Search Results

Search found 1306 results on 53 pages for 'csrf protection'.

Page 5/53 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • How to allow Google Images search to by pass hotlink protection?

    - by Marco Demaio
    I saw Google Images seems to index my images only if hotlink protection is off. * I use anyway hotlink protection because I don't like the idea of people sucking my bandwidth, i simply this code to protcet my sites from being hotlinked: RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?mydomain\.com$ [NC] RewriteRule .*\.(jpg|jpeg|png|gif)$ - [F,NC,L] But in order to allow Google Image search to bypass my hotlink protection (I want Google Images search to show my images) would it suffice to add a line like this one: RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google\.com/.*$ [NC] RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google\.com$ [NC] Because I'm wondring: is the crawler crawling just from google.com? and what about google.it / google.co.uk, etc.? FYI: on Google official guidelines I did not find info about this. I suppose hotlink protection prevents Google Images to show images in its results because I did some tests and it seems hotlink protection does prevent my images to be shown in Google Images search.

    Read the article

  • How good is PDF password protection?

    - by Tim
    It appears that Word's password protection is not really good, at least until Office 2003, if I read this SU entry correctly. I'm under the impression that Acrobat's PDF password protection should be better (it says 128-bit AES for Acrobat 7 and higher). Is that true? Of course, it depends on the strength of the password used, but assuming I protect my PDF with a password like sd8Jf+*e8fh§$fd8sHä, am I on the safe side? Like, say, for sending confidential patient information - not really valuable, but potentially highly sensitive.

    Read the article

  • Symantec Protection Suite and System Recovery 2011 Desktop Edition

    - by rihatum
    I am re-posting this as my previous question was being treated as if I am "Shopping or seeking Product Recommendations" even though I was NOT - BTW they have deleted my comments too which were not offensive in nature. anyway - I have re-phrased some parts of my question and I hope SF Admins "Do Not Modify / Edit" this one - will be most grateful for that. I have a lot of respect for the People who visit this SITE and help others ! Just To clarify : Just to go by SF rules - I am not seeking someone to Design this solution, I am simply seeking real world examples, experiences, technical expert opinions / suggestions, any tips or tricks they may have or any problems they may have faced while doing something similar above with these products. I am also not asking for Capacity Planning for Storage, We have done some research and I am seeking Expert Assurance / Suggestions. We (our company) are planning to deploy Symantec Endpoint Protection and Symantec Desktop Recovery 2011 Desktop Edition to our 3000 - 4000 workstations (Windows7 32 and 64) with a few 100s with Windows XP 32/64 Bit. I have read the implementation guide for SEP and have read tech-notes for Desktop Recovery 2011. Our team have planned to deploy this as follows : 1 x dedicated SQL 2008R2 for Symantec Endpoint Protection (Instead of using the Embedded Database) 1 x Dedicated SQL 2008R2 for Symantec Desktop Recovery 2011 (Instead of using the Embedded Database) 1 x Dedicated W2K8 R2 Box for the SEPM (Symantec Endpoint Protection Manager - Mgmt. APP) 1 x Dedicated W2K8 R2 Box for the Symantec Desktop Recovery 2011 Management Application Agent Deployment : As per Symantec Documentation for both of the above, an agent can be pushed via the Mgmt. Application (provided no firewalls are blocking ports required etc. - we have Windows firewall disabled already). Server Hardware : Per SQL Server : 16GB RAM + SAS DISKS + Dual XEON, RAID-10 for the SQL DB or I can always mount a LUN from our existing Hitachi or EMC SAN. SEPM Server : 16GB RAM + SAS DISKS + DUAL XEON System Recovery MGMT SERVER : 16GB RAM + SAS DISKS + DUAL XEON Above is the initial plan we have for 3000 - 4000 client workstation (Windows) Now my Questions :-) a) If we had these users distributed amongst two sites with AD DC / GC in each site, How would I restrict SEPM and Desktop Mgmt. solution to only check for users in their respective site ? b) At present all users are under one building but we are going to move some dept. to a new location (with dedicated connectivity), How would we control which SEPM / MGMT Server is responsible for which site ? c) We have netbackup in our environment backing up other servers, I am planning to protect these 4 (2 x SQL, 1 x SEPM, 1 x System Recovery Mgmt. Server) via netbackup or I can use System recovery 2011 server edition on all 4 of these boxes as well. (License is not an issue as we have the complete symantec portfolio included in our license). d) Now - Saving Desktop backups - What strategies have you implemented ? Any best practice recommendation for a large user base ? I was thinking to either mount a LUN from our Hitachi SAN on the Symantec Recovery Server itself or backup to the users hard drive locally and then copy it over to a network location ? Suggestions welcome :-) If you have anything to add / correct - that will be really helpful before diving into the actual implementation phase. Will be most grateful with your suggestions, recommendations and corrections with above - Many Thanks !

