Search Results

Search found 88705 results on 3549 pages for 'web application security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 40/3549 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • Security question pertaining web application deployment

    - by orokusaki
    I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

    Read the article

  • Architecture guidelines for a "single page web-app"

    - by Matt Roberts
    I'm going to start a side project to build a "single page" web application. The application needs to be real-time, sending updates to the clients as changes happen. Are there any good resources for best-practice approaches wrt the architecture for these kinds of applications. The best resource I've found so far is the trello architecture article here: http://blog.fogcreek.com/the-trello-tech-stack/ To me, this architecture, although very sexy, is probably over-engineered for my specific needs - although I do have similar requirements. I'm wondering if I need to bother with a sub/pub at the server side, could I not just push updates from the server when something happens (e.g. when the client sends an update to the server, write the update to the db, and then send an update to the clients). Tech-wise, I'm probably looking to build this out in Node.JS or maybe Ruby, although the architecture guidelines should to some extent apply to any underlying server technologies.

    Read the article

  • UNIX-Security Advise

    - by Phoibe
    Hello, I want to build a quite secure UNIX-Server. Mechanisms I already implemented: SNORT + fwsnort for banning psad to block network-scanning attempts Portknocking to start+open SSH (key-based login - no password) hourly update of IP-Tables-Rules from a Security-Subscription Fail2Ban ClamAV & Rootkithunter + Logwatch What service-independent security mechanism would you add to this? What mechanism are you using? The server will run Apache&Postfix. For Apache hiding the server-information ofc. and nothing I can think of for Postfix. Thanks

    Read the article

  • Linux EC2 Instance Security Consideration

    - by Amzath
    I am going to host a web site in Amazon EC2 instance which would be a Linux instance. My web application will be developed using PHP, Apache and MySql. As I am new to Linux and Amazon EC2 environment, what are key areas in security should I consider to protect my server? This may be very very generic question as the security itself a vast area. But I need to kick start with most imporant points. That way I would be able to track down all those areas one by one.

    Read the article

  • Web application Project management methodologie

    - by dutchiexl
    I am looking to streamline my company's web development process. Including analysis. I myself am specialized in XP and Scrum. But we are building web application with a process cycle of 3-4 weeks and a lifetime of 1-4 months. When a project is sold, only then the project managers (= people who do analysis but know nothing about it = a small flow chart and some screen shots as analysis) What is happening is: A LOT of change requests Minimal development time Minimal analysis time NOW: the main question :) can you recommend me some methodologies and books to read for the entire project management ? Thanks in advance @Edit, I myself was looking at a combination of SCRUM for the management with flowcharts, + RAD/LD for development, and trying to distilate something from that.

    Read the article

  • Detect frameworks and/or CMS utilized on websites in Firefox

    - by jkneip
    I'm redesigning the website for my academic library and am examining other sites to determine to identify the technologies used. Things like: Web frameworks Javascript frameworks Server-side technology Content management system Now I've had some real success in Firefox using plugins like Wappalyzer, Firebug, and the DOM Inspector. But some sites just don't display any of the info. I'm looking for using these tools, especially it seems it an enterprise-level CMS is being used. Does anyone know of any other tools to detect this kind of data? Also with Firebug & the DOM Inspector, there is a lot of info. displayed and I wondered if there was a way to derive the presence of server-side technologies, CMS's, etc. within certain elements of a web page? Also, if this question is more relevant to another Stack Exchange site, please let me know and I'll post it there instead. Much thanks, Jason

    Read the article

  • Security and Windows Login

    - by Mimisbrunnr
    I'm not entirely sure this is the right place for the is question but I cannot think of another so here goes. In order to login to the windows machines at my office one must press the almighty CTRL-ALT-DELETE command combo first. I, finding this very frustrating, decided to look into why and found claims from both my sys and Microsoft stating that it's a security feature and that "Because only windows could read the CTRL-ALT-DELETE it helped to ensure that an automated program cannot log in. Now I'm not a master of the windows operating system ( as I generally use *nix ) but I cannot believe that "Only windows can send that signal" bull. It just doesn't sit right. Is there a good reason for the CTRL-ALT-DELETE to login thing? is it something I'm missing? or is it another example of antiquated legacy security measures?

    Read the article

  • Photoshop Elements 9 VS Paintshop Photo Pro X3 For Web Design

    - by Brian
    I need a good image creation program for web design. I have downloaded both Elements 9 and Paintshop X3. So far I have found them both to be great programs. X3 seems like it has a lot of features, Elements seems like it's quite easy and stable to use. I think I'm going to go with Elements, but I wanted to get other opinions. Which program do you guys like better overall? What things do you think they lack for image creation/editing pertaining to web design, or what features do they have that are great for it? Thanks!

    Read the article

  • VMware Workstation 9 Security Best Practice Guides

    - by slickboy
    Could someone please point me in the direction of where I could find some best practice securiy guides for VMware Workstation 9 please? I've searched the VMware site and to say it's badly organised is an understatement! I've been able to find general setup guides but nothing with a specific focus on security. I'm also wondering is there any best practice guides that I should follow when installing Windows 7 Professional and Windows Server 2008 R2 on VMware Workstation 9? I obviously will be implementing Microsofts recommended security best practices but I'd be very interested in any recommendations for virtualizing these operating systems. Any help is much appreciated.

    Read the article

  • Need help on implementing corporate network security solution and coming up with time lines to test it

    - by abc
    I have to come up with a proposal to implement corporate network security. Once I have done that I also have to come up with estimates on the time / money needed to test (QA) the implementation. What I need help with: What should I keep in mind while coming up with this proposal? I have already considered: Routers, Firewalls, VPN, Wireless, Server System, Web Apps etc. I know I am missing quite a lot. What else should I include? This the most challenging part I feel: How should I estimate the time needed for testing these security implementations? I guess I need to understand how can I test these security implementations first...right? Can you help me?

    Read the article

  • windows 7 security settings for non-admins

    - by Wasi
    I was recently modifying the security settings for my drive C. I did not notice that i was logged in as a user and changed the permissions for users to "read". Later i realized that there was no admin set up on the pc (when switching user). Now with the security settings changed I can't do anything on the computer. I can only read the files that previously existed. And this applies to every drive on my computer. Now the user accounts do not have the privileges to change the permissions. How can i allow users to have full control without having admin on my pc

    Read the article

  • ASP.NET Podcast Show #143 - Windows Azure Part I - Web Roles

    - by Wallym
    Original Url: http://aspnetpodcast.com/CS11/blogs/asp.net_podcast/archive/2010/10/25/asp-net-podcast-show-143-windows-azure-part-i-web-roles.aspx (forgot to post this here)This show is on Web Roles in Azure, Blob Storage, and the Visual Studio 2010 Azure tools. Subscribe to everything. Subscribe to WMV. Subscribe to M4V for iPhone/iPad. Subscribe to MP3. Download WMV. Download MOV. Download M4V for iPhone/iPad. Download MP3.

    Read the article

  • Detect frameworks and/or CMS utilized on websites in Firefox

    - by jkneip
    I'm redesigning the website for my academic library and am examining other sites to determine to identify the technologies used. Things like: Web frameworks Javascript frameworks Server-side technology Content management system Now I've had some real success in Firefox using plugins like Wappalyzer, Firebug, and the DOM Inspector. But some sites just don't display any of the info. I'm looking for using these tools, especially it seems it an enterprise-level CMS is being used. Does anyone know of any other tools to detect this kind of data? Also with Firebug & the DOM Inspector, there is a lot of info. displayed and I wondered if there was a way to derive the presence of server-side technologies, CMS's, etc. within certain elements of a web page? Also, if this question is more relevant to another Stack Exchange site, please let me know and I'll post it there instead. Much thanks, Jason

    Read the article

  • How do you develop web applications? [closed]

    - by ck3g
    How do you and/or your team develop your web applications? Language, framework or platform doesn't matter. I would like to know about the structure of your environment. For example: Using IDE on workstation and project files on remote host accessing via sftp. Files are saved instantly on remote host; All files are local and are uploaded on remote host during saving; Files are local, web server is running on local computer and is tested at local host. etc. You could write down also about the benefits of your approach, this will be useful for me. Thanks upd: Here must be a question and here it is: which is the best approach by your opinion?

    Read the article

  • Windows 7 Open File Security Warning

    - by Lucy
    I downloaded something and now, it is show this open file security warning. I have searched but I have only found how to disable security warnings globally. I only want to say NO forever to this warning, but it keeps showing up whenever Windows starts. The "Name" and "From" are: "C:/Users/MyUser/AppData/Local/Temp/Windows-Update.exe" I cannot even find that folder and file! I don't really know what was downloaded, I am helping someone else. (I am not a Windows user, so I am very lost here)

    Read the article

  • Drawing shapes dynamically on an image through web browser

    - by Tom Beech
    We have a scenario where we create floor plans of locations when we visit. The floor plan is finally shown on the web. It's come to the point now where we want to show floor plans but have a key with various items on them, when an item on the key is clicked, the image should highlight all the areas of the floorplan that have that specific item. I guess we're looking for some sort of open standard javascript lib to deal with SVG (has to work pre IE9 so pure SVG wont cut it) and the floor plans have to be able to be created through a .net application to be deployed on the web. I'd rather stay away from flash if at all possible to be honest. Below are a few conceptual images of what we're trying to achieve.

    Read the article

  • synchronization web service methodologies or papers

    - by Grady Player
    I am building a web service (PHP+JSON) to sync with my iphone app. The main goals are: Backup Provide a web view for printing / sorting, manipulating. allow a group sync up and down. I am aware of the logic problems with all of these items, Ie. if one person deletes something, do you persist this change to other users, collisions, etc. I am looking for just any book or scholarly work, or even words of wisdom to address common issues. when to detect changes of data with hashes, vs modified dates, or combination. how do address consolidation of sequential ID's originating on different client nodes (can be sidestepped in my context, but it would be interesting.) dealing with collisions (is there a universally safe way to do so?). general best practices. how to structure the actual data transaction (ask for whole list then detect changes...)

    Read the article

  • Starting web development with ASP.Net [closed]

    - by nayef harb
    Possible Duplicate: Fastest way to get up to speed on webapp development with ASP.NET? If you develop with ASP.NET, which other technologies do you use? How much do i need to learn in order to get an entry level asp.net job? training plan for asp.net and c# Trying to learn ASP.NET What should every programmer know about web development? I learned web development in ASP.Net couple of month ago in college, nothing serious just couple of general lessons. But now I am confused where to start, should I start with HTML and JavaScript before ASP.Net?

    Read the article

  • How to install an application manually into Natty's Application list

    - by Valorin
    I am trying to install ZendStudio 8 (Eclipse based) on 11.04 and am kinda stuck at the part were I can get it into the Applications list. ZendStudio prior to version 8 came with a magic .bin which installed it all no problems, but now it simply comes as a folder all set up to be run as-is. I have copied this folder to /opt/ZendStudio, and I can launch the program using /opt/ZendStudio/ZendStudio but in the Unity Launcher it shows up with a grey box and a big Question Mark as it's icon. However, I'd like it to be show up in the Applications list so I can search for it and load it like a normal application. I also want to Pin it to the launcher so it stays there the whole time, and I tried this with running it directly but it didn't work and it didn't load up the application icon. Any ideas how I can finish the install so it is in my menus etc?

    Read the article

  • Web interface with FastCGI or with direct HTTP?

    - by Basile Starynkevitch
    Let's assume I want (for fun at start) to play with some new DSL (domain specific language) idea. And I really want its user[s] (probably only me at first) to interact thru a web interface. I'll probably implement it in C++ (probably using LLVM). Should I use an HTTP server library (like libonion or microhttpd) to talk directly HTTP or should I use FastCGI? In particular, I am noticing that several recent web frameworks (Opa, Ocsigen, ...) do not have any FastCGI interface but only HTTP one.... So my feeling is that FastCGI is really out of fashion.... Any opinions on that? Do you know recently started project using FastCGI ? (and what about SCGI?)

    Read the article

  • Multi-platform Map Application

    - by Mahdi
    I'm working on a web project (PHP, jQuery) which currently using Google Maps powering up the map functionality of the application, however we need to make it multi-platform like you can go to the dashboard and choose one from 5-10 map providers (which Goolge Maps is just one of them) to underlying your map functionality. So, as the application is supposed to show the data on map, almost in every single place we have to deal with the API provided by that specific map provider. Currently we are thinking about revising our modular structure and/or making something like an adapter for each provider to deal with their native syntax but via our standard methods. I wish to have your ideas and your experiences, specially if you ever made an interface for dealing via 2-3 different map providers. That would helps much and I really appreciate that. If you need any further information, just ask me to update the question. Update: As Vicky Chijwani suggested Mapstraction, now I'm also wondering which one is more better (pros & cons), having an adapter implemented on Javascript or PHP?

    Read the article

  • .aspx websites: Is it built using web forms?

    - by Lazeera
    I visit many website which I think is built using ASP.NET web forms because of the extension (.aspx). When I view source of these website I see at least one or two something like: <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"> or wvcD4NCjxwPtin2YTZh9iv2YrYqSDYp9mE2KvYp9mG2YrYqSDZh9mKINit2..... However, yesterday I visited two sites on is the 'ASP.NET forums - http://forums.asp.net' and the other is 'POF'. The extension of these sites is still (.aspx) but when I view the source of these site I could not find any <input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"> nor wvcD4NCjxwPtin2YTZh9iv2YrYqSDYp9mE2KvYp9mG2YrYqSDZh9mKINit2..... Now, I would like to know how those sites use ASP.NET Web Forms and their final HTML output is still clean?

    Read the article

  • Internal and external API architecture

    - by Tacomanator
    The company I work for maintains a successful SaaS product that grew "organically" over the years. We are planning to expand the line with a suite of new products that will share data with the existing product. To support this, we are looking to consolidate business logic into a single place: a web service layer. The WS layer will be used by: The web applications A tool to import data A tool to integrate with other client software (not an API per se) We also want to create an API that can be used by our customers that are capable of using it to create their own integrations. We are struggling with the following question: Should the internal API (aka the WS layer) and the external API be one in the same, with security and permission settings to control what can be done by who, or should they be two separate applications where the external API just calls the internal API like any other application? So far in our debate it seems that separating them may be more secure, but will add overhead. What have others done in a similar situation?

    Read the article

  • Improving server security [closed]

    - by Vicenç Gascó
    I've been developing webapps for a while ... and I always had a sysadmin which made the environment perfect to run my apps with no worries. But now I am starting a project on myself, and I need to set up a server, knowing near to nothing about it. All I need to do is just have a Linux, with a webserver (I usually used Apache), PHP and MySQL. I'll also need SSH, SSL to run https:// and FTP to transfer files. I know how to install almost everything (need advice about SSL) with Ubuntu Server, but I am concerned about the security topic ... say: firewall, open/closed ports, php security, etc ... Where can I found a good guide covering this topics? Everything else in the server... I don't need it, and I wanna know how to remove it, to avoid resources consumption. Final note: I'll be running the webapp at amazon-ec2 or rackspace cloud servers. Thanks in advance!!

    Read the article

  • Web technologies on GUI apps

    - by Apalala
    I developed many GUI applications for the Windows platform during my early professional career, and saw several GUI frameworks come, have whole magazines devoted to them, and then fade away. MFC is iconic. Tasked with writing yet another GUI application, I starter researching cross-platform frameworks like Qt and WxWindows. I found the same steep learning curves I knew from before, and tooling doesn't help much in building a functional and elegant user interface because its clumsy and complicated. But people are building beautiful and functional UIs on the Web all the time (look at this site!). The standards, the libraries, and the tools are certainly there. My thought and my question: Why not write a GUI in which most of the UI is handled by an embedded browser? I already know that the Qt widgets support a large part of CSS and JavaScript, and programmers with good knowledge about web development are relatively easy to find, ..., so... Have you done something like that before? What's your experience/advise?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >