Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 87/149 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >

• Protecting PHP packages on server

  - by Jack

  Hi, I am a php developer and have recently decided to make one of my Magento extensions commercial. I have downloaded and configured MageParts CEM Server and that is all working perfectly in regard to licencing and delivery of module packages. The only issue is that the directory that the packages are stored in could be accessed by anyone. I tried this in a .htaccess file, but now it is not working. <Files services.wsdl> allow from all </Files> deny from all Clients are receiving a 403 Forbidden response. Have I done something wrong in the .htaccess file or would there be a better way to secure the directory? Any help would be greatly appreciated.

  Read the article

• squid transparent proxy on all ports

  - by Yves Richard

  I have setup squid as a transparent proxy by redirecting port 80 to the native squid port 3128. I know there are issues with getting secure ports like ssl and imaps to go though the proxy but can I redirect all other ports through the proxy as well. I am trying to get a better idea of bandwidth usage. I have setup iptables to log usage and i am getting most traffic going into the related/established rule. I am trying to determine the origins of this traffic by sending traffic to squid for more detailed logging.

  Read the article

• sonicwall nsa 240

  - by Adam

  Hi We are looking into putting a hardware firewall into a data center to protect our rack of servers. We are using the servers for terminal services and we have 2 x 1GB connections to the Internet. We have about 50 servers supporting about 250 users which will grow very soon to 500 users. We plan to purchase 2 hardware firewalls to provide HA. Do you think the Sonicwall NSA 240 with Total Secure is a good match for this in terms of performance and protection (from spyware, virus etc?) or is there a better purchase? (Maybe a Watchguard X5 or X8?)

  Read the article

• BIOS root kit? Or, how do I fresh install a clean BIOS?

  - by Leopold_Bloom

  So I was installing questionable operating system onto my EEE pc and it required me to downgrade the BIOS which I really am not an expert at. I used a patch and it appeared to work. Now, I'm paranoid about the downgrade because, honestly, I have no idea where the code came from or what could be in it. My question, then, is it possible to "start over" completely fresh with my BIOS? As in wipe out the possibly malicious BIOS and go back to the manufacturer-provided one? Has anyone done something similar to this? I just want to install Ubuntu Netbook Remix to the EEE pc 1000 but I want to make sure the BIOS are secure. Any advice would help tremendously, or am I just being uber paranoid? BIOS are definitely not my strength.

  Read the article

• Jail Linux user to directory for FTP login

  - by Greg

  I'm planning on using vsftpd to act as a secure ftp server, but I am having difficulty controlling the linux users that will be used as ftp logins. The users are required to be "jailed" into a specific directory (and subdirectories) and have full read/write access. Requirements: - User account "admin_ftp" should be jailed to /var/www directory. - Other accounts will be added as needed, for each site... e.g: - User account "picturegallery_ftp" should be jailed to /var/www/picturegallery.com directory. I have tried the following, but to no avail: # Group to store all ftp accounts in. groupadd ftp_accounts # Group for single user, with the same name as the username. groupadd admin_ftp useradd -g admin_ftp -G ftp_accounts admin_ftp chgrp -R ftp_accounts /var/www chmod -R g+w /var/www When I log into FTP using account admin_ftp, I am given the error message: 500 OOPS: cannot change directory:/home/admin_ftp But didn't I specify the home directory? Extra internets for a guide how to do this specifically for vsftpd :)

  Read the article

• Shared block device file system (cluster file system without networking)

  - by fungs

  Is there any file system that can be mounted multiple times and supports concurrent file access for Linux? Basically I want something like a cluster file system but without the need to have a running network for a distributed lock manager. That can be very handy in connection with virtual machines that can share data with the host or another VM without the need to create a network link. This I want to avoid to keep the network architecture secure (virtual machine in DMZ) but share large files. No need to scale it up, just two machines that mount the same block device. Shouldn't it be possible to have file locking information right on the disk?

  Read the article

• How to route traffic through a specific SOCKS proxy on a per-app basis?

  - by GJ.

  I'm running a certain desktop app (actually via AIR if it makes any difference) which doesn't have any built-in proxy configuration settings. I need to get all traffic just from this app directed through a secure SOCKS proxy. This implies I can't use the global network preferences, as these would affect many other apps. Is there any way to force all network communication through a given SOCKS proxy on a per-app basis? It would also be helpful to know if there's a way to perform such routing globally, based on specific IP addresses (as this could allow for some reasonable workaround).

  Read the article

• Check availability of my websites

  - by DeChinees

  Hi, How can I check the availability of websites from hosted by company? Ping the server and checking if the services for IIS or Apache/Tomcat is not enough. I want to see if the sites are responsive, if I can login. My idea is to build a script using cURL to access the websites and parse for certain words. However using cURL to access a secure site (HTTPS://www.fleetagent.be) doesnt seem to work. cURL might not be the best tool! Any ideas how to check the availability of this website? Thanks in advance, Darrell

  Read the article

• Accessing the Internet via browser

  - by ucas

  I am on Windows 7 and using Firefox browser. I am using WiFi, but since the morning I cannot access the Internet via the browsers (Firefox, Chrome, or IE). The laptop shows there is Internet connection, Skype is online, but I can't reach the Internet. Then I launched Tor application which creates secure channel and provides its Firefox browser. Well, I can now access the Internet over that browser. So, what might be the problem causing this malfunction? The error: The connection has timed out The server at mail.google.com is taking too long to respond. The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer's network connection. If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. Best regards

  Read the article

• maintaining redirects in nginx from an external source

  - by Sascha

  I am in the situation to give our marketing department the opportunity to maintain their redirects by their own. Until now, they passed the information to the IT department and we maintained it for them in nginx.conf. Some of these guys are quite familiar with redirections in IIS or even in apache but it is no option to give them direct access to the nginx configuration. I see, that there is no nginx support for .htaccess files which I could give access to and I would also prefer not to grant write access to an conf-file that nginx includes. I expect, that our marketing will break our nginx setup within hours... Is there a secure possibility without giving them access our the heart of our load balancer?

  Read the article

• SSH tunnel & Rsync thru two proxy/firewalls

  - by cajwine

  Screnario: [internal_server_1]AA------AB[firewall_1]AC----+ 10.2.0.3-^ ^-10.2.0.2 | internet 10.3.0.3-v v-10.3.0.2 | [internal_server_2]BA------BB[firewall_2]BC----+ Ports AC,BC has valid internet addresses. All systems run linux and have root acces to all. Need securely rsync internal_server_1:/some/path into internal_server_2:/another/path My idea is make ssh secure tunnel between two firewalls, e.g. from firewall_1 firewall1# ssh -N -p 22 -c 3des user2@firewall_2.example.com -L xxx/10.3.0.3/xxxx and after will run rsync from internal_server_1 somewhat like: intenal1# rsync -az /some/path [email protected]:/another/path I don't know how to make a correct ssh tunnel for rsync (what ports need tunnel) and to where i will make the rsync? (remote comp address in case of ssh tunnel) Any idea or pointer to helpfull internet resource for this case? thanx.

  Read the article

• Why shibboleth IdP idp-metadata.xml recommends 8443 for SOAP?

  - by toma

  After the install.sh of 2.4.0 Shibboleth Identity Server, the idp-metadata.xml file is created. Why is that? Is not enough secure to use the standard HTTPS/443 port? <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/> <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/SLO" /> <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.example.com:8443/idp/profile/SAML1/SOAP/AttributeQuery"/> <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.example.com:8443/idp/profile/SAML2/SOAP/AttributeQuery"/> Thanks, Tamas

  Read the article

• Multiple email accounts from the same server in Emacs Gnus

  - by docgnome

  I'm trying to set up Gnus to use both my gmail accounts but I can only ever get one at a time to show up in the list of folders. (setq gnus-select-method '(nnimap "[email protected]" (nnimap-address "secure.emailsrvr.com") (nnimap-server-port 993) (nnimap-stream ssl))) (setq gnus-secondary-select-methods '((nnimap "[email protected]" (nnimap-address "imap.gmail.com") (nnimap-server-port 993) (nnimap-stream ssl)) (nnimap "[email protected]" (nnimap-address "imap.gmail.com") (nnimap-server-port 993) (nnimap-stream ssl)))) That is the relevant portions of my .gnus file. It prompts me for three username passwords on startup. After I enter all three, I can access my work account and the gmail account that I enter the creds for second. This is really annoying! Any ideas?

  Read the article

• Ad Agency storage/file server +backup needed (NAS or something else?)

  - by Rob

  Looking for a "this is all you need" recommendation. We're a small ad agency with both mac & pcs that access and share files from a 3 yr old Windows 2000 box (no server software). We currently have 1TB on the "server" and back it up to 2 different Seagate Free Agent Pro 1TB external drives. But we're low on space and are looking for something that's bigger, that we can still access from Mac & PC, EASY backup system, secure from viruses, firewall enabled. Not sure if a NAS will work or if we should have a real server. We don't really get on that box except to restore files, or run Norton on it. I hope I've provided enough for a general recommendation. Thanks. Rob Phx

  Read the article

• Dovecot and StartSSL problems with issuer

  - by knoim

  I am using dovecot (1) and trying to get my StartSSL certificate running. ssl_key_file points to my private key I tried pointing ssl_cert_file to my public key, with and without using the class1 certificate from http://www.startssl.com/certs/sub.class1.server.ca.pem as ssl_ca_file aswell as combing them with cat publickey sub.class1.server.ca.pem chained My mail client keeps telling me the certificate has no issuer, but doing openssl x509 on my public certificate tells me it is C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA My option for the CSR were: openssl req -new -newkey rsa:4096 -nodes Dovecot's log doesn't mention any problems. EDIT: Doesn't seem to be a problem with dovecot. I am having the same problem with postfix. openssl verify gives me the same error.

  Read the article

• Sending emails with remote mail server in ASP.NET blocked by Windows firewall?

  - by Dave

  I want to migrate a web application from a Windows Server 2003 to a Windows Server 2008 R2. All works fine except sending emails from the application. If I configure the application to use the smtp server on "localhost" it works, but changing it to the "real" host name (e.g. mail.example.org) no mail is sent. The error message says, that the remote server needs a secure connection or smtp authentication. But since it works when using "localhost" instead of the host name I doubt that this is the problem. Also it's unlikely a problem with the mail server, I also tried it with another one. So for me it seems like the firewall is blocking the outgoing connection to the mail server. I tried to open port 25, but it still did not work. Maybe I just did it the wrong way.

  Read the article

• Recommendation for a non-standard SSL port

  - by onurs

  Hey guys, On our server I have a single IP, and need to host 2 different SSL sites. Sites have different owners so have different SSL certificates, and can't share the same certificate with SAN. So as a last resort I have modified the web application to give the ability to use a specified port for secure pages. For its simple look I used port 200. However I'm worried about some visitors may be unable to see the site because of their firewalls / proxies blocking the port for ssl connections. I heard some people were unable to see the website, a home user and someone from an enterprise company, don't know if this was the reason. So, any recommendations for a non-standard SSL port number (443 is used by the other site) which may work for visitors better than port 200 ? Like 8080 or 8443 perhaps? Thanks!

  Read the article

• Securing a local server physically

  - by Daniele

  We are an online business. We have a very powerful server with hard disk mirroring in our office that we are using for a variety of internal business-critical functions. We want to keep that machine in our office but we want to make sure it is as secure as possible (within reason). Obviously we are already backing it up everyday off-site. My question is more about not-too-expensive physical measures to protect the machine against thieves and disasters such as fire. What would you suggest?

  Read the article

• PHP + IIS Application Pool Identity Windows\Temp permissions

  - by Matt Boothman

  I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

  Read the article

• How to decide where to purchase a wildcard SSL certificate?

  - by user664833

  Recently I needed to purchase a wildcard SSL certificate (because I need to secure a number of subdomains), and when I first searched for where to buy one I was overwhelmed with the number of choices, marketing claims, and price range. I created a list to help me see passed the marketing gimmicks that the greater majority of the Certificate Authorities (CAs) plaster all over their sites. In the end my personal conclusion is that pretty much the only things that matter are the price and the pleasantness of the CA's website. Question: Besides price and a nice website, is there anything worthy of my consideration in deciding where to purchase a wildcard SSL certificate?

  Read the article

• Forwarding 80 to 443 on Nagios woes

  - by Ethabelle

  I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL. So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right? So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule; RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://our.server.org/$1 [R,L] This does absolutely nothing. Does nada. Whhhyy.. Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ... I'm a baddie :(

  Read the article

• publish over ssh jenkins

  - by Pravish

  I have been working on a small project where need to copy files from one windows machine to another through jenkins in a secure way. I have heard about publish over ssh plugin in Jenkins. I tried to set that up but no luck. Did anybody do that and help me in that? Even to resolve it, i had installed openssh with cygwin on both the windows server and tried to copy the files (through SCP) or just connect both hosts (through ssh) in linux way through cygwin but always gets error of - ssh 3612 tty_list::allocate_tty: No tty allocated or scp 2680 tty_list::allocate_tty: No tty allocated Please help!

  Read the article

• Force users to access SSL site using specific host header

  - by mwillmott

  Hi, So i am running IIS7 with one SSL site on it. I have a few different domains and subdomains that all point to my external IP. When using http they all direct to their respective sites using host headers. Whenever someone uses https on any of the domains they all point to my SSL site. I only want people who type in https://sub.domain.com (for example) to end up at my secure site and for anything else to just not go there, it can throw an error or direct to the http version, it doesn't matter. Is there a way of getting IIS7 to check the host header and throw an error if it doesn't match my specific subdomain? Thanks, Michael

  Read the article

• Set up a root server using Ubuntu and Virtualization

  - by Daniel Völkerts

  Hello, I'd like to setup a fresh root server and install a linux based virtualization on it. My thoughts are on: Intel VTs Hardware Ubuntu 9.10 KVM based virt. The access to the root server will only be SSH for Administration. Has anybody done this before, what was your glues discovered in the daily use? My requirements are: very secure, so the root server only has ssh to the dom-0 and minimalistic ports for the guest (e.g. http/s). good monitoring of host/guest (my idea is to using zabbix for it) easy and fast administration (how are the command line tools working for you? cryptiv? high learning curve?) I'm pleased to learn from your suggestions. Regards, Daniel Völkerts

  Read the article

• Barring connections if VPN is down.

  - by Majid

  I have a VPN account and use it for sensitive communication. However the VPN connection sometimes is dropped while my main connection to the internet is still alive. The pages I visit through VPN are on HTTP (not secure) and have javascript code which pings the host every minute or so on a timer. So it happens sometimes that the VPN connection is dropped and yet js sends a request to the server (with the cookies). How could I restrict connections so they only happen if the VPN is live? Edit - Some required details were missing OS: Windows XP SP2 Browser (mostly used): Google Chrome Firewall: Windows default Sites to filter: not all traffic but all in a list of sites like abc.com, xyz.com

  Read the article

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94  | Next Page >