Search Results

Search found 6253 results on 251 pages for 'apache2 ssl'.

Page 226/251 | < Previous Page | 222 223 224 225 226 227 228 229 230 231 232 233 | Next Page >

Getting attachments from a mail account with .NET

- by MarceloRamires

I'd like a free library for .NET to get attachments from an account (such as gMail, or others) via imap4 (not necessarely), and save them in a folder. Ideally it would allow me to get a list of them, and download only some given ones (filtering by extension, name, and/or size) and be free. I've already done this with a trial version of EAGetMail, but for the purpose of what i'm trying to attempt buying the unlimited version of this library isn't quite suitable (i didn't know that this functionality itself was one among the ones with limited time). ---[edit - Higuchi]--- I'm using the following code: Dim cl As New Pop3Client() cl.UserName = "[email protected]" cl.Password = "mypassword" cl.ServerName = "pop.gmail.com" cl.AuthenticateMode = Pop3AuthenticateMode.Pop cl.Ssl = False cl.Authenticate() //takes a while, but passes even if there's a wrong password Dim mg As Pop3Message = cl.GetMessage(1) //gives me an exception: Message = "Pop3 connection is closed" As commented, I am having some issues while trying to connect and get the first e-mail. any help ?

Read the article
How can one make a web-site accessible only when someone has a dongle?

- by Brian M. Hunt

Suppose you want to add an extra layer of credentials on top of a SSL-encrypted login/password, but you don't want to increase complexity to the user. Is there a way to add the requirement of the possession of a dongle to web-server authentication schemes with existing cross-platform browser capabilities? In other words, to get access to the web-site, you would need a username, password, and a USB dongle that has been plugged into the client computer. The dongle would presumably do some sort of challenge/response. It'd be ideal if this dongle solution worked with Firefox automatically or with the simple addition of a plugin. Thoughts and suggestions are appreciated.

Read the article
Default /server-status location not inheriting in Apache

- by rmalayter

I'm having a problem getting /server-status to work Apache 2.2.14 on Ubuntu Server 10.04.1. The default symlinks for status.load and status.conf are present in /etc/apache2/mods-enabled. The status.conf does include the location /server-status and appropriate allow/deny directives. However, the only vhost I have in sites-enabled looks like this. The idea is to proxy anything with a Tomcat URL to a cluster of tomcats, and anything else to an IIS box. However, this seems to result in requests to /server-status being sent to IIS. Copying the /server-status in explicitly to the Vhost configuration doesn't seem to help, no matter what order I use. Is it possible to include /server-status do this within a vhost configuration that has a "default" proxy rule?: <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <Proxy balancer://tomcatCluster> BalancerMember ajp://qa-app1:8009 route=1 BalancerMember ajp://qa-app2:8009 route=2 ProxySet stickysession=ROUTEID </Proxy> <ProxyMatch "^/(mytomcatappA|mytomcatappB)/(.*)" > ProxyPassMatch balancer://tomcatCluster/$1/$2 </ProxyMatch> #proxy anything that's not a tomcat URL to IIS on port 80 <Proxy /> ProxyPass http://qa-web1/ </Proxy>

Read the article
How do i install apache on my ubuntu 12.04 where it has virtualhost

- by YumYumYum

According to the docs https://help.ubuntu.com/10.04/serverguide/httpd.html i have done following, and that is almost how i do always in my Fedora, but Ubuntu looks like its not working. a) DNS to IP $ echo "127.0.0.1 a" > /etc/hosts $ echo "127.0.0.1 b" > /etc/hosts b) Apache virtualhost $ ls 1 2 default default.backup default-ssl $ cat 1 <VirtualHost *:80> ServerName a ServerAlias a DocumentRoot /var/www/html/a/public <Directory /var/www/html/a/public> #AddDefaultCharset utf-8 DirectoryIndex index.php AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> $ cat 2 <VirtualHost *:80> ServerName b ServerAlias b DocumentRoot /var/www/html/b/public <Directory /var/www/html/b/public> #AddDefaultCharset utf-8 DirectoryIndex index.php AllowOverride All Order allow,deny Allow from all </Directory> </VirtualHost> c) load into Apache and restart the service $ a2ensite 1 $ a2ensite 2 $ a2dissite default $ /etc/init.d/apache2 restart d) Browse the new 2 hosts $ firefox http://a Does not work it goes always with http://a or http://b to /var/www/html How do i fix it so that it goes to its own directory e.g: http://a goes to /var/www/html/a/public not /var/www/html?

Read the article
How is 'processing credit card data' defined (PCI)?

- by Chris

If i have a web application and i receive credit card data transmitted via a POST request by a web browser over HTTPS and instantly open a socket (SSL) to a remote PCI compilant card processor to forward the data and wait for a response, am i allowed to do that? or is this receiving the data with my application and forwarding it already subject of "processing credit card data"? if i create an iframe that is displayed in a client browser to enter cc data and this iframe posts the data via HTTPS to remote card processor (directly!) is this already a case of processing credit card data? even if my application code 'doesnt touch' the entered data with any event handlers? i'm interested in the definition "credit card data processing". when does it start to be a cc data processing application? can somebody maybe point me to that section in PCI-DSS standard that clearly defines when you start to 'be a processing application'? Thanks,

Read the article
Active Directory public key use

- by Chris Meadows

I have a client who has a requirement to validate users logging into my web application against his active directory using LDAP. In trying to connect using the DirectoryEntry and DirectorySearcher .NET classes, I can connect to his AD Server but not access it. The client's AD server has an SSL Certificate for which he has given me a public key file but I don't know how to use this public key file in my C# code. When I issue the connect command through code, I see, via Wireshark, my application sending the connection request. I then see the server responding with "Server Hello, Certificate, Certificate Request, Server Hello Done". Then my application never responds after that. In using another application, written by somebody else for which I do not have code, I see the same request from the server and then see the application respond with "Certificate, Client Key Exchange" and then the application connects and runs. With that said, my question then becomes, how can I get my C# application to load and send the key file I got from the client?

Read the article
cannot access localhost using ip

- by Robert

I have done a small web development project using eclipse. It runs well when I try running it on browser with url localhost:8080/myproject/home.html. But if I want to access it on another machine (laptop, mobile, etc. using the same wifi) it is not possible; it is not able to connect. After Googling for a while found out that I have to use the IP address instead of 'localhost'. So I tried 10.0.0.4:8080/myproject/home.html, but still does not work. In fact i am unable to open that url on the same machine (where localhost:8080/myproject/home.html works fine). I also added a new Inbound rule in control panel firewall settings, allowing access to all ports for protocol TCP. Still have problem in running application with the url 10.0.0.4:8080/myproject/home.html (both on same machine as well as laptop and mobile). FYI i am using Eclipse Indigo, Apache tomcat 6.0 and server.xml file contents is as below: <?xml version="1.0" encoding="UTF-8"?> <Server port="8005" shutdown="SHUTDOWN">  <Listener SSLEngine="on" className="org.apache.catalina.core.AprLifecycleListener"/>  <Listener className="org.apache.catalina.core.JasperListener"/>  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>  <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"/> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>  <GlobalNamingResources>  <Resource auth="Container" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" name="UserDatabase" pathname="conf/tomcat-users.xml" type="org.apache.catalina.UserDatabase"/> </GlobalNamingResources>  <Service name="Catalina">    <Connector port="8080" protocol="HTTP/1.1" address="10.0.0.4" connectionTimeout="20000" redirectPort="8443" />      <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>   <Engine defaultHost="localhost" name="Catalina">      <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>  <Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false">     <Context docBase="myproject" path="/myproject" reloadable="true" source="org.eclipse.jst.jee.server:myproject"/></Host> </Engine> </Service> </Server>

Read the article
What's the role of the brackets in the following piece of code?

- by Emanuil

This is the tracking code for Google Analytics: var _gaq = _gaq || []; _gaq.push(["_setAccount", "UA-256257-21"]); _gaq.push(["_trackPageview"]); (function() { var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true; ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s); })(); You can see that the function in the second paragraph is inside brackets. Why do you think is that?

Read the article
Puppet variables best practice, generalise or specialise?

- by Andrei Serdeliuc

I'm trying to figure out which things should be in git within the puppet manifest and which should be in env vars like FACTER_my_var and use that in the manifest instead. Scenario: you are deploying 3 php apps and you've already built all the layers up to the app in other manifests (base system, php extensions, users, etc), and all that's left is installing the correct app (from an apt repo) and creating a vhost. I'm tempted to have something along the lines of: apache::vhost { $::project_hostname: priority => '10', port => '80', docroot => $::project_document_root, logroot => "/var/log/apache2/${$::project_name}", serveradmin => '[email protected]', require => Package[httpd], ssl => false, override => 'all', setenv => ["APP_KERNEL dev"] } This would run on each server, and the FACTER_project_* vars would be set on a per server basis. An obvious restriction of this would be that you can't run more than one app with this specific example. Or would you rather have project_x.pp, project_y.pp which have hardcoded paths and names?

Read the article
How to point any *.mydomain variation to localhost (for development)?

- by user41339

Hi all. I am developing a site, which will make use of any given [variation of] subdomain name part (that is, the part prefixed before the host name and, optionally, the TLD part). I would imagine that in production, that would be an easy feat - make sure the DNS for second-level domain name part points to an IP, set up Apache2 virtual host to listen on that (or any) IP port 80, and just use PHP to make decisions based on the "Host" request header. However, currently the site is localhost, since I am developing it using my workstation, so first I patched the /etc/hosts to include: 127.0.0.1 mydomain I only used one name part (arguably a custom TLD) so as to not interfere with the Internet domain names. Then I set up a VirtualHost directive for Apache 2.2 like: <VirtualHost *:80> ServerName mydomain But now I can see that f.e. example.mydomain does not point to localhost, meaning the the /etc/hosts addition is not effective for "something.mydomain". It appears the rules are taken verbatim, and also I have checked that wildcards like *.mydomain are not allowed. Is there a solution for this?

Read the article
Keepalived for more than 20 virtual addresses

- by cvaldemar

I have set up keepalived on two Debian machines for high availability, but I've run into the maximum number of virtual IP's I can assign to my vrrp_instance. How would I go about configuring and failing over 20+ virtual IP's? This is the, very simple, setup: LB01: 10.200.85.1 LB02: 10.200.85.2 Virtual IPs: 10.200.85.100 - 10.200.85.200 Each machine is also running Apache (later Nginx) binding on the virtual IPs for SSL client certificate termination and proxying to backend webservers. The reason I need so many VIP's is the inability to use VirtualHost on HTTPS. This is my keepalived.conf: vrrp_script chk_apache2 { script "killall -0 apache2" interval 2 weight 2 } vrrp_instance VI_1 { interface eth0 state MASTER virtual_router_id 51 priority 101 virtual_ipaddress { 10.200.85.100 . . all the way to . 10.200.85.200 } An identical configuration is on the BACKUP machine, and it's working fine, but only up to the 20th IP. I have found a HOWTO discussing this problem. Basically, they suggest having just one VIP and routing all traffic "via" this one IP, and "all will be well". Is this a good approach? I'm running pfSense firewalls in front of the machines. Quote from the above link: ip route add $VNET/N via $VIP or route add $VNET netmask w.x.y.z gw $VIP Thanks in advance. EDIT: @David Schwartz said it would make sense to add a route, so I tried adding a static route to the pfSense firewall, but that didn't work as I expected it would. pfSense route: Interface: LAN Destination network: 10.200.85.200/32 (virtual IP) Gateway: 10.200.85.100 (floating virtual IP) Description: Route to VIP .100 I also made sure I had packet forwarding enabled on my hosts: $ cat /etc/sysctl.conf net.ipv4.ip_forward=1 net.ipv4.ip_nonlocal_bind=1 Am I doing this wrong? I also removed all VIPs from the keepalived.conf so it only fails over 10.200.85.100.

Read the article
Send post to a different domain using JS

- by Lior

Hello, I'd like a post request to be sent once a certain text input field is changed, using javascript. So here is my current code: <input name="message" onchange="$.ajax({type: \"POST\", url: \"http://example.com/example.php\", data: \"message=\" + document.getElementsByName(\"message\")[0].value});" /> Now, it's working on a regular connection, but it's not working on a secured connection (SSL). I mean, the page is secured, but the request is sent to a non secured page. Is there a solution?

Read the article
Android:How to avoid XML verification failed error and Upgrading to 2.x SDK successfully?

- by user187532

Hi, I have setup for Android development with 1.5 SDK on Mac O.S X - Eclipse 3.5. I want to upgrade the SDK, so as i followed to choose Window-Android SDK and AVD Manager from Eclipse. But it throws error as follows: XML verification failed for https://dl-ssl.google.com/android/repository/repository.xml. Error: cvc-elt.1: Cannot find the declaration of element 'sdk:sdk- repository'. Failed to fetch URL I tried "http" instead of https, but still getting the same error. I don't know why such crap error comes. If i see Android website, http://developer.android.com/intl/zh-CN/sdk/index.html its confusing. Could someone guide me easily to update Android SDK to 2.x or later without uninstalling my current setup environment. Thanks. I appreciate your kind suggestions.

Read the article
SubDomain creation issue.Ubuntu 12.04 Apache 2.22 Webmin

- by anarchos78

I have a technical question concerning subdomains. My installation is UBUNTU 12.04 and WEBMIN for administration (using Apache web server). I am trying to create a subdomain to one IP (the domain is www.ithemis.gr and I want to create test.ithemis.gr and/or test1.ithemis.gr) with no success. I think I've tried the right way to set subdomains. The address does not resolving (I have already created DNS records via BIND). Do you have any suggestions? I am very new in server administration. Any help will be greatly appreciated! Apache configuration: In /etc/apache2/sites-available: Conf file:www.ithemis.gr.conf (main website) <VirtualHost 184.171.255.110:80> DocumentRoot /home/ithemis.gr ServerName www.ithemis.gr <Directory "/home/ithemis.gr"> allow from all #Options +Indexes Options +Includes -Indexes </Directory> </VirtualHost> Conf file:www.test.ithemis.gr.conf (subdomain website): <VirtualHost *:80> DocumentRoot /home/test.ithemis.gr ServerName test.ithemis.gr <Directory "/home/test.ithemis.gr"> allow from all Options +Indexes </Directory> </VirtualHost> My DNS records: Master Zone: ithemis.gr Name Type TTL Values ithemis.gr. NS Default ns1.themis.gr. ithemis.gr. A Default 184.171.255.110 ns1.ithemis.gr. A Default 184.171.255.110 ns2.ithemis.gr. A Default 184.171.255.110 mail.ithemis.gr. A Default 184.171.255.110 www.ithemis.gr. CNAME Default ithemis.gr. ithemis.gr. MX Default 5 mail.ithemis.gr. www.test.ithemis.gr. CNAME Default ithemis.gr. test.ithemis.gr. CNAME Default ithemis.gr.

Read the article
What's the role of the parentheses in the following piece of code?

- by Emanuil

This is the tracking code for Google Analytics: var _gaq = _gaq || []; _gaq.push(["_setAccount", "UA-256257-21"]); _gaq.push(["_trackPageview"]); (function() { var ga = document.createElement("script"); ga.type = "text/javascript"; ga.async = true; ga.src = ("https:" == document.location.protocol ? "https://ssl" : "http://www") + ".google-analytics.com/ga.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(ga, s); })(); You can see that the function is inside parentheses. Why do you think is that?

Read the article
when i download file from my website which contains grid and in one of the column of grid there is d

- by SmartDev

Hi, I have page called filedownload.aspx , it contains grid and in grid they are three columns and in one of the column there is button which says Download , when user clicks on that button it picks file id and gives the download box to user with three options Open save and cancel . Now the problem is that when user clicks on the download button in grid it gives this ERROR: INTERNET EXPLORER CANNOT DOWNLOAD FILEDOWNLOAD.ASPX FROM ABC.XYZ.COM (MY URL EXAMPLE) INTERNET EXPLORER WAS NOT ABLE TO OPEN THIS SITE .THE REQUEST SITE IS EITHER UNAVAILABLE OR CANNOT BE FOUND . ONE MORE THING IS THT RECENTLY WE IMPLEMENTED SSL AND FROM HTTP WE MOVE TO HTTPS WITH NAME CHANGE IN URL ALSO BFEORE IT WAS AND NOW ITS . NOW WHEN I CHANGE THE URL TO OLD ONE THE PAGE IS WORKING FINE . CAN ANYONE HELP ME ON THIS ? THANKS, SMARTDEV

Read the article
Write permissions on uploaded files - Linux, Apache, PHP

- by letseatfood

I am working on a PHP script that transfers files using FTP functions. It has always worked on my production server (which is a hosting service). The development server I have just setup (I am a novice to servers) is Debian Lenny with Apache2, PHP5, and MySQL5. The file transfer works correctly, but once the file has been written to the server, it has permissions of 600. This makes it impossible for me to view the file (JPEG) in the web browser, as permission is denied. I have scoured the internet and even broken my server installation and reinstalled it trying to figure this out (which has been fun, nonetheless!). I know it is unwise to set 777 permissions on public accessible files, but even that will not solve the problem. The only thing that works is if I chmod 777 thefile.jpg after it has been transferred, which is not a working solution. I tried changing the owner of my site files to www-data per this post, but that also does not work. My user is mike, and it still does not work whether the owner of the files is mike or root. Would somebody point me in the right direction? Thanks! And, of course, let me know if I can clarify anything.

Read the article
What are best practices for securing the admin section of a website?

- by UpTheCreek

I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

Read the article
Implementing a 'Send Feedback' feature in a Java desktop application

- by William

I would like to implement a 'Send Feedback' option in a Java desktop application. One which will pop up a box for the user to enter a comment, then send it to us along with a screenshot of the application window. How would be the best way to communicate the data to us? Two obvious solutions spring to mind: Email - I'm thinking that the application would connect to an SMTP server set-up by us, with the username/password somehow hidden in the code. SMTP over SSL for security (not of the data being sent, but of the SMTP username/password). Web service - pretty self explanatory. Which of these would be best, or is there a better alternative?

Read the article
how can I send messages to/from a Websphere Message Broker from an embedded C client (no JVM)?

- by queBurro

What are my options for pubsubing (or point to point but pubsub is better) messages to and from an IBM message broker from an embedded headless C/C++ linux client that doesn't have a JVM? Ideally we want large file transfer (2GB once per day off of the client) encryption (SSL) reliable ('assured' delivery / QoS2, maybe QoS1 would do) The client in question currently only has exes and some bash scripts, I've been playing with MQTTv3 and RSMB, but for that I'd have to chomp the large files up (and reassemble back home) and I don't want to get into that if there's a transport that will do this for me? I've looked at MQTTv5 (but our client's got no JVM); JMS (no JVM) and XMS? which again looks like it gives me a C API but then needs the JVM to be installed on the client (or am I wrong?) any clues or hints would be appreciated, cheers

Read the article
OpenSSL: SessionTicket TLS extension problem

- by rursw1

Hello, I'm using an application which uses OpenSSL for client TLS side. We upgrade the OpenSSL version from 0.9.8e to 0.9.8k. And then TLS doesn't work... Wireshark shows that the new version (with OpenSSL 0.9.8k) sends the client hello packet with a SessionTicket extension - and the server side responds with a fatal internal error. The previous version sends an almost identical hello packet, but without the SessionTicket ext. When I replaced TLSv1_client_method with SSLv23_client_method, everything worked fine - the sent client hello packet was a SSLv2 one (In the sniffer) without any extension (as it wasn't TLS but SSL?) Is there a better way to disable this extension or to solve the problem in another way? Thanks in advance, rursw1

Read the article
nginx improperly forwards to https, adds two trailing slashes when rewriting

- by Kevin

I'm using nginx as a proxy for a django project on mod_wsgi and to serve the static content. I have two domain names for it: asdf-example.com and asdfexample.com. I want to use rewrites to redirect everything to www.asdf-example.com They're not quite working the way they should: asdf-example.com forwards to https:// www.asdf-example.com, which fails because I'm not using SSL. Though asdf-example.com/search forwards to http://.... asdfexample.com and www.asdfexample.com both forward to www.asdf-example.com//, which looks weird. My config file: server { listen 80; server_name asdf-example.com asdfexample.com; if ($host ~* ^asdf-example\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } if ($host ~* ^www\.asdfexample\.com){ rewrite ^(.*)$ http://www.asdf-example.com/$1 permanent; } ... Thanks

Read the article
Strange mysql problem moving website from Ubuntu server to Mac server

- by evan

I'm moving a website (php/mysql) from an Ubuntu server to a OSX 10.6 server. I've set up apache to run php scripts and setup the newest version of mysql on the mac. I just copied all of the php files and dumped/imported all of the mysql databases (including the mysql users database). When I visit the page being served on the Mac the page is able to connect to the database, but not query. Specifically this function mysql_error() is returning this error message NO SUCH FILE OR DIRECTORY The reason it's strange is that I'm able to change the php connection strings for mysql on the Ubuntu server so that it points to the Mac server and the page works correctly (so it seems mysql is correctly set up on the mac and definitely contains all of the users and tables it should). Thinking it was something to do with file permissions on the mac, I've changed all of the files 755 and it hasn't helped. Any ideas? Thanks!! UPDATE: I've found this error which I'm relatively certain is related to this problem in /var/log/apache2/error_log PHP Warning: mysql_query(): A link to the server could not be established

Read the article
Web services Authentication Jungle

- by redben

I have been doing some research lately about best approaches to authenticating web services calls (REST SOAP or whatever). But none of the Approaches convinced me... But i still can't a make a choise... Some talk about SSL and http basic authentication -login/password- which just seems weird for a machine (i mean having to assign a login/password to a machine, or is it not ?). Some others say API keys (seems like these scheme is more used for tracking and not realy for securing). Some say tokens (like session IDs) but shouldn't we stay stateless (especially if in REST style) ? In my use case, when a remote app is calling one of our web services, i have to authenticate the calling application obviously, and the call must - if applicable - tell me which user it impersonates so i can deal with authorization later. Any thoughts ?

Read the article
Paypal Payflow pro library

- by John Stewart

I already have an express checkout integrated with my Codeigniter application. Now I want to integrate seamless paypal where I collect the CC information and pass it to Paypal (via backend) and once everything is approved, my application shows that to the user. All this with out ever going to Paypal's website. I know that Paypal gives a bunch of sample code but they have so many different products that advertise to do the same thing. Is there any wrapper library in PHP that I can use for handling all this? What sort of design decision is involved in migrating to such system? Would I need SSL certificates for this?

Read the article

< Previous Page | 222 223 224 225 226 227 228 229 230 231 232 233 | Next Page >