Category Archives: apache-modules

Apache – external token authentication

I am looking for a possibility to grant access to my website only by a token and to check my token by an external script (php or bash).

The URL looks like: https://example.com?t=f4V76tf784Tcf8343cAg

The apache Server have to handle this check. It has to pass the token to an external script for validation.

  • On positive validation, the user should get access for 12 hours. The token is then no longer needed for this period.

  • On negative validation the user should get a 403 Forbidden.

Are Apache modules helpful like mod_auth_token or mod_authnz_external?

What is the use of Optional functions in Apache module?

I want to extend apache module functionality. I am very new to apache. I have read some of the documentations from httpd.apache.org but not very clear on some parts. What is the use of Optional functions in Apache module?

Actually, I was looking into mod-security functionality. There are some examples in it like ext/mod_tfn_reverse.c. It uses Optional functions. I am not clear on this.

How install libevent extension in Apache2

I try to install libevent in the php of my Apache2.4 in Ubuntu 16.04 but I can't do it.

I have this snippet of code for know if the library is detected in a test page on my apache server :

$test = event_base_new();

It says to me

Call to undefined function event_base_new()

I miss some informations like I don't know if a library is considered a mod (I think no) but i found no documentation about libraries in the Apache2 doc.

I compiled the source libevent-2.1.8-stable from the official website and add the line in my php.ini (php/apache2) :

extension=/usr/local/libevent.so 

I restarted my Apache2 but that doesn't work.

Avoid header processing in my Virtual FS module

I want to write a module that serves a huge virtual .wav file (also plan to add a virtual .ogg file in the future).

I know the size of the file (2Gb) and its fake modification time (2000-01-01 0:00:00) and I have a function to read portion of the file:

void virtwav_read(void *buf, ssize_t bufsz, uint32_t virtofs);

I want to hook the low-level file operations like stat, read, seek, etc. The standard apache code should take care of parsing the headers (including range requests, cache-related stuff) and generate Content-Type, Content-Length, ETag, Last-Modified, etc.

Parsing the request_rec.range is not a big deal. What worries me more is sending the right cache-related headers and HTTP 206 and 304 when approprate. I'm sure apache would do that better than my code.

I thought that setting request_rec.mtime and request_rec.clength would do the trick, but they don't seem to be output fields.

Lastly, VFS is surprisingly unpopular topic. I found only one ancient project http://apvfs.sourceforge.net/ dated 2003.

Here's my minimal module and its config. The right Content-Type is added by apache, but no ETag

LoadModule virtwav_module     modules/mod_virtwav.so
AddHandler virtwav-handler .wav

_

#include "apr_hash.h"
#include "ap_config.h"
#include "ap_provider.h"
#include "httpd.h"
#include "http_core.h"
#include "http_config.h"
#include "http_log.h"
#include "http_protocol.h"
#include "http_request.h"

#include <unistd.h> /* for sleep() */

static int example_handler(request_rec *r)
{
    if (!r->handler || strcmp(r->handler, "virtwav-handler")) return (DECLINED);

    //r->clength = 42;
    //r->mtime = apr_time_now();
    ap_rprintf(r, "clength: %" APR_INT64_T_FMT "\n", (apr_int64_t)r->clength);
    ap_rprintf(r, "mtime: %" APR_INT64_T_FMT "\n", (apr_int64_t)r->mtime);
    ap_rwrite("dummy", 5, r);
    ap_rflush(r);
    sleep(50);

    return OK;
}

static void register_hooks(apr_pool_t *pool)
{
    /* Create a hook in the request handler, so we get called when a request arrives */
    ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);

    // ap_hook_dirwalk_stat ?
    // This hook allows modules to handle/emulate the apr_stat()

    // ap_hook_map_to_storage ?
    // This hook allow modules to set the per_dir_config based on their own
}

module AP_MODULE_DECLARE_DATA   virtwav_module =
{
    STANDARD20_MODULE_STUFF,
    NULL,
    NULL,
    NULL,
    NULL,
    NULL,
    register_hooks   /* Our hook registering function */
};

Centos 7.3 / Apache – Gzip Compression not working

I am trying to enable Gzip Compression using .htaccess on a Centos 7.3 server.

This is my phpinfo file: [bluebamboo.com.ar/info.php

I read all this documents and posts:

varvy.com/pagespeed/enable-compression.html

digitalocean.com/community/tutorials/how-to-install-and-configure-mod_deflate-on-centos-7

stackoverflow.com/questions/12576841/gzip-compression-using-htaccess

stackoverflow.com/questions/20520314/enable-gzip-compression

httpd.apache.org/docs/2.2/mod/mod_deflate.html

I check gzip compression in this site: varvy.com/tools/gzip/

I try with this configuration in .htacces file but it doesn't work.

  # Gzip compression varvy.com/pagespeed/enable-compression.html
  <ifModule mod_gzip.c>
  mod_gzip_on Yes
  mod_gzip_dechunk Yes
  mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
  mod_gzip_item_include handler ^cgi-script$
  mod_gzip_item_include mime ^text/.*
  mod_gzip_item_include mime ^application/x-javascript.*
  mod_gzip_item_exclude mime ^image/.*
  mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
  </ifModule>

--

  # https://css-tricks.com/snippets/htaccess/active-gzip-compression/
  <IfModule mod_filter.c>
  AddOutputFilterByType DEFLATE "application/atom+xml" \
  "application/javascript" \
  "application/json" \
  "application/ld+json" \
  "application/manifest+json" \
  "application/rdf+xml" \
  "application/rss+xml" \
  "application/schema+json" \
  "application/vnd.geo+json" \
  "application/vnd.ms-fontobject" \
  "application/x-font-ttf" \
  "application/x-javascript" \
  "application/x-web-app-manifest+json" \
  "application/xhtml+xml" \
  "application/xml" \
  "font/eot" \
  "font/opentype" \
  "image/bmp" \
  "image/svg+xml" \
  "image/vnd.microsoft.icon" \
  "image/x-icon" \
  "text/cache-manifest" \
  "text/css" \
  "text/html" \
  "text/javascript" \
  "text/plain" \
  "text/vcard" \
  "text/vnd.rim.location.xloc" \
  "text/vtt" \
  "text/x-component" \
  "text/x-cross-domain-policy" \
  "text/xml"
  </IfModule>

Here is are my httpd.conf file:

bluebamboo.com.ar/httpd.txt

bluebamboo.com.ar/httpd2.txt

I tried to run commands like "apachectl -t -D DUMP_MODULES |grep deflate" but it does not function.

I really don't know where is the issue. Can you help me?

Thanks in advance.

How to make SSL connection from custom Apache module

In particular, using Apache's own SSL config (client cert) to establish the connection.

Can I make use of ap_proxy_connection_create() (proxy_util.h)? Even though this is an authorization module, not a proxy module -- would it be bad practice to re-use utility functions from other modules? (mod_proxy will be loaded).

Otherwise, would the best approach be to read the server configuration for the cert paths etc, then do it directly using openSSL?

Please don't answer this unless you are familiar with Apache module development.

apache2.4 with lua scripts: LuaMapHandler causes config syntax error

I'm trying to run a simple lua script on my Apache server (version 2.4.23).

I followed these instructions and added the next line to my apache2.conf:

LuaMapHandler / /path/to/lua/script.lua my_lua_handler

when restarting my server I'm getting this output:

AH00526: Syntax error on line 146 of /etc/apache2/apache2.conf:
Invalid command 'LuaMapHandler', perhaps misspelled or defined by included in the server configuration

As far as I read the mod_lua is already available from version 2.3 What am I missing?