How to allow short tags in php with apache
- by user41998
Hi guys, how can I allow apache to use
'<?'
Now it understands only
'<?php'
Search Results
Search found 43347 results on 1734 pages for 'php security'.
Page 94/1734 | < Previous Page | 90 91 92 93 94 95 96 97 98 99 100 101 | Next Page >
-
-
How to get started setting up IP security cameras
- by dave
I have just finished renovating my house. As part of the job, I have cat6 cable run through the house, including two external plugs. All cables terminate in the same location. My rough plan is to plug two IP cameras to monitor the front and rear, run POE from a central router to the two external cameras, plug my PC into the same router and run magic software X. Any machine plugged into the router or wirelessly connection should then be able to get a live feed and alerts based on motion detection. That's the plan, but I'm not sure how possible it is. What hardware to get and what monitoring software to get. Has anyone does something similar? What were your experiences?Read the article
-
Top ten security tips for non-technical users
- by Justin
I'm giving a presentation later this week to the staff at the company where I work. The goal of the presentation is to serve as a refresher/remidner of good practices that can help keep our network secure. The audience is made up of both programmers and non-technical staff, so the presentation is geared for non-technical users. I want part of this presentation to be a top list of "tips". The list needs to be short (to encourage memory) and be specific and relevant to the user. I have the following five items so far: Never open an attachment you didn't expect Only download software from a trusted source, like download.com Do not distribute passwords when requested via phone or email Be wary of social engineering Do not store sensitive data on an FTP server I have two questions: Do you suggest any additional items? Do you suggest any changes to existing items?Read the article
-
Security and encryption with OpenVPN
- by Chris Tenet
The UK government is trying to implement man-in-the-middle attack systems in order to capture header data in all packets. They are also equipping the "black boxes" they will use with technology to see encrypted data (see the Communications Data Bill). I use a VPN to increase my privacy. It uses OpenVPN, which in turn uses the OpenSSL libraries for encrypting data. Will the government be able to see all the data going through the VPN connection? Note: the VPN server is located in Sweden, if that makes a difference.Read the article
-
unable to properly execute binaries from PHP
- by Lowgain
I was building an app on a SUSE box, and had a binary called create_group for instance, which had a suid bit and allowed my PHP app to call exec('create group grpname'); and create a new group (there are others for users, etc). The binary was a small c script that calls setuid(0) and then runs the user creation stuff. This worked perfectly on the SUSE box I recently moved my project to Ubuntu and everything works fine except these binaries. I can run them from the shell and they work okay, but when I get the PHP app to run them it just does nothing. Is there anything Ubuntu would be doing differently that I'm missing?Read the article
-
CGI error from PHP when running exec() on IIS
- by Patrick
Windows Server 2003 x64 PHP 5.2 IIS 6.0 The program Ink2Png.exe is set with Everyone-Read and Execute permissions. As does its dependency (microsoft.ink.dll) PHP Safe Mode is off exec() is passed [the full exe path], space, [full path to another file] This other file also has full read permissions. The output directory has full write permissions. As soon as exec() is hit, the connection dies, the browser does not even receive a full set of http headers, and it reports a CGI error. Examining the output, it appears the program was not even run. Any ideas? How can I figure out what exactly is happening and get it running again? EDIT: Also, it is a .NET application, if that is significant in any way.Read the article
-
tools to check password security
- by tombull89
Hello again. I'm after a tool to test how long a password could stand up to a hacking/cracking technique such as brute force as two passwords that are critical to a work system is one word that is in the dictionary, and another is a word in the dictionary with a capital letter and a number instead of a letter. I'd prefer it to be offline and free that you can run on a computer to see how long the password will hold out. Maybe even at the windows login prompt but I realise such programmes may be shady and erring on the side of illegal. Anybody have any suggestions?Read the article
-
Should I impersonate PHP via FastCGI?
- by AKeller
I am installing the latest version of PHP onto IIS 7.5 via FastCGI, and all of the instructions say that FastCGI should impersonate the calling client by setting fastcgi.impersonate = 1 If my website will have this configuration dedicated application pool application pool identity of ApplicationPoolIdentity anonymous authentication only (as IUSR) why do I want to impersonate? I come from an ASP.NET background, where the IUSR gets read-only permissions and the application pool identity gets any write permissions. Giving write access to the IUSR usually opens the door for WebDAV vulnerabilities. So I hesitate to let PHP run as the IUSR. I can't find many people asking this question (1 | 2) so I think I must be missing something. Can someone clarify this for me?Read the article
-
How do I troubleshoot mysql and php?
- by Joshua Moore
PHP works, mysql works, but when I call mysql_connect, nothing happens. What can I do?Read the article
-
Security: Unable to display current owner
- by Jim McKeeth
I have a user with local administrative rights on their Windows 7 64-bit box. They extracted a file from a zip file they downloaded with the Zip shell extension to their desktop on a non-encrypted or compressed NTFS volume. Unfortunately they cannot open it. I tried to take ownership of it and it just reports "Access is Denied" and for the current owner it reports "Unable to display current owner." At this point the file cannot be deleted, executed or modified. I have actually seen this exact same happen in Vista before, but I can't for the life of me remember how to fix it. Any ideas how it happened or how to fix it? I'd be happy just to delete it without a format at this point.Read the article
-
Security Restrictions Downloading From the Internet
- by Cyper
Hi, For some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. CheersRead the article
-
PHP MAMP email stopped sending
- by Kyle Parisi
I'm working on a simple registration email. I'm using MAMP (free) with PHP. I was getting emails from my code before. Now I get nothing. Here is a test code that doesn't send the email either. <?php $to = "[email protected]"; $subject = "Hi!"; $body = "Hi,\n\nHow are you?"; if (mail($to, $subject, $body)) { echo("<p>Message successfully sent!</p>"); } else { echo("<p>Message delivery failed...</p>"); } ?> What might have changed? I read that perhaps my ISP blocked sending emails? How do I find out?Read the article
-
problem with mysql and php
- by Joshua Moore
PHP works, mysql works, but when I call mysql_connect, nothing happens. What can I do?Read the article
-
windows 2008 R2 TS printer security - can't take owership
- by Ian
I have a Windows 2008 R2 server with Terminal server role installed. I'm seeing a problem with an ordinary user who is member of local printer operators group on the server. If the user opens a cmd window using ‘run as administrator’ they can run printmanager.msc without needing to enter their password again. In printmanager they can change the ownership of redirected (easy print) printers without problems. If, from the same cmd window, they use subinacl to try and change the onwership of the queue to themselves they get access denied: >subinacl.exe /printer "_#MyPrinter (2 redirected)" /setowner="MyDom\MyUsr" Elapsed Time: 00 00:00:00 Done: 1, Modified 0, Failed 1, Syntax errors 0 Last Done : _#MyPrinter (2 redirected) Last Failed: _#MyPrinter (2 redirected) - OpenPrinter Error : 5 Access denied so, same context, same action but one works and one doesn't. Any ideas for this odd behaviour? I'm using subinacl x86 on an x64 server as I can't find anything more up to date. I've tried with icacls and others but couldn't get them to do anything with printers.Read the article
-
solr Security help
- by Camran
I have solr setup with Jetty on my Ubuntu server. On any computer now, I can type my_ip:8983/solr/ and the page will show upp to anybody. How can I disable this so that only I can access that port and the solr admin? ThanksRead the article
-
Apache Request IP Based Security
- by connec
I run an Apache server on my home system that I've made available over the internet as I'm not always at my home system. Naturally I don't want all my home server files public, so until now I've simply had: Order allow, deny Deny from all Allow from 127.0.0.1 in my core configuration and just Allow from all in the htaccess of any directories I wanted publicly viewable. However I've decided a better system would be to centralise all the access control and just require authentication (HTTP basic) for requests not to 127.0.0.1/localhost. Is this achievable with Apache/modules? If so how would I go about it? Cheers.Read the article
-
Strange PHP output buffering
- by radek-k
PHP: header('Content-type: text/plain'); for ($i=0; $i<10; $i++){ echo "$i\r\n"; ob_flush(); flush(); sleep(1); } I tried script above on 2 different servers. Both respond numbers 0...9 in every line. In case of first server each number is received every second. In case of second server there is no output for 10 seconds and entire output is displayed at once. What might be wrong int second case? I tried various uutput control Functions but it didn't help. Set of response headers in both cases is pretty much the same: HTTP/1.1 200 OK Date: Mon, 03 Jan 2011 19:21:21 GMT Server: Apache X-Powered-By: PHP/5.2.14 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/plainRead the article
-
Ubuntu Server Edition (Jaunty) x64 Segmentation faults in PHP mysql package
- by Deeksy
I've been running Jaunty with Apache2, PHP & MySQL running drupal websites as well as python 2.6 and trac on the same server. I'm getting quite a few segmentation faults and suhosin warnings on my drupal websites which don't seem to be related to the amount of RAM the server has (3GB) as the trac site is running happily without issues. The issue seems to be related to PHP accessing mysql and I'm getting suhosin warnings. Has anyone else seen this problem? Any ideas on how to fix it? Funnily enough, it's not a consistent error, as restarts tend to fix the issue temporarily.Read the article
-
File permissions on web server
- by plua
I have just read this useful article on files permissions, and I am about to implement a as-strict-as-possible file permissions policy on our webserver. Our situation: we have a web server accessed through sftp by different users from within our company, and we have the general public accessing Apache - sometimes uploading files through PHP. I distinguish folders and files by their use. So based on this reading, here is my plan: All people who need to upload files will have separate users. But all of those users will belong to two groups: uploaders, and webserver. Apache will belong to the group webserver. Directories Permission: 771 Owner: user:uploaders Explanation: to access files in the folder, everybody needs to have execute permission. Only uploaders will be adding/removing files, so they also get r+w permission. Files within the web-root Permission: 664 Owner: user:uploaders Explanation: they will be uploaded and changed by different users, so both owner and group need to have w+r permissions. Webserver needs to only read files, so r permission only. Upload-directories Permission: 771 Owner: user:webserver Explanation: when files need to be uploaded, Apache needs to be able to write to this directory. But I figure it is safer to change the owner to webroot, thus giving Apache sufficient privileges (and all uploaders also belong to this group and will have the same permissions), while safeguarding from "others" writing to this folder. Uploaded files Permission: 664 Owner: user:webserver Explanation: after uploading Apache might need to delete files, but this is no problem because they have w+r permission of the folder. So no need to make this file any more accessible than r access for group. Being not an expert on file permissions, my question is whether or not this is the best possible policy for our situation? Any suggestions welcome.Read the article
-
Some $_SERVER parameters missing when accessing PHP script via Cron
- by Jakobud
I have a script that I need to run with PHP via cron. The original author of the script made a lot of user of certain $_SERVER parameters (like REQUEST_URI). But it appears that certain variables don't exist when running PHP via command line or via CRON. For example, there is no request uri, so it makes sense that the REQUEST_URI parameter wouldn't be available. Is there any way around this other than to completely rewrite the script in order to avoid using special $_SERVER parameters that aren't universally available?Read the article
-
Whats the best way to deal with backups for my php/mysql application
- by spirytus
I'm creating php application for my client and now thinking what would be the best way to do backups, automatically if possible? I don't have much experience in this area and in case something goes wrong, or if I need to migrate, I would like to have fast way of getting it all back online. I understand "something goes wrong" is a very wide term, but lets say that someone hacks my site and wipes out database and all the files. My app. is written in php/mysql and I got access to cpanel (hosted with justhost.com if that makes any difference :). I used Joomla and it has JoomlaPack that does complete backup almost automatically and in case site fails, its easy to revert, or migrate if necessary. Is there anything like that for my configuration that would make reverting/migration, easy?Read the article
-
Security Restrictions Downlaodeding From the Internet
- by Cyper
Hi, for some reason since we rolled out IE7 to the estate users are unable to download from the Internet, they get an error message "the operation could not be completed due to restrictions on the computer" I have checked the GPO and it allows downloads in the Default domain policy. I am I missing something in GPO or is this problem with IE7. Any help would be much appreciated. CheersRead the article
-
Installing a personal security certificate for Windows Server 2008 Terminal Services user
- by Rick
We use StoneEdge Order Manager, which runs under Microsoft Access, on several Windows computers as well as through Terminal Services on Windows Server 2008. Terminal Services users are unable to process credit cards using the First Data Global Gateway on the server. We have followed the necessary setup instructions provided under the user account, which involves adding a certificate in the Internet Options control panel. The Windows XP desktops require this to be done, or a generic 'unable to connect' message is shown when attempting to charge a card. On the server, this message is shown regardless of whether the certificate has been installed. Is there anything else that needs to be done that is specific to Windows Server that is not mentioned in the workstation instructions? Setup InstructionsRead the article
-
Linux PHP web server horribly slow when accessed from any windows browser
- by Ed Harcourt
I have a Linux server (Ubuntu 10.04) running apache2 and PHP. Everything runs fine when accessing a page from any browser from another Linux machine or Mac. But when I try to access a page from any combination of Windows machine and browser I get about a 30 second delay before the page comes back. Accessing a plain old HTML file from the Windows browser runs lickity split. So it seems to be just PHP. MySQL is installed but a simple test page that uses no MySQL is still slow. I don't think it is DNS because if I hard code the IP address in the URL nothing changes. There doesn't seem to be anything in the log files that I can tell. What could be causing this behavior on Windows clients?Read the article
-
I can't see wordpress .php file?
- by Alegro
I installed WAMP server on win xp - it works. I installed Wordpress 3.4.2 into www.wordpress - no problem. In Dreamweaver CS5 I created a site with www.wordpress as root folder, and assigned a local test server - ok. In Dreamweaver, I opened twentyten theme - index.php - and pressed F12 to see the page in Firefox - and got: Fatal error: Call to undefined function get_header()... - on line 16 This is a completely new and clear wordpress installation. Why is the function (get_header) - undefined? To check the server I copied another .php file into the same folder - F12 - it works.Read the article
