Search Results

Search found 1512 results on 61 pages for 'deny prasetyo'.

Page 28/61 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Seem to have banned my IP from my server

    - by Rob
    I can't seem to figure out the problem. I've checked the deny list in CSF, and even stopped it completely, as well IPTables. Somehow I'm still blocked from accessing my server. Currently I can access it from other IPs, so I'm pretty sure that's the problem (though I could be wrong, of course. I'm no expert) So any suggestions on what it might be, and how I could fix it, would be heavily appreciated.

    Read the article

  • How to run a restricted set of programs with Administrator privileges without giving up Admin acces (Win7 Pro)

    - by frLich
    I have a shared system, running Windows7 X64, restricted to a 'standard user' with no password. Not everyone who has access to the system has the administrator password. This works rather well, except for some applications - specially the unlock-applications for encrypted hard drives/USB flash drives. The specific ones either require Administrator access (eg. Seagate Blackarmor) or simply fail without it -- since these programs are sending raw commands to a device, this is to be expected. I would like to be able to add the hashes of these particular programs to a whitelist, and have them run as administrator without needing any prompts. Since these are by definition on removable media, I can't simply use a filename or even a path. One of the users who shares the system can be considered 'crafty', so anything which temporarily grants administrator rights to an user account is certain to cause problems. What i'd like to be able to do: 1) Create an admin account that can only run programs from a whitelist (or, failing that, from a directory) I can't find a good way to do this: As far as I can tell, SRP applies equally to ALL users? Even if I put a "Deny" token on all directories on the system, such that new directories would inherit it, it could still potentially run things from the mounted USB devices. I also don't know whether it's possible to create a new directory that DOESN'T inherit from the parent, that would lake the deny token, and provide admin access. 2) Find a lightweight service that will run these programs in its local context Windows7 seems to block cross-privilege level communication by default, and I haven't found such for windows 7. One example seems to be "sudo" (http://pages.cpsc.ucalgary.ca/~nfriess/sudo/) but because it uses a WLNOTIFY hook, it won't work under Vista nor Windows7 Non-Solutions: - RunAs: Requires administrator password! (but everyone calls it "sudo" anyway) - RunAs /savecred: Nice idea, but appears to be completely insecure. - RUNASSPC - Same concept as RunAs, uses "encrypted" files with credentials, but checks in user-space. - Scheduled Tasks - "Fixed" permissions make this difficult, and doesn't support interactive processes even if it did. - SuRun: From Google: "Surun uses its own Windows service that adds the user to the group of administrators during program start and removes him automatically from that group again"

    Read the article

  • HOw to enable shell login for particular user in one ip

    - by Master
    I have blocked FTP 21 port on server. NOw every connection will be via SFTP via ssh. Initially i had /etc/hosts.deny -- sshd:all But i had to remove that otherwise sftp was not working. How can i secure my shell login so that if someone login via root or userbac(root previleges) Then i need private key but not for other users Or any other to secure my system Thanks

    Read the article

  • Apache Virtual host points to main domain

    - by user37143
    Listen 80 ServerName www.mydomain.com:80 DocumentRoot "/www/tomcat/webapps" Options Indexes FollowSymLinks Order allow,deny Allow from all Options ExecCGI NameVirtualHost *:80 ServerName blog.mydomain.com DocumentRoot /www/blog DirectoryIndex index.php index.html Options All AllowOverride All Allow from all on ssl.conf I have: *Listen 443 * Now if I access mydomain.com or blog.mydomain.com both are forwarded to /www/tomcat/webapps any idea where I went wrong? I have source complied Apache2. Should I add a virtual for the mydomain.com too? Thanks, Anpl

