Search Results

Search found 8253 results on 331 pages for 'secure coding'.

Page 182/331 | < Previous Page | 178 179 180 181 182 183 184 185 186 187 188 189 | Next Page >

How can I force all requests to be SSL when using EC2 load balancer?

- by chris

I currently have a single EC2 instance which is forcing all requests to be secure by using mod_rewrite: RewriteEngine On RewriteCond %{SERVER_PORT} !443 RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R,L] I am planning on moving to a load balanced setup, with multiple back-end instances. If I set up my EC2 load balancer with my certs, do I need to use SSL to communicate between the LB and my instances? If not, is it as simple as replacing the RewriteCond with RewriteCond %{HTTP:X-Forwarded_Proto} ^http$ Edit: I tried using the x-forwarded-proto, but it does not appear to work. Is there another way to detect if someone is connected to the LB via SSL?

Read the article
Forward svn port

- by ankimal

We have our svn server on a machine not accessible from the internet. But we need to be able to check out code from the internet over ssh. Given that we can do port forwarding on a machine accessible from the internet, whats the best way to set this up? Internet -> A machine on our network - > svn server (Port forward here? ) If not port forwarding, whats the most secure way of doing this, if there is any?

Read the article
Got root, now how should I configure my server?

- by L. De Leo

I've been a developer for years and by trade I had to know a little bit of server side configuration. But now I find myself needing to manage my own VPS instance (Amazon EC2) and I'm lost. I'd like to know what are the common ways to configure an Apache and MySQL server that is secure and efficient. For example right now I'm doing everything as root but I doubt that's the best way at all. My whole Apache is configured to serve 1 site when I'd like it to be able to serve multiple sites. Where do I start?

Read the article
Update Windows using VB.net

- by kagstrom2100

I'm currently having my internship at a elementary school. I got the task to setup users for some classes, with that I also need run Windows Update too. So I have been scanning Google for something that does this in vb.net since I have been coding some in that before. I din't find much on the subject except for "C:\Windows\System32\wuauclt.exe /detectnow" though when I run it it don't seem to do much. So the question is it there is any command or file you can run to make Windows download and install updates? To clarify it need to work on Windows 7, I'm also writing the program in .NET 3.5. Please let me know if you need any more information! Thanx in advance :)

Read the article
What are the current options to encrypted a partition on mac os x ?

- by symbion

I recently got my laptop stolen with some sensitive informations on it (personal source code, bank details in a secure file, passwords, etc) and I learnt the lesson: encrypt your sensitive data. Now, I am wondering what are the options to encrypt a partition (not an encrypt disk image) ? Aim: The aim is to prevent anyone (except me) to access those data. Requirement 0: The software must be able to encrypt non system partition. Requirement 1: Plausible deniability is required but preventing cold boot attack is however not an absolute requirement (I am not famous enough or have sensitive enough info to have this kind of requirement). Requirement 2 : Software taking advantage of AES hardware encryption are very welcome as I intent to get a Macbook Pro with i7 CPU (with AES-NI enabled instructions). I will have avirtual machine running in the encrypted partition. Requirement 3 : Free or reasonably cheap. Requirement 4 : Software must run on Mac OS X Snow Leopard or Lion. So far, TrueCrypt is the only option I have found. Regards,

Read the article
Public Wi-Fi and software updates

- by coding4fun

According to Microsoft, "Never update your software on a public Internet connection." So I have some questions. 1. What if a public Wi-Fi hotspot is the only Internet available, ever? Never update anything? 2. What happens if Windows or some other program is set to update automatically and attempts to do so while you are using a public Wi-Fi? Disable all automatic updates on all software? 3. Will VPN help to secure software updates? If so, how to go about it? Thanks.

Read the article
How to built a hackintosh with original purchased Mac lion OS? [closed]

- by Nabayan

Does anyone here ever built Hackintosh by themselves? Actually I'me new in this technology and trying to get hold of Mac system where I can start coding in Xcoder. I've tried in VMplayer and was able to run the Mac environment but unfortunately was not able to run X-code. I've a original MacOS downloaded few days ago and want to built a hackintosh. There is no suitable information that came across to me which give step to step full proof procedure to built a hakintosh by self. It would be really really great if anyone can guide me here. Thanks. Naba

Read the article
Accessing our Intranet from outside our Network - WITHOUT VPN

- by westexasman

We just upgraded our company intranet from an IIS based, ASP (poorly written) server/code base to a Windows Server 2008 r2 (Apache/MySQL/PHP) server. The old server allowed users to login to intranet.xxx.org using there AD user/pass which then lead them to the company Intranet from basically anywhere they had Internet access. We want to mimic that functionality (or change it to something more secure) with the new setup. This was seemingly setup for off-site employees running on a state network. The state network does not allow VPN, therefor, we needed a way to allow those employees access to the Intranet. So, how do we go about allowing users to login from the outside world and gain access to our Intranet?

Read the article
using main domain as a mail server

- by zensys

I have a mail server set up as mail.mydomain.com like most people do. Now I find out that if I want to secure both mail.mydomain.com and mydomain.com with ssl I need two SSl certificates (or one more versatile but more expensive certificate). Does it make sense to run my mail server under mydomain.com (it is the same physical machine anyway) to save certificate expenses (I am Dutch) or is this being pound foolish? What is the rationale of separating the mail server from the 'www' server apart from the intuitive 'neatness' appeal?

Read the article
Upgrade Subversion 1.6 to 1.7 on CentOS? (can't find yum repository)

- by user743919

I want to upgrade my SVN Server from 1.6 to 1.7. Unfortunately I can't find anything on the internet how to do this with yum. I have checked rpmforge-extras but it has only svn 1.6 and not 1.7 I wanted to update with yum because this is the most secure way for me. I'm not an experienced Linux user. Is there a yum repository that contains 1.7 (subversion.x86_64 0:1.7.xxxxx.el5.rfx) I hope somebody can help me out? If there is non, perhaps a short explenation how to update with just step by step.

Read the article
Linux live cd with Broadcom Wi-fi support

- by paul simmons

I am looking for a live distro that has out of the box Broadcom wireless support. I am pretty happy with my Ubuntu installation and as long as I have an ethernet connection first time installed, I can install Broadcom drivers over internet. But being a little paranoid, I make my secure operations (banking etc.) with a live cd and zero hard disk access, so nothing is recorded. So far I plug ethernet to do such things with the live cd, but it would be nice if I can do same thing with wireless.

Read the article
Why do people tell me not to use VLANs for security?

- by jtnire

Hi Everyone, As per title, why do people tell me not to use VLANs for security purposes? I have a network, where a have a couple of VLANS. There is a firewall between the 2 VLANs. I am using HP Procurve switches and have made sure that switch-to-switch links accept tagged frames only and that host ports don't accept tagged frames (They are not "VLAN Aware"). I've also made sure that the native VLAN (PVID) of the trunk links are not the same as either of the 2 host VLANs. I've also enabled "Ingress Filtering". Furthermore, I've made sure that host ports are only members of a single VLAN, which is the same as the PVID of the respective port. The only ports which are members of multiple VLANs are the trunk ports. Can someone please explain to me why the above isn't secure? I believe I've addressed the double tagging issue.. Thanks

Read the article
Windows File Checksums - Is my system hacked?

- by rism

I would like to know if there is a utility to verify the checksums of every windows file on my Win 7 Ultimate system. It seems on the surface such an obvious utility but I dont ever remember seeing one? I had a very weird experience while surfing earlier today and now Im not entirely sure my system is secure. I have a collection of tools in the WSCC suite but these tools no doubt just make system calls to the win32 api and if that has been subverted then the tools are practically useless. How do I know my Win 7 files are actually Win 7 files? I am particularly interested in verifying the integrity of all network TCP/IP files.

Read the article
Do you leave Windows Automatic Updates enabled on your production IIS server?

- by Nobody

If you were running a 24/7 website on Windows Server 2003 (IIS6). Would you leave the Windows automatic update feature enabled or would you turn it off? When enabled, you always get the latest security patches and bug fixes automatically as soon as they're available, which is the most secure choice. However, the machine will sometimes get automatically rebooted to apply the updates leading to a couple of minutes of downtime in the middle of the night. Also, I've seen rare occasions where the machine does not restart correctly resulting in further downtime. If auto updates are off, when do you apply the patches? I guess you have to use a load balancer with multiple web servers and rotate them out of the production site, apply patches manually, and put them back in. This can be logistically inconvenient when the load balancer is managed by a hosting company. You will also have machines in production that don't always have the latest security patches and you have to routinely spend time deciding which patches to apply and when.

Read the article
Controlling access to my API using SSH public key (not SSL)

- by tharrison

I have the challenge of implementing an API to be consumed by relatively non-technical clients -- pasting some sample code into their WordPress or homegrown PHP site is probably as much as we can ask. Asking them to install SSL on their servers ain't happening. So I am seeking a simple yet secure way to authenticate API clients. OAuth is the obvious solution, but I don't think it passes the "simple" test. Adding a client id and hashed secret as a parameter to the requests is closer -- it's not hard to do md5($secret . $client_id) or whatever the php would be. It seems to me that if client requests could use the same approach as SSH public keys (client gives us a key from their server(s) there should be some existing magic to make all of the subsequent transactions transparently work just as regular HTTP API requests. I am still working this out (obviously :-), so if I am being an idiot, it would be nice to know why. Thanks!

Read the article
Cannot access Nagios Web Interface

- by Dominiqs

After successfully installing Nagios core 3.4.1 (i also installed plug-in1.4.11) on our linux rhel 5.3 server i cannot login to the nagios web interface.I am running apache 2.2.3 I am using internet explorer 8 and also firefox 3.6.3 When i try to enter the url http//localhost/nagios/ on a desktop (on the same network as the Nagios server)it does seem to like it but if i try http//x.x.x.x/nagios/ (where x.x.x.x is the IP address of my nagios server) it likes it but then the authentication popup appears after entering the password and username(nagiosadmin) it throws the errors below The server x.x.x.x at Nagios access requires a username and password Warning this server is requesting that your username and password be sent in an insecure manner(basic authentication without a secure connection) After a few attempts i get error 401 authentication required error from internet explorer ;this server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials or your browser doesnt understand how to supply the credentials required. Help Please anyone..seems like an authentication issue

Read the article
Fully secured gateway web sites

- by SeaShore

Hello, Are there any web sites that serve as gateways for fully encrypted communication? I mean sites with which I can open a secured session, and then to exchange through them with other sites in a secure way both URLs and content? Thanks in advance. UPDATE Sorry for not being clear. I was wondering if there was a way to access any site over the Internet (http or https) without letting any Intranet-proxy read the requested URL or the received content. My question is whether such a site exists, e.g.: I am connected to that site via https, I send it a URL in a secured way, the site gets the content from the target site (possibly in a non-secured way) and returns to me the requested content in a secured way.

Read the article
Bsplayer - load audio tracks from external files

- by torran

I have a movie file: Video ID : 1 Format : AVC Format/Info : Advanced Video Codec Format profile : [email protected] Format settings, CABAC : Yes Format settings, ReFrames : 5 frames Muxing mode : Container [email protected] Codec ID : V_MPEG4/ISO/AVC Duration : 54mn 13s Bit rate : 3 380 Kbps Nominal bit rate : 3 459 Kbps Width : 1 280 pixels Height : 720 pixels Display aspect ratio : 16:9 Frame rate : 23.976 fps Resolution : 8 bits Colorimetry : 4:2:0 Scan type : Progressive Bits/(Pixel*Frame) : 0.153 Stream size : 1.28 GiB (88%) Writing library : x264 core 88 r1471 1144615 Audio ID : 2 Format : AC-3 Format/Info : Audio Coding 3 Codec ID : A_AC3 Duration : 54mn 16s Bit rate mode : Constant Bit rate : 384 Kbps Channel(s) : 6 channels Channel positions : Front: L C R, Side: L R, LFE Sampling rate : 48.0 KHz Stream size : 149 MiB (10%) and additional audio files in same folder: .mp3 and .ac3. How can I load them with bsplayer? Right click-audio-audio streams is empty. If i open the movie with media players classic I can switch audio files.

Read the article
Grails SSL TOMCAT

- by user974459

I'm implementing grails with SSL and deployed to tomcat 7.0. I have used spring security plugin for SSL. In tomcat, I added <Connector port="80" protocol="HTTP/1.1" connectionTimeout="200000000" redirectPort="443" /> <Connector port="8443" protocol="HTTP/1.1" connectionTimeout="200000000" redirectPort="443" /> <Connector port="443" maxThreads="200" scheme="https" secure="true" SSLEnabled="true" keystoreFile="${user.home}/.keystore" keystorePass="123456" clientAuth="false" sslProtocol="TLS"/> if I type https://localhost is ok. But my app doesn't work.

Read the article
Can I filter multiple column headers to display subheadings of each in Excel?

- by Gigi

I can't seem to find this anywhere... it may not even be possible without coding? I have a spreadsheet containing more than one heading in a single column. These headings are identified with blue background and white font. Each of these headings have items listed below them. These "subheadings" are smaller, auto-black font and no fill background. Currently I have to scroll down the spreadsheet to view all headers and their contents. How do I create a filter that would allow me to sort on whichever header I want, so that (only) the contents of that particular header are displayed?

Read the article
Windows freezes, showing a random color or pattern

- by Manu

I have a PC with windows 7, and I'm experiencing random freezes with increasing frequency. After some time (from 30 minutes to a few hours) the screen will shows a random color or pattern (vertical lines) and nothing works anymore, I need to reboot manually. I've checked the events log, but nothing is shown except for the unexpected reboot. I've tested the RAM with Memtest86+ 4.20, and the graphics card with FurMark 1.10.3, no errors have been found. I've updated the graphic drivers and openned the case to remove dust, but the issue is still there. Also, the problem doesn't seem to arise when I'm playing games fullscreen, but when I'm surfing the web, using itunes, or coding. My hardware is as follows : intel core i5 750 CPU, ATI Radeon HD 5670 graphics card, ASUSTeK P7P55D motherboard, two 2Gb KINGSTON DDR3 ram sticks, 2 SATA hard drives, a Netgear dongle for wifi.

Read the article
Reverse Proxy Server SSL?

- by valveLondon

Context We currently have an Apache web server in the DMZ set up as a reverse proxy and load balancer for two machines running Windows Server 2008 (IIS) inside. The Apache server has a genuine SSL certificate and serves up both http and https, however, the balancer members in the load balancing section are set to: BalancerMember {https://server1} and {https://server2}. The IIS web servers have self-signed certificates in order to respond to the https requests. My question: Do we need to forward any requests from Apache (in the DMZ) to the inside using SSL? e.g can the reverse proxy forward the requests using HTTP? and if so, why would I choose to forward them with SSL? (how secure is the http line between the dmz and the inside); In other words, can I totally disable SSL on my inside web servers?

Read the article
PcLinuxOs demands I use only one repository at time. Is it right?

- by m33600

I come to your presence with this question that is paralyzing my coding efforts. PclinuxOs was my distro of choice for reliability, but it is jealous and does not permit me to add repos from, say, Debian. The wiki is clear advising on using just one repo, and I end up not finding what I used to find on normal Debians. Multimon, the audio decoder, for example (my other question) is not there. When I try to install multimon with hammer and plies, it returns errors of all kinds. Is there a way to safely and temporarily add a repository, make the install and remove the repo, returning pclinuxos to its stable state?

Read the article
With Bash + iTerm2, how to name tabs?

- by Problemaniac

In iTerm2 (Build 1.0.0.20120203), I typically open several tabs, each of which has split panes , and is about one particular theme of work, for example revision control, coding, managing files, mysql terminal work. I typically need to switch between 5 or more tabs in my work flow. It is sometimes hard to remember or tell which is which by looking at the content of the screen. I'd like to name the tabs somehow, so I can quickly tell which is which by quickly glancing. Is this possible?

Read the article
Cannot SSH into Virtual Machine

- by MasterGberry

I am running a CentOS VM on my desktop that I use for development testing when coding in python. At my school I have a dedicated IP setup for the VM and my desktop so I never seem to have an issue ssh'ing from desktop into VM. I am now at home for winter break and cannot seem to SSH into the VM using the local ip address behind my router, the external IP with port 22 forwarded to my VM, or anything. Strangely enough I can ssh into my production server and then fromt here ssh into the VM, but not from my desktop to the VM directly What should I do to get this to work? Thanks

Read the article

< Previous Page | 178 179 180 181 182 183 184 185 186 187 188 189 | Next Page >