Search Results

Search found 154 results on 7 pages for 'whitelist'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/7 | 1 2 3 4 5 6 7  | Next Page >

  • Amavis-new whitelist

    - by pigeon
    Hi to the Linux community. I'm coming from a Windows Server background so have mercy. I'm attempting to whitelist some domains and although I know this isn't the best way of doing so its just a one off for a couple of domains so I thought it would be the quickest way of doing so. Current setup: Amavis is used to pass emails off the ClamAV and SpamAssasin, currently I make changes in /etc/amavis/conf.d/50-user, as this will overide other settings. Have created a whitelist file that looks like this: .domaintowhitelist.com .domain2towhitelist.com In the 50-user config file: Have tried variants like this: read_hash(\%whitelist_sender, '/etc/amavis/whitelist'); read_hash(\%virus_lovers, '/etc/amavis/whitelist'); And restarting amavis after making those changes. Am I going about this the wrong way? Any help is appreciated.

    Read the article

  • Creating a whitelist for RDP access

    - by Tgys
    Since people are getting unauthorized access to my Windows Server (bruteforced over several months..), I'd like to set up a whitelist for RDP access. I have tried the following with Windows Firewall inbound rules: This still allows other users to connect through RDP. Is there any way to block such unauthorized access through a whitelist? EDIT: The firewall is enabled, and it's the only firewall running on the machine. Rules like allowing port 80 traffic behave correctly.

    Read the article

  • Email deliverability -- Whitelist solution or Email delivery service?

    - by JoefrshnJoeclean
    Hey Folks -- our company is encountering the same recurring problem - email deliverability. A lot of our emails are still getting trapped in yahoo and gmail spam filters. We followed yahoo's best practices guide as well as tips Ive found on serverfault. (setting up DKIM, SPF) And even took the Email Server Test (http://www.allaboutspam.com/email-server-test/) Now my question is: has anyone had success using whitelist solutions like goodmail or EmailReach? Alternatively, Im beginning to think that going with a email delivery service like Mailchimp will save me the headache and future stress of managing our email lists. So whitelist solution or just fork up the money and send via an email delivery service? Thanks!

    Read the article

  • Why use a whitelist for HTML sanitizing?

    - by Carson Myers
    I've often wondered -- why use a whitelist as opposed to a blacklist when sanitizing HTML input? How many sneaky HTML tricks are there to open XSS vulnerabilities? Obviously script tags and frames are not allowed, and a whitelist would be used on the fields in HTML elements, but why disallow most of everything?

    Read the article

  • How do DotNetOpenAuth whitelist and blacklists work?

    - by Jeff
    Does anyone have any documentation on DotNetOpenAuth and the way it handles while lists and black lists? My config <untrustedWebRequest> <blacklistHosts> <add name="*" /> </blacklistHosts> <whitelistHosts> <add name="www.mysite.ca" /> <add name="mysite.ca" /> <add name="devel.mysite.ca" /> <add name="devel.mysite.com" /> <add name="mysite.com" /> <add name="www.mysite.com" /> </whitelistHosts> </untrustedWebRequest> What I want is to have it cancel the request if it's any site not in the whilelist. I'm currently running version 2.5.49045 but plan to update soon. using <blacklistHostsRegex> <add name=".*" /> </blacklistHostsRegex> blocked ever site even ones in the whitelist.

    Read the article

  • How to whitelist external access to an internal webserver via Cisco ACLs?

    - by Josh
    This is our company's internet gateway router. This is what I want to accomplish on our Cisco 2691 router: All employees need to be able to have unrestricted access to the internet (I've blocked facebook with an ACL, but other than that, full access) There is an internal webserver that should be accessible from any internal IP address, but only a select few external IP addresses. Basically, I want to whitelist access from outside the network. I don't have a hardware firewall appliance. Until now, the webserver has not needed to be accessible externally... or in any case, the occasional VPN has sufficed when needed. As such, the following config has been sufficient: access-list 106 deny ip 66.220.144.0 0.0.7.255 any access-list 106 deny ip ... (so on for the Facebook blocking) access-list 106 permit ip any any ! interface FastEthernet0/0 ip address x.x.x.x 255.255.255.248 ip access-group 106 in ip nat outside fa0/0 is the interface with the public IP However, when I add... ip nat inside source static tcp 192.168.0.52 80 x.x.x.x 80 extendable ...in order to forward web traffic to the webserver, that just opens it up entirely. That much makes sense to me. This is where I get stumped though. If I add a line to the ACL to explicitly permit (whitelist) an IP range... something like this: access-list 106 permit tcp x.x.x.x 0.0.255.255 192.168.0.52 0.0.0.0 eq 80 ... how do I then block other external access to the webserver while still maintaining unrestricted internet access for internal employees? I tried removing the access-list 106 permit ip any any. That ended up being a very short-lived config :) Would something like access-list 106 permit ip 192.168.0.0 0.0.0.255 any on an "outside-inbound" work?

    Read the article

  • What do you do when a client requires Rich Text Editing on their website?

    - by George Stocker
    As we all know by now, XSS attacks are dangerous and really easy to pull off. Various frameworks make it easy to encode HTML, like ASP.NET MVC does: <%= Html.Encode("string"); %> But what happens when your client requires that they be able to upload their content directly from a Microsoft Word document? Here's the scenario: People can copy and paste content from Microsoft word into a WYSIWYG editor (in this case tinyMCE), and then that information is posted to a web page. The website is public, but only members of that organization will have access to post information to a webpage. What is the best way to handle this requirement? Currently there is no checking done on what the client posts (since only 'trusted' users can post), but I'm not particularly happy with that and would like to lock it down further in case an account is hacked. The platform in question is ASP.NET MVC. The only conceptual method that I'm aware of that meets these requirements is to whitelist HTML tags and let those pass through. Is there another way? If not, is the best way to let them store it in the Database in any form, but only display it properly encoded and stripped of bad tags? NB: The questions differ in that he only assumes there's one way. I'm also asking the following questions: 1. Is there a better way that doesn't rely on HTML Whitelists? 2. Is there a better way that relies on a different view engine? 3. Is there a WYSIWYG editor that includes the ability to whitelist on the fly? 4. Should I even worry about this since it will only be for 'private posting' (Much in the same way that a private blog allows HTML From the author, but since only he can post, it's not an issue)? Edit #2: If suggesting a WYSIWYG editor, it must be free (as in speech, or as in beer). Update: All of the suggestions thus far revolve around a specific Rich Text Editor to use: Only provide an editor as a suggestion if it allows for sanitization of HTML tags; and it fulfills the requirement of accepting pasted documents from a WYSIWYG Editor like Microsoft Word. There are three methods that I know of: 1. Not allow HTML. 2. Allow HTML, but sanitize it 3. Find a Rich Text Editor that sanitizes and allows HTML. The previous questions remain (1-4 above). Related Question Preventing Cross Site Scripting (XSS)

    Read the article

  • Nginx Ip Whitelist

    - by Will
    Is it possible to create a ip whitelist for my nginx proxy server without adding allow or deny in the config file is it possible i can get nginx to link to a separate database to check if the user is allowed to access the website . Ideally i could do with nginx linking to an external database or at minimum a list off allowed ips on the same server so i can easily update the list whit out restarting nginx every time. In the future i would like to link nginx to my website and a user will login and there ip will be linked to there account and they will be able to update there ip if it has changed to there new one to grant them access so i need to keep in mind that it would be easyer to do this if i have external list off ips in some kind off database any help is apreshiated

    Read the article

  • How to whitelist a user agent for nginx?

    - by djb
    I'm trying to figure out how to whitelist a user agent from my nginx conf. All other agents should be shown a password prompt. In my naivity, I tried to put the following in before deny all: if ($http_user_agent ~* SpecialAgent ) { allow; } but I'm told "allow" directive is not allowed here (!). How can I make it work? A chunk of my config file: server { server_name site.com; root /var/www/site; auth_basic "Restricted"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; allow 123.456.789.123; deny all; satisfy any; #other stuff... } Thanks for any help.

    Read the article

  • Postfix Whitelist before recipient restrictions

    - by GruffTech
    Alright. Some background. We have an anti-spam cluster trucking about 2-3 million emails per day, blocking somewhere in the range of 99% of spam email from our end users. The underlying SMTP server is Postfix 2.2.10. The "Frontline defense" before mail gets carted off to SpamAssassin/ClamAV/ ect ect, is attached below. ...basic config.... smtpd_recipient_restrictions = reject_unauth_destination, reject_rbl_client b.barracudacentral.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.mailspike.net, check_policy_service unix:postgrey/socket ...more basic config.... As you can see, standard RBL services from various companies, as well as a Postgrey service. The problem is, I have one client (out of thousands) who is very upset that we blocked an important email of theirs. It was sent through a russian freemailer who was currently blocked in two of our three RBL servers. I explained the situation to them, however they are insisting we do not block any of their emails. So i need a method of whitelisting ANY email that comes to domain.com, however i need it to take place before any of the recipient restrictions, they want no RBL or postgrey blocking at all. I've done a bit of research myself, http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix seemed to be a good guide at first, almost fixing my problem, But i want it to accept based on TO address, not originating server.

    Read the article

  • Whitelist IP from google-authenticator in sshd pam

    - by spudwaffle
    My Ubuntu 12.04 server uses the google-authenticator pam module to provide two step authentication for ssh. I need to make it so that a certain IP does not need to type the verification code. The /etc/pam.d/sshd file is below: # PAM configuration for the Secure Shell service # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. auth required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. auth required pam_env.so envfile=/etc/default/locale # Standard Un*x authentication. @include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Un*x authorization. @include common-account # Standard Un*x session setup and teardown. @include common-session # Print the message of the day upon successful login. session optional pam_motd.so # [1] # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Set up SELinux capabilities (need modified pam) # session required pam_selinux.so multiple # Standard Un*x password updating. @include common-password auth required pam_google_authenticator.so I've already tried adding a auth sufficient pam_exec.so /etc/pam.d/ip.sh line above the google-authenticator line, but I can't understand how to check an IP adress in the bash script.

    Read the article

  • Apache whitelist a single location, but require basic auth for everything else

    - by Chris Lawlor
    I'm sure this is simple, but Google is not my friend this morning. The goal is: /public... is openly accessible everything else (including /) requires basic auth. This is a WSGI app, with a single WSGI script (it's a django site, if that matters..) I have this: <Location /public> Order deny,allow Allow from all </Location> <Directory /> AuthType Basic AuthName "My Test Server" AuthUserFile /path/to/.htpasswd Require valid-user </Directory> With this configuration, basic auth works fine, but the Location directive is totally ignored. I'm not surprised, as according to this (see How the Sections are Merged), the Directory directive is processed first. I'm sure I'm missing something, but since Directory applies to a filesystem location, and I really only have the one Directory at /, and it's a Location that I wish to allow access to, but Directory always overrides Location... EDIT I'm using Apache 2.2, which doesn't support AuthType None.

    Read the article

  • (updated) Subfolder needs whitelist and standard redirect for all others

    - by Superstrong
    How can I allow access to the foo.html files in the .com/song/private/ subfolder for: a logged-in Wordpress user; or any referral domains (including subfolders) I add; or any URL on our own domain from the com/song/private folder; For all others, the user should be redirected to the corresponding public version of the Post, which is the same html filename and structured .com/song/foo.html. (The private versions uses a different template with different custom fields for each Post.) Update: Here's what I have so far: <Limit GET POST> order deny,allow deny from all allow from domain.com/song/private allow from otherdomain.com </Limit> RewriteRule ^(.*)$ ../$ [NC,L] More: Will that last rewrite rule take people back to the public version, from com/song/private/foo.html to com/song/foo.html? I found the following rule for detecting Wordpress logged-in status, but what do I put aferward with a RewriteRule, and will it work anyway? (If not, is there an alternative?) RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*$ N.B. I have added code to my root .htaccess allowing me to insert additional .htaccess files in other subfolders as needed. Copied from Stack Overflow, where they suggested I ask here.

    Read the article

  • Problem With HTML5 Application Cache Whitelist - Won't Ignore Items

    - by Ryan Donnelly
    I'm trying to use HTML5 Application Cache to speed some things up on an iPhone webapp. It works great for storing images, css and JS, but the problem is that it also tries to store the HTML. I haven't been able to get it to ignore the html and stop storing it in the cache. From what I've read, I have to "whitelist" the files and directories that I want to load no matter what. I've tried listing the files I want cached explicitly, and I've tried adding a series of things under the "NETWORK:" heading. I've tried * / /* http://mysite.com http://mysite.com/ http://mysite.com/* None of them seem to work. Is there any way to ignore HTML files by MIME-Type or anything? Any advice would be appreciated. Ryan P.S. Of course, my site is not mysite.com..I just used that for simplicity.

    Read the article

  • PhoneGap 1.5 (Cordova) + ChildBrowser Whitelist Issue

    - by dSquared
    I am creating an app using PhoneGap 1.5 (Cordova) and the ChildBrowser Plugin (newest version with naming for PG 1.5 / Cordova.) I use the ChildBrowser plugin to display webpages, PDFs etc. in the app. In previous versions of PG the Whitelist wasn't as restrictive and would load external resources (css/js etc.) located on remote servers / CDNs called from webpages displayed in the ChildBrowser as long as the main URL was Whitelisted. This appears to have changed and I cannot find a way around it. Is there a way to allow all URLs to be whitelisted as long as they are loaded through an already whitelisted URL, or is whitelisting every single possible URL the only way? Any help would be greatly appreciated!

    Read the article

  • Can i create a website blacklist with Group Policy?

    - by jimmygee
    Like i can create "whitelist" functionality for blocking all sites and allowing some via the GP setting: "User Configuration Windows Settings Internet Explorer Maintenance Connection/Proxy Settings Exceptions - Do not use proxy server for addresses beginning with" Can i create also a blacklist option like this (or similar) in Group Policy?

    Read the article

  • Configure Postini and emailreg.org

    - by crn
    One of our companies uses Postini services as our spam filtering service. Unfortunately, the company has been tagged as a spammer and we're trying to use emailreg.org to whitelist us. Emailreg.org wants us to add a CNAME which points to their domain (emaireg.org), while Postini has us add MX records (such as domainname.s7a1.psmtp.com. Here are my questions: 1. Can adding Emaireg's CNAME cause either Postini to not work or our emails to be lost? 2. Which is order of execution (do the email go to Postini and upon their return to EmailReg or is it the other way around)? 3. Is there anything of which I should be aware when using such a setup? Thanks, in advance, for all your help!

    Read the article

  • Whitelist element with class of, using htmlpurifier

    - by mcgrailm
    I want to only allow the span element only when it has a certain class in htmlpurifier does anyone know how to do this, right now I have $config->set('HTML.Allowed','a[href],p,ol,li,ul,img[src],blockquote,em,span[class]'); $config->set('Attr.AllowedClasses',"allowed"); but that allows all spans and only allows class allowed I like that it only allows the "allowed" class but I only want it to allow span when the value of its class is "allowed" thanks

    Read the article

  • good word whitelist to override bad word black list

    - by dangerousguy
    I've read through the discussion here... http://stackoverflow.com/questions/273516/how-do-you-implement-a-good-profanity-filter I've decided to implement a bad word filter using the badlist referenced in that thread. However I'm thinking about the scunthorpe problem. (see wikipedia I can't post the link, I'm a new user) Is there a white list of words like scunthorpe and manuscript that I can use to override a black list? (not interested in discussions about sensorship etc)

    Read the article

  • Email delivery management grievances

    - by joxl
    The question I have may be more of principle than anything else, but here's my dilemma. I manage an email system for a small company (about 20 email users). We own a plain-letter .com domain name through Network Solutions. Our email service is hosted by Google Apps. Recently (Feb. 2011) we've been having customers report that they aren't getting our emails. Upon further investigation it seems that the failed emails are all to a common (well known) domain. We have not received any bounce messages for the emails. We've also contacted a few of the intended recipients, who have reported that the messages are not in their spam box; they simply did not receive anything. In these cases we re-sent the same email to an alternate address on another domain, which was successful received. One customer contacted their email provider about the issue. The provider recommended that we submit a form to be white-listed by their domain. Here's where my problem begins. I feel like this is heading down a slippery slope. Doesn't this undermine the very principle of email? If this is the appropriate action to take in these situations where will it end? In theory (following this model) it could be argued that eventually one will first need to "whitelist" (or more appropriately termed "authenticate") themselves with an email host before actually sending any messages. More to this point, what keeps the "bad" spammers from doing the same thing...? We've just gone full circle. I know avoiding anti-spam measures is a big cat-and-mouse game, but I think this is the wrong way of "patching" the problem. Email standards say that messages should not just disappear silently. I have a problem supporting a model that says "you must do < this to make sure your emails aren't ignored". I have a notion to call the provider and voice my complaint, although I have a feeling it will probably fall on deaf ears. Am I missing something here? Is this an acceptable approach to email spam problems? What should I do?

    Read the article

  • html5 cache -> "network: *" doesn't work

    - by Greg
    Hello all, I am trying a simple test with the html 5 cache. Here is a simple web page : <!DOCTYPE html> <html manifest="test.manifest"> <head> </head> <body> <img src="http://www.somewebsite.com/picture.jpg"/> </body> </html> With the following manifest : CACHE MANIFEST #v0.1 NETWORK: http://www.somewebsite.com/ This work fine, the picture is displayed. My problem is that I won't be able to know from where the picture will come. Here comes the online whitelist wildcard flag, that is supposed to solve my problem. But with the manifest : CACHE MANIFEST #v0.1 NETWORK: * The image is not displayed (tested on safari / safari mobile / firefox). What is not working ? Is there another way to turn the online whitelist wildcard flag on ?

    Read the article

  • Whitelisting website email so it is not rejected as spam

    - by Micah Burnett
    What are the processes I need to go through to make sure emails sent from my web server are not rejected as spam? This question is for legitimate site emails that members have requested like a daily newsletter which is generated and run in a nightly process, as well as confirmation emails. Some of the ideas I've heard are: Making sure the server sending the mail has reverse-dns lookup turned on. Manually submitting a whitelist request to major ISPs.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1 2 3 4 5 6 7  | Next Page >