wildcard ssl - Page 120

mystery Internet traffic to port 445

- by Ben Collver

Recently, I noticed traffic from the office network to TCP port 445 on the Internet [a]. Below are the Linux firewall log entries to Facebook's network [b] and Google's network [c]. I would like to identify the source of this traffic. My first guess is that Facebook and Google might be using multiple TCP ports for SSL load balancing. However, I could not confirm this based on the web proxy logs. What else might it be? [a] http://support.microsoft.com/kb/204279 [b] Sep 4 08:30:03 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.131 DST=69.171.237.34 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=14287 DF PROTO=TCP SPT=51711 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 [c] Aug 28 06:02:41 firewall01 kernel: IN=eth0 OUT=eth2 SRC=10.0.0.115 DST=173.194.33.47 LEN=52 TOS=0x00 PREC=0x00 TTL=127 ID=4558 DF PROTO=TCP SPT=49294 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0

Read the article

How to share files between cPanel accounts?

- by Darren

I am setting up a multi-site/multi-store Magento installation, and I want each site to have its own cPanel account so I can setup the SSL and dedicated IP properly. I have tried to create a linux group called 'magento' and changed the files I need to share to that group (even added the users to that group), however when I try to access files through my scripts on those accounts it doesn't acknowledge the files exist. I first made a soft symbolic link which didn't work and then including them to their real location but it didn't work. Am I missing a step in allowing which users can access which files? I added the users to the magento group and like I said changed the group of the files I need to share to them but it's still not working. Thanks, Darren

Read the article

vsftpd: refusing to run with writable root inside chroot

- by MrROY

I want to setup a anonymous only ftp server (able to upload files). Here is my config file: listen=YES anonymous_enable=YES anon_root=/var/www/ftp local_enable=YES write_enable=YESr. anon_upload_enable=YES anon_mkdir_write_enable=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES dirmessage_enable=YES use_localtime=YES secure_chroot_dir=/var/run/vsftpd/empty rsa_cert_file=/etc/ssl/private/vsftpd.pem pam_service_name=vsftpd But when i try to connect it: kan@kan:~$ ftp yxxxng.bej Connected to yxxx. 220 (vsFTPd 2.3.5) Name (yxxxg.bej:kan): anonymous 331 Please specify the password. Password: 500 OOPS: vsftpd: refusing to run with writable root inside chroot() Login failed Can anyone help ?

Read the article

mod_access for lighttpd causes a 403 error for all POST requests

- by Sam

I have found on my debian server that running the lighttpd module mod_access is causing the server to response with a 403 to all POST requests. It's very odd as I have two servers, one is running as I'd expect and the other keeps returning these 403's. They are running identical configs for lighttpd and php. My lighttpd.conf is: https://gist.github.com/4269500 There is also one other custom conf: https://gist.github.com/4269508 I've opened up the servers for requests until I get this fixed, the server that works is http://mercury.isitup.org/ and the one that fails is http://venus.isitup.org/. After working out that disabling mod_access resolves the problem I greped all my lighttpd configs for uses of it (docs). Disabling each line I found didn't help, leading me to think this is perhaps some default behaviour (or bug?)... Has anyone come across this before or know what configuration value I've got wrong? Versions Debian: Debian GNU/Linux 6.0.6 (squeeze) Lighttpd: lighttpd/1.4.28 (ssl) PHP: PHP 5.3.19-1~dotdeb.0 with Suhosin-Patch (cli)

Read the article

Mikrotik server networks and Cain & Abel

- by user269742

I'm connected to the internet via a mikrotik server network. Recently, I read about that scaring application named Cain & Abel and all the capabilities it offered for malicious users. I don't know if anyone on my network is using or even aware of such application but my questions are: 1- How to protect myself from this program? 2- How to know if someone using such application against me? 3- Is Tor Bundle capable of protecting me from Cain & Abel? 4- If I filled my e-mail password via SSL page, Can Cain & Abel collect it? 5- Is it safe to use SKYPE or Yahoo Messenger voice chat if some one using Cain & Abel on my network?

Read the article

Need help configurating my Tomcat server

- by gablin

I just reinstalled my entire server, and now I can't seem to get my JSP-based website to work on Tomcat anymore. I use the same server.xml file, which worked perfectly before the reinstallation, but no longer. Here's the content of the server.xml file which worked before:  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />  <Listener className="org.apache.catalina.core.JasperListener" />  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />  <GlobalNamingResources>  <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" /> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />   <Engine name="Catalina" defaultHost="localhost">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>        <Host name="www.rebootradio.nu"> <Alias>rebootradio.nu</Alias> <Context path="" docBase="D:/services/http/rebootradio.nu" debug="1" reloadable="true"/> </Host> </Engine> </Service> </Server> The JSP site doesn't use any WAR files or anything like that; there's just a default.jsp in the specified folder D:/services/http/rebootradio.nu which loads the site. As I said, this configuration worked before, but now with the latest verion of XAMPP and Tomcat it doesn't work anymore. All I get is a 404 message saying The requested resource () is not available.

Read the article

Walkthrough/guide building aplication server for multi tenant web app [on hold]

- by Khalid Adisendjaja

The web app will detect a subdomain such as tenant1.app.com, tenant2.app.com, etc to identify tenant environment, each tenant environment will have a different database credential (port,db name,etc) but still connecting to the same database server. Each tenant should use app.com for their main domain, using their own domain is prohibitted. Each tenant will have their own rest api endpoint such as tenant1.app.com/api/v1/xxxx, tenant2.app.com/api/v1/xxxx, tenant3.app.com/api/v1/xxxx I've come to a simple solution by setting a wildcard subdomain (*.app.com) on webserver Apache/Nginx vhost configuration file. I have googled so many concept for building a multi-tenant app server but still don't understand how to really done it, what is the right way to do it and what is actually required to do this task. So I've come to this questions, Do I need a proxy server, dns masking, etc.. How to monitor each tenants activity What about server performance, load balancing, and scalability How to setup ssl certificate for each tenant what about application cache for each tenant Is it reliable to use the setup for production etc ... I have a very litte experience on server infrastructure, so I'm looking for a DIY walkthrough, step by step guide, or sophisticate solution ready to implemented for production

Read the article

RemoteApp: Logging in as user x disconnects user y

- by onik

I'm having a pretty bizarre problem with a Terminal Services server used for RemoteApp. In our network the server works as it should, but at a client's office if two users log in simultaneously, the first one gets disconnected as the other one connects. The users belong to the same group but have individual users. The similar configuration works fine for all other clients. About the server, it's Windows 2008 R2 x64, no AD, SSL encrypted connections. Event viewer shows no useful information. Any hints where to start debugging? Do you need more info about the setup?

Read the article

Puppet apache module causing 'Error 400 on SERVER: Invalid parameter identifier'

- by Andy Shinn

I am receiving the following error when trying to use the latest puppetlabs-apache module from github (https://github.com/puppetlabs/puppetlabs-apache): Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter identifier at /etc/puppet/environments/apache_update/modules/apache/manifests/mod.pp:40 on node zordon.mydomain.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run My node config looks like: node 'zordon.mydomain.com' { include template::common include template::puppetagent include template::lamp User::Create sudo::conf { 'joe': priority = 60, content = 'joe ALL=(ALL) NOPASSWD: ALL', require = User::Create['joe'], } } The template::lamp class is what uses apache module: class template::lamp { include myfirewall Firewall Firewall class { 'apache': } class { 'apache::mod::php': } class { 'apache::mod::ssl': } class { 'mysql::server': } } It looks like serverfault markup is getting garbled on Puppet realize statements. The User::Create and Firewall lines are just realizing a user and 2 firewall rules. I have verified that the /var/lib/puppet/lib/puppet/type/a2mod.rb type has the identifier parameter and it is the same MD5 as the server. I am using Puppet 3.0.1 on both agent and master. Any idea what may cause this?

Read the article

webmin not working on port 10000

- by Ali

Hi, I posted a similar question yesterday but can't seem to find that post. I have installed webmin on my server which has SSL and its service is running but I am unable to open it in browser. I thought may be the port is blocked by server's firewall so I entered port 10000 (TCP - inbound) in APF but still no luck. When I use https://localhost:10000 on server to access webmin then it works fine but not remotely. Why is such a simple thing so hard to run? Thanks

Read the article

Windows replacement for HAProxy

- by GrayWizardx

It does not appear that there is a similar question to this already posted, so I will go ahead and ask. I am working on a project that could benefit from having two - four servers handling incoming requests to a backend webservice. The service does not require SSL but does need to support occassional long running processes (upto 120 secs). This project does not at present have the funding to purchase a hardware load balancing solution. I have previously used HAProxy as a solution for this, and found it very simple and straightforward. Is there a similar product for windows (server 2003 or 2008) which provides similar configuration options and runs as a lightweight service? For reasons outside my control I cannot setup a Linux machine (physical or virtual) and so I am looking for behaviour that can be deployed on a windows machine. I can only find Perlbal which appears to fall into this category. So as not to keep this open indifenitely I will give credit to the only answer.

Read the article

Google App Engine says "Must authenticate first." while trying to deploy any app

- by Oleksandr Bolotov

Google App Engine says "Must authenticate first." while trying to deploy any app: me@myhost /opt/google_appengine $ python appcfg.py update ~/sda2/workspace/lyapapam/ Application: lyapapam; version: 1. Server: appengine.google.com. Scanning files on local disk. Scanned 500 files. Scanned 1000 files. Initiating update. Email: <my_email_was_here>@gmail.com Password for <my_email_was_here>@gmail.com: Error 401: --- begin server output --- Must authenticate first. --- end server output --- We are getting this message with any appliation and under any developer account avialable to us That's what we have installed: App Engine SDK - 1.3.2 PIL - 1.1.7 Python - 2.5.5 pip - 0.6.3 ssl - 1.15 wsgiref - 0.1.2 So, what can it be? Is it well known problem?

Read the article

Setting up Shibboleth to secure part of a website

- by HorusKol

I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives: AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems. I have restarted the apache service and I have no errors in the log files.

Read the article

Adding a second IP address for IIS - static vs dynamic A records

- by serialhobbyist

I'm looking to add a second IP address to IIS so that I can run two sites with different SSL certificates. When I added one on my play box and ran ipconfig /registerdns both addresses were registered in DNS with the server's name. So, I deleted the A record for the new IP address and rebooted. That also registered both names. So, then I went into the network config for the adapter and, on the DNS tab, unchecked "Register this connection's addresses in DNS". I deleted the A record for the new IP address again and re-ran ipconfig /registerdns. This time, it deleted the A record for the old IP address and didn't created one for the new address. Neither of these is what I want: I want the main IP address to be registered and refreshed automatically as a dynamic DNS record and the second IP address to be registered and managed as a static address. Is there any way to achieve this?

Read the article

how to pass domain name to backend with pound

- by FurtiveFelon

I am using pound as a way to decode SSL for the backend, but the bulk of the work is done on varnish (including virtualhost stuff). As a result, I need pound to just forward all other traffic to varnish verbatim, but it doesn't seem to do that. I am using the default configuration: ListenHTTP Address 1.2.3.4 Port 8080 ## allow PUT and DELETE also (by default only GET, POST and HEAD)?: xHTTP 0 Service BackEnd Address 127.0.0.1 Port 80 End End End So whenever I hit example.com:8080, it will always redirect to the default backend for varnish, which i assume was because the domain (host) header isn't send along. Anyone know what could be wrong? Thanks a lot! Jason

Read the article

Testing php mail() in localhost problem

- by Samir Ghobril

Hey guys, recently I just installed msmtp in linux and I even send a mail from the terminal and it worked: echo -e "Subject: Test Mail\r\n\r\nThis is a test mail" |msmtp --debug --from=default -t [email protected] But in php, after editing the php.ini file to have this: sendmail_path = '/usr/bin/msmtp -t' and using this piece of code: <?php if ( mail ( '[email protected]', 'Test mail from localhost', 'Working Fine.' ) ){ echo 'Mail sent'; } else{ echo 'Error. Please check error log.'; } ?> I get the Mail sent message but don't receive a message in my inbox. Not even in the spam folder. Anything wrong I'm doing? msmtp configuration file: defaults tls on tls_starttls on tls_trust_file /etc/ssl/certs/ca-certificates.crt account default host smtp.gmail.com port 587 auth on user [email protected] password password from [email protected] logfile /var/log/msmtp.log

Read the article

IIS Reverse Proxy support for multiple protocols

- by Abraxas

I have a server 2012 machine running IIS. It's in my DMZ and I would like to use it to do reverse proxy for several services. I can get it to route traffic on port 80 to 2 separate internal servers running web apps but there are some issues when I try to forward SSH (not port 80/443) and then when I try to forward OWA (Micrsoft exchange's 'webmail' services) to the internal mail server I run in to issues with guides (like this: http://blogs.technet.com/b/exchange/archive/2013/07/19/reverse-proxy-for-exchange-server-2013-using-iis-arr-part-1.aspx) when they say to have all traffic forwarded to the server farm created for OWA. My question for you all is this - given that there is no more Threat Management Gateway (only runs on server 2008) and ISA 2006 is also dead - is it possible to support multiple types of reverse proxies with different protocols (ftp, ssh, web, ssl-web) in IIS, or would it be better to install a different DMZ OS like a nginx server and use linux firewalls + nginx reverse proxy? Thanks for any help!

Read the article

Exim: send every emails with a predefined sender

- by Gregory MOUSSAT

We use Exim on our servers to send emails only from local automated users, as root, cron, etc. We have to specify every possible users into /etc/email-addresses. For example: root: [email protected] cron: [email protected] backup: [email protected] This allow us te receive every email generated. The problem is when we add a user for whatever reason (for example when we add a package, some add a user), we can forget to add this user to /etc/email-addresses. Most of the time it's not a problem, but this is not clean. And the overall method is not clean. We'd like to configure Exim to send every emails with the same source address. i.e. every sent email comes from [email protected] One way could be to use a wildcard or a regular expression into /etc/email-addresses but this is not supported. I don't currently understand Exim enought to figure out how to modify this in a way or another. Ideally, Exim should look into /etc/email-addresses first, and if no match it use the predefined address. But this is very secondary. There are two places where this address is used: 1. when Exim send the FROM: command to the smtp server 2. inside the header edit: The rewrite section is the original one from Debian begin rewrite .ifndef NO_EAA_REWRITE_REWRITE *@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses} \ {$value}fail}" Ffrs *@ETC_MAILNAME "${lookup{${local_part}}lsearch{/etc/email-addresses} \ {$value}fail}" Ffrs .endif (comments removed)

Read the article

How to disable System service from listening on port 80 in Windows Server 2003

- by Miky D

I'm trying to install a service on a Windows Server 2003 machine which is supposed to listen on port 80 but it fails to start because some other service is already listening on that port. So far I've disabled the IIS Admin service and the HTTP SSL service but no luck. When I run netstat -a -n -o | findstr 0.0:80 it gives me the process id 4 as the culprit, but when I look at the running processes that process id points to the "System" process. What can I do to get the System process to stop listening on port 80 and get my service to listen instead?

Read the article

Timeout Error in SQL Server Database Mail Feature

- by RedLEON

I configured database mail profile as gmail smtp server, SSL and port 465. I didn't restart server. And this is first time to use Database Mail feature on that server. When I send a testing mail it give me this error message: The mail could not be sent to the recipients because of the mail server failure. (The operation has timed out) I tried this mail configuration with Thunderbird and I could send messages througt this SMTP. Why is SQL Server giving this eror message? I searched here but didn't find any solution.

Read the article

Puppet claims to be unable to resolve domains even if domain properly resolves

- by gparent

I have a fairly simple puppet setup, one master and one node, both running Debian Squeeze 6.0.4. I have DNS entries for the two machines, client and master respectively. Both client and master's DNS entries resolve correctly on both machines to the right IPs. On my client, I have this configuration: [main] server = master.example.org logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter pluginsync=true templatedir=/var/lib/puppet/templates Key exchange seems to fail, according to this messages in /var/log/syslog: localhost puppet-agent[11364]: Could not request certificate: getaddrinfo: Name or service not known Why is resolution not working only for puppet?

Read the article

Deploying ASP.NET MVC to Windows Server 2003

- by pete the pagan-gerbil

Hi, I have a problem with an MVC 2 website on Windows Server 2003 running IIS 6. It is externally hosted, but we have a 2003 server internally for testing. The internal server runs the website fine, the external server gives a 403 ("website declined to show this page") error when navigating to the root of the site, and a 404 if I try to navigate directly to a page resource. I have tried the wildcard ISAPI mapping and extension mapping, and a couple of other common checks (I forget exactly which now, most of them were already set correctly), but so far no joy. All the settings can be replicated on our internal server and the pages return properly. IIS logs just show exactly what the browser shows - 404 errors and 403s. I've read about a different level of trust required for an MVC application compared to a WebForms application - how can I check permissions and trust levels on the external and internal servers (assuming I am able to check that) and if that would cause these errors, what are the minimum levels that MVC require? Failing that, what else might be causing this error for me to try out?

Read the article

kernel openvpn segfault

- by Rex

e.. I have some trouble about OPENVPN these days.. At first,I find that the OPENVPN is always down. Then I try to restart it.But after a short while,It's down again. Then I check /var/log/messages and find something below openvpn[4338]: xxx.xxx.xxx.xxx:48484 Re-using SSL/TLS context openvpn[4338]: xxx.xxx.xxx.xxx:48484 LZO compression initialized openvpn[4338]: xxx.xxx.xxx.xxx:48484 [abc.abc_] Peer Connection Initiated with xxx.xxx.xxx.xxx:48484 kernel: openvpn[4338]: segfault at 0000000000000018 rip 00002b75ca30ca2e rsp 00007fff153806a0 error 4 Obviously,OPENVPN is Down. So,I just want to know what's wrong here..... P.s. The username should be abc.abc.But it shows that is abc.abc_ Is there something wrong? CentOS 5.4 x64 Linux 2.6.18-238.9.1.el5 My English is very pool... :( Thanks~

Read the article

Get Jira to run on shared Windows server on port 80

- by codeulike

I know this can be done on Linux with JIRA, using mod_proxy, but I'm not sure if its possible on Windows: Say we have a Windows server running IIS 7.0 and serving up pages on port 80, via an address like: http://twiddle.something.com We then install JIRA on the server, it uses its bundles Apache web server to serve stuff up on port 8080, like this: http://twiddle.something.com:8080 Is there a way to configure IIS and Apache so that JIRA runs off a port 80 folder, as in: http://twiddle.something.com still hits IIS http://twiddle.something.com/Jira hits JIRA on Apache? Thanks edit: I guess we might also want to throw SSL into the mix for JIRA too....

Read the article

php startup error Invalid library (maybe not a PHP library) 'pcntl.so'

- by And-y

After searching for hours to solve my problem and found nothing helpful I ask my first question here. I want to compile and install php 5.3.17 cli with pcntl extension enabled on a Debian server. The installation was successfull but when I start php cli, the following error is displayed: PHP Warning: PHP Startup: Invalid library (maybe not a PHP library) 'pcntl.so' in Unknown\ on line 0 The following configure is used: './configure' '--prefix=/usr/share' '--datadir=/usr/share/php' '--bindir=/usr/bin' '--libdir=/usr/share' '--includedir=/usr/include' '--with-config-file-path=/etc/php5/cli' '--disable-cgi' '--enable-bcmath' '-- enable-inline-optimization' '--enable-mbstring' '--enable-mbregex' '--enable-pcntl' '--enable-sigchild' '--enable-shmop' '--enable-sysvmsg' '--enable-sysvsem' '--enable-sysvshm' '--with-mysql' '--with-imap' '--with-imap-ssl' '--with-kerberos' In the php.ini following options are set: extension_dir=/usr/lib/php5/20090626/ extension=pcntl.so I hope someone can help me.

Search Results

Search found 3868 results on 155 pages for 'wildcard ssl'.

Page 120/155 | < Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >

- by Ben Collver

- by Darren

- by MrROY

- by Sam

- by user269742

- by gablin

- by Khalid Adisendjaja

- by onik

- by Andy Shinn

- by Ali

- by GrayWizardx

- by Oleksandr Bolotov

- by HorusKol

- by serialhobbyist

- by FurtiveFelon

- by Samir Ghobril

- by Abraxas

- by Gregory MOUSSAT

- by Miky D

- by RedLEON

- by gparent

- by pete the pagan-gerbil

- by Rex

- by codeulike

- by And-y

< Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >