Search Results

Search found 13411 results on 537 pages for 'proxy servers'.

Page 357/537 | < Previous Page | 353 354 355 356 357 358 359 360 361 362 363 364  | Next Page >

• Run script when POST data is sent to Apache

  - by Nathan Adams

  Among my several years of running servers there seems to be a pattern with most spam activity. My question/idea is that is there a way to tell Apache to run a script when POST data is detected? What I would want to do is perform a reverse DNS lookup on the client's IP address, and then perform a DNS lookup on the hostname in the PTR record. Afterwards, perform some checks, excuse the pseudo-code: if PTR does not exist: deny POST request if IP of PTR hostname = client's IP Allow POST request else deny POST request Though I don't care about GET requests, even though they can be just as malicious, this idea is targeted towards spam comments which use POST data to send the comment data to the web server. In order to make sure there isn't much of a time delay, I would run my own recursive DNS server. Please do note, this isn't meant to be a sliver bullet to spam, but it should decrease the volume. Possible or impossible?

  Read the article

• HP Proliant ML115 G5 - Boot order lost after reboot

  - by Filipe YaBa Polido

  I have one HP Proliant ML 115 G5 (AMD) with the latest BIOS (07-06-2009) and recently I've installed an USB disk. This is a common problem on old Proliant servers. When you plug the USB disk, BIOS boot order changes and tries to boot via USB. So, I'll change the BIOS settings and make the SATA disk the default boot device. The problem is, when I need to unplug the usb disk, and plug it again later. I can't be always changing the BIOS settings... How can one solve this for ever?!?!

  Read the article

• Remove server from loadbalancer [on hold]

  - by Cris

  Our datacenter is load balancing the traffic to our weblogic servers based on an application deployed on each server called probe.ear It is a simple java app which is accessed by the loadbalancer and if it accessible it will redirect traffic to this server as well. When we want to remove one node from the loadbalancer we just stop the probe app and new traffic is not redirected to it BUT I am asking myself what about the current requests? The responses for the current requests are executed (completed). I did not had time to test (will do that first thing when go back to work) but on theoretical level for me it make sense to do so unless the loadbalancer has some special settings. Does my reasoning make sense to you? Just to make it clear since it was reported the question is not clear. Is there a way to configure a load balancer in a way that from a specific moment will not redirect traffic to a certain server without reseting the current requests ?

  Read the article

• Apache Prepending Header Information to ALL FILES

  - by Michael Robinson

  We're in the middle of setting up new servers, and have been having some odd problems with Apache. Apache is prepending text that looks like this: $15plðI‚‚?E?ðA™@?@??yeÔ|~Ÿ²?PγZ" zS€?8i³?? ,ÀŠ{ÿBHTTP/1.1 200 OK Date: Mon, 02 Feb 2009 22:28:05 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Mon, 02 Feb 2009 22:28:05 GMT ETag: W/"1238007d-2224e-fe617f40" Accept-Ranges: bytes Content-Length: 139854 Connection: close Content-Type: application/x-javascript To all files. The file I copied the above text from is the prototype library js file. As loaded from our server. I've searched, but couldn't find much about this problem Maybe I don't know what I'm searching for... Anyway, if anyone has seen this behaviour before, could they please let me know either 1) how to fix it so that this content is not prepended to all files, or 2) where to look for further help. Thanks

  Read the article

• Hosting 3 domains on 3 PC (1 domain per PC) with only 1 static IP address

  - by StealthRT

  Hey all i am trying to figure this out here. I have 3 PC's that are hooked into my router which i have a static IP for. I am currently hosting a web site (ex: blah1.com) on the 1st PC but have yet to connect PC 2 and 3 up to the network. That one PC thats online is using port 77. I direct all 80 traffic to port 77 using that servers IP address (192.168.x.xxx) My question is, how can i direct traffic for my other 2 domains (ex: blah2.com and blah3.com) to the 2 individual PC's (ip's) as i already am doing with the 1st PC if i can only use one port 80 to direct taffic to the website in?

  Read the article

• Is it still "wrong" to require TLS on incoming SMTP messages

  - by jackweirdy

  According to the STARTTLS Spec Section 5: A publicly-referenced SMTP server MUST NOT require use of the STARTTLS extension in order to deliver mail locally. This rule prevents the STARTTLS extension from damaging the interoperability of the Internet's SMTP infrastructure. A publicly-referenced SMTP server is an SMTP server which runs on port 25 of an Internet host listed in the MX record (or A record if an MX record is not present) for the domain name on the right hand side of an Internet mail address. However, this spec was written in 1999, and considering it's 2014, I'd expect most SMTP clients, servers, and relays to have some kind of implementation of STARTTLS. How much email can I expect to lose if I require TLS for incoming messages?

  Read the article

• Getting Pango-WARNING: Invalid UTF-8 string passed to pango_layout_set_text()

  - by geerlingguy

  About three days ago, I noticed the exim mailqueue started filling up on one of my servers, and upon inspecting some of the emails using # exim -Mvb $ID, I noticed they were being sent to some system email address (which is not a real address), and the body of the messages were as follows: (process:8259): Pango-WARNING **: Invalid UTF-8 string passed to pango_layout_set_text() I'm wondering what could be causing this strange issue, as I've never heard of 'pango' at all... I've never seen that function used in my lifetime! It seems the process id (PID) is for an apache process, though, as the pids are always gone by the time I use # ps -aux to look them up. Edit: Whoops! Forgot to include the subject - looks like it's actually munin-cron that's bringing up the issue: Subject: Cron /usr/bin/munin-cron --force-root

  Read the article

• Changed file and now I cannot access my SSH anymore

  - by Arnold

  I was trying to get my dedicated server to have a couple of VPS's installed using this tutorial: http://linux-vserver.org/Installation_on_CentOS In the process I had to change a file: /etc/ssh/sshd_config The documentation advises to change it into: ListenAddress <host IP address> Guess what? I literally added <host IP address> instead of the dedicated servers IP. I restarted the server and now I'm not able to access my SSH anymore. Can anyone help me to gain access to my SSH again? I'm using CentOS 6.

  Read the article

• WS2008R2 / W7PRO: Cannot rename folder - folder redirection

  - by castor

  After few months from migrating one of my networks on Active Directory this issue started. A few users are encountering an issue from time to time - they cannot rename folders and files on desktop. The system throws an error saying the folder or file is already in use. Folder redirection takes place in this scenario (Desktop and My Documents) Subnet with user PCs is different from subnet with servers (Cisco ASA5505 Security Plus between - all inspection policies disabled on these interfaces) Users are running Windows 7 Professional x86 Server is running Windows Server 2008 R2 Standard Any ideas?

  Read the article

• SPF include: too many IP addresses

  - by sprezzatura

  I've hit a snag with SPF. The SPF record for my domain will contain four or five entries, plus it will contain: include:sgizmo.com The SPF record for sgizmo.com contains eleven entries! This, plus mine, is way over the maximum ten allowed by the RFC (and probably by most servers). I realize that there has to be a limit in order to prevent DoS attacks. However, in the real world, it is probably not unreasonable for large companies to have many server addresses. Furthermore, must I know monitor my 'include:' counterparts for changes and additions? Must I check weekly, daily, to insure that some combination of changes doesn't suddenly put me over the top? It doesn't seem to me that SPF is suitable for prime time. Is there another way to do this?

  Read the article

• Options for PCI-DSS on AWS - file integrity monitoring and intrusion detection

  - by Brill Pappin

  I need to deploy some file integrity monitoring and intrusion detections software on AWS instances. I really wanted to use OSSEC, however it does not work well in an environment where servers can auto deploy and shut down based on load, because it requires server managed keys to be generated. Including the agent in the AMI will not allow monitoring as soon as it comes up because of that. There are many options out there, and several are listed in other posts on this site, however none that I've seen so far deal with the unique problems inherent in AWS or cloud based deployments in general. Can anyone point me at some products, preferably open source, that we might use to cover those portions of PCI DSS that require this software? Has anyone else achieved this on AWS?

  Read the article

• IPv4 private address assignment

  - by helloworld922

  I'm working on a private network which uses static IPv4 addresses as well as DHCP addressing for the physical LAN network. At a previous company I worked at they would assign static addresses in the 10.*.*.* space and all DHCP/LAN addresses were assigned in the 192.168.*.* space. Both of these address spaces are defined in the IPv4 private address space and there were never any internal conflicts. From personal experience at home, school, at work, and pretty much any other machine I've dealt with extensively (Windows and a few Linux distros), the DHCP server would always by default choose an address from the 192.168.*.* address space. Now my question is can I rely on this behavior? Do DHCP servers always by default assign from the 192.168.*.* pool (or any pool other than the 10.*.*.* pool), leaving the 10.*.*.* pool free for private static addressing? If not, under what conditions might a DHCP server choose an address in the 10.*.*.* address space?

  Read the article

• Redirect To Domain Before SSL Is Read

  - by Devin Dixon

  I had to switch servers and I want to redirect all SSL urls to the non-ssl site. The problem I am running into is the https site still throws invalid certificate error even through apache has the redirect implemented. <VirtualHost *:443> ServerAdmin [email protected] DocumentRoot /data/sites/www.example.com/main/ RewriteEngine on Redirect 301 / http://www.example.com SSLEngine on SSLCertificateFile /etc/httpd/ssl/www.examplecom/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/httpd/ssl/www.example.com/ssl-cert-snakeoil.key ServerName www.example.com ErrorLog "logs/example.com-error_log" CustomLog "logs/example.com-access_log" common </VirtualHost> My question is, how can I do a redirect and avoid the invalid ssl certifcation error in the browser?

  Read the article

• VMware ESXi 4 On-Disk Data Deduplication - possible and supported?

  - by hurikhan77

  Environment: We are running multiple web, database, and application servers which usually share a pretty common installation (gentoo linux) and similar configuration in VMware ESXi 4. The differences are usually only some installed features or differing component versions. To create a new server, I usually choose the most similar (by features) running server, rsync a copy of it into freshly mounted filesystems, run grub, reconfigure and reboot. Problem: Over time this duplicates many on-disk data blocks which probably sums up to several 10's of gigabytes. I suppose if I could use a base system as template with the actual machines based on top of that, only writing changed blocks to some sort of "diff image", performance should improve (increased cache hit rate) and storage efficiency should increase (deduplicated storage space). This would be similar to what ESXi already supports for RAM deduplication (page sharing). Question: Is there any way to easily do this on ESXi 4? I already share the portage tree via NFS but this would not work for the rootfs.

  Read the article

• Windows 7 connect to Lion file sharing

  - by McKvack

  Trying to access my Mac from a Windows 7 computer, I fail with the infamous error 86 incorrect password. Now this appears to be a well-known problem with countless threads on the internet giving as many "solutions" as there are discussion threads about it (mostly ranging from installing third-party commercial samba servers, to switching to some other protocol, to compiling a plain-vanilla Samba installation - the latter which I will probably do when I give up this :) ) I am stubborn, and I believe there must be some problem here that can be solved or worked around, but there is surprisingly little detail about this problem. It appears to have something to do with a mismatch of authentication methods. Trying to run samba in debug mode: sudo /usr/sbin/smbd -debug -stdout gets me this output when trying to access it from Win 7 ... smb1_dispatch_one [smb_dispatch.cpp:377] dispatching SMB_COM_SESSION_SETUP_ANDX smb1_dispatch_session_setup [session_setup.cpp:261] FIXME erase existing sessions log_gss_error [gssapi_mechanism.cpp:97] gssapi: gss-code: Miscellaneous failure (see text) log_gss_error [gssapi_mechanism.cpp:113] gssapi: mech-code: unknown mech-code 22 for mech unknown What is the problem here, and how do I fix it?

  Read the article

• Windows Firewall failing after 9-12 hours?

  - by routeNpingme

  I have 2 VM servers in the exact same NIC configuration: Server 2003 R2, one NIC connected to private (hardware firewall) network in a 10.x private address space, and one NIC connected straight to public internet. Windows Firewall is enabled for the Public Internet NIC only. Now, what doesn't make sense - this fails generally after 9-12 hours. It's not exact, but once or twice a day, traffic will just stop on the Internet NIC. No event log entries when it happens, and restarting the Windows Firewall service as well as stopping or restarting IPSec Services (just for fun) has no effect. Once the server is rebooted, everything is fine again for another 1/2 day. Any suggestions?

  Read the article

• Solution to time shifting requirement in Active Directory

  - by MikeR

  Hi, I currently have an active directory that has several child domains (consisting of nothing other than a DC and bespoke application servers) set-up for testing our CRM software, as some of it is date/time sensitive these have been set to dates in the future at some point in the past, which is causing replication errors. I'm working on getting rid of these child domains, but still have a requirement for our testers to be able to time shift. Does anyone know of any solutions that would allow our test environments to have their time changed (always forward), without affecting the production active directory? Is it as simple as creating a separate Forest on the same LAN or would that interfere with my production Forest? Thanks for any advice.

  Read the article

• ESXi Static IP setup with gateway on different subnet

  - by Erik Nelson

  I've got an ESXi server that I'm trying to assign a static IP to. I'm having trouble setting the gateway because (I presume) the gateway is on a different subnet. I've been able to accomplish this task on normal Linux servers by doing the following: route add 172.50.99.254 eth0 route add -net default gw 172.50.99.254 eth0 Now using the GUI config tools for ESXi I've tried setting the following IP: 172.50.5.151 Netmask: 255.255.252.0 Gateway: 172.50.99.254 The gateway does not stick, and when I try to add the gateway manually using esxcfg-route it says it has no route to the gateway IP. How can I get this static IP set correctly? (I don't have any control over the network setup).

  Read the article

• Unidirectional synchronization and admin back-end

  - by HTF

  I have Wordpress installation on two web nodes (load balancing/failover). There is unidirectional synchronization from server A to server B so any updates must occur on the first web node. I have a problem with Wordpress admin side. I'm using Nginx and the initial plan was to create rewrite rule from domain.com/wp-admin to wpadmin.domain.com - pointing to the first node. The problem is that the Wordpress installation can be access only via main domain and without extra subdomain there is no distinction between both web servers for the rewrite rule. Could you please advise if there is any other solution in this case. Regards

  Read the article

• Nxlog Multiline Input to 1 Syslog Message

  - by Eric

  I am using nxlog to tail a custom log file on one of my Windows servers. Each entry in the text file looks similar to this. =================================================================================================================== 1/14/2014 3:08:48 PM DOMAIN\user1 adding group member... Domain: blah Group: TestGroup Member: CN=Joe Bob,CN=Users,DC=blah,DC=ARG,DC=com 1/14/2014 3:08:48 PM 1 member added.<br> ================================================================================================ I'm trying to send this log to my syslog server and I want to combine these multiple lines to 1 line so I can easily grep/search for specific users or groups. I've read some of the documentation on nxlog's website regarding multiline but haven't found a specific config to put them all in 1 entry with a syslog header. Thanks, Eric

  Read the article

• What happens with the Guest OS's on ESXi in the event of a power failure?

  - by Jeremy Holovacs

  Many small businesses would prefer to let their server drop on power failure than to pay even $100 for a cheap UPS. It's often difficult to convince them of the value of something like that; it's why they like ESXi. It's free, they can save a lot of cash by putting a bunch of linux servers on one machine, and then I get paid. :) If the ESXi server experiences a power outage, it is set to come back on automatically when power is restored. What happens with the guest OS's? Ideally I would like them to all come online again as well, assuming they were on when power was lost, but I see no option for choosing this. I don't want to yank power to the system just to try it out, of course. I'm sure someone knows what happens by default, and perhaps how to make my system to work as I would wish.

  Read the article

• Router 2wire, Slackware desktop in DMZ mode, iptables policy aginst ping, but still pingable

  - by skriatok

  I'm in DMZ mode, so I'm firewalling myself, stealthy all ok, but I get faulty test results from Shields Up that there are pings. Yesterday I couldn't make a connection to game servers work, because ping block was enabled (on the router). I disabled it, but this persists even due to my firewall. What is the connection between me and my router in DMZ mode (for my machine, there is bunch of others too behind router firewall)? When it allows router affecting if I'm pingable or not and if router has setting not blocking ping, rules in my iptables for this scenario do not work. Please ignore commented rules, I do uncomment them as I want. These two should do the job right? iptables -A INPUT -p icmp --icmp-type echo-request -j DROP echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all Here are my iptables: #!/bin/sh # Begin /bin/firewall-start # Insert connection-tracking modules (not needed if built into the kernel). #modprobe ip_tables #modprobe iptable_filter #modprobe ip_conntrack #modprobe ip_conntrack_ftp #modprobe ipt_state #modprobe ipt_LOG # allow local-only connections iptables -A INPUT -i lo -j ACCEPT # free output on any interface to any ip for any service # (equal to -P ACCEPT) iptables -A OUTPUT -j ACCEPT # permit answers on already established connections # and permit new connections related to established ones (eg active-ftp) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Gamespy&NWN #iptables -A INPUT -p tcp -m tcp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 6667 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 28910 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29900 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29901 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29920 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p udp -m udp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 6500 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27900 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27901 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 29910 -j ACCEPT # Log everything else: What's Windows' latest exploitable vulnerability? iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT" # set a sane policy: everything not accepted > /dev/null iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # be verbose on dynamic ip-addresses (not needed in case of static IP) echo 2 > /proc/sys/net/ipv4/ip_dynaddr # disable ExplicitCongestionNotification - too many routers are still # ignorant echo 0 > /proc/sys/net/ipv4/tcp_ecn #ping death echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all # If you are frequently accessing ftp-servers or enjoy chatting you might # notice certain delays because some implementations of these daemons have # the feature of querying an identd on your box for your username for # logging. Although there's really no harm in this, having an identd # running is not recommended because some implementations are known to be # vulnerable. # To avoid these delays you could reject the requests with a 'tcp-reset': #iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset #iptables -A OUTPUT -p tcp --sport 113 -m state --state RELATED -j ACCEPT # To log and drop invalid packets, mostly harmless packets that came in # after netfilter's timeout, sometimes scans: #iptables -I INPUT 1 -p tcp -m state --state INVALID -j LOG --log-prefix \ "FIREWALL:INVALID" #iptables -I INPUT 2 -p tcp -m state --state INVALID -j DROP # End /bin/firewall-start Active ruleset: bash-4.1# iptables -L -n -v Chain INPUT (policy DROP 38 packets, 2228 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 844 542K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 38 2228 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 38 2228 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1158 111K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Active ruleset: (after editing iptables into below sugested form) bash-4.1# iptables -L -n -v Chain INPUT (policy DROP 2567 packets, 172K bytes) pkts bytes target prot opt in out source destination 49 4157 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 412K 441M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2567 172K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 312K packets, 25M bytes) pkts bytes target prot opt in out source destination ping and syslog simultaneous screenshots from phone (pinger) and from laptop (being pinged) http://dl.dropbox.com/u/4160051/slckwr/pingfrom%20mobile.jpg http://dl.dropbox.com/u/4160051/slckwr/tailsyslog.jpg

  Read the article

• how to find the clientname of an remote desktop session?

  - by Hemal Pandya

  We have servers on which we run tests and all users connect using the same credentials. The server allows 2 connections. What happens often is that one user is already active and the other two users keep hijacking the remaining session. Using query session, I can find out what are the active connections. But it does not list the client machine from where the session originates, which taskmanager displays. How do I get this information from a remote machine? I prefer a command line solution. Thanks in advance.

  Read the article

• RHEL kickstart with external DVDrom drive

  - by AndyM

  HI I've an old Dell poweredge server with an CDROM drive. I've attached a USB DVDROM and USB stick with my ks.cfg on so I can install RHEL from DVD not loads of CDs :-) I can boot from the RHEL media in DVDROM and point the installer to the USB ks.cfg. This works but the ks.cfg script has the cdrom keyword in it. The install then stops and asks for the RHEL media to be in the CDROM drive not the DVDROM. How can I change the ks.cfg so it uses the external DVDROM for the install media not servers builtin cdrom drive ? I know I can go and rebuild my DVD image to include the ks.cfg , but this is an extra step I dont want to do if I have to. Regards Andy

  Read the article

• Server 2012 R2 DNS Conditional forwarding not working reliably, possible caching issue?

  - by Matt

  I have a bit of a home lab setup with a domain controller that is acting as the DNS server for my network. For everything, it's working fine and forwards external DNS requests to my ISP. The household recently wanted to get Netflix going and it seemed a DNS option was better than a VPN to get around the region locking, so I signed up for unblock-us.com Since I have a Windows DNS server I thought I'd be clever and make use of conditional forwarders and added the Netflix domain to the list. Initially this worked well and all devices on the network could now access Netflix, however after about an hour going to the Netflix site would result in a page cannot be found. Doing an nslookup of Netflix.com from my PC resulted in it not returning any IP addresses. As a test, I deleted the Netflix domain from the DNS servers cache and things started working again - devices could get to the site again however the same thing happens again after around half an hour to an hour. Have I missed something here that's causing it to stop working?

  Read the article

< Previous Page | 353 354 355 356 357 358 359 360 361 362 363 364  | Next Page >