Search Results

Search found 12720 results on 509 pages for 'moss2007 security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 141/509 | < Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148  | Next Page >

  • Getting much higher than usual brute-force attempts on cPanel

    - by UserZer0
    Although I have many client accounts on my cPanel based server I'm really the only one who has login information to any of the accounts. I have cPhulk setup to alert me and blocking after 4 failed attempts. I usually have only a handful of bots trying to get in each day(2 hosts ago I never had any), but Today the rate has significantly increased, every 10 minutes or so(no not like clockwork, just averaging). Should I be concerned? Is there anything extra I should be doing, is there any automated reporting services I can use? Thanks.

    Read the article

  • How can I avoid logging file not founds commonly caused by vulnerability scanners?

    - by agweber
    My apache logs are pretty much full of 'admin.php' not found or unable to stat and similar statements for wp-login.php, default.php, and so on that are often sought after by vulnerability scanners. Can I configure apache to avoid logging these statements for certain files? I don't want to filter out all file not founds as I'd like to fix bad links that I may have put out over the years that no longer correspond to the same files. I can use a tool like fail2ban or denyhosts, but from previous experiences it comes from so many places that those errors are still going to pile up, and the reducing those error messages are what this question is asking about.

    Read the article

  • What is the most secure way to set up a mysql user for Wordpress?

    - by Sinthia V
    I am setting up Subdomain based MU on my domain.Everything is hosted by me running on one CentOS/Webmin VPS. Will I be better off setting the MySQL user's domain as localhost, 127.0.0.1 or with a wildcard %.mydomain.com? Which is more secure? Is localhost === 127.0.0.1? If not what is the difference? Also, what is my domain from MySQL's or Wordpress' pov when I am connected by ssh terminal? How about When I connect by Webmin or Usermin? Does MySQL see me as Webmin or my Unix user?

    Read the article

  • Preventing an Apache 2 Server from Logging Sensitive Data

    - by jstr
    Apache 2 by default logs the entire request URI including query string of every request. What is a straight forward way to prevent an Apache 2 web server from logging sensitive data, for example passwords, credit card numbers, etc., but still log the rest of the request? I would like to log all log-in attempts including the attempted username as Apache does by default, and prevent Apache from logging the password directly. I have looked through the Apache 2 documentation and there doesn't appear to be an easy way to do this other than completely preventing logging of these requests (using SetEnvIf). How can I accomplish this?

    Read the article

  • How do I check if a program can potentially be a virus?

    - by acidzombie24
    I am running Windows XP in a VM. I want to download a few applications and install the one by one and check if they potentially can be a virus. I assume virus would need to add something to the startup folder, or the application in the startup section in the registry or add a service. What else might it do to become active? Anyway, how can I check to see if a program may be a virus? I use hijack this to get a list of processes and I simply compare it from before I installed to after and see if there's anything different. Is this good enough? My main OS is Windows 7 but I do not have that in a VM and don't see a reason to test with that.

    Read the article

  • How can I limit other (administrator) users access to my profile?

    - by kojo
    Hi, We in our club have a computer with Windows 7 Professional that every club member may use. And everyone has their own separate account. Those accounts have to have administrator priveleges since I want everyone to be able to install any software and use any feature they want. However, there is a single thing that they shouldn't be allowed to do - that is, look into another users' profiles. Now when anyone goes to 'c:\Users(Any User Name)' a little prompt appears that this folder is secured and whether you really want to look inside. Simply clickinh 'ok' give you access to any profile. I tried disabling taking ownership for Administrators group in Group Policies but that had no effect. How can I effectively prohibit administrators looking into each others' profiles and documents?

    Read the article

  • How I can view and block specific applications temporarily from accessing Internet?

    - by Curious Apprentice
    I don't want to block any application permanently from accessing internet. I just want to block some specific applications for a particular time period to gain speed in running some other. I know about one such great tool - that is "Comodo firewall". It can smoothly block and accurately display apps accessing internet. The only problem of installing this is, Windows recommends only one firewall apps and as Im running Windows 7 x64 Ultimate there will be complications if I install this one. I need a tool which can accurately display which apps are accessing internet (through which port) and how much data they are receiving or sending. I also need some arrangement within the app so that I can easily temporarily block that app from accessing internet.

    Read the article

  • permissions on upload folder not working

    - by Camran
    I have a php script which uploads images to a folder. I have these permissions on the upload folder: drwxrwxr-- 4 user user 4096 2010-06-02 16:20 temp_images Shouldn't these permissions be enough for files to be uploaded to the folder? But this doesn't work. It only works when I set the permissions to 777. "user" is added to the www-data group, still no luck. Any ideas why?

    Read the article

  • Encrypt ONE system directory?

    - by acidzombie24
    I dont want to encrypt my whole hard drive. But one app i ENJOY using stores my password in a not so secure way in the AppData folder. I would like to encrypt the folder. One note is the folder is inside my user/name directory. Maybe that will help or hinder the solution. I am fine with encrypting all of AppData if necessary. However i prefer not to encrypt C:\Users\NAME\ since it is heavily used by many apps. C:\Users\NAME\AppData\Local\APPNAME

    Read the article

  • Missed something? Cant upload files to server (permissions)

    - by Camran
    I can upload files as "root" to the Ubuntu server. Then I created a user (me). Next I added the user to the group www-data. Then assigned rwx permissions to www-data. Next, when I try to upload, delete or modify files VIA FILEZILLA, I cant. But via the terminal, I can change files using sudo command. What should I do to be able to upload files without getting the "permission denied" in filezilla? If you need more input let me know. Thanks

    Read the article

  • "The server refused the connection" error in Facebook App [closed]

    - by balajimca
    I am working on creating a facebook app for a webstore and listing its contents in facebook app. My server is not https, but facebook app requires https, it showed "Operation timed out" error. So I disabled secured browsing option in facebook and tested in facebook appcentre. After disable secured browsing , the site was worked well till yesterday.But Today, I tried to check the output, It showing this error "The server refused the connection". How can I fix this error. Please look at the screenshot for clarification.

    Read the article

  • What is the correct way to use Chef-server's 'validation key'?

    - by Socio
    It seems to me that the recommended way of adding clients to a chef server - or my understanding of it - is flawed. from the docs: When the chef-client runs, it checks if it has a client key. If the client key does not exist, it then attempts to "borrow" the validation client's identity to register itself with the server. In order to do that, the validation client's private key needs to be copied to the host and placed in /etc/chef/validation.pem. So the "validation key" is basically the superuser credential, allowing anyone who possesses it full access to the chef server? Am I reading this right? Surely the correct model would be for clients to generate their own keypair, and submit the public key to the chef server. Clients should never need access to this superuser "validation key". How can I do it in this, more secure, manner?

    Read the article

  • How to specify Multiple Secure Webpages with .htaccess RewriteCond

    - by Patrick Ndille
    I have 3 pages that I want to make secure on my website using .htaccess -login.php -checkout.php -account.php I know how to make just one work page at a time using .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] I and trying to figure out how to include the other 2 specific pages to make them also secure and used the expression below but it didn't work RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteCond %{REQUEST_URI} /checkout.php RewriteCond %{REQUEST_URI} /account.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] Can someone help me the right expression that will work with multiple pages? The second part of the code is that, if https is already on and a user move to a page that Is not any of the pages i specified about, I want that it should get back to http. how should I write the statement for it to redirect back to http if its not any of the pages above? I have my statement like this but its not working RewriteCond %{HTTPS} on RewriteRule !(checkout|login|account|payment)\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R] Any thoughts?

    Read the article

  • What are the steps needed to achieve EAL4

    - by Anonymous
    I read the wikipedia article on EAL (http://en.wikipedia.org/wiki/Evaluation_Assurance_Level) but didn't find it very helpful in laying out the steps needed to achieve EAL4. Can someone please lay out in plain English what's involved and what's required?

    Read the article

  • Is there a way to get Apache to blank sensitive data from logs?

    - by i..
    We're trying to clean up one of our systems as much as possible & have found that despite our attempts to block, users are accessing a certain part of our system through a HTTP GET with their password in the URL. This results in our Apache logs recording their password in plain text on the server. Is there an Apache directive or module that can filter out (or replace) certain patterns in its logs?

    Read the article

  • Why is the word PERSONAL still relevant in the term PC? [closed]

    - by Bill
    I have spent half an hour trying to change an icon on my Win-7-64 machine (Why Can't I Change the Icon). One reasonable suggestion (reasonable in terms of having a solution, not reasonable in terms of having to jump through these hoops for such a basic requirement) was to delete the old icon from the %userprofile% \ Local Settings..., however when I click on this folder in Windows Explorer I am told the folder is not accessible - Access Denied. Well! It's my PERSONAL computer isn't it? Isn't that what PC stands for? It's MY computer - why can't I get access to that folder? It's about time we started calling these machines MCs (Microsoft Computer), or WCs (Windows Computer) - because they sure as hell aint PERSONAL damn computers!!!!

    Read the article

  • Java process eating CPU; Why?

    - by Camran
    I have a Linux server which I have installed Java on. Sometimes, and only sometimes when a large nr of visitors visit my website, the site hangs. When I open the terminal and enter the "top" command to see whats going on, I can see that "Java" process is eating CPU! Like 400%. I have also tried ps aux command, and can see that the command is from usr/bin/java I have little experience in troubleshooting this kind of things, so I turn to you guys for help. I have a java container installed (Jetty) which I must have in order to use SOLR (search engine) which is integrated into my website. I can start and stop SOLR by: etc/init.d/solr stop But this didn't remove the java process from the "Top" command. Still java was eating 400% CPU. Is there other methods to restart java only? This has happened twice to me, and each time I have now restarted my entire servers and everithing is fine. If you need more input let me know! Thanks

    Read the article

  • most simple way to get files on a server

    - by acidzombie24
    I am on windows and my server is linux. I would like to grab files from the server automatically with a script. Maybe execute a bash script remotely as well but maybe i dont need that. I need to connect securely and i would like some kind of password so not anyone can connect. I need to download files and i'd like to get every file in a set of folders. I do not want to download them again if they exist. What is the easiest way to do this? i thought of creating a simple .NET site with data in App_Data (so it cant be reached from the outside) however i have a feeling an easier way exist. I'd like to do scp with a shell but i am on windows and also i am unsure how to iterate through folders and only get files that dont exist.

    Read the article

  • Is a VPN a good method for protecting data in an untrusted network? [closed]

    - by john
    I will be connecting my laptop in an untrusted network. If I setup OpenVpn on a server and use a vpn client on the laptop to connect through it, is it enough? Can someone perform a MITM attack or otherwise eavesdrop on my traffic? If someone on the local network port-scans my laptop, will the open ports be accessible to him while I use the VPN tunnel? Is there anything else I should keep in mind?

    Read the article

  • What are my options for a secure External File Share in Server 2008 R2?

    - by Nitax
    Hi, I have a Windows Server 2008 R2 machine installed on a home network with a number of files that need to be shared in a few different scenarios. I would like for all three scenarios to have a solution with some sort of encyption to protect the data during transfer. Scenario 1: I need to access files from my laptop (Mac OSX) or another computer outside of the network. This option seems like the easy one to answer in that I could use LogMeIn, the windows VPN, etc. to create such a connection. Scenario 2: I need to provide access to another user with minimal installation / configuration on his or her end. This makes me think of the new FTP 7.5 provided with Server 2008 R2 but i'm not sure of the details: Does it support SSH or some other form of encryption?, can an OSX user connect?, etc. My question here is what are my options? I really just don't know where to get started...

    Read the article

  • What are the minimal iptables rules to surf the internet?

    - by alexx0186
    I am trying to set minimal rules to my Linux iptables rules file to just be able to surf the internet. Here what I did: * filter -A OUTPUT -p tcp --dport 80 -j ACCEPT -A OUTPUT -p tcp --dport 443 -j ACCEPT -A OUTPUT -p udp --dport 53 -j ACCEPT COMMIT With just those rules, I can't surf the web. I noticed that when I put -A INPUT -j ACCEPT, it works but I don't understand why. So what Input/output port do I need to surf the internet? Thanks a lot. Regards EDIT: It still doesn't work and my rules as as follows: # generated by iptables-save filter :INPUT DROP [10:648] :FORWARD DROP [0:0] :OUTPUT ACCEPT [10:648] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPTED COMMIT

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148  | Next Page >