    Read the article

  • Apache certificates for some urls not working

    - by Vegaasen
    We are having a rather strange problem with a Apache-installation. Here is a short summary: Currently I'm setting up Apache with https, and server-certificates. This is fairly easy and works straight out of the box - as expected. This is the configuration for this setup: Listen 443 SSLEngine on SSLCertificateFile "/progs/apache/ssl/example-site.no.pem" SSLCertificateKeyFile "/progs/apache/ssl/example-site.no.key" SSLCACertificateFile "/progs/apache/ssl/ca/example_root.pem" SSLCADNRequestFile "/progs/apache/ssl/ca/example_intermediate.pem" SSLVerifyClient none SSLVerifyDepth 3 SSLOptions +StdEnvVars +ExportCertData RequestHeader set ssl-ClientCert-Subject-CN "%{SSL_CLIENT_S_DN}s" RewriteEngine On ProxyPreserveHost On ProxyRequests On SSLProxyEngine On ... <LocationMatch /secureStuff/$> SSLVerifyClient require Order deny,allow Allow from All </LocationMatch> ... <Proxy balancer://exBalancer> Header add Set-Cookie "EX_ROUTE=EB.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED BalancerMember http://10.0.0.1:7200 route=ee1 retry=300 flushpackets=off keepalive=on BalancerMember http://10.0.0.2:7200 route=ee2 retry=300 flushpackets=off keepalive=on status=+H ProxySet stickysession=EX_ROUTE scolonpathdelim=Off timeout=10 nofailover=off failonstatus=505 maxattempts=1 lbmethod=bybusyness Order deny,allow Allow from all </Proxy> RewriteCond %{REQUEST_URI} !^/index.html [NC] RewriteRule ^/(.*)$ balancer://exBalancer/$1 [P,NC] ProxyPassReverse / balancer://exBalancer/ Header edit Set-Cookie "(.*)" "$1;HttpsOnly" ... So - everything works fine and as expected for all of the pages that are not a part of the LocationMatch-directive. When requesting something that matches the LocationMatch-directive, I'm asked for a certificate (hence the SSLVerifyClient required attribute) - and getting all the correct certificates in my browser that is based on the root/intermediate chain. After choosing a certificate and clicking "OK", this is what pops up in the apache logs: [ssl:info] [pid 9530:tid 25] [client :43357] AH01998: Connection closed to child 86 with abortive shutdown ( [Thu Oct 11 09:27:36.221876 2012] [ssl:debug] [pid 9530:tid 25] ssl_engine_io.c(1171): (70014)End of file found: [client 10.235.128.55:45846] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] And this just spams the logs. What is happening here? I can see this configuration working on my local machine, but not on one of our servers. There is no configration differences between the servers, only minor application-wise-changes. I've tried the following: 1) Removing CA-certificate-checking (works) 2) Adding required CA-certificate for the whole site (works) 3) Adding "SSLVerifyClient optional" does not work 4) ++ Server/Application Information Local: -OpenSSL v.1.0.1x -Apache 2.4.3 -Ubuntu -mpm: event -every configuration should be turned on (failing) server: -OpenSSL 0.9.8e -Apache 2.4.2 -SunOS -mpm: worker -every configuration should be turned on Please let me know if more information is needed, I'll provide it instantly. Brief sum-up: -Running apache 2.4 -Server certificates works just fine -Client certificates for some /Locations does not work, fails with errors PS: Could it be related with the OpenSSL version and the "Renegotiation" stuff related to TLS/SSLv3?

    Read the article

  • Restarting or stopping apache results in waiting forever

    - by steko
    I have two simple WSGI apps running on top of mod_wsgi and apache2 on a test development server. There is no mod_python on this machine. The WSGI configuration is as follows WSGIDaemonProcess tops stack-size=524288 maximum-requests=5 WSGIScriptAlias /tops /home/ubuntu/tops-cloud/tops.wsgi <Directory /home/ubuntu/tops-cloud> WSGIProcessGroup tops WSGIApplicationGroup %{GLOBAL} Order deny,allow Allow from all </Directory> WSGIDaemonProcess flaskal maximum-requests=5 WSGIScriptAlias /c14 /home/ubuntu/c14/flaskal/flaskal.wsgi <Directory /home/ubuntu/c14/flaskal> WSGIProcessGroup flaskal WSGIApplicationGroup %{GLOBAL} Order deny,allow Allow from all </Directory> If I make changes to the app, I need to restart the web server, so I would expect that a simple sudo service apache2 restart does what I need. Same goes for any changes to the config (e.g. number of maximum requests, etc). Instead, it never ends "waiting", like this: $ sudo service apache2 restart * Restarting web server apache2 ... waiting .................................................. until I just do CTRL-C. At that point, the only way to resume a working server is to kill the process and restart it, not very convenient. The same happens with the stop command. The error logs at the "debug" level show the following lines after a failed restart [Wed Nov 14 21:55:19 2012] [notice] caught SIGTERM, shutting down [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Shutdown requested 'tops'. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Stopping process 'tops'. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Destroying interpreters. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Cleanup interpreter ''. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Terminating Python. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Shutdown requested 'flaskal'. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Stopping process 'flaskal'. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Destroying interpreters. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Cleanup interpreter ''. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Terminating Python. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=8920): Python has shutdown. [Wed Nov 14 21:55:19 2012] [info] mod_wsgi (pid=9047): Python has shutdown. If I then try to restart again (with the process still running), I get the following error: * Restarting web server apache2 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down Unable to open logs Action 'start' failed. The Apache error log may have more information. Unfortunately the Apache error log doesn't have anything. When apache2 is running properly, both apps work without any problem.

    Read the article

  • How to let specific subdomain through Squid Proxy?

    - by armani
    I need to allow Facebook.com/MyOrganization, but nothing else from Facebook.com. I tried: acl local_c src 192.168.0.0/16 acl fb_ok urlpath_regex ^/MyOrganization acl fb dstdomain .facebook.com http_access allow local_c fb_ok http_access deny local_c fb But that simply brings down all of Facebook, including the page I want. Anybody have experience in this? Lots of Googling got me nowhere, and Regular Expressions confuse me...

    Read the article

  • Apache httpd permissions

    - by DD.
    I have created a directory /xyz/www With the following permissions: -rw-r--r--. 1 myuser developers I edited my http.conf: DocumentRoot "/xyz/www/" <Directory "/xyz/www/"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> I get 403 error: You don't have permission to access / on this server. Looking in the logs: (13)Permission denied: Can't open directory for index: /xyz/www/ I've tried recursively adding 777 permissions but still have the same issue.

    Read the article

  • How to run a restricted set of programs with Administrator privileges without giving up Admin acces (Win7 Pro)

    - by frLich
    I have a shared system, running Windows7 X64, restricted to a 'standard user' with no password. Not everyone who has access to the system has the administrator password. This works rather well, except for some applications - specially the unlock-applications for encrypted hard drives/USB flash drives. The specific ones either require Administrator access (eg. Seagate Blackarmor) or simply fail without it -- since these programs are sending raw commands to a device, this is to be expected. I would like to be able to add the hashes of these particular programs to a whitelist, and have them run as administrator without needing any prompts. Since these are by definition on removable media, I can't simply use a filename or even a path. One of the users who shares the system can be considered 'crafty', so anything which temporarily grants administrator rights to an user account is certain to cause problems. What i'd like to be able to do: 1) Create an admin account that can only run programs from a whitelist (or, failing that, from a directory) I can't find a good way to do this: As far as I can tell, SRP applies equally to ALL users? Even if I put a "Deny" token on all directories on the system, such that new directories would inherit it, it could still potentially run things from the mounted USB devices. I also don't know whether it's possible to create a new directory that DOESN'T inherit from the parent, that would lake the deny token, and provide admin access. 2) Find a lightweight service that will run these programs in its local context Windows7 seems to block cross-privilege level communication by default, and I haven't found such for windows 7. One example seems to be "sudo" (http://pages.cpsc.ucalgary.ca/~nfriess/sudo/) but because it uses a WLNOTIFY hook, it won't work under Vista nor Windows7 Non-Solutions: - RunAs: Requires administrator password! (but everyone calls it "sudo" anyway) - RunAs /savecred: Nice idea, but appears to be completely insecure. - RUNASSPC - Same concept as RunAs, uses "encrypted" files with credentials, but checks in user-space. - Scheduled Tasks - "Fixed" permissions make this difficult, and doesn't support interactive processes even if it did. - SuRun: From Google: "Surun uses its own Windows service that adds the user to the group of administrators during program start and removes him automatically from that group again"

