Search Results

Search found 18715 results on 749 pages for 'website attack'.

Page 255/749 | < Previous Page | 251 252 253 254 255 256 257 258 259 260 261 262 | Next Page >

Interpreting Munin graphs showing available entropy and MySQL slow queries in sync

- by user64204

We're experiencing performance issues on our website, and after reviewing our munin graphs, the only metrics we've found in sync are Available entropy and MySQL slow queries, with the latter influenced by our number of logged in users: Based on the wikipedia entropy page, my understanding is that entropy is the amount of randomness (here measured in bytes) that the system can use for various tasks, mainly cryptography and functions that require random input. Since the peaks in available entropy and MySQL slow queries are occurring in sync and at regular interval, that the number of MySQL slow queries is proportional to our number of Drupal users whereas the peaks in available entropy seem to be much more constant and less proportional to these 2 metrics, we're thinking available entropy is the reflect of a root cause which, combined with the traffic to our website, is causing those slow queries (and not the opposite, slow queries influencing the entropy). Accordingly: Q: What underlying problem do you think could cause regular peaks in available entropy that could have an influence on MySQL's ability to process queries?

Read the article
Setup symbolic link where users can access it with FTP

- by Dan Shields

I have a folder on a server where a client of mine has a bunch of folders that they upload images and what not for a site, I do a symbolic link to those folders to the root of the website. This way I can give them ftp access to upload whatever they need without having access to the root level of the website. I have another folder that I can't setup as a symbolic link to their folder, which has images they need to upload to. I know that if I create a symbolic link the other way around where the sym link is in their folder, they can't access it through FTP. There has to be a way without creating two separate FTP accounts and give a user the ability to upload to a different directory that is outside of their home directory. I see that it is ftp specific and that there are some settings that can be changed but I haven't seen any clear cut answers for the best way to handle this.

Read the article
Live chat solutions

- by Lèse majesté

What good live chat/live help solutions are available (preferably for use on a site hosted on a LAMP stack and free)? I'm looking for a way to allow our sales and customer service reps to talk directly with visitors to our site. I've looked at phpopenchat, but it looks very unpolished. The only other free live chat app I've come across looked egregious. The aesthetics and UI design alone made me shudder to think what the underlying code might look like. This isn't a critical feature, and it wouldn't be hard to code up myself, so I'm not really looking for commercial software or paid services (unless there's a really compelling reason to use them). I'm just wondering if any other webmasters have come across a satisfactory free/open source solution for providing live customer support on their website. As a side note, live voice chat would also be an option, but it has to be be designed (or customizable) for customer support rather than a public chatroom. Edit: Looking at the responses, it looks like there probably aren't going to be many free solutions for this type of business-oriented chat solution, so feel free to post answers even if they are commercial solutions as long as they're a good value. Also feel free to post any alternate live support solutions (such as the Skype recommendation) that could be in someway integrated with a website. This will give me a good lay of the land for what people are actually using for live support, and I think will be more helpful to others reading this question.

Read the article
Do I need a ssl certificate if just pointing my domain to Cloudfront?

- by hashpipe

I have a website running on a domain (e.g site.com). I have an additional domain(e.g sitecdn.com) which basically points to Amazon Cloudfront for delivery. Amazon Cloudfront in turn basically fetches the data from the main domain (site.com). I use this setup primarily to have multiple subdomains of my sitecdn.com to point to assets via the cdn. The main website has a ssl certificate, and I intend to put all assets served from the cdn as https links only. Something like <img src="https://img.sitecdn.com/image.jpg" /> I'm a little confused whether I need a ssl for my cdn domain. In cloudfront I can set the setting to allow both https and http traffic. Do I need a ssl certificate for this ? If yes, then where do I install the ssl certificate, since I don't have a server for sitecdn.com.

Read the article
How to convert poor quality bitmap image to vector?

- by Macha

I'm designing a website for a group which has lost the original digital image for their logo. The only file they have of it is a jpg which was embedded into a word document. The image has everything possible wrong with it: Anti-aliased onto a white background where it should be transparent Image artefacts Resized downwards poorly. Lines that should be straight and solid aren't. I've currently used the wand tool to get rid of the white background, and stuck it on the website, but it's poor quality makes it stick out like a sore thumb. I need a few different sizes of it to use, so how would I go about creating a vector image based on it?

Read the article
Googlebot visit but no cache update - why?

- by Mick

I have made a new plain vanilla HTML website. I have been making regular modifications to it on an almost daily basis. The site is hosted by hostmonster and as part of their service they offer "awstats" to let you know assorted details of visitors to the site. One thing is puzzling me. According to awstats, a "robot/spider" calling itself "Googlebot" visited my site as recently as today (28th June 2011), but when I find my site on google (e.g. by searching for "full reserve banking") the cache is dated only the 5th June. I always thought that a visit from the google robot was synonymous with a cache update. Am I wrong? Or have I accidentally put something in the site telling google that nothing has been updated? EDIT: It seems a moderator has removed the name of my website, so there is now no chance that anyone could check out if I had made some error on my site :-( ... but anyway, in answer to paulmorriss' question, here is what aw stats was telling me:

Read the article
Configure Iptables to allow a PHP-app accessing a port-nr

- by Camran

I have a php-application which connects to another app called Solr (database search engine). I can via this php app add/remove documents (records) from the Solr index. However, the Solr security is low, and anybody with the right port nr can access Solr and remove documents (records). I wonder, is it possible to ONLY allow my own php-app to have access to Solr somehow? Prefferably via Iptables. I am thinking I can only allow my own servers IP to that port, and it would solve my problem, because PHP is a server-side code. But I am not sure. About the Php-app: The website is a classifieds website, and when users wants to add or remove classifieds, they do so through a php app, which is this one. The app has a function which connects to solr and updates the database (index). I appreciate detailed answers... Thanks

Read the article
Subdomain still times out after being set up a month ago

- by user8137

I would like to use the subdomain www.high-res.domain.com to be accessed by external customers with specific permissions to access the site (like FTP). We use Network Solutions to house domain.com. We recently added a new IP address to point to www.high-res.domain.com. I gave the IP address to the company that hosts our website. I pinged www.high-res.domain.com and it points to the correct IP address but still times out. It’s been a few weeks now and when you ping it, it still times out. C:\>ping XXX.XXX.X.XXX Pinging XXX.XXX.X.XXX with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for XXX.XXX.X.XXX: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss). tracert times out as well. I even went to DNS tools and a few other sites for checking this and it shows the same thing. I recently went into the DNSmgmt on our server (wink2k3sp1) and created an A record under the DomainDnsZones which translated to a CNAME when you look at it. Under the domain it has two entries, one to the subdomain and the other to the website host. Each has separate IP addresses. Is this correct?

Read the article
Coldfusion multiserver instance hangs

- by David Sedeño

I have a coldfusion 8 multiserver setup with IIS in Windows 2008 Standard SP2 and when one instance "hangs" (I can't connect to the instance from fusion reactor) the web server throws a "503 service unavailable". The remains instance seems to works ok in fusion reactor but the website have only the 503. I have to restart jvm processes and IIS to get the website work again. The jvm processes have the option -Xmx2048m and the instanaces have 2.5Gb allocated. Maybe the jvm process reach the 2Gb limit and stop working? Can be a problem between IIS and CF instances? I'm new to CF debugging process, how can I find why the instance hangs? Thanks

