Search Results

Search found 13011 results on 521 pages for 'catch block'.

Page 244/521 | < Previous Page | 240 241 242 243 244 245 246 247 248 249 250 251 | Next Page >

How to force or redirect to SSL in nginx?

- by Callmeed

I have a signup page on a subdomain like: https://signup.mysite.com It should only be accessible via HTTPS but I'm worried people might somehow stumble upon it via HTTP and get a 404. My html/server block in nginx looks like this: html { server { listen 443; server_name signup.mysite.com; ssl on; ssl_certificate /path/to/my/cert; ssl_certificate_key /path/to/my/key; ssl_session_timeout 30m; location / { root /path/to/my/rails/app/public; index index.html; passenger_enabled on; } } } What can I add so that people who go to http://signup.mysite.com get redirected to https://signup.mysite.com ? (FYI I know there are Rails plugins that can force SSL but was hoping to avoid that)

Read the article
Lighttpd referer issue

- by Chris

I have a problem to block files from accessing from different domains as my one. I have added to my lighty config in the "virual host" following: $HTTP["referer"] !~ "^($|http://www\.my-site\.net)" { url.access-deny = ( "" ) } but anyway the site www.example.com can access http://player.my-site.net/player.swf, also it can be accessed directly without a referrer. any idea? //EDIT here is my old apache .htaccess with a rewrite rule thats works perfect, but i dont know how to convert it for lighty: RewriteEngine on RewriteBase / RewriteCond %{HTTP_REFERER} !^http://my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://player\.my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://stream\.my-site\.net/ [NC] RewriteRule .* - [L,R=404]

Read the article
Move the mouse without clicking using a touchscreen

- by rubo77

In many occasions you have to move the mouse over an area of the screen or an element in an interface without clicking on it. is there a way to achieve this? I use windows 8.1 on a Lenovo Yoga Pro 2 with a touchscreen. I already managed to remap the windows key to a right mouse button with AutoHotkey, but that's another question. Maybe it would be possible to catch a gesture or something like that, that would disable the clicking of the mouse when you move the finger over the touchscreen?

Read the article
Get the "source network address" in Event ID 529 audit entries on Windows XP

- by Make it useful Keep it simple

In windows server 2003 when an Event 529 (logon failure) occures with a logon type of 10 (remote logon), the source network IP address is recorded in the event log. On a windows XP machine, this (and some other details) are omitted. If a bot is trying a brute force over RDP (some of my XP machines are (and need to be) exposed with a public IP address), i cannot see the originating IP address so i don't know what to block (with a script i run every few minutes). The DC does not log this detail either when the logon attempt is to the client xp machine and the DC is only asked to authenticate the credentials. Any help getting this detail in the log would be appreciated.

Read the article
How to stop domain users from installing any software?

- by Chris

Hi everyone, I was wondering which policies, etc I could setup to stop any installations from occurring in a server 2003 domain environment? I have 2003 RC2 and XP Pro clients. I guess the quick easy way is to make everyone guests, but this also blocks them from other things that they might need to do/access. I've seen a lot of ideas but they do not fully block everything. I know there probably isn't a fix all but would like to get as close as possible. Thank you all,

Read the article
Backup tape compression

- by pufferfish

What things should I check to confirm that compression is actually happening on our tape backup system? Although the tapes are marked as 200G/520G (native/compressed) capacity, they seem to fill up before the 200G mark (some less than 100G). I'm using - Sony AIT-4 tape autochanger - Sony SDX4-200C (AIT-4) tapes - Ubuntu Lucid - Bacula I've tried checking hardware compression with: tapeinfo -f /dev/nst0, which gives Product Type: Tape Drive Vendor ID: 'SONY ' Product ID: 'SDX-900V ' Revision: '0102' Attached Changer API: No SerialNumber: '0001000036' MinBlock: 2 MaxBlock: 8388608 SCSI ID: 1 SCSI LUN: 0 Ready: yes BufferedMode: yes Medium Type: Not Loaded Density Code: 0x33 BlockSize: 0 DataCompEnabled: yes DataCompCapable: yes DataDeCompEnabled: yes CompType: 0x3 DeCompType: 0x3 BOP: yes Block Position: 0 Partition 0 Remaining Kbytes: 201778000 Partition 0 Size in Kbytes: 201779000 ActivePartition: 0 EarlyWarningSize: 0 NumPartitions: 0 MaxPartitions: 0 ... so I presume it's on. Notes: The Bacula documentation says hardware compression needs to be enable with "system tools such as mt"

Read the article
Is there a way to define a rule on a bridge that will return reply for ARP request

- by user1495181

client (IP = 1.1.1.1) - bridge (brctl) - server (IP = 2.2.2.2) (all machine are Ubuntu). The client block arp request. (there are multiple clients ) I need to define a rule on the bridge machine that will return the client MAC when it get ARP request for IP 1.1.1.1. I see that in ebtables there is an arpreply option , but i didnt manage to find an example to define the arpreply by given arp request ip. ebtables -t nat -A PREROUTING -p arp -j arpreply --arpreply-mac 00:09:5B:91:56:08 Can you please adcive

Read the article
Is it possible to extend a 504 timeout in nginx on a per location basis

- by codecowboy

Is it possible to set timeout directives within a location block to prevent nginx returning a 504 from a long running PHP script (PHP-FPM? location /myurlsegment/ { client_body_timeout 1000000; send_timeout 1000000; fastcgi_read_timeout 1000000; } This has no effect when making a request to example.com/myurlsegment. The timeout occurs after approximately 60 seconds. PHP is configured to allow the script to run until completion (set_time_limit(0)) I don't want to set a global timeout for all scripts.

Read the article
Preventing my postfix to send my local users spam

- by Jack

I have a postfix/dovecot mail server with 100 different users. When they send an email they need to be authenticated. I successfully use saslauth to achieve this. Few days ago I had a problem. One specific user, probably with a virus or a spam-bot installed in its computer, started to send out through my server thousands of emails in few hours. As result, my ip has been blocked by many isp provider (@aol, @yahoo, and others) and has been listed in many blacklist, making all my 100 users unable to send any email to anyone. What is the best practice to avoid this problem? It would be great if my server could recognize a spamming user and automatically block it. Also, have a limit of, say, 30 emails per hour could be a partial solution. Any idea how to face this problem? Thank you

Read the article
Exchange Server 2003 Drive Error

- by Saif Khan

My exchange box went offline this AM. The logs show The device, \Device\Harddisk1, has a bad block. I tried running chkdsk D: /x /r but that didn't help either. I went to the Exchange Manager and tried to move the .stm file from D: to C: but got Exchange System Manager The database files in this store are corrupted. ID no: c104173b Exchange System Manager What else is there to try just to get this online for a few hours until I can get onsite to change the drive. This is a Windows Server 2003 server.

Read the article
Cannot connect to HTTPS port on Ubuntu

- by Simpleton

I've installed a new SSL certificate and set up Nginx to use it. But requests time out when trying to hit HTTPS on the site. When I telnet to my domain on port 80 it connects, but times out on port 443. I'm not sure if there's some defaults on Ubuntu preventing a connection. UFW status shows: 443 ALLOW Anywhere netstat -a shows: tcp 0 0 *:https *:* LISTEN nmap localhost shows: 443/tcp open https The relevant block in the Nginx config is: server { listen 443; listen [::]:80 ipv6only=on; listen 80; root /path/to/app; server_name mydomain.com ssl on; ssl_certificate /etc/nginx/ssl/ssl-bundle.crt; ssl_certificate_key /etc/nginx/ssl/server.key; location / { proxy_pass http://mydomain.com; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }

Read the article
Error while mounting home directory on different logical volume

- by RCola

I created RAID 5 form 3 hard drives. Formatted as ext4 this raid array. Created VG0 group and lv_home logical volume in LVM. Then I tried to mount default /home directory on lv_home, while trying to mount logical volume lv_home to folder containing user profiles /home, getting error: mount: wrong fs type, bad option, bad superblock on /dev/mapper/VG0-lv_home next is seems to be symbolic link: # file -s /dev/VG0/lv_home /dev/VG0/lv_home: symbolic link to `../mapper/VG0-lv_home' then # file -s /dev/mapper/VG0-lv_home /dev/mapper/VG0-lv_home: data and lvm> pvs PV VG Fmt Attr PSize PFree /dev/md0 VG0 lvm2 a- 2.02g 68.00m lvm> lvdisplay --- Logical volume --- LV Name /dev/VG0/lv_home VG Name VG0 LV UUID WzJus7-2yV8-yhog-Ju1b-TpWH-IIAI-LIutwe LV Write Access read/write LV Status available # open 0 LV Size 1.17 GiB Current LE 300 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 251:0

Read the article
Proxy Server suggestions

- by Jon Menefee

Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

Read the article
ext4 loopback device, Buffer I/O Error on reboot

- by cvb

I am trying to mount a loopback device on my ext4 formatted ssd drive. I get these errors when I reboot on Linux kernel 2.6.38.8 Buffer I/O error on device loop1, logical block 0 Here is what I do: dd if=/dev/zero of=/mnt/s/lodev bs=4096 count=250000 mkfs.ext4 /mnt/s/lodev mount -n -o loop,rw /mnt/s/lodev /mnt/test The loopback mount is successful, but on reboot I get errors as mentioned above. Even mouting with 'sync','data=writeback' does not help. I tried to losetup a device, but see the same behavior. I also reformatted the base device and created the loopback device and mounted as above, I still see these errors. I do not see them when I format them as vfat. Appreciate any suggestions on this problem.

Read the article
nginx: URL rewrites and performance

- by j0nes

I have a website where I need to change the URL structure. The old URLs look like /olddir/part1_de.htm, the new ones will look like /newdir/sub/category/anotherpage.htm. There are a lot of URL rewrites I need to do, I assume about 500 distinct rewrites in the end. As my website gets quite a lot of traffic, my main concern is about performance at the moment. My questions are: I assume that for each request, the rewrites block will be parsed and the regex will be evaluated. Am I right? Will there be a performance penalty if I use these rewrites? Can nginx handle this? Are there any "best practices" to follow when doing a lot of rewrites?

Read the article
How to allow a single domain name with iptables

- by Claw

I am looking for a way to make iptables only accept requests for my domain name and reject the others. Lately I misconfigured my apache proxy, it is now fixed, but I keep receiving a load of requests looking like that : xxxx.xx:80 142.54.184.226 - - [12/Sep/2012:15:25:14 +0200] "GET http://ad.bharatstudent.com/st?ad_type=iframe&ad_size=700x300&section=3011105&pub_url=${PUB_URL} HTTP/1.0" 200 4985 "http://www.gethealthbank.com/category/medicine/" "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)" xxxx.xx:80 199.116.113.149 - - [12/Sep/2012:15:25:14 +0200] "GET http://mobile1.login.vip.ird.yahoo.com/config/pwtoken_get?login=heaven_12_&src=ntverifyint&passwd=7698ca276acaf6070487899ad2ee2cb9&challenge=wTBYIo2AEdMFr6LtdyQZPqYw9FS9&md5=1 HTTP/1.0" 200 425 "-" "MobileRunner-J2ME" which I would like to block. How can I manage this ?

Read the article
Raid system fails to boot after moving from 2.6 kernel to 3.5

- by user846226

I'm running Gentoo Linux with a custom compiled kernel and I've just migrated from a 2.6 kernel to a 3.5. As my HD's are on RAID 0 mode I use a custom initrd file in order to be able to boot. While kernel 2.6 is able to boot without problems the new 3.5 compiled kernel fails to boot complaining about no block devices found. After taking a look at initrd.cpio contained scripts I can see the failure message is given by mdadm tool. Does anyone has a clue about that? Edit: this morning i noticed there was some kind of issue on my old initrd which works fine for 2.6 kernels, so created a new initrd which works fine and let me to boot into GNU/Gentoo Linux with same 3.5 bzImage. It could be an issue of mdadm, gonna check it. https://bugs.gentoo.org/show_bug.cgi?id=416081

Read the article
Startech SVx41HDI Series Server Remote Control Usage Question - How do I switch away from a dead por

- by tajh

We have a Startech KVM over IP model SV841HDI and it was stuck pointing a port where the machine has been removed. We ended up having to physically plug something into that port in order to switch ports again, meaning that if someone in support accidentally switches to an empty port, we need to have a documented solution for making it useable again. The unit is old, no longer under warranty, firmware updates for it are no longer available (interestingly it runs a powerPC version of busybox). Since it does work well except for this one catch, we would like to avoid replacing it. Reading the manual, you have a several recommended methods. I tried them. Hit the left CTRL key a few times (as well as all the other popular KVM keys I could think of). The VNC GUI offers lots of buttons - none of them switch away from a dead port. The question is: how do I switch away from a dead port on this particular KVM remotely?

Read the article
Home Directory Folders

- by George

I am looking for a way to acomplish the following: Currently users have home drives mapped via AD profile as follow: \\fileserver\users\username However if once a user was able to access \\fileserver\users and view everyones folder, but had no access to them. This is not ideal since we have people saving important stuff to on their drives. How can I restrict users permissions and views only to THEIR home drives? I also saw this solution, but not sure if it would apply to me: ================================================================================ Share level permissions - Everyone full permission and remove all others On the file/folder level set the following: Authenticated users special permissions on the root of the \\server\homeshare\ to Check the boxes next to the following: Traverse folder / execute file List Folder / read data Read attributes Read extended attributes / List item All other boxed leave unchecked and make sure you apply "This Folder Only" Domain Adminsfull rights and apply “this folder, subfolders, and files” This will block the users from accessing other user home directories. When you create the new user and set the home directory it will create the folder for you with the correct permissions.

Read the article
How do you synchronise huge sparse files (VM disk images) between machines?

- by chrisdew

Is there a command, such as rsync, which can synchronise huge, sparse, files from one linux server to another? It is very important that the destination file remains sparse. It may be longer (but not bigger) than the drive which contains it. Only changed blocks should be sent across the wire. I have tried rsync, but got no joy. groups.google.com/group/mailing.unix.rsync/browse_thread/thread/94f39271980513d3 If I write a programme to do this, am I just reinventing the wheel? http://www.finalcog.com/synchronise-block-devices Thanks, Chris.

Read the article
Wordpress serving PHP but not CSS or JS

- by Jason

I'm trying to set up an Amazon EC2 instance to run a Django app and a WP instance side by side, differing only by the incoming URL. Initially, accessing the site via mysite.com/wordpress worked, but I also needed to catch the incoming requests from a subdomain address blog.mysite.com. To do that, I created a default file in /etc/apache2/sites-enabled and included two virtualhost directives, one of which was <VirtualHost *:80> ServerName www.blog.mysite.com <Directory /var/www/wordpress> Order deny,allow Allow from all </Directory> </VirtualHost> This created some errors with the other virtualhost, so I restored the default 000-default file configuration and restarted. Now, accessing mysite.com/wordpress takes forever, and even then the CSS and JS files are not loading. Iside the Firebug Net tab, I can see the HTML response, but the CSS and JS files are not loading at all. What happened here?

Read the article
routing weirdness - traceroute 'vanishes' en route

- by The Journeyman geek

I'm attempting to set up one of my boxes as a server (again), but i'm having some odd connection issues- the box itself connects fine to the internet, but trying to connect to my external ip address seems to result in the trace getting 'lost' partway. http://pastebin.com/HCQAGbvn - this is a traceroute from another system that's connected to another ISP - starhub is my own one, while i have another system that i have access to on singtel. I'm wondering if my ISP is messing around with routing, or is something very odd going on. As you note, the traceroute dosen't reach me, but if it helps, i use a dd-wrt router. edit: Facepalmishly, turning the firewall on my router on and off fixed it. I don't get why it dropped off at different ip addresses each time, or why the router set it self to block.. everything, or why it affected the ipv6 tunnel as well.

Read the article
Process vsserv.exe attempts connection to unknown host (clients.your-server.de)

- by pushpraj

from past few day I notice a new connection is being made from my system, I discovered it within the outpost firewall, it is blocked by default with the reason Block Transit Packets in the image above you can see that the process vsserv.exe is attempting a connection to static.88-198-155-41.clients.your-server.de I tried to search on google but could not find any relevant info, however this link http://www.webmasterworld.com/search_engine_spiders/3963600.htm says that your-server.de hosts bad bots. I am bit concerned if something is not correct. Could you help me understand the same?

Read the article
HTTPS redirects in nginx

- by CadentOrange

I'm trying to redirect all HTTP traffic to HTTPS. The web server I'm using is nginx. This is the server block I'm using to do the redirect. server { listen 80; rewrite ^ https://$server_name$request_uri? permanent; } This successfully redirects URLs like http://localhost to https://localhost. However, for URLs like http://localhost/table/ I get redirected to https://table which is incorrect. I would like it to re-direct to https://localhost/table/ Any help would be much appreciated. Update: It seems that the rewrite scheme has a problem with trailing slashes. For example, http://localhost/table gets correctly redirected but http://localhost/table/ does not.

Read the article
Is it possible to impersonate another WAP by intercepting communication with other client?

- by OSX NINJA

There is a well known WAP that lots of people use. Someone comes in with a laptop equipped with a sniffer. The laptop sniffs people trying to log on to the WAP. It intercepts the connection, and when people try to log on to the WAP, they unknowingly log on through that person's laptop instead. All communication between the WAP and people's laptops go through that person's laptop. That person's laptop is able to block access to certain websites that the WAP would normally allow.

Read the article

< Previous Page | 240 241 242 243 244 245 246 247 248 249 250 251 | Next Page >