Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 406/1180 | < Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >

  • how do i install intermediate certificate

    - by getmizanur
    I have installed private key (pem encoded) and public key certificate (pem encoded) on amazon load balancer however when i check the ssl with site test tool (http://www.networking4all.com/en/support/tools/site+check/), i get the following error Error while checking the SSL Certificate!! Unable to get the local issuer of the certificate. The issuer of a locally looked up certificate could not be found. Normally this indicates that not all intermediate certificates are installed on the server. i converted crt file to pem using these command from this tutorial openssl x509 -in input.crt -out input.der -outform DER openssl x509 -in input.der -inform DER -out output.pem -outform PEM during setting up of amazon load balancer only option i left out was certificate chain (pem encoded) however this was optional. could this be cause of my issue? and if so i how do i create certificate chain? for the last question i have tried googling however i'm getting more confused than before. please help many thanks in advance. UPDATE @all thanks for the helpful advice. if you make request to verisign they will give you a certificate chain however this chain includes public crt, intermediate crt and root crt. make sure to remove the public crt from your certificate chain (which is the top most certificate) before adding it to your certification chain box of your amazon load balancer. if you are making https request from an android app then above instruction may not work for older android os such as 2.1 and 2.2. to make it work on older android os [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=LIST&viewlocale=en_US]. on this link click on "retail ssl" tab and then click on "secure site" "CA Bundle for Apache Server". copy and past these intermediate certs into certificate chain box. just incase if you have not found it here is the direct link [https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR1409] if you are using geo trust certificates then solution is much the same for android devices however you need to copy and past their intermediate certs for android. PS: sorry for the long urls however "new users can only post a maximum of two hyperlinks"

    Read the article

  • SharePoint 2010 deployment problem after added a new server to existing farm

    - by mrt
    I have SharePoint 2010 farm with one server. I'm developing some features in a sharepoint farm solution (not sandbox because there are some user rights problem). All feature scopes are set to "Site". I can deploy the solution to SharePoint with no problem. I added a new web front-end server to my existing farm. Then when I try deploy my solution, VS2010 shows this error: Error occurred in deployment step 'Activate Features': Feature with Id 'xxx' is not installed in this farm, and cannot be added to this scope I login with AD administrator account to development server. Administrator account is in site collection admins on the target web application. The farm account is in local administrators group. Is there a solution for this error?

    Read the article

  • You don't have permission to access / on this server on centos 5.3

    - by zahid
    hello am using centos 5.3 with kloxo panel everything was fine but last night when i was updating my site i do not know i got first error when i try to access my site script everything is ok www.w3scan.net www.dl4fun.com Forbidden You don't have permission to access / on this server. please help i checked httpd it seems to be ok my httpd.conf #<VirtualHost *:80> # ServerName www.domain.tld # ServerPath /domain # DocumentRoot /home/user/domain # DirectoryIndex index.html index.htm index.shtml default.cgi default.html default.htm #</VirtualHost> i uninstall apache and installed again now i have still now access Index of / i modify apache welcome.conf to remove apache test page help

    Read the article

  • Is a 302 redirect to a random URL from the homepage an SEO problem?

    - by CookieMonster
    I originally posted this on Stackoverflow, but I believe here is a better place to ask. My web application is very similar to notepad.cc which redirects to a randomly generated URL upon access, e.g. http://myapp.com/roTr94h4Gd. (Please note that notepad.cc is not my site.) Probably because of this redirect feature, when I do "fetch as Google" or "fetch as Bingbot", I get a 302 and no html content. Not even a <html></html> tag. HTTP/1.1 302 Moved Temporarily Server: nginx/1.4.1 Date: Tue, 01 Oct 2013 04:37:37 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.4.17-1~dotdeb.1 Set-Cookie: PHPSESSID=vp99q5e5t5810e3bnnnvi6sfo2; expires=Thu, 03-Oct-2013 04:37:37 GMT; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: /roTr94h4Gd How should I avoid 302 in this case? I suppose I could modify my site to prevent the redirect, but it is a necessary feature of my web app to generate a random URL on each access. I added <meta name="fragment" content="!"> tag into my index page and set it to return a static snapshot of my page when the flag is set. But this still returns a 302. I also added a header to return 200 before redirecting, but this had no effect, either. Could someone tell me a good suggestion to solve this problem?

    Read the article

  • How to fix the “Live INT automatically logs out”

    - by ybbest
    Problem: Live INT environment automatically logs out I am trying to setup the Authentication with Windows Live ID and followed this blog post ; I have a problem logging in to live INT web site. Whenever I try to log in (https://login.live-int.com/login.srf  this is the internal Live environment to be used in a dev. environment.), after entering valid email/password I get redirected to the logout page. I tried 2 different accounts (one with existing email address, and other one with newly created @hotmail-int.com address) and 3 different browsers so I’m sure that neither account nor the browser are the cause of this. I also tried to enter wrong password, and in that case I get the message that the password is wrong. Solution: All you need is the unique ID in order to add the user to SharePoint , you can get the ID without logging into the Live INT environment. I think the Live internal environment is not working correctly for some reasons , the reason I need to login to the Live internal environment is that I need to get the unique ID for the test account so that I can add the user to SharePoint. All the blogs I have come across require you to login in order to get the unique ID. However, I figured out another way of getting the unique ID without logging in. Steps are below: Register a new test account in the Live internal environment. Go to the SharePoint site collection that has  Live ID authentication enabled and select the LiveID INT(it will be different as you could name it differently when you set up the authentication provider) from the dropdown. Try login using the Internal Live account, you will get an Access Denied Error as below showing your  unique ID for the test account. Add that account to your SharePoint Group, boom, it works. I hope it will help anyone who needs to do this stuff in the future.

    Read the article

  • Connecting to FileZilla FTP Server on XAMPP localhost with Dreamweaver

    - by Keyslinger
    I am running XAMPP 1.7.4. I've installed the FileZilla FTP server and I'm running it as a service. I created a user and when I connect as that user with the FileZilla client, I have no trouble connecting. However, in Dreamweaver CS5 when I create a site using the Manage Sites dialog and go to configure its FTP settings, I get a message that reads An FTP error occurred - cannot make connection to host. and goes on to list some possible causes and solutions. I have tried setting the connection as passive to no avail. I understand that it is not necessary to use FTP when I am editing the site locally, but it is for a Dreamweaver class I am teaching and I want my students to learn to use Dreamweaver's FTP tools. How can I make my localhost FTP connection work in Dreamweaver?

    Read the article

  • How can I whitelist a user-agent in nginx?

    - by djb
    I'm trying to figure out how to whitelist a user agent from my nginx conf. All other agents should be shown a password. In my naivity, I tried to put the following in before deny all: if ($http_user_agent ~* SpecialAgent ) { allow; } but I'm told "allow" directive is not allowed here (!). How can I make it work? A chunk of my config file: server { server_name site.com; root /var/www/site; auth_basic "Restricted"; auth_basic_user_file /usr/local/nginx/conf/htpasswd; allow 123.456.789.123; deny all; satisfy any; #other stuff... } Thanks for any help.

    Read the article

  • Layout Columns - Equal Height

    - by Kyle
    I remember first starting out using tables for layouts and learned that I should not be doing that. I am working on a new site and can not seem to do equal height columns without using tables. Here is an example of the attempt with div tags. <div class="row"> <div class="column">column1</div> <div class="column">column2</div> <div class="column">column3</div> <div style="clear:both"></div> </div> Now what I tried with that was doing making columns float left and setting their widths to 33% which works fine, I use the clear:both div so that the row would be the size of the biggest column, but the columns will be different sizes based on how much content they have. I have found many fixes which mostly involve css hacks and just making it look like its right but that's not what I want. I thought of just doing it in javascript but then it would look different for those who choose to disable their javascript. The only true way of doing it that I can think of is using tables since the cells all have equal heights in the same row. But I know its bad to use tables. After searching forever I than came across this: http://intangiblestyle.com/lab/equal-height-columns-with-css/ What it seems to do is exactly the same as tables since its just setting its display exactly like tables. Would using that be just as bad as using tables? I honestly can't find anything else that I could do. edit @Su' I have looked into "faux columns" and do not think that is what I want. I think I would be able to implement better designs for my site using the display:table method. I posted this question because I just wasn't sure if I should since I have always heard its bad using tables in website layouts.

    Read the article

  • Nginx server_name is set to mydomain.com, so why is www.mydomain.com getting served too?

    - by Lorenz Forvang
    I have my Nginx conf set up as follows: server { listen 443 ssl; server_name mydomain.com; ... } When I load https://mydomain.com, the site loads fine. But when I load https://www.mydomain.com, the site loads as well. Why is this happening? I set up the DNS records using Amazon Route 53 as: A mydomain.com xxx.xxx.xxx.xxx (IP) CNAME www.mydomain.com mydomain.com So is a request to www.mydomain.com arriving at Nginx as a request to mydomain.com? If so, how do I differentiate requests to www.mydomain.com and mydomain.com at my server?

    Read the article

  • Google analytics set up with wrong domain

    - by Tom
    I have recently embedded Google Analytics into a site using the default embed code. <script> (function (i, s, o, g, r, a, m) { i['GoogleAnalyticsObject'] = r; i[r] = i[r] || function () { (i[r].q = i[r].q || []).push(arguments) }, i[r].l = 1 * new Date(); a = s.createElement(o), m = s.getElementsByTagName(o)[0]; a.async = 1; a.src = g; m.parentNode.insertBefore(a, m) })(window, document, 'script', '//www.google-analytics.com/analytics.js', 'ga'); ga('create', 'UA-XXXXXXXX-1', 'MYDOMAIN.COM'); ga('send', 'pageview'); </script> However I had MYDOMAIN.COM set to an incorrect domain. The views for the site seem very low, however, I can see myself there as a visitor in the real time scanner. What effect would setting the domain incorrectly have had? How does Google use this parameter?

    Read the article

  • Lost Windows 7 files

    - by Pader
    My intention was to have a dual boot system with Ubuntu and Windows 7. Obviously I did something wrong because although I had a system menu on booting (is it normal to appear DOS-like?) which gave me an option of booting into windows 7, I was unable to do so. Also, when I booted into Ubuntu, my Windows 7 drive was not available. The Windows 7 drive was an internal 1TB drive partitioned into a 200GB (OS) and a second partition making up the remainder. I was still unable to access this Windows 7 drive even after deleting Ubuntu as I kept getting an 'requires an NTFS drive' error, or something similar. I could not even re-install Windows 7 as the disk was not recognised. I did eventually get the drive back by but I cannot for the life of me remember how. I did try to recover my lost W7 data using Ontrack Easy Recovery (which has always been succesfull in the past for post format recovery) but it would not recognise the 1TB although it was now formatted as NTFS. From other posts on this site, I gather that this is considered a 'Windows 7 Site' problem by Linux users. However, I would dearly love to recover some of my lost Windows 7 files. I had resigned myself to a lot of lost personal data but I happened to notice that a 2TB drive I had connected through a USB docking station had been repartitioned. It must have happened when I installed Ubuntu as I can think of no other explanation. I certainly do not remember consciously requiring Ubuntu to do this. The additional two partitions on the 2TB drive, the original Windows

    Read the article

  • IIS 7.5 website application pool with 'full control' permissions hackable?

    - by Caroline Beltran
    Although I would never set this permission, I would like to know how a static html website with the permission mentioned in the title could be compromised. In my humble opinion, I would guess that this would pose no threat since a web visitor has no way to upload/edit/delete anything. What if the site was a simple PHP website that simply displayed ‘hello world’? What if this PHP site had a contact us form that was properly sanitized? Thank you EDIT: I should mention that restricting IIS to GET and POST requests only, otherwise people anybody can delete and upload content.

    Read the article

  • Incentivizing Work with Development Teams

    - by MarkPearl
    Recently I saw someone on twitter asking about incentives and if anyone had past experience with incentivizing work. I promised to respond with some of the experiences I have had in the past so here goes... **Disclaimer** - these are my experiences with incentives, generally in software development - in some other industries this may not be applicable – this is also my thinking at this point in time, with more experience my opinion may change. Incentivize at the level that you want people to group at If you are wanting to promote a team mentality, incentivize teams. If you want to promote an individual mentality, incentivize individuals. There is nothing worse than mixing this up. Some organizations put a lot of effort in establishing teams and team mentalities but reward individuals. This has a counter effect on the resources they have put towards establishing a team mentality. In the software projects that I work with we want promote cross functional teams that collaborate. Personally, if I was on a team and knew that there was an opportunity to work on a critical component of the system, and that by doing so I would get a bigger bonus, then I would be hesitant to include other people in solving that problem. Thus, I would hinder the teams efforts in being cross functional and reduce collaboration levels. Does that mean everyone in the team should get an even share of an incentive? In most situations I would say yes - even though this may feel counter-intuitive. I have heard arguments put forward that if “person x contributed more than person Y then they should be rewarded more” – This may sound controversial but I would rather treat people how would you like them to perform, not where they currently are at. To add to this approach, if someone is free loading, you bet your bottom dollar that the team is going to make this a lot more transparent if they feel that individual is going to be rewarded at the same level that everyone else is. Bad incentives promote destructive work If you are going to incentivize people, pick you incentives very carefully. I had an experience once with a sales person who was told they would get a bonus provided that they met an ordering target with a particular supplier. What did this person do? They sold everything at cost for the next month or so. They reached the goal, but the company didn't gain anything from it. It was a bad incentive. Expect the same with development teams, if you incentivize zero bug levels, you will get zero code committed to the solution. If you incentivize lines of code, you will get many many lines of bad code. Is there such a thing as a good incentives? Monetary wise, I am not sure there is. I would much rather encourage organizations to pay their people what they are worth upfront. I would also advise against paying money to teams as an incentive or even a bonus or reward for reaching a milestone. Rather have a breakaway for the team that promotes team building as a reward if they reach a milestone than pay them more money. I would also advise against making the incentive the reason for them to reach the milestone. If this becomes the norm it promotes people to begin to only do their job if there is an incentive at the end of the line. This is not a behaviour one wants to encourage. If the team or individual is in the right mind-set, they should not work any harder than they are right now with normal pay.

    Read the article

  • Recommendation for a non-standard SSL port

    - by onurs
    Hey guys, On our server I have a single IP, and need to host 2 different SSL sites. Sites have different owners so have different SSL certificates, and can't share the same certificate with SAN. So as a last resort I have modified the web application to give the ability to use a specified port for secure pages. For its simple look I used port 200. However I'm worried about some visitors may be unable to see the site because of their firewalls / proxies blocking the port for ssl connections. I heard some people were unable to see the website, a home user and someone from an enterprise company, don't know if this was the reason. So, any recommendations for a non-standard SSL port number (443 is used by the other site) which may work for visitors better than port 200 ? Like 8080 or 8443 perhaps? Thanks!

    Read the article

  • Server problem (duh)

    - by j-t-s
    Sorry the title couldn't be more specific. I installed Abyss Web Server. I'm running Windows XP Home Edition and I have Wireless Mobile Broadband internet. I used to be able to access (and other people on other networks) my site by entering my ip address in the browser, but after I formatted, and the installed abyss web server again, this does not work anymore. There are no errors. I CAN visit my own site by entering my ip address BUT anybody else can't do the same, it just says "connecting" in the browser's statusbar and it never changes. I have consulted the docs and have found no help. Google hasn't helped with this problem either. Can somebody please help? Thank you :)

    Read the article

  • Server problem (duh)

    - by j-t-s
    Sorry the title couldn't be more specific. I installed Abyss Web Server. I'm running Windows XP Home Edition and I have Wireless Mobile Broadband internet. I used to be able to access (and other people on other networks) my site by entering my ip address in the browser, but after I formatted, and the installed abyss web server again, this does not work anymore. There are no errors. I CAN visit my own site by entering my ip address BUT anybody else can't do the same, it just says "connecting" in the browser's statusbar and it never changes. I have consulted the docs and have found no help. Google hasn't helped with this problem either. Can somebody please help? Thank you :)

    Read the article

  • Why does Windows share permissions change file permissions?

    - by Andrew Rump
    When you create a (file system) share (on windows 2008R2) with access for specific users does it changes the access rights to the files to match the access rights to the share? We just killed our intranet web site when sharing the INetPub folder (to a few specified users). It removed the file access rights for authenticated users, i.e., the user could not log in using single signon (using IE & AD)! Could someone please tell me why it behaves like this? We now have to reapply the access right every time we change the users in the share killing the site in the process every time!

    Read the article

  • Apache only logs PHP errors if LogLevel is set to debug

    - by Sudowned
    I'm developing a CodeIgniter application and for reasons that I do not fully understand errors have stopped being logged in the file specified in the Apache site conf. The page I'm testing is definitely generating a 500 error, but that is not reflected in the logs unless I set LogLevel debug. Setting LogLevel to error or warn results in no errors being logged. I don't think this is a CI issue because I've been developing this site for close to a week now and errors have been logged as expected until I picked the project up again this morning. Though for what it's worth, I've got: error_reporting(E_ALL); set in my index.php.

    Read the article

  • Restricting permissions to individual documents on SharePoint

    - by wahle509
    Here's what I'm trying to do: I would like to create a list of documents on a site in my company's SharePoint site. Each document should have specific user's permissions to view and edit it. For example: The list is for performance reports. John has his out there called "John_PR_09.docx". Only him and his supervisor should have permissions to view, edit, or do anything to it. And then another employee has hers out there with permissions for only her and her supervisor, and so on... I have tested this out with a document that I removed the groups and users from (since they inherit permissions from it's parent) and only gave my user account permissions to. I then asked someone else to try and open and she could, she even wrote "TEST" on the document and saved it. What am I doing wrong? I thought I stopped it from inheriting permissions from it's parent and only gave myself rights to edit it.

    Read the article

  • SSL/https setup for herokuapp.com address rather than my actual domain

    - by new2ruby
    I have a subdomain of my site pointed to a rails app at mysite.herokuapp.com. I bought a certificate from godaddy and seem to have that all set up correctly. So that when I go to: http://mysite.herokuapp.com or http://dev.mysite.com it's redirected to: https://mysite.herokuapp.com or https://dev.mysite.com The problem is that when I visit dev.mysite.com, I get the error: Safari can't verify the identity of the website. But when I go to mysite.herokuapp.com, I don't get the error. I wanted this to be set up the other way, so that dev.mysite.com did not cause the error. I'm not sure where I went wrong. I used dev.mysite.com when generating the key and when setting it up at godaddy.com. Any ideas where I should look? P.S. The old site is hosted at dreamhost and the DNS info is stored there as well. So I created a subdomain there of type cname which points to mysite.herokuapp.com.

    Read the article

  • Exim: Change sender address when sending mails out of local network

    - by Esa Varemo
    We have a working exim setup at a site, where users can send and receive mails. We are trying to setup a server to send some warnings and errors using email to an address that is outside the local network. The problem is: The program that sends the mails sends them using the username it runs under and the local hostname of the server. This cause the mails to have a sender of format: [email protected]. Exim sends these mails to the ISP's SMTP server, which rejects the mails as they have an illegal or unverifiable sender (the internal address). I'm thinking I should configure exim to rewrite the sender when: - sender's domain is on the local network - receiver's domain is outside the local network I tried setting some kind of rewriting in the exim config, but did not manage to get it to work. I'd show what I have tried, but I ran out of time on the last visit to the site, and had to revert to the original version losing all the changes I tried.

    Read the article

  • Apache rewrite rule to remove index.php and direct certain areas to https

    - by Stephen Martin
    I have a codeignitor application running on Apache2, I have managed to remove the index.php from the urls with this .htaccess RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php/$0 [PT,L] now I want to make certain parts of the site redirect to https, I tried this: RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule .* index.php/$0 [PT,L] RewriteRule ^/?cpanel/(.*) https://%{SERVER_NAME}/cpanel/$1 [R,L] RewriteRule ^/?login/(.*) https://%{SERVER_NAME}/cpanel/$1 [R,L] But it doesn't work. I have to say when it comes to Apache rewrites im a noob. I can't find any tutorials on how to remove index.php and rewrite/redirect certain parts of the site to https. Any ideas, Thanks.

    Read the article

  • SQL 2008 managing 2 Instances on single Physical server

    - by Rajeev
    Hi, I need some calrification about managing SQL server 2008. The scenario is as follows: I have One Windows Physical server at Primary site, I want to have Two different applications database on it, so shall I create two Instances on same server or shall have diffenrent server for another database. First Database is for management purpose while second would be used for Reporting purpose. There is a second database at the secondary site, which will be in Passive mode and I intend to connect them through MSCS. Now, can I have both Instances on Single server and both will work fine? The management database will be used more. Please reply soon. Can both Instances have dedicated reources allocated to them?

    Read the article

  • Is it possible to upload only files that have been updated into a server?

    - by kamikaze_pilot
    Hi guys, Suppose I have a server accessible via FTP and it hosts websites Suppose I want to edit the website locally so it wont affect the site live, and suppose I edit a whole bunch of files, and I don't want to deal with the hassle of keeping track of which files I've edited all the time... Once I finished editing I want to upload it to the server via FTP....is there some FTP software that automatically detects which files have been edited and have only those files uploaded and overwritten rather than having me manually choosing the files I've edited (and hence having to keep track of edited files) or have me upload the entire site which is a waste of time thanks in advance

    Read the article

  • Generate a Word document from list data

    - by PeterBrunone
    This came up on a discussion list lately, so I threw together some code to meet the need.  In short, a colleague needed to take the results of an InfoPath form survey and give them to the user in Word format.  The form data was already in a list item, so it was a simple matter of using the SharePoint API to get the list item, formatting the data appropriately, and using response headers to make the client machine treat the response as MS Word content.  The following rudimentary code can be run in an ASPX (or an assembly) in the 12 hive.  When you link to the page, send the list name and item ID in the querystring and use them to grab the appropriate data. // Clear the current response headers and set them up to look like a word doc.HttpContext.Current.Response.Clear();HttpContext.Current.Response.Charset ="";HttpContext.Current.Response.ContentType ="application/msword";string strFileName = "ThatWordFileYouWanted"+ ".doc";HttpContext.Current.Response.AddHeader("Content-Disposition", "inline;filename=" + strFileName);// Using the current site, get the List by name and then the Item by ID (from the URL).string myListName = HttpContext.Current.Request.Querystring["listName"];int myID = Convert.ToInt32(HttpContext.Current.Request.Querystring["itemID"]);SPSite oSite = SPContext.Current.Site;SPWeb oWeb = oSite.OpenWeb();SPList oList = oWeb.Lists["MyListName"];SPListItem oListItem = oList.Items.GetItemById(myID);// Build a string with the data -- format it with HTML if you like. StringBuilder strHTMLContent = newStringBuilder();// *// Here's where you pull individual fields out of the list item.// *// Once everything is ready, spit it out to the client machine.HttpContext.Current.Response.Write(strHTMLContent);HttpContext.Current.Response.End();HttpContext.Current.Response.Flush();

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 402 403 404 405 406 407 408 409 410 411 412 413  | Next Page >