Search Results

Search found 4073 results on 163 pages for 'hosts deny'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 6/163 | < Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Apache deny access to images folder, but still able to display via <img> on site

    - by jeffery_the_wind
    I have an images folder on my site, let's call it /images/ where I keep a lot of images. I don't want anyone to have direct access to the images via the web, so I put a new directive in my Apache config that achieves this: <Directory "/var/www/images/"> Options Includes AllowOverride All Order allow,deny Deny from All </Directory> This is working, but it is blocking out ALL ACCESS, and I can't show the images anymore through my web pages. I guess this makes sense. So how do I selectively control access to these images? Basically I only want to display certain images through certain webpages and to certain users. What is best way to do this? Do I need to save the images to the database? Tim

    Read the article

  • MySQL blocking new connections, and mysqladmin flush-hosts

    - by aidan
    I'm running MySQL on a remote server, and it suddenly started rejecting all connections: $ mysql -h 192.168.1.10 -u root -p ERROR 1129 (00000): Host 'web' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts' So, I try this flush-hosts command... $ mysqladmin flush-hosts -h 192.168.1.10 -u root -p mysqladmin: connect to server at '192.168.1.10' failed error: 'Host 'web' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'' I.e. it's blocking the very un-blocking tool it recommends. Am I doing it wrong, or will I have to resort to ssh/cpanel/physical access?

    Read the article

  • Canonical Redirect on Dynamic Mass Virtual Hosts on Apache

    - by Josh
    I have a Web app on Apache that allows users to point their domain to the server. Right now I'm using Apache's dynamic mass virtual hosts with an entry VirtualDocumentRoot /www/hosts/%0/docs So with www.companydomain.com it points to /www/hosts/www.companydomain.com/docs The problem is when the user goes to companydomain.com it will point to /www/hosts/companydomain.com/docs Is there an easy way to automatically have Apache check to see if a directory exists for the virtual host, and if not, look for the host name with "www." in front of it? Other subdomains are fine (i.e. abc.domain.com should point to a diff. directory than def.domain.com) but the whole "www" issue is a mystery to me. I am using dynamic mass virtual hosts so the server does not have to restart after each registration for the application. If there is a different way that is fine as long as apache isn't restarted each time. How can I accomplish this? Worst case scenario if there were a way to redirect to a "default" location on the server if not found I could always do a check via PHP or something but I feel like that is a bit hacked together and there has to be a more efficient way. Thanks in advance!

    Read the article

  • Unable to create new virtual hosts using MAMP with OSX Mavericks

    - by user2961676
    I have been using virtual hosts on my Mac with MAMP, which has worked up until now. I have 2 working virtual hosts that i created in the same manner, which still work, but for some reason I am unable to create any new virtual hosts. When i attempt to go to a newly crated virtual host in my browser it generates a 404 Not Found error. The only thing i can think of possibly after i updated OSX to Mavericks, but i'm not sure what that would have done, or why the old virtual hosts still work. See excerpt below from vhosts.conf file. So, franklin.dev works, jamiepjones.dev works, but sheilahixson.dev does not. <VirtualHost *:80> DocumentRoot "/Users/jamiejones/Sites/franklin" ServerName franklin.dev ErrorLog "logs/franlkin.dev-error_log" CustomLog "logs/franklin.dev-access_log" common </VirtualHost> <VirtualHost *:80> DocumentRoot "/Users/jamiejones/Sites/jamiepjones-wp" ServerName jamiepjones.dev ErrorLog "logs/jamiepjones.dev-error_log" CustomLog "logs/jamiepjones.dev-access_log" common </VirtualHost> <VirtualHost *:80> DocumentRoot "/Users/jamiejones/Sites/sheilahixson” ServerName sheilahixson.dev ServerAlias www.sheilahixson.dev ErrorLog "logs/sheilahixson.dev-error_log" CustomLog "logs/sheilahixson.dev-access_log" common </VirtualHost> and hosts file: 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost 127.0.0.1 jamies-MacBook-Pro.Belkin # MAMP PRO - Do NOT remove this entry! 127.0.0.1 hixson # MAMP PRO - Do NOT remove this entry! 127.0.0.1 franklin.dev 127.0.0.1 jamiepjones.dev 127.0.0.1 sheilahixson.dev Please help!

    Read the article

  • Remote hosts accessing AD's registry

    - by smitty user
    I have a situation here. I have an intrusion detection system and it constantly alerts me that a remote host is accessing our AD's registry remotely. Our remote hosts are mainly Windows XP and our ADs are W2K8. The remote hosts access them over SMB port 445 Is it normal for Windows hosts to access AD's remote registry? My colleagues confirmed with me that both host and AD is clean from virus with endpoint protection enabled. Thanks.

    Read the article

  • Amazon EC2 and Named Virtual Hosts

    - by user71718
    I am running ubuntu apache2 on an Amazon EC2 instance running behind an Amazon ELB (load balancer) I am trying to get multiple domain running pointing to different virtual hosts. The problem is I cannot get virtual hosts working with name - I can only get it working with I am trying to get www.domain1.com and www.domain2.com working When I setup my virtual hosts to it doesnt work Any ideas please??

    Read the article

  • How to deal with 100's or 1000's of virtual hosts

    - by anton
    I am curious to know how services such as heroku manage 1000's of virtual hosts - ie if you create a web site/app, and put it up on these services, you get your own virtual host name - foo.heroku.com etc (the same applies to many other sites that have vanity URLs). I know with various web servers and proxies you can configure as many virtual hosts as you want - but there must be some upper limit to this ? Do they programmatically add virtual hosts - perhaps spreading the load? Or are there other solutions.

    Read the article

  • My facebook blocking ACL has stopped working

    - by Josh
    This probably very simple. This was setup before I arrived, and has been working to block facebook. I recently eliminated some static port forwarding on this 2691 (as in, I don't think anything else has changed), and now facebook is once again accessible. Why is this list not doing what it seems like it should be doing (and was doing)? Would an extended outbound ACL be more appropriate (I think that would have been my thought if I had been tasked with creating this in the first place)? Something different? I've included below what I believe are the relevant parts of the config. interface FastEthernet0/0 ip address my.pub.ip.add my.ip.add.msk ip access-group 1 in ip nat outside ip virtual-reassembly duplex auto speed auto access-list 1 deny 69.171.224.0 0.0.31.255 access-list 1 deny 74.119.76.0 0.0.3.255 access-list 1 deny 204.15.20.0 0.0.3.255 access-list 1 deny 66.220.144.0 0.0.15.255 access-list 1 deny 69.63.176.0 0.0.15.255 access-list 1 permit any ip nat inside source list 105 interface FastEthernet0/0 overload access-list 105 deny ip 192.168.0.0 0.0.0.255 192.168.8.0 0.0.0.255 access-list 105 permit ip 192.168.0.0 0.0.0.255 any access-list 105 permit ip 192.168.1.0 0.0.0.255 any EDIT ACL is once again blocking Facebook. Here is the new definition for those interested... access-list 1 deny 66.220.144.0 0.0.7.255 access-list 1 deny 66.220.152.0 0.0.7.255 access-list 1 deny 69.63.176.0 0.0.7.255 access-list 1 deny 69.63.176.0 0.0.0.255 access-list 1 deny 69.63.184.0 0.0.7.255 access-list 1 deny 69.171.224.0 0.0.15.255 access-list 1 deny 69.171.239.0 0.0.0.255 access-list 1 deny 69.171.240.0 0.0.15.255 access-list 1 deny 69.171.255.0 0.0.0.255 access-list 1 deny 74.119.76.0 0.0.3.255 access-list 1 deny 173.252.64.0 0.0.31.255 access-list 1 deny 173.252.70.0 0.0.0.255 access-list 1 deny 173.252.96.0 0.0.31.255 access-list 1 deny 204.15.20.0 0.0.3.255 access-list 1 permit any

    Read the article

  • Configure all hosts, then create a list of the config for all hosts?

