Search Results

Search found 6397 results on 256 pages for 'secure emails'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 55/256 | < Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >

  • optimize mod_rewrite in htaccess

    - by clarkk
    I got some mod_rewrite conditions in a .htaccess file which I have extended from time to time.. But I don't think its very well written (I'm still quite new to mod_rewrite) Some times requests end up in infinite loops And just now I added SSL to the file.. When requesting https:// I get a 404 error The requested URL /_secure/_secure/ was not found on this server. Somehow it adds an extra _secure to the path? .htacces # set language RewriteCond %{HTTP_HOST} ^www\. [NC] RewriteCond %{REQUEST_URI} ^/(da|en)/(.*)(\?%{QUERY_STRING})?$ [NC] RewriteRule ^(.*)$ /%2?%{QUERY_STRING}&set_lang=%1 [L] # put 'www' as subdomain if none is given RewriteCond %{HTTP_HOST} ^([^\.]+\.[^\.]+)$ [NC] RewriteRule ^(.*)$ http://www.%1/$1 [L,R=301] # rewrite subdomain RewriteCond %{HTTP_HOST} ^(admin|files)\.[^\.]+\.[^\.]+$ [NC] RewriteCond %{REQUEST_URI} !^/_(admin|files)/ [NC] RewriteRule ^(.*)$ /_%1/$1 [L] # redirect to subdomain RewriteCond %{HTTP_HOST} ^www\.([^\.]+\.[^\.]+)$ [NC] RewriteRule ^_([^/]+)/ http://$1.%1/ [L,R=301] # start SSL on 'secure' subdomain if not started RewriteCond %{HTTPS} !=on RewriteCond %{HTTP_HOST} ^(secure)\.([^\.]+\.[^\.]+)$ [NC] RewriteRule ^(.*)$ https://%1.%2/$1 [L,R=301] # rewrite 'secure' subdomain RewriteCond %{HTTP_HOST} ^(demo|secure)\.[^\.]+\.[^\.]+$ [NC] RewriteCond %{REQUEST_URI} !^/_secure/ [NC] RewriteRule ^(.*)$ /_secure/$1 [L] # rewrite 'api' subdomain RewriteCond %{HTTP_HOST} ^api\.[^\.]+\.[^\.]+$ [NC] RewriteCond %{REQUEST_URI} !^/_api/ [NC] RewriteRule ^(?:([^/]+)/)?(?:([^/]+)/)?(?:([^/]+)/)?(?:([^/]+)/)?(?:([^/]+)/)?(?:([^/]+)/)? /_api/?%{QUERY_STRING}&v=$1&i=$2&k=$3&a=$4&t=$5&f=$6 [L] # redirect non-active subdomain to 'www' RewriteCond %{HTTP_HOST} !^(admin|api|demo|files|secure|www)\.([^\.]+\.[^\.]+)$ [NC] RewriteRule ^(.*)$ http://www.domain.com [L,R=301] # hide file extensions RewriteCond %{HTTP_HOST} ^www\. [NC] RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !\.php$ [NC] RewriteCond %{REQUEST_URI} ^/([^/]*)/(?:([^/]*)/)?(?:([^/]*)/)?$ [NC] RewriteRule ^(.*)$ /%1.php?%{QUERY_STRING}&subpage=%2&subsection=%3 [L]

    Read the article

  • Apache VirtualHost, multiple sites. 1 ssl with redirect and 1 regular http

    - by pedalpete
    I've got a server with one site which I am redirecting to https via <VirtualHost *:80> DocumentRoot /var/www/html/secure ServerName secure.com Redirect / https://secure.com </VirtualHost> That works no problem. Now I'm trying to add another non-secure site <VirtualHost *:80> DocumentRoot /var/www/html/notsecure ServerName notsecure.com </VirtualHost> of course, because the redirect is on '/', all sites are getting redicted. I've tried changing the Redirect to the full document root, but no luck.

    Read the article

  • nginx root directory not forwarding correctly

    - by user66700
    The server files are store in /var/www/ Everything was working perfectly, then I've been getting the following errors 2011/01/28 17:20:05 [error] 15415#0: *1117703 "/var/www/https:/secure.domain.com/index.html" is not found (2: No such file or directory), client: 119.110.28.211, server: secure.domain.com, request: "HEAD /https://secure.domain.com/ HTTP/1.1", host: "secure.domain.com" Heres my config: server { server_name secure.domain.com; listen 443; listen [::]:443 default ipv6only=on; gzip on; gzip_comp_level 1; gzip_types text/plain text/html text/css application/x-javascript text/xml text/javascript; error_log logs/ssl.error.log; gzip_static on; gzip_http_version 1.1; gzip_proxied any; gzip_disable "msie6"; gzip_vary on; ssl on; ssl_ciphers RC4:ALL:-LOW:-EXPORT:!ADH:!MD5; keepalive_timeout 0; ssl_certificate /root/server.pem; ssl_certificate_key /root/ssl.key; location / { root /var/www; index index.html index.htm index.php; } }

    Read the article

  • Sending Email using Java

    - by Sunny
    Hi Guys, I want my Java application to send out emails to users. But I cant get a good solution. Now, I got some on Google but they use a SMTP server which I dont have. I was wondering if setting up one on my Linux machine would be easy? So, I am using mailx now to send out emails but it sends emails from root which is definately not good. Is there any way to send out emails from a proper email using java? like you can do in php and other languages?

    Read the article

  • How To Send thousands of javaMails simultaneously ?

    - by ylazez
    greetings all i am building a web app(smth like a forums) that will need to send thousands of emails simultaneously i think that it would be such a big load on the app to handle sending the emails, so i want to use another service or framework to handle sending the emails in asynchronous way so that there will be no load on the app, maybe JMS , i don't know, please suggest me a good solution.

    Read the article

  • How can I use edit_in_place in the show of a different model in Rails?

    - by Angela
    I have a model Campaign and the campaign/show goes through a loop of the Emails. Campaign has_many Emails. <h2>Emails to Send Today</h2> <% for email in @campaign.emails %> <p><strong>Email: </strong><%= link_to email.title, email_path(email) %> sent after <%= distance_of_time_in_words(email.days.days) %></p> <% end %> I would like to be able to edit in place the subject and/or the email.days value from the Campaign/show page. How do I do that? (Added complexity, these are clickable links).

    Read the article

  • Android - How can I find out how many unread email the user has?

    - by BenIOs
    I'm writing a program that should display the amount of unread sms, mms, phone calls and emails. It was quite easy to find how to query for sms and phone calls (I used the search on this page) but I have not been able to find out how to query for emails. Is there anyway to find out how many unread emails the user got in their phone?

    Read the article

  • Unable to use strong encryption

    - by user224299
    So I am exploring Apache to create a simple example: the default page and a directory "secure". I everyone to be able to access the server but, when one wants to access the "secure" directory, I the connection to use strong encryption. I am using apache2.4. However this is not working and I don't know why! I have done just like in the Apache tutorial: LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so <VirtualHost *:443> SSLEngine on SSLCertificateFile /home/vitorpereira/Desktop/cert.cer SSLCertificateKeyFile /home/vitorpereira/Desktop/key.key </VirtualHost> SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL <Location /var/www/html/secure> SSLCipherSuite HIGH:!aNULL:!MD5 </Location> But this does not work :/ And, I can access the secure folder with http but when I write https, it says not found!

    Read the article

  • Ubuntu 12.04.2 Dual boot UEFI Windows 8 Preinstalled CX21903W Ultrabook

    - by user180782
    Hi i have a problem trying to install ubuntu. The machine is a CX Ultrabook model CX.21903W Intel I5 with 500GB hard disk, 8 GB ram and 32 GB SSD. From Installing Ubuntu on a Pre-Installed Windows 8 (64-bit) System (UEFI Supported), and according to the steps guide: 1 - We create a partition from Win8 (70 GB) from the own win8 program. 2 - Confirm-SecureBootUEFI=True. 3 - From Win8, shift + Restart and from special menu we selected the UEFI Firmware Setting. 4 - From BIOS Option: ------Option 1) Disable Secure Boot. ------Option 2) Disable UEFI (Not Available) from Option 1: Three ways is available. With Secure Boot enable - We can't even boot ubuntu. A red windows saying Soft unproper signed. With Secure Boot disable - and this config in boot device order: ----1: UEFI: USB ----2: Windows Boot Manger ----3: Others and CSM (Compatibility Support Module): enable - GRUB appears and selecting try Ubuntu then a black windows appears and nothing happens. The same result if install ubuntu is selected. With Secure Boot disable - and this config in boot device order: ----1: USB (No UEFI) ----2: Windows Boot Manger ----3: Others and CSM (Compatibility Support Module): enable - GRUB appears and selecting try Ubuntu, - Ubuntu boots and we can install it even. 5 - Rebooting and just changing the boot order as ----1: Ubuntu [] ----2: Windows Boot Manger ----3: Others then nothings happens. 6 - Booting from LiveUSB again and, as per instructed, making Boot-Repair (A warning windows: Ubuntu is working in legacy mode.). 7 - Saving changes and rebooting, Grub works but selecting Ubuntu, a black windows appears and nothing happens. Selecting Win8, Win8 boots and works. Untill now we can't make the ubuntu installation. Any suggestion will be welcomed. kind regards and thanks in advance.

    Read the article

  • Troubleshooting PHP email sending?

    - by darkAsPitch
    I created a website that occasionally emails users when they register/change their password/etc. Every other person however cannot or does not receive the emails. They are telling me that they are not even hitting their spam folders. I don't know a ton about MX records or email sending, but when I "Edit DNS Zone" for this domain in particular there is 1 MX record listed there. How do you go about troubleshooting botched PHP mail actions? UPDATE: Here is my super-simple php mailing code: $subject = "Subject Here"; $message = "Emails Message"; $to = $verified_user_data["email_address"]; $headers = "From: [email protected]\r\n" . "Reply-To: [email protected]\r\n" . "X-Mailer: PHP/" . phpversion(); //returns true on success, false on failure $email_result = mail($to, $subject, $message, $headers); re: "are you saying that some do and some do not?" @ Jacob Yes, basically. I send the emails containing the user's login username/password using similar code above. And I sell to fairly tech-savvy people. About 50% of the time, my customers claim they cannot find their welcome emails in their inbox OR in their spam box. It's as if it never arrived. I have the largest problem with Yahoo email addresses accepting my emails or so it seems. re: "The MX record at your end doesn't factor in, although the SPF record (or lack of it) will. How much access and control do you have on the server itself?" @ John Gardeniers I rent a dedicated server from Codero. Running CentOS 5, WHM + cPanel. I have full root access to the entire thing. Don't know much about MX records and/or SPF records. I just want the PHP mail function to work. It doesn't say much about that on the php mail function's help page. re: "What are you using for the SMTP server?" @ JonLim No idea. I use the code above when I need to fire off an email to a loyal customer, and that's it. Do I need to be worrying about SMTP servers? re: "Could be many, many things. Can you describe how you're sending mail in your code? i.e. are you relaying off of another mail server somewhere, using the local sendmail or postfix? Any consistency in domains that can/cannot receive email? Do you have a PTR record setup from the IP address that you're sending mail out as? What about SPF records?" @ gravyface I just described my simple code above! I believe I have been having the most trouble with Yahoo domains, however "independent" domains (probably running spamassasin) ex. [email protected] as opposed to [email protected] seem to give a lot of trouble as well. I do not know if I have a PTR record setup from the IP address I'm sending my mail from. It's probably the same IP address that I setup my domain on, because I didn't do anything extra special. No idea about SPF records either, where can I go to create one? Side Note: It's a crying shame what havoc the spammers have brought upon our beloved email system.

    Read the article

  • Moved DNS and Email Hosting, Now Can't Send/Receive To/From Domains Hosted on Previous Host

    - by maxfinis
    Our company had 4 domains whose emails and DNS were hosted by one company, and then we moved the email and DNS hosting for 3 of the 4 domains to a new company. Now, the 3 domains that were moved can't send or receive emails to and from the one domain still left on the old server. All other email functions work fine for all 4 domains. There are no bouncebacks, error messages, or emails stuck in queue, and no evidence of these missing emails hitting the new servers. The new hosting company confirms that everything is fine on their end, and assures me that it's most likely an old zone file still remaining on the old nameserver, and so the emails sent from the old host is routed to what it believes is still the authoritative nameserver. Because the old zone file's MX records still contain the old resource, the requests never leave the old nameserver to go online to do a fresh search for the real (new) authoritative nameserver. The compounding problem is that the old company is rather inept and doesn't seem to have the technical expertise to identify the problem, much less fix it. (I know, I know.) Is the problem truly that this old zone file just needs to be deleted from the old company's nameserver? If so, what's the best way for me to describe this to them? If not, what do you think could be the issue? Any help is much appreciated. I'm not in IT, so all this is new to me. I know it seems weird for me (the client) to have to do this legwork, but I just want to get this resolved. Here's what I've done: Ran dig to verify that the old server's MX records still point to the old authoritative server, instead of going online to do a fresh search: ~$ dig @old.nameserver.com domainthatwasmoved.com mx ; << DiG 9.6.0-APPLE-P2 << @old.nameserver.com domainThatWasMoved.com mx ; (1 server found) ;; global options: +cmd ;; Got answer: ;; -HEADER<<- opcode: QUERY, status: NOERROR, id: 61227 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;domainthatwasmoved.com. IN MX ;; ANSWER SECTION: domainthatwasmoved.com. 3600 IN MX 10 mail.oldmailserver.com. ;; ADDITIONAL SECTION: mail.oldmailserver.com. 3600 IN A 65.198.191.5 ;; Query time: 29 msec ;; SERVER: 65.198.191.5#53(65.198.191.5) ;; WHEN: Sun Dec 26 16:59:22 2010 ;; MSG SIZE rcvd: 88 Ran dig to try to see where the new hosting company's servers look when emails are sent from the 3 domains that were moved, and got refused: ~$ dig @new.nameserver.net domainStillAtOldHost.com mx ; << DiG 9.6.0-APPLE-P2 << @new.nameserver.net domainStillAtOldHost.com mx ; (1 server found) ;; global options: +cmd ;; Got answer: ;; -HEADER<<- opcode: QUERY, status: REFUSED, id: 31599 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;domainStillAtOldHost.com. IN MX ;; Query time: 31 msec ;; SERVER: 216.201.128.10#53(216.201.128.10) ;; WHEN: Sun Dec 26 17:00:14 2010 ;; MSG SIZE rcvd: 34

    Read the article

  • Sending mail with Gmail Account using System.Net.Mail in ASP.NET

    - by Jalpesh P. Vadgama
    Any web application is in complete without mail functionality you should have to write send mail functionality. Like if there is shopping cart application for example then when a order created on the shopping cart you need to send an email to administrator of website for Order notification and for customer you need to send an email of receipt of order. So any web application is not complete without sending email. This post is also all about sending email. In post I will explain that how we can send emails from our Gmail Account without purchasing any smtp server etc. There are some limitations for sending email from Gmail Account. Please note following things. Gmail will have fixed number of quota for sending emails per day. So you can not send more then that emails for the day. Your from email address always will be your account email address which you are using for sending email. You can not send an email to unlimited numbers of people. Gmail ant spamming policy will restrict this. Gmail provide both Popup and SMTP settings both should be active in your account where you testing. You can enable that via clicking on setting link in gmail account and go to Forwarding and POP/Imap. So if you are using mail functionality for limited emails then Gmail is Best option. But if you are sending thousand of email daily then it will not be Good Idea. Here is the code for sending mail from Gmail Account. using System.Net.Mail; namespace Experiement { public partial class WebForm1 : System.Web.UI.Page { protected void Page_Load(object sender,System.EventArgs e) { MailMessage mailMessage = new MailMessage(new MailAddress("[email protected]") ,new MailAddress("[email protected]")); mailMessage.Subject = "Sending mail through gmail account"; mailMessage.IsBodyHtml = true; mailMessage.Body = "<B>Sending mail thorugh gmail from asp.net</B>"; System.Net.NetworkCredential networkCredentials = new System.Net.NetworkCredential("[email protected]", "yourpassword"); SmtpClient smtpClient = new SmtpClient(); smtpClient.EnableSsl = true; smtpClient.UseDefaultCredentials = false; smtpClient.Credentials = networkCredentials; smtpClient.Host = "smtp.gmail.com"; smtpClient.Port = 587; smtpClient.Send(mailMessage); Response.Write("Mail Successfully sent"); } } } That’s run this application and you will get like below in your account. Technorati Tags: Gmail,System.NET.Mail,ASP.NET

    Read the article

  • Sudden increase in spam report from Yahoo

    - by lulalala
    Recently we experienced a sudden increase in spam reports, and all of them come from Yahoo email addresses. We see lots of registration confirmation email got marked as spam. We also saw people marking mails as spam and then opened it and clicked on the confirmation link. We send around 150 registration emails a day, and currently sees 2 spam reports from these per day. Previously spam reports once come once a month. We use Sendgrid to send emails.

    Read the article

  • Django as Python extension?

    - by NoobDev4iPhone
    I come from php community and just started learning Python. I have to create server-side scripts that manipulate databases, files, and send emails. Some of it I found hard to do in python, comparing to php, like sending emails and querying databases. Where in php you have functions like mysql_query(), or email(), in python you have to write whole bunch of code. Recently I found Django, and my question is: is it a good framework for network-oriented scripts, instead of using it as a web-framework?

    Read the article

  • Plain Text email support: Is it still needed in 2011?

    - by murdoch
    For many years I have been building emails that get sent out by my webapps that are Multi-part with a text part & an email part to allow users of plain text only email clients to default to the text version. However I have recently been developing a rather complex email that doesn't translate so well to text, so in 2011 is there really any need to provide a textual alternative. How many people out there are actually still only able to see plain text emails?

    Read the article

  • Using GoDaddy email AND Google Apps

    - by ThePants
    We have 8 people that need emails addresses in our company. 3 need email only, while 5 need emails and the features from Google Apps. We would like to continue to host email for the 3 on GoDaddy, while using Google Apps for the 5. When we insert the MX records in GoDaddy, the 3 no longer could send/receive email, since we were redirecting email to Google. How can we redirect email to these 3 employees through GoDaddy, while keeping the 5 on Google Apps?

    Read the article

  • SQLAuthority News WirelessRouterSecurityandAttachedDevicesComplexPassword

    In the last four days (April 21-24), I have received calls from friends who told me that they have got strange emails from me. To my surprise, I did not send them any emails. I was not worried until my wife complained that she was not able to find one of the very important folders [...]...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • Web app to manage subscriptions to online magazine

    - by Mulone
    I'm looking for a php web app, a Wordpress plugin, or an online web service (naturally as cheap as possible) to manage the subscriptions for an online magazine. These are the main features I need: register/open new subscription renew subscription pay online with credit card send automatic emails after registration auto-send reminder when subscription expires send bulk emails to all subscribers The magazine runs on Wordpress.

    Read the article

  • Sending text messages from Raspberry Pi via email fails

    - by vgm64
    I'm using mailx on my raspberry pi to try to send text messages updates for event monitoring. My phone number: 9876543210 My phone's email-to-text gateway address: [email protected] I can 1) Send emails from my raspberry pi to various email addresses. mail -r [email protected] -s "My Subject" [email protected] < body.txt and off it goes and is successfully delivered. 2) Send emails from various email address (not on RPi) using mailx to the above phone-email address and have them delivered as text messages. However, when sending emails to [email protected] from the Raspberry Pi using mailx the emails seem to spiral into the void and are never heard of again (no errors, no undeliverable messages, nothing). Does anyone know what could be causing this to go awry? Something about the basic deployment of the mail server on the pi? EDIT Based on @kobaltz's suggestion, I used sendmail instead. This led to a hang, then an error that stated that I lacked a fully qualified domain name (FQDN). I then used this website's instructions to add a domain name to the RPi. To paraphrase: I have set the FQDN in /etc/hostname: my-host-name.my-domain.com and /etc/hosts: 127.0.0.1 localhost.localdomain localhost 192.168.0.5 my-host-name.my-domain.com my-host-name Then add to /etc/mail/sendmail.cf: MASQUERADE_AS(`my-domain.com') MASQUERADE_DOMAIN(`my-host-name.my-domain.com') FEATURE(`masquerade_entire_domain') FEATURE(`masquerade_envelope') I put this in /etc/mail/sendmail.cf, BEFORE the MAILER() lines, ran sendmailconfig, answered Yes to the questions about using the existing files, and restarted sendmail. Emails now have the proper domain name. Progress, however, I am now stuck at the following error: 354 Enter mail, end with "." on a line by itself >>> . 050 <[email protected]>... Connecting to mxx.cingularme.com. via esmtp... 050 421 Service not available 050 >>> QUIT 050 <[email protected]>... Deferred: 421 Service not available 250 2.0.0 q9U3ZESt021150 Message accepted for delivery [email protected]... Sent (q9U3ZESt021150 Message accepted for delivery) Closing connection to [127.0.0.1] >>> QUIT

    Read the article

  • Sent items listed by sender's name (my name!) not recipient in Outlook for Mac 2011

    - by user568458
    Outlook 2011 on a Mac (OSX7 Lion), on a (mostly PC) office network using Microsoft Exchange server. In Outlook 2011, in the network "Sent Items" folder, all emails are listed showing the sender's name (my name), not the recipients' names. That means every single email is headed with my own name, like this: My Name 08/09/2012 Some subject line [flag] My Name 08/09/2012 Re: Another subject line [flag] My Name 07/09/2012 Re: different subject line [flag] My Name 07/09/2012 different subject line [flag] ...and so on. There's no clue at all as to who these emails were to, until I open each and every one. I guess it's reassuring to be told that every email that I sent was sent by me... and if I was ever to forget my own name while browsing my sent emails folder, it'd be super useful... But it's not very helpful for navigating sent emails. Is this normal for Office for Mac 2011? How can I fix this, so that the list shows the recipients' names instead of endlessly reminding me of my own name? Things I've found while researching this: This can also happen in Outlook for Windows. On Windows, it's easily fixed by resetting the field. That method doesn't work on Mac because the fields can't be selected separately. It seems this can also happen in Apple Mail too, and a lot of people seem stumped by this. I can't find anything on this specific to Outlook 2011 or Outlook for Mac in general. A simple guide on how to fix this would be the best answer, but I'd also welcome any knowledgable thoughts from Microsoft Exchange Server people on whether this sounds like an Outlook settings issue which I can fix on my machine, or some issue relating to how the Mac gets data from the server and network. The fact that Apple Mail users have encountered the same issue with no apparent fix makes me think the problem might be in the network rather than the mail client - but that's way beyond my limited knowledge of these things. I don't know whether the local ("On my computer") Sent Items folder has the same problem, as it's configured so that no emails except drafts are ever stored in these local folders. Drafts saved locally are listed by recipient as expected.

    Read the article

  • AWS EC2: How to determine whether my EC2/scalr AMI was hacked? What to do to secure it?

    - by Niro
    I received notification from Amazon that my instance tried to hack another server. there was no additional information besides log dump: Original report: Destination IPs: Destination Ports: Destination URLs: Abuse Time: Sun May 16 10:13:00 UTC 2010 NTP: N Log Extract: External 184.xxx.yyy.zzz, 11.842.000 packets/300s (39.473 packets/s), 5 flows/300s (0 flows/s), 0,320 GByte/300s (8 MBit/s) (184.xxx.yyy.zzz is my instance ip) How can I tell whether someone has penetrated my instance? What are the steps I should take to make sure my instance is clean and safe to use? Is there some intrusion detection techinque or log that I can use? Any information is highly appreciated.

    Read the article

  • Do you develop with security in mind?

    - by MattyD
    I was listening to a podcast on Security Now and they mentioned about how a lot of the of the security problems found in Flash were because when flash was first developed it wasdn't built with security in mind because it didn't need to thus flash has major security flaws in its design etc. I know best practices state that you should build secure first etc. Some people or companies don't always follow 'best practice'... My question is do you develop to be secure or do you build with all the desired functionality etc then alter the code to be secure (Whatever the project maybe) (I realise that this question could be a possible duplicate of Do you actively think about security when coding? but it is different in the fact of actually process of building the software/application and design of said software/application)

    Read the article

  • Windows Azure Recipe: Enterprise LOBs

    - by Clint Edmonson
    Enterprises are more and more dependent on their specialized internal Line of Business (LOB) applications than ever before. Naturally, the more software they leverage on-premises, the more infrastructure they need manage. It’s frequently the case that our customers simply can’t scale up their hardware purchases and operational staff as fast as internal demand for software requires. The result is that getting new or enhanced applications in the hands of business users becomes slower and more expensive every day. Being able to quickly deliver applications in a rapidly changing business environment while maintaining high standards of corporate security is a challenge that can be met right now by moving enterprise LOBs out into the cloud and leveraging Azure’s Access Control services. In fact, we’re seeing many of our customers (both large and small) see huge benefits from moving their web based business applications such as corporate help desks, expense tracking, travel portals, timesheets, and more to Windows Azure. Drivers Cost Reduction Time to market Security Solution Here’s a sketch of how many Windows Azure Enterprise LOBs are being architected and deployed: Ingredients Web Role – this will host the core of the application. Each web role is a virtual machine hosting an application written in ASP.NET (or optionally php, or node.js). The number of web roles can be scaled up or down as needed to handle peak and non-peak traffic loads. Many Java based applications are also being deployed to Windows Azure with a little more effort. Database – every modern web application needs to store data. SQL Azure databases look and act exactly like their on-premise siblings but are fault tolerant and have data redundancy built in. Access Control – this service is necessary to establish federated identity between the cloud hosted application and an enterprise’s corporate network. It works in conjunction with a secure token service (STS) that is hosted on-premises to establish the corporate user’s identity and credentials. The source code for an on-premises STS is provided in the Windows Azure training kit and merely needs to be customized for the corporate environment and published on a publicly accessible corporate web site. Once set up, corporate users see a near seamless single sign-on experience. Reporting – businesses live and die by their reports and SQL Azure Reporting, based on SQL Server Reporting 2008 R2, can serve up reports with tables, charts, maps, gauges, and more. These reports can be accessed from the Windows Azure Portal, through a web browser, or directly from applications. Service Bus (optional) – if deep integration with other applications and systems is needed, the service bus is the answer. It enables secure service layer communication between applications hosted behind firewalls in on-premises or partner datacenters and applications hosted inside Windows Azure. The Service Bus provides the ability to securely expose just the information and services that are necessary to create a simpler, more secure architecture than opening up a full blown VPN. Data Sync (optional) – in cases where the data stored in the cloud needs to be shared internally, establishing a secure one-way or two-way data-sync connection between the on-premises and off-premises databases is a perfect option. It can be very granular, allowing us to specify exactly what tables and columns to synchronize, setup filters to sync only a subset of rows, set the conflict resolution policy for two-way sync, and specify how frequently data should be synchronized Training Labs These links point to online Windows Azure training labs where you can learn more about the individual ingredients described above. (Note: The entire Windows Azure Training Kit can also be downloaded for offline use.) Windows Azure (16 labs) Windows Azure is an internet-scale cloud computing and services platform hosted in Microsoft data centers, which provides an operating system and a set of developer services which can be used individually or together. It gives developers the choice to build web applications; applications running on connected devices, PCs, or servers; or hybrid solutions offering the best of both worlds. New or enhanced applications can be built using existing skills with the Visual Studio development environment and the .NET Framework. With its standards-based and interoperable approach, the services platform supports multiple internet protocols, including HTTP, REST, SOAP, and plain XML SQL Azure (7 labs) Microsoft SQL Azure delivers on the Microsoft Data Platform vision of extending the SQL Server capabilities to the cloud as web-based services, enabling you to store structured, semi-structured, and unstructured data. Windows Azure Services (9 labs) As applications collaborate across organizational boundaries, ensuring secure transactions across disparate security domains is crucial but difficult to implement. Windows Azure Services provides hosted authentication and access control using powerful, secure, standards-based infrastructure. See my Windows Azure Resource Guide for more guidance on how to get started, including links web portals, training kits, samples, and blogs related to Windows Azure.

    Read the article

  • How to prevent access to website without SSL connection?

    - by CraigJ
    I have a website that has an SSL certificate installed, so that if I access the website using https instead of http I will be able to connect using a secure connection. However, I have noticed that I can still access the website non-securely, ie. by using http instead of https. How can I prevent people using the website in a non-secure manner? If I have a directory on the website, eg. samples/, can I prevent non-secure connections to just this directory?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >