Issues with redirecting domain name to another Apache with WordPress

I am currently running into an issue where if someone types in ‘myolddomain.com’, which is redirected to mynewdomain.com, into Google it will bring up the error message about ‘Attackers trying to steal information’. I do understand the concept that you cannot go from HTTPS to HTTPS without having the SSL certificate match the domain that gets redirected, but I was wondering if there was a way to force browsers to view the old domain as HTTP only and not attempt to load it as HTTPS. I know there is a way I just don’t know how to do it in Apache because I have an IIS site that does this and has no issues. I tried several different rewrite rules and disabling WordPress SSL plugins (this was an inherited site) and still have nothing. If more information is needed please let me know. I appreciate your time.

$6/yr / cPanel / Apache / Softaculous / JetBackup / Cloudflare / Moneyback

Hostbazzar.com is now pleased to offer cheap yet quality fast loading cpanel hosting plans. We are offering top class web hosting solutions to clients with 30 days money back guarantee and 24/7 tech support with free ssl certificate.

We are offering following features on our hosting plans:

free auto ssl
free domain registration
cPanel Control Panel
Softaculous (1-click Installer)
PostgreSQL Database
Attracta SEO and Marketing Tools
MySQL Database
Cloudflare
SitePad Website Builder
JetBackup
CloudLinux OS
30 Days Money Back Guarantee
24/7 Fastest Support
99.99% Server Uptime
Instant Activation after payment within 1-2 minutes
free site migration

Budget Shared Hosting Plans:

> LS-HB1 : $0.5/mo

Unlimited Traffic
Unlimited Web Space
1 Site can be hosted
MySQL Database : 2
Single Click Script Installer

> LS-HB2 : $1.0/mo

Unlimited Traffic
Unlimited Web Space
2 Sites can be hosted
MySQL Database : 4
Single Click Script Installer
Shell Access Available

> LS-HB3 : $2.5/mo

Unlimited Traffic
Unlimited Web Space
10 Sites can be hosted
9 Addon Domains
MySQL Database : 15
Single Click Script Installer
Shell Access Available

> LS-HB4 : $4.5/mo

Unlimited Traffic
Free Single Domain
Unlimited Web Space
Unlimited Sites can be hosted
Unlimited Addon Domains
MySQL Database Unlimited
Single Click Script Installer
Shell Access Available

https://hostbazzar.com/linux_shared_hosting.php

Payment Method: PayPal, Debit, Credit Card Payments.

Thanking you.

Understanding mod_expires apache module [closed]

Working with htaccess is a new capitol for me. I have already read about mod_expires here https://httpd.apache.org/docs/current/mod/mod_expires.htm, but I’m stil confused.

I have the next code from stack overflow:

ExpiresActive On ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType text/css "access 1 month" ExpiresByType text/html "access 1 month" ExpiresByType application/pdf "access 1 month" ExpiresByType text/x-javascript "access 1 month" ExpiresByType image/x-icon "access 1 year" ExpiresDefault "access plus 2 months" 

My questions are:

  1. I suppose the line ExpiresByType image/jpg "access 1 year" tells the client (browser) to download the file and keep it for one year. And when the client accesses the same page from my website, the jpg image won’t be downloaded from my website. It will be read from his computer (where the browser saved first time). After one year, the browser automatically deletes the file and, once the client access my website, it will download again, for another year. If the client cleans his browser history after 2 months, then the browser will download it again even if a year hasn’t passed. Do I miss something ?

  2. What cache availability should I set for each file type ? It depends on the file ? What should I consider when set the expiration time ?

  3. What’s the difference between "access 1 year" and "access plus 1 year" ?

  4. Does ExpiresDefault rule works for php files too ? I mean, if I have a contact.php file with some content and I modify the content of contact.php, because of ExpiresDefault rule, the content won’t change to the user ?

  5. Do search engine spiders listen for this cache rules or they download the files each time they crawling my website ?

  6. Is it true that ExpiresDefault is for the files I don’t set using ExpiresByType ? If the answer is yes, what are the other types ? What types of files are included here ?

  7. Do I understand correct that Header set Cache-Control "max-age=290304000, public" is the maximum time allowed for a file to be cached ? If the answer is yes, then means that "access 999 years" will take no effect as long 290304000 is the limit. True or false ?

Running PHP echo $_SERVER [‘DOCUMENT_ROOT’]; Shows Apache Default Path

Trying to get set up and running on a new hosting company after the old one announced they are discontinuing their service at the end of the year, I am having difficulty getting the sites to run. I narrowed it down to Apache’s DocumentRoot for each domain showing the Apache default path rather than showing the path to the individual site’s file location. In other words, when I run echo $ _SERVER ['DOCUMENT_ROOT']; in a test script, it shows the path as /etc/apache2/htdocs when it should show /home/username/public_html/domain.com. They seem unable to fix it so can DocumentRoot be changed through cPanel for each domain?

Apache redirect .com.ar to .com

we have a website with 2 different domains:

www.example.com or example.com

and www.example.com.ar or example.com.ar

I want all requests redirected to www.example.com.

I know I have to create two virtual hosts in Apache and in the .htaccess file for .com.ar site put the rewrite rule (as explained here I have domain.com and domain.org to the same site, should I use redirects to avoid duplicate content)

My question is: we have a wildcard SSL certificate for .com domain. Is it possible to redirect HTTPS requests for www.example.com.ar and example.com.ar to the .com site? Or I should get another SSL certificate for .com.ar domain?

Protect password from apache user by making file executable-only

I (will) have a binary executable file. It’s only permission is user-execute. It cannot be read by user, group, or world. The owner of the file is the Apache user. I don’t want the apache user to be able to read the file, but I do want the apache user (via a PHP script) to be able to execute the file.

The binary executable file contains a password that is used to decrypt an SSH private key file, as I need the public key to hash the request body & compare against a hashed signature my server is receiving. The executable binary file will receive the request body & hashed signature, do its stuff, and simply return "yes" or "no" to indicate if the request is valid.

I know my executable binary file could still be accessed by root or sudo. Preventing that would be interesting, but is beyond the scope of my question.

Would this be an effective way to protect the password (which is in the binary file that can ONLY be executed) against PHP scripts running under the apache user?

Note: I would like to open-source this setup so want it to be useable on a variety of linux servers. I’m personally on a shared-server so can’t really configure apache or the system, and that would be my target audience.

Remove Apache Tomcat on Debian to use Jetty sever

I’m a beginner on linux, and I would like to install a wiki software on a server, a virtual machine with debian 10.

First I began to follow the tutorial 1 to install Bluespice 3, a wiki sofware, the Apach part is ok, then Jetty. Afterthat I installed Apache Tomcat 9 with the help of another tutorial, tutorial 2. Then I realized jetty has the same functionnallity (Tomcat 9) and prefered by tutorial 1.

To get to the point, I want to delete Apache Tomcat to prioritize jetty, and to keep following the tutorial 1. But I didn’t install Tomcat 9 via the command line "apt-get install….", but via the extraction of tar.gz file, with the creation of Tomcat group… so i do not know the exact package names of tomcat 9 to remove its properly. Is there a specific package property of tomcat 9 to remove its properly?

Otherwise, maybe an other solution. When I type in the web browser http://localhost:8080, the web page is 404 error with the message: "the origin of the server did not find a current representation for the target ressource or is not willing to disclose that one exits". In the left bottom, it’s written "Apache Tomcat/9.0.37. I think Tomcat has the priority. But in this case I would like the html page of Bluespice3, knowing the Bluespice war file is at the right location in /var/lib/jetty9/webapps Can I modify the path between localhost and server to give the priority at jetty, without removing tomcat? Is it possible?

Thanks in advance for your help*

Force Apache Server/Tomcat to ignore Transfer-Encoding

I am trying to reproduce HTTP request smuggling using an Apache HTTP Server as a reverse proxy (using mod_proxy) and a Tomcat Server in the back-end.

Is it possible to force either Apache Server or Tomcat to ignore Transfer-Encoding in requests (and only use Content-Length)? Or is request smuggling simply not possible with this configuration?

Using apache mina for ssh using signed ssh-rsa-cert-01 from Certification Authority

There is an existing client configured and running (SshClient) using apache mina to ssh to one of our internal jump boxes. It currently uses PEM based authentication. Due to compliance we have to switch to using internally signed certificates (internally we are using hashicorp vault as a CA). I’m unable to find any documentation regarding how to use signed certificates for ssh in apache mina to start with. Is it not supported? Will I perhaps have to use any other java ssh library?

Kafka source code on github and from the apache website is missing the “org.apache.kafka.common.message.” package? [closed]

I tried downloading the source code of Kafka from Github as well as from Apache’s website. I found that both the sources were missing the “org.apache.kafka.common.message.” package. Can anybody kindly let me know why this might be the case.

Kindly note that I had downloaded the source of “AK RELEASE 2.5.0” from Apache’s website. Similarly I used “trunk” branch from the current github repository for kafka.