Search Results

Search found 52277 results on 2092 pages for 'web security'.

Page 112/2092 | < Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >

• max file upload size change in web.config

  - by Christopher Johnson

  using .net mvc 3 and trying to increase the allowable file upload size. This is what I've added to web.config: <system.webServer> <validation validateIntegratedModeConfiguration="false"/> <modules runAllManagedModulesForAllRequests="true"> <add name="ErrorLog" type="Elmah.ErrorLogModule, Elmah" preCondition="managedHandler" /> <add name="ErrorMail" type="Elmah.ErrorMailModule, Elmah" preCondition="managedHandler" /> <add name="ErrorFilter" type="Elmah.ErrorFilterModule, Elmah" preCondition="managedHandler" /> </modules> <handlers> <add name="Elmah" path="elmah.axd" verb="POST,GET,HEAD" type="Elmah.ErrorLogPageFactory, Elmah" preCondition="integratedMode" /> </handlers> <security> <requestFiltering> <requestLimits maxAllowedContentLength="104857600"/> </requestFiltering> </security> *ignore the elmah stuff. it's still not allowing file sizes larger than 50MB and this should allow up to 100MB no? any ideas?

  Read the article

• Alternatives to using web.config to store settings (for complex solutions)

  - by Brian MacKay

  In our web applications, we seperate our Data Access Layers out into their own projects. This creates some problems related to settings. Because the DAL will eventually need to be consumed from perhaps more than one application, web.config does not seem like a good place to keep the connection strings and some of the other DAL-related settings. To solve this, on some of our recent projects we introduced a third project just for settings. We put the setting in a system of .Setting files... With a simple wrapper, the ability to have different settings for various enviroments (Dev, QA, Staging, Production, etc) was easy to achieve. The only problem there is that the settings project (including the .Settings class) compiles into an assembly, so you can't change it without doing a build/deployment, and some of our customers want to be able to configure their projects without Visual Studio. So, is there a best practice for this? I have that sense that I'm reinventing the wheel. Some solutions such as storing settings in a fixed directory on the server in, say, our own XML format occurred to us. But again, I would rather avoid having to re-create encryption for sensitive values and so on. And I would rather keep the solution self-contained if possible. EDIT: The original question did not contain the really penetrating reason that we can't (I think) use web.config ... That puts a few (very good) answers out of context, my bad.

  Read the article

• Web Deployment Project failed to map path for include virtual

  - by Duke

  I am building my site with a web deployment project but the build fails with a number of errors all relating to the "#include virtual" directives in my master page. The includes are necessary to import a set of centrally managed html template files. Here is an example of the include directive and associated error: <!-- #include virtual="/v3/sits/pdpdev/assets-templates/inc/head.html" --> /PDPRegistration.csproj/Pages/ContentPage.Master(15): error ASPPARSE: Failed to map the path '/v3/sits/pdpdev/assets-templates/inc/head.html'. The error for each included file actually appears multiple times. I'm not sure what is being mapped or why, but this was never a problem until I started using WDP (which I wanted to alter web.config depending on the build environment, among other things.) The project is built locally on my PC and then copied to the web server via a mapped drive. I found a few solutions on the 'net involving IIS metabase - they weren't quite clear to me, and I'm not sure if they apply given how I build and deploy the project (that is, would I have to build on the same system as IIS in order to make use of the metabase?) Can anyone suggest how I can get my project to build with WDP?

  Read the article

• How long do you keep session cookies around for?

