Search Results

Search found 1511 results on 61 pages for 'deny'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 16/61 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • IIS7 GrantByDefault

    - by jonot
    I have an application (written in c#) that allow me to set IIS to allow or deny access to a website from all ip addresses. The application works fine for IIS6 however it does not work with IIS 7 (even with IIS 6 WMI Compatibility installed). heres the code (basically) Type typ = this.Entry.Properties[IIsWebDirectoryProperty.IPSecurity][0].GetType(); var securityProp = this.Entry.Properties[IIsWebDirectoryProperty.IPSecurity][0]; typ.InvokeMember("GrantByDefault", BindingFlags.DeclaredOnly | BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance | BindingFlags.SetProperty, null, securityProp, new object[] { IPSecurity.GrantByDefault }); this.Entry.CommitChanges(); I have checked the metabase for both IIS6 and IIS7 using the metabase explorer and the only diffecnce I can see is that the "IPSecurity" property does not appear in IIS7 until you also add a an allow or deny IP address, through IIS Manager. Whats really got me stumped is that even when I edit the feature setting to Deny access in the IIS Manager there is no change to the metabase or to the web.config in the site root! So how/where is this property being set and read from? And how can I set and read value of this property programmatically?

    Read the article

  • How do I display a sting, based on which id is set as selected?

    - by Cam
    I'd like to display a text string (to be positioned above ul) depending on which link is set to selected by the chgClass fuction. The ids for each display via an alert right now, but I can't seem to make them appear in "english". I know I can set up an array stating "id=text string" but when I do it seems to break the code I already have... <script type="text/javascript"> var Lst; function CngClass(obj){ if (typeof(obj)=='string') obj=document.getElementById(obj); if (Lst) Lst.className=''; obj.className='selected'; Lst=obj; alert(obj.id); } </script> </head> <body onload="CngClass('POSITION_WITHOUT_NOTIFY')"> <div class="slider"> <ul class="bar"> <li class="deny"><a onclick="CngClass(this);" id="POSITION_NOT_ALLOWED" href="#">Deny</a></li> <li class="askDeny"><a onclick="CngClass(this);" id="NOTIFY_POSITION_IF_GRANTED" href="#">Ask Deny</a></li> <li class="askAllow"><a onclick="CngClass(this);" id="NOTIFY_POSITION_IF_NO_RESPONSE" href="#">Ask Allow</a></li> <li class="notify"><a onclick="CngClass(this);" id="NOTIFY_POSITION" href="#">Notfiy</a></li> <li class="allow"><a onclick="CngClass(this);" id="POSITION_WITHOUT_NOTIFY" href="#">Allow</a></li> </ul> </div> </body> </html>

    Read the article

  • .htaccess redirect noticably increasing load time

    - by GTCrais
    I set up a SEF link via .htaccess RewriteRule to one of the articles on my website just to see how that works, and it does work but it considerably increases the load time of that particular page. On average the articles (including the one I'm talking about, when not using the rewrite rule) load in about 1.3 seconds. With the rewrite rule, the load time is 3.3 seconds on average until the page displays, and the loader thingy in the firefox tab keeps spinning for another 2 seconds. I have WAMP setup on my computer, and the website is being accessed through no-ip.com. Here is the .htaccess config (very simple, as you can see): Options +FollowSymLinks RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^o-sw-liji /NewSWL/o-nama.php?body=o-sw-liji In httpd.conf I have this (somewhere I read this might affect the load time for some reason - searching for files through all the directories or something, I don't remember exactly what I read): <Directory /> Options None AllowOverride None Order deny,allow Deny from all </Directory> DocumentRoot "Z:/Program Files (x86)/wamp/www/" <Directory "Z:/Program Files (x86)/wamp/www/"> Options None AllowOverride All Order allow,deny Allow from all </Directory> Any ideas why .htaccess redirect increases the load time by so much? UPDATE: so I put a session based counter in the "o-nama.php" script. Apparently when I access the web via the 'normal' link i.e. 'o-nama.php?body=o-sw-liji', the counter increases by one, as it should - it's one page load. But when the page is accessed through the redirected link, i.e. 'o-nama/o-sharewood-liji' the counter increases by 6-8, which naturally makes the load time a lot longer, since it's loading the same page for 6-8 times. I have no idea why this is happening. Any help is appreciated.

    Read the article

  • checkboxes and buttons enable

    - by anshka_3033 3033
    i have 2 checkboxes and 2 buttons below the check boxes. on opening the page ,checkbox1 should be enabled and other check box n buttons should be disabled.after clicking on 1st checkbox 2nd checkbox should be enabled and 1 st check box should be disabled and buttons remain disabled.after clicking on 2nd checkbox 2 buttons(approve,Deny) should be enabled and 2 checkboxes should be disabled.so please help me in doing this.i used below code for creating checkboxes and button. i need j script for this <tr> <form ACTION="jspCheckBox.jsp"> SC Information Received <input type="checkbox" value="SC Information received"> Validation Begun <input type="checkbox" value="Validate" > </form> </tr> <tr> <td valign="middle" align="left" style="padding-left:10px;" nowrap> <button type="button" class="btn" name="btnApprove" onclick="approve();">Approve</button> </td> <td> <button type="button" class="btn" name="btnDeny" onclick="deny();">Deny</button> </td> </tr>

    Read the article

  • passenger-status - ERROR: Phusion Passenger doesn't seem to be running

    - by Casual Coder
    My server is: Server version: Apache/2.2.11 (Ubuntu) Server built: Aug 16 2010 17:44:11 My ruby version ruby 1.9.2p136 (2010-12-25 revision 30365) [x86_64-linux]. I've installed passenger 3.0.7 via RubyGems. I've run passenger-install-apache2-module and everything went fine. I've modified configuration (load module, edit virtualhost etc.) and restarted Apache. Module is loading fine (apache does not complain). But Passenger is obviously not working: sudo passenger-status ERROR: Phusion Passenger doesn't seem to be running. How can I get it working ? Edit 1: /etc/apache2/mods-enabled/passenger.load LoadModule passenger_module /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.7/ext/apache2/mod_passenger.so Root of passenger: passenger-config --root /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.7 Apache VirtualHost sub URI configuration in /etc/apache2/sites-enabled/railsapps: <VirtualHost <IP ADDRESS>:80> ServerAdmin webmaster@localhost ServerName my.server.name PassengerRoot /usr/lib/ruby/gems/1.9.1/gems/passenger-3.0.7 PassengerRuby /usr/bin/ruby RailsEnv development DocumentRoot /www/vhosts/railsapps <Directory /www/vhosts/railsapps> Options FollowSymlinks -MultiViews AllowOverride None Order allow,deny Allow from all </Directory> RailsBaseURI /siteA <Directory /www/vhosts/railsapps/siteA> Options -MultiViews AllowOverride All Order allow,deny Allow from all </Directory> RailsBaseURI /siteB <Directory /www/vhosts/railsapps/siteB> AllowOverride All Options -MultiViews Order allow,deny Allow from all </Directory> LogLevel info ErrorLog /var/log/apache2/railsapps_error.log CustomLog /var/log/apache2/railsapps_access.log combined </VirtualHost> Of course as in 'users guide apache.html' siteA and siteB are symlinks to siteA/public and siteB/public absolute paths respectively. Edit 2: In logs there is nothing related to passenger. Permissions are also fine (read and executable) on directories in paths. Even if it was some misconfiguration or permission problem isn't passenger suppose to be running? I mean sudo passenger-status should at least output --- general information ---. When I place some test html file in railsapps directory it is served fine. /var/log/apache2/railsapps_error.log [Sun Jun 19 12:19:08 2011] [error] [client <IP>] Directory index forbidden by Options directive: /www/vhosts/railsapps/siteA/ [Sun Jun 19 12:19:08 2011] [error] [client <IP>] File does not exist: /www/vhosts/railsapps/favicon.ico

    Read the article

  • Loadbalancing outbound traffic while using openbgpd on freebsd

    - by Rajkumar S
    Hi, I am using openbgpd in freeBSD with 2 ISP connections. I have my own AS number and a /22 network. Currently I am advertising entire /22 to both networks. Inbound traffic comes in But my outbound traffic goes via a single link. I would like to either distribute my outbound traffic via both links so that outbound traffic is also load balanced. How to configure this using openbgpd in freebsd? My current openbgpd config is attached for reference. AS 00my-as listen on xx.xx.xx.x router-id xx.xx.xx.x network aa.aa.aa.0/22 group "ISP1" { remote-as 11remoteas-1 neighbor bb.bb.bb.1 { descr "ISP1" announce all } } group "ISP2" { remote-as 22remoteas-2 neighbor cc.cc.cc.37 { descr "ISP2" announce all } } deny from any deny to any allow from bb.bb.bb.1 allow to bb.bb.bb.1 allow from cc.cc.cc.37 allow to cc.cc.cc.37

    Read the article

  • Trying to configure domain-based access via htaccess file.

    - by kenja
    I've created an account with no-ip.com that registers my ip with a subdomain of their service. When I do an nslookup, I see that the service is working and that my domain is being shown. Now I want to provide access to that subdomain on the admin site of our server which is protected by htaccess IP restrictions. When I try to add the new domain to my script it does not work. Am I doing something wrong? I'm basically trying to make my laptop so it can log in from no matter when I'm at while still preventing all other IPs from accessing the site. ## password begin ## AuthName "Restricted Access" AuthUserFile /usr/www/users/site/.passwd AuthType Basic Require valid-user Order deny,allow Deny from all Allow from 69.1.122.161 mysubdomain.no-ip.org Satisfy All

    Read the article

  • VirtualHosts Stopped Working

    - by Kevin C.
    I'm working on a website and have WAMP setup for local testing. Usually I set up virtual hosts using httpd-vhosts + the hosts file without a hitch. All of a sudden, my virtual hosts are no longer working. I know that it's pointing to Apache because I get a '403 Forbidden' error, but that's about it. All of my previously working virtual hosts no longer work as well. Anybody know what's going on? httpd-vhosts.conf <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot "C:\Documents and Settings\kevin\Desktop\websites\fusion" ServerName ebrochures ErrorLog "logs/your_own-error.log" CustomLog "logs/your_own-access.log" common <directory "C:\Documents and Settings\kevin\Desktop\websites\fusion"> Options Indexes FollowSymLinks AllowOverride all Order Deny,Allow Deny from all Allow from 127.0.0.1 </directory> hosts file: 127.0.0.1 fusion And yes, I am including the virtual hosts file in my httpd.conf file: # Virtual hosts Include conf/extra/httpd-vhosts.conf

    Read the article

  • .htaccess to block by file name possible?

    - by Tiffany Walker
    I have a bunch of files that are secure_xxxxxx.php. Is there a way to use .htaccess to block access to all the secure_* php files based on IP? EDIT: I've tried but I get 500 errors <FilesMatch "^secure_.*\.php$"> order deny all deny from all allow from my ip here </FilesMatch> Don't see any errors in apache error logs either httpd -M Loaded Modules: core_module (static) authn_file_module (static) authn_default_module (static) authz_host_module (static) authz_groupfile_module (static) authz_user_module (static) authz_default_module (static) auth_basic_module (static) include_module (static) filter_module (static) log_config_module (static) logio_module (static) env_module (static) expires_module (static) headers_module (static) setenvif_module (static) version_module (static) proxy_module (static) proxy_connect_module (static) proxy_ftp_module (static) proxy_http_module (static) proxy_scgi_module (static) proxy_ajp_module (static) proxy_balancer_module (static) ssl_module (static) mpm_prefork_module (static) http_module (static) mime_module (static) dav_module (static) status_module (static) autoindex_module (static) asis_module (static) info_module (static) suexec_module (static) cgi_module (static) dav_fs_module (static) negotiation_module (static) dir_module (static) actions_module (static) userdir_module (static) alias_module (static) rewrite_module (static) so_module (static) fastinclude_module (shared) auth_passthrough_module (shared) bwlimited_module (shared) frontpage_module (shared) suphp_module (shared) Syntax OK

    Read the article

  • Trac problem: AttributeError: Cannot find an implementation of the "IRequestHandler" interface named "WikiModule"

    - by Janosch
    This problem already has been described mutliple times in different mailing lists, but no solution has yet been published. My original setup is as follows (but in the mean time i have a simpler one on Windows 7): Ubuntu server with apache 2.2 and python 2.7 virutal python environment created with virtualenv installed babel, genshi and trac in this order using pip in the virtual environment Trac seems to run fine with tracd, but when visiting it through apache, i get the following error in an official trac error page: AttributeError: Cannot find an implementation of the "IRequestHandler" interface named "WikiModule" The stacktrace looks like this: Traceback (most recent call last): File "/srv/trac/python-environment/lib/python2.5/site-packages/Trac-0.13dev_r10668-py2.5.egg/trac/web/main.py",line 473, in _dispatch_request dispatcher.dispatch(req) File "/srv/trac/python-environment/lib/python2.5/site-packages/Trac-0.13dev_r10668-py2.5.egg/trac/web/main.py", line 154, in dispatch chosen_handler = self.default_handler File "/srv/trac/python-environment/lib/python2.5/site-packages/Trac-0.13dev_r10668-py2.5.egg/trac/config.py", line 691, in __get__ self.section, self.name)) AttributeError: Cannot find an implementation of the "IRequestHandler" interface named "WikiModule". Please update the option trac.default_handler in trac.ini. I already tried a lot to get down to the root of the problem, for me it looks as if all nativ trac components refuse to load. When one explicitely imports these components in the wsgi handler, some of them start to work somehow. Since i suspected the virtual environment, i dropped it, and manually copied all dependencies (babel, genshi, trac, ..) to one directory, and added this directory to system.path in the wsgi handler. I get exactly the same error. Since this setup is now independend from the environment, one can easily try it out on any other machine (windows or linux) running apache 2 and python 2.7. On my Windwos 7 machine, i got exactly the same problem. I zipped together the whole bundle, one can download it from http://www.xterity.de/tmp/trac-installation.zip . In the apache configuration (Windows 7 machine) i use the following settings: Alias /trac/chrome/common "D:/workspace/trac-installation/trac-resources/common" Alias /trac/chrome/site "D:/workspace/trac-installation/trac-resources/site" WSGIScriptAlias /trac "D:/workspace/trac-installation/apache/handler.wsgi" <Directory "D:/workspace/trac-installation/trac-resources"> Order allow,deny Allow from all </Directory> <Directory "D:/workspace/trac-installation"> Order allow,deny Allow from all </Directory> <Location "/trac"> Order allow,deny Allow from all </Location> And my handler.wsgi looks like this: import os import sys sys.path.append('D:/workspace/trac-installation/dependencies/') os.environ['TRAC_ENV'] = 'D:/workspace/trac-installation/trac-environments/Esp004' os.environ['PYTHON_EGG_CACHE'] = 'D:/workspace/trac-installation/eggs' import trac.web.main application = trac.web.main.dispatch_request Has anybody got an idea what could be the problem, or how to find out where it comes from?

    Read the article

  • Running CGI With Perl under Apache Permission Problem

    - by neversaint
    I have the following entry under apache2.conf in my Debian box. AddHandler cgi-script .cgi .pl Options +ExecCGI ScriptAlias /cgi-bin/ /var/www/mychosendir/cgi-bin/ Then I have a perl cgi script stored under these directories and permissions: nvs@somename:/var/www/mychosendir$ ls -lhR .: total 12K drwxr-xr-x 2 nvs nvs 4.0K 2010-04-21 13:42 cgi-bin ./cgi-bin: total 4.0K -rwxr-xr-x 1 nvs nvs 90 2010-04-21 13:40 test.cgi However when I tried to access it in the web browser: http://myhost.com/mychosendir/cgi-bin/test.cgi They gave me this error: Forbidden You don't have permission to access /mychosendir/cgi-bin/test.cgi on this server. What's wrong with it? Update: I also have the following entry in my apache2.conf: <Files ~ "^\.ht"> Order allow,deny Deny from all </Files>

    Read the article

  • Apache Simple Configuration Issue: Setting up per-user directory permission denied problem

