Search Results

Search found 3567 results on 143 pages for 'instructions'.

Page 52/143 | < Previous Page | 48 49 50 51 52 53 54 55 56 57 58 59  | Next Page >

  • Not attending the LUGM mini-meetup - 05. Oct 2013

    Not attending a meeting of the LUGM can be fun, too. It's getting a bit of a habit that Ish is organising small gatherings, aka mini-meetups, of the Linux User Group Mauritius/Meta (LUGM) almost every Saturday. There they mainly discuss and talk about various elements of using Linux as ones main operating systems and the possibilities you are going to have. On top of course, some tips & tricks about mastering the command line and initial steps in scripting or even writing HTML. In general, sounds like a good portion of fun and great spirit of community. Unfortunately, I'm usually quite busy with private and family matters during the weekend and so I already signalised that I wouldn't be around. Well, at least not physically... But this Saturday a couple of things worked out faster than expected and so I was hanging out on my machine. I made virtual contact with one of Pawan's messages over on Facebook... And somehow that kicked off some kind of an online game fun on basic configuration of Apache HTTPd 2.2.x, PHP 5.x and how to improve the overall performance of a newly installed blog based on WordPress. Default configuration files Nitin's website finally came alive and despite the dark theme and the hidden Apple 'fanboy' advertisement I was more interested in the technical situation. As with any new installation there is usually quite some adjustment to be done. And Nitin's page was no exception. Unfortunately, out of the box installations of Apache httpd and PHP are too verbose and expose too much information under the hood. You might think that this isn't really a problem at all, well, think about it again after completely reading this article. First, I checked the HTTP response headers - using either Chrome Developer Tools or Firefox Web Developer extension - of Nitin's page and based on that I advised him to lower the noise levels a little bit. It's not really necessary that detailed information about web server software and scripting language has to be published in every response made. Quite a number of script kiddies and exploits actually check for version specifics prior to an attack. So, removing at least version details hardens the system a little bit. In particular, I'm talking about these response values: Server X-Powered-By How to achieve that? By tweaking the configuration files... Namely, we are going to look into the following ones: apache2.conf httpd.conf .htaccess php.ini The above list contains some additional files, I'm talking about in the next paragraphs. Anyway, those are the ones involved. Tweaking Apache Open your favourite text editor and start to modify the apache2.conf. Eventually, you might like to have a quick peak at the file to see whether it is necessary to adjust it or not. Following is a handy combination of commands to get an overview of your active directives: # sudo grep -v '#' /etc/apache2/apache2.conf | grep -v '^$' | less There you keep an eye on those two Apache directives: ServerSignature Off ServerTokens Prod If that's not the case, change them as highlighted above. In order to activate your modifications you have to restart Apache httpd server. On Debian and Ubuntu you might use apache2ctl for that, on other distributions you might have to use service or run the init-scripts again: # sudo apache2ctl configtestSyntax OK# sudo apache2ctl restart Refresh your website and check the HTTP response header. Tweaking PHP5 (a little bit) Next, check your php.ini file with the following statement: # sudo grep -v ';' /etc/php5/apache2/php.ini | grep -v '^$' | less And check the value of expose_php = Off Again, if it's not as highlighted, change it... Some more Apache love Okay, back to Apache it might also be interesting to improve the situation about browser caching and removing more obsolete information. When you run your website against the usual performance checks like Google Page Speed and Yahoo YSlow you might see those check points with bad grades on a standard, default configuration. Well, this can be done easily. Configure entity tags (ETags) ETags are only interesting when you run your websites on a farm of multiple web servers. Removing this data for your static resources is very simple in Apache. As we are going to deal with the HTTP response header information you have to ensure that Apache is capable to manipulate them. First, check your enabled modules: # sudo ls -al /etc/apache2/mods-enabled/ | grep headers And in case that the 'headers' module is not listed, you have to enable it from the available ones: # sudo a2enmod headers Second, check your httpd.conf file (in case it exists): # sudo grep -v '#' /etc/apache2/httpd.conf | grep -v '^$' | less In newer (better said fresh) installations you might have to create a new configuration file below your conf.d folder with your favourite text editor like so: # sudo nano /etc/apache2/conf.d/headers.conf Then, in order to tweak your HTTP responses either check for those lines or add them: Header unset ETagFileETag None In case that your file doesn't exist or those lines are missing, feel free to create/add them. Afterwards, check your Apache configuration syntax and restart your running instances as already shown above: # sudo apache2ctl configtestSyntax OK# sudo apache2ctl restart Add Expires headers To improve the loading performance of your website, you should take some care into the proper configuration of how to leverage the browser's ability to cache certain resources and files. This is done by adding an Expires: value to the HTTP response header. Generally speaking it is advised that you specify a near-future, read: 1 week or a little bit more, for your static content like JavaScript files or Cascading Style Sheets. One solution to adjust this is to put some instructions into the .htaccess file in the root folder of your web site. Of course, this could also be placed into a more generic location of your Apache installation but honestly, I'd like to keep this at the web site level. Following some adjustments I'm currently using on this blog site: # Turn on Expires and set default to 0ExpiresActive OnExpiresDefault A0 # Set up caching on media files for 1 year (forever?)<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">ExpiresDefault A29030400Header append Cache-Control "public"</FilesMatch> # Set up caching on media files for 1 week<FilesMatch "\.(js|css)$">ExpiresDefault A604800Header append Cache-Control "public"</FilesMatch> # Set up caching on media files for 31 days<FilesMatch "\.(gif|jpg|jpeg|png|swf)$">ExpiresDefault A2678400Header append Cache-Control "public"</FilesMatch> As we are editing the .htaccess files, it is not necessary to restart Apache. In case that your web site doesn't load anymore or you're experiencing an error while trying to restart your httpd, check that the 'expires' module is actually an enabled module: # ls -al /etc/apache2/mods-enabled/ | grep expires# sudo a2enmod expires Of course, the instructions above a re not feature complete but I hope that they might provide a better default configuration for your LAMP stack. Resume of the day Within a couple of hours, and while being occupied with an eLearning course on SQL Server 2012, I had some good fun in helping and assisting other LUGM members while they were some kilometers away at Bagatelle. According to other blog articles it seems that Nitin had quite some moments of desperation. Just for the records: At no time it was my intention to either kick his butt or pull a leg on him. Simply, providing some input based on the lessons I've learned over the last couple of years configuring Apache HTTPd and PHP. Check out the other blogs, too: LUGM mini-meetup... Epic! Superb Saturday Linux Meetup And last but not least, the man himself: The end of a new beginning Cheers, and happy community'ing! Updates Due to our weekly Code & Coffee sessions in the MSCC community, I had a chance to talk to Nitin directly and he showed me the problems directly on his machine. This led to update this article hence the paragraphs on enabling the modules 'headers' and 'expires'.

