Encrypting cookies in PHP
- by Ross
Hi,
How can i encrypt and later decrypt a value of a cookie in PHP (how secure will the encryption be )
Search Results
Search found 3707 results on 149 pages for 'secure'.
Page 45/149 | < Previous Page | 41 42 43 44 45 46 47 48 49 50 51 52 | Next Page >
-
-
Running commands though PHP/Perl scripts as a priviledged user on Linux.
- by jtd
Background: I am writing a script for a company that will allow users to create FTP accounts through a web interface. In the background, the script must run a bunch of commands: Add the user to the system (useradd) Open and edit various files mail the user via sendmail and a few other things... I'm basically looking for the most secure way of doing this. I've heard of the setuid method, the sudo method, and of course, running httpd as a priviledged user. There will be sanity checks on the data entered of course before any commands are executed (ie. only alphanumeric characters in usernames) What is the method used by the popular scripts out there (webmin for example), as it must be fairly secure?Read the article
-
Hash passwords before transmitting? (web)
- by wag2639
I was reading this Ars article on password security and it mentioned there are sites that "hash the password before transmitting"? Now, assuming this isn't using an SSL connection (HTTPS), a. is this actually secure and b. if it is how would you do this in a secure manor? Edit 1: (some thoughts based on first few answers) c. If you do hash the password before transmission, how do you use that if you only store a salted hash version of the password in your user credentials databas? d. Just to check, if you are using a HTTPS secured connection, is any of this necessary?Read the article
-
Authentication Sceme for RESTful API used by desktop app.
- by user346087
I'm providing a RESTful API. This API is used by a third party desktop application. The API is currently secured using Basic Authentication. That isn't very secure because the credentials have to be stored in the client application. The communication between the desktop and API can also easily be intercepter. The desktop application also communicates with a third party server (run by the publisher of the desktop application) I am unable to figure out how the secure the API in a good way. Ideas?Read the article
-
InApp subscriptions - trasferability
- by meap
Apple has rejected one of our apps, where the user can purchase content through subscriptions (InApp product type is subscription). The problem is that we need to, also because of Apple requiring it, these subscriptions to be transferable between devices. The logical and also the most secure solution would be to link it to a user account, that the user will have to create. But this was the reason why apple rejected this app. They have told us that for purchasing of subscriptions a registration can not be required, can be only optional. So the question is how to solve this if there is no other nice solution that would make sense, be secure and still comfortable for the user?Read the article
-
Set up lnux box for hosting a-z
- by microchasm
I am in the process of reinstalling the OS on a machine that will be used to host a couple of apps for our business. The apps will be local only; access from external clients will be via vpn only. The prior setup used a hosting control panel (Plesk) for most of the admin, and I was looking at using another similar piece of software for the reinstall - but I figured I should finally learn how it all works. I can do most of the things the software would do for me, but am unclear on the symbiosis of it all. This is all an attempt to further distance myself from the land of Configuration Programmer/Programmer, if at all possible. I can't find a full walkthrough anywhere for what I'm looking for, so I thought I'd put up this question, and if people can help me on the way I will edit this with the answers, and document my progress/pitfalls. Hopefully someday this will help someone down the line. The details: CentOS 5.5 x86_64 httpd: Apache/2.2.3 mysql: 5.0.77 (to be upgraded) php: 5.1 (to be upgraded) The requirements: SECURITY!! Secure file transfer Secure client access (SSL Certs and CA) Secure data storage Virtualhosts/multiple subdomains Local email would be nice, but not critical The Steps: Download latest CentOS DVD-iso (torrent worked great for me). Install CentOS: While going through the install, I checked the Server Components option thinking I was going to be using another Plesk-like admin. In hindsight, considering I've decided to try to go my own way, this probably wasn't the best idea. Basic config: Setup users, networking/ip address etc. Yum update/upgrade. Upgrade PHP: To upgrade PHP to the latest version, I had to look to another repo outside CentOS. IUS looks great and I'm happy I found it! cd /tmp #wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm #rpm -Uvh epel-release-1-1.ius.el5.noarch.rpm #wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1-4.ius.el5.noarch.rpm #rpm -Uvh ius-release-1-4.ius.el5.noarch.rpm yum list | grep -w \.ius\. [will list all packages available in the IUS repo] rpm -qa | grep php [will list installed packages needed to be removed. the installed packages need to be removed before you can install the IUS packages otherwise there will be conflicts] #yum shell >remove php-gd php-cli php-odbc php-mbstring php-pdo php php-xml php-common php-ldap php-mysql php-imap Setting up Remove Process >install php53 php53-mcrypt php53-mysql php53-cli php53-common php53-ldap php53-imap php53-devel >transaction solve >transaction run Leaving Shell #php -v PHP 5.3.2 (cli) (built: Apr 6 2010 18:13:45) This process removes the old version of PHP and installs the latest. To upgrade mysql: Pretty much the same process as above with PHP #/etc/init.d/mysqld stop [OK] rpm -qa | grep mysql [installed mysql packages] #yum shell >remove mysql mysql-server Setting up Remove Process >install mysql51 mysql51-server mysql51-devel >transaction solve >transaction run Leaving Shell #service mysqld start [OK] #mysql -v Server version: 5.1.42-ius Distributed by The IUS Community Project The above upgrade instructions courtesy of IUS wiki: http://wiki.iuscommunity.org/Doc/ClientUsageGuide Create a chroot jail to hold sftp user via rssh. This will force SCP/SFTP and will circumvent traditional FTP server setup. #cd /tmp #wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm #rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm #useradd -m -d /home/dev -s /usr/bin/rssh dev #passwd dev Edit /etc/rssh.conf to grant access to SFTP to rssh users. #vi /etc/rssh.conf Uncomment line allowscp This allows me to connect to the machine via SFTP protocol in Transmit (my FTP program of choice; I'm sure it's similar with other FTP apps). Above instructions for SFTP appropriated (with appreciation!) from http://www.cyberciti.biz/tips/linux-unix-restrict-shell-access-with-rssh.html And this is where I'm at. I will keep editing this as I make progress. Any tips on how to Configure virtual interfaces/ip based virtual hosts for SSL, setting up a CA, or anything else would be appreciated.Read the article
-
Set up lnux box for hosting a-z [apache mysql php ssl]
- by microchasm
I am in the process of reinstalling the OS on a machine that will be used to host a couple of apps for our business. The apps will be local only; access from external clients will be via vpn only. The prior setup used a hosting control panel (Plesk) for most of the admin, and I was looking at using another similar piece of software for the reinstall - but I figured I should finally learn how it all works. I can do most of the things the software would do for me, but am unclear on the symbiosis of it all. This is all an attempt to further distance myself from the land of Configuration Programmer/Programmer, if at all possible. I can't find a full walkthrough anywhere for what I'm looking for, so I thought I'd put up this question, and if people can help me on the way I will edit this with the answers, and document my progress/pitfalls. Hopefully someday this will help someone down the line. The details: CentOS 5.5 x86_64 httpd: Apache/2.2.3 mysql: 5.0.77 (to be upgraded) php: 5.1 (to be upgraded) The requirements: SECURITY!! Secure file transfer Secure client access (SSL Certs and CA) Secure data storage Virtualhosts/multiple subdomains Local email would be nice, but not critical The Steps: Download latest CentOS DVD-iso (torrent worked great for me). Install CentOS: While going through the install, I checked the Server Components option thinking I was going to be using another Plesk-like admin. In hindsight, considering I've decided to try to go my own way, this probably wasn't the best idea. Basic config: Setup users, networking/ip address etc. Yum update/upgrade. Upgrade PHP: To upgrade PHP to the latest version, I had to look to another repo outside CentOS. IUS looks great and I'm happy I found it! cd /tmp #wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm #rpm -Uvh epel-release-1-1.ius.el5.noarch.rpm #wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1-4.ius.el5.noarch.rpm #rpm -Uvh ius-release-1-4.ius.el5.noarch.rpm yum list | grep -w \.ius\. [will list all packages available in the IUS repo] rpm -qa | grep php [will list installed packages needed to be removed. the installed packages need to be removed before you can install the IUS packages otherwise there will be conflicts] #yum shell >remove php-gd php-cli php-odbc php-mbstring php-pdo php php-xml php-common php-ldap php-mysql php-imap Setting up Remove Process >install php53 php53-mcrypt php53-mysql php53-cli php53-common php53-ldap php53-imap php53-devel >transaction solve >transaction run Leaving Shell #php -v PHP 5.3.2 (cli) (built: Apr 6 2010 18:13:45) This process removes the old version of PHP and installs the latest. To upgrade mysql: Pretty much the same process as above with PHP #/etc/init.d/mysqld stop [OK] rpm -qa | grep mysql [installed mysql packages] #yum shell >remove mysql mysql-server Setting up Remove Process >install mysql51 mysql51-server mysql51-devel >transaction solve >transaction run Leaving Shell #service mysqld start [OK] #mysql -v Server version: 5.1.42-ius Distributed by The IUS Community Project And this is where I'm at. I will keep editing this as I make progress. Any tips on how to Configure Virtualhosts for SSL, setting up a CA, setting up SFTP with openSSH, or anything else would be appreciated.Read the article
-
Ray Bradbury’s Predictions about Future Technology that have been Fulfilled
- by Asian Angel
Ray Bradbury wrote about many wonderful items of technology in his stories of the future, but you may be surprised to see just how many of them have become reality. Note: Visit the blog post linked below to see the full-size version of the chart. Ray Bradbury Predictions Fulfilled [via Geeks are Sexy] HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font CustomizationRead the article
-
This Computer Slices, Dices, and Does it ‘All’ [Humorous Retro Video]
- by Asian Angel
Sit back and enjoy this entertaining retro computer ad as Rich DuLaney from the OS/2 Multimedia Presentation Manager/2 team jumps into ‘super salesman mode’ to sell you the Ultimedia M57SLC computer for only $3,395! It slices, It dices [via MUO] 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8Read the article
-
Download the Swedish Summer Theme for Windows 7 and 8
- by Asian Angel
Are you looking for a serene warm weather theme for your desktop? Then you will definitely want to grab a copy of the Swedish Summer Theme for Windows 7 and 8. The theme comes with nine beautiful outdoor images featuring the awesome summer-time photograpy of Hans Strand. Download the Swedish Summer Theme – Microsoft [via Softpedia] How To Delete, Move, or Rename Locked Files in Windows HTG Explains: Why Screen Savers Are No Longer Necessary 6 Ways Windows 8 Is More Secure Than Windows 7Read the article
-
How Can I Track the Modifications a Program’s Installer Makes?
- by Jason Fitzpatrick
What exactly are those installation apps doing as the progress bar whizzes by? If you want to keep a close eye on things, you’ll need the right tools. Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-drive grouping of Q&A web sites. How To Delete, Move, or Rename Locked Files in Windows HTG Explains: Why Screen Savers Are No Longer Necessary 6 Ways Windows 8 Is More Secure Than Windows 7Read the article
-
Cloud9 + vmware server
- by Vigrond
I recently bought a Chromebook to allow me to travel and work easily. My work likes to use VMWare images for our environments. I would like to run these on a server somewhere and hook them up to Cloud9 IDE so I can program fairly easily with my Chromebook What would be the easiest way to set this environment up? Can you say, take a VMWare image, "run" it on a linux server and hook up secure access to it through a given port?Read the article
-
Week in Geek: Dropbox to Shut Down ‘Public Folders’ Feature in August
- by Asian Angel
This week’s edition of WIG is filled with news link goodness covering topics such as new details and screenshots of Windows 8, the existence of a Google tablet has been confirmed, an Australian online retailer has introduced a special tax on IE 7 users, and more. Chainlink fence clipart courtesy of For Web Designer. HTG Explains: What Is Windows RT and What Does It Mean To Me? HTG Explains: How Windows 8′s Secure Boot Feature Works & What It Means for Linux Hack Your Kindle for Easy Font CustomizationRead the article
-
Manage Your Twitter Account from the Sidebar in Firefox
- by Asian Angel
Are you a Twitter addict and need an easy way to manage your account in Firefox? Now you can access Twitter in your Sidebar or as a separate window with the TwitKit+ extension for Firefox. Accessing TwitKit+ There are three ways that you can access TwitKit+ after installing the extension. The first is by adding the “Toolbar Button” to your browser’s UI. The second and third methods are through the “View & Tools Menus”. TwitKit+ in Action When you open TwitKit+ for the first time you will see Twitter’s “Public Tweet Stream”. To get started login into your account. Note: If you do not care for the “brown theme” you can select a different one in “Preferences”. Here is a closer look at the top area and the commands available. Notice the “blue arrow symbol” in the upper left corner…very useful if you want to separate TwitKit+ from your main browser window for a bit. Secure Mode, Undock, Preferences, Login/Logout Google Search, Twitter Search, Copy Selection To Status Box, Shorten Selected URL Public, User, Friends, Followers, @ Messages, Direct Messages, Profile Note: To use Google or Twitter search enter your term in the “Status Area” and click on the appropriate service icon. Here is the regular timeline for our account…the “clickable tab buttons” make everything easy to view and work with. You can perform actions such as replying, retweeting, marking as a favorite, etc. using the set of “management buttons” at the bottom of each tweet. To add a new tweet to your timeline enter your text and press “Enter”. A look at the “Following List” for our account. Having a more defined and separate “view categories” set makes this better than directly accessing the Twitter website. Preferences The preferences can be quickly sorted out…choose how often the timeline is updated, name display, favorite URL shortening service, theme, and font size. Note: The default connection setting is for “Secure Access”. Conclusion TwitKit+ makes a nice addition to Firefox for anyone who loves keeping up with Twitter throughout the day. There when you want it and out of your way the rest of the time. Links Download the TwitKit+ extension (Mozilla Add-ons) Similar Articles Productive Geek Tips Move Add-on Management to the Sidebar in FirefoxPreview and Manage Multiple Tabs in Firefox with Tab SidebarDisable Windows Sidebar in VistaQuick Tip: Use Google Talk Sidebar in FirefoxRun Windows Sidebar Gadgets Without the Sidebar TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Enable Check Box Selection in Windows 7 OnlineOCR – Free OCR Service Betting on the Blind Side, a Vanity Fair article 30 Minimal Logo Designs that Say More with Less LEGO Digital Designer – Free Create a Personal Website Quickly using Flavors.meRead the article
-
Manage Your Twitter Account from the Sidebar in Firefox
- by Asian Angel
Are you a Twitter addict and need an easy way to manage your account in Firefox? Now you can access Twitter in your Sidebar or as a separate window with the TwitKit+ extension for Firefox. Accessing TwitKit+ There are three ways that you can access TwitKit+ after installing the extension. The first is by adding the “Toolbar Button” to your browser’s UI. The second and third methods are through the “View & Tools Menus”. TwitKit+ in Action When you open TwitKit+ for the first time you will see Twitter’s “Public Tweet Stream”. To get started login into your account. Note: If you do not care for the “brown theme” you can select a different one in “Preferences”. Here is a closer look at the top area and the commands available. Notice the “blue arrow symbol” in the upper left corner…very useful if you want to separate TwitKit+ from your main browser window for a bit. Secure Mode, Undock, Preferences, Login/Logout Google Search, Twitter Search, Copy Selection To Status Box, Shorten Selected URL Public, User, Friends, Followers, @ Messages, Direct Messages, Profile Note: To use Google or Twitter search enter your term in the “Status Area” and click on the appropriate service icon. Here is the regular timeline for our account…the “clickable tab buttons” make everything easy to view and work with. You can perform actions such as replying, retweeting, marking as a favorite, etc. using the set of “management buttons” at the bottom of each tweet. To add a new tweet to your timeline enter your text and press “Enter”. A look at the “Following List” for our account. Having a more defined and separate “view categories” set makes this better than directly accessing the Twitter website. Preferences The preferences can be quickly sorted out…choose how often the timeline is updated, name display, favorite URL shortening service, theme, and font size. Note: The default connection setting is for “Secure Access”. Conclusion TwitKit+ makes a nice addition to Firefox for anyone who loves keeping up with Twitter throughout the day. There when you want it and out of your way the rest of the time. Links Download the TwitKit+ extension (Mozilla Add-ons) Similar Articles Productive Geek Tips Move Add-on Management to the Sidebar in FirefoxPreview and Manage Multiple Tabs in Firefox with Tab SidebarDisable Windows Sidebar in VistaQuick Tip: Use Google Talk Sidebar in FirefoxRun Windows Sidebar Gadgets Without the Sidebar TouchFreeze Alternative in AutoHotkey The Icy Undertow Desktop Windows Home Server – Backup to LAN The Clear & Clean Desktop Use This Bookmarklet to Easily Get Albums Use AutoHotkey to Assign a Hotkey to a Specific Window Latest Software Reviews Tinyhacker Random Tips Revo Uninstaller Pro Registry Mechanic 9 for Windows PC Tools Internet Security Suite 2010 PCmover Professional Enable Check Box Selection in Windows 7 OnlineOCR – Free OCR Service Betting on the Blind Side, a Vanity Fair article 30 Minimal Logo Designs that Say More with Less LEGO Digital Designer – Free Create a Personal Website Quickly using Flavors.meRead the article
-
Browse Through Radio Shack’s 1983 Computer Catalog [Scanned Image Set]
- by Asian Angel
Are you ready for a blast from the past? Then indulge in a bit of retro fun with this scanned image collection of Radio Shack’s 1983 computer catalog. Anyone up for a shiny ‘new’ TRS-80 computer for Christmas? Radio Shack Catalog RSC-09 Computer Catalog [via BoingBoing] Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD Monitor How to Factory Reset Your Android Phone or Tablet When It Won’t BootRead the article
-
Using PHP Encryption for Login Authentication
<b>Webreference:</b> "Following up on "Implementing One-way Encryption in PHP," my previous tutorial about using one-way encryption to build a secure online diary application, this article explores using PHP encryption for login authentication."Read the article
-
Google adwords API - credit card safety question
- by user5650
Google is asking me to fax credit card xerox in order to activate adwords API in MCC. 1) Are there alternatives to this - is there a 3rd party provider who will give me this service without me sending them the credit card info? 2) How secure is it to send my credit card fax via some online fax service? 3) Do you think they will reject the application if I hide my CVV number in the fax? Any other thoughts appreciated.Read the article
-
The Glitch [Video]
- by Asian Angel
Things are fine in Video Game Land until one day when a soldier encounters an unusual phenomena…his weapon is partially buried in the pavement and undergoing extreme shifting movements. Can Mario and friends save Video Game Land from the Malevolent Glitch or is it game over for everyone?! The Glitch [via Geeks are Sexy] How to Access Your Router If You Forget the Password Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD MonitorRead the article
-
12/12 Live Webcast: Introducing Next-Generation Enterprise Auditing and Database Firewall
- by jgelhaus
Join Oracle Security gurus to hear how Oracle products monitor Oracle and non-Oracle database traffic, detect unauthorized activity including SQL injection attacks, and block internal and external threats from reaching the database. Hear how organizations such as TransUnion Interactive and SquareTwo Financial rely on Oracle to monitor and secure their Oracle and non-Oracle database environments. Register for the webcast here.Read the article
-
Decorate Your Desktop with the Rock Stars of Science [Wallpaper]
- by Jason Fitzpatrick
This understated desktop wallpaper showcases notable names in science with accompanying icons to represent their contribution to the field. The icons are the work of Megan Lee of Megan Lee Studios–you order prints, t-shirts, and other items with her designs on them here–and the wallpaper arrangement comes to us courtesy of Reddit user wastingtime247–check out the via link below for more arrangements. Science Rock Stars Wallpaper by Megan Lee Studios [via Reddit] How to Access Your Router If You Forget the Password Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD MonitorRead the article
-
Download the Architectural Views Theme for Windows 7 and 8
- by Asian Angel
Are architectural views your favorite type of background for your desktop? Then you will definitely want to download a copy of the Architectural Views Theme for Windows 7 and 8. The theme comes with seven wonderful images of different architectural views by photographer Alexandru Nicusor Matei. Uncovering Artists Through Windows Themes – Alexandru Nicusor Matei [7 Tutorials] Secure Yourself by Using Two-Step Verification on These 16 Web Services How to Fix a Stuck Pixel on an LCD Monitor How to Factory Reset Your Android Phone or Tablet When It Won’t BootRead the article
-
Pre-Order Visual Studio 2010 Professional upgrade today, and save hundreds
- by Latest Microsoft Blogs
Microsoft Visual Studio 2010 Professional will launch on April 12 but you can beat the rush and secure your copy today by pre-ordering at the affordable estimated retail price of $549, a saving of $250. If you use a previous version of Visual Studio or Read More......(read more)Read the article
-
Friday Fun: Turkey Slice
- by Asian Angel
In this week’s game you engage in a holiday war with a group of evil turkeys that are determined to ruin your Thanksgiving Day celebrations. Can you put these evil turkeys on the menu where they belong or will they get in the last gobble at your expense? How To Delete, Move, or Rename Locked Files in Windows HTG Explains: Why Screen Savers Are No Longer Necessary 6 Ways Windows 8 Is More Secure Than Windows 7Read the article
-
Desktop Fun: Grasslands Wallpaper Collection Series 2
- by Asian Angel
This past year we shared a terrific collection of grasslands wallpapers with you and today we return with more of these wonderful ‘inland seas’ of waving grass. Travel these ‘land-based seas’ of green and gold on your desktop with the second in our series of Grasslands Wallpaper collections. 6 Ways Windows 8 Is More Secure Than Windows 7 HTG Explains: Why It’s Good That Your Computer’s RAM Is Full 10 Awesome Improvements For Desktop Users in Windows 8Read the article
