Search Results

Search found 11227 results on 450 pages for 'login attempts'.

Page 349/450 | < Previous Page | 345 346 347 348 349 350 351 352 353 354 355 356  | Next Page >

• how to prevent hacking of a WP site

  - by HollerTrain

  I have a WP install, and every few weeks some hackers keep adding some bunk script to the bottom of certain files, making the WP site not function. I've changed the user/pass to WP and this obviously isn't working. I'm thinking since they are effecting files that are not visible via the WP login files (which are just theme files) then does this mean they are getting access to the FTP and making their hacks there? If they are getting into FTP then why wouldn't they just remove all docs? Any insight would be greatly appreciate it. While I appreciate the billable hours to find/remove this code every few days the client isn't as excited about it as I am.

  Read the article

• How to get a list of all domains?

  - by AngryHacker

  I'm trying to get all domains that are available in the Windows Login dialog (in the Domain dropdown). I've tried the following code but it only returns the domain I am logged into. Am I missing something? StringCollection domainList = new StringCollection(); try { DirectoryEntry en = new DirectoryEntry("LDAP://"); // Search for objectCategory type "Domain" DirectorySearcher srch = new DirectorySearcher("objectCategory=Domain"); SearchResultCollection coll = srch.FindAll(); // Enumerate over each returned domain. foreach (SearchResult rs in coll) { ResultPropertyCollection resultPropColl = rs.Properties; foreach( object domainName in resultPropColl["name"]) { domainList.Add(domainName.ToString()); } } } catch (Exception ex) { Trace.Write(ex.Message); } return domainList;

  Read the article

• What is an SSH key?

  - by acidzombie24

  I signed up for github and notice the ssh key option which looked interesting. I originally expected something like an ssl key (name, co name, etc). After going through it i notice i only put a password and it is always myuser@comp-name (this is windows). Why? I thought it was a user/pass id and i can create separate keys for separate purpose for privacy reasons. Now i see i am required to use one to create a repository. Also i see something about a 'private key file' when looking at options. What exactly is an SSH Key and how can i create a separate user without creating a separate login in windows.

  Read the article

• jQuery Sortable + Droppable z-index problem

  - by unknowndomain

  I am having a probelm with the z-index of my sortable object not being above my droppable. If you visit http://clareshilland.unknowndomain.co.uk/. Press Ctrl + L to bring up the login screen. Enter the username clare and the password shilland. It will then load in the admin bar and if you click manage gallery. A pop down thumbnail view will appear with all the photos from that gallery. The issue is that when you drag the 'polaroids' from the grid to the delete area they are under the delete area. I tried putting the delete area inside the same div as the grid but it makes no difference, I just don't know what to do at this point so any help would be a massive help!

  Read the article

• problem with jtabbedpane in java..

  - by mani

  hai, is it possible to loading of tabs in jtabedpane dyanamically in java.. that means i have frame that consinting of one tabbedpane.. in that i have 10 tabs and in each tab consting of another tabbedpane and in that each tabbedpane has 4 tabs and each tab consisting buttons and textfields...... when i login into my project the next frame takes more time to visible.... this is happens why because i have more tabbedpanes in my frame so that it takes the lot's of time to visible.. my question is.. is it possible to load tabs content dynamically when i click the tab in tabbedpane..... or is it possible to load tabbedpanes fastly......????????

  Read the article

• App with MVC Virtual application shared AuthCookie.

  - by Razcer

  I have a 3.5 ASP.Net WebForm parent application. The parent uses forms authentication. I have a MVC child virtual application, I would like to make it so the user logs in to the parent application, user then navigates to the virtual application by pressing a link on the parent. However every time I do this it goes to the login screen for the virtual application. Is there a web setting I should double check in Parent? Or Child? Is there an IIS setting that I should check? Should I be using a virtual directory instead of virtual application? I want the child to be able to access the Session[] from the parent. I would like the child app to use the same authCookie as the parent app.