  - by user246114

  Hi, I'm implementing a web app, which uses sessions. I'm using GWT and app engine as my client/server, but I don't think they're doing anything really different than I would do with PHP and apache etc. When a user logs into my web app, I am using HttpSession to start a session for them. I get the session id like this: // From my login servlet: getThreadLocalRequest().getSession(false).getId(); I return the sessionId back to the client, and they store it in a cookie. The tutorial I'm using sets this cookie to 'expire' in two weeks: Cookie.write("sid", theSessionId, 1000 * 60 * 60 * 24 * 14); // two weeks Here's where I'm confused: if the cookie expires in two weeks, then my user will go along using the webapp happily, only to one day browse to my site and be shown a login screen. What are my options? Can I just set no expiration time for this cookie? That way the user would have to explicitly log out, otherwise they could just use the app forever without having to log back in? Or is there a better way to do this? I can't remember sites like Twitter having ever asked me to log back in again. I seem to be permanently logged in. Do they just set no expiration? The webapp isn't protecting any sort of highly sensitive data, so I don't mind leaving a cookie that doesn't expire, but it seems like there must be a better way? This is the tutorial I'm referencing: http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ Thanks

  Read the article

• Help needed to write input for .net web services

  - by MaheshBabu

  Hi folks, i am new to iphone web services. I need to get data from .net web server for that my soap message is NSString *xml = [NSString stringWithFormat:@"<MortgageGetLoanOfficerInfo><PhoneNumber>919703661366</PhoneNumber></MortgageGetLoanOfficerInfo>"]; NSString *soapMessage = [NSString stringWithFormat: @"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n" "<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n" "<soap:Body>\n" "<GenericAndroidMethod xmlns=\"Mortgage\">\n" "<methodName>MortgageGetLoanOfficerInfo</methodName>" "<xmlParam>%@</xmlParam>" "</GenericAndroidMethod>\n" "</soap:Body>\n" "</soap:Envelope>\n",xml ]; But i did n't get response. While i am checking in charles web debugging proxy it will show like this. But i need to pass <MortgageGetLoanOfficerInfo><PhoneNumber>919703661366</PhoneNumber></MortgageGetLoanOfficerInfo> as a single string. How can i done this pls help me. Thank u in advance.

  Read the article

• How to Declare Complex Nested C# Type for Web Service

  - by TheArtTrooper

  I would like to create a service that accepts a complex nested type. In a sample asmx file I created: [WebService(Namespace = "http://tempuri.org/")] [WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)] // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line. // [System.Web.Script.Services.ScriptService] public class ServiceNest : System.Web.Services.WebService { public class Block { [XmlElement(IsNullable = false)] public int number; } public class Cell { [XmlElement(IsNullable = false)] public Block block; } public class Head { [XmlElement(IsNullable = false)] public Cell cell; } public class Nest { public Head head; } [WebMethod] public void TakeNest(Nest nest) { } } When I view the asmx file in IE the test page shows the example SOAP post request as: <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <TakeNest xmlns="http://schemas.intellicorp.com/livecompare/"> <nest> <head> <cell> <block xsi:nil="true" /> </cell> </head> </nest> </TakeNest> </soap:Body> </soap:Envelope> It hasn't expanded the <block> into its number member. Looking at the WSDL, the types all look good. So is this just a limitation of the post demo page creator? Thanks.

  Read the article

• Printing to different printers using mozilla.

  - by Nick-ACNB

  I am currently creating a web application that will be deployed in an intranet environment. I chose firefox to be the browser that will run it. However, in the application I am building, I need to be able to print to different printers quickly since they use different paper size depending on what client is coming. To avoid many time-wasting mistakes that could occur, for instance someone choosing the wrong printer and wasting paper. Also, the time used to find the right printer for the job and then pressing print is considered too long in the current context. Is there any solution to this problem? I understand the potential security flaw behind this, but please be aware that this is solely an intranet project and that I can reduce the browser's security to the lowest since they don't access internet. I know there could be something doable behind IE (ActiveX or VBScript) but I am using firefox. Also, I guess there could also be something rather tricky that when you press print on the browser, it saves what needs to be printed to a DB and then there is an exe app that runs and fetch that DB every set ammount of time and print to the right printer. Any suggestion would be greatly appreciated. I doubt I am the only one to ever face this issue! :) Thank you very much.

  Read the article

• can a webservice load jars during run time

  - by KItis

  I have created a simple web-service using Java. i want to load jars related to web-service during runtime. I have done this task for normal Java application. there what I did was JarFile jar = new JarFile(f.getPath()); final Manifest manifest = jar.getManifest(); final Attributes mattr = manifest.getMainAttributes(); // Read the manifset in jar files and get the Name attribute // whare it specified the class that need to load //for (Object a : mattr.keySet()) { for (Iterator iter = mattr.keySet().iterator(); iter.hasNext();) { Object obj = (Object)iter.next(); if ("ServiceName".equals(obj.toString())) className = mattr.getValue((Name) obj); //System.out.println(className); } /* * Create the jar class loader and use the first argument passed * in from the command line as the jar file to use. */ JarClassLoader jarLoader = new JarClassLoader(f.getPath()); /* Load the class from the jar file and resolve it. */ Class c = jarLoader.loadClass(className, true); My problem is can I put jars that need to be loaded during run time in to separate folder rather than putting in to WEBINF folder. do i have to put jars both in axis and web-application. thanks in advance for any contribution for this question.

  Read the article

• Suggestion on UPnP presentation

  - by Microkernel

  Hi all, I am working on an embedded device (bit higher end in terms of system resources but still an embedded one) which has lot of media content in it. I am trying to make it UPnP complaint and want to be able to control this device using a UPnP complaint control point/companion device like ipad. The step towards this is to be able to present the playlist content to the user. We thought of using HTML5 as a format to use. But as I am a noob in web technologies, I am not sure whats the best way to produce and present rich dynamic web pages. The content thats presented are video/audio listing that device can play and want this listing to be generated using the user's input criteria. So, what would be the best way to generate these dynamic pages which are rich and rendered as HTML5 pages. (looked at XML & XSLT, but there seems to be some limitations in how well one can use XSLT from some rewviews I saw). Thanks Microkernel PS: This may be silly or very basic as I am a embedded systems developer and not even a noob in web technologoes...

  Read the article

• How can someone with no experience learn how to program?

  - by Mugatu

  A friend and I have been coming up with website ideas for a couple years, mostly just jotting them down whenever we come up with a good, useful idea when browsing the web. For the past 6 months we've hired a couple different programmers to make a couple of the sites for us, but have been disappointed with how it's gone. Been too slow and too many miscommunications for our liking. So like the saying goes if you want something done right do it yourself, we're going to do it ourselves. I know nothing about programming, I've never written a line of code in my life. I consider myself very good with math and about as logical as you can get, but I have zero real-life programming knowledge. The sites we want to make are all pretty 'Web 2.0'ish', meaning user-generated content, commenting on posts, pages that change on the fly, etc. So here are some of my questions for anyone who's been there before: Is there a language you'd recommend learning first? Something that is a good indicator how most other languages work? What web programming languages do you recommend learning first based on popularity both now and the future. I don't want to learn a language that's going to be outdated by the time I'm an expert at it. Any specific books you'd recommend? Any general advice you'd give to someone literally starting at square zero for coding who plans on being in it for the long haul?

  Read the article

• Statistical analysis on large data set to be published on the web

  - by dassouki

  I have a non-computer related data logger, that collects data from the field. This data is stored as text files, and I manually lump the files together and organize them. The current format is through a csv file per year per logger. Each file is around 4,000,000 lines x 7 loggers x 5 years = a lot of data. some of the data is organized as bins item_type, item_class, item_dimension_class, and other data is more unique, such as item_weight, item_color, date_collected, and so on ... Currently, I do statistical analysis on the data using a python/numpy/matplotlib program I wrote. It works fine, but the problem is, I'm the only one who can use it, since it and the data live on my computer. I'd like to publish the data on the web using a postgres db; however, I need to find or implement a statistical tool that'll take a large postgres table, and return statistical results within an adequate time frame. I'm not familiar with python for the web; however, I'm proficient with PHP on the web side, and python on the offline side. users should be allowed to create their own histograms, data analysis. For example, a user can search for all items that are blue shipped between week x and week y, while another user can search for sort the weight distribution of all items by hour for all year long. I was thinking of creating and indexing my own statistical tools, or automate the process somehow to emulate most queries. This seemed inefficient. I'm looking forward to hearing your ideas Thanks

  Read the article

• java web templates across multiple WAR files

  - by Casey

  I have a multi WAR web application that was designed badly. There is a single WAR that is responsible for handling some authorization against a database and defines a standard web page using a jsp taglib. The main WAR basically checks the privileges of the user and than based on that, displays links to the context path of the other deployed WARS. Each of the other deployed WARs includes this custom tag lib. I am working on redesigning this application, and one of the nice things that I want to retain is that we have other project teams that have developed these WAR modules that "plug into" our current system to take advantage of other things we have to offer. I am not entirely sure how to handle the page templates though. I need a templating system that would be easy enough to use across multiple wars (I was thinking of jsp fragments??). I really only need to define a consistent header and main navigation section. Whatever else is displayed on the page is up to the individual web project. Any suggestions? I hope that this is clear, if not I can elaborate more.

  Read the article

• Sending information between JavaScript and Web Services using AJAX

  - by COB-CSU-AM

  Alright so I'm using Microsoft's Web Services and AJAX to get information from a SQL database for use with java script on the client side. And I'm wondering what the best method is. Before I started working on the project, the web services were setup to return a C# List filled with some objects. Those objects variables (ints, strings, etc.) contain the data I want to use. Of course, java script can't do much with this, to the best of my knowledge. I then modified the web service to return a 2D Array, but java script got confused, and to the best of my knowledge can't handle 2D array's returned from C#. I then tried to use a regular array, but then a found the length property of an array in JS doesn't carry over, so I couldn't preform a for loop through all the items, because there wasn't anyway of knowing how many elements there were. The only other thing I can thing of is returning a string with special char's to separate the data, but this seems way too convoluted. Any suggestions? Thanks in advance!

  Read the article

• Barcode not generated in C# web forms?

  - by Sinsil Mathew

  I am trying for create a barcode in my web form.for that i download font IDAutomationHC39M and install in my system,then i run my wesite in localhost but barcode cannot be generated.This is my code protected void Button1_Click1(object sender, EventArgs e) { string barCode = TextBox1.Text; System.Web.UI.WebControls.Image imgBarCode = new System.Web.UI.WebControls.Image(); using (Bitmap bitMap = new Bitmap(barCode.Length * 40, 80)) { using (Graphics graphics = Graphics.FromImage(bitMap)) { Font oFont = new Font("IDAutomationHC39M", 16); PointF point = new PointF(2f, 2f); SolidBrush blackBrush = new SolidBrush(Color.Black); SolidBrush whiteBrush = new SolidBrush(Color.White); graphics.FillRectangle(whiteBrush, 0, 0, bitMap.Width, bitMap.Height); graphics.DrawString("*" + barCode + "*", oFont, blackBrush, point); } using (MemoryStream ms = new MemoryStream()) { bitMap.Save(ms, System.Drawing.Imaging.ImageFormat.Png); byte[] byteImage = ms.ToArray(); Convert.ToBase64String(byteImage); imgBarCode.ImageUrl = "data:image/png;base64," + Convert.ToBase64String(byteImage); } plBarCode.Controls.Add(imgBarCode); } And the result is appear like that code

  Read the article

• General web service ideas

  - by user2014175

  I have a question regarding different types of web services. I'll preface this by saying that I have built a number of apps (for both ios and android) for personal use that interact with the web via php and sql. I have taught myself these languages, and as such don't have the broader background knowledge that many of you do. My question is, in what other ways can you perform an interaction between a web service and a mobile device other than mobile - php - sql - etc. For example, If I built a very simple tracking app for my car, my current method would be to push GPS coordinates from my iphone to my database at a set interval, then I would write a simple bit of javascript that pulled those coordinates out of the database and superimposed them on a google map. Is there a different way to do this? Such as the server acting as a live middle man who simple pushed the coordinates directly to a target browser? Without the database in the middle? If so, are there advantages and disadvantages to these different methods to achieve different goals? I know its a broad question but I'm really intrigued and I'm finding it difficult to word a google search for it. Any info / reading material suggesting would be excellent. Thanks

  Read the article

• Migrating Ajax web application to web socket

  - by Bastan

  Hi, I think i'm just missing a little detail that is preventing me from seeing the whole picture. I have a web application which use ajax request every x time to update client with new information or tasks. I also have a long running process on the server which is a java computation engine. I would like this engine to send update to the client. I am wondering how to migrate my web app to using websocket. Probably phpwebsocket or similar. Can my server 'decide' to send information to a specific client? It seems possible looking at the php-websocket. Can my java backend long process use the websocket server to send notification to a specific client. How? well I can say that my java app could use a class that could send over websocket instead of http. But how the websocket server knows to which client to send the 'info'. I am puzzle by all this. Any document that explain this in more details? It seems that the websocket could create an instance of my web application. Thanks

  Read the article

• License For (Mostly) Open Source Website / Service

  - by Ryan Sullivan

  I have an interesting setup and am not sure how to license a website. I know this is not legal advice, and I am not asking for any. There are so many different Open Source Licenses and I do not have the time to read every last one to see which best fits my situation. Really, I am looking for suggestions and a nudge in the right direction. My setup is: I give away for free version of my web service with a clean website interface. The implementation I use in the actual web site is (almost) identical to what I give away. The main service works the exactly the same way, but the website interface to manage features in the service is fairly different. Really the web interfaces have the same exact backend, and the front ends accomplish the same tasks, but the service I offer on my site is very rich and uses a good deal of javascript, where I kept the interface in the version I give away as simple and javascript-less as possible. Mostly so it is easy to understand and integrate into other sites. I am not entirely sure how I should license this. It is more like I develop an open source service but have a separate site built upon it. I like the GPLv3 but I am not sure if I can use it in this case especially since I am making some money off of google ad's on the site and plan on using amazon affiliates as well. Any help would be greatly appreciated. I do want to open it up as much as possible. But I still want to be able to continue with my own implementation. Thanks in advance for any information or help anyone can provide.

  Read the article

• Security risk of JIRA standalone installation running JRE version 1.6.0_26 vs 1.6.0_29 (latest)

  - by kayaker243

  Atlassian recently introduced a standalone installer that installs JIRA, along with its own JRE. Unfortunately the JRE Atlassian bundles with this installer is 1.6.0_26, whereas the current version of the JRE is 1.6.0_29. This is potentially concerning given there were vulnerabilities in _26 that were fixed in the subsequent versions. We are currently using the bundled-installer version of JIRA and one contractor has recommended we ditch this for the system-installed JRE. My question is this: what is the actual security risk of continuing to use the _26 version of the JRE included in the bundled installer? There is no public access to our install of JIRA (only about 20 employees and contractors can login to our JIRA) and it's only accessible on a subdomain of a domain at which there's no publicly-available website. If there's a not insignificant risk inherent in sticking with the older JRE, why hasn't Atlassian upgraded the default JRE?

  Read the article

• Is it possible to create a read-only user account for security auditing purposes?

  - by user2529583

  An organization requires several administrators to have a role of a security auditor. They must have read-only (via network/remote) access to Windows Server 2008 / R2 systems and have permissions to view the server configuration. They must not be able to make any other changes to the server or the network, like restarting or making any configuration chanages. However I can't find any built-in settings for a user like this. The closest thing is the "Users" user group [1], however from my understanding every user in the domain is in this group and cannot view the domain server's configuration. So, what are other options of implementing a read-only user account in Windows Server 2008? [1] http://technet.microsoft.com/en-us/library/cc771990.aspx

  Read the article

• Are there any security concerns when using Windows' default workgroup?

  - by koiyu

  Are there any security concerns one should be aware of if you're using Windows' default workgroup as the workgroup? (Or is worrying just tinfoiling?) Should it be commonplace to rename the workgroup to something personal/unique after Windows installation? Are there any other benefits in renaming the workgroup from the default besides making it to look more describing? Ie. is renaming worth the hassle as it makes the workgroup generally less accessible? It is used in local area network after all.

  Read the article

• Building NanoBSD inside a jail

  - by ptomli

  I'm trying to setup a jail to enable building a NanoBSD image. It's actually a jail on top of a NanoBSD install. The problem I have is that I'm unable to mount the md device in order to do the 'build image' part. Is it simply not possible to mount an md device inside a jail, or is there some other knob I need to twiddle? On the host /etc/rc.conf.local jail_enable="YES" jail_mount_enable="YES" jail_list="build" jail_set_hostname_allow="NO" jail_build_hostname="build.vm" jail_build_ip="192.168.0.100" jail_build_rootdir="/mnt/zpool0/jails/build/home" jail_build_devfs_enable="YES" jail_build_devfs_ruleset="devfsrules_jail_build" /etc/devfs.rules [devfsrules_jail_build=5] # nothing Inside the jail [root@build /usr/obj/nanobsd.PROLIANT_MICROSERVER]# sysctl security.jail security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.enforce_statfs: 1 security.jail.mount_allowed: 1 security.jail.chflags_allowed: 1 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 0 security.jail.jail_max_af_ips: 255 security.jail.jailed: 1 [root@build /usr/obj/nanobsd.PROLIANT_MICROSERVER]# mdconfig -l md2 md0 md1 md0 and md1 are the ramdisks of the host. bsdlabel looks sensible [root@build /usr/obj/nanobsd.PROLIANT_MICROSERVER]# bsdlabel /dev/md2s1 # /dev/md2s1: 8 partitions: # size offset fstype [fsize bsize bps/cpg] a: 1012016 16 4.2BSD 0 0 0 c: 1012032 0 unused 0 0 # "raw" part, don't edit newfs runs ok [root@build /usr/obj/nanobsd.PROLIANT_MICROSERVER]# newfs -U /dev/md2s1a /dev/md2s1a: 494.1MB (1012016 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 123.55MB, 7907 blks, 15872 inodes. with soft updates super-block backups (for fsck -b #) at: 160, 253184, 506208, 759232 mount fails [root@build /usr/obj/nanobsd.PROLIANT_MICROSERVER]# mount /dev/md2s1a _.mnt/ mount: /dev/md2s1a : Operation not permitted UPDATE: One of my colleagues pointed out There are some file systems types that can't be securely mounted within a jail no matter what, like UFS, MSDOFS, EXTFS, XFS, REISERFS, NTFS, etc. because the user mounting it has access to raw storage and can corrupt it in a way that it will panic entire system. From http://www.mail-archive.com/[email protected]/msg160389.html So it seems that the standard nanobsd.sh won't run inside a jail while it uses the md device to build the image. One potential solution I'll try is to chroot from the host into the build jail, rather than jexec a shell.

  Read the article

• Post-compromise security scan; anything else?

  - by IVR Avenger

  Hi, all. My girlfriend checked her Gmail yesterday morning, and then found, later on in the day, that it would no longer accept her password. She also found that this happened to her Hotmail and Yahoo! accounts. She's only checked these accounts from her work and home PC, and I've spent the day checking the home PC for problems. A full AVG scan revealed a couple of installers for her webcam software that had questionable security signatures, and a full Windows Defender scan brought back nothing. Assuming that her home PC was compromised, somehow, is there anything else I should use to check it for some sort of lingering malicious app before I tell her it's okay to login to her accounts, again? Furthermore, she's going through the GMail "account recovery" process as the account appears to have been disabled. Does anyone know if this actually works? Thanks so much. IVR Avenger

  Read the article

• Is giving read permissions on /etc/shadow to apache user a wise decision from security point of view?

  - by Czar

  I have to use PAM authentication for DAV SVN, but when everything is configured as specified in mod_auth_pam documentation, authentication does not work. After some research I realized, that for this to work, httpd should be running under root user (which I don't like and won't implement) or apache user (under which httpd is running by default) should have permissions to read /etc/shadow file. So there is a pair of questions connected to each other which I want to ask: Is giving this permition to apache user a wise decision from security point of view? If answer to the first question is "yes", what is the correct way to do so? For now I've done following: groupadd shadow usermod -G shadow apache chmod g+r /etc/shadow Another way I can come up with is using acl: setfacl -m u:apache:r /etc/shadow Note: OS is Fedora 14 x86_64 (kernel: 2.6.35.11) httpd v2.2.17 mod_auth_pam v1.1.1

  Read the article

• any security tips for my first server? (complete beginner)

  - by Haroldo

  I'm paying for a VPS and hoping to launch my first website on it in the next few days. I'm worried there might be some glaringly obvious security holes in the standard setup, so I'm keen to get some tips About the only thing i know is turn off error reporting in PHP and create users/privilages for MySQL... any more stuff along those lines? I'm using: cpanel and WHM centos 5 php mysql google apps as mail server (so maybe i should disable built in mailer server somehow?!!) This is my first post of Server Fault (i use stack overflow alot), I hope i'm posting this in the right place, with the right tags - please feel free to edit if i'm wrong. Thanks guys!

  Read the article

• Web Matrix released

  - by TATWORTH

  Microsoft have now released Web Matrix (and ASP.NET MVC3 if you so inclined!) One signifcant utility is IIS Express which will replace Cassini It is worth noting that SP1 for VS2010 should be out in Q1. Links: http://www.hanselman.com/blog/ASPNETMVC3WebMatrixNuGetIISExpressAndOrchardReleasedTheMicrosoftJanuaryWebReleaseInContext.aspx http://www.hanselman.com/blog/LinkRollupNewDocumentationAndTutorialsFromWebPlatformAndTools.aspx http://arstechnica.com/microsoft/news/2011/01/microsoft-releases-free-webmatrix-web-development-tool.ars I am impressed by the copious tutorials on MVC, which I include below: Intro to ASP.NET MVC 3 onboarding series. Scott Hanselman and Rick Anderson collaboration and Mike Pope (Editor) Both C# and VB versions: Intro to ASP.NET MVC 3 Adding a Controller Adding a View Entity Framework Code-First Development Accessing your Model's Data from a Controller Adding a Create Method and Create View Adding Validation to the Model Adding a New Field to the Movie Model and Table Implementing Edit, Details and Delete Source code for this series MVC 3 Updated and new tutorials/ API Reference on MSDN Rick Anderson (Lead Programming Writer), Keith Newman and Mike Pope (Editor) ASP.NET MVC 3 Content Map ASP.NET MVC Overview MVC Framework and Application Structure Understanding MVC Application Execution Compatibility of ASP.NET Web Forms and MVC Walkthrough: Creating a Basic ASP.NET MVC Project Walkthrough: Using Forms Authentication in ASP.NET MVC Controllers and Action Methods in ASP.NET MVC Applications Using an Asynchronous Controller in ASP.NET MVC Views and UI Rendering in ASP.NET MVC Applications Rendering a Form Using HTML Helpers Passing Data in an ASP.NET MVC Application Walkthrough: Using Templated Helpers to Display Data in ASP.NET MVC Creating an ASP.NET MVC View by Calling Multiple Actions Models and Validation in ASP.NET MVC How to: Validate Model Data Using DataAnnotations Attributes Walkthrough: Using MVC View Templates How to: Implement Remote Validation in ASP.NET MVC Walkthrough: Adding AJAX Scripting Walkthrough: Organizing an Application using Areas Filtering in ASP.NET MVC Creating Custom Action Filters How to: Create a Custom Action Filter Unit Testing in ASP.NET MVC Applications Walkthrough: Using TDD with ASP.NET MVC How to: Add a Custom ASP.NET MVC Test Framework in Visual Studio ASP.NET MVC 3 Reference System.Web.Mvc System.Web.Mvc.Ajax System.Web.Mvc.Async System.Web.Mvc.Html System.Web.Mvc.Razor

  Read the article

< Previous Page | 108 109 110 111 112 113 114 115 116 117 118 119  | Next Page >