Search Results

Search found 5864 results on 235 pages for 'secure gateway'.

Page 22/235 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • Secure PHP environments with PHP-FPM and SFTP

    - by pdd
    I'd like to set up secure environments for a small number of untrusted PHP websites on a Debian server. Right now everything runs on the same Apache2 with mod_php5 and vsftpd for administrative file access, so there is room for improvement. The idea is to use nginx instead of apache, SFTP through OpenSSH instead of vsftpd and chrooted (in sshd_config), individual users for each website with their own pool of PHP processes. All these users and nginx are part of the same group. Now in theory I can set 700 permissions on all PHP scripts and 750 on static files that nginx has to serve up. Theoretically, if a website is compromised all the other users' data is safe, right? Are there better solutions that require less setup time and memory per website? Cheers

    Read the article

  • Could not establish a secure connection to server with safari

    - by pharno
    Safari tells me that it couldnt open the page, because it couldnt establish a secure connection to the server. However, other browsers (opera, firefox) can open the page. Also, theres nothing in the apache error log. The certificate is selfsigned, and uses standart values. (seen here: http://www.knaupes.net/tutorial-ssl-zertifikat-selbst-erstellen-und-signieren/ ) ssl config: SSLEngine on #SSLInsecureRenegotiation on SSLCertificateFile /home/gemeinde/certs/selfsigned/gemeinde.crt SSLCertificateKeyFile /home/gemeinde/certs/selfsigned/gemeinde.key #SSLCACertificateFile /home/gemeinde/certs/Platinum_G2.pem #SSLOptions +StdEnvVars <Location "/"> SSLOptions +StdEnvVars +OptRenegotiate SSLVerifyClient optional SSLVerifyDepth 10 </Location>

    Read the article

  • Secure login for Firefox alternatives

    - by ldigas
    For some reason, Secure Login 0.9.3. on FF 3.5.4. is relatively buggy (it randomly stops working saying it is not compatible, but continues to work after I uninstall it and reinstall afterwards ... then it stops working after some time. No new extensions were added in the meantime; just BitDefender was installed on the system ... not sure whether he has something to do with it.). What would be good alternatives to it (except RoboForm) which give the same behaviour ? All ideas welcomed.

    Read the article

  • McAfee Secure Messaging Service / Postini: false positive?

    - by Martin
    Hello, I'm puzzled by this email message that gets quarantined by McAfee Secure Messaging Service (it's based on Postini) for no reason that I can think of. Here are the Postini headers: X-pstn-2strike: clear X-pstn-neptune: 0/0/0.00/0 X-pstn-levels: (S: 0.02932/98.63596 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) X-pstn-settings: 3 (1.0000:1.0000) s cv gt3 gt2 gt1 r p m c X-pstn-addresses: from [db-null] X-pstn-disposition: quarantine I read the docs (http://www.mcafee-sms.com/webdocs/admin%5Fee%5Fmcafee/wwhelp/wwhimpl/common/html/wwhelp.htm?context=MACAFFHelp&file=header%5Foverview.html#951634) and in short, the x-pstn-settings header tells me that NONE of the filters was triggered, but the x-pstn-levels header tells me that the final score (0.02932) is low enough to classify the email as bulk/spam. Can anyone explain to me why the final score is so low when none of the filters were triggered? Does anyone have any suggestions on how to prevent this from happening? Regards, Martin

    Read the article

  • secure email crashes outlook 2007

    - by Josh
    I have a number of secure emails sent to my outlook 2007 client. most arrive fine and display the prompt with regards to granting access to the certificate and then open. today i received two that when i try and open them they crash outlook. i have tried restarting outlook and my computer. please can you give me some ideas of what it could be or how i can troubleshoot this issue. i am working on Vista Utlimate x64. thanks. Josh

    Read the article

  • Secure Connection Failed using Firefox

    - by Saifallah
    I'm using Firefox 5 with some add-ons that require an external connection to a certain server (lastPass & Xmarks). I'm using the connection from my company, and every while & then I get a pop-up; Secure connection failed. This certificate in not trusted because the certificate issuer isn't trusted. (Error code: sec_error_untrusted_issuer) This also occurs using other versions of Firefox. Thanks in advance.

    Read the article

  • Problem opening XWindows programs with xming and SSH Secure Shell

    - by Brian
    I've installed SSH Secure Shell and xming on my laptop running Windows 7 (64-bit). I'm having trouble starting X Windows applications from the SSH console. I've been able to do it in the past. I've pretty much determined that it's not a server issue because I've tried it on two different servers (both servers are running RHEL 5). Running "echo $DISPLAY" on either server gave me "localhost:10.0". My XLaunch configuration settings are: Multiple Windows, 10 (display number), and Start no client. Once xming has launched, I'll try to execute something like "firefox" and I get this back: The application 'firefox' lost its connection to the display localhost:10.0; most likely the X server was shut down or you killed/destroyed the application. I've already checked to make sure that the X server is running and it is: root 12579 2689 0 Feb14 tty7 00:04:23 /usr/bin/Xorg :0 -br -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7 Additionally, X11 Tunneling has been enabled in SSH as well as SSH 2 connections.

    Read the article

  • Perform shell operation through secure shell

    - by Ben
    Is it possible to perform a shell operation from a bash script through a secure shell. Here is an example of why you may want to do this. Lets say you have a simple unix operating system that you need only build and run on, but you want to do all of the development on another machine. I want to write a bash script that has the following functionality: scp file to location on other machine ssh to other machine cd into correct directory make run program scp results to file on original computer exit ssh Is this remotely possible? (Pardon the Pun :p)

    Read the article

  • Does SELinux make Redhat more secure?

    - by vfclists
    Does SELinux make Redhat more secure? I can't remember the number of times when I have disabled SELinux because it kept frustrating my ability to get stuff running. Lots of times to there was no obvious reason why stuff wasn't working and I had to Google to discover why. Given that most casual users will disable or weaken security when it appears to get in the way, with the exclusion of serious, enterprisey Redhat users, is SELinux really useful? PS. Is there some tool that helps you log, track and manage SELinux issues across all applications? In spite of being an Ubuntu user I am a closet Fedora fan.

    Read the article

  • .htaccess redirect - Is it secure?

    - by thecrandallster
    This works; I'm not having trouble, but I want to be certain that this is bulletproof. I came up with a neat little .htaccess redirect, but I am not sure if it is secure; do you know? <IfModule mod_rewrite.c     RewriteEngine On     RewriteRule ^goto/([a-z]+)/?$ /$1/ [R] </IfModule I think as long as the server is configured correctly and the files handle authentication autonomously, then it shouldn't be a security issue. Also, being that the rewrite rule only works with characters a-z and one slash I doubt they could jump around directories by injecting stuff into the URL I think...

    Read the article

  • Setting up Shibboleth to secure part of a website

    - by HorusKol
    I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives: AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems. I have restarted the apache service and I have no errors in the log files.

    Read the article

  • testing ssl cert for smtps => "secure connection could not be established with this website"

    - by cc young
    testing ssl cert on server using a web service. https, imaps and pop3s all check, but smtps yields the message "we advise you not to submit any confidential or personal data to this website because a secure connection could not be established with this website." running postfix tls logging: connect from s097.networking4all.com[213.249.64.242] lost connection after UNKNOWN from s097.networking4all.com[213.249.64.242] disconnect from s097.networking4all.com[213.249.64.242] these work correctly: telnet mydomain.net 587 openssl s_client -starttls smtp -crlf -connect mydomain.net:587 but cannot get email using ssl to log into either 587 or 564 - get same "UNKNOWN" problem. email smtp w/o ssh works fine. the test site is http://www.networking4all.com/en/support/tools/site+check/

    Read the article

  • Afraid computer is not secure

    - by Michael James
    I have recently implemented LastPass as a secure password manager. When I changed the password for my email address an associated account ([email protected]) that i had never seen before came up in association with my account. It asked me if i wanted to change password for my account and the "smithfaketester" account I used Google to try and find out what is going on, but came up empty. I am afraid my computer is bot net-ed. Any input is greatly appreciated. I have used google to search for reasons why this fake account was coming up but I did not find any meaningful info.

    Read the article

  • Secure copy in Linux

    - by Michael
    Hi all, I wanna simpy exchange 3 directories to a collegue's home directory (I dont have write access to that one) from my home directory, probably using secure copy if possible. I am not good with Linux command line, so I am not sure how to do that and I would very much appreciate it if somebody could help me a bit out with this. I guess it should look something like that scp -r /home/user1/directoy1 /home/user2/directoy1 scp -r /home/user1/directoy2 /home/user2/directoy2 scp -r /home/user1/directoy3 /home/user2/directoy3 Do I need to specify the login name of my collegue so that the files can be copied when he enters his password? Thanks for your help, Michael

    Read the article

  • Microsoft secure downloader not finishing download

    - by Goran_Mandic
    I am downloading Windows 8 RTM using Microsoft's secure downloader provided by my school's DreamSpark account. The OS I'm currently on is Windows 8 preview. Once the download reaches 100%, it restarts to 0%. I open the download path folder, and find the en_windows_8_x64_dvd_915440.sdc file and the en_windows_8_x64_dvd_915440.scd.log file. The log file contains only one line : "Unpacking File: C:\Users\en_windows_8_x64_dvd_915440.sdc" I was unable to unpack the file using 3rd party software, and there seems to be no official software made for unpacking this type of file. What can I do to avoid downloading the OS illegally, even though I have my own product key?

    Read the article

  • Secure against c99 and similar shells

    - by Amit Sonnenschein
    I'm trying to secure my server as much as i can without limiting my options, so as a first step i've prevented dangerous functions with php disable_functions = "apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd, eval, exec, fp, fput, ftp_connect, ftp_exec, ftp_get, ftp_login, ftp_nb_fput, ftp_put, ftp_raw, ftp_rawlist, highlight_file, ini_alter, ini_get_all, ini_restore, inject_code, mysql_pconnect, openlog, passthru, php_uname, phpAds_remoteInfo, phpAds_XmlRpc, phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, posix_setuid, posix_uname, proc_close, proc_get_status, proc_nice, proc_open, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode" but i'm still fighting directory travel, i can't seems to be able to limit it, by using a shell script like c99 i can travel from my /home/dir to anywhere on the disc. how can i limit it once and for all ?

    Read the article

  • Most secure way to have IPtables auto-loaded using Debian / Linux

    - by networkIT
    I'd like to know the safest way to load iptables using Debian. Of course, I can use a script that uses iptables-restore : #!/bin/sh iptables-restore < /etc/firewall.conf but : 1) where is the safest place to have it loaded ? /etc/network/if-up.d ? I'm concerned about the script being loaded early enough at boot time, and reliably enough when plugging/unplugging interfaces ... 2) is this script method using iptables-restore the most secure way ? 3) additionnally, how much does the answer validity stretch to other Linux distros ( Ubuntu, Fedora, CentOS ) ? Thanks ^^

    Read the article

  • How secure is cloud computing?

    - by Rhubarb
    By secure, I don't mean the machines itself and access to it from the network. I mean, and I suppose this could be applied to any kind of hosting service, when you put all your intellectual property onto a hosted provider, what happens to the hard disks as they cycle through them? Say I've invested million into my software, and the information and data that I have is valuable, how can I be sure it isn't read off old disks as they're recycled? Is there some kind of standard to look for that ensures a provider is going to use the strictest form of intellectual property protection? Is SAS70 applicable here?

    Read the article

  • How to make a secure MongoDB server?

    - by Earlz
    Hello, I'm wanting my website to use MongoDB as it's datastore. I've used MongoDB in my development environment with no worries, but I'm worried about security with a public server. My server is a VPS running Arch Linux. The web application will also be running on it, so it only needs to accept connections from localhost. And no other users(by ssh or otherwise) will have direct access to my server. What should I do to secure my instance of MongoDB?

    Read the article

  • Mail Secure & Stable Open Source Mail Server

    - by Fanar ALHAYALI
    I have asked question on http://stackoverflow.com/questions/9868426/i-need-to-know-which-email-server-i-have-to-use and someone tell me my question would be better on serverfault. I know that this is a common question and asked many times. but there are so many available mail servers that i am not able to decide the one. Kindly tell that which is the Secure, Stable and fast open source mail server for Centos or Redhat Server. Is there any guide which can be used to deploy the mail server with all its components e.g. smtp, pop3, imap, spam, calender server, antivirus, DNS Setting. Currently I'm using sun messaging V6 which installed on Solaris 10 and my boss ask me to make a report for the best mail server today in the marketing? I tried to have a look on Google but I couldn't find interesting information for my report. Any advice would be appreciated.

    Read the article

  • How to secure a new server OS installation

    - by Pat R Ellery
    I bought (and just received) a new 1u dell poweredge 860 (got it on ebay for $35). I finished installing Ubuntu Server (Ubuntu Server 12.04.3 LTS), install apache/mariadb/memcache/php5 works great but I am scared about security. so far I am the only one using the server but eventually more people (friends, friends of friends) will use this server, use ssh etc... I want to know what can I do to secure all the information and not get hacked, both from the web or ssh or ddos and any other attack possible. Does Ubuntu Server does it for you right away? or I have to fix it my self? Thank you EDIT: I installed (so far): All dev tools ssh server LAMP I didn't install: Graphical interface

    Read the article

  • Debian DNSSEC - howto secure a domain?

    - by Daniel Marschall
    I have a beginner question about DNSSEC. I have much experience with TLS and cryptography-stuff and would like to try out this new technology. I have googled very much about this but I haven't found useful information for me. I think one confusion in information gathering is that "Debian howto DNSSEC setup" can mean "How to USE DNSSEC for resolving" OR "How to secure your domain with DNSSEC". I am searching the second. I am running a Debian Squeeze server with root privileges which has a domain name ending with ".de" (which is already signed by the root zone). The network interface at this server uses the gateway IP (DNS resolver?) of the datacentre the server is running on. My domain is hosted at freedns.afraid.org , where I can add DNS RRs for my domain. They are currently NOT capable of adding DNSSEC RRs, but I am bugging them to support this soon. ;-) My simple question is: How do I setup DNSSEC on Debian? Resp. who have I ask to? As far as I understand, all I have to do is to run dnssec-keygen on my Debian server and then add the key to my DNS-provider as DNSSEC RR. (And change it every 30 days?) I have looked at this http://www.isc.org/files/DNSSEC_in_6_minutes.pdf but it looks like you have to be the owner of a ZONE, so I don't think this applies to me. Who needs to sign my domain? My DNS-provider or my zone (DeNIC) or can I do it myself? Any help is very appreciated!

    Read the article

  • Secure NAT setup with iptables

    - by TheBigB
    I have Debian running device that needs to act as an internet-gateway. On top of that I want to provide a firewall that not only blocks inbound traffic, but also outbound traffic. And I figured iptables should be able to do the job. The problem: I've configured NAT properly (I think?), but once I set the default policy to DROP and add rules to for instance allow HTTP traffic from inside the LAN, HTTP is not going through. So basically my rules don't seem to work. Below is the initialization script that I use for iptables. The device has two NICs, respectively eth0 (the WAN interface) and eth1 (the LAN interface). echo 1 > /proc/sys/net/ipv4/ip_forward # Flush tables iptables -F iptables -t nat -F # Set policies iptables -P INPUT DROP iptables -P OUTPUT DROP # NAT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT # Allow outbound HTTP from LAN? iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT Can anyone shed some light on this?

    Read the article

  • HTTP GATEWAY TIMEOUT

    - by Googler
    Hi buddies, When i tried to request the data through the internet to a webservices. I receive an error as: Error: The request failed with HTTP status 504: Gateway Time-out. Can anyone pleased give an insight about this error and solution too. Thanks in advance.

    Read the article

  • Creating a secure SQL Server 2008 database environment

    - by user279521
    I am in the process of setting up a corporate SQL Server 2008 database. The data on this machine will be related to financial services. There will be low level traffic (not like your average investment broker's website). However, a secure data environment is very crucial. What would I need to know / do in order to ensure that I have a secure database?

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >