Search Results

Search found 8253 results on 331 pages for 'secure coding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 180/331 | < Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >

  • Web Server Users - Best Practice

    - by Toby
    I was wondering what is considered best practice when several developers/administrators require access to the same web server. Should there be one non-root user with a secure username and password unqiue to the web server which everyone logs in as or should there be a username for each person. I am leaning towards a username for each person to aid in logging etc however then does the same user keep the same credentials over several servers, or should at least their password change depending on the server they are on? Should any non-root user of the system be added to the sudoers file or is it best practice to leave everyone off it and only let root perform certain tasks? Any help would be greatly appreciated.

    Read the article

  • Is it possible to code on two different computers simultaneously?

    - by Muhammad
    I want to work with another programmer and I want the source code to be live in real-time on both of our screens. Is this possible on the Mac OS x or Linux? We're going to be using OS X but occasionally we might need to add an Ubuntu computer too. Is there a way I can do this using ssh, any shell based program, or even a good GUI? I thought Coda might be capable of this but it's not really working. Anyone ever do this? I'm not look for a git/svn/or any other version control system. This is more of a live coding session. :)

    Read the article

  • How to link data in different worksheets

    - by user2961726
    I tried consolidation but I can not get the following to work as it keeps saying no data consolidated. Can somebody try this dummy application and if they figure out how to do the following below can give me a step by step guide so I can attempt myself to learn. I'm not sure if I need to use any coding for this: In the dummy application I have 2 worksheets. One known as "1st", the other "Cases". In the "1st" worksheet you can insert and delete records for the "Case" table at the bottom, what I want to do is insert a row into the Case Table in worksheet "1st" and enter in the data for that row. What should happen is that data should be automatically be updated in the table in the "Cases" worksheet. But I can't seem to get this to work. Also if I delete a row from the table in Worksheet "1st" it should automatically remove that record from the "Cases" worksheet table. Please help. Below is the spreadsheet: http://ge.tt/8sjdkVx/v/0

    Read the article

  • OMG. Is Webmin safe? I can see file codes in Chrome browser without login

    - by Arwana
    When Im in File Manager of Webmin, I can double click and see the codes of the files in new tab in Firefox with its specific URL. But when I remove ?rand=xxxx... after the file.php and paste the URL in Chrome browser, I still can see the codes. This is the URL I just pasted in the Chrome browser http://xxx.xxx.xxx.xxx:10000/file/show.cgi/var/www/html/mysite.com/files/file.php And then, I logout of webmin, and I change the file.php with other file, I can see the codes. OMG. Is Webmin safe? and how to secure this?

    Read the article

  • USB-keyboard & mouse powered off in windows-7

    - by sinned
    I have a problem with a pc where usb devices are not getting any power as soon as windows starts up (it works in preboot). This pc has no ps/2, so there is no chance for input, also not in secure boot mode. I "tidied up" using sysinternals autostart, so there is a chance I messed something up here, although I'm quite sure I only deleted some old printer drivers from autostart. I do not know how to reset this, I cant even log in because there is no input possible. I could use a linux live cd, but I don't know what to do there because there is no sysinternals from linux into a not running windows... To make things even worse, I have the windows installation completely encrypted with truecrypt, so I haven't even tried windows recovery cd yet. There is no loss of data since I can access the disc with a live-linux, I only want to use it again without resetting up everything. Any suggestions?

    Read the article

  • Our company claims that the DLP system can even monitor the contents of HTTPS traffic, how is this possible?

    - by Ryan
    There is software installed on all client machines for DLP (Data Loss Prevention) and HIPAA compliance. Supposedly it can read HTTPS data clearly. I always thought that between the browser and the server, this was encrypted entirely. How can software sneak in and grab this data from the browser prior to it is encrypted or after it is decrypted? I am just curious as to how this could be possible. I would think that a browser wouldn't be considered very secure if this was possible.

    Read the article

  • How to cope with developing against a poor 3rd party API/application?

    - by wsanville
    I'm a web developer, and my organization has recently started to use a proprietary ASP.NET CMS for our web sites. I was excited to get started using the CMS, thinking it would bring a lot of value to our end users and be fun to work with, since my skills are a good match for the types of projects we're using it for. That was about a year ago. Since then, we've ran into all kinds of issues, from blatant bugs in the product, to nasty edge cases in the APIs, to extremely poor documentation for developers. On about a weekly basis, we are forced to pursue workarounds and rewrite some of the out of the box functionality, and even find some of the basic features unusable. In many cases, since this is a closed source application (and obfuscated of course), there's nothing we can do as developers to solve these issues. So my question is, how does one attempt to develop a good application in such a scenario? The application mostly works when using the the exact out of the box behavior, or using one of the company's starter sites. However, my attempts to use the underlying APIs to implement slightly different, yet reasonable behavior has proved to be extremely time consuming (not to mention just as buggy), given the lack of good information about the APIs. I've given this a lot of thought, and my conflicting viewpoints are the following: Strongly advise against any customization to the CMS, as development time will rise exponentially, or even have an extremely high chance of failing. While this is accurate, I do not want to give the impression that I am not willing to code my own solutions to problems and take the initiative to implement something difficult or complex. I don't want to be perceived as someone who is not motivated, lazy, or not knowledgeable to do anything complex, because this is simply not the case. I love coding my own solutions, trying new/difficult things, I just dislike the vendor app we're using. Continue on the path I'm on now, which is hacking my way past all issues I encounter and try my best to deliver an application that meets the needs and specs exactly. My goals are to make it as seamless and easy to use as possible to the end user, even when integrating the CMS with our other applications internally. The problem I'm finding with this approach is it is very time consuming. I open support cases with the vendor on a regular basis to solve issues and to gain knowledge of their APIs, but this is extremely time consuming, and in some cases it leads to dead ends. I post on the vendors forums on a regular basis but have become frustrated as most of my posts get 0 replies. So, what would you, a reasonable developer, do in this case? How can I make the best of the situation? And just for fun, here are some of the code smells and anti-patterns I've dealt with using the product (aside from their own code blatantly failing): Use of StringBuilder to concatenate a giant string that is hard coded and does not change. They use it to concatenate their Javascript and write it out into the body tags of their pages. Methods that accept object or Microsoft.VisualBasic.Collection as the parameters. In the case of the VB Collection, the data is not a list of any kind, it's used instead of making a class. Methods that return a Hashtable of VB Collections Method names of the form MethodName_v45, MethodName_v20, etc... Multiple classes with the same name in different namespaces with different functionality/behavior. Intellisense that reads "Note: this parameter is non functional" Complete lack of coding standards, API is filled with magic numbers and magic strings. Properties with a getter of type object that accepts totally different things, like enum or strings, and throw exceptions at runtime when you pass in something not supported. And much, much, more...

    Read the article

  • Black screen during startup

    - by Juanillo
    Hello, I've got a friend with a weird problem. When he starts his computer the screen is completely black untile the computer is completely started. So the screen is black until it suddenly shows the windows desktop. He said that this is happening since a technical service repaired his computer, but that repairment is not now in warranty. Recently the computer stopped working, but as the screen is black he cannot access to Bios or to secure start-up (by pressing F8). When he inserts the Windows Vista DVD the system doesn't boot from DVD (it musn't be configured in this way in the Bios.) Maybe there´s a problem with the hardware (maybe the graphic card). Can anyone explain a reason why the screen is black during start-up? Any idea of what to do with the computer to restore it? Thanks.

    Read the article

  • Standalone server setup for compute capacity

    - by mikera
    I'm developing an application for my company that will require a lot of compute capacity (running some very big mathematical calculations), and looking for some form of server setup to do this. For various reasons, we want to run this on-site in our office rather than hosting it externally. It's been a while since I last had to set up my own servers so I thought I would tap into the collective wisdom of serverfault! My broad requirements are: Budget $30-50k, with an aim to get as much compute capacity as possible for that budget 64-bit servers suitable to run Ubuntu Linux + Java Some relatively standalone rack that can be installed in secure office space Fast/low latency network connections between the servers, but don't really care about connectivity to the outside world Storage capacity shared between the servers - they don't necessarily need their own storage providing they can be booted from a common image Downtime can be tolerated (since the calculations are run in batch mode) The software itself is fault-tolerant, so there is no need for extra resiliency in the server setup (cheap replaceable commodity parts will be fine in general) Given these requirements what kind of setup would you recommend and why?

    Read the article

  • Amazon EC2 firewall rules & VPN connections

    - by John
    I'm moving from Rackspace to Amazon EC2. One thing I like about our Rackspace setup is that it is extremely secure. The MySQL box can only be accessed via internal IPs, and we have a Cisco VPN firewall that allows us to dial in remotely and access port 3306 as though we were on the internal network. I'd like to figure out how to replicate this setup with EC2. How can I make the MySQL box so that port 3306 can only be accessed on the internal network? What about the VPN piece of things? I know Amazon has the VPC service, but it seems like that's for the purpose of connecting to an existing network. I don't have an existing network. I want to essentially create one inside Amazon and connect to that. What are my options? Any good tutorials on how to get started? Thanks in advance for your help

    Read the article

  • Memory management in iphone cocos2d

    - by muthu
    i am iphone developer very new to this field....i am developing a ebook app in iphone using cocos2d...i use more than 150 images(i guess) the problem while turning from one page to another images get hanged randomly...... i tried this also [[TextureMgr sharedTextureMgr] removeAllTextures]; but went in vain...i guess the the problem is with the memory.....this my coding for all the pages -(id)init { if( (self=[super init] )) { self.isTouchEnabled = YES; [SimpleAudioEngine sharedEngine]; NSLog(@"b4 cover"); Sprite *bg1 = [Sprite spriteWithFile:@"a.jpg"]; bg1.anchorPoint = CGPointZero; [self addChild:bg1 z:-1]; once = TRUE; soundId = [[SimpleAudioEngine sharedEngine] playEffect:@".mp3"]; } return self; } -(void) transitionfront:(id) sender { [[SimpleAudioEngine sharedEngine] stopEffect:soundId]; soundId1 = [[SimpleAudioEngine sharedEngine] playEffect:@"page_turn.mp3"]; flip = [[Sprite spriteWithFile:@"a.jpg"] retain]; [self addChild: flip z:1]; [flip setPosition:ccp(160,240)]; Animation* animation1 = [Animation animationWithName:@"Page1" delay:0.09]; for( int i=1;i<4;i++) [animation1 addFrameWithFilename: [NSString stringWithFormat:@".jpg", i]]; id action = [Animate actionWithAnimation: animation1]; //id action = [RepeatForever actionWithAction:[Animate actionWithAnimation: animation1]]; [flip runAction:action]; [NSTimer scheduledTimerWithTimeInterval:0.3 target:self selector:@selector(moveforward) userInfo:nil repeats:NO]; } -(void) moveforward { [[SimpleAudioEngine sharedEngine] stopEffect:soundId1]; [[Director sharedDirector] replaceScene: [ [Scene node] addChild: [nextpage node] z:0] ]; } -(void) transitionback:(id) sender { [[SimpleAudioEngine sharedEngine] stopEffect:soundId]; soundId1 = [[SimpleAudioEngine sharedEngine] playEffect:@".mp3"]; flip = [[Sprite spriteWithFile:@".jpg"] retain]; [self addChild: flip z:1]; [flip setPosition:ccp(160,240)]; Animation* animation1 = [Animation animationWithName:@"Page1" delay:0.09]; for( int i=3;i>0;i--) [animation1 addFrameWithFilename: [NSString stringWithFormat:@".jpg", i]]; id action = [Animate actionWithAnimation: animation1]; //id action = [RepeatForever actionWithAction:[Animate actionWithAnimation: animation1]]; [flip runAction:action]; [NSTimer scheduledTimerWithTimeInterval:0.3 target:self selector:@selector(movebackward) userInfo:nil repeats:NO]; } -(void) movebackward{ //[[SimpleAudioEngine sharedEngine]stopEffect:@".mp3"]; [[Director sharedDirector]replaceScene:[[Scene node]addChild:[b4page node] z:0]]; } -(void) glossary :(id) sender { [[SimpleAudioEngine sharedEngine]stopEffect:soundId]; [[Director sharedDirector]replaceScene:[[Scene node]addChild:[ node] z:0]]; } -(BOOL)ccTouchesEnded:(NSSet *)touches withEvent:(UIEvent *)event { UITouch *touch = [touches anyObject]; CGPoint cocosTouchPoint = [touch locationInView: [touch view]]; CGPoint point = [[Director sharedDirector] convertToGL:cocosTouchPoint]; NSLog(@"pointx: %f pointy:%f", point.x, point.y); // Was a tab touched, if so, which one... if (CGRectContainsPoint(CGRectMake(220, 0, 100, 70), point)) { if(once) { NSLog(@"enterred page1"); [self transitionfront:nil]; once = FALSE; } } if (CGRectContainsPoint(CGRectMake(0,0,60,60), point)) { if(once) { NSLog(@"enterred cover"); [self transitionback:nil]; once = FALSE; } } if (CGRectContainsPoint(CGRectMake(100, 15, 30, 30), point)) { if(once){ [self glossary :nil]; once = FALSE; } } return kEventHandled; } -(void)playEffect:(NSString*)sound{ if(effectPlayer!=nil){ [effectPlayer release]; } NSURL *url = [NSURL fileURLWithPath:[[NSBundle mainBundle] pathForResource:sound ofType:@"mp3"]]; effectPlayer = [[AVAudioPlayer alloc] initWithContentsOfURL:url error:nil]; [effectPlayer setDelegate:self]; [effectPlayer play]; } -(void)stopEffect { [effectPlayer stop]; } -(void) dealloc{ [super dealloc]; } do pls help me........ do give me a exact coding this is the err..... *** Terminating app due to uncaught exception 'NSInvalidArgumentException', reason: '*** -[NSCFDictionary setObject:forKey:]: attempt to insert nil value (key: aesop.mp3)' 2010-05-27 10:43:09.834 abc[276:20b] Stack: ( 11674715, 2476006971, 11758651, 11758490, 5126917, 660698, 660881, 661061, 131577, 448857, 120432, 153433, 630890, 23694899, 23603228, 23630005, 47120081, 11459456, 11455560, 47114125, 47114322, 23633923, 9928, 9814 )

    Read the article

  • Load images in parallel - supported by browser or a feature to implement?

    - by Michael Mao
    Hi all: I am not a pro in web development and Apache server still remains a mystery to me. we've got a project which runs on LAMP, pretty much like all the commercial hosting plans. I am confused about one problem : does modern browsers support image loading in parallel? or this requires some special feature/config set up from server side? Can this be done with PHP coding or by some server-side configuration? Is a special content delivery networking needed for this? The benchmark demonstration will be the flickr website. I am too suprised to see how all image thumbnails are loaded in a short time after a search as if there were only one image to load. Sorry I cannot present any code to you... completed lost in this:(

    Read the article

  • how to make SFTP work on Windows

    - by cyberkiwi
    What is the correct way to set up sshwindows for SSH key authentication? Does the user need to be created in Windows first or can a login be inserted into passwd without a Windows equivalent? I've searched on Google and have tried the tutorials and quick start guides. So far, exactly 0 have worked. None pointed out that to work in Windows 2008 R2, you need to change the properties of cygrunsrv.exe to "Windows XP SP3" compability mode to even get past the service startup "error 1067". Although it is running, no amount of configuration allowed me to log on to the SFTP server, even though I tried (from another machine): same user account added using "mkpasswd" + windows password same user account added using "mkpasswd" + public ssh key (added to /home/theuser/.ssh) On Windows 2003 R2 (a different attempt), the service would crash every time it started up. Some links I went through http://pigtail.net/LRP/printsrv/cygwin-sshd.html http://forevergeeks.com/how-to-setup-a-secure-ftp-sftp-site-with-openssh-on-windows/ http://support.moonpoint.com/os/windows/server2003/openssh-service-not-starting.html

    Read the article

  • Ownership/permissions of uploaded files

    - by Cudos
    Hello. I want to find out if I am on the right track. My script uploads files to the directory "images". The directory has this setup: owner/group = www-data Permissions = 700 Questions: Is this a good way to secure the directory from a hacker uploading files? Will the hacker be able to upload the files directly to the directory? Note: I have a bunch of other security measures in my upload script + an .htaccess script in the directory that disables script Execution. I just what to know if the permissions on the directory is sensible. I run apache 2.2

    Read the article

  • Best blog package/platform (java, php etc)?

    - by user50912
    Hi Folks, I want to set up a blog, but I want it to reside on a URL I've bought, I also don't want any of the ads and such that sit around other blogs on blog specific sites like blogspot and generally want more control. I was thinking of getting shared hosting with mysql and such to get it going (as opposed to a VM which would be overkill). Then I just need to decide on the easiest quickest (and most secure) way of getting something up there. After some googling, I see b2evolution.net which sits on php, or Apache Roller, which seems to sit on Java. Could anyone offer any advice on whats my best approach here? Are there security concerns with either or has anyone any experience in this area? I really want setup time to be minimal, so I can concentrate of the feel of the blog rather than whats under the hood. Many Thanks.

    Read the article

  • 3 Root accounts in MySQl database

    - by hairbymaurice
    Hello, I have managed to get mySQL running under Ubuntu 8.10, I am now diligently trying to secure the database and am adding passwords for the root users. My question: I have a root user under the host "kickseed" with no password set I have no idea what kickseed is as the database is installed under localhost, on searching around i have discovered that this is something to do with the ubuntu OS itself. Is it safe to delete this user account from MySQL or is it used for something by the OS? If i need to keep it should i /can i protect it with a password? Also i have another root account under the host IP 127.0.0.1 again can i delete this? My absolute preference would be to have only one account with root access but i do not want to delete these accounts if they are necessary. Thanks for tolerating a newbie Regards Hairby

    Read the article

  • Setting up SSL on Nginx, Passenger, Sinatra

    - by 12preschph
    I have a Sinatra app that runs both on locally and on Heroku. When visiting my site over HTTPS across Heroku, it will indeed work as Heroku provides this by default. How can I set up SSL to work on my localhost machine? I will enable my Sinatra app to only allow secure connections so I need to test this both in development and production. Currently, I am running the following locally: SERVER= nginx/1.6.0 + Phusion Passenger 4.0.42 Also, where is my nginx folder? I don't have it installed in the normal location (Ubuntu) so this must come custom with Passenger?

    Read the article

  • VirtualBox error with Ubuntu virtual machine

    - by user2985363
    I am trying to work on a coding project and cannot open my Ubuntu virtual machine with Oracle VM VirtualBox. I took a snapshot yesterday at about 11, and it was working fine. Several times I closed and reopened it. Today when I tried to open it, I kept getting the error below. Failed to open a session for the virtual machine Ubuntu 12.04 32-bit. VM cannot start because the saved state file 'C:\Users\Tyler\VirtualBox VMs\Ubuntu 12.04 32-bit\Snapshots\2014-01-30T19-59-05-976647800Z.sav' is invalid (VERR_FILE_NOT_FOUND). Deleted the saved state prior to starting the VM. I tried deleting the file as it said, but none of the snapshots would open still. The file is still in my recycling bin. What can I do? Also, I took the 1/31 snapshot today before I deleted the previous one.

    Read the article

  • Client-side certificates

    - by walshms
    My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

    Read the article

  • Do superuser things with normal user

    - by OrangeTux
    I want to secure the SSH access to my server. One thing I read everywhere is to disable the root user login. To still have access via SSH I created another user via sudo adduser john How can I still do root things with this account? sudo command asks for a password of the user but gives john not in sudoer file. Action will be reported. When I use su I log in as root which I'm going to disable. How can I stil do root things with the normal account john?

    Read the article

  • No colors when running native windows shell application from mintty

    - by Pete
    Hi. I have installed cygwin (i'm not very experienced with it), and try to run a native windows shell application from it, (msbuild.exe which is the build tool for the .NET framework, to be exact). When I run the application from the normal cygwin bash shell, the output of the application appear as it should with the text colors that I would normally see in the windows command line. But when I execute the program from a mintty terminal, there is no coloring of the output, all text is in the default foreground color. I'm puzzled, because I would have expected the color coding to be the standard ANSI color code escape characters... Can this be fixed?

    Read the article

  • Exchange 2010 550 5.7.1 unable to relay

    - by isorfir
    I have a website application that needs to send email via our Exchange servers. It sends email internally fine, but when sending to an external address I get the 550 5.7.1 unable to relay error. I followed this guide to create a connector to allow relay. Unfortunately, all office email was trying to use that connector and was not being routed correctly. It also appeared as though it opened it up for spammers to use. This is obviously unacceptable and a secure method is needed.

    Read the article

  • Using Windows Azure storage for backup

    - by Bruno
    I am currently looking at Windows Azure blobs as an option for backing up archive data. I want to be able to upload files from an external windows machine via the internet but I don't know enough about Windows Azure storage to make a decision. Some of the questions I have are How do I upload the files. Is there a client application, can I use robocopy? Would it be fast enough? i.e. Could I download or upload 1TB of data in a week? Is it secure? Hopefully someone smarter than me can help me :-)

    Read the article

  • Install ubuntu on MacBook Pro

    - by n179911
    Hi, Can you please tell me what is the preferred way to install Ubuntu on MacBook Pro? I have a MacBook Pro with MacOSX 10.5. I need a Linux environment some times. So what is the best way to achieve that? 1. Make it dual boot? (but I don't know if that is possible with MacBook) 2. Install Virtual Box and then put Ununtu on top of it? (But I am not sure if this configuration will be slow, so I need a Linux environment for coding, so it needs to do compiling and debugging and stuff). Thank you for any tips.

    Read the article

  • Allowing users in from an IP address without certificate client authentication

    - by John
    I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside. Here is my configuration: <Directory /srv/www> AllowOverride All Order deny,allow Deny from all # office network static IP Allow from xxx.xxx.xxx.xxx SSLVerifyClient require SSLOptions +FakeBasicAuth AuthName "My secure area" AuthType Basic AuthUserFile /etc/httpd/ssl/index Require valid-user Satisfy Any </Directory> When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate. When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen and following configuration works perfectly <Directory /srv/www> AllowOverride All Order deny,allow Deny from all Allow from xxx.xxx.xxx.xxx AuthUserFile /srv/www/htpasswd AuthName "Restricted Access" AuthType Basic Require valid-user Satisfy Any </Directory>

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >