Search Results

Search found 8408 results on 337 pages for 'cgi bin'.

Page 141/337 | < Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148 | Next Page >

Can PHP be run in Apache via mod_php and mod_fcgi side by side?

- by Mario Parris

I have an existing installation of Apache (2.2.10 Windows x86) using mod_php and PHP 5.2.6. Can I run another site in a virtual host using FastCGI and a different version of PHP, while stilling running the main site in mod_php? I've made an attempt, but when I add my FCGI settings to the virtual host container, Apache is unable to restart. httpd.conf mod_php settings: LoadModule php5_module "C:\PHP\php-5.2.17-Win32-VC6-x86\php5apache2_2.dll" AddHandler application/x-httpd-php .php PHPIniDir "C:\PHP\php-5.2.17-Win32-VC6-x86" httpd-vhosts.conf fastcgi settings: <VirtualHost *:80> DocumentRoot "C:/Inetpub/wwwroot/site-b/source/public" ServerName local.siteb.com ServerAlias local.siteb.com SetEnv PHPRC "C:\PHP\php-5.3.5-nts-Win32-VC6-x86\php.ini" FcgidInitialEnv PHPRC "C:\PHP\php-5.3.5-nts-Win32-VC6-x86" FcgidWrapper "C:\PHP\php-5.3.5-nts-Win32-VC6-x86\php-cgi.exe" .php AddHandler fcgid-script .php </VirtualHost> <Directory "C:/Inetpub/wwwroot/site-b/source/public"> Options Indexes FollowSymLinks Includes ExecCGI AllowOverride All Order allow,deny Allow from all </Directory>

Read the article
nginx: php-fastcgi running but php files not executing

- by Daniel

I have recently set up a nginx server with PHP running as FastCGI process. The server is running with HTML files however PHP files are downloading instead of displaying and PHP code is not processed. This is what I have in nginx.conf: server { listen 80; server_name pubserver; location ~ \.php$ { root /usr/share/nginx/html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name; include fastcgi_params; } } The command netstat -tulpn | grep :9000 displays the following which indicates php-fastcgi is running and listening on port 9000: tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 2663/php-cgi If it's if any importance my server is running on CentOS 6 and I installed nginx and PHP using the repositories from The Fedora Project.

Read the article
CPanel - How to stop Apache from running as root user?

- by ambu

<?php echo `whoami`; ?> So this is returning 'root' and I don't know how to prevent it. I'm using WebHost Manager / CPanel which is supposed to create multiple users/vhosts and have Apache spawn it's process as that user/group. This isn't happening. If I login to WHM and open the PHP and SuExec Configuration section, my settings are: Default PHP Version (.php files) 5 PHP 5 Handler cgi PHP 4 Handler none Apache suEXEC on What's wrong? How can I get Apache to run as the correct user rather than root?

Read the article
apache proxypass to webmin

- by Ricardo

I have a problem with apache2 webmin redirect. My ProxyPass is: ProxyRequests Off ProxyPreserveHost On SSLProxyEngine On ProxyPass /admin/webmin/ https://localhost:10000/ ProxyHTMLURLMap https://localhost:10000 /admin/webmin <Location /admin/webmin/> ProxyHTMLExtended On SetOutputFilter proxy-html ProxyPassReverse https://localhost:10000/ ProxyPassReverse https://xxxxxxxxxxxxxxxxxxxx.amazonaws.com:10000/ Order allow,deny Allow from all </Location> When I connect using https://xxxxxxxxxxxxxxxxxxxx.amazonaws.com:10000/ there is no problem. But when I connect use https://xxxxxxxxxxxxxxxxxxxx.amazonaws.com/admin/webmin the page lost css and after login show me the error: The requested URL /session_login.cgi was not found on this server. I think is an error with my ProxyPass but I don´t know what is.

Read the article
Apache suEXEC execute script on user dir basis?

- by Blame

Iam looking for a way to run a script with different users. I dont want to hardcode the users in the config... and I found some information that it should be possible that the user goes to... lets say: Code: http://localhost/~user1/myscript.cgi and the script gets executes as user 'user1'. Does anybody know if that is possible? If not, do I have to make a new vhost config for every user? Thanks a lot! Greets, Kodak

Read the article
Linux - Create ftp account with read/write access to only 1 folder

- by Gublooo

Hey guys.... I have never worked on linux and dont plan on working on it either - The only command I probably know is "ls" :) I am hosting my website on Eapps and use their cpanel to setup everything so never worked with linux. Now I have this one time case - where I need to provide access to a contractor to fix the CSS issues on my website. He basically needs FTP (read/write) access to certain folders. At a high level - this is my code structure /home/webadmin/example.com/html/images /css /js /login.php /facebook.php /home/webadmin/example.com/application/library /views /models /controllers /config /bootstrap.php /home/webadmin/example.com/cgi-bin I want the new user to be able to have access to only these folders /home/webadmin/example.com/html/js /home/webadmin/example.com/html/css /home/webadmin/example.com/application/views He should not be able to view even the content of other folders including files like bootstrap.php or login.php etc If any sys admins can help me set this account up - will really appreciate it. Thanks

Read the article
Linux - Create ftp account with read/write access to only 1 folder

- by Gublooo

Hey guys.... I have never worked on linux and dont plan on working on it either - The only command I probably know is "ls" :) I am hosting my website on Eapps and use their cpanel to setup everything so never worked with linux. Now I have this one time case - where I need to provide access to a contractor to fix the CSS issues on my website. He basically needs FTP (read/write) access to certain folders. At a high level - this is my code structure /home/webadmin/example.com/html/images /css /js /login.php /facebook.php /home/webadmin/example.com/application/library /views /models /controllers /config /bootstrap.php /home/webadmin/example.com/cgi-bin I want the new user to be able to have access to only these folders /home/webadmin/example.com/html/js /home/webadmin/example.com/html/css /home/webadmin/example.com/application/views He should not be able to view even the content of other folders including files like bootstrap.php or login.php etc If any sys admins can help me set this account up - will really appreciate it. Thanks

Read the article
Linux - Create ftp account with read/write access to only 1 folder

- by Gublooo

Hey guys.... I have never worked on linux and dont plan on working on it either - The only command I probably know is "ls" :) I am hosting my website on Eapps and use their cpanel to setup everything so never worked with linux. Now I have this one time case - where I need to provide access to a contractor to fix the CSS issues on my website. He basically needs FTP (read/write) access to certain folders. At a high level - this is my code structure /home/webadmin/example.com/html/images /css /js /login.php /facebook.php /home/webadmin/example.com/application/library /views /models /controllers /config /bootstrap.php /home/webadmin/example.com/cgi-bin I want the new user to be able to have access to only these folders /home/webadmin/example.com/html/js /home/webadmin/example.com/html/css /home/webadmin/example.com/application/views He should not be able to view even the content of other folders including files like bootstrap.php or login.php etc If any sys admins can help me set this account up - will really appreciate it. Thanks

Read the article
taskmgr.exe - Wrong Volume

- by bcasp

The other day my girlfriend used my computer to use one of those additional resource CD's that come with text books. This particular CD worked by acting like what seemed like a web server that hosted a site that the student is supposed to use (cgi-bin, python scripts...the whole deal). Today, I opened task manager to shut down some rogue IE's and got the following in an error popup with the title taskmgr.exe - Wrong Volume and Cancel/Try Again/Continue buttons: The wrong volume is in the drive. Please insert volume DosageCalc into drive D: (FYI: DosageCalc = nursing student) Clicking Cancel or Continue lets me continue to task manager. The CD hasn't been in the drive for days and I've used it since then with no problems. Where could task manager be holding onto this reference? My guess would be the registry somewhere...but I don't even know where to begin looking.

Read the article
Apache and fastcgi - How to secure an Apache server with fastcgi enabled?

- by skyeagle

I am running a headless server on Ubuntu 10.x. I am running Apache 2.2. I am writing a fastcgi application for deployment on the server. I remember reading a while back (I could be wrong) that running CGI (and by implication fastcgi) on a server, can provide 'backdoors' for potential attackers - or at the very least, could compromise the server if certain security measurements are not taken. My questions are: what are the security 'gotcha's that I have to be aware of if I am enabling mod_fastcgi on my Apache server? I want to run the fastcgi as a specific user (with restricted access) how do I do this?

Read the article
Why is APC (PHP Accelerator) Only caching apc.php?

- by amvx

I installed PHP5,APC and XDEBUGGER with the install script found here: Dreamhost PHP+APC Install Instructions/Script All systems seem to be working... except... I added the apc.php to see the caching stats of APC (GUI Interface), and it showed that only apc.php file was being cached despite having installed wordpress and prestashop under the same domain, installing and running those php scripts. I wonder if I did something wrong... but my php5 is running as a cgi/fastcgi. I think I might have read somewhere about there being some issue with this. Not sure. Any help is of coursed appreciated.

Read the article
Security issues of running PHP scripts as the owner of the PHP file with suexec

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web server can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
Running PHP scripts as the owner of the PHP file: security issues

- by thomasrutter

I'm using suexec to ensure that PHP scripts (and other CGI/FastCGI apps) are run as the account holder associated with the relevant virtual host. This allows for securing each users' scripts from reading/writing by other users. However, it occurs to me that this opens up a different security hole. Previously, the web server ran as an unprivileged user, with read-only access to user's files (unless the user changed the file permissions for some reason). Now, the web user can also write to user's files. So while I've prevented different users taking advantage of each other's scripts, I've made it so that in the event that some application has a remote code injection vulnerability, it now has not only read access but also write access to all that user's scripts and website. How can I deal with this? One idea I've had is to create a second user account for each user account in the system, so that each user has their own user account, and all their scripts are run under another user account. But that seems cumbersome.

Read the article
Windows 2008 IIS 7 PHP Caching / Blank Page Problems?

- by darkAsPitch

I don't even know how to explain this. The only thing I can think is 'why am I working with a windows server?' I am renting a dedicated 1and1 server - I installed PHP myself - with fast CGI and caching (pretty sure I checked OK on something about dynamic caching for PHP when I installed it.) Every few hours of intensive php processing - my pages start locking up - usually just showing blank pages - with no errors whatsoever. Just now, I checked a page - let's call it a.php - and it was showing the results of b.php - I thought I had been hacked! Simply restarting the IIS server however, fixes the problem. Any ideas / help / knowledge on similar problems with windows 2008?

Read the article
Can not run ifconfig like commands via browser

- by savruk

Problem is I cannot run "ifconfig" or similar commands via browser. Environment: Programming language : python Server : lighttpd(CGI) , running on busybox. Well machine is really small and so I am really restricted. Tried techniques: chown every script to root. But there is no differences. Why? Because lighttpd runs under another user, I mean not under root. As it is not root, when I try to run script from browser it always calls the python file with its uid. So it makes it impossible to run "ifconfig eth0 192.168.2.123" like commands via web browser. I get "ifconfig: SIOCSIFADDR: Permission denied" error. What can I do? I do not have any sudoers file, so cannot modify sudo command. Well, I don't even have "sudo" command :) Thanks for your help

Read the article
Nginx no static files after update

- by SomeoneS

First, i must say that i am not expert in server administration, my site was setup by hosting admins (that i cannot contact anymore). Few days ago, i updated Nginx to latest version (admin told me that it is safe to do). But after that, my site serves only html content, no CSS, images, JS. If i try to open some image i get message "Wellcome to Nginx" (same thin if i try to open static.mysitedomain.com). More details: Site has static. subdomain, but static files are in same directory as they used to be before setting up static files. I was googling for some solutions, i tried to change something in /etc/nginx/, but no luck. I feel that this is some minor configuration problem, any ideas? EDIT: Here is /etc/nginx/nginx.conf file content: user www-data; worker_processes 4; pid /var/run/nginx.pid; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; # gzip_vary on; # gzip_proxied any; # gzip_comp_level 6; # gzip_buffers 16 8k; # gzip_http_version 1.1; # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; ## # nginx-naxsi config ## # Uncomment it if you installed nginx-naxsi ## #include /etc/nginx/naxsi_core.rules; ## # nginx-passenger config ## # Uncomment it if you installed nginx-passenger ## #passenger_root /usr; #passenger_ruby /usr/bin/ruby; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } Here is /etc/nginx/sites-enabled/default file content: server { #listen 80; ## listen for ipv4; this line is default and implied #listen [::]:80 default ipv6only=on; ## listen for ipv6 root /usr/share/nginx/www; index index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to index.html try_files $uri $uri/ /index.html; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; deny all; } # Only for nginx-naxsi : process denied requests #location /RequestDenied { # For example, return an error code #return 418; #} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /usr/share/nginx/www; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # fastcgi_split_path_info ^(.+\.php)(/.+)$; # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # # # With php5-cgi alone: # fastcgi_pass 127.0.0.1:9000; # # With php5-fpm: # fastcgi_pass unix:/var/run/php5-fpm.sock; # fastcgi_index index.php; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # root html; # index index.html index.htm; # # location / { # try_files $uri $uri/ /index.html; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # # root html; # index index.html index.htm; # # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # # ssl_session_timeout 5m; # # ssl_protocols SSLv3 TLSv1; # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; # ssl_prefer_server_ciphers on; # # location / { # try_files $uri $uri/ /index.html; # } #}

Read the article
WINEHQ - wine_gecko won't init - HTML Rendering disabled

- by Nick

Hello Super Users, I'm currently trying to get a windows compiled program to work through Wine to run on Linux and MacOSX. When I run the program through wine, it prompts me to install Gecko which I do. Later on in the program, it attempts to use MSHTML to render HTML but I get these error messages on my console instead. err:mshtml:init_xpcom NS_InitXPCOM2 failed: 80004005 err:mshtml:HTMLDocument_Create Failed to init Gecko, returning CLASS_E_CLASSNOTAVAILABLE fixme:ole:CoCreateInstance no instance created for interface {00000000-0000-0000-c000-000000000046} of class {25336920-03f9-11cf-8fd0-00aa00686f13}, hres is 0x80040111 I'm using Wine 1.1.34 and a similar bug was supposedly fixed in 1.1.33 http://bugs.winehq.org/show_bug.cgi?id=12578 I've been at this all afternoon, is there anything I'm missing? Thanks, Nick

Read the article
Updating PHP on a Plesk managed Server

- by mblaettermann

I just updated PHP and MySQl on my VPS with the current Versions from Atomic Repo. Everything worked out fine so far. From console I get the new PHP 5.3: [root@server phpMyAdmin]# php -v PHP 5.3.16 (cli) (built: Aug 20 2012 11:18:05) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies with the ionCube PHP Loader v4.0.5, Copyright (c) 2002-2011, by ionCube Ltd. But through Apache I still get the old version (5.1.6). The server is running some old version of crappy Plesk Panel. That gives me the option to choose between Apache Modul, fCGI and CGI-BIN. Any hints, how to update apache, so it will use the new PHP Version? EDIT: I just needed to restart httpd (/etc/init.d/httpd restart)

Read the article
How to install latest version of imagick on centos 5.8 64bit using bash

- by user57221

How can I download and install latest version of imagick on centos 5.8 64bit using bash for php 5.4. >yum info php Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.ellogroup.com * epel: mirror01.th.ifl.net * extras: mirror.ellogroup.com * updates: mirror.ellogroup.com Installed Packages Name : php Arch : x86_64 Version : 5.4.3 Release : 1.el5.remi Size : 8.8 M Repo : installed Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) URL : http://www.php.net/ License : PHP Description: PHP is an HTML-embedded scripting language. PHP attempts to make it : easy for developers to write dynamically generated webpages. PHP also : offers built-in database integration for several commercial and : non-commercial database management systems, so writing a : database-enabled webpage with PHP is fairly simple. The most common : use of PHP coding is probably as a replacement for CGI scripts. : : The php package contains the module which adds support for the PHP : language to Apache HTTP Server.

Read the article
WIndows Emacs Keybinding

- by Josh

I know this is not a Windows site, so my apologies. I use Ubuntu all day, every day, and have finally convinced my buddy to try it. He is on Windows 7, so we installed this: http://www.ourcomments.org/cgi-bin/emacsw32-dl-latest.pl . It seems to be working great, but when he hits C-p ( prev. line ) it is trying to print the page for some reason. So, 2 questions. Is there a way to make it stop that, and is there a way to just run it from the command line, or without all of the fancy mouse stuff? Essentially as --no-windows? Thanks!

Read the article
Apache+FastCGI Timeout Problem

- by Sadjad Fouladi

Hi all. I've recently installed mod_fastcgi and Apache 2.2. I've a simple cgi script as below (test.fcgi): #!/bin/sh echo sadjad But when I invoke "mysite.com/test.fcgi" I see "Internal Server Error" message after a short period of time. The error.log file shows this error message: [Tue Jan 31 22:23:57 2006] [warn] FastCGI: (dynamic) server "~/public_html/oaduluth/dispatch.fcgi" has failed to remain running for 30 seconds given 3 attempts, its restart interval has been backed off to 600 seconds This is my .htaccess file: AddHandler fastcgi-script .fcgi RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ django.fcgi/$1 [QSA,L] I'm very confused, please help me! [Sorry for my poor English!]

Read the article
Fine-tuning a LNMP stack

- by Norman

I'm in the process of setting up a server with 4GB RAM and 2 CPUs. The stack will be CentOS + NGINX + MySQL + PHP (with APC) and spawn-fcgi. It will be used to serve 10 Wordpress blogs, 3 of which receive about 20,000 hits per day. Each Wordpress instance is equipped with the W3 TotalCache. I have a few variables to play with: NGINX (How many worker_processes, worker_connections, etc) PHP (What parameters in php.ini should I change? What about apc?) Spawn-fcgi (Right now I have 6 php-cgi spawned. How many of them should I have?) I realize it's hard to tell without testing, but if you could please provide me with some ballpark numbers, that would be helpful too.

Read the article
YSLow says certain CSS are not gzipped

- by rhand

YSlow keeps on telling me files like http://www.example.com/wp-content/plugins/q-and-a/css/q-a-plus.css?ver=1.0.6.2 are not gzipped while the gzip test tool at Feed the Bot mentions I am all good: Compressed? Yes Compression type gzip Page size (Bytes) 32,493 Compressed size (Bytes) -1 Saving (Bytes) 32,494 Compression % 100% I added this to my .htaccess: # Gzip <ifModule mod_gzip.c> mod_gzip_on Yes mod_gzip_dechunk Yes mod_gzip_item_include file .(html?|txt|css|js|php|pl)$ mod_gzip_item_include handler ^cgi-script$ mod_gzip_item_include mime ^text/.* mod_gzip_item_include mime ^application/x-javascript.* mod_gzip_item_exclude mime ^image/.* mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.* </ifModule> #Deflate <ifmodule mod_deflate.c> AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript </ifmodule> The header for the file mentioned states: CF-Cache-Status MISS CF-RAY 13945df90a9a0c1d-AMS Cache-Control public, max-age=2592000 Connection keep-alive Content-Encoding gzip Content-Type application/javascript Date Thu, 12 Jun 2014 07:34:38 GMT Expires Sat, 12 Jul 2014 07:34:38 GMT Last-Modified Thu, 21 Feb 2013 01:29:18 GMT Server cloudflare-nginx Transfer-Encoding chunked Vary Accept-Encoding Any ideas what I am missing here?

Read the article
Router 2wire, Slackware desktop in DMZ mode, iptables policy aginst ping, but still pingable

- by skriatok

I'm in DMZ mode, so I'm firewalling myself, stealthy all ok, but I get faulty test results from Shields Up that there are pings. Yesterday I couldn't make a connection to game servers work, because ping block was enabled (on the router). I disabled it, but this persists even due to my firewall. What is the connection between me and my router in DMZ mode (for my machine, there is bunch of others too behind router firewall)? When it allows router affecting if I'm pingable or not and if router has setting not blocking ping, rules in my iptables for this scenario do not work. Please ignore commented rules, I do uncomment them as I want. These two should do the job right? iptables -A INPUT -p icmp --icmp-type echo-request -j DROP echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all Here are my iptables: #!/bin/sh # Begin /bin/firewall-start # Insert connection-tracking modules (not needed if built into the kernel). #modprobe ip_tables #modprobe iptable_filter #modprobe ip_conntrack #modprobe ip_conntrack_ftp #modprobe ipt_state #modprobe ipt_LOG # allow local-only connections iptables -A INPUT -i lo -j ACCEPT # free output on any interface to any ip for any service # (equal to -P ACCEPT) iptables -A OUTPUT -j ACCEPT # permit answers on already established connections # and permit new connections related to established ones (eg active-ftp) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Gamespy&NWN #iptables -A INPUT -p tcp -m tcp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 6667 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 28910 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29900 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29901 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29920 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p udp -m udp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 6500 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27900 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27901 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 29910 -j ACCEPT # Log everything else: What's Windows' latest exploitable vulnerability? iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT" # set a sane policy: everything not accepted > /dev/null iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # be verbose on dynamic ip-addresses (not needed in case of static IP) echo 2 > /proc/sys/net/ipv4/ip_dynaddr # disable ExplicitCongestionNotification - too many routers are still # ignorant echo 0 > /proc/sys/net/ipv4/tcp_ecn #ping death echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all # If you are frequently accessing ftp-servers or enjoy chatting you might # notice certain delays because some implementations of these daemons have # the feature of querying an identd on your box for your username for # logging. Although there's really no harm in this, having an identd # running is not recommended because some implementations are known to be # vulnerable. # To avoid these delays you could reject the requests with a 'tcp-reset': #iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset #iptables -A OUTPUT -p tcp --sport 113 -m state --state RELATED -j ACCEPT # To log and drop invalid packets, mostly harmless packets that came in # after netfilter's timeout, sometimes scans: #iptables -I INPUT 1 -p tcp -m state --state INVALID -j LOG --log-prefix \ "FIREWALL:INVALID" #iptables -I INPUT 2 -p tcp -m state --state INVALID -j DROP # End /bin/firewall-start Active ruleset: bash-4.1# iptables -L -n -v Chain INPUT (policy DROP 38 packets, 2228 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 844 542K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 38 2228 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 38 2228 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1158 111K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Active ruleset: (after editing iptables into below sugested form) bash-4.1# iptables -L -n -v Chain INPUT (policy DROP 2567 packets, 172K bytes) pkts bytes target prot opt in out source destination 49 4157 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 412K 441M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2567 172K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `FIREWALL:INPUT' 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 312K packets, 25M bytes) pkts bytes target prot opt in out source destination ping and syslog simultaneous screenshots from phone (pinger) and from laptop (being pinged) http://dl.dropbox.com/u/4160051/slckwr/pingfrom%20mobile.jpg http://dl.dropbox.com/u/4160051/slckwr/tailsyslog.jpg

Read the article
Enabling mod_fcgid results in 403

- by laggingreflex

I have an EasyPHP 12.1 setup (latest) on Windows 7x64 and I'm trying to enable mod_fcgid for PHP. I have added the following in my httpd.conf Include conf/extra/httpd-vhosts.conf LoadModule fcgid_module modules/mod_fcgid.so FcgidInitialEnv PHPRC "C:\progra~2\EasyPHP-12.1\php\php546x121028092509" AddHandler fcgid-script .php FcgidWrapper "C:\progra~2\EasyPHP-12.1\php\php546x121028092509/php-cgi.exe" .php and Options ExecCGI Indexes FollowSymLinks under <Directory "${path}/www"> I've made sure the paths are all good and set permissions on the entire C:\progra~2\EasyPHP-12.1 and my www root to Everyone - Allow All. Yet I still get 403 on all server(localhost) requests. Along with Apache/2.4.2 (Win32) PHP/5.4.6 mod_fcgid/2.3.7 so I know mod_fcgid is enabled and is causing the 403. Commenting out the above lines from httpd.conf makes it work again but is slower than death (which is why I wanted mod_fcgid). What could I be doing wrong?

Read the article

< Previous Page | 137 138 139 140 141 142 143 144 145 146 147 148 | Next Page >