Read the article
What can I do about Hack Attempts

- by Matt

I have an ASP.net website hosted using the Ultidev Web Server Pro. Every day I get a steady stream of errors generated by my application where page requests were requested and denied. This is obviously someone/something trying to find any exploits on my website. Here is an example log: 28/08/2012 11:37:11 - File not Found:http://MyWebServer/phpmyadmin/index.php 28/08/2012 11:37:11 - File not Found:http://MyWebServer/phpMyAdmin/index.php 28/08/2012 11:37:12 - File not Found:http://MyWebServer/phpMyAdmin-2/index.php 28/08/2012 11:37:12 - File not Found:http://MyWebServer/php-my-admin/index.php 28/08/2012 11:37:13 - File not Found:http://MyWebServer/phpMyAdmin-2.2.3/index.php 28/08/2012 11:37:13 - File not Found:http://MyWebServer/phpMyAdmin-2.2.6/index.php 28/08/2012 11:37:14 - File not Found:http://MyWebServer/phpMyAdmin-2.5.1/index.php 28/08/2012 11:37:14 - File not Found:http://MyWebServer/phpMyAdmin-2.5.4/index.php 28/08/2012 11:37:15 - File not Found:http://MyWebServer/phpMyAdmin-2.5.5-rc1/index.php 28/08/2012 11:37:15 - File not Found:http://MyWebServer/phpMyAdmin-2.5.5-rc2/index.php 28/08/2012 11:37:15 - File not Found:http://MyWebServer/phpMyAdmin-2.5.5/index.php 28/08/2012 11:37:16 - File not Found:http://MyWebServer/phpMyAdmin-2.5.5-pl1/index.php 28/08/2012 11:37:16 - File not Found:http://MyWebServer/phpMyAdmin-2.5.6-rc1/index.php 28/08/2012 11:37:17 - File not Found:http://MyWebServer/phpMyAdmin-2.5.6-rc2/index.php 28/08/2012 11:37:18 - File not Found:http://MyWebServer/phpMyAdmin-2.5.6/index.php 28/08/2012 11:37:18 - File not Found:http://MyWebServer/phpMyAdmin-2.5.7/index.php 28/08/2012 11:37:19 - File not Found:http://MyWebServer/phpMyAdmin-2.5.7-pl1/index.php 28/08/2012 13:52:07 - File not Found:http://MyWebServer/admin/pma/translators.html Is this normal? Is there anything I can do to protect myself against this?

Read the article
International search: how to show different domains in Google+ Local?

- by Baumr

Background A site has multiple ccTLDs: example.com for people in the US, example.co.uk for UK users, example.de for Germany, example.fr for France, etc. Searching for certain city keywords will return a list of Google+ Local (formerly Places): Each links to the corresponding company website that is visible. Problem When searching on www.google.de, the domain of the site intended for US users (example.com) appears instead of the corresponding ccTLD (example.de) aimed at German users. This applies to all languages. In my opinion and for the purposes of this business, it's not good user experience: searchers would most likely prefer to book on a site localized for them (e.g. in their language and currency). Question Is it possible to return different ccTLDs in these local search listings for users across the globe? Currently, Google+ Local seems to only support supports adding a single "Website" field. Solutions I have considered Creating duplicate Google Places listings for each URL would be spammy (and not viable when there's 100s of locations, each needing a listing in 8 languages). I don't see the hreflang annotation helping either, and GWMT geotargeting is already set.

Read the article
Web application/ site service (like Google App Engine) for PHP/ MySQL and Postgres

- by Simon

I would like to find a service similar to Google App Engine for PHP/ MySQL/ Postgres sites/ applications. We host two different types of site. i). PHP/ Mysql/ Zend Framework <VirtualHost *:80> DocumentRoot "/home/websites/website.com/public" ServerName website.com # This should be omitted in the production environment SetEnv APPLICATION_ENV development <Directory "/home/websites/website.com/public"> Options Indexes MultiViews FollowSymLinks AllowOverride All Order allow,deny Allow from all RewriteEngine On RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] </Directory> </VirtualHost> ii). Matrix CMS - PHP/ Postgres + loads of pear classes <VirtualHost *:80> ServerName server.example.com DocumentRoot /home/websites/mysource_matrix/core/web Options -Indexes FollowSymLinks <Directory /home/websites/mysource_matrix> Order deny,allow Deny from all </Directory> <DirectoryMatch "^/home/websites/mysource_matrix/(core/(web|lib)|data/public|fudge)"> Order allow,deny Allow from all </DirectoryMatch> <DirectoryMatch "^/home/websites/mysource_matrix/data/public/assets"> php_flag engine off </DirectoryMatch> <FilesMatch "\.inc$"> Order allow,deny Deny from all </FilesMatch> <LocationMatch "/(CVS|\.FFV)/"> Order allow,deny Deny from all </LocationMatch> Alias /__fudge /home/websites/mysource_matrix/fudge Alias /__data /home/websites/mysource_matrix/data/public Alias /__lib /home/websites/mysource_matrix/core/lib Alias / /home/websites/mysource_matrix/core/web/index.php/ </VirtualHost> My key requirements are: I don't want to worry/ know/ care about the server/ infrastructure Secure/ up to date software/ os Good monitoring Automatic scalability SLA I apologise for the length of the question. In short all I want to do is i). create vhost, ii). create db iii). install app/ site iv). relax. Thanks. Edit: I include the Matrix vhost because that is the only complication that I cannot really do via a .htaccess file.

Read the article
Nginx Ip Whitelist

- by Will

Is it possible to create a ip whitelist for my nginx proxy server without adding allow or deny in the config file is it possible i can get nginx to link to a separate database to check if the user is allowed to access the website . Ideally i could do with nginx linking to an external database or at minimum a list off allowed ips on the same server so i can easily update the list whit out restarting nginx every time. In the future i would like to link nginx to my website and a user will login and there ip will be linked to there account and they will be able to update there ip if it has changed to there new one to grant them access so i need to keep in mind that it would be easyer to do this if i have external list off ips in some kind off database any help is apreshiated

Read the article
Tried teaching myself to program before college, accidently overwhelmed myself, tips?

- by Gunnar Keith

I'm sixteen, I'm overly interested in programming, and I'm currently taking IT classes during my mornings in high school. Last year, I tried teaching myself to code. It was quite exciting, but all I did was watch TheNewBoston's videos on YouTube for Python. After his tutorials, I just did research, made some CMD programs, and that's it. After that, I got cocky and got my feet wet in many other languages. Java, C++, C#, Perl, Ruby... and it overwhelmed me. Which made it less fun to code. I want to go to college for a 2 year programming course. And I want to make writing code my profession. But how do you recommend I attack re-learning it all again? Start with Python? Don't even try? Also, I'm not 100% in math, but I'm good friends with a lot of programmers, who say they suck at math, but manage to code just fine. I'm not looking for negative feedback. I just want the proper head-start on things before college.

Read the article
How can I remove HTTP headers with .htaccess in Apache?

- by Daniel Magliola

I have a website that is sending out "cache-control" and "pragma" HTTP headers for PHP requests. I'm not doing that in the code, so I'm assuming it's some kind of Apache configuration, as suggested by this question (you don't really need to go there for this question's context) I don't have anything in my .htaccess files, so it's gotta be in Apache's configuration itself, but I can't access that, this is a shared hosting, I only have FTP access to my website's directory. Is there any way that I can add directives to my .htaccess files that will remove the headers added by the global configuration, or otherwise override the directive so that they're not added in the first place? Thank you very much Daniel

Read the article
Reverse DNS (PTR) for Email

- by user3169495

We are hosting our website (http://www.redappleapartments.com) with a hosting company in Sweden. And we are using godaddy as our email provider. So, our smtp servers are smtp.europe.secureserver.net mailstore1.europe.secureserver.net Our website sends plenty of emails to our customers and we are sending via godaddy (using SMTP authentication). Some of the emails are never delivered to the recipients. And sometimes we see such warning: The hostname in the SMTP greeting does not match the reverse DNS (PTR) Can somebody out there suggest how we can solve this problem?

Read the article
Oracle@info360: Advance Beyond Point Solutions To An Enterprise Content Strategy

- by kellsey.ruppel(at)oracle.com

The info360/AIIM conference is March 22-24 in Washington DC. We have a number of customer speakers this year talking on the theme of “Advance Beyond Point Solutions To An Enterprise Content Strategy.” These customers all started by addressing a particular use case, but then used the infrastructure they had created to quickly and cost effectively stand up solutions to new business problems. Andy MacMillan, VP of Product Management at Oracle, will give a thought provoking opening keynote at 8:50 AM on Tuesday, March 22nd. He will be joined by Juan Jose Goldschtein, the CIO of the Organization of American States. The OAS has developed a human rights website that is the front end to a case management system for human rights violations. The implementation supports digital signatures on iPads, so their executives can approve workflows and keep cases moving forward while they are busy traveling and investigating abuses.Other customer speakers include:Tom Robinette, Director of Applications and IT Engineering, Dresser-RandRobin Crisp, Program Manager, FDAMonica Crocker, Corporate Records Manager, Land O’ LakesBrian Skapura, The American Institute of ArchitectsKathy Adams and Leslie Becker, The Nature ConservancyIrfan Motiwala, Sr. VP, Moody’s Investment ServicesMolly Wenzler, Director of Electronic Media, MeadWestvaco Other sessions include our Super Session that kicks off the Oracle Track @info360 on Wednesday. At 11:00 AM, Senior Director of Product Marketing, Howard Beader will present The Social Enterprise – Combining People, Processes and Content. This session will focus on how customers have brought social media, business process management, and content management together to supercharge their organizations. Oracle customers can arrange one-on-one meetings with Oracle executives and product experts, and attend the VIP customer appreciation event. Oracle will be joined by Oracle partners:FujitsuKesteTeamInformaticsKapowSena SystemsDTIYou can learn more about discounts for Oracle customers and register on our Oracle@info360 page.To see more about the customers and sessions that will be presented, you can look at the Oracle Track page on the AIIM/info360 website.Technorati Tags: oracle, AIIM, info360, content management, social enterprise

Read the article
Nginx Forward SSL for single site

- by Will.brown

I have a nginx server setup and it works fine for http however i would like to bypass the proxy for https connection. I want it so that when someone goes to my ip https:// ip1 (Nginx server) it bypasses ngix and forwards all traffic to https:// ip2(webserver) i do not need ngix to do this for any ssl website just one particular website. SO Client to https:// ip1 to https:/ /ip2 to https:// ip1 to client pc I just want the nginx to not intercept the connection and forward it on and on return forward the connection to client Im guessing i do this by nat mascarade buy not exactly sure how to do it and if i will need to tell nginx to ignore ssl aswell can someone help me please this has gone me stuck

Read the article
Public Facing Recursive DNS Servers - iptables rules

- by David Schwartz

We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

Read the article
Strange robots.txt - how and why did it get there?

- by Mick

I recently created a very simple, pure HTML website which I have hosted with "hostmonster". Hostmonster had very good reviews on some comparison website and in general so far they appear to be perfectly good in every way... At least I thought so until just now... I have been making lots of edits to my site on an almost daily basis. My site now appears on the first page (7th on the list) for my most important keyphrase when doing a google search. But I did notice some problem with the snippet chosen by google. I asked a question on this site about snippets and got some great answers. I then made some modifications to my meta data and within 48hrs the google snippet for my search was perfect. The odd thing though was that looking at the "cached" version google had, it appeared that the cache was still very odl- like three weeks previous. This seemed very odd - how could it be that the google robots had read my new metadata without updating the cache? This puzzled me greatly. Just now it occurred to me that maybe I had some goofey setting in my robots.txt file. I didn't actually remember even making one - but I thought I'd have a look just in case. Much to my horror, I saw that there was a robots.txt and it contained the disturbing text below: sitemap: http://cdn.attracta.com/sitemap/728687.xml.gz Intuitively this looks like some kind of junk, spam trick, and I had indeed been getting some spam from "attracta". So my questions are: 1. Should I simply delete this robots.txt? 2. Was the file there all along - placed there because of some commercial tie-in between attracta and hostmonster. 3. Does the attracta robots file explain the lack of re-caching?

Read the article
How to ban fans from a specific country - Facebook

- by Lukas

my question is kind of weird, because i want thousands of fans to dislike my page! Since this is not a common problem I hardly can find anything about it! my facebook page just got spammed with thousands of "fans" from a specific country. When I set a coountry restriction for that country, will the fans be banned and the number of fans be the same as before the spam-attack? I really need to get rid of those fans. I already restricted that country and facebook actually updated the chart where I can see where my fans are coming from. So fb knows that I have those "fans", but the number of likes remains the same... Any idea? It is not possible to ban every fan 1 by 1 because I can only see the last 100 fans.

Read the article
Do I need social networks to be an expert developer? [closed]

- by Gerald Blizzy

This question may sound odd, but do I need twitter, facebook and google+ if I am a web-developer? I see many expert developers nowadays using it in working order. It seems like it's harder to stay in touch with customers, co-workers and potential customers if you don' use social networks. Am I right? Reason why I ask is that I am totally not a facebook/twitter person, I find it boring and annoying. I understand that linkedin is usefull for career, but what about twitter and facebook? Are they needed for web-developer career? What I am trying to ask is if I only use linkedin, own portfolio website, google talks, gmail and something like github, would I actually miss anything professionally/job-wise? My thoughts are that I can just have my portfolio website where I list all my projects aswell as contacts page with my google talks/gmail account. It can suit both fulltime job, freelance and own projects. So this way email and google talks is just enough. Am I right or not? Thanks in advance!

Read the article
Get OWA and ActiveSync working on server using HTTP redirect in IIS 7

- by eric

We have two servers on our LAN. One is a Windows 2003 Server domain controller running Exchange 2003. The other is a stand-alone Windows 2008 server running IIS 7. Our company website runs on the IIS 7 (2008) server, so the firewall forwards port 80 to this. How can I get OWA and ActiveSync to work with this setup? And without using SSL. I have tried setting up a website on the IIS 7 box (mail.ourdomain.com) and using HTTP redirect to point to http://mailserver/exchange, but this doesn't work. Do we have to purchase an SSL certificate for this to work?

Read the article
Controlling access to site folders if you cannot user Roles

- by DavidMadden

I find myself on an assignment where I could not use System.Web.Security.Roles. That meant that I could not use Visual Studio's Website | ASP.NET Configuration. I had to go about things another way. The clues were in these two websites:http://www.csharpaspnetarticles.com/2009/02/formsauthentication-ticket-roles-aspnet.htmlhttp://msdn.microsoft.com/en-us/library/b6x6shw7(v=VS.71).aspxhttp://msdn.microsoft.com/en-us/library/b6x6shw7(v=VS.71).aspxYou can set in your web.config the restrictions on folders without having to set the restrictions in multiple folders through their own web.config file. In my main default.aspx file in my protected subfolder off my main site, I did the following code due to MultiFormAuthentication (MFA) providing the security to this point: string role = string.Empty; if (((Login)Session["Login"]).UserLevelID > 3) { role = "PowerUser"; } else { role = "Newbie"; } FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, ((Login)Session["Login"]).UserID, DateTime.Now, DateTime.Now.AddMinutes(20), false, role, FormsAuthentication.FormsCookiePath); string hashCookies = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashCookies); Response.Cookies.Add(cookie); This all gave me the ability to change restrictions on folders without having to restart the website or having to do any hard coding.

Read the article
Mobile Phone Browser Emulators/Simulators

- by Jessie

I work in QA in a .NET shop and recently part of my testing process has started to involve testing our company website on mobile devices. At least one of our techs uses an HTC Desire. After tons of googling I still can't find a good online emulator for testing websites on different types of mobile devices. Is anyone aware of a website that I can test across multiple mobile platforms? Or even an online HTC or Blackberry browser emulator? I've found an iphone/opera mini simulator, but that's about it. Also, I realize there are a lot of SDK's that include emulators, but I'd rather not have to set up an entire SDK just to use an emulator.

Read the article

< Previous Page | 251 252 253 254 255 256 257 258 259 260 261 262 | Next Page >