Hey Eric, Did you get chance to review below logs.
Release 2.4.62 had caused our entire production down. We are using the outdated working version 2.4.59 which is vulnerable too. Can’t use that for long. 2.4.62 made changes to mod_rewrite.so module, could you please provide us the details of changes made. Is this change support any new directive or it deprecated some older rewrite directives which is causing
failure. Please let us know. Thanks. Regards, Dev From: Daiya, Devendra singh <Devendra.S.Daiya@xxxxxxxxxxxxxx.INVALID>
Hi Eric, Looks like mail was not posted on time. Re-attempting. Kindly review. Thanks. Regards, Dev From: Daiya, Devendra singh <Devendra. S. Daiya@ wellsfargo. com. INVALID>
Sent: Tuesday, September 10, 2024 9: 45 PM To: users@ httpd. apache. org Hi Eric, Looks like mail was not posted on time. Re-attempting. Kindly review. Thanks. Regards, Dev From: Daiya, Devendra singh <Devendra.S.Daiya@xxxxxxxxxxxxxx.INVALID>
Hi Eric, Below are Traces for both working and non-working versions. Working: - with 2. 4. 59 [Thu Sep 05 06: 14: 18. 231565 2024] [rewrite: trace2] [pid 3530072: tid
139737289451264] mod_rewrite. c(493): [client 123. 11. 22. 345: 21227] 123. 11. 22. 345 - Hi Eric, Below are Traces for both working and non-working versions. Working:- with 2.4.59 [Thu Sep 05 06:14:18.231565 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
init rewrite engine with requested uri /xct/aiotp-initial-request.xct [Thu Sep 05 06:14:18.231634 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^/maps/' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231662 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^/xct/heartbeat' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231677 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^/' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231762 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
rewrite '/xct/aiotp-initial-request.xct' -> 'xct-iat-stl-1.domain.com' [Thu Sep 05 06:14:18.231784 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^/' to uri 'xct-iat-stl-1.domain.com' [Thu Sep 05 06:14:18.231796 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^(.*)' to uri 'xct-iat-stl-1.domain.com' [Thu Sep 05 06:14:18.231811 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
rewrite 'xct-iat-stl-1.domain.com' -> '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231823 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^(--proto--)/--default--' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231835 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^(--proto--)/(xct\\-..)(\\-[0-9]\\.glb.domain.net)/?' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231847 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^--proto--/--error--' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231857 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^(--proto--/.*)--default--' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231884 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^(--proto--/.*)' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231900 2024] [rewrite:trace1] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
RESULT='20240905061418' [Thu Sep 05 06:14:18.231911 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
rewrite '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' -> '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct?launchpad=/xct/aiotp-initial-request.xct&launchpad-member=12.34.56.7:1042&now=20240905061418' [Thu Sep 05 06:14:18.231922 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
split uri=--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct?launchpad=/xct/aiotp-initial-request.xct&launchpad-member=12.34.56.7:1042&now=20240905061418 -> uri=--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct, args=launchpad=/xct/aiotp-initial-request.xct&launchpad-member=12.34.56.7:1042&now=20240905061418&xct_client=et [Thu Sep 05 06:14:18.231933 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^--proto--/(https?://.*)' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231943 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^--proto--/(wss?://.*)' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231954 2024] [rewrite:trace3] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
applying pattern '^--proto--/(.*)' to uri '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231965 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
rewrite '--proto--/xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' -> 'https://xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:14:18.231975 2024] [rewrite:trace2] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
explicitly forcing redirect with
https://xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct [Thu Sep 05 06:14:18.231986 2024] [rewrite:trace1] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
copying launchpad=/xct/aiotp-initial-request.xct&launchpad-member=12.34.56.7:1042&now=20240905061418&xct_client=et to query string for redirect
[Thu Sep 05 06:14:18.231997 2024] [rewrite:trace1] [pid 3530072:tid 139737289451264] mod_rewrite.c(493): [client 123.11.22.345:21227] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#702c30][rid#7f1760004f80/initial]
redirect to
https://xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct?launchpad=/xct/aiotp-initial-request.xct&launchpad-member=12.34.56.7:1042&now=20240905061418&xct_client=et [REDIRECT/302]
[Thu Sep 05 06:14:18.232023 2024] [headers:debug] [pid 3530072:tid 139737289451264] mod_headers.c(891): AH01503: headers: ap_headers_error_filter()
Not Working:- with 2.4.62 [Thu Sep 05 06:17:05.862249 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
init rewrite engine with requested uri /xct/aiotp-initial-request.xct [Thu Sep 05 06:17:05.862322 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^/maps/' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862344 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^/xct/heartbeat' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862358 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^/' to uri '/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862431 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
rewrite '/xct/aiotp-initial-request.xct' -> 'xct-iat-stl-1.domain.com' [Thu Sep 05 06:17:05.862451 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
add root prefix: xct-iat-stl-1.domain.com -> /xct-iat-stl-1.domain.com [Thu Sep 05 06:17:05.862463 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
setting lastsub to rule with output ${map-file:${lowercase:%1}|--default--} [Thu Sep 05 06:17:05.862473 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^/' to uri '/xct-iat-stl-1.domain.com' [Thu Sep 05 06:17:05.862487 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^(.*)' to uri '/xct-iat-stl-1.domain.com' [Thu Sep 05 06:17:05.862502 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
rewrite '/xct-iat-stl-1.domain.com' -> '--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862514 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
add root prefix: --proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct -> /--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct [Thu Sep 05 06:17:05.862524 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
setting lastsub to rule with output --proto--/$1/%1 [Thu Sep 05 06:17:05.862547 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^(--proto--)/--default--' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862588 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^(--proto--)/(xct\\-..)(\\-[0-9]\\.glb.domain.net)/?' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862608 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^--proto--/--error--' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862619 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^(--proto--/.*)--default--' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862630 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^(--proto--/.*)' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862641 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^--proto--/(https?://.*)' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862651 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^--proto--/(wss?://.*)' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862662 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^--proto--/(.*)' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862673 2024] [rewrite:trace3] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
applying pattern '^/(.*)' to uri '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' [Thu Sep 05 06:17:05.862685 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
rewrite '/--proto--//xct-iat-stl-1.domain.com/xct/aiotp-initial-request.xct' -> '/launchpad.html' [Thu Sep 05 06:17:05.862697 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
setting lastsub to rule with output /launchpad.html [Thu Sep 05 06:17:05.862711 2024] [rewrite:trace2] [pid 3531713:tid 3531735] mod_rewrite.c(505): [client 123.11.22.345:9812] 123.11.22.345 - - [xct-launchpad-dev.domain.com/sid#7009f8][rid#7fc5a8004f80/initial]
forcing '/launchpad.html' to get passed through to next API URI-to-filename handler [Thu Sep 05 06:17:05.862772 2024] [authz_core:debug] [pid 3531713:tid 3531735] mod_authz_core.c(818): [client 123.11.22.345:9812] AH01626: authorization result of Require all granted: granted [Thu Sep 05 06:17:05.862792 2024] [authz_core:debug] [pid 3531713:tid 3531735] mod_authz_core.c(818): [client 123.11.22.345:9812] AH01626: authorization result of <RequireAny>: granted Regards, Dev From: Eric Covener <covener@xxxxxxxxx>
On Mon, Sep 9, 2024 at 1: 25 PM Daiya, Devendra singh <Devendra. S. Daiya@ wellsfargo. com. invalid> wrote: > > Hi Eric, Team, > > > > We tested our application
with 2. 4. 62 pointing to older version of mod_rewrite. so module On Mon, Sep 9, 2024 at 1:25 PM Daiya, Devendra singh
<Devendra.S.Daiya@xxxxxxxxxxxxxx.invalid> wrote:
>
> Hi Eric, Team,
>
>
>
> We tested our application with 2.4.62 pointing to older version of mod_rewrite.so module (2.4.59) and application is working fine.
>
>
>
> Could you please let us know if there are any limitation defined in mod_rewrite.so module that was part of 2.4.62. Are there any new set of rules that we need to replace with the older one.
>
> We are not seeing any specific error even with debug logging mode that tell us what is causing the issue.
Can you post the rewrite traces with the mimimal requests to show the
issue? There were a few security related changes that may have had
side affects.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|