powtac's questions

I run several domains (via vhosts) with the same apache installation. Some domains require different mod_security rules than the others. In a seperate exceptions.conf file I collect all those rules and have this syntax:

<Location "/test">
    SecAuditEngine Off
    SecRuleRemoveById 950134
    SecRuleRemoveById 981265
    SecRuleRemoveById 981289
    SecRuleRemoveById 981244
    SecAuditEngine RelevantOnly     
</Location>

But this rule would match all /test folders on all domains! But I only want to limit it to a specific host. How can I limit those rules to a vhost only in a global exceptions.conf file?

Mail was accidentally installed on my debian server and I want to remove all mta, mail related software. I do not know what exactly was installed, how can I find out and uninstall this stuff? I don't want to see this "you have mail" when I log in.

I have a debian "squeeze" installation, but the mod_security delivered with this release is quite old. So I'm thinking of adding an additional line to my sources.list to get the "wheezy" version (wheezy = the version after the current version "squeeze") of mod_security.

What should I add to sources.list to receive only the next available version of mod_security?

This is one of my entires in sources.list:

deb http://ftp.de.debian.org/debian/ squeeze main contrib non-free

The current name of mod_sec is libapache-mod-security

I have a document root folder and I want to cange the group of only the cache directories. How can I do this recursive?

The cache directories are always below templates/html, and I want to change it to wwwrun:www.

The folder structure looks like:

/blocks/element1/templates/html/cache1    root:root   <- this
/blocks/element1/lib/file.html            root:root
/blocks/element1/lib/file-xy.html         root:root
/blocks/element2/templates/html/cache1    root:root   <- this
/blocks/element2/templates/html/cache2    root:root   <- this
/blocks/element2/lib/file.html            root:root
/blocks/element2/img/icon.png             root:root
/blocks/element3/templates/html/cache2    root:root   <- this
/blocks/element3/logo.jpg                 root:root

I'm looking for a piece of hardware to connect to different types of ISPs, normal DSL, cable DSL and USB egde sturfstick to offer one Internet connection with a higher cumulated bandwidth. I'm pretty sure something like this exists, but I don't know how to call it or where I can find something like that.

I want to set a specific upload_max_filesize setting for a specific URL on my webserver. The URL path is not a real path since it is a apache rewritten seo friendly path.

This does seems not to work:

<Directory /var/www/test_upload>
   php_value upload_max_filesize 750M
</Directory>

The rewrite Rule in the .htacces file in the document root (/var/www/) looks like:

RewriteRule .* index.php [L]

I have a PHP script which is called by HTTP and not as command line script. This script should call a shell command as an other user than the current webserver user www-data.

Example:

<?php
echo shell_exec('sudo -u myusername -S /usr/bin/whoami'); // returns nothing :(
echo shell_exec('whoami'); // returns www-data

When calling this 2 commands sudo -u myusername -S /usr/bin/whoami and whoami directly on the commandline they return

myusername
www-data 

Also no result on this:

<?php
echo shell_exec('echo "mypass" | sudo -u myusername -S /usr/bin/whoami');

For me it seems that sudo does not work at all together with PHPs shell_exec().

How can I block a cron job when the previous run was not finished. Its a cron job which is running every 5 minutes, but sometimes it needs more than 5 minutes to run.

Edit The script which is called, crashes sometimes! So it can not delete lock file.

How can I add an expires header just for pngs, and the ico file?

I have an Apache running as HTTP server and also a SVN server which is delivered by the same Apache machine.

Configured with something like

<Location /repos>
      DAV svn
      SVNParentPath /srv/repos
</Location>

How can I prevent Apache to log all the SVN "PROPFIND" and "OPTIONS" access requests?