Search Results

Search found 29495 results on 1180 pages for 'cross site scripting'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 409/1180 | < Previous Page | 405 406 407 408 409 410 411 412 413 414 415 416  | Next Page >

  • 500 internal server error

    - by Rockr
    I am facing 500.0 Internal server quite frequently with my website. The error details are given below. HTTP Error 500.0 - Internal Server Error C:\PHP\php-cgi.exe - The FastCGI process exceeded configured activity timeout Module FastCgiModule Notification ExecuteRequestHandler Handler PHP_via_FastCGI Error Code 0x80070102 Requested URL http://mydomain.com:80/index.php Physical Path C:\HostingSpaces\coderefl\mydomain.com\wwwroot\index.php Logon Method Anonymous Logon User Anonymous When I contacted the support team, they're saying that my site is making heavy SQL Queries. I am not sure how to debug this. But my site is very small and the database is optimized. I'm running wordpress as platform. How to resolve this issue?

    Read the article

  • Add copyright notice to a website

    - by PeeHaa
    Not really a programming question, but I find it related. If not (or you find this question too subjective), please tell me, yell at me, swear at me, kick me in the nuts, or just vote to close :) I've read some questions and answers here on SO about adding copyright notices, but not the specific ones I am looking for. I want to add a copyright notice to a website I created. Something like (c) Me 2010. All rights reserved. I am aware that everything written by someone is automatically copyrighted (if I'm not mistaken and perhaps depending on country laws). I see some sites use the following format for this (c) Me 2009-2010. However for me that makes no sense to add an 'end-date' to the notice. I am aware I can code to update the notice every year, but I just find it strange. Or is it just me? Another question is: I also use copyrighted code from others (they are all mentioned in the credits incl. links to their licenses ofc) on my site. Would it still be OK to add the copyright notice to the site with only Me in it? So to sum it up I have 2 questions: What is THE RIGHT WAYTM of adding a copyright notice on a website (or code or whatever)? If there is one. Is it allowed to copyright code with other copyrighted code within it?

    Read the article

  • HTTPS vs. VPN for communication between business partners?

    - by Andrew H
    A business partner has asked to set up a site-to-site VPN just so that a few servers can communicate with each other over HTTPS. I'm convinced this isn't necessary, or even desirable. To be fair it must be part of a wider policy, potentially even a legal requirement. However I'd like to convince them to simply offer an IP to us (and us only) and a port of their choosing for HTTPS. Has anyone had a similar experience, or had to come up with a cast-iron argument against a VPN? Allow me to expand a little - we have a web service that initiates a connection to the partner's corresponding service using an encrypted HTTP connection. The connection uses a client certificate to authenticate. The connection is firewalled so only our IPs can contact the service. So why is a VPN necessary?

    Read the article

  • Artists and music - i need help to decide wich cms to use.

    - by infty
    A friend has asked me to build a site with the following options: staff members must be able to add new music and artists to the page a gallery must be provided - it is also good if each artist has the ability to have his/her own, smaller, gallery users must be able to vote for artists users must be able to alter in discussions (forums or comments sections) staff members must be able to blog staff members must be able to write articles I did a small project where i actually implementet all of these features, but i want to use an existing content managment system for all of these features so that future devolpers can, hopefully, more easy extend the website. And also, so that i dont have to provide to much documentation. I have never developed a website using an external cms like drupal or wordpress and after seeing hours of tutorial videos of both systems, i still cant make up my mind on wheter i should : a) use Drupal 7 b) use Wordpress 3 c) create my own cms I can only imagine that staff members would also want to create content using iphone or android based mobile devices. But this is not a required feature. Can someone, with experience, please tell me about their experiences with bigger projects like this? The site will approx. have a total of 400 000 - 500 000 visitors (not daily visitors, based on numbers from last year in a period of 4 months)

    Read the article

  • Passenger_wsgi.py given precedence over DirectoryIndex?

    - by Walkerneo
    I was having an issue with my site today, where apache wasn't serving index.php by default. I had moved passenger_wsgi.py to the directory above document root so that I could serve python files without having to use PassengerAppRoot in the .htaccess file. I wanted to do this because I set up a development sub-domain on the site, and I wanted to use a different passenger_wsgi for the two domains, but that meant having different .htaccess files for the different PassengerAppRoots. Is there a way to have passenger_wsgi.py where it was and still let apache serve the index.phps? edit: I'm sorry, I'm tired. I just realized that the way this probably works is that passenger_wsgi.py is handling the routing instead of apache.

    Read the article

  • 404s on password protected content

    - by tjb1982
    I'm new to WordPress and SEO, generally, but we've been running into problems with our site that don't seem to make sense to me. The problem is that our editor likes to schedule posts and/or mark them private until she is ready to make them public, but somehow Google is crawling these posts and getting 404s (because they are password protected). How does Google know they exist in the first place? I checked the sitemap.xml file and don't see a record of the post. One of the offending posts was marked public, but is scheduled for a future date. Could that have something to do with it? I've tried to Google the answer, and I came up with a good amount of reassurance that this won't hurt the site, but I'm still wondering how it's happening in the first place. It's hard because I don't know exactly what the editor's workflow is. Is it possible she's posting publicly first and then revising it to be private only after it's too late? Does anyone know how Google finds WordPress URLs it shouldn't have access to?

    Read the article

  • How to set up custom 401 error page or redirect in WSS3 SP2

    - by Stacy Vicknair
    I've got a WSS3 sharepoint site that requires windows authentication both in IIS and via the Sharepoint site. What I would like to do is in the case that a user does not provide valid AD credentials they are redirected to a custom error page. Currently, if the user immediately hits cancel when prompthey will see a plain text response of "401 UNAUTHORIZED". If they make an attempt and then hit cancel they instead see a blank page. I have looked into several options such as customErrors, httpModule interception (only saw examples for this after the user is authenticated), IIS Url rewrites (didn't see how this could help). Is there a good way to do this?

    Read the article

  • startup cassandra layout

    - by davidkomer
    We've got a relatively low-traffic site (~1K pageviews/day) hosted on a single server, and expect it to grow significantly over the next few years. I'm thinking of moving over to Rackspace CloudServer or EC2 and firing up 3 nodes (all on CentOS): 2 x Web (Apache) - with loadbalancer 1 x MySQL (for the Wordpress powered part) The question is where to put Cassandra right now... Should it sit on each Web node, or the MySQL node? My thought right now is to put it on Web nodes. It's my understanding that Cassandra has the benefits of fault-tolerance (i.e. if we take a node down, the site is still operational). So even with only 2 nodes, we'd have that benefit as opposed to just putting it on the MySQL node. Also, as we scale up and add another node, a cassandra instance can come along with it and the php can always run its queries on localhost. Is this a good idea?

    Read the article

  • MVC: Nasty __o not declared

    - by xamlnotes
    I ran into this little error with MVC where a bunch of errors showed up about  __o  not declared. This was driving me nuts. Then I ran across this link that solved it. http://stackoverflow.com/questions/750902/how-do-i-get-rid-of-o-is-not-declared So, the solution is to put this into the top of the page like VS does for your site.master. <%-- The following line works around an ASP.NET compiler warning --%> <%: ""%> But what about other pages? Lets say you have a view that’s using your site master and that view is throwing this error. Just add the items into the content section where the error occurs like so: <asp:Content ID="indexContent" ContentPlaceHolderID="MainContent" runat="server"> <%-- The following line works around an ASP.NET compiler warning --%> <%: ""%>   Then add the rest of your code. That seems to fix it and its pretty simple too.

    Read the article

  • Security considerations for my first eStore.

    - by Rohit
    I have a website through which I am going to sell few products. It is hosted on a simple shared-hosting and does not have SSL. On the products page, each product has a Buy Now button created from my PayPal Merchant account. PayPal recommends to use it's Button Factory to create secure buttons and save it inside PayPal itself. I have followed the same advice and the code of any button is secure and does not disclose any information on either a product or it's price. When the user clicks on a Buy Now button, he/she is taken to PayPal site where a page is opened in SSL for the user to fill in the credit card and shipping details. After a successful transaction, the control is passed back to my site. I want to know whether there is still any chance when security could be compromised.

    Read the article

  • HAProxy and Intermediate SSL Certificate Issue

    - by Sam K
    We are currently experiencing an issue with verifying a Comodo SSL certificate on an Ubuntu AWS cluster. Browsers are displaying the site/content fine and showing all the relevant certificate information (at least, all the ones we've checked), but certain network proxies and the online SSL checkers are showing we have an incomplete chain. We have tried the following to try to resolve this: Upgraded haproxy to the latest 1.5.3 Created a concatenated ".pem" file containing all the certificate (site, intermediate, w/ and w/out root) Added an explicit "ca-file" attribute to the "bind" line in our haproxy.cfg file. The ".pem" file verifies OK using openssl. The various intermediate and root certificates are installed and showing in /etc/ssl/certs. But the checks still come back with an incomplete chain. Can anyone advise about anything else we can check or any other changes we can make to try to fix this? Many thanks in advance... UPDATE: The only relevant line from the haproxy.cfg (I believe), is this one: bind *:443 ssl crt /etc/ssl/domainaname.com.pem

    Read the article

  • Google is displaying "Translate this page" based on a previously registered domain inbound links

    - by crnm
    I recently started a new project with a newly registered generic tld domain. As soon as Google started indexing the page, it displayed a "translate this page" in SERP's, which tries to translate the page to the language of a small Eastern European country from the language that the site actually uses. I tried everything to prevent this: language meta headers and attributes, localisation through Google Webmaster Tools...all to no avail - nothing helped. After a couple of weeks I spotted dozens of inbound links popping up in Google Webmaster Tools all coming from that small Eastern European country, from sub-pages that are not active anymore (either sending out 404's or 301's to the main page), and also had been written in that other language. So the domain had been registered before and as it looks, it did got a lot of possibly spam links in that language. I can't even ask the sites where those links should have been to remove them as they are not active anymore physically, just in Google Webmaster Tools and/or internal data masses... Now I'm at a loss about what to do? As my site is pretty new, it does not have many links pointing towards it in my targeted language. So those are probably not enough to convince Google of attaching the right language to it as Google ignores all other signals about the page language. I'm also unsure if I should use the "disavow" tool, or a reconsideration request...or what else to do about this miserable state. I never used these tools before so I don't have any experience with them. Somehow I have to convince Google about the right language of the page and also to not count/apply/whatever all those historical links from the previous owner. (The domain had been deleted without any traces in Google before I registered it) Has anyone here ever dealt with a similar "Translate this page" problem? (I've also looked at this thread: How can I prevent Google mistakenly offering to translate a page? but didn't find a solution there)

    Read the article

  • How to enable a Web portal-based rich enterprise platform on different domains and hosts using JS without customization/ server configuration

    - by S.Jalali
    Our company Coscend has built a Web portal-based communications and cloud collaboration platform by using JavaScript (JS), which is embedded in HTML5 and formatted with CSS3. Other technologies used in the core code include Flash, Flex, PostgreSQL and MySQL. Our team would like to host this platform on five different Windows and Linux environments that run different types of Web servers such as IIS and Apache. Technical challenge: Each of these Windows and Linux servers have a different host name and domain name (and IP address), but we would like to keep our enterprise platform independent of host server configuration. Possible approach to solution: We think an API (interface module with a GUI) is needed to accomplish this level of modularity and flexibility while deploying at our enterprise customers. Seeking your insights: In this context, our team would appreciate your guidance on: Is there an algorithmic method to implement this Web portal-based platform in these Windows and Linux environments while separating it from server configuration, i.e., customizing the host name, domain name and IP address for each individual instance? For example, would it be suitable to create some JS variables / objects for host name and domain name and call them in the different implementations? If a reference to the host/domain names occurs on hundreds of portal modules, these variables or JS objects would replace that. If so, what is the best way to make these object modules written in JS portable and re-usable across different environments and instances for enterprise customers? Here is an example of the implemented code for the said platform. The following Web site (www.CoscendCommunications.com) was built using this enterprise collaboration platform and has the base code examples of the platform. This Web site is domain-specific. We like to make the underlying platform such that it is domain and host-independent. This will allow the underlying platform to be deployed in multiple instances of our enterprise customers.

    Read the article

  • HTTPS and HTTP issue on server with SSL

    - by Asghar
    I have a site www.example.com for which i purchased SSL cert and installed. And it was working fine, I also have a subdomain with app.example.com which was not on SSL. Both www.example.com and app.example.com are on same IP address. At later we decided to put SSL only on app.frostbox.com and then i configured SSL with app.frostbox.com and it worked fine, Now the issue is that Google is indexing my site as https://www.example.com/ and when users hits the web , Invalid security warning is issued and when user allow security issue they are shown my app.example.com contents. Note: I have my SSL configuration files in /etc/httpd/conf.d/ssl.conf The contents of the ssl.conf are below. NOTE: I tried solutions in .httaccess but none of those worked. Like redirecting 301 redirects etc http://pastebin.com/GCWhpQJq

    Read the article

  • Tracking form abandonment

    - by Alec Sanger
    I'm looking for a decent way to track form abandonment. Ideally, I would like to see how many people start filling out a form but do not complete it, as well as the last field that was filled out. The website is a fairly large Wordpress site with quite a few forms. Some of these forms are to register for events, some are for donations, some are for information requests. My first attempt at this was adding a generic jquery that bound functions to all forms on the site. When a form element was blurred, I would trigger a Google Analytics event with the name of the form, the name of the field, and whether or not it was filled. I expected to be able to go to the Event Flow section in Google Analytics and see the flow of these form events, however since there are so many forms and other events occurring on the website, Google wouldn't let me break them out very well. The other issue was the Quform doesn't name their fields anything relevant, and it doesn't look like we can name them ourselves. This results in a lot of ugly form names that don't mean anything without cross-referencing the actual form. Does anybody have any suggestions on how I can achieve more usable form abandonment metrics in a scenario like this?

    Read the article

  • Tuning MySQL to consume less memory

    - by Alex
    I have a VM which has 2GB Ram, (full specs) And I am setting up a site which has one table in particular with over a million records. There's little or no usage of this particular database (perhaps once or twice a day) but simply running mysql grinds the whole server to a halt. I've looked through the top results but nothing is really denting the CPU however the memory seems to be the issue. The site isnt even live of taking requests yet. the memory situation looks like this: # free -m total used free shared buffers cached Mem: 2006 1880 126 0 3 53 -/+ buffers/cache: 1823 183 Swap: 2047 345 1702 Are there any good pointers to tune mysql to stop hogging the system memory? Thanks very much EDIT: (requested by 8bit): http://tny.cz/b41a0b12

    Read the article

  • IIS not using available memory?

    - by Herb Caudill
    Recently launched an ASP.NET site running on a single 32-bit WS2003 box (SQL on a separate server). The server has 4GB intalled, 3GB available. According to task manager, the w3wp.exe process is only using between 200-600MB. The site has tens of thousands of pages and makes heavy use of page output caching, so I would expect it to use a lot more of the available memory. The app pool isn't set to throttle memory usage. Is there anything else that might be limiting the amount of memory that IIS takes?

    Read the article

  • For a large website developed in PHP, is it necessary to have a framework?

    - by Martin
    I am wondering if it is necessary to have a framework or if it is a must-have if I plan to make a large website. Large website could mean a lot of things: in other words, multiple dynamic web pages (40-50 dynamic pages, mysql content) and a lot of visitors (+- a million hits per month). The site will be hosted in a dedicated server environment. I know that it could simplify coding for a developer team, that it includes libraries and a lot of advantages. But I just feel that I don't need that. I think that learning how it works, managing it and installing it would take more time and I could use that time to code. I write PHP the simplest way I could (with performance in mind) and I try to reuse my code/functions/classes most of the time and I make sure that if another developer joins the team, that he won't be lost in the code. I am also planning to use MemCached or another Cache for PHP. As I said, the site will be hosted in a dedicated server environment but will be entirely managed by the hosting company. I am pretty sure the control panel for me to control the basic stuff will be Cpanel. For a developer like me that only knows PHP, Javascript, HTML, CSS, MYSQL and really basic server management, I feel that it seems to complicated to have a framework. Am I wrong? Is it worth the time to learn all about it? Thank you for your opinions and suggestions.

    Read the article

  • What could have caused a large traffic drop from Google in early May?

    - by Scott Schluer
    I have a website (www.equispot.com) that has been indexed for almost 2 years in Google. I managed to get myself on the first page (average position 6-8) on Google for my target keyword of "horses for sale" and held there pretty solidly for months. Suddenly, with no changes to the site, traffic from Google dropped like a rock in early May. I slowly fell in position until now I'm sitting at the bottom of page 4. I have never hired an SEO firm, have not used any "black hat" techniques that Google would have penalized me for in their May update, etc. I'm not familiar enough with SEO to know how to look at link profiles, etc. to tell if there's something wrong. I've run my site through a DNS checker and it came back with no errors. Google Webmaster Tools shows no messages or notices of any kind, just a drop in traffic. GWT also shows only 2 server errors and 1 404. Is there anyone who can tell me by quickly checking my domain if there's an obvious reason that my traffic would have fallen so far, something that I can fix?

    Read the article

  • Sharepoint Document Library not receiving emails

    - by ria
    I have created a sharepoint document library which is email enabled. However when i send email to the designated email address from anywhere, i dont receive the email & attachment in the list. I have done some R&D and i hv found that in order to receive email from anywhere i have to expose my DNS of the sharepoint site to the outside world. Now i dont know whether it applies to the email address designated to me in the Active directory profile as well (my company domain email address). How to test that this email reception is working in the document library? I have tried sending an email from the sharepoint site and it works fine so the SMTP settings are correctly done.

    Read the article

  • /var/plone ownership

    - by jake
    could anyone help me on my problem, my /var/plone folder's ownership was accidentally changed. can anyone tell me who the owner of this folder? could it be www:root or www-data:root or root:root? btw i changed it to www:root and some images and styles cannot be loaded on my site. Everytime somebody opens the site, it keeps loading and loading and after a few minutes it stops and some images are not loaded and style are not well displayed as it is supposed to be. thanks

    Read the article

  • IIS - Script for repeated hacks on a website

    - by dodegaard
    I currently have a site that is armored by ELMAH as its reporting mechanism. Each time someone hits a URL that is incorrect it notifies me or logs to the system. This is annoying for someone fat-fingering the URL with a misspelling but great when a hacker is trying to crack a site of mine. Has anyone ever written a script for IIS 7 on Win 2K8 that blocks an IP based on repeated attempts to hit a website? I've looked at Snort and other IDS systems but if I could get a script that could be linked to my ELMAH system it might be the perfect thing. PowerScript, etc. is what I was thinking. Hints and recommendations are wonderful and if you think a true intrusion detection system is recommended give me your ideas. Thanks in advance.

    Read the article

  • Host a Debian repository on a Windows Web/Ftp server

    - by Dave
    At the risk of causing a matter vs. antimatter paradox that would end the world as we know it ... Is it possible to host a Debian repository on a Windows server? We have some applications which are available for Windows, Mac OS X, and Linux. Our web site, from where the application can be downloaded, is a Windows Server 2008 box running IIS 7. That is not going to change, and I would like to avoid having to purchase another server and/or domain. I would like to take advantage of the Debian packaging system so that I can just instruct users to add our repository to their software sources, and then they can install, get updates, resolve dependencies (some of which are not yet in the stable/main distributions of my target platforms), etc. The instructions I can find on the internet require linux-specific tools to create a local repository, but are unclear as to whether or not that can be copied to an FTP site as is, or if it requires some local daemons to be running or something.

    Read the article

  • Browser which shows what's been downloaded so far regardless of formatting and layout ?

    - by Mick
    Every now and then a website becomes super-slow (but not broken) because there are too many people looking at it at the same time. When I try and view such a site, say with Firefox, I can see that it is downloading all sorts of components of the site because of the progress information printed at the bottom of the window and I'm sitting there thinking "If only the browser would show me what it's got so far. I don't care if its a jumbled mess, I just want to see what you've got". Does any browser offer such an option?

    Read the article

  • How long does it take for a server to get 'off greylisting'

    - by Michael
    Hi all, I asked a question regarding email delays a few months ago, and I think I found a workaround. I changed our email from "[email protected]" to "[email protected]", and it seems to work instantly again. After reading some articles, I believe this could be due to some form of greylisting, though some servers might call it something else -- if a server like yahoo or gmail receive email from a server that it is not used to receiving email from, then sometimes the delay occurs. But a name such as yahoo, gmail, which requires a user to sign up manually -- this delay can be avoided. My question is this: does anyone know more about this issue -- especially since it would be nice to send an email from our own site, instead of needing to use a whitelisted server? Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 405 406 407 408 409 410 411 412 413 414 415 416  | Next Page >