  Read the article

• URL Encoding of Characters in a password field

  - by Alavoil

  I am trying to pass login credentials to a PHP script that I have in my iPhone app. When I pull a password with special characters the password is missing certain characters especially the percent sign. I am trying to encode the text but even before I send it, the percent sign is missing. //password_field is a UITextField holding the password: !@#$%^&*() NSString *tmpPass = [password_field.text stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]; NSLog(p_field.text); NSLog(tmpPass); This is what appears in the console: !@#$^&*() [email protected]&*() Is there any reason why it would be dropping the percent sign?

  Read the article

• Silverlight 5 App Crashing

  - by bbagfh

  I have a silverlight 5 app that makes some WCF requests. When the silverlight app is hosted locally on an IIS 7.5 server it works fine, but when I run it from a remote IIS6 box there are issues. The app loads fine and presents the login UI. After trying to log in, a couple WCF service calls are made (successfully), but the response causes silverlight to stop responding and the browser eventually asks to kill the non-responsive silverlight app. I am mostly confused because it works fine in IIS 7.5 Note that I am accessing the same WCF services hosted on a remote box in both instances, and both times I am getting successful responses. It is only in IIS6 that the app becomes non-responsive.

  Read the article

• Usability - How to edit favorites?

  - by Florian

  Hi, I'd like to get some opinions about about usability in the following case: Target group people from 30-50, low to middle internet affinity. App: I have a website with login. Visitors can save interesseting pages in their fav-box for fast access. Here the actual question: How to edit this favorites? Is it better to give the visitors direct access to drag/dropn and delete their favs or is it better to have an edit button so they have to activate the edit mode before? The fav-link would look like this | link text to click | icon-drag | icon-delete | thx for input TC

  Read the article

• serving files using django - is this a security vulnerability

  - by Tom Tom

  I'm using the following code to serve uploaded files from a login secured view in a django app. Do you think that there is a security vulnerability in this code? I'm a bit concerned about that the user could place arbitrary strings in the url after the upload/ and this is directly mapped to the local filesystem. Actually I don't think that it is a vulnerability issue, since the access to the filesystem is restricted to the files in the folder defined with the UPLOAD_LOCATION setting. UPLOAD_LOCATION = is set to a not publicly available folder on the webserver url(r'^upload/(?P<file_url>[/,.,\s,_,\-,\w]+)', 'aeon_infrastructure.views.serve_upload_files', name='project_detail'), @login_required def serve_upload_files(request, file_url): import os.path import mimetypes mimetypes.init() try: file_path = settings.UPLOAD_LOCATION + '/' + file_url fsock = open(file_path,"r") file_name = os.path.basename(file_path) file_size = os.path.getsize(file_path) print "file size is: " + str(file_size) mime_type_guess = mimetypes.guess_type(file_name) if mime_type_guess is not None: response = HttpResponse(fsock, mimetype=mime_type_guess[0]) response['Content-Disposition'] = 'attachment; filename=' + file_name #response.write(file) except IOError: response = HttpResponseNotFound() return response

  Read the article

• How can I authenticate when using the Bugzilla Perl API in a script?

  - by Allan Anderson

  Working from the Bugzilla API, I've written a quick Perl script to clone a Bugzilla Product (recreating all the Components under their new Product). The Bugzilla Perl API is quite easy to use from the command line. I could have just worked on the database directly, but I wanted a longer-term solution. Another option was the webservice, but I thought I'd try using the API directly this time. The one problem I'm running into is authenticating as my Bz admin user so I can create the new components. Looking at Bugzilla's Bugzilla.pm file, I see that they just run login() from a Bugzilla::Auth object. I'm not sure how to get the username and password in there. I suppose I could just add the script to the Bugzilla admin interface... Can any of you point me in the right direction?

  Read the article

• Accessing a module's action rendered output

  - by Flavius

  Hi. I'm writing an "Account" module which should take care of everything about accounts: registration, login/logout, user administration, password recovery, account activation, etc. So I thought it would be best to reuse whatever the module's DefaultController::actionRegister() generates to show on the main page. So my question is: how to create a new "sub request" (similar to CController::forward()) from any controller (either SiteController, read: from views/layouts/main.php, or another controller, eventually of another submodule) to a given module/controller/action? I've tried with $this-forward() from within my application layout without success: it shows a blank page, no error whatsoever. Thanks

  Read the article

• How can I set controls for a web page ??

  - by Rami Jarrar

  I have this login page with https, and i reach to this approach:: import ClientForm import urllib2 request = urllib2.Request("http://ritaj.birzeit.edu") response = urllib2.urlopen(request) forms = ClientForms.ParseResponseEx(response) response.close() f = forms[0] username = str(raw_input("Username: ")) password = str(raw_input("Password: ")) ## Here What To Do request2 = form.click() i get the controls of that page >>> f = forms[0] >>> [c.name for c in f.controls] ['q', 'sitesearch', 'sa', 'domains', 'form:mode', 'form:id', '__confirmed_p', '__refreshing_p', 'return_url', 'time', 'token_id', 'hash', 'username', 'password', 'persistent_p', 'formbutton:ok'] so how can i set the username and password controls of the "non-form form" f ??? and i have another problem,, how to know if its the right username and password ??

  Read the article

• How should I measure Concurrent Licence Usage

  - by Andrew Wood

  Hi I have detailed stats on user access to my system detailing login and logout times as well as machine used, network username etc. I am in need of measuring what I would term a concurrent user licences level based on this information. Now I could take the maximum logged in for any 1 day in a 3 month period say 170 or I could take the average say 133. Does anyone have or know of a formula for working this out or is it as simple as the high water mark which is 170 in my example. A client has recently gone from an unlimited licence to a concurrent licence so I am faced with the task of setting the initial licence level. There is potential for more licence sales in the future so I don't want it set to high and I do want it based on historical data that the system collects rather than guess work.

  Read the article

• Passing an array into hidden_field ROR

  - by JZ

  I'm trying to pass an array into a hidden_field. The following User has 3 roles [2,4,5] >> u = User.find_by_login("lesa") => #<User id: 5, login: "lesa", email: "[email protected]", crypted_password: "0f2776e68f1054a2678ad69a3b28e35ad9f42078", salt: "f02ef9e00d16f1b9f82dfcc488fdf96bf5aab4a8", created_at: "2009-12-29 15:15:51", updated_at: "2010-01-06 06:27:16", remember_token: nil, remember_token_expires_at: nil> >> u.roles.map(&:id) => [2, 4, 5] Users/edit.html.erb <% form_for @user do |f| -%> <%= f.hidden_field :role_ids, :value => @user.roles.map(&:id) %> When I submit my edit form, I receive an error: ActiveRecord::RecordNotFound in UsersController#update "Couldn't find Role with ID=245" How can I pass an array into the hidden_field?

  Read the article

• Object reference error even when object is not null

  - by Shrewd Demon

  hi, i have an application wherein i have incorporate a "Remember Me" feature for the login screen. I do this by creating a cookie when the user logs in for the first time, so next time when the user visits the site i get the cookie and load the user information. i have written the code for loading user information in a common class in the App_Code folder...and all my pages inherit from this class. code for loading the user info is as follows: public static void LoadUserDetails(string emailId) { UsersEnt currentUser = UsersBL.LoadUserInfo(emailId); if (currentUser != null) HttpContext.Current.Session["CurrentUser"] = currentUser; } Now the problem is i get an "Object reference" error when i try to store the currentUser object in the session variable (even though the currentUser object is not null). However the password property in the currentUser object is null. Am i getting the error because of this...or is there some other reason?? thank you

  Read the article

• Authenticating wcf service

  - by Muhammad Jamal Shaikh

  hi , i want to implement a web service which is both in java and .net.but i will first create a wcf service and later convert the code to java . for securing the webservice , i have this in my mind. i shall be implementing asp.net form authentication type of stuff . i intent to sent a token to the client on providing valid userID and password to the login method. in return i would send a token. on all other service operations i shall check the token . Now i have a wcf client and a wcf service . what should be the shortest way forward ?should i use soap auth header to send the user ID and password and how should the token be transported ( in which field ? http or soap's ?) . P.S: of course i shall enable ssl later.