    Read the article

  • Error setting up Data Protection Manager 2010 Agents / Network "Unauthenticated" in network settings

    - by Bowsa
    I'm not sure if the two are connected but i suspect they are. Basically I'm tring to setup Data Protection Manager 2010 on a fresh install of Server 2008 R2 in a SBS 2003 domain. Everything went fine until trying to install agents across the network. Upon clicking add, i get the following error message: Unable to connect to the Active Directory Domain Services Database. Make sure that the DPM server is a member of a domain and that the controller is running. Also verify that there is network connectivity between the DPM server and the domain controller. ID: 7 As usual (worryingly) the MSDN support for 2010 products is nearly non existant, clicking the error ID simply gives a page not found error. So after 2 days of Googling and trying various fixes (DNS settings, adding permissions to AD objects, rejoining the domain and many more) I thought I'd ask here in the hope that someone out there may have had this issue before. Any help greatly appreciated! Some further info: Firewalls are disabled on the Server 2008, SBS, and client machines. Manually installing and adding the client in also fails, as the DPM server tries to contact the DC first. Edit: I tried creating a new protection group instead, and it gives a different error upon adding the machines: Following machines are not found in AD: COMPUTERNAME.COMPANYNAME.LOCAL Is there a certain directory structure it follows in AD?

    Read the article

  • django-uni-form helpers and CSRF tags over POST

    - by linked
    Hi, I'm using django-uni-forms to display my fields, with a rather rudimentary example straight out of their book. When I render the form fields using <form>{%csrf_tag%} {%form|as_uni_form%}</form>, everything works as expected. However, django-uni-form Helpers allow you to generate the form tag (and other helper-related content) using the following syntax -- {% with form.helper as helper %}{% uni_form form helper%}{%endwith%} -- This creates the <form> tag for me, so there's nowhere to embed my own CSRF_token. When I try to use this syntax, the form renders perfectly, but without a CSRF token, and so submitting the form fails every time. Does anyone have experience with this? Is there an established way to add the token? I much prefer the second syntax, for re-use reasons. Thanks!

    Read the article

  • IE9 GPO Setting "Configure Tracking Protection Lists"

    - by Daniel B
    I've just installed IE9 on my workstations and Server in our network. According to technet article http://technet.microsoft.com/en-us/library/gg699401.aspx There is a GPO setting for IE9 called "Configure Tracking Protection Lists" located at Windows Components\Internet Explorer\Privacy in the admistrative templates. I can find all the other IE9 settings in the GPO, but I cannot find this one. Does anyone know if there is an updated template, or if this setting was removed from the RC version of IE9? Thanks, Daniel

    Read the article

  • Emacs protection against simultaneous editing by same user

    - by Peter Eisentraut
    Emacs has elaborate protection against simultaneous editing by two different users. If there a way to have that same facility for protecting against simultaneous editing by the same user? With lots of windows and workspaces open, it's easy to reopen a file that you already have open somewhere else. But because it does not detect a lock conflict when you open the file, you will only learn about the collision when you save.

    Read the article

  • lenovo thinkpad sl500 fn keys & hdd protection on ubuntu

    - by Infestor
    (i use ubuntu 10.04 64bit) i cant get most of my fn keys to work in this laptop. i especially need fn+f8, which switches between trackpoint & touchpad. what i tried: sudo nano /etc/modules (added lenovo-sl-laptop to the file) then: sudo modprobe lenovo-sl-laptop this failed: FATAL: Module lenovo_sl_laptop not found. as for the hdapsd i dont have it installed, since i dont know how to configure it (i guess it helps hdd protection).

    Read the article

  • Trouble in Nginx hotlink protection

    - by Ayaz Malik
    I am trying to implement image hotlink protection problem in nginx and I need help. I have a huge issue of my site's images being submitted to social networks like StumbleUpon with a direct link like http://example.com/xxxxx.jpg Which sometimes gets huge traffic and increases CPU usage and bandwidth usage. I want to block direct access to my images from other referrers and protect them from being hotlinked. Here is the code from my vhost.conf server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } For hotlink protection I added this code location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } This is the current nginx code for this domain, but it didn't work: server { access_log off; error_log logs/vhost-error_log warn; listen 80; server_name mydomain.com www.mydomain.com; # uncomment location below to make nginx serve static files instead of Apache # NOTE this will cause issues with bandwidth accounting as files wont be logged location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ { root /home/username/public_html; expires 1d; } root /home/mydomain/public_html; } location ~* (\.jpg|\.png|\.gif|\.jpeg)$ { valid_referers blocked www.mydomain.com mydomain.com; if ($invalid_referer) { return 403; } location / { client_max_body_size 10m; client_body_buffer_size 128k; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; # you can increase proxy_buffers here to suppress "an upstream response # is buffered to a temporary file" warning proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_connect_timeout 30s; proxy_redirect http://www.mydomain.com:81 http://www.mydomain.com; proxy_redirect http://mydomain.com:81 http://mydomain.com; proxy_pass http://ip_address/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; expires 24h; } } How can I fix this?

    Read the article

  • Standard Protection:Prevent IRC communication

    - by awe
    I have McAffee virusscan on my work computer, and every time I start up, I get 2 log entries like this: Blocked by port blocking rule C:\Program Files\Skype\Phone\Skype.exe Anti-virus Standard Protection:Prevent IRC communication The difference between the two, is that at the end there are 2 different IP addresses (which I don't recognise as belongs to us) with port :6667 on one and :6669 on the other. Although this is logged, Skype seems to work as expected; including talking, chatting and screen sharing (new feature in Skype 4.1). Anyone knows anything about what this is? EDIT: I also have a Skype certified plugin in Skype called Cucku Backup. I did not find anything in the documentation that Cucku is trying to access these ports through Skype, but it could be...? EDIT2: I did a search on the IP addresses in question on www.webyield.net, and resulted in the following: IP 71.251.72.173 (this one used port :6667): Host name: pool-71-251-72-173.tampfl.fios.verizon.net IP 79.87.54.165 (this one used port :6669): Host name: 165.54.87-79.rev.gaoland.net

    Read the article

  • SD cards and CPRM protection

    - by Francesco Turco
    Before buying an SD memory card, I'd like to know something more about the CPRM protection, in particular: Does CPRM influence the way I am supposed to access my own data? That is, does CPRM encrypt it? Could CPRM prevent me from accessing my own data? Is it possible to disable or eliminate CPRM from either the memory card or the card reader? Are there manufacturers selling CPRM-free SD memory cards? Is there any real alternative to CPRM-protected SD memory cards beside USB flash drives? Is Linux support for SD cards good? Thanks.

    Read the article

  • Memory Pressure Protection Feature for TCP Stack - Provided by Microsoft Security Update KB967723

    - by Angry_IT_Guru
    We've been having a lot of funky issues with some of our web based applications that allow clients to submit lot of image files to our servers. Lots of ports are used in the process. http://www.microsoft.com/technet/security/bulletin/MS09-048.mspx - released in Sept-2009. support.microsoft.com/kb/974288 - Memory Pressure Protection description. Evidently, after applying KB967723, our clients receive funky error messages as if connections cannot be made to the server or connections have been closed. There doesn't appear to be a pattern and sometimes it works and other times is doesn't. Typically we've noticed it when server is under load. I'm curious what others think about this MPP and any issues that you may have experienced from it. I understand its purpose, but I think it may have broken a lot of apps in the process. It doesn't look like Microsoft made this "feature" public to everyone.

    Read the article

  • How to remove password protection from compressed files

    - by Mehper C. Palavuzlar
    This has always been a problem for me for a long time. Let's see if any SuperUser can solve this: I have a directory in which there are lots of password protected .RAR files of which I know the passwords. I want to remove the password protection from all of them without extracting the contents. Since each file is larger than 1 GB, decompressing & then recompressing without password encryption is not a good option for me. How can I easily do that? I'm using WinRAR 3.80 on Win7. Any other 3rd party tools are welcomed.

    Read the article

  • Would Microsoft Security Essentials be adequate protection?

    - by Xavierjazz
    Is Microsoft Security Essentials (MSE) adequate protection for my computer? What is the experience with this product? EDIT. On 2009-10-31 I found out about a comparison of AV Suites. MSE did VERY well. EDIT: One that I found interesting was "Raven", who mentioned that AV software has to hook deeply into the OS, and who better to design this than the designer of the OS. EDIT: My personal experience is that I like it, but I also use Malwarebytes and Superantispyware. Each of them sometimes come up with one the others missed or ignored.

    Read the article

  • Windows XP - removing write protection for usb drives

    - by Arnold
    I have a laptop who used to belong to my company and when I plug in a usb memory drive, I cannot write any files to it. This is because company policy did not allow writing to usb drives without a special authorization (to prevent theft of files). However the laptop is now mine, and I was given the administrator password, so I am guessing that as administrator I can remove this protection somehow. How can I do this? Currently if I try to copy a file to the drive, Windows simply tells me that the drive is write-protected, whatever usb drive I plug in. Maybe it is some registry setting? Thank you.

