These are public posts tagged with #apache. You can interact with them if you have an account anywhere in the fediverse.
Wiz, from yesterday: Soco404: Multiplatform Cryptomining Campaign Uses Fake Error Pages to Hide Payload https://www.wiz.io/blog/soco404-multiplatform-cryptomining-campaign-uses-fake-error-pages-to-hide-payload #cybersecurity #Infosec #Apache
Wiz Research has identified a new iteration of a broader…
wiz.io 修復 Apache HTTP Server 2.4.64 中 `rewritecond expr` 的回歸錯誤
➤ 升級至 2.4.65 解決安全漏洞
✤ https://github.com/apache/httpd/commit/8abb3d06b23975705ebcf4bf4476464fd0b9bd0b
Apache HTTP Server 2.4.64 存在一個安全漏洞 (CVE-2025-54090),導致所有 `RewriteCond expr ...` 測試都評估為 `true`。此回歸錯誤已在 2.4.65 版本中修復,建議使用者升級至最新版本。此修復涵蓋對 `modules/mappers/mod_rewrite.c` 檔案的修改。
+ 這樣修正的時機點很剛好,避免了潛在的攻擊風險。
+ 感謝開發團隊迅速回應並提供解決方案,這顯示了他們對安全的重視。
#安全漏洞 #程式碼修復 #Apache HTTP Server
*) SECURITY: CVE-2025-54090: Apache HTTP Server:…
GitHubI'll probably move from #Apache to #caddy for my Server. I'm using Apache mostly as a reverse proxy anyway, and the few HTML and PHP pages I can just move into containers too.
The built-in TLS handling might be easier for letsencrypt and I could stop using a custom DNS authentication.
I guess I'll give it a go next time I wake up at 4am.
Today I learned, thanks to a comment on here, that the alphabetical order of your #Apache site config files is what determines the default site if somebody tries just punching your public IP address directly into a web browser. I always wondered why the default site config files were named "000-default.conf"; it's to make sure that one is always loaded first as the default if it's enabled.
Jekyll-built static sites are public by default. However, have you ever wanted to create a private area where you can upload articles for review and keep them from the public eye until they’re ready? That was my use case recently. Here’s how I solved this particular puzzle.
¿Cómo configurar dos VirtualHost en Apache2 con diferentes versiones de PHP? #apache #lamp #php #servidores
https://malagaoriginal.blogspot.com/2025/07/como-configurar-dos-virtualhost-en.html
Server Admins:
There is an error with the latest #Plesk Obsidian update that is taking sites down.
A recent apache update broke a bunch of nginx-based sites this morning. If you're getting a 421 error, you'll need to add some proxy_ssl config to nginx's setup quickly.
Webinar on data integration using Apache Hop: On August 26, Stefan Keller of FH OST will lead a free webinar focused on (geo)data manipulation and integration using #Apache #Hop, an open-source, low-code platform for building data workflows. The session will also touch on emerging trends in...
https://spatialists.ch/posts/2025/07/15-webinar-on-data-integration-using-apache-hop/ #GIS #GISchat #geospatial #SwissGIS
On August 26, Stefan Keller of FH OST will lead a free…
Spatialists – geospatial news 將使用者自定義索引嵌入 Apache Parquet 文件
➤ 突破 Parquet 限制:內嵌索引優化查詢效能
✤ https://datafusion.apache.org/blog/2025/07/14/user-defined-parquet-indexes/
本文探討了在 Apache Parquet 文件中嵌入使用者自定義索引的可能性,以提升查詢效能。傳統上,Parquet 僅支援基本的統計資訊和 Bloom 濾鏡,但透過利用文件底部的元數據和偏移量定位,無需更改文件格式或創建新格式,即可嵌入自定義索引。文章以一個實際例子說明,針對含有大量不同值的欄位,自定義索引能有效減少不必要的文件掃描,同時保持與標準 Parquet 讀取器的完全相容性。此外,文章還詳細介紹了 Parquet 文件的結構,以及如何使用 Apache DataFusion 讀寫這些自定義索引。
+ 我一直覺得 Parquet 的效能有進步空間,這篇文章提供了一個很棒的解決方案,直接在檔案裡加入索引,不需要額
#大數據 #Apache Parquet #Apache DataFusion #索引優化
A detailed description of CVE-2025-53020, a DoS vulnerability in the HTTP/2 implementation of Apache httpd. Fixed in 2.4.64.
#apache #httpd #http2
https://github.com/icing/blog/blob/main/hpack-bombing-apache.md
Contribute to icing/blog development by creating an…
GitHubApache httpd 2.4.64 has just been released, fixing 8 vulnerabilities (5 moderate, 3 low).
Two HTTP/2 related CVEs also fixed in the latest mod_h2 release v2.0.33.
https://httpd.apache.org/security/vulnerabilities_24.html
https://github.com/icing/mod_h2/releases/tag/v2.0.33
#Apache 2.4.64 is released! It fixes some vulnerabilities, listed here:
https://www.europesays.com/2230670/ South Korea backtracks over follow-on Apache helicopter buy #Apache #Boeing #CirculatedDefenseNews #DefenseNews #DefenseSpending #DnDnr #korea #SouthKorea
CHRISTCHURCH, New Zealand — South Korea appears ready…
EUROPE SAYSMike Zaschka kicks off the #reCAP2025 talks in the blue room with his open source #SAPCAP plugin for #Apache #Kafka. Join the live stream via the links at https://recap-conf.dev/. #reCAP #CodeConnect
GeoParquet and Iceberg vs. OGC API-Features: Ingo Simonis, Chief Technology Innovation Officer at #OGC, has published an article asking the question “Does #GeoParquet Replace OGC API-Features?”. The article positions GeoParquet (and #Apache #Iceberg) vis-à-vis OGC API-Features, the successor...
https://spatialists.ch/posts/2025/07/06-geoparquet-and-iceberg-vs-ogc-api-features/ #GIS #GISchat #geospatial #SwissGIS
Ingo Simonis, Chief Technology Innovation Officer at…
Spatialists – geospatial newsThe people committed to DDoSing the #Apache #SpamAssassin RuleQA server seem to have substantial resources. I’ve blocked a lot of them, but they keep coming, asking about things like the May 7 2017 performance of a single rule in one contributor's stats. Not stuff real people want.
Of course, there's a resource they do not have. Our sysadmins, both those employed by #TheASF to watch all of our infra and the volunteer cadre focused on SA. We'll keep whacking the moles...