Search Results

Search found 6397 results on 256 pages for 'secure emails'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 35/256 | < Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >

  • How to secure connection strings in VS?

    - by salvationishere
    I see several others have posted this question, however, none of the solutions I've tried have fixed this yet. I have a 32-bit XP running VS 2008 and I am trying to encrypt my connection string in my web.config file. But I am getting the error: The configuration section '...' was not found. Failed! The command I give it: C:\Program Files\Microsoft Visual Studio 9.0\VCAspnet_regiis.exe -pe "system.we b/AdventureWorksConnectionString2" -app "/Documents and Settings/Admin/My Docume nts/Visual Studio 2008/Projects/AddFileToSQL2" Also, how does -app map virtual directory? In other words the path above is the directory right below c:. Is this the correct path to use? And AddFileToSQL2 is the name of my project, although it is part of the AddFileToSQL solution. I have this folder web shared with all of the permissions. And the relevant part of my web.config file: <add name="AdventureWorksConnectionString2" connectionString="Data Source=SIDEKICK;Initial Catalog=AdventureWorks;Persist Security Info=true; User ID=AdventureWorks;Password=sqlMagic" providerName="System.Data.SqlClient" />

    Read the article

  • Is there a way to forward emails associated with a domain without a mail server?

    - by MeltingDog
    A client owns example1.com but wants to also purchase example2.com and have it point to their original site at example1.com. No problem there. But they also want any emails going to example2.com to be forwarded to their counter parts at example1.com Eg: if someone emails [email protected] it will be forwarded to [email protected] They only way I can think of doing this at the moment is to set up host for example2.com and then set up mail forwarders in cpanel. But this seems a bit excessive and costly. Does anyone know another, cheaper way of doing this?

    Read the article

  • Cross domain secure cookie usage?

    - by asdasda
    I have a website that came with a SSL site for HTTPS but its on a different server. Example being my website: http://example.com my SSL site: http://myhostingcompany.com/~myuseraccount/ So I can do transactions over HTTPS and we have user accounts and everything but it is located on a different domain. The cookie domain is set for that one. Is there a way I can check on my actual site to see if a cookie is set for the other one? And possibly grab its data and auth a user? I think this violates a major principle of security and can't be done for good reasons, but am i wrong? is this possible?

    Read the article

  • Automator / AppleScript to process incoming emails in Mac Mail

    - by mark
    Hello all, I'm designing an app that allows users to email me crash reports if my app ever crashes. I'd like to leave Mac Mail running on a computer and when an email comes through, an automator script / AppleScript runs to process the contents of the body of the email. I've got the entire parsing/processing done in a python script, except I have to manually copy the contents of the email into a file and then run my parser on that file. What's the best way to set this up so I can the contents of the email be pushed into my parsing script? Many thanks!

    Read the article

  • MVC Pages that require the user to be logged in

    - by keithjgrant
    I'm working on a little MVC framework and I'm wondering what the "best way" is to structure things so secure pages/controllers always ensure the user is logged in (and thus automatically redirects to a login page--or elsewhere--if not). Obviously, there are a lot of ways to do it, but I'm wondering what solution(s) are the most common or are considered the best practice. Some ideas I had: Explicitly call user->isLoggedIn() at the beginning of your controller action method? (Seems far too easy to forget and leave an important page unsecure on accident) Make your controller extend a secureController that always checks for login in the constructor? Do this check in the model when secure information is requested? (Seems like redundant calls would be made) Something else entirely? Note: I'm working in PHP, though the question is not language-dependent.

    Read the article

  • Notepad++ regular expression find and replace $_REQUEST with $_GET but a more secure

    - by David
    What I am doing is replacing, in a large program, all $_REQUEST['var'] and mysql_escape_string($_REQUEST['var']) with either the 1st or 2nd line below the dotted line. Now, I have figured out this much of the regular expression but I would like to make it simpler. Instead of having to run the top one first then the 2nd one I would like to just run one all together. I tried this but it did not work. (mysql_escape_string\()*$_REQUEST\[\'([^']*)\'\]\)(\)*) So below is what works but again have to do it twice. $_REQUEST\[\'([^']*)\'\] mysql_escape_string\($_REQUEST\[\'([^']*)\'\]\) (isset($_GET['\1'])?mysql_real_escape_string($_GET['\1']):false) (isset($_POST['\1'])?mysql_real_escape_string($_POST['\1']):false) ============================ Update: Yeah, after some research I figured out that Notepad++ does not support most regular expressions. I guess one additional step can not hurt a person. It's just laziness. *NOTE: BUT if anyone wants to try feel free to comment. At least it is just 2 steps and not 20.

    Read the article

  • How secure is encryption?