    Read the article

  • Restricting download limit in Squid

    - by Supratik
    Hi I wanted to restrict the download limit in the Squid proxy so I added the following two lines in the squid.conf. acl officelan dst 192.168.1.0/24 reply_body_max_size 30000000 deny officelan Now, I want to allow some/particular IP to download more than 30MB limitation so I included another acl as alowedip and included the following lines but this is not working. acl allowedip dst 192.168.1.81 reply_body_max_size 0 allow allowedip How do I allow acl allowedip to have unlimited download ? Warm Regards Supratik

    Read the article

  • Get Forbidden running under admin

    - by Overdose
    I'm running on the localhost under admin login. And get forbidden everytime: [Mon Jun 07 19:17:40 2010] [error] [client 127.0.0.1] client denied by server configuration: C:/WebPages/ <Directory "C:/WebPages/*"> Order allow,deny Allow from all AddHandler wsgi-script .wsgi Options ExecCGI RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ /cms66.wsgi/$1 [QSA,PT,L] </Directory>

    Read the article

  • apache: bypass authentication for a specific ip

    - by Tevez G
    In Apache I have set basic authentication for /protected location. Now i need to bypass authetication for a specific ip address but keep auth for others intact. Can anyone guide me on this one. Here is my current snippet of auth protected location. Location "/protected" Order allow,deny Allow from all AuthName "Protected folder" AuthType Basic AuthUserFile /etc/htpasswd require valid-user /Location

    Read the article

  • How do you set the default user in Linux for file creation?

    - by Not a Name
    I want to create a directory, for example: /public/all But I want it so that if you create a file in all, the owner is root, but anyone with access to the /public/all folder can delete/edit/etc the file, just not change the permissions. (I will use a self-created "setx" application to change the execute value if needed.) Reason for this, I don't want you to be able to deny other users write/read access to files in /public/all. I heard setuid on directories doesn't work for that.

    Read the article

  • How can I block access to public server IP for OpenSSH in Debian?

    - by VanDerSpar
    I got a Debian server with a public and a private IP in a DMZ. I need to be able to connect to it through SSH on our private side, and then block all access to the public address. Both /etc/hosts.deny and sshd_config seems to only let one block incoming IP addresses. What I really want is to disable SSH connections for the public IP. I've been trying iptables, but I haven't had luck with that neither. Any help is appreciated.

    Read the article

  • How to configure virtual host to consider domain path in Apache

    - by Scholle
    Hi, the following virtual host definition is working for an arbitrary url starting with "http://1.2.3.4:80/*" <VirtualHost *:80> ServerName www.domain.com DocumentRoot /home/user/www/application/current/public <Directory /home/user/www/application/current/public> Order allow,deny Allow from all </Directory> </VirtualHost> How to rewrite this configuration so that it is applied only for url's starting with "http://1.2.3.4:80/user/*" I tried "ServerPath /user", but it doesn't work... Any ideas?

    Read the article

  • VirtualHost and 403 Forbidden problem with Apache

    - by Joaquín L. Robles
    Hi people, I have the exactly same problem as in 403 Forbidden Error when accessing enabled virtual host, but I tried the provided solution and still receiving 403 Forbidden, my site is called project, and it's cofiguration file in /etc/apache2/sites-available is the following: <VirtualHost *:80> ServerAdmin webmaster@reweb ServerName www.online.project.com ErrorLog /logs/project-errors.log DocumentRoot /home/joarobles/Zend/workspaces/DefaultWorkspace7/online.project.com.ar/public <Directory /home/joarobles/Zend/workspaces/DefaultWorkspace7/online.project.com.ar> Order Deny,Allow Allow from all Options Indexes </Directory> Tried to change the owner of /home/joarobles/Zend/workspaces/DefaultWorkspace7/online.cobico.com.ar to www:data:www-data with recursion, but still getting this error in project-errors.log: [Mon Jan 31 01:26:01 2011] [crit] [client 127.0.0.1] (13)Permission denied: /home/joarobles/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable Any idea? Thanks!

    Read the article

  • Thousands of 404 errors in Google Webmaster Tools

    - by atticae
    Because of a former error in our ASP.Net application, created by my predecessor and undiscovered for a long time, thousands of wrong URLs where created dynamically. The normal user did not notice it, but Google followed these links and crawled itself through these incorrect URLs, creating more and more wrong links. To make it clearer, consider the url example.com/folder should create the link example.com/folder/subfolder but was creating example.com/subfolder instead. Because of bad url rewriting, this was accepted and by default showed the index page for any unknown url, creating more and more links like this. example.com/subfolder/subfolder/.... The problem is resolved by now, but now I have thousands of 404 errors listed in the Google Webmaster Tools, which got discovered 1 or 2 years ago, and more keep coming up. Unfortunately the links do not follow a common pattern that I could deny for crawling in the robots.txt. Is there anything I can do to stop google from trying out those very old links and remove the already listed 404s from Webmaster Tools?

    Read the article

  • Google Webmaster Tools, DNS Errors & HostPapa

    - by Gravy
    Received a message from Google Webmaster Tools: Over the last 24 hours, Googlebot encountered 2 errors while attempting to retrieve DNS information for your site. The overall error rate for DNS queries for your site is 40.0%. You can see more details about these errors in Webmaster Tools. Recommended action Contacted HostPapa and they deny that there is any issue with the site / server!!! Support in terms of what I can do to actually resolve this issue is non-existent!!!! The site is currently online. And I don't know much about DNS... so any advice about what I can do to resolve this problem would be much appreciated. Basically, the message from Google says that it is my webhosts fault, the message from my webhost (HostPapa) is... "Just tell google to crawl your site as there are no errors."

    Read the article

  • Apache URL Rewrite

    - by sgtbeano
    I'm trying and failing to get a URL rewrite working, firstly I'm doing it in the vhost declaration, is that right? What I'm trying to do is take any URL which has; view.php?id=[a 1 or multidigit number] and rewrite it to view.php?id=[number]&section=1 Any help would be greatly appreciated, thanks for looking. Okay, so I tried the suggestion below (thanks for that) and now have this in my vhost file but still no effect; NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin ######## DocumentRoot "########" ServerName ######## ErrorLog "logs\########.log <Directory "########"> DirectoryIndex index.php index.html AcceptPathInfo on Order allow,deny Allow from All </Directory> <Location /> RewriteEngine on RewriteRule ^/view.php?id=([0-9]*)$ /view.php?id=$1&section=1 [R] </Location> </VirtualHost> Any more suggestions? Thanks again

    Read the article

  • ASP.NET C# Session Variable

    - by SAMIR BHOGAYTA
    You can make changes in the web.config. You can give the location path i.e the pages to whom u want to apply the security. Ex. 1) In first case the page can be accessed by everyone. // Allow ALL users to visit the CreatingUserAccounts.aspx // location path="CreatingUserAccounts.aspx" system.web authorization allow users="*" / /authorization /system.web /location 2) in this case only admin can access the page // Allow ADMIN users to visit the hello.aspx location path="hello.aspx" system.web authorization allow roles="ADMIN' / deny users="*" / /authorization /system.web /location OR On the every page you need to check the authorization according to the page logic ex: On every page call this if (session[loggeduser] !=null) { DataSet dsUser=(DataSet)session[loggeduser]; if (dsUser !=null && dsUser.Tables.Count0 && dsUser.Tables[0] !=null && dsUser.Tables[0].Rows.Count0) { if (dsUser.Table[0].Rows[0]["UserType"]=="SuperAdmin") { //your page logic here } if (dsUser.Table[0].Rows[0]["UserType"]=="Admin") { //your page logic here } } }

    Read the article

  • tomcat behind apache

    - by dannynjust
    i am trying to use the mod_proxy_ajp to forward all the request from tocat.example.com to example.com:8080 here is what the tomcat server.xml looks like: <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> and here is the apache.conf config: <VirtualHost *:80> ServerName tomcat.example.com ServerAdmin [email protected] ErrorLog logs/tomcat.example.com-error_log CustomLog logs/tomcat.example.com-access_log common <Proxy *> AddDefaultCharset Off Order deny,allow Allow from all </Proxy> ProxyPass / ajp://example:8009/ ProxyPassReverse / ajp://example:8009/ </VirtualHost> but it is not working, any idea?

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >