Search Results

Search found 42115 results on 1685 pages for 'access management'.

Page 1198/1685 | < Previous Page | 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205  | Next Page >

• Is it possible to have an external server within a company's firewall?

  - by Jonathan

  Hi guys, I am sure this is server admin 101, but I am unsure of the answer and would love some help. I am a software developer I have built an application for a client and am currently hosting it successfully on SliceHost. We are now coming out of Beta and the client wants to have the application within their firewall, but they do not want to deal with headache of hosting and maintaining the server. Is there a way I can recommend that we put our server at SliceHost within their Firewall? Is that an easy thing to do? Their specific requirements are: For my application to authenticate against their Active Directory, and Only allow access to the application from within their network If that is not possible, what should I recommend to my client?

  Read the article

• Enable mod_deflate per directory level

  - by z1_jabbar

  I am using following code, when i access site it only compress all the jsp inside all the urls path under /abc but it ignores all the js and css files. I want to compress js and css files under all the subfolders in /abc path? How I can do this. Thanks! <LocationMatch "/abc"> <IfModule mod_deflate.c> SetOutputFilter DEFLATE # Don't compress images SetEnvIfNoCase Request_URI \ \.(?:gif|jpe?g|png)$ no-gzip dont-vary #Don't compress PDFs SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary #Don't compress compressed file formats SetEnvIfNoCase Request_URI \.(?:7z|bz|bzip|gz|gzip|ngzip|rar|tgz|zip)$ no-gzip dont-vary <IfModule mod_headers.c> Header append Vary User-Agent </IfModule> </IfModule> </LocationMatch>

  Read the article

• How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

  - by Timbo

  I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

  Read the article

• Configuring IIS site to use HTTPS

  - by James

  I am working on a REST API which I have currently deployed on a Win XP Professional SP2 development machine running IIS 5.1. The site is currently being hosted on port 81 and being accessed via HTTP. I would now like to configure the site to stop using HTTP and use HTTPS only. I have developed a self-signed certificate using the SelfSSL.exe tool from the 6.0 Resource Kit Tools and set the Common Name to be the IP of my server (as it's a local development machine it has no domain name). I have also already configured the site to use SSL using the How To Set Up an HTTPS Service in IIS tutorial as my guide. However, whenever I try to access a resource in the API via HTTPS I get a 404. Any ideas?

  Read the article

• Domain Controller Placement

  - by Matt

  I've been working through some Exchange training documentation (the official MS e-learning package) and all of the design scenarios allude to placing at least one DC from your forest root domain in every site. I'm not sure whether this just relates to Exchange, but I can think of a number of issues we experience in our forest that would be resolved by this. For example, a Microsoft support engineer has stated that EVERY client in a child domain (i.e. all workstations and member servers) need access to a forest root DC to check certificate/template permissions, even on a subordinate CA. I have attempted to locate documentation or guidelines from Microsoft on this, but have not been able to find anything. I found the Domain Controller Placement guide, but it's only a form - you would use it to document where you will place your DCs, but it doesn't give any guidance on where you should deploy them. Does anyone know where, or if, I can find any such documentation?

  Read the article

• Thunderbird is unable to find server in DHCP controlled network.

  - by Skizz

  I have a network which consists of linux server and a combination of WinXP, Win7 and linux clients. All the systems are given dynamic IP addresses by the router which connects them all together. The server hosts an IMAP mail server. On Win7 and WinXP Thunderbird can access the IMAP server without any problems. On the linux client, using the same IMAP parameters, Thunderbird is unable to connect to the server. How do I get Thunderbird to find the server? I'm not sure if this is a linux system configuration problem or a Thunderbird issue. Additional note: The linux client is running Gnome, the server has a series of Samba shares defined. In the client, doing Places-Connect to Server and selecting Windows Share and specifying the server name, the Samba share is mounted OK.

  Read the article

• Uninstall nginx on Ubuntu 10.04.3 LTS remote machine

  - by user831740

  I was given a server to setup, problem is this server was no reset, and the provider is quite slow on resetting it, so I have to completely uninstall some stuff it has, one of which is nginx. I had a few problems when doing setup on my local machine for nginx due to multiple installations of it, so I want to avoid the same mistake now. Problem is, I got no idea how nginx was installed here, and I need to remove it. When I access the server thro SSH i only have this folder $HOME/backups/nginx any idea how to uninstall this? Whenever I google it only come up with apt-get uninstall and so forth. Thank you

  Read the article

• How to make RewriteCond+RewriteRule change domain2/folder1 to domain1/folder1

  - by gman

  There's actually 2 questions. One is, how do I make RewriteCond+RewriteRule change domain2/folder1 to domain1/folder1 Actually what I want is any domain that tries to access folder1 that is not domain1 gets switched to domain1. So for example domain2.com/domain1/foo - domain1.com/domain1/foo as well as domain3.com/domain1/foo - domain1.com/domain1/foo This is what I tried RewriteCond %{HTTP_HOST} !^domain1\.com$ [NC] RewriteCond %{REQUEST_URI} ^/folder1/ RewriteRule ^/folder1/(.*)$ http://domain1.com/folder1/$1 [L,R=permanent] But that doesn't work. Next I tried some a simpler rule to see if I could narrow down the issue. RewriteCond ${HTTP_HOST} domain2\.com [NC] RewriteRule ^(.*)$ http://google.com/ [L] I though that would make ANY request to domain2.com go to google.com so I tried http://domain2.com/foo but I get domain2.com/foo not google.com If I go to http://domain2.com I get google. Why don't I get there if I go to http://domain2.com/foo? What am I not understanding about mod_rewrite?

  Read the article

• What would be the best way to correlate logs and events on several hosts?

  - by user220746

  I'm trying to build a log correlation system on multiple hosts. SEC seems interesting but I don't know if it will cover my needs. How could I correlate system events, logs, network events, etc. on multiple hosts at the same time, in real time? Examples: If 5 failed logins happened on host A the last minute and if firewall B has denied lots of access on differents ports on A, then we assume there is a potential attack in progress on A. If the Apache service on host A didn't receive any request for the last N minutes and Apache service on host B did, then the load balancing could be faulty.

  Read the article

• Looking for a router with multiple WAN ports and load balancing

  - by Cyrcle

  I'm going to be moving in a few months. The location I'm moving to is great except it's on a road with very few people, so the internet access option is limited to DSL at 1.6Mbps down, 384kbps up. This is much slower than I'm used to. One option is to get at least two of the DSL lines. There's also good possibility that I'll be able to get WiMax or similar. I've been looking around a bit and it seems like what I need is a load balancing router with multiple WAN ports. Can anyone recommend some good ones? I could also go with a small power efficient Linux box with multiple NICs. What would be good software for that? It'd need to be able to handle around 10Mbps. Thanks for any help

  Read the article

• Problem with PPTP VPN and internet

  - by Enriquev

  Hello, I have an internet connection the following way : Internet Modem <- FireWall(not a router, a firewall) <- PC Everything is setup so my pc has an external ip address, and my firewall takes care of blocking bad stuff. I connect by VPN to an external network, so I added a new connection using Windows Xp's "New connection wizard" (the vpn client that comes with Windows XP), it's a PPTP connection so I used all default settings. I put the PPTP server's IP, my username and password and I succesfully connected. I was able to have access to the external VPN ressources. The only problem is everytime I connect to this VPN, my computer cannot connect to the web anymore, no msn, no ping, no web. Is there anything special I should be doing?

  Read the article

• SAN/NAS with high availability?

  - by netvope

  I have two servers that I plan to use for storage. Each of them has a few SATA disks directly attached. I want the storage to be available even if one of the storage servers is down (preferably the clients wouldn't even notice that the fail-over, although I'm not sure if this is possible). The clients may access the storage via NFS and samba, but this is not a must; I could use something else if needed. I found this guide, Installing and Configuring Openfiler with DRBD and Heartbeat, which apparently does the thing I want. It relies on three components, Openfiler, DRBD, and Heartbeat, and all three of them need to be configured separately. I'm wondering are there simpler solutions? Is using DRBD+Heartbeat the best practice for a situation like mine? I'm also interested to know if there are alternatives that don't depend on DRBD.

  Read the article

• I'll be setting up a dedicated web server at work soon, my first non hobby server - What should I know?

  - by Rogue Coder

  I've been running my own dedicated server running CentOS and a LAMP stack for 2-3 years now, but it's only been hosting my own websites which aren't super important. However, I will soon be setting up a Linux Webserver and Linux Database Server at work, and I'm wondering what are some important things I should be doing. It's an internal server only, so only people in the company can access it. Should I get a slave server for both of my servers for backups? If I do this, how many backups should I be keeping and how often should those backups be done? Right now on my current server I run a cron job nightly to backup my MySQL databases (Usually 40mb files once compressed), and bi-weekly cron jobs to backup my web root. I just store these files on my local computer via FTP. Also, for an internal server like this, should I look at using LightHTTPD or NginX to increase performance, or will Apache be fine?

  Read the article

• Set Valid IP On Vmware Vm's Help Please

  - by Shahin At

  I Have a VPS.And i on my vps installed vmware workstation version 9.now i have 3 valid ip's: XXX.152.193.66 XXX.152.193.101 XXX.152.193.103 Gateway: XXX.152.193.65 now tow ip's set in host and i want to 1 ip set on vm. network vm is bridge and set ip on vm but this ip from out of internal network not ping and in vm not ping to gateway. What can I do to solve this problem? my ip is unassigned and only set on vm and use bridge network mode.and gw,mask,dns is set.but not ping. i set this ip on host and without problems is worked, But I do not know why on vm not worked. my host OS Is Windows Server 2003 and firewall is off and RRAs(routing and remote access) For VPN service is Enable. Do not host or virtual machines to create a IP route?

  Read the article

• suppress warnings from windows live mail untrusted cerficate ssl

  - by monkeyking

  Hi we have setup our own mailserver using ssl. Each time I start up windows live mail, in comes up with an annoying message that "The server you are connected to is using a security certificate that could not be verified" Is there some way to add this cerficate such that we wont see this message on every program start. When using firefox (our mailserver can also be webbased) or thunderbird, I get the option to allow the certificate without asking again. I'm perfectly aware that we can buy a certificate that will make the message go away, but this we dont want to do. Thanks edit: I have succesfully imported the certificate such that I can access the website without complains using ie, however the problem still persists in windows live mail.

  Read the article

• Does Intel Smart Response provide any statistics on the cache usage?

  - by Tom Seddon

  I've set up my Z68-based Core i7 PC with a 60GB SSD dedicated as a Smart Response cache drive. Is there any way I can get any statistics out of it? It would be nice to have some information on how much cache space is actually being used, maybe how much of it was actually accessed recently, and how many reads in general are coming from the SSD rather than from the mechanical disk. These statistics might help to quickly provide some evidence for or against the use of Smart Response, without my having to reinstall Windows on the SSD (etc.) to find out. The Windows ReadyBoost feature has some performance counters you can access via the Windows 7 perfmon tool, for example, which is the kind of thing I'm hoping is somehow available. Smart Response provides no perfmon counters, though, and the Intel Rapid Storage Utility tells you pretty much nothing except that Smart Response is switched on.

  Read the article

• Eliminate default SSL certificate

  - by microchasm

  I'm setting up a server for local access. I created a CA and have SSL certs signed and working on other domains. The problem is I'm trying to create a cert for a domain name that is the same as the host name? I copied the steps to make the cert for the other domain, but when I create and sign this cert, and modify httpd.conf with the path to the cert and key, the localhost.localdomain cert seems to be taking precedence. In other words, when I view the cert in firefox, it is the localhost.localdomain cert instead of the one I just created. I looked at ssl.conf, and tried to change the default path to the one issued, and I tried to comment out the VirtualHost, but neither worked. How can I override the servers default certificate with the one I issued and signed? Thanks.

  Read the article

• remote desktop connection help?

  - by robin agrahari

  sir, i have created a web application in eclipse,db2 database server is running on my pc.so i can access the web application through the address http://localhost:8080/LimsWeb i used team viewer software to establish a remote desktop connection. can my friend somehow connect to my pc so that when he types the above url in his browser he will be able to fetch the pages of the application. i was able to do this by connecting with remote desktop mode.but in that case my friend was able to use the application which i created running on my pc only and in the window provided by team viewer.i want that he can run the application on his own computer calling the given url from his own browser. please help

  Read the article

• Does disabling BIOS shadowing increase free RAM space?

  - by user32569

  Hi, I know in these days this is very stupid question, but for study purposes. I read that when PC starts, CPU is set to read adress just under the 4GB. There should BIOS be mapped to by memory controller. My question is, in old days, had disabling BIOS shadowing actually freed some RAM for you? I mean, even when BIOS was not shadowed to RAM directly, still adresses for BIOS MMIO access were wasted. And when you cant adress it, its like there is no extra space gained.

  Read the article

• Linux Mint on VirtualBox has no internet connection

  - by Martin

  Physical machine: Mac Mini running OSX 10.7.5 Virtual machine: Linux Mint 15 Cinnamon 64-bit Using VirtualBox. I am trying to make the linux connect to the internet. For some reason I can access the host computer with 192.168.2.100. Its set up to show me a web-page that says "It works". This I can see from the linux. But I cannot reach anything on the internet. Either FireFox says "Unable to connect" or when I run nslookup google.com I get connection timed out; no servers could be reached. My setting on VirtualBox under the Network tab are: Bridge Adapter vnic0 promiscouos Mode:Allow All`. If it makes a difference, the host has a WiFi connection to the home router. What have I missed?

  Read the article

• New-ManagedContentSettings - not working properly under Exchange 2010

  - by mfinni

  I have a client that is divesting a business unit into a new AD forest, Exchange org, etc. We're using Quest tools to migrate users and mailboxes. However, I have to build the new infrastructure to match the old one. In the old one, we're using Managed Folder Mailbox Policies to limit (or allow) retention. They started with Exchange 2007 and never upgraded to Retention Policies; oh well. So, in the old environment, when you use a 2007 server to define a new Managed Content Setting, you can pick "Email" from the dropdown for MessageClass. This is a display name; the actual MessageClass values are thus: MessageClass : IPM.Note;IPM.Note.AS/400 Move Notification Form v1.0;IPM.Note.Delayed;IPM.Note.Exchange.ActiveSync.Report;IPM.Note.JournalReport.Msg;IPM.Note.JournalReport.Tnef;IPM.Note.Microsoft.Missed.Voice;IPM.Note.Rules.OofTemplate.Microsoft;IPM.Note.Rules.ReplyTemplate.Microsoft;IPM.Note.Secure.Sign;IPM.Note.SMIME;IPM.Note.SMIME.MultipartSigned;IPM.Note.StorageQuotaWarning;IPM.Note.StorageQuotaWarning.Warning;IPM.Notification.Meeting.Forward;IPM.Outlook.Recall;IPM.Recall.Report.Success;IPM.Schedule.Meeting.*;REPORT.IPM.Note.NDR If I take that and try to mangle it into a new cmdlet for Ex2010 in my new environment here's what I get New-ManagedContentSettings -Name "Delete Messages older then 90 days" -FolderName "Entire Mailbox" -RetentionEnabled $True -AgeLimitForRetention 90 -TriggerForRetention WhenDelivered -RetentionAction DeleteAndAllowRecovery -MessageClass "IPM.Note","IPM.Note.AS/400MoveNotificationFormv1.0","IPM.Note.Delayed","IPM.Note.Exchange.ActiveSync.Report","IPM.Note.JournalReport.Msg","IPM.Note.JournalReport.Tnef","IPM.Note.Microsoft.Missed.Voice","IPM.Note.Rules.OofTemplate.Microsoft","IPM.Note.Rules.ReplyTemplate.Microsoft","IPM.Note.Secure.Sign","IPM.Note.SMIME","IPM.Note.SMIME.MultipartSigned","IPM.Note.StorageQuotaWarning","IPM.Note.StorageQuotaWarning.Warning","IPM.Notification.Meeting.Forward","IPM.Outlook.Recall","IPM.Recall.Report.Success","IPM.Schedule.Meeting.*","REPORT.IPM.Note.NDR" -whatif Invoke-Command : Cannot bind parameter 'MessageClass' to the target. Exception setting "MessageClass": "The length of t he property is too long. The maximum length is 255 and the length of the value provided is 518." At C:\Users\MFinnigan.sa\AppData\Roaming\Microsoft\Exchange\RemotePowerShell\pfexcas02.fve.ad.5ssl.com\pfexcas02.fve.ad .5ssl.com.psm1:28204 char:29 + $scriptCmd = { & <<<< $script:InvokeCommand ` + CategoryInfo : WriteError: (:) [New-ManagedContentSettings], ParameterBindingException + FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Exchange.Management.SystemConfigurationTasks.NewManaged ContentSettings So, the config object can store all that mess, but I can't fit it in through the cmdlet to create the object. Lovely. Any ideas?

  Read the article

• USB-keyboard & mouse powered off in windows-7

  - by sinned

  I have a problem with a pc where usb devices are not getting any power as soon as windows starts up (it works in preboot). This pc has no ps/2, so there is no chance for input, also not in secure boot mode. I "tidied up" using sysinternals autostart, so there is a chance I messed something up here, although I'm quite sure I only deleted some old printer drivers from autostart. I do not know how to reset this, I cant even log in because there is no input possible. I could use a linux live cd, but I don't know what to do there because there is no sysinternals from linux into a not running windows... To make things even worse, I have the windows installation completely encrypted with truecrypt, so I haven't even tried windows recovery cd yet. There is no loss of data since I can access the disc with a live-linux, I only want to use it again without resetting up everything. Any suggestions?

  Read the article

• Does there exist video chat software which works over a LAN between different types of devices?

  - by Graphics Noob

  What I'm trying to do is set up a local area network, without internet access, which allows the users to video chat with each other. The connected devices will include Linux and Android devices, so software which will run with just those two types of systems will work, although running through a browser would be optimal. The most promising lead I've found so far is camfrog, which has a video-chat app for android and a video chat server for linux. The problem is that the documentation for the server is non-existant, and I don't know if the android app can directly connect to the video chat server over a LAN or if it can only connect to camfrog's video chat server over the internet.

  Read the article

• Apache freezing, How to detect which virtual host is getting hit?

  - by mr-euro

  I have a production server that in the last 24 hours has been hard rebooted 4 times due to freezes. Ping is fine but all other services time-out (Apache, SSHd, etc). I have now diagnosed it to Apache running out of memory due to an exorbitant amount of child processes forking suddenly within seconds of starting Apache. Stopping Apache just after rebooting keeps the server stable again. My two questions are: Is there a way to detect which of the vhosts is being suddenly hammered without looking into each vhost's access log one by one? Is there a way to quickly enable/disable vhosts without commenting (#) them all out in httpd.conf?

  Read the article

• Should I impersonate PHP via FastCGI?

  - by AKeller

  I am installing the latest version of PHP onto IIS 7.5 via FastCGI, and all of the instructions say that FastCGI should impersonate the calling client by setting fastcgi.impersonate = 1 If my website will have this configuration dedicated application pool application pool identity of ApplicationPoolIdentity anonymous authentication only (as IUSR) why do I want to impersonate? I come from an ASP.NET background, where the IUSR gets read-only permissions and the application pool identity gets any write permissions. Giving write access to the IUSR usually opens the door for WebDAV vulnerabilities. So I hesitate to let PHP run as the IUSR. I can't find many people asking this question (1 | 2) so I think I must be missing something. Can someone clarify this for me?

  Read the article

< Previous Page | 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205  | Next Page >