    - by Stomped
    Let me preface this by saying I know nothing about encryption. I understand the basic concept of public key / private key encryption but I don't how easily it can be broken, if at all. If one were to believe the movies, encrypted data can be broken by a teenager with a decent computer in a few hours. I have a client who wants credit card information sent via email - encrypted of course, but I'm still not feeling terribly good about the idea. I feel it would be safer to store the info on the VPS, but even then its an unmanaged server and there's nobody watching it who knows much about security. So can anyone tell me if there's a safe way to store and/or send this data out? Thanks

    Read the article

  • 1) PasswordResets emails user when requesting password reset

    - by Surge Pedroza
    I've been trying to add a password reset for users that forget their password. The users clicks on forgot password? on sign up page. Then the user types their email and clicks reset password, which creates a token and sends an email with a link to reset their password. For the most part, it was working well, and then it suddenly stopped working. When a user clicks password reset, it brings up the error message: Password cant be blank, password is too short(6 min) Ran into this error in video 275 How I Test. on 11:20 Failure/Error: click_button "Reset Password" ActiveRecord::RecordInvalid: Validation failed: Password can't be blank, Password is too short (minimum is 6 characters), Password confirmation can't be blank # ./app/models/user.rb:30:in send_password_reset' # ./app/controllers/password_resets_controller.rb:7:increate' # (eval):2:in click_button' # ./spec/requests/password_resets_spec.rb:9:inblock (2 levels) in ' Finished in 13.66 seconds 95 examples, 1 failure This is some of the code being used. user.rb # == Schema Information # # Table name: users # # id :integer not null, primary key # name :string(255) # email :string(255) # created_at :datetime not null # updated_at :datetime not null # class User < ActiveRecord::Base attr_accessible :name, :email, :password, :password_confirmation has_secure_password before_save { |user| user.email = email.downcase } before_save :create_remember_token validates :name, presence: true, length: { maximum: 50 } VALID_EMAIL_REGEX = /\A[\w+\-.]+@[a-z\d\-.]+\.[a-z]+\z/i validates :email, presence: true, format: { with: VALID_EMAIL_REGEX }, uniqueness: { case_sensitive: false } validates :password, presence: true, length: { minimum: 6 } validates :password_confirmation, presence: true def send_password_reset generate_token(:password_reset_token) self.password_reset_sent_at = Time.zone.now save! UserMailer.password_reset(self).deliver end def generate_token(column) begin self[column] = SecureRandom.urlsafe_base64 end while User.exists?(column => self[column]) end def self.search(search) if search find(:all, :conditions => ['name LIKE ?', "%#{search}%"]) else find(:all) end end private def create_remember_token self.remember_token = SecureRandom.urlsafe_base64 end end password_resets_controller.rb class PasswordResetsController < ApplicationController def new end def create user = User.find_by_email(params[:email]) user.send_password_reset redirect_to root_url, :notice => "Email sent with password reset instructions." end def edit @user = User.find_by_password_reset_token!(params[:id]) end end new.html.erb <h1>Reset Password</h1> <%= form_tag password_resets_path, :method => :post do %> <div class="field"> <%= label_tag :email %> <%= text_field_tag :email, params[:email] %> </div> <div class="actions"><%= submit_tag "Reset Password" %></div> <% end %>

    Read the article

  • How can I secure my $_GETs in PHP?

    - by ggfan
    My profile.php displays all the user's postings,comments,pictures. If the user wants to delete, it sends the posting's id to the remove.php so it's like remove.php?action=removeposting&posting_id=2. If they want to remove a picture, it's remove.php?action=removepicture&picture_id=1. Using the get data, I do a query to the database to display the info they want to delete and if they want to delete it, they click "yes". So the data is deleted via $POST NOT $GET to prevent cross-site request forgery. My question is how do I make sure the GETs are not some javascript code, sql injection that will mess me up. here is my remove.php //how do I make $action safe? //should I use mysqli_real_escape_string? //use strip_tags()? $action=trim($_GET['action']); if (($action != 'removeposting') && ($action != 'removefriend') && ($action != 'removecomment')) { echo "please don't change the action. go back and refresh"; header("Location: index.php"); exit(); } if ($action == 'removeposting') { //get the info and display it in a form. if user clicks "yes", deletes } if ($action =='removepicture') { //remove pic } I know I can't be 100% safe, but what are some common defenses I can use. EDIT Do this to prevent xss $action=trim($_GET['action']); htmlspecialchars(strip_tags($action)); Then when I am 'recalling' the data back via POST, I would use $posting_id = mysqli_real_escape_string($dbc, trim($_POST['posting_id']));

    Read the article

  • Sending emails from Django App

    - by Will M.
    We are a growing Django app that is currently using Google Apps to send email. We are hitting the maximum limits of email sending and need a better solution. We prefer not to have to manage our own email servers and the easier the better. What is the best, easiest, and cheapest way to send a large amount of email? We have looked at Postageapp but they require you to use your own SMTP server. We are considering App Engine to send email but it will require a lot of configuration to get it to work correctly. What can we use to quickly fix this problem?

    Read the article

  • Best way to secure a file.

    - by JACK IN THE CRACK
    Basically I need to like IDK encrypt a .zip file with some images and documents etc. Like it doesn't need to be .zip tho, just how can I encrypt a bunch of files with like a password or something. I NEED tHE ULTIMATE UNCRACKED PROTECTION. Now I'm a hacker, I know that anything can be hacked given enough time and effort. But I'm looking for top of the line....

    Read the article

  • [cli/linux] get plain text from raw emails (not attachments extraction)

    - by etuardu
    Hi, having a raw email as input (i.e. the text between "DATA" and "." sent by a smtp client) I need to extract the mail content (which I know is always text only) as plain text. This means decoding transfer encoding (if any: could be base64 or quoted-printable), merging mutiparts (if any), and stripping headers. I tried various tools that would do that: mewdecode, uudecode, uudeview... I only managed to get this last one to work, but it won't output anything if the mail is not MIME encoded and it stores its output in an unpredictable (nor forceable) filename, so it's hard to use it in a not-interactive shell script. Since this is a pretty common job (every mail client have to do that), it's weird it's so complicated. Do you have some hints? (Actually, forcing uudeview to output in a certain file would be good enough). Thank you!

    Read the article

  • Script to parse emails for attachments

    - by Swanny
    I am looking for a way to monitor a Linux mbox email account, when an email arrives I would like to download an attachment from the email and save the attachment (CSV file) so that it may be used by a PHP script. What would be the best way of going about this? I have looked at PHP's IMAP functions but this does not appear to be the most appropriate method when a simple bash script may be all that is required?

    Read the article

  • How to make MAMP PRO / XAMPP secure enough to serve as production webserver? Is it possible?

    - by Andrei
    Hi, my task is to setup a MAMP webserver for our website in the easiest way so it can be managed by my colleagues without experience in server administration. MAMP PRO is an excellent solution, but some guys don't suggest to use it for serving external requests. Could you explain why it is bad (in details if possible) and how to make it secure enough to be a full-scale and not-only-local webserver? Is there a better solution? Update There is a discussion on the MAMP website. XAMPP developers say that one can make their product secure: The default configuration is not good from a securtiy point of view and it's not secure enough for a production environment - please don't use XAMPP in such environment. Since LAMPP 0.9.5 you can make your XAMPP installation secure by calling »/opt/lampp/lampp security«. Could you comment it?

    Read the article

  • Which is more secure: Tomcat standalone or Tomcat behind Apache?

    - by NoozNooz42
    This question is not about performance, nor about load-balancing, etc. Which would be more secure: running Tomcat in standalone mode or running Tomcat behind apache? The thing is, Tomcat is written in Java and hence it is pretty much immune to buffer overrun/overflow (unless a buffer overrun in a C-written lib used by Tomcat can be triggered, but they're rare [the last I remember was in zlib, many many moons ago] and one heck of a hack to actually exploit), which gets rid of a lot of potential exploits. This page: http://wiki.apache.org/tomcat/FAQ/Security has this to say: There have been no public cases of damage done to a company, organization, or individual due to a Tomcat security issue... there have been only theoretical vulnerabilities found. All of those were addressed even though there were no documented cases of actual exploitation of these vulnerabilities. This, combined with the fact that buffer overrun/overflow are pretty much non-existent in Java, makes me believe that Tomcat in standalone mode is pretty secure. In addition to that, I can install both Java and Tomcat on Linux without needing to be root. The only moment I need to be root is to set up a transparent port 8080 to port 80 forwarding (and 8443 to 443). Two iptables line as root, that's all root is needed for. (I don't know for Apache). Apache is much more used than Tomcat and definitely does not have a security track record as good as Tomcat. What would make Tomcat + Apache more secure? What would make Tomcat + Apache less secure? In short: which is more secure, Tomcat standalone or Tomcat with Apache? (remembering that performance aren't an issue here)

    Read the article

  • How should I store and secure self-signed certificates?

    - by Anthony Mastrean
    I'm fairly certain I shouldn't commit certificates into source control. Even if the repository is private and only authenticated coworkers (for example) have access to it. That would allow for accidental exposure (thumb drives, leaked credentials, whatever). But, how should I store and secure certificates? I don't suppose I should just plop them on the network file server, for some of the same reasons I wouldn't put them into source control, right? Is there some kind of secure certificate store that I can run? Does the Java "keystore" do that generally or is it specific for like weblogic servers or something?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 31 32 33 34 35 36 37 38 39 40 41 42  | Next Page >