    - by AME
    I deployed a huge number of hosts with Ansible - which did work very nice. Each host got its individual settings and configuration. Now I'd like to generate a config file for another system that uses these hosts. For it, I need for every host a part of the generated configuration (the one that configures the database). Here is an example of the situation with two hosts having different configuration and the other system that uses a part of the Ansible-generated configuration: host1 ansible configured dbA host2 ansible configured dbQ The other system: host1 = dbA host2 = dbQ The values are computed differently (dbQ instead of dbB for host2 for example) if it belongs in a different cluster and so on, making it unpractical to just read out host configuration from the host_vars. I believe I would need to iterate over the hosts and let Ansible figure out the computed values for the variables like it would when deploying, but I do not know how to put that result in one template. Please advise :)

    Read the article

  • Moving large amounts of data between shared hosts

    - by Bryan M.
    I recently acquired a client who is a photographer and was interested in moving web hosts since his current host had threatened to throw him off due to CPU spiking. The migration went fairly easily, with about 350MBs of website and media files. Then I discovered about 60GBs of client galleries he had failed to mention. I am unable to move this much data myself, since I'm capping out at about 20kb/s on the FTP connection. Has anyone encountered a situation where they needed to migrate this much data between cheap hosting? Should we contact the hosting companies about this (he is moving from Westhost to MediaTemple)?

    Read the article

  • Webmin - Setting up multiple virtual hosts - Subdomains

    - by Aaron
    Can someone please help me in using WEBMIN to setup virtual hosts. My current domain www.MYDOMAINLOLFAKE.com currently functions. Settings are as follows - Apache - Handles the name-based server www.MYDOMAINLOLFAKE.com on all addresses Address Any Port 80 Server Name www.MYDOMAINLOLFAKE.com Document Root /var/www/html BIND DNS Server - Master Zone MYDOMAINLOLFAKE.com ns1.mydomainlolfake.com IPHERE - works ns2.mydomainlolfake.com IPHERE - works mydomainlolfake.com IPHERE - works www.mydomainlolfake.com IPHERE -works mail.mydomainlolfake.com IPHERE - works ftp.mydomainlolfake.com IPHERE - works What I need - something.mydomainlolfake.com -- CANT GET THIS TO WORK What I tried - Create new virtual host Handles the name-based server something.mydomainlolfake.com on something.mydomainlolfake.com Address Any Port 81 Document Root: /var/www/vhosts/something What happens - I create the new VHOST and then ALL address try to go to that new Document root. I need different addresses to go to their respective folders. Can someone please give me better instructions on how to set that up using webmin? TLDR# How do I make a something.mydomainlolfake.com subdomain work in webmin on my CENTOS 6 web server?

    Read the article

  • How to list down hosts with nmap 5.51

    - by Wild Bill
    I was using nmap 5.21 with the -PN, -F and --reason flags in version 5.21. I was outputting the results to an XML file. It would list ALL hosts (say I gave it a /24 subnet to scan. I then updated to 5.51 and ran the exact same command, but it no longer lists down hosts, just ones that are up. Is there a new flag to list down hosts? OR did this get removed in 5.51? My full options are: -sS -n -PN -SV -F --reason I've also used and removed --open but it will not list down hosts in my XML output.

    Read the article

  • Changing hosts but keep old emails [closed]

    - by LDaniel
    Possible Duplicate: Change host / keep emails OK here's the situation...I'm trying to transfer my domain and email address to a new hosting service and I would like to start using Google's domain apps for my email, etc. My email address is currently on a WebMail type platform and when I move my domain and start using Google domain apps I would also like to keep the old emails and have them imported the the email address on Google. Note: The email address will be the same on both hosts. For example [email protected]. So its keeping the same address between two different systems. I've been Googling how to do this for awhile and all the migrate options that come up don't appear in the the Google inbox setting or domain apps config settings. Any help is greatly appreciated.

    Read the article

  • nginx problem accessing virtual hosts

    - by Sc0rian
    I am setting up nginx as a reverse proxy. The server runs on directadmin and lamp stack. I have nginx running on port 81. I can access all my sites (including virtual ips) on the port 81. However when I forward the traffic from port 80 to 81, the virtual ips have a message saying "Apache is running normally". Server IPs are fine, and I can still access virtual IP's on 81. [root@~]# netstat -an | grep LISTEN | egrep ":80|:81" tcp 0 0 <virtual ip>:81 0.0.0.0:* LISTEN tcp 0 0 <virtual ip>:81 0.0.0.0:* LISTEN tcp 0 0 <serverip>:81 0.0.0.0:* LISTEN tcp 0 0 :::80 :::* LISTEN apache 24090 0.6 1.3 29252 13612 ? S 18:34 0:00 /usr/sbin/httpd -k start -DSSL apache 24092 0.9 2.1 39584 22056 ? S 18:34 0:00 /usr/sbin/httpd -k start -DSSL apache 24096 0.2 1.9 35892 20256 ? S 18:34 0:00 /usr/sbin/httpd -k start -DSSL apache 24120 0.3 1.7 35752 17840 ? S 18:34 0:00 /usr/sbin/httpd -k start -DSSL apache 24495 0.0 1.4 30892 14756 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24496 1.0 2.1 39892 22164 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24516 1.5 3.6 55496 38040 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24519 0.1 1.2 28996 13224 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24521 2.7 4.0 58244 41984 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24522 0.0 1.2 29124 12672 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24524 0.0 1.1 28740 12364 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24535 1.1 1.7 36008 17876 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24536 0.0 1.1 28592 12084 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24537 0.0 1.1 28592 12112 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24539 0.0 0.0 0 0 ? Z 18:35 0:00 [httpd] <defunct> apache 24540 0.0 1.1 28592 11540 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL apache 24541 0.0 1.1 28592 11548 ? S 18:35 0:00 /usr/sbin/httpd -k start -DSSL root 24548 0.0 0.0 4132 752 pts/0 R+ 18:35 0:00 egrep apache|nginx root 28238 0.0 0.0 19576 284 ? Ss May29 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf apache 28239 0.0 0.0 19888 804 ? S May29 0:00 nginx: worker process apache 28240 0.0 0.0 19888 548 ? S May29 0:00 nginx: worker process apache 28241 0.0 0.0 19736 484 ? S May29 0:00 nginx: cache manager process here is my nginx conf: cat /usr/local/nginx/conf/nginx.conf user apache apache; worker_processes 2; # Set it according to what your CPU have. 4 Cores = 4 worker_rlimit_nofile 8192; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; server_tokens off; access_log /var/log/nginx_access.log main; error_log /var/log/nginx_error.log debug; server_names_hash_bucket_size 64; sendfile on; tcp_nopush on; tcp_nodelay off; keepalive_timeout 30; gzip on; gzip_comp_level 9; gzip_proxied any; proxy_buffering on; proxy_cache_path /usr/local/nginx/proxy_temp levels=1:2 keys_zone=one:15m inactive=7d max_size=1000m; proxy_buffer_size 16k; proxy_buffers 100 8k; proxy_connect_timeout 60; proxy_send_timeout 60; proxy_read_timeout 60; server { listen <server ip>:81 default rcvbuf=8192 sndbuf=16384 backlog=32000; # Real IP here server_name <server host name> _; # "_" is for handle all hosts that are not described by server_name charset off; access_log /var/log/nginx_host_general.access.log main; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://<server ip>; # Real IP here client_max_body_size 16m; client_body_buffer_size 128k; proxy_buffering on; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 120; proxy_buffer_size 16k; proxy_buffers 32 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; } } include /usr/local/nginx/vhosts/*.conf; } here is my vhost conf: # cat /usr/local/nginx/vhosts/1.conf server { listen <virt ip>:81 default rcvbuf=8192 sndbuf=16384 backlog=32000; # Real IP here server_name <virt domain name>.com ; # "_" is for handle all hosts that are not described by server_name charset off; access_log /var/log/nginx_host_general.access.log main; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://<virt ip>; # Real IP here client_max_body_size 16m; client_body_buffer_size 128k; proxy_buffering on; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 120; proxy_buffer_size 16k; proxy_buffers 32 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } }

    Read the article

  • hosts.deny ignored by MacOSX 10.8

    - by David Holm
    I have been trying to set up my MacOS X Server, which I recently upgraded to Mountain Lion, to use denyhosts as I need to open port 22 to it. denyhosts is set up and adds entries to /etc/hosts.deny so I decided to add my laptops IP to it in order to verify that it actually works but I can still log in and my IP shows up in /private/var/log/system.log. I even rebooted the server once just to be sure there wasn't some service that had to be restarted. I tried the following entries: ALL: <my laptop's IP> sshd: <my laptop's IP> sshd: 127.0.0.1 My /etc/sshd_config has the following parameters set: UsePAM yes UseDNS no I Googled if deny.hosts has been deprecated in OSX 10.7 or 10.8 but I couldn't find any indications that it has. Any ideas of what is going wrong or if there is an alternative way to achieve the same result? Yes, a private key would solve this problem but for the time being I would like to stick to using password authentication. I also like the idea of denyhosts actually blocking access to all services running on the server and not just ssh.

    Read the article

  • Best way to setup hosts, subdomains, and IPs [closed]

    - by LynnOwens
    I own a domain, let's call it mydomain.com. I need to host the following off it: forums.mydomain.com www.mydomain.com blog.mydomain.com objects.mydomain.com I believe I can get 5 static IPs. I plan on assigning one each to those four hosts. Then I need to adhoc create names, all below objects.mydomain.com. For instance: one.objects.mydomain.com two.objects.mydomain.com three.objects.mydomain.com I need to create these names programatically, and without human intervention. Preferably, they would not get their own IPs. They would use the IP of objects.mydomain.com. First question: Does this mean that I need to host my own DNS? Second question: I'm using Apache as a web server. What does the virtual host configuration look like? I was experimenting with the following to understand how routing on domain names works and I always ended up at www. <VirtualHost *:80> ServerAdmin [email protected] ServerName www.mydomain.com ServerAlias www.mydomain.com DocumentRoot "E:/Static/www" RewriteEngine On RewriteRule ^(/www/.*) /www$1 </Virtualhost> <VirtualHost *:80> ServerAdmin [email protected] ServerName forums.mydomain.com ServerAlias forums.mydomain.com DocumentRoot "E:/Static/forums" RewriteEngine On RewriteRule ^(/forums/.*) /forums$1 </Virtualhost>

    Read the article

  • Ububtu 13.04 Rename Computer

    - by Sourabh
    How can I rename my computer? Renaming it in /etc/hosts and /etc/hostname does something weird. Before renaming it, I am able to open these files via sublime using sudo subl /etc/hosts but when I rename my Computer (using nano) and open any of these files using subl, I get this message: No protocol specified (sublime_text:20071): Gtk-WARNING **: cannot open display: :0.0 So I guess renaming in the above files is not the only thing I have to do. PS: If I rename using sublime, after renaming one of the files, I get same message when I try to open other file

    Read the article

  • Apahe configuration with virtual hosts and SSL on a local network

    - by Petah
    I'm trying to setup my local Apache configuration like so: http://localhost/ should serve ~/ http://development.somedomain.co.nz/ should serve ~/sites/development.somedomain.co.nz/ https://development.assldomain.co.nz/ should serve ~/sites/development.assldomain.co.nz/ I only want to allow connections from our local network (192.168.1.* range) and myself (127.0.0.1). I have setup my hosts file with: 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost 127.0.0.1 development.somedomain.co.nz 127.0.0.1 development.assldomain.co.nz 127.0.0.1 development.anunuseddomain.co.nz My Apache configuration looks like: Listen 80 NameVirtualHost *:80 <VirtualHost development.somedomain.co.nz:80> ServerName development.somedomain.co.nz DocumentRoot "~/sites/development.somedomain.co.nz" DirectoryIndex index.php <Directory ~/sites/development.somedomain.co.nz> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <VirtualHost localhost:80> DocumentRoot "~/" ServerName localhost <Directory "~/"> Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> <IfModule mod_ssl.c> Listen *:443 NameVirtualHost *:443 AcceptMutex flock <VirtualHost development.assldomain.co.nz:443> ServerName development.assldomain.co.nz DocumentRoot "~/sites/development.assldomain.co.nz" DirectoryIndex index.php SSLEngine on SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /Applications/XAMPP/etc/ssl.crt/server.crt SSLCertificateKeyFile /Applications/XAMPP/etc/ssl.key/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 <Directory ~/sites/development.assldomain.co.nz> SSLRequireSSL Options Indexes FollowSymLinks ExecCGI Includes AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> </IfModule> http://development.somedomain.co.nz/ http://localhost/ and https://development.assldomain.co.nz/ work fine. The problem is when I request http://development.anunuseddomain.co.nz/ or http://development.assldomain.co.nz/ it responds with the same as http://development.somedomain.co.nz/ I want it to deny all requests that do not match a virtual host server name and all requests to a https host that are requested with http PS I'm running XAMPP on Mac OS X 10.5.8

    Read the article

  • Setting directory security to allow user and deny all

    - by Rita
    I have winforms app, in which I need to access a secured directory. I'm using impersonation and create WindowsIdentity to access the folder. My problem is writing unit tests to test the directory security; I'd like to a write a code that creates a directory secured to only ONE user, which isn't the current user running the UT (or else the test would be worthless). I know how to add permissions to a certain user, but how can I deny the rest, including admins? (in case the user running the UT is an admin) (will this be a wise thing to do?) DirectoryInfo directoryInfo = new DirectoryInfo(path); DirectorySecurity directorySecurity = directoryInfo.GetAccessControl(); directorySecurity.AddAccessRule(new FileSystemAccessRule("Domain\SecuredUser", FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Allow)); directorySecurity.RemoveAccessRule(new FileSystemAccessRule("??", FileSystemRights.FullControl, InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit, PropagationFlags.InheritOnly, AccessControlType.Deny)); directoryInfo.SetAccessControl(directorySecurity); This isn't working. I don't know who am I supposed to deny. Domain\Admins, Domain\Administrators, me... No one is being denied, and when I check folder's security - The SecuredUser has access to the folder, but the permissions are not checked, even though I specified FullControl. Basically I want to code this: <authorization> <allow users ="Domain\User" /> <deny users="*" /> </authorization> I was thinking about impersonating UT run with a weak user with no permissions, but this would result in: Impersonate - Run UT - Impersonate - Access folder, and I'm not sure if this is the right design. Help would be greatly appreciated, thank you.

    Read the article

  • vSphere ESX 5.5 hosts cannot connect to NFS Server

    - by Gerald
    Summary: My problem is I cannot use the QNAP NFS Server as an NFS datastore from my ESX hosts despite the hosts being able to ping it. I'm utilising a vDS with LACP uplinks for all my network traffic (including NFS) and a subnet for each vmkernel adapter. Setup: I'm evaluating vSphere and I've got two vSphere ESX 5.5 hosts (node1 and node2) and each one has 4x NICs. I've teamed them all up using LACP/802.3ad with my switch and then created a distributed switch between the two hosts with each host's LAG as the uplink. All my networking is going through the distributed switch, ideally, I want to take advantage of DRS and the redundancy. I have a domain controller VM ("Central") and vCenter VM ("vCenter") running on node1 (using node1's local datastore) with both hosts attached to the vCenter instance. Both hosts are in a vCenter datacenter and a cluster with HA and DRS currently disabled. I have a QNAP TS-669 Pro (Version 4.0.3) (TS-x69 series is on VMware Storage HCL) which I want to use as the NFS server for my NFS datastore, it has 2x NICs teamed together using 802.3ad with my switch. vmkernel.log: The error from the host's vmkernel.log is not very useful: NFS: 157: Command: (mount) Server: (10.1.2.100) IP: (10.1.2.100) Path: (/VM) Label (datastoreNAS) Options: (None) cpu9:67402)StorageApdHandler: 698: APD Handle 509bc29f-13556457 Created with lock[StorageApd0x411121] cpu10:67402)StorageApdHandler: 745: Freeing APD Handle [509bc29f-13556457] cpu10:67402)StorageApdHandler: 808: APD Handle freed! cpu10:67402)NFS: 168: NFS mount 10.1.2.100:/VM failed: Unable to connect to NFS server. Network Setup: Here is my distributed switch setup (JPG). Here are my networks. 10.1.1.0/24 VM Management (VLAN 11) 10.1.2.0/24 Storage Network (NFS, VLAN 12) 10.1.3.0/24 VM vMotion (VLAN 13) 10.1.4.0/24 VM Fault Tolerance (VLAN 14) 10.2.0.0/24 VM's Network (VLAN 20) vSphere addresses 10.1.1.1 node1 Management 10.1.1.2 node2 Management 10.1.2.1 node1 vmkernel (For NFS) 10.1.2.2 node2 vmkernel (For NFS) etc. Other addresses 10.1.2.100 QNAP TS-669 (NFS Server) 10.2.0.1 Domain Controller (VM on node1) 10.2.0.2 vCenter (VM on node1) I'm using a Cisco SRW2024P Layer-2 switch (Jumboframes enabled) with the following setup: LACP LAG1 for node1 (Ports 1 through 4) setup as VLAN trunk for VLANs 11-14,20 LACP LAG2 for my router (Ports 5 through 8) setup as VLAN trunk for VLANs 11-14,20 LACP LAG3 for node2 (Ports 9 through 12) setup as VLAN trunk for VLANs 11-14,20 LACP LAG4 for the QNAP (Ports 23 and 24) setup to accept untagged traffic into VLAN 12 Each subnet is routable to another, although, connections to the NFS server from vmk1 shouldn't need it. All other traffic (vSphere Web Client, RDP etc.) goes through this setup fine. I tested the QNAP NFS server beforehand using ESX host VMs atop of a VMware Workstation setup with a dedicated physical NIC and it had no problems. The ACL on the NFS Server share is permissive and allows all subnet ranges full access to the share. I can ping the QNAP from node1 vmk1, the adapter that should be used to NFS: ~ # vmkping -I vmk1 10.1.2.100 PING 10.1.2.100 (10.1.2.100): 56 data bytes 64 bytes from 10.1.2.100: icmp_seq=0 ttl=64 time=0.371 ms 64 bytes from 10.1.2.100: icmp_seq=1 ttl=64 time=0.161 ms 64 bytes from 10.1.2.100: icmp_seq=2 ttl=64 time=0.241 ms Netcat does not throw an error: ~ # nc -z 10.1.2.100 2049 Connection to 10.1.2.100 2049 port [tcp/nfs] succeeded! The routing table of node1: ~ # esxcfg-route -l VMkernel Routes: Network Netmask Gateway Interface 10.1.1.0 255.255.255.0 Local Subnet vmk0 10.1.2.0 255.255.255.0 Local Subnet vmk1 10.1.3.0 255.255.255.0 Local Subnet vmk2 10.1.4.0 255.255.255.0 Local Subnet vmk3 default 0.0.0.0 10.1.1.254 vmk0 VM Kernel NIC info ~ # esxcfg-vmknic -l Interface Port Group/DVPort IP Family IP Address Netmask Broadcast MAC Address MTU TSO MSS Enabled Type vmk0 133 IPv4 10.1.1.1 255.255.255.0 10.1.1.255 00:50:56:66:8e:5f 1500 65535 true STATIC vmk0 133 IPv6 fe80::250:56ff:fe66:8e5f 64 00:50:56:66:8e:5f 1500 65535 true STATIC, PREFERRED vmk1 164 IPv4 10.1.2.1 255.255.255.0 10.1.2.255 00:50:56:68:f5:1f 1500 65535 true STATIC vmk1 164 IPv6 fe80::250:56ff:fe68:f51f 64 00:50:56:68:f5:1f 1500 65535 true STATIC, PREFERRED vmk2 196 IPv4 10.1.3.1 255.255.255.0 10.1.3.255 00:50:56:66:18:95 1500 65535 true STATIC vmk2 196 IPv6 fe80::250:56ff:fe66:1895 64 00:50:56:66:18:95 1500 65535 true STATIC, PREFERRED vmk3 228 IPv4 10.1.4.1 255.255.255.0 10.1.4.255 00:50:56:72:e6:ca 1500 65535 true STATIC vmk3 228 IPv6 fe80::250:56ff:fe72:e6ca 64 00:50:56:72:e6:ca 1500 65535 true STATIC, PREFERRED Things I've tried/checked: I'm not using DNS names to connect to the NFS server. Checked MTU. Set to 9000 for vmk1, dvSwitch and Cisco switch and QNAP. Moved QNAP onto VLAN 11 (VM Management, vmk0) and gave it an appropriate address, still had same issue. Changed back afterwards of course. Tried initiating the connection of NAS datastore from vSphere Client (Connected to vCenter or directly to host), vSphere Web Client and the host's ESX Shell. All resulted in the same problem. Tried a path name of "VM", "/VM" and "/share/VM" despite not even having a connection to server. I plugged in a linux system (10.1.2.123) into a switch port configured for VLAN 12 and tried mounting the NFS share 10.1.2.100:/VM, it worked successfully and I had read-write access to it I tried disabling the firewall on the ESX host esxcli network firewall set --enabled false I'm out of ideas on what to try next. The things I'm doing differently from my VMware Workstation setup is the use of LACP with a physical switch and a virtual distributed switch between the two hosts. I'm guessing the vDS is probably the source of my troubles but I don't know how to fix this problem without eliminating it.

    Read the article

  • Deny login from certain hosts if logging in with specific sql credentials

    - by Dave
    I want to stop some of our developers from connecting to the production sql server using a specific sql account. They have rights to connect through windows authentication with lower rights. They claim that changing the password will affect too many other processes running on our processing machine. So I want to deny access if they're connecting from there dev machines for now. Another way this would work is if I could just allow connections from one specific host.

    Read the article

  • Deny Home-Directory-Access for root

    - by theomega
    Hy, a friend and me want to share a Linux-Machine. We both need to get root-rights via sudo for administering that machine. Is it somehow possible to deny the access to the home-folder for the other one, although he can become root? Thanks!

    Read the article

  • Unable to get squid working for remote users

    - by Sean
    I am trying to setup squid 3.2.4, but I have not been able to get it working for remote users. Works fine locally. Unable to figure out what I am doing wrong... http_port 3128 transparent ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/share/ssl-cert/myCA.pem refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 acl localnet src 10.0.0.0/8 # RFC 1918 possible internal network acl localnet src 172.16.0.0/12 # RFC 1918 possible internal network acl localnet src 192.168.0.0/16 # RFC 1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access allow localhost http_access allow localnet http_access allow all cache deny all via off forwarded_for off header_access From deny all header_access Server deny all header_access WWW-Authenticate deny all header_access Link deny all header_access Cache-Control deny all header_access Proxy-Connection deny all header_access X-Cache deny all header_access X-Cache-Lookup deny all header_access Via deny all header_access Forwarded-For deny all header_access X-Forwarded-For deny all header_access Pragma deny all header_access Keep-Alive deny all acl ip1 localip 1.1.1.90 acl ip2 localip 1.1.1.91 acl ip3 localip 1.1.1.92 acl ip4 localip 1.1.1.93 acl ip5 localip 1.1.1.94 tcp_outgoing_address 1.1.1.90 ip1 tcp_outgoing_address 1.1.1.91 ip2 tcp_outgoing_address 1.1.1.92 ip3 tcp_outgoing_address 1.1.1.93 ip4 tcp_outgoing_address 1.1.1.94 ip5 tcp_outgoing_address 1.1.1.90

    Read the article

  • Dynamically find other hosts in a LAN in Java

    - by Federico Cristina
    A while ago I developed a little LAN chat app. in Java which allows chatting with other hosts, send images, etc. Although it was created just for fun, now it's being used where I work. Currently, there is no "chat server" on the app. where each client registers, updates it's status, etc. (I liked the idea of symmetric design and not depending on a server running on some other machine). Instead, each host is a client/server which has a hosts.properties file with the hostname of the other hosts, and - for instance - broadcasts to each one of them when sending a massive message/image/whatever. In the beginning there were just a couple of hosts, so this hosts.properties file wasn't an issue. But as the amount of users increased, the need of updating that file was a bit daunting. So now I've decided to get rid of it, and each time the app. starts, dynammically find the other active hosts. However, I cannot find the correct way of implement this. I've tried starting different threads, each one of them searching for other hosts in a known range of IP addresses. Something like this (simplified for the sake of readability): /** HostsLocator */ public static void searchForHosts(boolean waitToEnd) { for (int i=0; i < MAX_IP; i+= MAX_IP / threads) { HostsLocator detector = new HostsLocator(i, i+(MAX_IP / threads - 1)); // range: from - to new Thread(detector).start(); } } public void run() { for (int i=from; i<=to; i++) findHosts( maskAddress + Integer.toString(i) ); } public static boolean findHosts(String IP) { InetAddress address = InetAddress.getByName(IP); if ( address.isReachable(CONNECTION_TIME_OUT) ) // host found! } However: With a single thread and a low value in CONNECTION_TIME_OUT (500ms) I get wrong Host Not Found status for for hosts actually active. With a high value in CONNECTION_TIME_OUT (5000ms) and only one single thread takes forever to end With several threads I've also found problems similar like the first one, due to collisions. So... I guess there's a better way of solving this problem but I couldn't find it. Any advice? Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 2 3 4 5 6 7 8 9 10 11 12 13  | Next Page >