Wiz, from yesterday: Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload https://www.wiz.io/blog/soco404-multiplatform-cryptomining-campaign-uses-fake-error-pages-to-hide-payload #cybersecurity #Infosec #Apache

Wiz, from yesterday: Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload https://www.wiz.io/blog/soco404-multiplatform-cryptomining-campaign-uses-fake-error-pages-to-hide-payload #cybersecurity #Infosec #Apache
Webinar on data integration using Apache Hop: On August 26, Stefan Keller of FH OST will lead a free webinar focused on (geo)data manipulation and integration using #Apache #Hop, an open-source, low-code platform for building data workflows. The session will also touch on emerging trends in...
https://spatialists.ch/posts/2025/07/15-webinar-on-data-integration-using-apache-hop/ #GIS #GISchat #geospatial #SwissGIS
Today I learned, thanks to a comment on here, that the alphabetical order of your #Apache site config files is what determines the default site if somebody tries just punching your public IP address directly into a web browser. I always wondered why the default site config files were named "000-default.conf"; it's to make sure that one is always loaded first as the default if it's enabled.
Jekyll-built static sites are public by default. However, have you ever wanted to create a private area where you can upload articles for review and keep them from the public eye until they’re ready? That was my use case recently. Here’s how I solved this particular puzzle.
Fixed a 421 error using this: https://modasys.de/apache-421-misdirected-request-plesk-fix/ #421 #error421 #plesk #nginx #apache #wordpress
Server Admins:
There is an error with the latest #Plesk Obsidian update that is taking sites down.
Webinar on data integration using Apache Hop: On August 26, Stefan Keller of FH OST will lead a free webinar focused on (geo)data manipulation and integration using #Apache #Hop, an open-source, low-code platform for building data workflows. The session will also touch on emerging trends in...
https://spatialists.ch/posts/2025/07/15-webinar-on-data-integration-using-apache-hop/ #GIS #GISchat #geospatial #SwissGIS
Embedding User-Defined Indexes in Apache Parquet
https://datafusion.apache.org/blog/2025/07/14/user-defined-parquet-indexes/
#HackerNews #Embedding #User-Defined #Indexes #in #Apache #Parquet #ApacheParquet #UserDefinedIndexes #DataFusion #BigData #Analytics
A detailed description of CVE-2025-53020, a DoS vulnerability in the HTTP/2 implementation of Apache httpd. Fixed in 2.4.64.
#apache #httpd #http2
https://github.com/icing/blog/blob/main/hpack-bombing-apache.md
Okay, this SEEMS to work. The database is just the start addresses for lots of /8, /16, /24 or /32 ranges (depending on the size of the requested block - e.g. a /22 range gets written as the start address for four /24s) taken from https://www.okean.com/antispam/iptables/rc.firewall.china and mapped to "BLOCKED" and then built into a database file with `httxt2dbm`.
```
# Extract IP parts
RewriteCond %{REMOTE_ADDR} ^((([0-9]+)\.[0-9]+)\.[0-9]+)\.[0-9]+$
RewriteRule . - [E=subnet8:%3.0.0.0,E=subnet16:%2.0.0,E=subnet24:%1.0,E=subnet32:%0]
# Tarpit provided by a Mastodon user - https://mastodon.social/@pcarrier/112429748041537087
# We don't have access to mod_cspnonce yet, so fudge a random-ish value
RewriteCond ${greatfirewall:%{ENV:subnet8}} =BANNED [OR]
RewriteCond ${greatfirewall:%{ENV:subnet16}} =BANNED [OR]
RewriteCond ${greatfirewall:%{ENV:subnet24}} =BANNED [OR]
RewriteCond ${greatfirewall:%{ENV:subnet32}} =BANNED
RewriteRule . https://srv.us/tarpit?nonce=%{REMOTE_PORT}%{TIME} [L,E=donotlog:1,R=301]
```
(`donotlog` is used later to avoid logging, because when they hit so hard and so often then I don't need that bloat in my server logs!)
Not yet worked out why it only seemed to work within <VirtualHost> blocks.
Deleted the database and recreated it from scratch (rather than updating it) and "page 599 is on free list with type 13", "PANIC: Invalid argument" and "Error string not specified yet" have all gone away. So apparently they mean "I don't like the existing database but can't handle it cleanly"
Debugging this and… it looks like the problem might be the backref to a previous RewriteCond?
I've got a similar "block these hosts" RewriteMap using `%{REMOTE_ADDR}` as the key and that works. But using `%1` as a key when the previous RewriteCond is "extract a subset of the octets" fails to look up correctly. Which I've confirmed with a noddy "extract from the query string" lookup.
But then again, it's not working with an env var either. I can do a capture with a RewriteCond, set an env var with a RewriteRule, then do a second RewriteRule using the env var and it works. But if I use `${testmap:%{ENV:testvar}}` then it doesn't find anything. Even though I've shown that the env var on its own contains the expected value.
Apache httpd 2.4.64 has just been released, fixing 8 vulnerabilities (5 moderate, 3 low).
Two HTTP/2 related CVEs also fixed in the latest mod_h2 release v2.0.33.
https://httpd.apache.org/security/vulnerabilities_24.html
https://github.com/icing/mod_h2/releases/tag/v2.0.33
#Apache 2.4.64 is released! It fixes some vulnerabilities, listed here:
https://www.europesays.com/2230670/ South Korea backtracks over follow-on Apache helicopter buy #Apache #Boeing #CirculatedDefenseNews #DefenseNews #DefenseSpending #DnDnr #korea #SouthKorea
Oh, FFS. Can't get this working. And can't get Apache to give me enough logging to understand why.
I've got a rewrite map in bdb, it contains IP blocks that are banned (generated from a Python script). I've got rewrite conds that match each of four, three, two or one octets and then try to look them up in the map. If there's a match then it gets tar-pitted. But I'm always getting failed lookups.
The annoying bit is that even trace4 isn't telling me what the input to the map lookup is. Only the result of the lookup when it is compared to the "was it blocked" value.
Maybe I need to drop the zero octets rather than filling them in? Hopefully it's not that RewriteCond captures can't be used as a key in the map lookup.
GeoParquet and Iceberg vs. OGC API-Features: Ingo Simonis, Chief Technology Innovation Officer at #OGC, has published an article asking the question “Does #GeoParquet Replace OGC API-Features?”. The article positions GeoParquet (and #Apache #Iceberg) vis-à-vis OGC API-Features, the successor...
https://spatialists.ch/posts/2025/07/06-geoparquet-and-iceberg-vs-ogc-api-features/ #GIS #GISchat #geospatial #SwissGIS
@javahippie Kommt auch auf die #Datenbank an. Meinst du damit bleeding edge oder oma else?
Was ist bei #Apache #Kafka der Fall?