the VM
  to leverage the external TCP/IP network connected to the host. This is very useful if you regularly move the host computer between different network configurations. NAT is the preferred networking option when there is a shortage of IP addresses, a need to
  ensure the VM’s IP address is not targetable from an external network, or a need for connecting using WWAN.
  Yolanda Zhu
  TechNet Community Support

• Working with virtual host & hosts files on a local network

  I'm setting up a small local web and production server here in my office running Leopard.
  I'm setting up virtual hosts for users on the network to review and comment on websites in development. Ideally they'd access it as:
  host1.webserver.local
  host2.webserver.local
  host3.webserver.local
  Problem is, users on the network can see webserver.local just fine, but the subdomains need to be registered with hosts file on each computer.
  Is there a way I can manage all computers hosts file easily? I was thinking of an SVN repository, but this still requires going to each computer to update the file.
  Any suggestions here would be great.
  Thanks
  Rich

  Hi jscher2000
  Thank you for your interest.
  I am using "manual prxoy configuration" option in firefox with port 8080. I have tried the option of "Use system proxy settings" but it doesn't help.

• MySQL problem with 1and1 hosting

  I have just discovered this group.  I posted a similar post in the Dreamweaver area, but it probably needs to
  be here.
  I was asked to add database functionality to a website hosted by 1and1.  I just started to use DW CS5
  recently and when I tried to connect the MySQL db using Dreamweaver, I got the 404 file not found error
  message.  It has been a while since I have worked with PHP and MySQL, but I have used MySQL many times in the
  past using DW CS4 and using 1and1, so I know that it used to be possible.
  Here is what I have done so far:
  Tried to connect using DS CS5.  Tried to connect using DW CS4.  I contacted 1and1 and they told me that they
  no longer allow MySQL to connect using Dreamweaver.  However, they sell DWCS4 software to be used with their
  higher end hosting packages (which I am using).
  Here are my questions:
  1) Is this a known problem with 1and1?  If so, is the DW that they sell altered to get around this?
  2) Is this how other hosting companies are going, or is this only true of 1and1?

  RobertBoy wrote:
  Tried to connect using DS CS5.  Tried to connect using DW CS4.  I contacted 1and1 and they told me that they
  no longer allow MySQL to connect using Dreamweaver.
  This means that they disabled remote access to their MySQL server for security reasons, meaning that you´ll have to...
  1. set up a local testing server (eg. MAMP, XAMPP) and develop/test your work locally
  2. upload the finalized files to the remote server and run them from there.
  If so, is the DW that they sell altered to get around this?
  Unlikely, because the product EULA declares a "No Modification" restriction.
  Is this how other hosting companies are going, or is this only true of 1and1?
  This is not uncommon with shared hostings in particular, though there may be some which allow remote access. Let´s hope that other forum participants can provide recommendations.

• Tunneling and problem with unknown host exception

  hello! i've got a problem with https. i use jdk 1.5.0, jboss-4.0.4.ga-patch1, soap.
  and i'm going crasy.. i've testet my client code at our network and it works fine. but if i want to get jobs from the server of our customer, my client throw an "unknown host exception: firm".
  i wonder why it hasn't the full host. the url may look like this: https://firm.sub.com:443/ and while the client connects to the server, i depugged it and the host is correct: firm.sub.
  but after the connection, when the client want to get something from the server (when it wants to communicate with the server over soap) it crashs.
  my client code looks like this:
  private ClientInterfaceEndpoint getClientInterface() throws ServiceException {
  QName serviceQName = new QName(DOCSERVER_NAMESPACE, CLIENT_INTERFACE_SERVICENAME);
  URL wsdlUrl = getClientInterfaceWsdlUrl();
  log.info("*******WSDLURL host: " + wsdlUrl.getHost()); // out: firm.sub
  log.info("*******WSDLURL port: " + wsdlUrl.getPort()); // out: 443
  URL mapping = getClass().getClassLoader().getResource("META-INF/DocumentServer_Mapping.xml");
  log.info("*******MappingURL path: " + mapping.getPath());
  if (wsdlUrl.toString().toLowerCase().contains("https")) {
  if (null == getConfig().getTruststore() || getConfig().getTruststore().equalsIgnoreCase("")) {
  throw new RuntimeException("No or incorrect TruststorePath in the docclient-config");
  File tmp = new File(getConfig().getTruststore());
  if (!tmp.isFile() || !tmp.canRead()) {
  throw new RuntimeException("The truststore at the 'TruststorePath' isn't a file or can't be read.");
  System.setProperty(SYS_PROPERTY_KEY_TRUST, getConfig().getTruststore());
  System.setProperty(SYS_PROPERTY_KEY_TRUST_PW, config.getTruststorePass());
  ServiceFactoryImpl factory = null;
  factory = (ServiceFactoryImpl) ServiceFactory.newInstance();
  Service clientInterfaceService = null;
  try {// create the service for the ClientInterface
  clientInterfaceService = factory.createService(wsdlUrl, serviceQName, mapping, new URL(config.getServerURL())); //, new URL(config.getServerURL())
  log.info("*******ClientInterFaceService WSDL URL Host: " + clientInterfaceService.getWSDLDocumentLocation().getHost()); // out:firm.sub
  log.info("*******ClientInterFaceService WSDL URL Port: " + clientInterfaceService.getWSDLDocumentLocation().getPort()); // out: 443
  } catch (ServiceException e) {
  log.error(e.getMessage());
  throw new RuntimeException(e.getMessage());
  } catch (MalformedURLException e) {
  log.error(e.getMessage());
  throw new RuntimeException(e.getMessage());
  } catch (Exception e) {
  log.error(e.getMessage());
  throw new RuntimeException(e.getMessage());
  }// getting the ClientInterfaceEndpoint
  ClientInterfaceEndpoint clientInterface = (ClientInterfaceEndpoint) clientInterfaceService.getPort(ClientInterfaceEndpoint.class);
  return clientInterface;
  protected URL getClientInterfaceWsdlUrl() {
  URL url = null;
  String urlString = getConfig().getServerURL() + CLIENT_INTERFACE_URI + "?wsdl";
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  Properties properties = System.getProperties();
  String handlers = System.getProperty(SYS_PROPERTY_KEY_PKGS);
  if (handlers == null) {
  properties.put(SYS_PROPERTY_KEY_PKGS, SYS_PROPERTY_VALUE_PKGS);
  else {
  properties.put(SYS_PROPERTY_KEY_PKGS, SYS_PROPERTY_VALUE_PKGS.concat("|").concat(handlers));
  try {
  url = new URL(urlString);
  log.info("*******URL host: " + url.getHost());
  log.info("*******URL port: " + url.getPort());
  log.info("*******URL path: " + url.getPath());
  } catch (MalformedURLException e) {
  log.fatal("DocumentProvider SOAP configured incorrectly. DocServer URL malformed: " + urlString);
  throw new RuntimeException("DocumentProvider SOAP configured incorrectly. DocServer URL malformed: " + urlString, e);
  System.setProperties(properties);
  return url;
  }if it's usefull: the customer use a apache server (not tomcat) where a the server is and the client at another system the jboss.
  The customer told me: if i want to connect the client via http i have to tunnel.. maybe i have to tunnel using https too?
  have i to generate the endpoint classes a second time, extra for https?
  or doesn't soap like host like "firm.sub"?
  can anyone help me please?!
  sorry, my english isn't very well...

  sorry, it's not the same error. The output is: Unable to connect to any host due to exception: java.net.socket.exception: java.net.socket.exception: Unregcognized windows socket error: 10106: create.

• Strange problem with virtual machines backup (Hyper-V 2012R2)

  Hi
  I have a strange problem with backup of virtual machines in one of my Hyper-V environments. Let me describe how does it looks like: There are two physical servers - HP DL360 G8. They are used as hosts for four virtual machines - domain controllers in two domains.
  Each of them runs one DC in every domain. I've configured backup "inside" every virtual machine (with Windows Server Backup tool), in its operating system, because domain controllers should have their system state, regularly backuped, etc. Backup
  is made on the network share - all machines to the same server as destination. And now the case - two virtual server are backuped as expected - the operation takes 3 - 4 minutes and is always succeded. But in case of two remaining it looks as below:
  - Backup operation starts (is scheduled).
  - Volume shadow copy is made.
  - The first partition of VM starts to be copied. It's Windows 2012 R2 Generation2 VM, so it has EFI, Recovery and C: partition. EFI is as first and at this moment backup stucks for a 2-3 hours! Progress of copying is 0%. After for example 3 hours this partition
  is completed and starts the next (disk C:). And again - it freezes for a few hours and suddenly is pushed. As a result the backup is made successfully, but it takes for example 10 hours.
  Both "dodgy" VMs are on separated hosts. All four of them were installed in the same time. I tried to change destination to locally connected disk, but no result. It's interesting as well, that after rebooting VM, the first backup is made normally,
  but every next has described problem again. In EventLog I can't find any errors, I don't know how to diagnose such case precisely, etc. Have you got idea what can cause such behaviour or where on the server should I look for some hints?
  Thanks
  Marcin

  Hi Marcin,
  >>that after rebooting VM, the first backup is made normally, but every next has described problem again.
  It shouldn't happen .
  To narrow this issue down , Please try to backup an Gen1 VM and check the result .
  Best Regards
  Elton JI
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.