Search Results

Search found 13853 results on 555 pages for 'soa security'.

Page 393/555 | < Previous Page | 389 390 391 392 393 394 395 396 397 398 399 400 | Next Page >

How can I exclude a file in a folder from basic auth (regex help)?

- by simon180

Hi I have a folder on my site which contains admin files and I've added basic auth following a little unwanted attention. This works fine however a couple of the admin functions won't work through basic auth as they handle file uploads and so I want to exclude these files from the auth. It shouldn't have any security implications as any rogue user wouldn't be able to access the pages that could create a session to use these functions. I am using the following basic code to exclude a file: <FilesMatch "(index.php\/myadminfolder\/myurl\/myaction/someotherstuff?)$"> Satisfy Any Order allow,deny Allow from all Deny from none </FilesMatch> The URL exclusion is not working. The URL to exclude is in the form: index.php/directory/subdirectory/action/uniqueid/blah What is the correct URL string to add to FilesMatch to exclude any files that start with the pattern of index.php/directory/subdirectory/action - regardless of what comes after action? Thanks Simon

Read the article
Isolated Network Set-Up

- by Isaac Kleinman

I am looking to set up a small network for a client which would be isolated from his primary network. (I'm hoping to set-up the additional network as VMs on the primary network.) I've instructed the client to request a bunch of static ip addresses from his ISP, but I'm not sure how to proceed with setting this up. What hardware will I need and how do I go about the configuration? Heavy security is not my concern. All that's really required is that web requests from the two networks be presented to the outside world with different ip addresses.

Read the article
Is there any IP which refers to the internet?

- by victorferreira

Hello, guys, good morning. 127.0.0.1 is the local IP, isnt it? Is there a IP that I can use in order to refer to the any user in the internet? The thing is: i want to block a specific file to be accessed by the internet using IIS6. but i doesnt show me a clear way to do this. But i can define some security rules, for example: give IP restrictions for some file. So, i can deny for everybody (using that IP i am asking about) and allow for the internal IP. any suggestions?

Read the article
IIS asks for login/pass when accessed using hostname but not when ‘localhost’ is used. Why?

- by sb

Hi All, I have setup IIS on my xp machine and have setup a default homepage (that comes with the IIS installed). It is a help page I think. when I access the page with http : // localhost it works fine (IE/Chrome or FF) but when I access it using http://hostname it prompts for a loging/password and works when I enter my domain id and password on the intranet. I have ensured that "anonymous access" is enabled in the properties window of the default site and "websites" node. I searched stack overflow for similar queries but some indicate I need to change the IE/FF settings to allow "integrated security" etc and some suggest to look at the "log file". I don't want to change the IE setting and there is nothing unusual in the log file of the IIS Server. Can anybody help me figure out why this is happening? thank you sb

Read the article
"Access is denied" when copying text file to printer UNC path

- by Patrick

We have a new server running Server 2008 R2. We also have a "DOS-based" program that prints directly to the UNC path of a print share. With the new server, we are unable to print from this program. According to support, the program's printing works in the same way as if we were to do a "copy mytextfile.txt \\myserver\myprinter". When we try to run this command in DOS, we get "Access is denied". Support is saying that this is why the DOS program is not able to print. I have tried granting all permissions on the printer to the appropriate users (under Security of the printer properties) but that did not work. Is there a policy setting that would cause this to be denied?

Read the article
Tomcat Failed to start

- by user71538

I have installed Tomcat on windows XP through the Tomcat installer. I have installed JDK 1.6. But when I start Tomacat from services.msi on XP, I get the following error: java.lang.ClassNotFoundException: org.apache.catalina.core.AprLifecycleListener at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at sun.misc.Launcher$ExtClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at org.apache.commons.digester.ObjectCreateRule.begin(ObjectCreateRule.java:204) at org.apache.commons.digester.Rule.begin(Rule.java:152) at org.apache.commons.digester.Digester.startElement(Digester.java:1286) at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(Unknown Source) at com.sun.org.apache.xerces.internal.parsers.AbstractXMLDocumentParser.emptyElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source)

