Apache & PHP Battle it out in the XP Ring!

Started by Cobra, December 13, 2002, 05:43:40 PM

Previous topic - Next topic
I can not believe this shit.

Apache have 2.0.43 released.. Great some might say .. EAH EEEEEHH!! .. Wrong Answer!..  Not sure how it fairs on a Nix platform yet.. But it is buggy as fuck on ANY Win32 platform.

Not to mention, try and get that fucker to work with PHP .. NOT A FUCKING CHANCE!!. Some people have managed to get it working and have posted there findings to BBS's but many other people have tried the exact same method and no go.

Quote from the Apache.org site:
"The Apache HTTP Server Project is proud to announce the sixth public release of Apache 2.0. Apache 2.0 has been running on the apache.org website since December of 2000 and has proven to be very reliable."

YEAH!! .. if you use UNIX YOU DUMB CRACK HEADS!!..  HOW Can you even THINK!! of removing the BETA status from software when it just does not fucking work..

Now to be honest .. i dunno who to blame here.. Apache or PHP..

On one hand you have Apache v2.0.43 that wont run 100% on any Win32 platform (Which they do say in the announcements) .. But have not Beta status on the software, and have made it an official release. And releasing it, when it is not compatible with the latest release of PHP etc.. WHAT FUCKING USE IS THAT TO ME! ??!

And then the other hand, you have the PHP dingos. They have the option for automatic configuration of a range of servers.. In that list is Apache.. Sooo as one does, he tries it and see what happens.. Only to get greeted with "The software for Apache Configuration has not been developed yet"..

SO WHY ADD IT IN THE SOFTWARE YOU BUM BANDITS!!!...

I'm sorry, but the standard has slipped sooo fucking bad..  I really dread to think how vulnerable Windows systems are that are running Apache.. I would not recommend it to ANYONE!

Anyway.. After many hours setting up this server.

For windows users.. Stick with Apache 1.3.*, and the latest release of PHP.  They are very stable and work 100%..

You try upgrade to v2.0.* and nightmares will begin!!

Okay, finished my rant.
I am not suffering with insanity... I am loving every minute of it.

From what I have been hearing, not allot of people like apache 2.0  And thats comming from the Unix users I talk with.  ???

Actually, I've been using Apache 2 and PHP on BSD for a while now... no probs as of yet...
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

gotta love the devil's advocate..


Met
"My Terminal is my Soul"

Uneek, you Galord Fauker!

What release of PHP were/are you using?
I am not suffering with insanity... I am loving every minute of it.

December 30, 2002, 02:11:05 PM #5 Last Edit: December 30, 2002, 02:18:48 PM by Uneek
Apache/2.0.28 with PHP 4.2.3

PHP 4.3 is now released and is supposed to (taken from PHP site)...

"Apache2 filter is improved, but is still considered experimental (use with PHP in prefork and not worker (thread) model since many extensions based on external libraries are not thread safe)"

So beware... still. But has a bunch of other fixes as well.  Good luck man!
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

I've used Apach 2.0.X w/PHP 4.2.X and have run into some complications with getting other modules to work correctly due to the changes in Apache. I have reverted some of my production boxes back to Apache 1.X until the "experimental" word goes away. It's scarey not matter what you use.Kinda the "catch 22" or "damned if you do, damned if you don't" situation if you ask me. I havent dipped into php 4.3.0 yet.

Wilnix
alt email address: wilnix@hackphreak.org

Yeah... sorry, I failed to include the fact that the box I have running Apache 2 and PHP is my home server. At work the production webservers are running Apache 1.3x.
*** Sleep: A completely inadequate substitute for caffeine. ***
01010010010101000100011001001101

So Will...

does that mean you got up the services on your network after the changing from FreeBSD to OpenBSD ? :)

Met

"My Terminal is my Soul"

Apache of any version has always been touchy on Win32 OS's. Thats my experience at least. It seems to like 2000 best though I havent tried it on XP or .Net beta yet.

But I have heard a lot of good on Apache 2.x although I havent used it myself yet.
"A well known hacker is a good hacker, an unknown hacker is a great hacker..."

I don't care what your parents told you, you aren't special.
  • https://github.com/tazinator

Metgod -

I switched back to FreeBSD due to my overall infatuation with it. I'm learning more C and ASM (Intel and SPARC) so I can contribute to it and am trying to contribute some hardware to them as well...

Apache 2.X does have some goodies in it, I'm just not able to convince myself to put it on a production box at this point. I'm willing to bet it's riddled with vulns...but then again, what do I know?

Wilnix
alt email address: wilnix@hackphreak.org

I have just got my personal web pag online,  Had to fight with Cox cable (lost that one) but I went around their firewall and put it on port 8080 anyways.  Now if you go to my web page thats listed, and click on the cbk icon on the top left corner, it will take you to my personal server on my system.  (don't really know if thats a smart thing to do or not)  I'm working on a learning php by making a login script for access to a family photo gallery.  And maybe some other scripting.

I have really gotten into the whole Apache/PHP/MySQL/Open Source thing!  It's really  reassuring to hear you all discuss the topics that I only do as a hobby, and (from what it sounds like) you all do as your profession  I must say that I learn so much form you all just by reading the discussions and then going out and try to understand /learn for myself.  

Thnak you HFX.

btw, any tips on running my own web server would be appreciated

Well, *MOST* of HFX does it as a profession.
Sad to say, that I just can't (and don't really want to).. not now anyways. I don't do much at all these days..

And while I don't have much exp with apache or any httpd for that matter, I think I can offer some ideas.

But first..  there is something I said along the lines of...

Read, read and read some more. And while you're at it, experiment again and again. Then repeat it all over.

It's kind of like reading a book (on any subject, non-fiction or fiction).. The first time you pick it up and read, you are unaware of what will be in it. And who this character is (assuming a novel)... those kind of questions. But you get interested in it by a hook. So you read more and things become more clear as you progress in the book. So you finish... And you understand everything and it was a good read. But what would happen if you picked it up again.. and started reading it again. You would get a different perspective and a little more knowledge. You could figure out things you never realized that make it even better. Reading more than once is a very good thing, especially for non-fiction but even fiction.

And.. Shakespear used Old English and it may be hard.. but the more you read the easier it becomes. Mark Twain (Samuel Clemens) wrote in the south a lot, so with different dialect. You may find it's hard to read at first but you get the hang of it. So yeah, experimenting is quite a good idea.

That was just an analogy that I came up with out of thin air.. But I think it is quite appropriate here.


Now, as far as letting others access your own machine at your house.. hard to say if that's a bad, neutral, or good idea. Truth is, machines need to be accessed all over the world. It probably depends on what precautions you've taken. And whether you keep up to date or not. It also depends on what is running there and what it allows the user to do (platform, operating system, any other device that could be a problem, the daemon itself.. other processes that could cause problems.. all things to think about). Oh and don't forget configurations too.. I got root on a linux box.. someone had given me shell access prior and then he installed WebMin... he gave me an account to look around and I was goofing around and I realized that I was actually with root on a 'web shell'. Stupidly I changed the /etc/issue file and forgot I didn't restore it. Well the next time he logged in from the console he saw this message from me.. he was really scared and instally killed my account (which I am fine with and even understand). I talked to him later on. He was okay. The bad thing is he asked me to not root him, and yet, this wasn't even looking for holes and making an exploit or anything like that.... Reason I touched any files was to see what was going on... if I did an 'id' on the webmin shell then my uid was 0 and I was root, but on the regular shell... I was whatever uid I had. It's all about experience. And actually, I did feel really bad about that. It's not like I intentionally tried to do anything to his system but still scared him.. I had forgotten about that until now.


One thing that came to mind when reading your (CBK's post)..
Are you trying to figure out how remote and local access work and such ?

Maybe this would help, maybe not:

Create two networks and make them totally apart. On one segment, set up Apache. On the other one, get a client. Take a look, and try to see what might be possible. The idea of this is basically trying to figure it out. And I realize that this idea probably doesn't make that much sense, including technologically. But it kind of gives you the idea I think. Or you could have one look at it from the outside... someone you trust.

Ever read Dan Farmer's _Improving the Security of Your Site by Breaking in to it_ ? Same approach. They (he and his colleague who I can never spell) look at different vulnerabilities, holes, etc. They then present it from what you would see on your system.. Then they show you how it is exploited. I think that's a very good aproach. They were the ones who wrote SATAN and if I'm not mistaken, they were the one who wrote COPS as well.

READING + EXPERIMENTING = LEARNING

that is a good way of putting it and again, don't know what made me think of that..

Met
"My Terminal is my Soul"

CBK -

If you need help on something specific, just post it. I'm more then willing to help you.

wilnix
alt email address: wilnix@hackphreak.org

SMF spam blocked by CleanTalk