  Read the article

• Different formats of OpenIDs

  - by mecablaze

  stackoverflow, I am experimenting with implementing OpenID in my existing site. I have looked at Plaxo's article on this very subject and I'm a mite confused about something. I am using this PHP OpenID library. I have some code running, and I am getting a unique OpenID back. From myopenid.com, I am getting an id that looks like https://mecablaze.myopenid.com/ But from Yahoo and Google, I am getting an ID that much more cryptic, e.g. https://www.google.com/accounts/o8/id?id=AItOawlbp1cxujdJWDnpx72xVROOw-5V_WzIDZA Are Google's and Yahoo's "gibberish" ids unique for every login user, i.e. is this the value that I use to tie in with existing user on my web app?

  Read the article

• Samba share not accessible from Win 7 - tried advice on superuser

  - by Roy Grubb

  I have an old Red Hat Linux box that I use, amongst other things, to run Samba. My Vista and remaining Win XP PC can access the p/w-protected Samba shares. I just set up a new Windows 7 64-bit Pro PC. Attempts to access the Samba shares by clicking on the Linux box's icon in 'Network' from this machine gave a Logon failure: unknown user name or bad password. message when I gave the correct credentials. So I followed the suggestions in Windows 7, connecting to Samba shares (also checked here but found LmCompatibilityLevel was already 1). This got me a little further. If click on the Linux box's icon in 'Network' from this machine I now see icons for the shared directories. But when I click on one of these, I get \\LX\share is not accessible. You might not have permission... etc. I tried making the Win 7 password the same as my Samba p/w (the user name was already the same). Same result. The Linux box does part of what I need for ecommerce - the in-house part, it's not accessible to the Internet. As my Linux Fu is weak, I have to avoid changes to the Linux box, so I'm hoping someone can tell me what to do to Win 7 to make it behave like XP and Vista when accessing this share. Help please!? Thanks Thanks for replying @Randolph. I had set 'Network security: LAN Manager authentication level' to Send LM & NTLM - use NTLMv2 session security if negotiated based on the advice in Windows 7, connecting to Samba shares and had restarted the machine, but that didn't work for me. I'll try playing with other Network security values. I have now tried the following: Network security: Allow Local System to use computer identity for NTLM: changed from Not Defined to "Enabled". Restarted machine Still says "\LX\share is not accessible. You might not have permission..." etc. Network security: Restrict NTLM: Add remote server exceptions for NTLM Authentication (added LX) Restarted machine Still says "\LX\share is not accessible. You might not have permission..." etc. I can't see any other Network security settings that might affect this. Any other ideas please? Thanks Roy

  Read the article

• SQL server 2005 - Any one have any idea?, i want to write the script so tuser have access that new c

  - by Paresh

  i have created one user named tuser with create database rights in SQL server 2005. and given the 'db_owner' database role of master and msdb database to tuser . From this user login when i run the script for create database then it will create new database. But tuser don't have access that newly created database generated from script. Any one have any idea?, i want to write the script so tuser have access that new created database after creation and can have add user permission of newly created database.

  Read the article

• Sugar CRM integration with Java - How to add relationship

  - by Arun P Johny

  Hi, I'm trying to integrate Sugar CRM with one of my projects. I'm using Apache Axis as my SOAP client. I've created the Sugar CRM client Stub classes using Apache Axis. I'm able to login and add Leads, Opportunities, Accounts and Contacts. But I'm unable to add a relation ship between my Account and Opportunity. I've found following method in the SugarsoapPortType port.set_relationship(session, module_name, module_id, link_field_name, related_ids, name_value_list, delete) but I cannot understand the different parameters required by this method. Most of the online documents suggests a simple way as given below $result = $client->call('set_relationship',array("session"=>$session _id,array("module1"=>"Emails","module1_id"=>"<module1_id>","module2"=>"Accounts","module2_id"=> "<module2_id>"))); how can I achieve this using Java Thanks

  Read the article

• zend framework can't find Model classes ?

  - by user284503

  Yall: I have a simple question, it might be a simple configuration issue, but I have a Model defined, and when I try to access it from a controller it fails. The Model is in the model directory, and when I look at the quickstart app, it seems like this should work. Here is my model: <?php class Application_Model_User { protected $_user; protected $_password; protected $_userId; // very simple right } ?> My controller just stops.. here is the controller code: <?php class UserController extends Zend_Controller_Action { public function init() { } public function indexAction() { // display login form $users = new Application_Model_User(); echo "test never echos.. stopped above ? weird huh.."; // fails before .. } ?> Thank you everyone,

  Read the article

• Spring 3 - Custom Security

  - by Eqbal

  I am in the process of converting a legacy application from proprietary technology to a Spring based web app, leaving the backend system as is. The login service is provided by the backend system through a function call that takes in some parameter (username, password plus some others) and provides an output that includes the authroizations for the user and other properties like firstname, lastname etc. What do I need to do to weave this into Spring 3.0 security module. Looks like I need to provide a custom AuthenticationProvider implementation (is this where I call the backend function?). Do I also need a custom User and UserDetailsService implementation which needs loadUserByName(String userName)? Any pointers on good documentation for this? The reference that came with the download is okay, but doesn't help too much in terms of implementing custom security.

  Read the article

• ReturnUrl = Default.aspx for MVC?

  - by Cynthia

  I'm trying to secure my entire MVC site, so before the Home controller, I added an [Authorize] attribute. Now if you run it from Visual Studio or navigate using the root URL (e.g. http://localhost:2897) it does redirect to the login page, as expected. However the URL in the address bar after redirection looks like this: http://localhost:2897/Account/LogOn?ReturnUrl=%2fdefault.aspx%3f I haven't tested this out, seeing as I have not implemented my authentication code. However, this looks like a big problem to me, since I do not have a default.aspx in my project! My authentication tag in the web.config looks like this: <authentication mode="Forms"> <forms loginUrl="~/Account/LogOn" defaultUrl="~/Home/Index" timeout="2880"/> </authentication> Why doesn't it pick up this route as the default ReturnUrl instead of default.aspx?

  Read the article

• Windows Server 2003 W3SVC Failing, Brute Force attack possibly the cause

  - by Roaders

  This week my website has disappeared twice for no apparent reason. I logged onto my server (Windows Server 2003 Service Pack 2) and restarted the World Web Publishing service, website still down. I tried restarting a few other services like DNS and Cold Fusion and the website was still down. In the end I restarted the server and the website reappeared. Last night the website went down again. This time I logged on and looked at the event log. SCARY STUFF! There were hundreds of these: Event Type: Information Event Source: TermService Event Category: None Event ID: 1012 Date: 30/01/2012 Time: 15:25:12 User: N/A Computer: SERVER51338 Description: Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated. At a frequency of around 3 -5 a minute. At about the time my website died there was one of these: Event Type: Information Event Source: W3SVC Event Category: None Event ID: 1074 Date: 30/01/2012 Time: 19:36:14 User: N/A Computer: SERVER51338 Description: A worker process with process id of '6308' serving application pool 'DefaultAppPool' has requested a recycle because the worker process reached its allowed processing time limit. Which is obviously what killed the web service. There were then a few of these: Event Type: Error Event Source: TermDD Event Category: None Event ID: 50 Date: 30/01/2012 Time: 20:32:51 User: N/A Computer: SERVER51338 Description: The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client. Data: 0000: 00 00 04 00 02 00 52 00 ......R. 0008: 00 00 00 00 32 00 0a c0 ....2..À 0010: 00 00 00 00 32 00 0a c0 ....2..À 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 92 01 00 00 ... With no more of the first error type. I am concerned that someone is trying to brute force their way into my server. I have disabled all the accounts apart from the IIS ones and Administrator (which I have renamed). I have also changed the password to an even more secure one. I don't know why this brute force attack caused the webservice to stop and I don't know why restarting the service didn't fix the problem. What should I do to make sure my server is secure and what should I do to make sure the webserver doesn't go down any more? Thanks.

  Read the article

< Previous Page | 345 346 347 348 349 350 351 352 353 354 355 356  | Next Page >