Read the article
How to removeTrojan PB [duplicate]

- by user266901

This question already has an answer here: How do I get rid of malicious spyware, malware, viruses or rootkits from my PC? 15 answers How to remove trojan PB from windows 7 system? previously i had installed Norton 360 antivirus. the subscription was expired two months back. Recently i have purchased quick heal total security. while installing quick heal antivirus i get the message 'system infected by Trojan PB' Their is an option to remove Trojan PB by restarting computer. However the infection does not get removed. Please advice for removal of Trojan PB

Read the article
Cannot login SQL Server after changing machine name

- by Ucodia

After installing and setting up new machines in a domain, we decided to rename one of them which had a SQL Server instance installed. So I changed the hostname, everything went fine regarding the domain but now, the server is logging a approximatively 2 SQL Server errors every 5 minutes and I cannot connect to the instance localy or from anywhere within the domain. Here is the error from the event log: SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure. The logon attempt failed [CLIENT: x.x.x.x] Concerning the instance, everything is started and restarted without any extra error.

Read the article
Log off as local "administrator" user, get blank login screen

- by Force Flow

I have an imaged lab environment running Windows 7 and attached to a domain. The local Administrator account is enabled for certain maintenance and prep tasks. Every time I logoff from the local Administrator account, it brings me back to the standard Ctrl+Alt+Del login screen. When I press that combination, all the user controls vanish except for the accessibility button down in the left hand corner. The only way I can seem to escape from this is to tap the power button to initiate a shutdown. Windows is up-to-date, and logging off as any other user operates normally. The "hide last user" local security policy option is enabled. Has anyone seen this phenomenon before and how can I stop this from happening?

Read the article
Launching multiple applications with a single command/script/shortcut

- by Bill

I realized a few days ago that every time I sit down at work, I do a few things after unlocking my computer. First, I open up Firefox, then I open up Chrome, then I log in to Digsby. I realized I could probably save repeating this daily by writing a small batch script to open up Firefox and Chrome , but I couldn't figure out how to make it work.. and since the whole effort is to save time I don't want to bash my head around in the windows command prompt to do it. I also tired this in powershell but ran in to a bunch of security nonsense. Is there a way to do this that I am missing? Bonus points if somebody has figured out how to manipulate Digsby via COM , scripting, or python =)

Read the article
Using Dropbox API instead of a FTP server for backing up DB/Source in your application.

- by Somebody still uses you MS-DOS

This is a small aplication scenario. Usually, when you have to do some backups of source code/database on your server, you use a second ftp server, a cronjob to tar.gz your db dumps and source files, and send this file to your ftp server from your application server. Dropbox created an API to use it's infrastrucutre. Since they provide 2gb for free accounts, I thought about being able to upload to it instead of a ftp server. So, if you do some freelance work, you can create a free account for each client and use this approach, maybe encrypting the files you send. You even gain a revision for each sent file, like a revison control system, for free, from the last 30 days. What do you think of this approach? Is it possible? And, more importantly: what are the security risks involved? (That's why I'm asking this on serverfault, since this POV from sysadmins will be more accurate). Thanks!

Read the article
Ubuntu server 9.10 freezes up after ~10 minutes - unconventional

- by L33tCh

There is a topic by essentially the same name, but my answer leads to another question which I would like answered so... My case is as follows: I connect through SSH to my server... no problems for many months on Ubuntu Server 9.04. Eventually I decided to updgrade and straight away I get the 10 minutes freeze problem. I went through all the possible fixes (many can be found here but my quick fix, the only that worked, leaves me with no real answer as to why and how to properly correct it... As ridiculous as it sounds... while I leave a keyboard plugged in... it runs without flaw. Can anyone make sense of this? For the sake of completeness, (although none of the following made any difference upon subsequent completion), some of the permanent changes I have made while trying to correct the issue are: replacing samba config file with 9.04 backup, booting with noapic and modifying sysctl.conf, just uncommenting additional settings for enhanced security.

Read the article
Provide credentials to process in a safe manner

- by Erik Aigner

On system startup I need to launch a process which requires credentials for other services (database etc.) to interact. I obviously don't want to store those on disk for security reasons. I'm trying to think of a way to provide those credentials to the process on launch - and on launch only. After that they should be only available to the process. Is this possible somehow? The bottom line is to make it as hard as possible for an intruder to get to those credentials.

Read the article
cloud hosting with only root partition

- by user123198

We are starting a website possibly with couple of thousands hits every day and few thousands registered users. By our hosting provider we were adviced to go with cloud hosting which we can easily expand later if we need. It is Ubuntu 11 running in WM. The problem we run into is the disk is divided only in root and swap partition which is not advised from security point of view. When consulting this with technical support we got the reply that it is not possible to make more partitions and that it is mainly issue with windows server and linux is generally fine. I'm looking here for an advice if we should switch the hosting for perhaps dedicated server where we have the full control or it is something not too be worried about too much.

Read the article
IIS 6.0 :: SSL certificate install :: issue

- by BSI Support

Certificate request process works fine. Once the certificate is received from VeriSign, the installation process also works fine (no errors.) However, once installed, the new certificate is not "assigned." Meaning, when I view the IIS instance security properties, it still shows the previous certificate start & end dates. Thoughts? Windows 2003, Web Edition. I have 3 other Win2003WE machines, configured nearly the same, and do not have this problem.

Read the article
ssl problems between two tomcat servers

- by user1058410

I've got one tomcat 7 server(kind of like a web server) trying to talk to a tomcat 6 server(acting as a document server on another machine) over ssl and keep getting this error java.security.cert.CertificateException: No name matching rarity64 found. Where rarity64 is the name of the document server. I've tried exporting keys from both tomcats keystores and importing them into the others keystores using java keytool. I've even tried adding them to the other machines cacerts keystore. I've also used internet explorer to import both keys into the other machine. But nothing I try works. If it matters the real webserver is IIS 7.5, which the tomcat "webserver" talks too with arr, and they don't use SSL. But the problem seems to between the two tomcat servers

Read the article
want to make my pages end with HTML

- by user41997

here is my current .htaccess For security reasons, Option followsymlinks cannot be overridden. Options +FollowSymlinks Options +SymLinksIfOwnerMatch ErrorDocument 404 /404.php RewriteEngine on rewritecond %{http_host} ^jugep.com [nc] rewriterule ^(.*)$ http://www.jugep.com/$1 [r=301,nc] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^peliculas/([^/]+)$ pelicula.php?pelicula=$1 [L] RewriteRule ^descargar/([^/]+)$ descargar.php?descargar=$1 [L] RewriteRule ^peliculas$ peliculas.php [L] RewriteRule ^peliculas/$ peliculas.php [L] RewriteRule ^buscar$ buscar.php [L] RewriteRule ^buscar/$ buscars.php [L] RewriteRule ^contactar$ contactar.php [L] RewriteRule ^contactar/$ contactars.php [L] +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Can someone help me out here, I would like my links to end with a HTML for every link currently a link on my site looks like this (http://www.jugep.com/peliculas/Casino_Royale) I would like it to look like this(http://www.jugep.com/peliculas/Casino_Royale.html) any help is greatly apreciated

Read the article
Shared printer can't be added

- by Sandokan

We have a small training network with server 2003, and XP clients and users in a AD domain. A printer is connected to a client with USB. We are trying to share the printer to all the users but it's not working. We come so far as the users can see the printer when they search for it. But when they try to add it, there appears a pop up window for user name and password. No matter what user name we try it doesn't work. We have checked the shared printer's security settings and they are all in order. Everyone has printer rights. But even with full rights it doesn't work. The only ones it works for are Domain Admins. Anyone have any ideas?

Read the article
Is there a way to change the permissions of a series of directories on Windows 7 without getting a dialog box when it can't change the rights?

- by leeand00

Is there some way to change the permissions recursively on a series of directories without getting a dialog box that pops up and tells me it can't change the permissions on a particular file? I keep getting this dialogs multiple times duing the process of changing permissions: An error occurred while applying security information to: C:\pagefile.sys The process cannot access the file because it is being used another process. Eventually I get so many of them that I start clicking the mouse or pressing the space bar so many times that I accidentally click the cancel button. Also it would be great if I could keep a log of which files it can't change permissions on. Is this possible in Windows 7? Does it have to be done from the command prompt or from powershell?

Read the article
Warning popups that direct to 3rd party sites

- by Kingamoon

Lately, I've been getting warning popups on my browser (latest version of Chromium) that notify me that my Java version of current browser is outdated and needs to be updated. What's alarming to me is that it sends me to some sites I've never heard of like Malest.com. When I block a site, it redirects me to a different one. I don't know how to track what's causing these alerts. I ran Microsoft Security Essential and it found nothing. Any suggestions on what to do to nail down this irritating problem?

Read the article
How do I set permissions on a Server 2003 folder

- by Richard210363

Hi There, In my part time position as entire IT department at my Office ( I'm a MCSD developer normally ) I have been asked to change a shared folder. Only I don't really understand all the Shared / Security options. I have a folder that must be accessed by 2 people in the company (and no one else). They both must have read/write/edit and change access. They must be able to read/write/edit each others files; existing or newly created. Should be easy but I'm a bit overwhelemd by all the choices. What should I set? Thanks for your help richard

Read the article
In Ubuntu Linux, how do I list packages installed from the “universe” repository?

- by Nate

On an Ubuntu 10.04 LTS server, I want to list installed packages and see what repository they come from. It’s easy to list installed packages, but it does not include the name of the repository (such as “main” or “universe”). And this information isn’t in /var/lib/dpkg/status, so dpkg-query doesn’t show it either. I want to get a list of “unsupported” software—that is, software that doesn’t come from the “main” repository, and for which Ubuntu does not guarantee security updates. Note: This is a server. It does not have X, GNOME or KDE installed.

Read the article
Mysql loses its root password

- by RubyDev

I am having a strange problem, my mysql loses/resets the root password automatically. By which I mean that it resets it to none. It has happened twice this month. I am worried that it can be a security issue as data is open waiting only for someone trying no password! Here is the version: mysql --version mysql Ver 14.14 Distrib 5.1.56, for redhat-linux-gnu (i386) using readline 5.1 Any help would be appreciated. Update: Output of select user, host, password from mysql.user; how it looks after the password got reset | root | localhost | | root | 127.0.0.1 | | | localhost | | | admin | localhost | ################################# | (I have removed the actual output with #) So all the passwords are blank, except for for another user named 'admin'

Read the article
Applications on my laptop crashees every 10-20 minutes [closed]

- by user1731110

In my windows 7 home premium, several of my application crashes after some minutes even wehn I am not touching system. For example I have outlook 2007, that works fine, but suddenly crashes. The same about visual studio 2012. It is also crashes after some minute no matter if I am working on a project or I am not touching it. the same behaviour is there, for other applications (skype, oovoo and ...). I use Microsoft security essential and there is no virus on my system. I also checked my system with Sophos anti root kit and there is no root kit there. What would be the problem?

Read the article
What's the best practice for taking MySQL dump, encrypting it and then pushing to s3?

- by HalogenCreative

This current project requires that the DB be dumped, encrypted and pushed to s3. I'm wondering what might be some "best practices" for such a task. As of now I'm using a pretty straight ahead method but would like to have some better ideas where security is concerned. Here is the start of my script: mysqldump -u root --password="lepass" --all-databases --single-transaction > db.backup.sql tar -c db.backup.sql | openssl des3 -salt --passphrase foopass > db.backup.tarfile s3put backup/db.backup.tarfile db.backup.tarfile # Let's pull it down again and untar it for kicks s3get surgeryflow-backup/db/db.backup.tarfile db.backup.tarfile cat db.backup.tarfile | openssl des3 -d -salt --passphrase foopass |tar -xvj Obviously the problem is that this script everything an attacker would need to raise hell. Any thoughts, critiques and suggestions for this task will be appreciated.

Read the article

< Previous Page | 389 390 391 392 393 394 395 396 397 398 399 400 | Next Page >