    Read the article

  • Error setting up Data Protection Manager 2010 Agents / Network "Unauthenticated" in network settings

    - by Bowsa
    I'm not sure if the two are connected but i suspect they are. Basically I'm tring to setup Data Protection Manager 2010 on a fresh install of Server 2008 R2 in a SBS 2003 domain. Everything went fine until trying to install agents across the network. Upon clicking add, i get the following error message: Unable to connect to the Active Directory Domain Services Database. Make sure that the DPM server is a member of a domain and that the controller is running. Also verify that there is network connectivity between the DPM server and the domain controller. ID: 7 As usual (worryingly) the MSDN support for 2010 products is nearly non existant, clicking the error ID simply gives a page not found error. So after 2 days of Googling and trying various fixes (DNS settings, adding permissions to GPO objects, rejoining the domain and many more) I thought I'd ask here in the hope that someone out there may have had this issue before. Any help greatly appreciated!

    Read the article

  • Setup Apache Password Protection

    - by Jiew Meng
    I have some difficulties setting up password protection in Apache In .htaccess, I have AuthUserFile /var/www/vhosts/domain.net/httpdocs/.htpasswd AuthGroupFile /dev/null AuthName "Test Server" AuthType Basic require user testuser Then in .htpasswd, I have something like testuser:encrypted password The problem now is I forgot what .htpasswd generator I used. When I try to add a new user and password, it doesn't work. eg. when I put require user newuser it fails always (prompt keeps reappearing). Then when I revert to testuser it works How can I setup such that I have 1 or some "admins" that can access everything and viewers that can view only specific folders ... eg / - only admins /folder1 - only admins or folder1's users /folder2 - only admins or folder2's users Also what do I do to not allow showing of directory listing

    Read the article

  • HAProxy overload protection

    - by user2050516
    using the HAProxy, would it be possible to configure an overload protection, to limit the amount of requests sent to the backing http server(s) to a given rate (z.B 100 Request per second ). If the threshold is exceeded requests should be answered with a default response. I am interested in requests per second not connections per second as a connection can have many requests. And yes to improve the servers is not an option here. If yes a configuration example to achieve that would be excellent. Thank you in advance.

    Read the article

  • Le W3C publie la proposition du standard "Do Not Track", et pose les fondements de la protection anti-traçage publicitaire

    Le W3C publie la proposition du standard "Do Not Track" Et pose dans deux brouillons les fondements de la protection anti-traçage publicitaire Mise à jour du 15 novembre 2011 par Idelways Les premiers objectifs sont atteints par le groupe de travail « Tracking Protection » du W3C, dédié à la standardisation d'une solution de protection antitraçage publicitaire. Créé à l'initiative « Do Not Track » de Microsoft et Mozilla, le groupe du consortium mondial vient de publier deux brouillons de spécifications que les éditeurs de navigateurs et créateurs de sites devront implémenter à terme pour rendre l'utili...

    Read the article

  • Overload Protection

    - by Tyron
    Is there a simple way how I could redirect a visitor (via .htaccess or PHP script) to a static page when the server is overloaded from too many requests? It doesn't have to be a protection against huge amounts of requests at once or protect against DoS Attacks. I think our server would be protected enough if we could prevent the standard website to be shown and instead show a single file "overloaded.html". Also how could I get a measure for a server being overloaded on a typical managed server (= non root access to a Linux server) environment?

    Read the article

  • DPM - Monitoring is green, Protection has error and Latest rec point is old. How do I interpret that?

    - by LosManos
    How do I read the DPM info in this case? Monitoring says Failed but Protection shows Ok while having a Latest recovery point from last year. Under Monitoring tab I have Failed for Source | Computer | Protection group | Start time Computer\System Protection | MyServerName | Recovery point | 2014-06-09 19:00:00 which shows me that something happened last night. But under Protection tab everything is green. Here I have Protection group member | | Protection status Protection group ..name.. Computer: MyServerName Computer\System protection Bare metal recovery OK ... Latest recovery point: 2013-12-12 06:32:54 My guess is that backup failed last night once, but succeeded later. It then found out that there hasn't been any change since sometime last year and leave it be and flags Ok.

    Read the article

  • Should I upgrade to Symantec Endpoint Protection? [closed]

    - by Alex C.
    I'm the IT manager at an animal shelter in Upstate New York. We have a Windows network with about 50 desktops running Windows XP Pro. We used to use CA eTrust Antivirus, but that product didn't work too well (too many infections got through). About six months ago, we switched to using Symantec Antivirus Corporate Edition ver. 10.1.8.8000. If anything, the Symantec product is even worse. The last six weeks in particular have been very bad -- we've had about seven or eight PCs get hit with those malware infections that masquerade as antivirus software. In most of those cases, Symantec didn't even flag the malware at all. So... what gives with the Symantec Antivirus? As far as I can tell, it's installed correctly and downloading updated definitions nightly. I can upgrade to Symantec Endpoint Protection for $220 (we get non-profit pricing), but I don't want to do it if it's not going to be significantly better. Any advice? Should I switch to something else entirely? Thanks!

    Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >