Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

Page 833/1180 | < Previous Page | 829 830 831 832 833 834 835 836 837 838 839 840 | Next Page >

High quality/performance shared hosting (in northern Europe)

- by Bente

I work as a web developer on almost all levels. However, my typical customer is a 1-5 guys running some sort of consulting business. They have (or want) a web page with some kind of CMS so the can perform most (or all) editing themselves. I normally opt for Concrete5 as my default CMS because it's the most user friendly (and free) CMS I have found. My good recurring customers I host on my own server as a service, but I need a good host for the customers where I want to deliver a product and not be responsible for whatever may happen in the future. However, I still struggle with hosting! Experience shows that the typical ~1$ shared hosting is waaay to slow to run concrete5 smoothly, and a VPS is out of the question because I don't want to maintain it. So, where can I find as fast (from northern Europe), reliable, shared host where I can put a site and don't have to worry about the server going down or being unmaintained. I expect this should cost around $10-$20 but I'm open to all kinds of suggestions because different customers have different budgets.

Read the article
Is the Zune HD's audio card better or worse than the iPod touch's?

- by MatthewThepc

Firstly, if this is the wrong site to ask this question I apologize, but I didn't see one for "music players" on the stack exchange website :) After reading a few people online say that music playing from a Zune HD sounds better to them than that on an iPod touch, I was wondering whether there's any truth to that? From what I can tell, the Zune HD uses a Wolfson Microelectronics WM8352, while the first-generation iPod Touch (which the Zune HD was competing with) used a Wolfson Microelectronics WM8758BG, and newer models use the Cirrus Logic CS4398 and CS42L61. Which ones are better (to make the question less subjective, let's say in terms of quality, range, & accuracy of output)? Admittedly, I have almost no idea how everything compares and works together, but it would seem to me that, just by looking at the version numbers, the iPod has been better since it's launch. Is there anything else that effects sound quality? Thanks!

Read the article
Windows 2008, 2 NICS, routing problem

- by Srodriguez

Dear all, I've some questions regarding basic routing, can't seem to relate to other questions posted in this site. My architecture: Windows 2008 server with 2 nics in the server. NIC1: IP 10.198.6.xxx, submask 255.255.252.0, gateway 10.198.4.xxx NIC2: IP 192.168.168.xxx, submask 255.255.255, no gateway defined both NICS are just connected to two separate switches, with other computers. I want to be able that all the requests that have a destination of 192.168.168.xxx are redirected to the NIC2, all the other to the NIC1. I know it's possible to do it with the route command, but normally we have to specify a gateway? (route ADD 192.168.168.0 MASK 255.255.255.0 ???) How can this be archived? Thanks a lot for your help!

Read the article
Throttling apache downloads selectively

- by Synchro

I have a linux box running Debian Sarge (old I know) and apache 2.0.54. It serves two kinds of files - regular web pages and small images, and a lot of large podcast mp3s. The podcast downloads swamp the connection and make the rest of the site unresponsive, so I'm looking to throttle the data transfer rate (not the request rate) of just the podcasts. I've set up haproxy using this technique which does what it says it will, but solves a different problem - even only 5 simultaneous podcast downloads is enough to saturate the link. In a perfect world, haproxy would support per-connection throttling, but it doesn't. So far I've looked at mod_bw (won't compile for me, seems unsupported), mod_cband (unsupported, widely reported as problematic) and iptables using tc. The iptables approach would allow me to throttle things, but would not be at all selective, slowing down everything on the server, not just the podcasts, so would just move the bottleneck without changing overall behaviour. Ideas?

Read the article
Blocking apache access via user agent string

- by Tchalvak

I've got a scripter who is using a proxy to attack a website I'm serving. I've noticed that they tend to access the site via software with a certain common user agent string (i.e. http://www.itsecteam.com/en/projects/project1_page2.htm "Havij advanced sql injection software" with a user_agent string of Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) Havij). I'm aware that any cracking software worth it's salt will probably be able to modify it's user agent string, but I'm fine with the scripter having to deal with that feature at some point. So, is there any software out there for automatically blocking access & permanently blacklisting by matching user agent strings?

Read the article
How can I configure Adobe Help so it doesn't chatter so much with Adobe's domain?

- by Michael Prescott

Adobe Help that came with Creative Suite 5 and/or Flash Builder Pro is constantly creating network traffic with an Adobe site, www.wip4.adobe.com In the Adobe Help application Preferences, I find that I can change the settings so that I must manually download updates, but apparently the application still likes to call home and chatter non-stop with www.wip4.adobe.com. I could use something like Little Snitch to block all this spyware-like behavior, but I'd really prefer to just change the application's behavior. Is there a hidden setting or configuration file to adjust this behavior to something more appropriate and polite?

Read the article
ASP.NET MVC 3 (C#) Software Architecture

- by ryanzec

I am starting on a relatively large and ambitious ASP.NET MVC 3 project and just thinking about the best way to organize my code. The project is basically going to be a general management system that will be capable of supporting any type management system whether it be a blogging system, cms, reservation system, wikis, forums, project management system, etc…, each of them being just a separate 'module'. You can read more about it on my blog posted here : http://www.ryanzec.com/index.php/blog/details/8 (forgive me, the style of the site kinda sucks). For those who don't want to read the long blog post the basic idea is that the core system itself is nothing more than a users system with an admin interface to manage the users system. Then you just add on module as you need them and the module I will be creating is a simple blog post to test it out before I move on to the big module which is a project management system. Now I am just trying to think of the best way to structure this so that it is easy for users to add in there own modules but easy for me to update to core system without worrying about the user modifying the core code. I think the ideal way would be to have a number of core projects that user is specifically told not to modify otherwise the system may become unstable and future updates would not work. When the user wants to add in there own modules, they would just add in a new project (or multiple projects). The thing is I am not sure that it is even possible to use multiple projects all with their own controllers, razor view template, css, javascript, etc... in one web application. Ideally each module would have some of it own razor view templates, css, javascript, image files and also need access to some of the core razor view templates, css, javascript, image files which would is in a separate project. It is possible to have 1 web application run off of controllers, razor view templates, css, javascript, image files that are store in multiple projects? Is there a better was to structure this to allow the user to easily add in module with having to modify the core code?

Read the article
What is the effect on LVM snapshot size when a file block is rewritten with it's original contents?

- by NevilleDNZ

I'm exploring using LVM snapshot's to off site incremental archives from a snapshot "master" file system. In essence: simply copy across only the files on the "master" that have changed since the last incremental copy to the "archive". Then snapshot the "archive" to retain the incremental. I am a bit puzzled as to the block usage behaviour of the archive's own incremental snapshot. I'm expecting that LVM is not smart enough to know that the "file block" is actually unchanged, and the a new copy will be allocated and written for the fresh "archive" file system. Can anyone confirm this, or point me to a document/page that gives some hints? BTW: the OS hard disk cache, hard disk physical cache and hard disk itself also doesn't need to do any actual "disk writes" as the "disk block" likewise is unnecessary. Any pointers to discussion of this style of optimisation would also be ineresting.

Read the article
With Google Analytics, is it possible to check a specific page in Multi-Channel conversion attribution?

- by Emmett R.

I'm somewhat new to Google Analytics, and I'm trying to track all conversions that are assisted by a particular landing page, because I don't expect an instant purchase. I have e-commerce tracking set up. Due to the constraints of the associated ad campaign, I can't include the source/medium code in the url when people go to the landing page, and all of my traffic to the landing page is likely to be direct, so I'm not sure how to tell Multi-Channel marketing that it's a significant page. I know how to add events to a page, but I'm still figuring out what they can and cannot do. Would creating a redirect from the landing url to an identical url+source/medium code work? Any advice on how to accomplish this would be greatly appreciated. Tracking the final sale conversion is not the issue. Ecommerce reporting is functioning just fine on the site. I just want to report the landing page as an assist, whenever it shows up in the funnel, and I need to be able to do that across multiple visits.

Read the article
wamp - Changing PHP version stops server running

- by James Connor

I downloaded wamp which works (green icon). However I need to test a site locally in Joomla 1.5 which caused errors when using php 5.3 I believe I need a PHP version lower then this i.e 5.2.x To do this I have gone through PHP - Version - Get More.. and installed a older PHP version. However when I start this PHP version the icon stays on an orange colour and going in localhost doesn't work. I haven't used wamp before so my knowledge of it is limited. If anyone could point me in the right direction it would be greatly appreciated, Regards.

Read the article
How do I set up multiple Magento sites from the same domain?

- by Jenx222

I have a Magento installation with two sites, each with a shop and a view. I have an EU store in one site and a NON-EU store in the other. Both sites use a different currency. At present both of these websites are located on the same domain. I have been able to switch between stores using cookies but this seems to cause an inherit amount of problems. Every time a user creates an account on the non-default shop they get a blank error message. They also get a blank error message when they log in. Can anyone point me in the right direction? I need to use a different currency for each store but they all need to be on the same domain.

Read the article
How to have Windows 7 remember a password for a Domain

- by Kelly Jones

About eighteen months ago, I wrote a post covering how to clear saved passwords in Windows XP. This week at work I was reminded how useful it is to not only deleted saved passwords, but to also setup wildcard credentials using this same interface. The scenario that I run into as consultant working at a client site, is that my laptop is not a member of the Windows Domain that my client uses to secure their network. So, when I need to access file shares, shared printers, or even the clients internal websites, I’m prompted for a name and password. By creating a wildcard entry on my laptop (for the user account that the client issued to me), I avoid this prompt and can seamlessly access these resources. (This also works when you’ve configured Outlook to access Exchange via RPC over HTTP.) How to create a credential wild card entry in Windows 7: Go to your Start Menu --> Type "user" into the Search box Click on the “Manage your credentials” in the column on the left Click on the “Add a Windows credential” link Enter the Domain (in my case my client’s domain), something like this: *.contoso.com Enter the username and password That’s it. You should now be able to access resources in that Domain without being prompted for your name and password. Please note: if you are required to change your password periodically for that domain, you’ll need to update your saved password as well.

Read the article
Making efficeint voxel engines using "chunks"

- by Wardy

Concept I'm currently looking in to how voxel engines work with a view to possibly making one myself. I see a lot of stuff like this ... https://sites.google.com/site/letsmakeavoxelengine/home/chunks ... which talks about how to go about reducing the draw calls. What I can't seem to understand is how it actually saves draw call counts on the basis of the logic being something like this ... Without chunks foreach voxel in myvoxels DrawIfVisible() With Chunks foreach chunk in mychunks DrawIfVisible() which then does ... foreach voxel in myvoxels DrawIfVisible() So surely you saved nothing ?!?! You still make a draw call for each visible voxel do you not? A visible voxel needs a draw call in either scenario. The only real saving I can see is that the logic that evaluates a chunk will be able to determine if a large number of voxels are visible or not effectively saving a bit of "is this chunk visible" cpu time. But it's the draw calls that interest me ... The fewer of those, the faster the application. EDIT: In case it makes any difference I will probably be using XNA (DX not OpenGL) for my engine so don't consider my choice of example in the link above my choice of technology. But this question is such that I doubt it would matter.

Read the article
Client can't reach my production webserver. It's their ISP's fault, but now what?

- by MikeN

I have a customer in Michigan who can't access my production SaaS webserver that is hosted on Slicehost. All other companies across the US/Canada/Europe have no problem reaching the site. This problem is occuring intermittantly, and Slicehost customer service says it's a problem with the client's ISP. I got the IP address of my client, and ping'ing that IP address from my PROD server fails, but ping'ing the IP address from my dev box or our seperate blog server (also hosted on slicehost) works. How do I debug a problem like this? I asked the client to reach out to their local ISP and ask about this problem. A traceroute shows that the packets are getting stopped on a Comcast Michigan node which is the client's ISP. Is there anything I can do additionally to fix this problem for my client?

Read the article
how to set auto redirection in tomcat

- by Registered User

I have a site http://social.openitup.in right now what you are seeing is a default Tomcat6 page. I am using mod_ajp as a front end and Apache vhost configuration for same is <VirtualHost *:80 > ServerName social.openitup.in ServerAdmin webmaster@localhost ProxyRequests off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPreserveHost On ProxyPass / ajp://192.168.1.19:8009/ ProxyPassReverse / ajp://192.168.1.19:8009/ </VirtualHost> How ever I have an application running on it http://social.openitup.in/olat what I want to do is when some one opens http://social.openitup.in then rather than seeing Tomcat6 home page from /var/lib/tomcat6/webapps/ROOT/index.html the person is redirected to olat application which is in /var/lib/tomcat6/webapps/olat how can this be achived? The above vhost configuration is on a machine separate than where OLAT is running.

Read the article
Retrieve malicious IP addresses from Apache logs and block them with iptables

- by Gabriel Talavera

Im trying to keep away some attackers that try to exploit XSS vulnerabilities from my website, I have found that most of the malicious attempts start with a classic "alert(document.cookie);\" test. The site is not vulnerable to XSS but I want to block the offending IP addresses before they found a real vulnerability, also, to keep the logs clean. My first thought is to have a script constantly checking in the Apache logs all IP addresses that start with that probe and send those addresses to an iptables drop rule. With something like this: cat /var/log/httpd/-access_log | grep "alert(document.cookie);" | awk '{print $1}' | uniq Why would be an effective way to send the output of that command to iptables? Thanks in advance for any input!

Read the article
Forms Authentication across Sub-Domains on local IIS

- by Parminder

I asked this question at SO http://stackoverflow.com/questions/8278015/forms-nauthentication-across-sub-domains-on-local-iis Now asking it here. I know a cookie can be shared across multiple subdomains using the setting <forms name=".ASPXAUTH" loginUrl="Login/" protection="Validation" timeout="120" path="/" domain=".mydomain.com"/> in Web.config. But how to replicate same thing on local machine. I am using windows 7 and IIS 7 on my laptop. So I have sites localhost.users/ for my actual site users.mysite.com localhost.host/ for host.mysite.com and similar.

Read the article
How can I create an AMI from an existing EC2 instance?

- by Arkaaito

(I suspect that this may already be answered somewhere, since it seems like it would be a common operation. But I can't find it, so...) I am a relative AWS newbie. I have inherited a running Amazon EC2 instance, with various items (Apache, MySQL, Sphinx, ...) installed on it and a bunch of configuration. I'd like to turn it into an AMI that I can spin up other instances from. I can't find any information on creating a custom AMI on Amazon's site - only the fact that you can, repeatedly referenced, as if to taunt me... I believe this is not an EBS-backed instance, just an "ordinary" one. I do not know what AMI it was originally created from. How would I create an AMI that I could use for spinning up other instances which will be identical except for the hostname?

Read the article
Subdomain only accessible from one computer

- by Edan Maor

I recently added a wildcard A record to my domain (*.root.com), mapping it to a certain elastic ip on AWS. I've configured apache to redirect all references to something.root.com to root.com, except for one specific "dev" subdomain, which is hosting its own site (a Django app, specifically). The Problem: This setup works perfectly for me on my computer. But on other computers around the office, it doesn't seem to work. Specifically, trying to visit dev.root.com gives an "unable to find server" error. Pinging dev.root.com gives a "cannot resolve hostname" error. The weird thing: pinging any other subdomain of root.com does work, from all machines. I would think this was all due to DNS propagation, except all the computers are behind the same office router, so how could that be the case? Any ideas?

Read the article
Mobile Web Framework that will only control rendering and page transitions

- by rlemon

I have been using jQueryMobile for a bit now, and there are some things I like about it and others I do not. First I will give a bit of background. I have a light weight mobile application that has a few configurations and 6 pages. Ideally I Would like to load all pages into the DOM (they interact with each other quite often and pages will be switched in the same frequency). The application will post for some JSON every n seconds and refresh the values on the page (yes it is primarily a information display app). with the jQuery Mobile framework the only real thing I like is how easy it is to have a standardized UI a crossed all devices and browsers, I'm really not using too much else out of the framework other than the basic page navigation (if you are familiar with the framework; a bare-bone multi-page design is all i need). Why I want to step away from jQueryMobile is how weighty it is. Not only do you need to include the mobile library, but also the base jQuery libraries. This I do not like because I'm not using jQuery anywhere else on the site. Any suggestions on light-weight mobile frameworks that have a similar rendering as jQueryMobile?

Read the article
Good firefox extension to download .flv flash video?

- by Tamás Szelei

I'm looking for a decent flash video downloader for Firefox. There are tons of them. I'd like to use it for a custom site with some random flash video player, not Youtube. How can it be accomplished? Edit: None of these methods you guys suggested worked so far; I looked up various places where the temporary file might end up - it just doesn't. It is indeed a flash player, but it seems like it's not caching - is that possible?

Read the article
Why do some web servers not respond to icmp requests?

- by John Himmelman

What is the purpose of blocking/dropping inbound ICMP traffic on a public web server? Is it common for it be blocked? I had to test if a server was accessible from various locations (tested on various servers located in different states/countries). I'd rely on ping as a quick & reliable method of determining if a server was online/network-accessible. After not receiving a response on a couple boxes, I tried using lynx to load the site, and it worked.

Read the article
iPlanet Authentication provider

- by Travis

Good day. I have stepped into project that requires a server migration that would change the means of authentication for our CAC/PKI SSL enabled website. We are using iPlanet 7 and Oracle Directory Server Enterprise 7 as our LDAP server. The situation is that the site is still CAC/PKI enabled, but at the firewall. The information we want to authenticate against is now in the http header. How do I configure iPlanet and LDAP to authenticate against the header instead of SSL? Thanks. Edit, Can this be done with IIS keeping the Directory Server EE LDAP in tact or is the ACL iPlanet only?

Read the article
Server-Sent Events using GlassFish (TOTD #179)

- by arungupta

Bhakti blogged about Server-Sent Events on GlassFish and I've been planning to try it out for past some days. Finally, I took some time out today to learn about it and build a simplistic example showcasing the touch points. Server-Sent Events is developed as part of HTML5 specification and provides push notifications from a server to a browser client in the form of DOM events. It is defined as a cross-browser JavaScript API called EventSource. The client creates an EventSource by requesting a particular URL and registers an onmessage event listener to receive the event notifications. This can be done as shown var url = 'http://' + document.location.host + '/glassfish-sse/simple';eventSource = new EventSource(url);eventSource.onmessage = function (event) { var theParagraph = document.createElement('p'); theParagraph.innerHTML = event.data.toString(); document.body.appendChild(theParagraph);} This code subscribes to a URL, receives the data in the event listener, adds it to a HTML paragraph element, and displays it in the document. This is where you'll parse JSON and other processing to display if some other data format is received from the URL. The URL to which the EventSource is subscribed to is updated on the server side and there are multipe ways to do that. GlassFish 4.0 provide support for Server-Sent Events and it can be achieved registering a handler as shown below: @ServerSentEvent("/simple")public class MySimpleHandler extends ServerSentEventHandler { public void sendMessage(String data) { try { connection.sendMessage(data); } catch (IOException ex) { . . . } }} And then events can be sent to this handler using a singleton session bean as shown: @Startup@Statelesspublic class SimpleEvent { @Inject @ServerSentEventContext("/simple") ServerSentEventHandlerContext<MySimpleHandler> simpleHandlers; @Schedule(hour="*", minute="*", second="*/10") public void sendDate() { for(MySimpleHandler handler : simpleHandlers.getHandlers()) { handler.sendMessage(new Date().toString()); } }} This stateless session bean injects ServerSentEventHandlers listening on "/simple" path. Note, there may be multiple handlers listening on this path. The sendDate method triggers every 10 seconds and send the current timestamp to all the handlers. The client side browser simply displays the string. The HTTP request headers look like: Accept: text/event-streamAccept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3Accept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8Cache-Control: no-cacheConnection: keep-aliveCookie: JSESSIONID=97ff28773ea6a085e11131acf47bHost: localhost:8080Referer: http://localhost:8080/glassfish-sse/faces/index2.xhtmlUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_3) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.54 Safari/536.5 And the response headers as: Content-Type: text/event-streamDate: Thu, 14 Jun 2012 21:16:10 GMTServer: GlassFish Server Open Source Edition 4.0Transfer-Encoding: chunkedX-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 4.0 Java/Apple Inc./1.6) Notice, the MIME type of the messages from server to the client is text/event-stream and that is defined by the specification. The code in Bhakti's blog can be further simplified by using the recently-introduced Twitter API for Java as shown below: @Schedule(hour="*", minute="*", second="*/10") public void sendTweets() { for(MyTwitterHandler handler : twitterHandler.getHandlers()) { String result = twitter.search("glassfish", String.class); handler.sendMessage(result); }} The complete source explained in this blog can be downloaded here and tried on GlassFish 4.0 build 34. The latest promoted build can be downloaded from here and the complete source code for the API and implementation is here. I tried this sample on Chrome Version 19.0.1084.54 on Mac OS X 10.7.3.

Read the article
How to set my Ubuntu account to super user at all times?

- by iaddesign

I have the latest Ubuntu installed and I'll be the only one using it off the network. My question is: how can I make myself super user at all times? Because when I try to delete a file it says I don't have privileges to do so. I know you are going to say it's a security risk but I'm off the network and want to learn all that I can. I don't want to delete the files through the terminal but want to do it through the user interface/explorer. I've installed LAMP and can't copy my site to the www directory. I've tried to remove the preinstalled index file and it won't let me.

Read the article

< Previous Page | 829 830 831 832 833 834 835 836 837 838 839 840 | Next Page >