Search Results

Search found 25503 results on 1021 pages for 'browser security'.

Page 141/1021 | < Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148 | Next Page >

How to install wordpress without a web browser

- by bvandrunen

What I am trying to do is to automate wordpress website creation for the company I am working on. We have lots of information in our database for our customers and we want to create a wordpress website for each customer. The process works great and we have no trouble with the creation of websites/transfer of data or anything like that. The problem we do have is when we buy a new domain (http://www.newdomain.com) our process breaks (we call a stored procedure which installs all the data after the URL is called to install wordpress) if the domain takes more than 15min to resolve. We have tried doing looping (where the process checks to see if the domain resolves and keeps trying - but eventually if fails). So what we are looking for is to see if there is a way to install an URL without actually having the domain resolve yet. I have seen where possibilities where you can change the wp-config file but this doesn't work since we have more than one domain and it changes the source URL for all the domains. What we really need is just a way for us to manually start the install script through a call either through a database or some other way that doesn't check to see if the domain is resolved or pointing at the server or not. Thank for any suggestions. EDIT: All we do to install wordpress is call this URL: http://"newdomain".com/wp-admin/install.php?step=2 - if you change settings in the backend calling this URL will install wordpress without having to go through the wp-admin/install.php form

Read the article
Security: Managing network shares remotely on Ubuntu?

- by Industrial

Hi everyone, I am about to setup a home network server running Ubuntu Server and I'm currently a bit worried about how to handle network shares and permissions in a good way. After working a bit lately with Netgears ReadyNAS's units, I have become really spoiled with how easy it was to set up network shares and giving a specific user different levels of network access to a specific share (forbidden access, read, read/write). How would I accomplish the same with my Ubuntu server through SSH? Thanks a lot

Read the article
Windows 7 security and Avast antivirus turned off by themself

- by Simon Verbeke

I was just browsing around when at once I got messages that UAC, windows defender, Avast, etc. got turned off, without me doing anything. Then my PC turned by itself. I'm now running virus scans and I checked my eventlogs, but found nothing yet. Windows Update also failed to install a new definition after I rebooted. Any idea what this could've been? EDIT: Forgot to mention that everything was turned on again after rebooting. I have since the reboot got nothing abnormal.

Read the article
Online personal extension collection of Chrome browser

- by Nam G. VU

Is it possible to have an online site to see the list/collection of installed extensions of the Chrome browsers installed among my PCs? Please share. ps. I notice that we have the Chrome backup feature which will restore my chrome extensions after we sign in via a Google account. So I need to see the list online somewhere so that to disabled/remove the extensions that I don't wanna waste time reinstalling.

Read the article
using trickle to slow down browser

- by tester

according to trickle's man page, http://linux.die.net/man/1/trickle i can limit the download speed of a process, e.g. trickle -u 10 -d 20 ncftp to Launch ncftp(1) limiting its upload capacity to 10 KB/s, and download capacity at 20 KB/s. how would I go about limiting google-chrome or firefox with trickle? Edit: For those of you asking why I asked such an obvious question, I tried trickle -u 10 -d 20 firefox and I'm getting an error trickle: Could not reach trickled, working independently: No such file or directory firefox opens right after, but is definitely not rate limited...

Read the article
Fresh install of nginx causes browser to download index.html instead of opening it

- by 010110110101

When I view this in Chrome, http://localhost:90 the file is downloaded instead of displayed in Chrome. This question has been asked a lot of times on SO, but about index.php files. My problem is a plain jane HTML file, not a PHP file. That hasn't been asked yet. I was hoping the solution would be similar, but I haven't been able to figure it out. Here's my example.com.conf: server { server_name localhost; listen 90; root /var/www/example.com/html index index.html location / { try_file $uri $uri/ =404; } } My index.html file contains only two words, no markup Hello World I think it's the mime.types. The mime.types file has the entry for html in it. This is a fresh nginx install. nginx -t reports "test is successful"

Read the article
Bypass insane corporate security system

- by user1665154

I'm searching for a posibility to bypass the "Firewall" for 3-4 days. I've tried everything I know, so I ask here for a answer. We have no admin rights and the OS is Windows Vista There is an HTTP Proxy with NTML Authentication (only way to access the internet) It requires a username and password We use smart cards, in fact I have only a user number and a pin. Port 80 and 443 are open - I have an SSH server at home which is listening on port 443 The problem is that I need this proxy to connect to anything. Internet access only works in IE, Chrome, Firefox when I set the proxy settings to "use system proxy settings", "proxy-autoconfig (proxy.pac)" or when I enter the proxy inside the proxy.pac file. However I can't understand where they take the username and password which the Proxy requires. What I've tried was using cntlm to connect to the proxy with authentication (altought I have no PW and username) and PuTTY to create the SSH tunnel over port 443 whit the SOCKS Proxy which I've created with cntml. I've never found some SSH client which includes a "use system proxy settings" function.

Read the article
unable to type in web browser ubuntu 64bit

- by mononym

Hi Guys, I upgraded to 64bit ubuntu and every now and again (quite often though) i am unable to to type into the search box for google in chrome and firefox, i havent tried other browsers as these are the 2 i primarily use. Has anyone else experienced this? any solutions? also i'm unable to drag the slider in youtube (in firefox) to scan through videos.

Read the article
richcopy will not preserve security

- by Peter

I am trying to use Richcopy to transfer files from one server to another. It seems to work well but it is not preserving ACL's. Is there a trick to it?

Read the article
Chrome browser rendering unpredictable mobile layout

- by steve

I am having a very hard time debugging this issue, I may as well find out if others have seen anything similar. I am finding that Webkit browsers are rendering extra space in a stacked menu I'm using for the mobile layout on a site I'm developing. The best way to describe this is with the following images: You can see that the is selected and shown with the padding. There is no margin, and yet there is some space between the top of the padding and the bottom border of the sibling. Here is how it is supposed to look in Firefox: I am interested to see if the community knows what in the world is going on! As I move through the inspector, I am not able to highlight the offending area, making this very hard to diagnose, as I've said.

Read the article
Why is my browser using so much memory?

- by Steve

Hi. I've recently had problems with Firefox running very slowly when I have many tabs open; say 20 tabs. My whole system would slow down. I decided to give Google Chrome a try, and it started out fine. But lately I am finding that it too, slows down my whole system. Looking at Task Manager, chrome.exe is using about 250MB of memory in about 6 different entries in task manager. However, when I shut Chrome down, memory usage is reduced by about 600MB. How can this be? (shows drop in memory usage after ending Chrome.) When my system locks up with Chrome having many tabs open, it takes 10 seconds to load the Start Menu, 10 seconds to expand All Programs, and each folder and subfolder, and 30 seconds for the program to be highlighted under my mouse. It also takes 10 seconds to switch to Notepad. Why is Chrome appearing to use so much more memory than Task Manager indicates? Why is my pagefile being used when I have around 1.1GB of memory? Can I set Chrome to run in RAM and not in the pagefile? How can 20 tabs use 600MB? That's 30MB per tab. Thanks for your help.

Read the article
Fastest security check of file tree on NFS

- by fungs

I am currently experiencing very bad performance using the following on an NFS network folder: time find . | while read f; do test -L "$f" && f=$(readlink -m $f); grp="$(stat -c %G $f)"; perm="$(stat -c %A $f)"; done Question 1) Within the loop permissions are checked using the variables grp and perm. Is there a way to lower the amount of disc I/O for these kind of checks over the network (e.g. read all meta data at once using find)? Question 2) It seems like the NFS isn't tuned very well, the same operation on a similar network link via SSHFS take only one third of the time. All parameters are auto-negotiated. Any suggestions?

Read the article
Security Rights to View Replication Monitor

- by user24192

Does anyone know how to give developers access to add a publisher in Replication Monitor SQL2005 and monitor the subscriptions, without giving them SA rights?

Read the article
Free Proxy Paperbus makes browser not work

- by John

I installed Paperbus Phttp://www.paperb.us/ but when I turn it on my browsers don't work at all, it just loads and loads and doesn't load the websites.

Read the article
Browser Install with Bookmarks

- by Tawm

Goal: Install firefox and chrome with a default set of bookmarks on Windows 7 x86. The immediate need is for freshly imaged machines to have bookmarks. So I'm looking for an msi /flag or something to either import bookmarks for a file or import settings from IE. Another possibility it seems is push installers/import actions from GPO on the domain. Seems like this might be best since if stuff changes in the future I can update as needed. I'm open to other options as well.

Read the article
Security against IP spoofing [on hold]

- by user1369975

I am pursuing a college project, in which I am running three fake services on three ports to protect the main service (say running at port 80). The concept is that if the user is malicious, he'll try to bring the services down and access the fake services. These ports adopt a blocking process of a connection request and record the IP and port of the client. These are logged and aren't granted access on service on port 80. But what to do if the client spoofs his IP? How can I modify my system?

Read the article
joomla and allow_url_fopen [closed]

- by liz

so i have been reading of the pros and cons of allowing: allow_url_fopen. but i am still confused. after a recent hacking incident (which i believe had nothing to do with allow_url_fopen) my host turned allow_url_fopen off. so the thing i dont get is, in joomla 2.5.x there is an updating feature.you can search for new versions and be notified if things are out of date. there is a big security hole if joomla or its extensions get out of date. But the catch it needs allow_url_fopen turned on. so why did joomla build a security risk into a feature to improve security??is it okay to turn allow_url_fopen on and have the updating feature? to clarify: my question is. i have Joomla installed. I have CURl installed. when i run the discover updates through NATIVE joomla i get a request for fopen. shouldn't i not need to enable a security risk? i am running version 2.5.8 of joomla.

Read the article
How should I secure my webapp written using Wicket, Spring, and JPA?

- by Martin

So, I have an web-based application that is using the Wicket 1.4 framework, and it uses Spring beans, the Java Persistence API (JPA), and the OpenSessionInView pattern. I'm hoping to find a security model that is declarative, but doesn't require gobs of XML configuration -- I'd prefer annotations. Here are the options so far: Spring Security (guide) - looks complete, but every guide I find that combines it with Wicket still calls it Acegi Security, which makes me think it must be old. Wicket-Auth-Roles (guide 1 and guide 2) - Most guides recommend mixing this with Spring Security, and I love the declarative style of @Authorize("ROLE1","ROLE2",etc). I'm concerned about having to extend AuthenticatedWebApplication, since I'm already extending org.apache.wicket.protocol.http.WebApplication, and Spring is already proxying that behind org.apache.wicket.spring.SpringWebApplicationFactory. SWARM / WASP (guide) - This looks the newest (though the main contributor passed away years ago), but I hate all of the JAAS-styled text files that declare permissions for principals. I also don't like the idea of making an Action class for every single thing a user might want to do. Secure models also aren't immediately obvious to me. Plus, there isn't an Authn example. Additionally, it looks like lots of folks recommend mixing the first and second options. I can't tell what the best practice is at all, though.

Read the article
What prevents a user from adding controls to an ASP.NET page client side?

- by Curtis White

This goes back to my other question which I thought was sufficiently answers but upon reflect am not sure that it was (sorry). Backgrounder: I am generating a form dynamically. I am pulling from the database the controls. I must associate each control with a database ID which is not the user's session id. I do this currently by storing my ID in the ID for the web control with some other stuff to make it unique/clear what I am doing. On the post back, I iterate through all the controls on my web page checking for my special identifier, ie, MyGeneratedTextBox_ID_Unique. This process enables for 2 important steps, identifying the control was one I generated and also getting the ID for this input field. And, all of this works but I'm still concerned about the security of it. I do not see a security issue with showing the actual database ID's in this case, although agree it is not desirable. However, I am concerned of the following possibilities: If a user could add a nefarious control to my collection and use that for a SQL injection attack. More academic, but if a user could somehow store data for fields they do not have access too by changing the id's. I agree this is a "hack" of a way to do it. But my question is, is it a security risk and is there an 'easy' way to do it in a less hack way? I assume that only the controls that are created/instantiated on the page are added to the controls list.. thus all controls must be created server side and thus the security issue is address but just wanted to validate. Thanks again. PS: I could see adding a property for each control and encrypting the viewstate would be a little more secure.

Read the article
Using VLANs/subnetting to separate management from services?

- by YouAreTheHat

Background: I recently purchased a server and a managed switch for my home in the hopes of getting more experience and some fun toys to play with. The devices and appliances I either have or plan to have cover a broad spectrum: router, DD-WRT AP, Dell switch, OpenLDAP server, FreeRADIUS server, OpenVPN gateway, home PCs, gaming consoles, etc. I intend to segment my network with VLANs and associated subnets (e.g., VID10 is populated by devices on 192.168.10.0/24). The idea is to secure the more sensitive appliances by forcing traffic through my router/FW. Setup: After thinking and planning for some time, I have tentatively decided on 4 VLANs: one for the WAN connection, one for servers, one for home/personal devices, and one for management. In theory, the home VLAN will have limited access to the servers, and the management VLAN will be totally isolated for security. Question: Since I want to restrict access to management interfaces, but some appliances have to be accessible to other devices, is it possible/wise to have only management (SSH, HTTP, RDP) available on one VLAN/IP and only services (LDAP, DHCP, RADIUS, VPN) available on other? Is this a thing that is done? Does it gain me the security I think it does, or hurt me in some way?

Read the article
Windows 7: Windows Firewall: Logging/Notifying on Outgoing Request Attempts

- by Maxim Z.

I'm trying to configure Windows Firewall with Advanced Security to log and tell me when programs are trying to make outbound requests. I previously tried installing ZoneAlarm, which worked wonders for me with this in XP, but now, I'm unable to install ZA on Win7. My question is, is it possible to somehow monitor a log or get notifications when a program tries to do that if I set all outbound connections to auto-block, so that I can then create a specific rule for the program and block it.? Thanks! UPDATE: I've enabled all the logging options available through the Properties windows of the Windows Firewall with Advanced Security Console, but I am only seeing logs in the %systemroot%\system32\LogFiles\Firewall\pfirewall.log file, not in the Event Viewer, as the first answer suggested. However, the logs that I can see only tell me the request's or response's destination IP and whether the connection was allowed or blocked, but it doesn't tell me what executable it comes from. I want to find out the file path of the executable that each blocked request comes from. So far, I haven't been able to.

Read the article
What to do before connecting Ubuntu Server to the internet for the first time?

- by CodeMonkey

I just finished installing Ubuntu Server 12.10 on an Asus Eee PC 1000H (to be used as a home server/sandbox) from USB. I installed this software during installation: OpenSSH server LAMP server Samba file server Virtual Machine host I won't use 2, 3 or 4 for a while though. Can/should I turn these off somehow? I have turned home directory encryption on. Security updates are installed automatically. I have chosen a strong password for the single user. I have never plugged in the internet cable so far. Before doing so I'd like to ask: What can/should I do/install to increase security before connecting to the internet? Firewall? Fail2ban? Users/Passwords? Encryption? Enable/Disable functionality? etc. I'm sorry if you get this question a lot. I've searched around quite a while, but it still feels like I might overlook something important.

Read the article
Password Cracking Windows Accounts

- by Kevin

At work we have laptops with encrypted harddrives. Most developers here (on occasion I have been guilty of it too) leave their laptops in hibernate mode when they take them home at night. Obviously, Windows (i.e. there is a program running in the background which does it for windows) must have a method to unencrypt the data on the drive, or it wouldn't be able to access it. That being said, I always thought that leaving a windows machine on in hibernate mode in a non-secure place (not at work on a lock) is a security threat, because someone could take the machine, leave it running, hack the windows accounts and use it to encrypt the data and steal the information. When I got to thinking about how I would go about breaking into the windows system without restarting it, I couldn't figure out if it was possible. I know it is possible to write a program to crack windows passwords once you have access to the appropriate file(s). But is it possible to execute a program from a locked Windows system that would do this? I don't know of a way to do it, but I am not a Windows expert. If so, is there a way to prevent it? I don't want to expose security vulnerabilities about how to do it, so I would ask that someone wouldn't post the necessary steps in details, but if someone could say something like "Yes, it's possible the USB drive allows arbitrary execution," that would be great! EDIT: The idea being with the encryption is that you can't reboot the system, because once you do, the disk encryption on the system requires a login before being able to start windows. With the machine being in hibernate, the system owner has already bypassed the encryption for the attacker, leaving windows as the only line of defense to protect the data.

Read the article
Running multiple sites on a LAMP with secure isolation

- by David C.

Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation. What is the best practice in this case? Basically, what do hosting companies do to sleep well? :) Thanks very much! David

Read the article
How (in)secure are cell phones in reality?

- by Aron Rotteveel

I was recently re-reading an old Wired article about the Kaminsky DNS Vulnerability and the story behind it. In this article there was a quote that came across a little bit exaggerated to me: "The first thing I want to say to you," Vixie told Kaminsky, trying to contain the flood of feeling, "is never, ever repeat what you just told me over a cell phone." Vixie knew how easy it was to eavesdrop on a cell signal, and he had heard enough to know that he was facing a problem of global significance. If the information were intercepted by the wrong people, the wired world could be held ransom. Hackers could wreak havoc. Billions of dollars were at stake, and Vixie wasn't going to take any risks. When reading this I could not help but feel like it was a bit blown-up and theatrical. Now, I know absolutely nothing about cell phones and the security problems involved, but to my understanding, cell phone security has quite improved over the past few years. So my question is: how insecure are cell phones in reality? Are there any good articles that dig a bit deeper into this matter?

Read the article

< Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148 | Next Page >