    - by Huckphin
    Hello. I am just getting Apache 2.2 running on Fedora 13 Beta 64-bit. I am running into issues setting my per-user directory. The goal is to make localhost/~user map to /home/~user/public_html. I think that I have the permissions right because I have 755 to /home/~user, and I have 755 to /home/~user/public_html/ and I have 777 for all contents inside of /home/~user/public_html/ recursively set. My mod_userdir configuration looks like this: <IfModule mod_userdir.c> # # UserDir is disabled by default since it can confirm the presence # of a username on the system (depending on home directory # permissions). # UserDir disabled root UserDir enabled huckphin # # To enable requests to /~user/ to serve the user's public_html # directory, remove the "UserDir disabled" line above, and uncomment # the following line instead: # UserDir public_html The error that I am seeing in the error log is this: [Sat May 15 09:54:29 2010] [error] [client 127.0.0.1] (13)Permission denied: access to /~huckphin/index.html denied When I login as the apache user, I know that /~huckphin does not exist, and this is not what I want. I want it to be accessing ~huckphin, not /~huckphin. What do I need to change on my configuration for this to work? [Added after comments] Hi Andol, thank you for your suggestions. So, first off, you said that you assume that I have the userdir module enabled, but I am not sure what that means exactly. That could be part of the problem. I do have the Module loaded, using the LoadModule directive. I have this: LoadModule userdir_module modules/mod_userdir.so I also did a find on where mod_userdir is, and I found it located here: [huckphin@crhyner-workbox]/% find / . -name '*mod_userdir.so*' 2> /dev/null /usr/lib64/lighttpd/mod_userdir.so /usr/lib64/httpd/modules/mod_userdir.so Is there something else I need to enable? Also, my directory configuration was mentioned. I have uncommented the default configuration given. I have not looked into what all of the configurations mean, and this could probably explain the issue. Here is the Directory that I have for the user directories: <Directory "/home/*/public_html"> AllowOverride FileInfo AuthConfig Limit Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec <Limit GET POST OPTIONS> Order allow,deny Allow from all </Limit> <LimitExcept GET POST OPTIONS> Order deny,allow Deny from all </LimitExcept> </Directory>

    Read the article

  • AppUpdater and wamp server

    - by Gerbrand
    I've got an winforms application and I want to implement auto updater to this application. I followed the instructions on the site and got everything setup right. (appupdater application) Now I tried a test and I'm getting the following error back from the appupdater: the remote server returned an error 405 I googled this and this is because my server isn't setup with the right access. I'm using a wampserver and in the apache httpd.conf I added the following lines so my directory is allowed for access: <Directory "c:/wamp/www/updater/V11/"> Options Indexes FollowSymLinks AllowOverride all # onlineoffline tag - don't remove Order Deny,Allow Deny from all Allow from 127.0.0.1 </Directory> But I'm still getting the same error back. I can find information for the IIS configurations, but not for apache. edit: I'm still getting the error, I opened the error log file of apache and I see the following - "PROPFIND /updater/V11/ HTTP/1.1" 405 238 the updater component is using the HTTP-DAV. edit2: it seems that nobody had this kind of situation.

    Read the article

  • User and group permissions in access.conf

    - by Maddie
    How do I configure access.conf so that the following rule is applied? : Allow the user dia to connect from 192.152.100. Deny the user sim to connect from 192.152.100. Particularity : both the users dia (uid = 8389753) and sim (uid = 500) belong to the group sim (gid = 500) Yes, the user and group sim have the same name and the same id. With the follwing syntax, - : sim : 192.152.100. the user sim is denied, as well as dia (because dia belongs to the group sim). access.conf considers sim as being both the user and group. How do I specify that I want to deny the user sim, but at the same time allow the user dia ?

    Read the article

  • How to enable mod_info in Apache?

    - by Amit Nagar
    I gone through the apache guide to enable to mod_info. As per doc: To configure mod_info, add the following to your httpd.conf file. Location /server-info SetHandler server-info /Location You may wish to use mod_access inside the directive to limit access to your server configuration information: Location /server-info SetHandler server-info Order deny,allow Deny from all Allow from yourcompany.com Location Once configured, the server information is obtained by accessing http://your.host.dom/server-info In my case the this link is not giving any info. Http 404 NOT FOUND error Is there anything I need to install as mod_info.c or something ? Is there anything i need to put as AddModule or something ? In Error log : File does not exist: /usr/local/apache2/htdocs/example1/server-info I have 3 virtual host. One of this as default which use example1 as Docroot dir. I am not sure where this page (server-info) should be ? in case of server-status, it's working fine

    Read the article

  • Apache2 return 404 for proxy requests before reaching WSGI

    - by Alejandro Mezcua
    I have a Django app running under Apache2 and mod_wsgi and, unfortunately, lots of requests trying to use the server as a proxy. The server is responding OK with 404 errors but the errors are generated by the Django (WSGI) app, which causes a high CPU usage. If I turn off the app and let Apache handle the response directly (send a 404), the CPU usage drops to almost 0 (mod_proxy is not enabled). Is there a way to configure Apache to respond directly to this kind of requests with an error before the request hits the WSGI app? I have seen that maybe mod_security would be an option, but I'd like to know if I can do it without it. EDIT. I'll explain it a bit more. In the logs I have lots of connections trying to use the server as a web proxy (e.g. connections like GET http://zzz.zzz/ HTTP/1.1 where zzz.zzz is an external domain, not mine). This requests are passed on to mod_wsgi which then return a 404 (as per my Django app). If I disable the app, as mod_proxy is disabled, Apache returns the error directly. What I'd finally like to do is prevent Apache from passing the request to the WSGI for invalid domains, that is, if the request is a proxy request, directly return the error and not execute the WSGI app. EDIT2. Here is the apache2 config, using VirtualHosts files in sites-enabled (i have removed email addresses and changed IPs to xxx, change the server alias to sample.sample.xxx). What I'd like is for Apache to reject any request that doesn't go to sample.sample.xxx with and error, that is, accept only relative requests to the server or fully qualified only to the actual ServerAlias. default: <VirtualHost *:80> ServerAdmin [email protected] ServerName X.X.X.X ServerAlias X.X.X.X DocumentRoot /var/www/default <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options FollowSymLinks AllowOverride None Order allow,deny allow from all </Directory> ErrorDocument 404 "404" ErrorDocument 403 "403" ErrorDocument 500 "500" ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> actual host: <VirtualHost *:80> ErrorDocument 404 "404" ErrorDocument 403 "403" ErrorDocument 500 "500" WSGIScriptAlias / /var/www/sample.sample.xxx/django.wsgi ServerAdmin [email protected] ServerAlias sample.sample.xxx ServerName sample.sample.xxx CustomLog /var/www/sample.sample.xxx/log/sample.sample.xxx-access.log combined Alias /robots.txt /var/www/sample.sample.xxx/static/robots.txt Alias /favicon.ico /var/www/sample.sample.xxx/static/favicon.ico AliasMatch ^/([^/]*\.css) /var/www/sample.sample.xxx/static/$1 Alias /static/ /var/www/sample.sample.xxx/static/ Alias /media/ /var/www/sample.sample.xxx/media/ <Directory /var/www/sample.sample.xxx/static/> Order deny,allow Allow from all </Directory> <Directory /var/www/sample.sample.xxx/media/> Order deny,allow Allow from all </Directory> </VirtualHost>

    Read the article

  • Snow Leopard .htaccess issue

    - by Joe.Cianflone
    Hello, I'm running into an issue on Snow Leopard. I am just using the standard Apache2 that came with it but it doesn't seem to want to use my .htaccess file. Here is the appropriate part of my httpd.conf file: <Directory /> Options FollowSymLinks AllowOverride All AuthConfig Order deny,allow Deny from all </Directory> And here is my .htaccess file: Options +FollowSymlinks RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php/$1 [L,QSA] I'm sure I'm doing something stupid, but at this point, I just cant see it! All it's doing is allowing me to not have the index.php file, this worked on Leopard and isn't working in Snow Leopard. What am I missing? Thanks Joe C

    Read the article

  • Block IP Address including ICMP using UFW

    - by dr jimbob
    I prefer ufw to iptables for configuring my software firewall. After reading about this vulnerability also on askubuntu, I decided to block the fixed IP of the control server: 212.7.208.65. I don't think I'm vulnerable to this particular worm (and understand the IP could easily change), but wanted to answer this particular comment about how you would configure a firewall to block it. I planned on using: # sudo ufw deny to 212.7.208.65 # sudo ufw deny from 212.7.208.65 However as a test that the rules were working, I tried pinging after I setup the rules and saw that my default ufw settings let ICMP through even from an IP address set to REJECT or DENY. # ping 212.7.208.65 PING 212.7.208.65 (212.7.208.65) 56(84) bytes of data. 64 bytes from 212.7.208.65: icmp_seq=1 ttl=52 time=79.6 ms ^C --- 212.7.208.65 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 79.630/79.630/79.630/0.000 ms Now, I'm worried that my ICMP settings are too generous (conceivably this or a future worm could setup an ICMP tunnel to bypass my firewall rules). I believe this is the relevant part of my iptables rules is given below (and even though grep doesn't show it; the rules are associated with the chains shown): # sudo iptables -L -n | grep -E '(INPUT|user-input|before-input|icmp |212.7.208.65)' Chain INPUT (policy DROP) ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) DROP all -- 0.0.0.0/0 212.7.208.65 DROP all -- 212.7.208.65 0.0.0.0/0 How should I go about making it so ufw blocks ICMP when I specifically attempt to block an IP address? My /etc/ufw/before.rules has in part: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT -A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT -A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT -A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT I'm tried changing ACCEPT above to ufw-user-input: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ufw-user-input -A ufw-before-input -p icmp --icmp-type source-quench -j ufw-user-input -A ufw-before-input -p icmp --icmp-type time-exceeded -j ufw-user-input -A ufw-before-input -p icmp --icmp-type parameter-problem -j ufw-user-input -A ufw-before-input -p icmp --icmp-type echo-request -j ufw-user-input But ufw wouldn't restart after that. I'm not sure why (still troubleshooting) and also not sure if this is sensible? Will there be any negative effects (besides forcing the software firewall to force ICMP through a few more rules)?

    Read the article

  • Perl throwing 403 errors!

    - by Jamie
    When I first installed Perl in my WAMP setup, it worked fine. Then, after installing ASP.net, it began throwing 403 errors. Here's my ASP.net config: Load asp.net module LoadModule aspdotnet_module "modules/mod_aspdotnet.so" Set asp.net extensions AddHandler asp.net asp asax ascx ashx asmx aspx axd config cs csproj licx rem resources resx soap vb vbproj vsdisco webinfo # Mount application AspNetMount /asp "c:/users/jam/sites/asp" # ASP directory alias Alias /asp "c:/users/jam/sites/asp" # Directory setup <Directory "c:/users/jam/sites/asp"> # Options Options Indexes FollowSymLinks Includes +ExecCGI # Permissions Order allow,deny Allow from all # Default pages DirectoryIndex index.aspx index.htm </Directory> # aspnet_client files AliasMatch /aspnet_client/system_web/(\d+)_(\d+)_(\d+)_(\d+)/(.*) "C:/Windows/Microsoft.NET/Framework/v$1.$2.$3/ASP.NETClientFiles/$4" # Allow ASP.net scripts to be executed in the temp folder <Directory "C:/Windows/Microsoft.NET/Framework/v*/ASP.NETClientFiles"> Options FollowSymLinks Order allow,deny Allow from all </Directory> Also, what are the code tags for this site?

    Read the article

  • How do I force .htaccess authorization to occur over ssl?

    - by kenja
    I'm trying to force a particular directory to require only allowed IPs and a valid username/password through basic authorization. To ensure that the username/password are sent in encrypted form, I want the directory to also force SSL use. Here is what I have in my .htaccess file: # Force HTTPS-Connection RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://www.mywebsite.com%{REQUEST_URI} [R,L] ## password begin ## AuthName "Restricted Access" AuthUserFile /var/www/admin/.htpasswd AuthType Basic Require valid-user Order deny,allow Deny from all Allow from 79.1.231.151 62.123.134.83 Satisfy All Unfortunately, when I access that directory using http protocol, it is asking for the password before it redirects the page to the secure version. This means the password is sent unencrypted. What am I doing wrong? Is there a way to do this?

    Read the article

  • In ufw is there any way to disable logging for a particular rule?

    - by thomasrutter
    I am using UFW with a default logging policy of "low". I would like to keep this logging on for the default deny action, but disable it for a particular IP address only. So I'd like to create one particular new rule that doesn't have logging. Is there a way to achieve this? I have a rather uncomplicated ufw setup so far, like this: Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip To Action From -- ------ ---- 22/tcp LIMIT Anywhere 80/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 22/tcp ALLOW Anywhere (v6) 80/tcp ALLOW Anywhere (v6) 443/tcp ALLOW Anywhere (v6)

    Read the article

  • IIS6 Permissions

    - by Gordon Carpenter-Thompson
    We have a set of IIS6 Jakarta/ASP.NET applications (implemented as virtual directories) on a machine without a domain. The directories all exist under the default website. We need to setup the permissions so that certain users can access only specific applications yet others users can access several of the applications. The way it's been setup previously has been to explicitly deny access to the users for every application except the ones that they are allowed to see. The problem is that the list of applications changes fairly often (for demos etc) and it's been known for the developers to forget to deny the old users access to the new applications which leads to security problems. This is all quite unmaintainable. Does anybody have any advice on this? Surely I can't be the only person to find this all a bit of a mess? Thanks

    Read the article

  • Apache - Difference between ScriptAlias and WSGIScriptAlias

    - by Jiri Kadlec
    I'm using apache on RHEL Linux server In my /etc/httpd/conf.d/httpd.conf there are two directives: WSGIScriptAlias /apps /var/www/apps <Directory /var/www/apps > Options MultiViews ExecCGI MultiviewsMatch Handlers SetHandler wsgi-script Order allow, deny allow from all </Directory> ScriptAlias /scripts /var/www/scripts <Directory /var/www/scripts > Options MultiViews ExecCGI MultiviewsMatch Handlers SetHandler wsgi-script Order allow, deny allow from all </Directory> What is the difference? I understand that WSGIScriptAlias is restricted for running Python scripts and ScriptAlias also allows running perl scripts. Can I always use ScriptAlias instead of WSGIScriptAlias? Are there any performance advantages of using WSGIScriptAlias instead of ScriptAlias?

    Read the article

  • LameUser trying - apache2 webserver authentication - IP range to access without pass prompt others with it

    - by Mikee
    I have (maybe silly) question regarding the apache2 webserver and security - I am trying to archieve this: Users connecting from 192.168.1.24 not to be prompted for password and allowed Others asked for username and password if correct then connect. I am trying to do this for the whole directory /var/www No matter whether I put the code into .htaccess file or in httpd.conf it doesn't work for me. Order deny,allow Deny from all AuthName "PassRequest" AuthType Basic AuthUserFile /var/.htpasswd Require valid-user Allow from 192.168.1.24 Satisfy Any If I try to connect to the page I am allowed from both the allowed IP or any other, If I remove the satisfy any line then I am prompted for password, if I remove the password too and try to connect from different IP I am NOT REFUSED ... is there some module that needs to be activated or why is the IP directive skipped ? It needs to be put in every folder or /var/www/.htaccess is enough ? can I just put it in httpd.conf instead or not ?? I spend last 4 hours trying to google up why it is acting like that, Any help will be highly appreciated :-))

    Read the article

  • How do I force .htaccess authorization to occur over ssl?

    - by kenja
    I'm trying to force a particular directory to require only allowed IPs and a valid username/password through basic authorization. To ensure that the username/password are sent in encrypted form, I want the directory to also force SSL use. Here is what I have in my .htaccess file: # Force HTTPS-Connection RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule (.*) https://www.mywebsite.com%{REQUEST_URI} [R,L] ## password begin ## AuthName "Restricted Access" AuthUserFile /var/www/admin/.htpasswd AuthType Basic Require valid-user Order deny,allow Deny from all Allow from 79.1.231.151 62.123.134.83 Satisfy All Unfortunately, when I access that directory using http protocol, it is asking for the password before it redirects the page to the secure version. This means the password is sent unencrypted. What am I doing wrong? Is there a way to do this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >