Search Results

Search found 16455 results on 659 pages for 'hosts allow'.

Page 179/659 | < Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186 | Next Page >

Restricting access to one controller of an MVC app with Nginx

- by kgb

I have an MVC app where one controller needs to be accessible only from several ips(this controller is an oauth token callback trap - for google/fb api tokens). My conf looks like this: geo $oauth { default 0; 87.240.156.0/24 1; 87.240.131.0/24 1; } server { listen 80; server_name some.server.name.tld default_server; root /home/user/path; index index.php; location /oauth { deny all; if ($oauth) { rewrite ^(.*)$ /index.php last; } } location / { if ($request_filename !~ "\.(phtml|html|htm|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|xlsx)$") { rewrite ^(.*)$ /index.php last; break; } } location ~ \.php$ { fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } } It works, but does not look right. The following seems logical to me: location /oauth { allow 87.240.156.0/24; deny all; rewrite ^(.*)$ /index.php last; } But this way rewrite happens all the time, allow and deny directives are ignored. I don't understand why...

Read the article
When using ssh with priv/pub keys, how to connect to the destination using a user different from the origin machine?

- by lpacheco

I need to connect to hostB using user2 from hostA where I´m connected using user1. I've run ssh-keygen -t rsa on hostA and copied the public key generated in ~/.ssh/id_rsa.pub to the ~/.ssh/authorized_keys of user2 in hostB. Then I tried to connect from hostA to hostB using the command: $user1@hostA> ssh user2@hostB I still get a request for password: user2@hostB's password: If I try to connect using the same user on both hosts, it works correctly: $user1@hostA> ssh user1@hostB Enter passphrase for key '/home/user1/.ssh/id_rsa': What am I missing?

Read the article
nslookup gives wrong ip for my domain

- by Werulz

I am having some problem in trying to setup DNS for my domain on my server. This tutorial normally works fine for me but when i tried to lookup my domain it gives the following output Server: 4.2.2.1 Address: 4.2.2.1#53 Non-authoritative answer: 119.100.79.64.in-addr.arpa name = server.leech4ever.com. Authoritative answers can be found from: The server and the address are wrong according to the tutorial Here is tutorial http://webcache.googleusercontent.com/search?q=cache:rR7Z4YU4GI0J:www.broexperts.com/2012/03/linux-dns-bind-configuration-on-centos-6-2/+broexperts+bind&cd=1&hl=en&ct=clnk&gl=mu /etc/hosts 127.0.0.1 localhost 64.79.100.119 server.leech4ever.com server /etc/resolve.conf search leech4ever.com nameserver 64.79.100.119 /etc/resolv.conf nameserver 4.2.2.1 nameserver 4.2.2.2 How to solve this problem guys.....The tutorial was flawless until i did a server restore

Read the article
Windows 2012 Cluster on P6300 SCSI-3 Persistent Reservation issues

- by Bruno J. Melo

Scenario: 1 HP 6300 with latest XCS version 1 Command View 10.1 + with hosts defined as Windows 2008 2 BL460c Gen8 Servers with SPP 2012.10 and Windows Server 2012 Datacenter Edition with all the updates + MPIO feature enabled DSM v4.03.00 Cluster Analyser Tool triggers this error: Test Disk 0 does not support SCSI-3 Persistent Reservations commands needed to support clustered Storage Pools. Some storage devices require specific firmware versions or settings to function properly with failover clusters. Please contact your storage administrator or storage vendor to check the configuration of the storage to allow it to function properly with failover clusters. Any ideas? Thanks for your help!

Read the article
Dealing with SMTP invalid command attack

- by mark

One of our semi-busy mail servers (sendmail) has had a lot of inbound connections over the past few days from hosts that are issuing garbage commands. In the past two days: incoming smtp connections with invalid commands from 39,000 unique IPs the IPs come from various ranges all over the world, not just a few networks that I can block the mail server serves users throughout north america, so I can't just block connections from unknown IPs sample bad commands: http://pastebin.com/4QUsaTXT I am not sure what someone is trying to accomplish with this attack, besides annoy me. any ideas what this is about, or how to effectively deal with it?

Read the article
Windows 2008 Server can't connect to FTP

- by stivlo

I have Windows 2008 Server R2, and I am trying to install FTP services. My problem is I can't connect from outside, FileZilla complains with: Error: Connection timed out Error: Could not connect to server Here is what I did. With the Server Manager, I've installed the Roles FTP Server, FTP Service and FTP Extensibility. In Internet Information Services version 7.5, I've chosen Add FTP Site, enabled Basic Authentication, Allow a user to connect Read and Write. In FTP Firewall support on the main server, just after start page, I've set Data Channel Port Range to 49100-49250 and set the external IP Address as the one I see from outside. If I click on FTP IPv4 Address and Domain Restrictions, and click on Edit Feature Settings, I see that access for unspecified clients is set to Allow, so I click OK without changing those defaults. In FTP SSL Policy, I've set to Require SSL connection, certificate is self signed. I tried to connect with FileZilla from the same host and it works, however it doesn't work remotely, as I said above. I've enabled pfirewall.log, but apparently nothing gets logged. The server is in Amazon EC2, and on the security group inbound firewall rules, I've set that ports 21 and ports 49100-49250 accepts connections from everywhere. What else should I be checking to solve the problem?

Read the article
Is there a way to have "default" or "placeholder" values in Excel?

- by Iszi

I've got a spreadsheet with cells that I want to be user-editable, but that I also want to have "default" or "placeholder" values in, whenever there is no user-entered data. There's a couple good use cases for this: Prevent formula errors, while providing reasonable assumptions when a user has not entered (or has deleted) their own value. I could use conditional formatting to alert the user to default values, so as to prevent their ignorance of them - they can then make an informed choice as to whether that value is still appropriate or not for the intended calculations. Give a short description of what is intended to be entered in the cell, without having to have a separate "instructions" segment or document. This would also eliminate the need for a nearby "Label" cell, in some cases where it's really not appropriate. To accomplish what I want, I need some formula, script, or other advanced spreadsheet option that will do the following: Show the default value in the cell before user enters data. Allow the default value to be found by any formulas referencing the cell, when there is no user-entered data in that cell. Allow the user to freely (naturally, exactly as they would do with any "normal" cell) overwrite the displayed value with their own value or formula, and have the user-entered data found by any formulas referencing the cell. When cell is blanked by deletion of user input, revert to default value. Is there a way to do this in Excel, or am I asking too much of a spreadsheet program here?

Read the article
Domain redirection to port on Windows Server 2008

- by Rauffle

I have a Windows server running IIS. I wish to run a piece of software that hosts a web interface on a non-standard HTTP port (let's say, port 9999). I have static DNS entries on my router for two FQDNs, both of which direct to the Windows server. I wish to have requests to 'website1' to continue to go to the IIS website on port 80, but requests for 'website2' to instead go to port 9999 to be handled by the other application. How can I accomplish this? Right now I can get to the application by going to 'website1:9999' or 'website2:9999'.

Read the article
PAM with KRB5 to Active Directory - How to prevent update of AD password?

- by Ex Umbris

I have a working Fedora 9 system that's set up to authenticate users via PAM - krb5 - Active Directory. I'm migrating this to Fedora 14, and everything works, but it's working too well :-) On Fedora 9, if a Linux user updated their password, it did not propagate to their Active Directory account. On Fedora 14, it is changing their A/D password. The problem is I don't want A/D to be updated. Here's my password-auth-ac: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 type= password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so I tried removing the line password sufficient pam_krb5.so use_authtok But then when attempting to change the Linux password, if they provide their A/D password for the authentication prompt, they get the error: passwd: Authentication token manipulation error What I want to achieve is: Allow authentication with either the A/D or Linux password (the Linux password is a fall-back for certain sysadmin users in case A/D is unavailable for some reason). This is working now. Allow users to change their Linux passwords without affecting their A/D passwords. Is this possible?

Read the article
Serving static content with Apache web server and Tomcat

- by Hunter

I've configured Apache web server and Tomcat like this: I created a new file in apache2/sites-available, named it "myDomain" with this content: <VirtualHost *:80> ServerAdmin [email protected] ServerName myDomain.com ServerAlias www.myDomain.com ProxyPass / ajp://localhost:8009 <Proxy *> AllowOverride AuthConfig Order allow,deny Allow from all Options -Indexes </Proxy> </VirtualHost> Enabled mod_proxy and myDomain a2enmod proxy_ajp a2ensite myDomain Edited Tomcat's server.xml (inside the Engine tag) <Host name="myDomain.com" appBase="webapps/myApp"> <Context path="" docBase="."/> </Host> <Host name="www.myDomain.com" appBase="webapps/myApp"> <Context path="" docBase="."/> </Host> This works great. But I don't like to put static files (html, images, videos etc.) into {tomcat home}/webapps/myApp's subfolders instead I'd like to put them the apache webserver's root WWW directory's subdirectories. And I'd like Apache web server to serve these files alone. How could I do this? So all incoming request will be forwarded to Tomcat except those that ask for a static file.

Read the article
Setting up IIS7 to mimic a GoDaddy shared hosting plan

- by NerdFury

I host multiple domains on a GoDaddy shared hosting account. I would like to setup a website locally in IIS 7 that mimics the setup of my hosted account so that I can test and debug applications locally before deploying, as debugging after deploying, or discovering there are issues after deploying is frustrating. I have created a folder WebRoot, at put my main application in that folder. I created a website in IIS 7 and pointed it at that folder. I setup bindings with a fake domain, and created a matching entry in my hosts file to make the fake domain point at my 127.0.0.1. I then created a folder www.otherdomain.com under webroot. I then created an application underneath my website, and pointed it at this folder. I can't find how I can add bindings to the web application to have it referenced as a different fake domain, rather than a subdirectory under my root domain. What would be the proper way to setup IIS to best simulate the environment on the GoDaddy servers.

Read the article
Process vsserv.exe attempts connection to unknown host (clients.your-server.de)

- by pushpraj

from past few day I notice a new connection is being made from my system, I discovered it within the outpost firewall, it is blocked by default with the reason Block Transit Packets in the image above you can see that the process vsserv.exe is attempting a connection to static.88-198-155-41.clients.your-server.de I tried to search on google but could not find any relevant info, however this link http://www.webmasterworld.com/search_engine_spiders/3963600.htm says that your-server.de hosts bad bots. I am bit concerned if something is not correct. Could you help me understand the same?

Read the article
How do I route traffic to website using a spcified network connection on Windows 7

- by rwetzeler

I want to route all traffic to a website over my wireless connection while the rest of the traffic using my lan. What I tried was first finding out the IP address of the website I want to go to. For example, lets say pandora.com. I found it resolves to 208.85.40.20. I have entered that entry into my hosts file. I then added that route using route add 208.85.40.20 mask 255.255.255.255 WirelessIP. It doesn't seem to work however. Instead of using the IP address, is there a way that I can just say.. this URL to route over that connection? Does anyone know of a program that I can install that will do this.. possibly some sort of proxy or a software load balancer that can do this?

Read the article
Ngins wont send POST to fastcgi backend, but GET works fine?

- by xyld

Not sure why, but it is happy sending a GET to the fastcgi backend (Mercurial hgwebdir in this case), but simply resorts to the filesystem if the request is a POST. Relevant parts of nginx.conf: location / { root /var/www/htdocs/; index index.html; autoindex on; } location /hg { fastcgi_pass unix:/var/run/hg-fastcgi.socket; include fastcgi_params; if ($request_uri ~ ^/hg([^?#]*)) { set $rewritten_uri $1; } limit_except GET { allow all; deny all; auth_basic "hg secured repos"; auth_basic_user_file /var/trac.htpasswd; } fastcgi_param SCRIPT_NAME "/hg"; fastcgi_param PATH_INFO $rewritten_uri; # for authentication fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; #fastcgi_pass_header Authorization; #fastcgi_intercept_errors on; } GET's work fine, but POST delivers this error to the error_log: 2010/05/17 14:12:27 [error] 18736#0: *1601 open() "/usr/html/hg/test" failed (2: No such file or directory), client: XX.XX.XX.XX, server: domain.com, request: "POST /hg/test HTTP/1.1", host: "domain.com" What could possibly be the issue? I'm trying to allow read-only access via GET's to the page, but require authorization when using hg push to the same url which sends a POST request.

Read the article
suPHP not working

- by amarc

OS: Ubuntu 10.04 etc/suphp/suphp.conf: [global] ;Path to logfile logfile=/var/log/suphp/suphp.log ;Loglevel loglevel=info ;User Apache is running as webserver_user=www-data ;Path all scripts have to be in docroot=/home ;Path to chroot() to before executing script ;chroot=/mychroot ; Security options allow_file_group_writeable=false allow_file_others_writeable=false allow_directory_group_writeable=false allow_directory_others_writeable=false ;Check wheter script is within DOCUMENT_ROOT check_vhost_docroot=true ;Send minor error messages to browser errors_to_browser=false ;PATH environment variable env_path=/bin:/usr/bin ;Umask to set, specify in octal notation umask=0077 ; Minimum UID min_uid=100 ; Minimum GID min_gid=100 [handlers] ;Handler for php-scripts application/x-httpd-suphp="php:/usr/bin/php-cgi" ;Handler for CGI-scripts x-suphp-cgi="execute:!self" some vhost in sites-enabled: NameVirtualHost *:8080 <VirtualHost *:8080> ServerAdmin ... ServerName ... ServerAlias ... AddType application/x-httpd-php .php AddHandler application/x-httpd-php .php suPHP_Engine on suPHP_UserGroup user user suPHP_ConfigPath "/home/user/etc" suPHP_PHPPath /usr/bin DocumentRoot /home/user/web/site.com/ ErrorLog /var/log/apache2/site.com-error_log CustomLog /var/log/apache2/site.com-access_log common <Directory /home/user/web/site.com/> Order Deny,Allow Allow from all Options +Indexes </Directory> </VirtualHost> But when I did nano /home/user/web/id.php and paste <?php system('id'); ?> in it, result I get is: uid=33(www-data) gid=33(www-data) groups=33(www-data) Have no idea what to do so I was hoping comunity could help ty.

Read the article
Windows Server 2008 constantly spamming external IP's on outbound TCP port 445

- by RSXAdmin

Hi Server Fault, I have a Windows Server 2008 box running as a Domain Controller. I have noticed in my Cisco ASA firewall logs that this box is continuously sending out (like a thousand requests a second) requests on TCP port 445 to external hosts. I have made an effort to deny this outbound traffic from getting on the internet (using the ASA), however I would like these requests to stop from even occurring at all. I have tried disabling TCP/IP over NetBIOS. I have even turned on Windows Advanced Firewall on the box itself to block outbound 445 but the ASA still detects this particular traffic hitting it. I have other DC's and similar type boxes which are not behaving the same way as this box. Is this normal? Is there a way to stop this spamming? Have I been infected? Thank you universe.

Read the article
Network Block Device (NBD) clients for Windows or similar solutions

- by przemoc

Are there any NBD clients for Windows? Strangely, I cannot find any, or I am searching for them in a wrong way. Such client should be possibly a driver with front-end tool (may be a command-line one) allowing to create virtual drives and associate them with given hosts (or simply localhost) and ports where NBD servers are listening. From user perspective virtual drive should be close to what physical drive is, so it should be accessible as something like \\.\PhysicalDriveX (maybe \\.\VirtualDriveX?), be visible in Disk Management (diskmgmt.msc) and mountvol tools at least. (The only thing I found remotely close to NBD on Windows is ImDisk's proxy mode and companion tool devio, but AFAIK ImDisk only works at partition level (so no virtual drive) and devio uses different protocol.) Secondary question is: Are there any (preferably simple) Windows-specific solutions allowing creation of virtual drive delegating read/write request to user-space via some explicit way (like via TCP, IPC, DLL implementing given API, etc.)?

Read the article
Can't ping static IP from internal network, only from outside

- by Mike

I'm running ubuntu and I have apache running, however, I can't ping internally to my static IP nor browse http://207.40.XXX.XX the web server using my static IP. I can only ping/browse localhost, 127.0.0.1, and 192.168.0.120 OR 207.40.XXX.XX only from the outside world. # cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 my-server.myhost.com my-server # hostname my-server # netstat -tapn tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:29754 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN Any ideas why this is not working?

Read the article
Our server hosting provider asked for our root password

- by Andreas Larsson

I work at a company that develops and hosts a small business critical system. We have an "Elastic cloud server" from a professional hosting provider. I recently got an email from them saying that they've had some problems with their backup solution and that they needed to install a new kernel. And they wanted us to send them the root password so they could do this work. I know that the email came from them. It's not [email protected] or anything like that. I called them and asked them about this, and they were like "yep, we need the password to do this". It just seems odd to send the root password over email like this. Do I have any reason to be concerned?

Read the article
McAfee ePolicy-Orchestrator (ePO) - policy ownership by groups?

- by bkr

Is there a way to grant ownership of an ePO policy to a group? Alternatively, is there a permission that can be set that would allow owners of an ePO policy to add other owners to that policy without making them ePO admin? In the case I'm looking at, ePO is deployed within a large heterogeneous organization with a large amount of delegation in the form of create/modify policy rights to allow multiple IT departments to customize to their needs for their sections of the system tree. The problem is that the policies are owned by the creator of the policy. This causes problems when they leave (staff turnover) or when other people on their teams need the ability to modify the existing policy. Unfortunately, as far as I can see, only someone who is an ePO admin can change the owners. Even the owner of the policy cannot add other owners (unless they are also an ePO admin). Ideally, I should be able to assign ownership of a policy to a group - since that would be easier to manage than me or another admin having to continually fix policy ownership or remove orphaned polices. Even just allowing the owners of the polices to add other owners would be sufficient. How are other people handling policy ownership when dealing with a large amount of delegated control of polices? Is there a way to delegate this out without making users full ePO admins?

Read the article
NAT for static private addresses

- by biggdman

Could someone please help me out with the following scenario: I have a machine that hosts 3 lxc containers, and acts like a router for them. The LXC containers have private ip addresses set on the interfaces that are connected to the host. I want to provide Internet access to the containers and I want to configure the host system so it translates only the addresses that are configured static on the lxc containers interfaces. Should I try to configure the host so it translates each of the 3 private addresses to the public address of the host's interface that is connected to the Internet?

Read the article
SharePoint 2010 MySites - Simple explanation needed!

- by Chris W

I've been playing around with the 2010 beta for a couple of weeks, experimenting with topology options etc. I think I've got myself totally confused as to how it works hence if there's any SP experts out there that can explain things in simple terms for me I'd appreciate it! I want to setup a farm with 3 servers providing the content & MySites. I presume that the way to do this is to load balance or DNS round robin traffic between the 3 servers. The bit where I'm confused is that My Site Settings page asks for a specific My Site Host hence all my site traffic will be pushed to a single server even though we have 3 in the farm. If this hosts fails I presume MySites will be unavailable. Is this right? How do I configure it so that access to MySites is load balanced across the 3 servers in the farm?

Read the article
Configure New Server for .htaccess

- by Phil T

I have a new LAMP CENTOS 5 server I am setting up and trying to copy the configuration from another web server I have. I am stuck with what I think is a mod_rewrite problem. If I go to http://old-server.com/any_page_name.php it correctly routes through some handling code in index.php and shows me a graceful "Page Cannot Be Displayed" message. But if I go to http://new-server.com/any_page_name.php I get an ugly Apache 404 Not Found error message. I looked in both httpd.conf files and they both have only one reference to mod_rewrite. LoadModule rewrite_module modules/mod_rewrite.so So it seems like that should be fine. At the bottom of httpd.conf I have the code: <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/html ServerName new-server.com ErrorLog logs/new-server.com-error_log CustomLog logs/new-server.com-access_log common </VirtualHost> Then in the root of /var/www/html I have the exact same .htaccess file that looks like this: RewriteEngine on Options +FollowSymlinks RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] ErrorDocument 404 /page-unavailable/ <files ~ "\.tpl$"> order deny,allow allow from none deny from all </files> So I don't see why the page load at old-server.com works fine while new-server.com doesn't route through index.php like I want it to do. Thanks.

Read the article
IPv4 NameVirtualHost, IPv6 VirtualHost

- by MadHatter

Like many of us, I have an apache server (2.2.15, plus patches) with a lot of virtual hosts on it. More than I have IPv4 addresses, to be sure, which is why I use NameVirtualHost to run lots of them on the same IPv4 address. I'm busily trying to get everything I do IPv6-enabled. This server now has a routed /64, which gives me an awful lot of v6 addresses to throw around. What I'm trying to find is a simple way to tell each v4-NameVirtualHost that it should also function as a VirtualHost on a unique ipv6 address. I really, really don't want to have to define each virtual host twice. Does anyone know of an elegant way to do this? Or to do something comparable, in case I've embedded any dangerously-ignorant assumptions in my question?

Read the article
What exactly is an invalid HTTP_HOST header

- by rolling stone

I've implemented Django's relatively new allowed hosts setting, which is meant to prevent attackers from submitting requests with a fake HTTP Host header. Since adding that setting, I now get anywhere from 20-100 emails a day notifying me of invalid HTTP_HOST headers. I've copied in an example of a typical error message below. I'm hosting my site on EC2, and am relatively new to setting up/maintaining a server, so my question is what exactly is happening here, and what is the best way to manage these invalid and I assume malicious requests? [Django] ERROR: Invalid HTTP_HOST header: 'www.launchastartup.com'.You may need to add u'www.launchastartup.com' to ALLOWED_HOSTS.

Read the article

< Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186 | Next Page >