    Read the article

  • Solaris 11 SRU / Update relationship explained, and blackout period on delivery of new bug fixes eliminated

    - by user12244672
    Relationship between SRUs and Update releases As you may know, Support Repository Updates (SRUs) for Oracle Solaris 11 are released monthly and are available to customers with an appropriate support contract.  SRUs primarily deliver bug fixes.  They may also deliver low risk feature enhancements. Solaris Update are typically released once or twice a year, containing support for new hardware, new software feature enhancements, and all bug fixes available at the time the Update content was finalized.  They also contain a significant number of new bug fixes, for issues found internally in Oracle and complex customer bug fixes which  require significant "soak" time to ensure their efficacy prior to release. Changes to SRU and Update Naming Conventions We're changing the naming convention of Update releases from a date based format such as Oracle Solaris 10 8/11 to a simpler "dot" version numbering, e.g. Oracle Solaris 11.1. Oracle Solaris 11 11/11 (i.e. the initial Oracle Solaris 11 release) may be referred to as 11.0. SRUs will simply be named as "dot.dot" releases, e.g. Oracle Solaris 11.1.1, for SRU1 after Oracle Solaris 11.1. Many Oracle products and infrastructure tools such as BugDB and MOS are tailored towards this "dot.dot" style of release naming, so these name changes align Oracle Solaris with these conventions. No Blackout Periods on Bug Fix Releases The Oracle Solaris 11 release process has been enhanced to eliminate blackout periods on the delivery of new bug fixes to customers. Previously, Oracle Solaris Updates were a superset of all preceding bug fix deliveries.  This made for a very simple update message - that which releases later is always a superset of that which was delivered previously. However, it had a downside.  Once the contents of an Update release were frozen prior to release, the release of new bug fixes for customer issues was also frozen to maintain the Update's superset relationship. Since the amount of change allowed into the final internal builds of an Update release is reduced to mitigate risk, this throttling back also impacted the release of new bug fixes to customers. This meant that there was effectively a 6 to 9 week hiatus on the release of new bug fixes prior to the release of each Update.  That wasn't good for customers awaiting critical bug fixes. We've eliminated this hiatus on the delivery of new bug fixes in Oracle Solaris 11 by allowing new bug fixes to continue to be released in SRUs even after the contents of the next Update release have been frozen. The release of SRUs will remain contiguous, with the first SRU released after the Update release effectively being a superset of both the the Update release and all preceding SRUs*.  That is, later SRUs are supersets of the content of previous SRUs. Therefore, the progression path from the final SRUs prior to the Update release is to the first SRU after the Update release, rather than to the Update release itself. The timeline / logical sequence of releases can be shown as follows: Updates: 11.0                                                11.1                               11.2     etc.                  \                                                         \                                    \ SRUs:       11.0.1, 11.0.2,...,11.0.12, 11.0.13, 11.1.1, 11.1.2,...,11.1.x, 11.2.1, etc. For example, for systems with Oracle Solaris 11 11/11 SRU12.4 or later installed, the recommended update path is to Oracle Solaris 11.1.1 (i.e. SRU1 after Solaris 11.1) or later rather than to the Solaris 11.1 release itself.  This will ensure no bug fixes are "lost" during the update. If for any reason you do wish to update from SRU12.4 or later to the 11.1 release itself - for example to update a test system - the instructions to do so are in the SRU12.4 README, https://updates.oracle.com/Orion/Services/download?type=readme&aru=15564533 For systems with Oracle Solaris 11 11/11 SRU11.4 or earlier installed, customers can update to either the 11.1 release or any 11.1 SRU as both will be supersets of their current version. Please do read the README of the SRU you are updating to, as it will contain important installation instructions which will save you time and effort. *Nerdy details: SRUs only contain the latest change delta relative to the Update on which they are based.  Their dependencies will, however, effectively pull in the Update content.  Customers maintaining a local Repo (e.g. behind their firewall), need to add both the 11.1 content and the relevant SRU content to their Repo, to enable the SRU's dependencies to be resolved.  Both will be available from the standard Support Repo and from MOS.  This is no different to existing SRUs for Oracle Solaris 11.0, whereby you may often get away with using just the SRU content to update, but the original 11.0 content may be needed in the Repo to resolve dependencies.

    Read the article

  • Install server 2012 on HP ML110 G7 with B110i controller, no disks found

    - by Molotch
    I'm trying to install Server 2012 on a HP ML110 G7 with a B110i controller and four non hot-swappable SATA drives. I just can't get the Server 2012 boot disk PE environment to find any disks. I have downloaded the latest SPP (Service Pack for Proliant 2012.10) and flashed the BIOS. I have tried two different HP drivers for B110i and Windows X64, 6.18.0.64 and 6.18.2.64 to no avail. I have tried setting the controller to both AHCI and legacy mode in the BIOS, no difference. HP:s SmartStart disc for G7 servers only support installation of up to Windows Server 2008R2. HP:s installation instructions for Server 2012 Essentials says boot from the windows disk and use the storage drivers found on the SPP (I can't find any storage drivers on the SPP disk).

    Read the article

  • WCF GZip Compression Request/Response Processing

    - by IanT8
    How do I get a WCF client to process server responses which have been GZipped or Deflated by IIS? On IIS, I've followed the instructions here on how to make IIS 6 gzip all responses (where the request contained "Accept-Encoding: gzip, deflate") emitted by .svc wcf services. On the client, I've followed the instructions here and here on how to inject this header into the web request: "Accept-Encoding: gzip, deflate". Fiddler2 shows the response is binary and not plain old Xml. The client crashes with an exception which basically says there's no Xml header, which ofcourse is true. In my IClientMessageInspector, the app crashes before AfterReceiveReply is called. Some further notes: (1) I can't change the WCF service or client as they are supplied by a 3rd party. I can however attach behaviors and/or message inspectors via configuration if this is the right direction to take. (2) I don't want to compress/uncompress just the soap body, but the entire message. Any ideas/solutions? * SOLVED * It was not possible to write a WCF extension to achieve these goals. Instead I followed this CodeProject article which advocate a helper class: public class CompressibleHttpRequestCreator : IWebRequestCreate { public CompressibleHttpRequestCreator() { } WebRequest IWebRequestCreate.Create(Uri uri) { HttpWebRequest httpWebRequest = Activator.CreateInstance(typeof(HttpWebRequest), BindingFlags.CreateInstance | BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance, null, new object[] { uri, null }, null) as HttpWebRequest; if (httpWebRequest == null) { return null; } httpWebRequest.AutomaticDecompression =DecompressionMethods.GZip | DecompressionMethods.Deflate; return httpWebRequest; } } and also, an addition to the application configuration file: <configuration> <system.net> <webRequestModules> <remove prefix="http:"/> <add prefix="http:" type="Pajocomo.Net.CompressibleHttpRequestCreator, Pajocomo" /> </webRequestModules> </system.net> </configuration> What seems to be happening is that WCF eventually asks some factory or other deep down in system.net to provide an HttpWebRequest instance, and we provide the helper that will be asked to create the required instance. In the WCF client configuration file, a simple basicHttpBinding is all that is required, without the need for any custom extensions. When the application runs, the client Http request contains the header "Accept-Encoding: gzip, deflate", the server returns a gzipped web response, and the client transparently decompresses the http response before handing it over to WCF. When I tried to apply this technique to Web Services I found that it did NOT work. Although the helper class was executed in the same was as when used by the WCF client, the http request did not contain the "Accept-Encoding: ..." header. To make this work for Web Services, I had to edit the Web Proxy class, and add this method: protected override System.Net.WebRequest GetWebRequest(Uri uri) { System.Net.HttpWebRequest rq = (System.Net.HttpWebRequest)base.GetWebRequest(uri); rq.AutomaticDecompression = DecompressionMethods.GZip | DecompressionMethods.Deflate; return rq; } Note that it did not matter whether the CompressibleHttpRequestCreator and block from the application config file were present or not. For web services, only overriding GetWebRequest in the Web Service Proxy worked.

    Read the article

  • Installing SSL Certificate for use in IIS7, installation "works", but cert listing disappears

    - by Matt
    Windows Server 2008 R2, IIS7. We have an SSL cert from Go Daddy. It's a wildcard cert, so it will work across subdomains (e.g. *.domain.com). I followed the instructions located at http://help.godaddy.com/topic/742/article/4801 for installing the certificate. I get to the IIS step, where I: Click on "Security Certificates" feature when the server is selected in the left pane Click on "Complete Certificate Request" Navigate to the .crt file on the file system Give it a "friendly" name, click finish The cert gets listed on the main pane now of this "Server Certificates" panel. But, if I refresh the page, or navigate away and come back, it's gone. And the cert is not listed as a viable binding when trying to bind a site to https. This seems like a pretty straight forward process, but clearly I'm missing something here. Any ideas?

    Read the article

  • Trouble upgrading OSX, because HD doesn't use GUID Partition Table Scheme

    - by Erik Vold
    So I have a intel-based macbook with osx 10.5 and I'm trying to upgrade to 10.6, but when I run the upgrade 'install' I quickly get to a page where I am supposed to 'Select the disk where you want to install Mac OS X' and there is only the one hard drive, so it is auto selected, and below that I see a warning message and the only button available is the 'Go Back' button. The warning message says: "Macintosh HD" can't be used because it doesn't use the GUID Partition Table scheme. Use Disk Utility to change the partition scheme. Select the disk, choose the Partition tab, select the Volume Scheme and then click Options. So I followed the above instructions, and I got to the last step, where I'm supposed to click the 'Options' button, the problem is that I cannot click that button, it is disabled.. So what am I supposed to do?

    Read the article

  • Resolving “ssl handshake failure” error in PostgresQL

    - by Mitch
    I would like to connect to my Postgres 8.3 database using SSL from my XP client using OpenSSL. This works fine without SSL. When I try it with SSL (no client certificate), I get the error: error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure I have followed the instructions in the Postgres manual for SSL including creating a self-signed certificate. In my pg_hba.conf there is a line: host dbname loginname 123.45.67.89/32 md5 The version of OpenSSL on the server is 0.9.8g and on the client is 0.9.8j. I'd appreciate any suggestions for tracking down the problem. Edit: The uncommented lines from postgresql.conf are: data_directory = '/var/ebs0/postgres/main' hba_file = '/etc/postgresql/8.3/main/pg_hba.conf' ident_file = '/etc/postgresql/8.3/main/pg_ident.conf' external_pid_file = '/var/run/postgresql/8.3-main.pid' listen_addresses = '*' port = 5432 max_connections = 100 unix_socket_directory = '/var/run/postgresql' ssl = true shared_buffers = 24MB

    Read the article

  • Windows 7, IIS 7.5, Selfssl

    - by Steve
    The windows iis6 resource kit won't install on Windows 7 (Home Premium) so I copied it from another machine and selfssl.exe is giving me: Failed to generate the cryptographic key: 0x5 I tried the instructions here but am still getting the above error. I'm trying to set the common name of the certificate to a name other than the machine name so I can avoid the certificate errors in the browser. This is a test web application. I know I can just test with the browser errors, but I'd like to mimic real world conditions as much as possible. Is there any other way to generate your own ssl certificates for iis7.5?

    Read the article

  • Can the Dell PowerEdge T320 boot from a USB stick in hard drive emulation mode?

    - by Icydog
    I am trying to install FreeNAS on a Dell PowerEdge T320. I've followed the instructions here (http://doc.freenas.org/index.php/Burning_an_IMG_File) to write the .img file to four different USB sticks with dd if=FreeNAS-9.2.1.5-RELEASE-x64.img of=/dev/sde, but I can't boot off of any of them. When I try to boot, I get the following screen: F1 FreeBSD F2 FreeBSD F3 Drive 0 Then it auto-selects F1 and either prints # about once a second forever, or it sits with a blinking cursor doing nothing. Forum posts and the wiki page linked above say to set the USB boot emulation mode to hard disk (as opposed to auto or CD/DVD/floppy), and older Dell PowerEdge models including the T310 have this option in the BIOS settings, but I cannot find it on the T320 with the latest BIOS 2.1.2. I have even tried writing the USB image to a USB hard disk, but with the same lack of success. Has anyone been able to find this USB boot setting on a T320, or been able to boot FreeNAS/FreeBSD from USB in some other way on a T320?

    Read the article

  • Motorola NVG510 bridge mode

    - by Blacklight Shining
    I have a Motorola NVG510 modem from AT&T, and I would like to disable all routing functions and use it as just a modem. I have a Time Capsule that's already connected and broadcasting its own wireless network, which is how I've been connecting (it's been reporting a double-NAT error, which I assume is from the NVG510 also acting as a router). I followed the instructions in question six here, and I can connect as I did before, but my Time Capsule still has a double-NAT error. How do I put the NVG510 into bridge mode or otherwise fix the double-NAT error? (No, ignoring it does not count as a fix.)

    Read the article

  • Trying to make a custom Arch-based Linux distro with larch

    - by strangeronyourtrain
    I'm all set up with a spiffy Arch installation in a virtual machine, and now I want to turn it into a live ISO. When I heard about larch, I thought it would be the perfect tool to turn my existing installation into something I could distribute. However, I can't get larch to install properly. I followed the installation instructions on the website, which said to download and run the larch-setup script. When I run it, though, it installs the larch profiles and libraries but doesn't install the executable programs. Here's a screenshot of the errors I get when larch-setup tries to install the executables. I'd greatly appreciate any clues to what is going wrong here, or suggestions for alternative ways to turn my customized Arch installation into an ISO! Thanks!

    Read the article

  • Mono fast cgi not working on nginx

    - by Luka Horvatic
    I installed mono fast cgi for nginx following instructions on: http://www.mono-project.com/FastCGI_Nginx but when i try to load test aspx file i getting 502 error gateway,and following error in error log: 2011/11/28 18:49:51 [error] 5376#0: *6 upstream sent unexpected FastCGI record: 3 while reading response header from upstream, client: ipadress, server: ipadress, request: "GET /default.aspx HTTP/1.1", upstream: "fastcgi://127.0.0.1:9999", host: "ipadress" I tried different things to change but always same result,except maybe sometime in error log is number 1 or 3 instead 6.Nginx ver is 1.03 64 bit,mono and xsp latest versions. Any idea what could be wrong?

    Read the article

  • Register a dll in Windows Server 2003

    - by Karee
    I'm trying to register some DLLs for a particular application but having some problems. The DLLs are stored in the application folder in the D: drive. I run cmd.exe, go to the D: drive and run regsvr32, but it gives me the error: "The was loaded, but the DllRegisterServer entry point was not found. This file cannot be registered." After searching for other solutions, I also tried copying the DLLs into the C:\WINDOWS\system32 folder and running regsvr32 directly there but that didn't work either. It gave me the same error. I'm not very familiar with Windows Administration, so I may need detailed instructions/explanations. Any help would be greatly appreciated! Thank you very much!

    Read the article

  • Can we configure windows 2008 DHCP server to not ignore the broadcast falg of DHCP requests?

    - by Mathieu Pagé
    We have a Cisco WAP4410N access point that does not relay broadcast packets from the wired network to the wireless clients when the network is secured by WPA2. This cause problem with Windows server's DHCP server that respond to DHCP request by broadcasting it's OFFER instead of Unicasting it like it's asked by Windows (and Android and iOS) clients. When we had a Windows 2003 server we configured the server not to ignore the broadcast flag (following these instructions) and it solved the problem. Now we upgraded our servers to Windows 2008 servers and the problem is back. Unfortunately, it seems Windows server 2008 ignore the IgnoreBroadcastFlag parameter. Is there any other way to make sure that Windows Server 2008 respond to DHCP requests using Unicast instead of broadcast? mp

    Read the article

  • Windows update error: Code 80072F8F (possibly datetime-not-correct, but it is)

    - by Andrew
    I have a Windows 2008 Server 64bit installation running as a virtual instance with a hosting provider. Windows Update has worked fine until IE8 (along with some other updates) managed to get installed (don't get me started). Now all of a sudden Windows Update fails to run and complains with error 80072F8F. UPDATE: I've since removed IE8 and am still having issues (tissues are on order) This apparently means that the time/timezone of the server is incorrect - which is not the case. I've synced the time with a time server and rebooted a number of times. I've followed the instructions here (http://support.microsoft.com/kb/929458) to no avail. Thanks! Andrew

    Read the article

  • Disassemble Asus A2500H

    - by Stijn Sanders
    I have an aged Asus A2500H notebook, with a broken screen and damage to the outside. Since it has a TV-out connection, and is working good otherwise, I have it hooked up to my television as a kind of media-center to play video over LAN. I want to remove the screen as cleanly as possible, but am having trouble opening up the laptop. I've been able to remove the (broken) hinges the screen pivots on. I've also removed any other screws I could spot, but still the casing doesn't come off and seems to be attached by yet more screws I can't access (yet). I've been searching the web for disassemble instructions, I've found some for a number of other brands and models, but not for the Asus A2500H.

    Read the article

  • How to change the firmware of my NETGEAR WGT624 v2 to DD-WRT

    - by Lirik
    In reference to my previous question: I can't find the appropriate firmware for my NETGEAR WGT624 v2 router. I went on the dd-wrt web site and I read the wiki, but I didn't see any files or instructions on how to change the firmware. The router database lists my router, but as I said: no files. In addition the "Supported" column lists "wip", what is wip? Router Database 4 routers found Manufacturer Model Revision Supported Activation required Netgear WGT624 v1 wip no Netgear WGT624 v2 wip no ... The only thing listed for my router on the dd-wrt web site is: Router details Chipset: AR2312A RAM: 16 MB FLASH: 4 MB Additional information * OpenWRT Wiki: Netgear WGT624 * Unbrick procedure Is the router supported? Can I change the firmware? If yes, then how can I change it?

    Read the article

  • How to run Firefox in Protected Mode? (i.e. at low integrity level)

    - by Ian Boyd
    i noticed that Firefox, unlike Chrome and Internet Explorer, doesn't run in the Low Mandatory Level (aka Protected Mode, Low Integrity) Google Chrome: Microsoft Internet Explorer: Mozilla Firefox: Following Microsoft's instructions, i can manually force Firefox into Low Integrity Mode by using: icacls firefox.exe /setintegritylevel Low But Firefox doesn't react well to not running with enough rights: i like the security of knowing that my browser is running with less rights than i have. Is there a way to run Firefox into low rights mode? Is Mozilla planning on adding "protected mode" sometime? Has someone found a workaround to Firefox not handling low rights mode? Update From a July 2007 interview with Mike Schroepfer, VP of Engineering at the Mozilla Foundation: ...we also believe in defense in depth and are investigating protected mode along with many other techniques to improve security for future releases. After a year and a half it doesn't seem like it is a priority.

    Read the article

  • Error: "failed to connect to wpa_supplicant - wpa_ctrl_open no such file or directory" using netcfg with wpa_supplicant

    - by user1576628
    I'm trying to set up netcfg so that I can finish installing Arch Linux (using the instructions from the Beginners' Guide and netcfg) and I passed over what was meant to be a short step. Open wifi-menu, select network, enter password. After multiple attempts, I decided to edit the profile manually, which yielded no improvement. Eventually I decided to use netfcg with the more familiar wpa_supplicant. My /etc/wpa_supplicant.conf file is as follows: network={ ssid="my_ssid" #psk="my_wireless_passcode" psk="my_wireless_passcode_hex" } (Replacing generic names with my actual ssid and psk.) And my /etc/network.d/wpa_suppl file reads: CONNECTION='wireless' DESCRIPTION='A wpa_supplicant configuration based wireless connection' INTERFACE='wlan0' SECURITY='wpa-config' WPA_CONF='/etc/wpa_supplicant.conf' IP='dhcp' My ssid is not hidden, wlan0 is the proper interface, and wpa_supplicant works fine on its own, but using netcfg wpa_suppl, it returns failed to connect to wpa_supplicant - wpa_ctrl_open no such file or directory about twelve times before finally telling me the authentication failed. What can I do to fix this?

    Read the article

  • Cisco ASA Hairpinning with Dynamic IP

    - by Joseph Sturtevant
    I currently have my Cisco ASA 5505 firewall configured to forward port 80 from the outside interface to a host on my dmz interface. I also need to allow clients on my inside interface to access the host in the dmz by entering the public ip / dns record in their browsers. I was able to do that by following the instructions here, resulting in the following configuration: static (dmz,outside) tcp interface www 192.168.1.5 www netmask 255.255.255.255 static (dmz,inside) tcp 74.125.45.100 www 192.168.1.5 www netmask 255.255.255.255 (Where 74.125.45.100 is my public IP and 192.168.1.5 is the IP of the dmz host) This works great except for the fact that my network has a dynamic public IP and this configuration will therefore break as soon as my public IP changes. Is there a way to do what I want with a dynamic ip? Note: Adding an internal DNS record won't solve my problem since I have multiple dmz hosts mapped to different ports on the public IP.

    Read the article

  • How to upgrade ClamAV on Ubuntu Hardy Heron 8.04 LTS?

    - by Jordan Lev
    I'm running a server on Ubuntu Hardy Heron 8.04 LTS, and when I installed ClamAV via aptitude, it installed version 0.94. That version has now been EOL'ed, but when I run "aptitude upgrade", it doesn't update ClamAV to the more recent version (0.96). I then followed these instructions on Installing ClamAV from the PPA, but when I did that, I get a message saying "The following packages have been kept back: ... clamav clamav-base clamav-daemon clamav-freshclam ..." Does anyone know how to get Ubuntu 8.04 to do this update via aptitude or apt-get (I'm hoping to avoid having to compile from source, etc.)?

    Read the article

  • Installing Xen 4.0.1 from Source on Ubuntu 10.10

    - by markus
    I'm trying to install Xen 4.0.1 from Source on Ubuntu 10.10 Server Edition. I started with a clean machine and followed the instructions from https://help.ubuntu.com/community/Xen. So I installed the packages mentioned there with: sudo apt-get install gettext bin86 bcc libc6-dev-i386 iasl texinfo git When making the source with make world I get this error: + git clone -o xen -n git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen.git linux-2.6-pvops.git.tmp Initialized empty Git repository in /home/homer/xen/linux-2.6-pvops.git.tmp/.git/ remote: Counting objects: 1855434, done. remote: Compressing objects: 100% (291939/291939), done. Receiving objects: 100% (1855434/1855434), 368.49 MiB | 11.00 MiB/s, done. remote: Total 1855434 (delta 1553214), reused 1847760 (delta 1546656) Resolving deltas: 100% (1553214/1553214), done. + cd linux-2.6-pvops.git.tmp + git checkout -b xen/stable-2.6.32.x xen/xen/stable-2.6.32.x fatal: git checkout: branch xen/stable-2.6.32.x already exists make[3]: *** [linux-2.6-pvops.git/.valid-src] Error 128 Does anybody have an idea what i can do?

    Read the article

  • DD-WRT with native IPv6

    - by Matt
    My ISP provides native IPv6 support (ie. I can plug in my computer straight into the WAN and get an IPv6 address). However I can not get this working on DD-WRT. When I enable IPv6 and radvd in DD-WRT, the router gets in IPv6 address, but the devices on my LAN do not. I tried looking at the DD-WRT wiki, but this only displayed instructions for tunneling or other methods where native support isn't available. I found a small amount of sites thorough searching, but none of the methods these sites described gave my computers each a global IPv6 address. In addition, SSHing into the router using ping6 on sites such as ipv6.google.com causes "host unreachable" errors. Has anyone using DD-WRT configured a successful setup with native IPv6? I am using a Netgear WNDR3700 v2, with DD-WRT build 17201

    Read the article

  • VPN with wrong subnet mask

    - by Philipp Schmid
    I followed these instructions on www.hottonetworking.com to set up VPN on a clean install of Windows Server 2008 SP2 (not R2 yet). When I then establish a VPN connection to that machine from a client machine (running Windows 7 RC), everything succeeds (it seems since I get a 'Connected' state in the network sharing center window), but I end up with a subnet mask (according to ipconfig /all) of 255.255.255.255 instead of 255.255.255.0. The net effect is that I don't have local network or internet capability. What additional configuration steps do I have to do to get VPN with the proper subnet mask working? Update: Using the steps outlined in the Technet article mentioned by Mr. Nimble, I was able to get internet connection. Apparently the subnet mask is not an issue as my coworker was able to connect using his VPN connection and ping the server machine by name as well.

    Read the article

  • Heroku SSL "certificate is only valid for the following names: *.herokuapp.com, herokuapp.com"

    - by benedict_w
    I'm trying to setup a Geotrust SSL certificate for my Heroku app using the SSL Endpoint addon and the instructions at https://devcenter.heroku.com/articles/ssl-endpoint. I generated my public key from my private key using: openssl rsa -in server.orig.key -out server.key and added to the heroku certs: heroku certs:add server.crt server.key Everything seemed to be fine. heroku certs listed the corrected information only with Trusted = false for my certificate. If I go to https://tokyo-2121.herokussl.com the browser says: You attempted to reach tokyo-2121.herokussl.com, but instead you actually reached a server identifying itself as www.mydomain.com. As expected with the certificate apparently identifying the correct domain, but When I set up the CNAME to the given tokyo-2121.herokussl.com and visit my subdomain the browser says: www.mydomain.com uses an invalid security certificate. The certificate is only valid for the following names: *.herokuapp.com , herokuapp.com If I run curl -kv https://www.mydomain.com I get: subjectAltName does not match www.mydomain.com

    Read the article

< Previous Page | 48 49 50 51 52 53 54 55 56 57 58 59  | Next Page >