Search Results

Search found 16288 results on 652 pages for 'online apps'.

Page 382/652 | < Previous Page | 378 379 380 381 382 383 384 385 386 387 388 389 | Next Page >

Security issues of running PHP scripts as the owner of the PHP file with suexec

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web server can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
Running PHP scripts as the owner of the PHP file: security issues

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web user can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
How to setup a web server with remote SMTP

- by IP

I have 2 severs, both running server 2008 (R2) One is the web server, one is running as a mail server. The setup I want is that any mail sent from apps (php, asp and asp.net) on the web server are sending mail through the mail server's SMTP server...but this seems to be proving trickier than i'd hoped. The mail server is running MailEnable, and the web server IIS7 (maybe 7.5) What i don't want is to setup an open relay SMTP server on the web server, as this is going to be open to abuse (even if I just allow relay from local address). the problem is, there doesn't appear to be a way to specify credentials in php so if I point it at the mail server, then the mail server has to be set as an open relay, which is almost worse. Any ideas how I should be doing this?

Read the article
How to truly sync files on Windows 7 so Dropbox notices the changes

- by Edward Tanguay

I want a file on my hard drive in Windows 7 to sync to my public dropbox folder. I can do this with: mklink /H "c:\dropbox\Public\test.txt" "c:\data\test.txt" And the first time after I do this, the file c:\dropbox\Public\test.txt is indeed created, and is available online via http://dl.dropbox.com/u/.../test.txt. And when I update the file c:\data\test.txt then indeed the file c:\dropbox\Public\test.txt reflects the changes, however: http://dl.dropbox.com/u/.../test.txt does not reflect the changes since DropBox somehow doesn't get the information that that file was changed. What is a workaround or another solution to this so that any changes in the original file is also reflected in the dropbox URL link?

Read the article
Skype Silent Mode

- by jack

So Skype has a silent mode: e.g. it won't alert you in any way about incoming calls/messages. I'd like to use that mode while working to keep Skype from distracting me. I'd rather not quit the program or signoff during that time. Is there a simple way to put Skype in that mode? There's an option for it in their SDK but not in the software. There are third party apps that do it (among other things), but there doesn't seem to be a simple solution for this. Help please!

Read the article
Upgrading Windows 8 Consumer Preview to Release Preview

- by user1407016

I currently have my main hard drive split into two partitions. One being Windows 7 with about 600 GB of memory, the other Windows 8 Consumer Preview with about 50 GB. As you can guess it is set up for a dual boot. Today while looking up how to get the C# Facebook SDK for Metro apps I learned about the Release Preview being released. I was wondering: How do I go about getting rid of Windows 8 Consumer Preview and replacing it with the Release Preview? I know i can't just wipe it off my second partition because the dual boot uses Windows 8 to choose the operating system to boot.

Read the article
How to sync a folder on a remote computer to a server on a domain

- by Pierre-Alain Vigeant

We have a small remote office that often share data with us. I learned that the data is shared as a email attachment, but that obviously leads to versioning hell and overriding. I am looking for a way for then to synchronize a folder directly on our main office domain controller. I personally use LiveMesh, but I would like a tool that is synchronized to our server directly without a 3rd party hosting the data, since we already have an online backup service taking care of the offsite backup. What enterprise class tool would let us synchronize a folder from a remote computer that is out of our domain, into our the file server of our domain? The synchronization has to be two-way, e.g.: Someone from the remote office will create an invoice. Someone from our office will review it and make modification to it. The remote office need to see the change. Our server is on Windows 2003.

Read the article
How can I set an account lockout policy for the administrator account on rdp?

- by reinier

I'm following this page on security tips for RDP (for my online server): http://www.mobydisk.com/techres/securing_remote_desktop.html Now I don't have a special user account for RDP access. Just the administrator can log on. However, I want to make sure that someone can't brute force the password. I've set the 'account lockout policy' to 3 attempts and a retry after 3 minutes. However, when I connect back with RDP I can still try 5 times before RDP breaks the connection. I can then immediately reconnect and try 5 more times. Any ideas if there is a lockout policy which also holds true fro the admin?

Read the article
After upgrading to Mac OS X Lion, I can't boot Windows anymore

- by J. Pablo Fernández

I upgraded to Mac OS X Lion and I can't run the installed Windows anymore. It seems the issue is that the Lion installation created extra partitions so the Windows partition has a different number one. It's disk0s4 instead of disk0s3 (if I recall correctly). Searching online found several discussions about it but only one with a proposed solution, https://discussions.apple.com/thread/3199099, essentially: bootrec.exe /FixMbr bootrec.exe /FixBoot bootrec.exe /RebuildBcd which didn't work. bootrec.exe /FixBoot claims that no windows partition has been found.

Read the article
nginx redirect TLD to TLD with virtual folder (example.com => example.com/test)

- by Amund

Im running nginx and in the config file I need to always have the domain example.com redirect to example.com/test. I tried various methods for achieving this but I always got a redirect error. What is the correct way to do this? nginx.conf snippet: server { server_name example.com www.example.com; location / { rewrite ^.+ /test permanent; } } server { listen 80; server_name www.example.com example.com; location / { root /var/www/apps/example/current/public; passenger_enabled on; rails_env production; } } Thanks!

Read the article
Group policy preventing XenApp from creating start menu menus

- by JohnyV

I have a citrix Xenapp server that has some apps installed. The are placed in a folder and set to populate the start menu. The problem is when I log on with a user from a particular OU I am unable to get the start menu inserted from xenapp. It is quite a restrictive group policy but does anyone know the setting for preventing users from modifying the start menu. I have tried "Prevent changes to Taskbar and Start Menu Settings" but this didnt work. Any ideas would be great. I know it isnt permissions because I have another user that has the same permissions assigned to them, the only difference is that one user gets the restrictive group policy and the other doesnt. Thanks

Read the article
Is there a media/music player program that has a "biased" shuffle?

- by Joel Coehoorn

I know in iTunes and a few other apps you can get playlists for just "highly rated" songs, but that's not quite what I want. I want to hear the lower-rated stuff, too. If I didn't like the song at some level it wouldn't be in my library in the first place, and so even a one-star song is worth the occasional listen. However, I do want to hear five-star songs a lot more often than one-star songs, even though I think I have a lot more one-star songs in my music library. So does anyone know of media player software of plugin (preferrable free) that has a shuffle mode that is biased towards songs that are rated higher, without completely excluding those that are rated lower? Right now I prefer windows media player, so a plugin for that would be ideal, but I'm not married to media player, either. Any music software that will do this would be worth some attention.

Read the article
Free Cloud Mind Map Solution

- by Zekta Chan

As a Software Engineer we had a lot of discussion on SE design. Although we sync every document on the development process on Google Doc, mind map just didn’t fit in Google doc yet. The best we can do is to store a copy and share it online. To me, Mind map is an ir-replaceable piece of tools (yet) as agile note taking tools. And an eFormat is even greater than a paper one, due to the portability and extensibility. Does anyone have a good solution on “cloud-sharing” mind map? (We are using FreeMind at the moment) Thanks

Read the article
SharePoint Server Farm, what to do with an old server?

- by tekiegreg

Hi there, so we've procured a monster of a SQL Cluster and 4 screaming fast machines running the apps/WFE to start up our MOSS 2007 Enterprise Server farm, however I've got one server from the old server farm configuration that was just re-imaged and is still running decently, it's a 32 bit machine where the others are 64 bit machines so it really can't serve the same role as a 64 bit machine. I'd like to see if there's a role for it somewhere in the farm, a few thoughts: --Dedicated Search Query Server --Dedicated Excel Services Has anyone out there been in a similar situation? What did they do?

Read the article
Target line parameters for shortcuts in Windows Explorer?

- by Charles E. Gates Jr.

I am using Windows 7 and I am looking for a list of the different parameters to use in the Target line of a shortcut in Windows Explorer. For example: /n forces it to open a new window, even if it duplicates a window that is already open. /e uses Windows Explorer view (multi-paned) /root,X restricts Explorer to showing only the contents of file folder X (and its sub-folders) /select,Y automatically selects Y (either a file or folder). What other parameters exist? I have been searching online and cannot find anything.

Read the article
How can I fix puppet refusing to start and asking for "master.pp"?

- by cwd

I'm using the very latest version of puppet and have been following the Apress "Pro Puppet" guide step by step. I have installed puppet sudo aptitude install ruby libshadow-ruby1.8 sudo aptitude install puppet puppetmaster facter I have edited /etc/puppet/puppet.conf to include certname [master] certname=puppet.mydomain.com I have edited /etc/hosts and added the following line 127.0.0.1 puppet.mydomain.com puppet I have set the hostname of the server echo "puppet.mydomain.com" > /etc/hostname hostname -F /etc/hostname And then I try and run puppet from the command line. puppet master --verbose --no-daemonize And puppet gives me this error: Could not parse for environment production: Could not find file /master.pp I'm running all commands with sudo and the last line of the error message always says that it can't find master.pp and the path before it is to my current working directory. What am I doing wrong? I should also mention that I don't have a DNS record set up for puppet.mydomain.com - I saw some online documentation mentioning this might be a problem - however I was fairly sure that the hosts file would let me get around that.

Read the article
How can I create a hotkey to play/pause Pandora on OS X?

- by etlovett

I'm on OS X and want to have a hotkey (e.g. Cmd-Opt-P) to play/pause Pandora. I've used Butler to set one up for iTunes, but can't find a comparable solution for Pandora. I'm open to any solution (including apps, AppleScripts, etc.) that would allow me to bind a hotkey to play/pause, and I'm willing to use a paid solution as well. What can I do? Solutions I've looked into and/or tried: Pandora Boy: but the keyboard shortcuts don't seem to work for me, despite following the instructions here. The official Pandora One player: according to the comments on this Pandora blog post, it doesn't support hotkeys. My system: OS X 10.6.6 Each of the various truly-modern browsers Flash 10.1

Read the article
Create an alias in Windows XP

- by Lord Torgamus

Back in school, I used to have a .login file along the lines of alias ll = ls -l alias dir = ls -Fhl alias web = cd ~/public/public_www/development ... I'd like to do that sort of thing with my XP box here at work, but most of the resources I've found online seem fairly complicated and heavy-duty. Is there a way to do this that doesn't involve mucking about in the registry or running a large batch file? EDIT: My original reason for asking this was that I only need the command line for one command in one specific folder, and I wanted to be able to get to that folder quickly when I launched the command line. But the accepted answer for this question is so good that I decided to ask about my original issue as a separate question here.

Read the article
Trying to test Domain Collapsing / Consoldiation validity for SEO purposes

- by Roy Rico

At work, we're trying to determine the effectiveness of domain collapsing for SEO purposes. Our current structure is to have multiple web apps served from different servers, such as PUBLIC URLS - directly accessed by users www1.somecompany.com/webapp1 www2.somecompany.com/webapp2 www3.somecompany.com/webapp3 I'm proposing to put an Apache proxy in front of these applications that will mask the different domains and route the requests to proper server PUBLIC URL--------routed/forwarded to-----PRIVATE URL www.somecompany.com/webapp1 <-----> www1.somecompany.com/webapp1 www.somecompany.com/webapp2 <-----> www2.somecompany.com/webapp2 www.somecompany.com/webapp3 <-----> www3.somecompany.com/webapp3 In terms of SEO/page rank value, does this help?

Read the article
bind tmux prefix to OS X cmd key (or any other binding)

- by rubenfonseca

Hi all. I'm used to iTerm2 (or Terminal.app for this case) on OS X. But I want to move to use tmux (or screen, but the problem is similar to both apps). So my idea is to have a single iTerm tab with a tmux session opened with multiple tabs. To do the transition I have a basic feature I need to configure on tmux: switch the the tab 'n' by using cmd + n (like Firefox, Chrome, iTerm2 itself, etc) However I can't find a way of mapping the cmd key on the mac keyboard. I first tried to implement cmd as a prefix key, with no success. I've tried setting set-option -g prefix M-a (hoping for Meta-a) set-option -g prefix ^a (hoping for ^ to work) but nothing works. Is this possible? I don't really need to bind the prefix to cmd, but I want to be able to change tmux tabs with cmd+n. Thank you

Read the article
Convert RAID-0 to RAID-1 on HP ML350G6 with P410i zero memory

- by JLe

I have an HP ML350 G6 with a P410i zero memory RAID controller. As far as I can understand that means I can't expand a current single drive "RAID-0" configuration to a RAID-1 using the HP Offline ACU without installing memory and BBWC. Is that correct? What makes me think about this is the fact that expanding RAID-0 to RAID-1 should be pretty similar to replacing a failed drive in an already existing RAID-1? So then why can't I expand without memory and BBWC? Is my best option otherwise to (i) use Ghost to capture the disk, create a new RAID-1 with the existing drive and a new one or (ii) buy memory+BBWC and do it online? Thanks

Read the article
Dell Vostro 1520 Unable to Read Compact Flash Card with Adapter?

- by Jim Taylor

I Purchased the Dell Vostro 1520 a few months ago and recently tried using a PCMCIA adapter for the Compact Flash card my camera uses. I can't get the laptop to find the card. Tried going online to see if a CF card should work, but have not found a clear or definate answer. I do not want to deal with Dell on the phone as even 800 #'s cost me more than it's worth to use. Hoping someone can let me know if I'm wasting my time trying to get the laptop to read my CF card. It's the only type card I have to try the input slot, so can't test to see if the input slot even works. Thanks, -- ‹(•¿•)› Jim

Read the article
Powershell BitLocker Recovery Key

- by TheNoobofNoobs

I'm trying to get a list of all computers that have a bit locker recovery key (or information for that matter) populated in their respective fields in AD. I am unable to even start on a script as I don't know where to begin. I did find this online but it doesn't appear to be working. foreach($comp in get-adcomputer -filter *) { get-adobject -filter 'objectclass -eq "msFVE-RecoveryInformation"' - searchbase $comp.distinguishedname -properties msfve-recoverypassword,whencreated | sort whencreated | select msfve-recoverypassword -last 1 } Export-Csv "FilePath.csv" Any ideas as to how I can go about this. Running Windows 7, Powershell 3.0, Windows Server 2008 R2.

Read the article
Improving server security [closed]

- by Vicenç Gascó

I've been developing webapps for a while ... and I always had a sysadmin which made the environment perfect to run my apps with no worries. But now I am starting a project on myself, and I need to set up a server, knowing near to nothing about it. All I need to do is just have a Linux, with a webserver (I usually used Apache), PHP and MySQL. I'll also need SSH, SSL to run https:// and FTP to transfer files. I know how to install almost everything (need advice about SSL) with Ubuntu Server, but I am concerned about the security topic ... say: firewall, open/closed ports, php security, etc ... Where can I found a good guide covering this topics? Everything else in the server... I don't need it, and I wanna know how to remove it, to avoid resources consumption. Final note: I'll be running the webapp at amazon-ec2 or rackspace cloud servers. Thanks in advance!!

Read the article
I just ordered 70/10 line, and need a new router I think?

- by data_jepp

Before I had the 25/5 line and the n standard router did just fine. Now it doesn't do the job. Online speedtest reads at 82 so I have the line. But my laptop is getting less than 30 in my room. My laptop has the following WiFi card: http://www.intel.com/content/www/us/en/wireless-products/centrino-advanced-n-6205.html What is this talk about 2,5 and 5ghz? Can my laptop be connected at once over both bandwidths? And that would let me use the full 70Mb over wifi? Hope it's ok to ask network questions here.

Read the article

< Previous Page | 378 379 380 381 382 383 384 385 386 387 388 389 | Next Page >