Search Results

Search found 5507 results on 221 pages for 'mod ssl'.

Page 180/221 | < Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >

• Installing and maintaining an email server

  - by Andrew

  I need to move hosting providers for four or five domains and for several reasons I'm considering a Linux VPS rather than staying with my current shared, managed hosting provider. The only thing that's stopping me is email. I have lots of experience running and maintaining Apache, but none with email servers. Based on some research, if I want to keep what I've using now, it looks like I'd be going with Postfix and Dovecot, and probably Exim and SpamAssassin. I have no problem performing regular maintenance and watching for security updates, but I don't want to bite off more than I can chew. For someone new to email services, how hard is it to set up an email server that is externally accessible (via SMTP and POP3, not IMAP), available over SSL/TLS and reasonably reliable for multiple domains? How much of a time commitment is it to maintain one?

  Read the article

• Postfix relay to multiple servers and multiple users

  - by Frankie

  I currently have postfix configured so that all users get relayed by the local machine with the exception of one user that gets relayed via gmail. To that extent I've added the following configuration: /etc/postfix/main.cf # default options to allow relay via gmail smtp_use_tls=yes smtp_sasl_auth_enable = yes smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_sasl_security_options = noanonymous # map the relayhosts according to user sender_dependent_relayhost_maps = hash:/etc/postfix/relayhost_maps # keep a list of user and passwords smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd /etc/postfix/relayhost_maps user-one@localhost [smtp.gmail.com]:587 /etc/postfix/sasl_passwd [smtp.gmail.com]:587 [email protected]:user-one-pass-at-google I know I can map multiple users to multiple passwords using smtp_sasl_password_maps but that would mean that all relay would be done by gmail where I specifically want all relay to be done by the localhost with the exception of some users. Now I would like to have a user-two@localhost (etc) relay via google with their own respective passwords. Is that possible?

  Read the article

• MAC computer is not seeing the Ubuntu(computer) samba share in SHare

  - by Mirage

  I have ubuntu with samba installed. Initially My Windows were not able to see Ubuntu on my network list. After searchinga lot i found that i had to write this line in smb.conf and it worked "ldap ssl = No" Don't know why. Now my MAC is also not able to see ubunut but if click on connect to server and use smb://servername then my connection is established. Now is there any thing which i can do so that MAC can see ubuntu in share and i don't need to use connect to server thing.

  Read the article

• Are there any FIPS-140-2 certified solutions for Linux?

  - by Mark Renouf

  I'm not even 100% certain what this involves, but my current understanding is this: use of only approved cryptographic algorithms for network traffic (easy, we use SSL and lock down the algorithms to only the really strong ones). Some form of physical data protection, involving disk encryption and physical tamper evident packaging. Obviously we're on our own if we need a tamper-proof product. But what about software for encrpytion. My guess is just using LUKS (although secure) will not be certified because it's open source (gov't seems a bit biased towards proprietary solutions here). Guardian Edge was mentioned by someone, but that appears to be complete Windows-based. So we need something like it, certified FIPS-140 compliant we can use on Linux.

  Read the article

• Website running on Tomcat port 8443 will only resolve with IP address, not dns

  - by littleK

  I recently set up a web server running tomcat 7 on Ubuntu 12.04. It is currently running on port 8080, however I just enabled SSL on port 8443. Here's my problem: For port 8080, the website is resolved with DNS: (http://www.mywebpage.com:8080) For port 8443, I can only access the website with the IP Address (http://0.0.0.0:8443). It will not work if I use the DNS name. I ultimately want to disable port 80 and use port 8443 only. Does anyone know why I cannot resolve the website on port 8443 using DNS, and how I might fix it? Thanks!

  Read the article

• Installing mod_mono on Ubuntu: handler doesn't seem to get registered

  - by Trevor Johns

  I'm trying to install mod_mono on Apache 2 (Prefork MPM). I'm using Ubuntu Karmic, and just want an auto-hosting setup (so that any .aspx files are executed, similar to how PHP is normally setup). I did the following to install Mono: $ apt-get install libapache2-mod-mono mono-apache-server2 mono-devel $ a2dismod mod_mono $ a2enmod mod_mono_auto I've confirmed that mod_mono is getting loaded by Apache. However, any .aspx pages I try to load are returned unprocessed and still have an application/x-asp-net MIME type. It's as if the mod_mono handler never gets registered with Apache. Here's the contents of /etc/mod_mono_auto.load: LoadModule mono_module /usr/lib/apache2/modules/mod_mono.so And here's /etc/mod_mono_auto.conf: MonoAutoApplication enabled AddType application/x-asp-net .aspx AddType application/x-asp-net .asmx AddType application/x-asp-net .ashx AddType application/x-asp-net .asax AddType application/x-asp-net .ascx AddType application/x-asp-net .soap AddType application/x-asp-net .rem AddType application/x-asp-net .axd AddType application/x-asp-net .cs AddType application/x-asp-net .config AddType application/x-asp-net .dll DirectoryIndex index.aspx DirectoryIndex Default.aspx DirectoryIndex default.aspx I've even tried setting the handler explicitly: AddHandler mono .aspx .ascx .asax .ashx .config .cs .asmx .asp Nothing seems to help. Any ideas how to get this working?

  Read the article

• Netscreen-Remote Equivalent On Linux

  - by mojah

  We're running a simple Juniper VPN tunnel (using Juniper SSG5's) for outside-network access, which works great for Windows PCs since they can connect using the supplied Netscreen-Remote VPN client. Has anyone successfully managed to get this working under Linux? There are several alternatives, but none seem to actually work. The following were tried, but failed: - http://www.prolixium.com/netscreenlinux - http://david.dw-perspective.org.uk/Juniper-Networks-SSL-VPN-Client-On-Linux.html The official version is no Linux Client will ever be developed by Juniper themselves, but perhaps other (open) software exists that has been found compatible to Juniper's VPN?

  Read the article

• How do you add a certificate for WLAN in Linux, at the command-line?

  - by Neil

  I'm using Maemo on a Nokia n810 Internet tablet, and when given a list of installed certificates to choose from when connecting to a PEAP wireless network, it's always blank. I've already installed a couple of certificates through the gui on the device, and only the certificate authorities show up. I've confirmed that Maemo's connection software that handles certificates is buggy, in such a way that certificates are never added, or properly added certificates cannot be found. Is there a way to add WLAN certificates at the command-line, and connect to a wireless network at the command-line as well? I used to use iwconfig to connect, but I never used it with PEAP. Note: I have nothing in /etc/ssl/certs

  Read the article

• Bypass IIS Basic Authentication for localhost

  - by George

  I'd like to have a website authenticated with basic auth, but then also allow the website to access itself locally. That is, I want to allow unauthenticated access only from localhost. In IIS I have only basic authentication enabled (not worrying about SSL for now), and I have the correct file system permissions such that outside users can login successfully and view the website. I have tried setting IIS_IUSR as owner of the directory, and added IUSR with modify permissions, however I'm still getting a 401 error when the website tries to access itself. Anyone have any idea how to get this to work?

  Read the article

• OS X Apache giving 503 error for anything in /api directory

  - by WilliamMayor

  I have a locally hosted website that uses Smarty templates, I'm trying to get started on building an API for the site. I've used virtualhost.sh to create a local virtual host for this and other sites. I've discovered that if I put a directory called api at the root of any of these virtual hosts I will get a 503 error when I try to access anything inside. I am using mod-rewrite but so far only to append a .php extension when needed. Here are the error logs for a request: [Thu Feb 09 13:42:37 2012] [error] proxy: HTTP: disabled connection for (localhost) [Thu Feb 09 13:49:06 2012] [error] (61)Connection refused: proxy: HTTP: attempt to connect to [fe80::1]:8080 (localhost) failed [Thu Feb 09 13:49:06 2012] [error] ap_proxy_connect_backend disabling worker for (localhost) The middle line gave me a clue to look in my hosts file because why would a request go to [fe80::1]:8080? I commented out that line and tried again, this time the error was in connecting to the standard 127.0.0.1 localhost. I have concluded that perhaps there is some config file somewhere picking up the underlying request of localhost/api and pointing it somewhere other than my virtual host. At this point my ability to fix the problem fails me. Can anyone help?

  Read the article

• php5-mysqlnd on debian wheezy/sid?

  - by Joseph

  I am trying to install php5-mysqlnd on a fresh install of Wheezy (/etc/debian_version refers to it as wheezy/sid) and I'm having a problem: root@debian:/var/www/lottery1# apt-get install php5-mysqlnd Reading package lists... Done Building dependency tree Reading state information... Done php5-mysqlnd is already the newest version. 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 1 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Do you want to continue [Y/n]? Y Setting up php5-mysqlnd (5.4.0-3) ... ucfr: Attempt from package php5-mysqlnd to take /etc/php5/mods-available/mysql.ini away from package php5-mysql ucfr: Aborting. dpkg: error processing php5-mysqlnd (--configure): subprocess installed post-installation script returned error exit status 4 Processing triggers for libapache2-mod-php5 ... configured to not write apport reports Reloading web server config: apache2. Errors were encountered while processing: php5-mysqlnd E: Sub-process /usr/bin/dpkg returned an error code (1) It seems there is some sort of conflict with the php5-mysql package, but I still get this error even after removing (with --purge) the php5-mysql package. Any thoughts? I'm trying to run a web tool that makes heavy use of mysqli_result::fetch_all(). Thanks!

  Read the article

• sendmail: how can I restrict access to clients that only have a valid certificate?

  - by lxg

  I want to reject all connections that don't present a valid SSL/TLS certificate. First of all is the access db file the correct one to be changing? I have already tried using the basic rule given in the documentation CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= Darth+20Mail+20+28Cert+29/[email protected] RELAY This will obviously need a rule afterward to filter and reject all that don't present the cert? Does anyone have any pointers as to what syntax I should use? wildcards? lxg

  Read the article

• Subversion problem, repo has moved

  - by Rudiger

  Hi, I've set up subversion on a CentOS fresh install. Web view works fine and gives no errors and requests password but when I try and access it through svn client (xcode) it gives the error 175011 (Repository has been moved). I've tried some of the solutions out there but no success. My subversion.conf: <Location /repos> DAV svn SVNParentPath /var/www/html/repos # Limit write permission to list of valid users. # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/svn-auth-conf Require valid-user </Location> My Apache DocumentRoot: /var/www/html I've only set up one svn repository so far so there shouldn't be any conflicts there. If you need any more info let me know. Thanks

  Read the article

• Switching from prefork MPM to worker MPM + php-fpm on ubuntu

  - by Shane

  All tutorials I found were how to fresh install worker MPM + PHP-FPM, since my wordpress blog's already up and running with prefork MPM, correct me if I'm wrong in the simulated installation process: I'm on ubuntu and according to some tutorials, the following lines would do all the tricks: apt-get install apache2-mpm-worker libapache2-mod-fastcgi php5-fpm php5-gd a2enmod actions fastcgi alias Then you setup configuration in /etc/apache2/conf.d/php5-fpm.conf: <IfModule mod_fastcgi.c> AddHandler php5-fcgi .php Action php5-fcgi /php5-fcgi Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:9000 -pass-header Authorization </IfModule> After all these, restart: service apache2 restart && service php5-fpm restart Question: 1) Would it cause any down time in the whole process for previously running sites with prefork MPM? 2) Do you have to change any already existent configuration files like php or mysql or apache2(would they take effect immediately after the switch without you doing anything)? 3) I've already have apc up and running, do you have to re-install/re-configure it after the switch? 4) How do you find out if apache2 is working in worker MPM mode as expected? Thanks a lot!

  Read the article

• Security question pertaining web application deployment

  - by orokusaki

  I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

  Read the article

• CheckPoint SecuRemote / SecureClient on Vista 64

  - by cliff.meyers

  According to this page, CheckPoint's SecuRemote client is not supported on Vista 64: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit%5FdoGoviewsolutiondetails=&solutionid=sk36681 Unfortunately in working with the systems team they will not confirm if the other two clients (SSL Network Extender or Endpoint Connect) are supported by their environment. Does anyone know if it would be possible to do the following? Install VMware Workstation on my Vista 64 system (host) install a Vista 32-bit OS in a virtual machine (guest) Install SecuRemote VPN client within the guest (Vista 32) Get my Vista 64 machine (host) to use the VPN connection from the guest Any other ideas are more than welcome.

  Read the article

• Are there any negative impact running all services on a single static IP?

  - by Jake

  I need to setup a VPN trunk (with remote branch office location), Video Conference and Web Server on-premise in the office. I am used to ISP providing blocks of 8 or 16 IPs. But I have a new ISP which says they only can provide a single IP. Are there any issues with running all services on a single IP? I don't think this has any thing to do with bandwidth..? I'm not using SSL certificates... I can do port forwarding to different machines... What else...? Disclaimer: I am a programmer by training. Sorry for noob question.

  Read the article

• http proxy caching headers

  - by David Hagan

  I have a service for which I'm about to upgrade the authentication. However, I'm trying to ensure that I make the right decision about where the encryption algorithms occur. I currently have two options: option 1) the authentication module is deployed to the client as a javascript library over https and executes client-side, so that the client can POST back an encrypted string. option 2) the authentication module is kept server-side so that the client need only POST back an unencrypted string. I know that many http proxies cache/log the query-string (and therefore any query parameters), but does anyone know of any http proxies that cache the headers as well? If the headers are being cached, then I'll clearly want to encrypt the password inside the SSL encryption, because to my understanding the headers of an HTTPS request may not always be encrypted (depending on the capabilities of the browser etcetera). Can anyone shed any light on the caching of headers by http proxies? Do you have one that does, or know of one that does?

  Read the article

• bind9 dns proxy

  - by Zulakis

  We are offering multiple SSL-enabled services in our local network. To avoid certificate-warnings we bought certificates for server.ourdomain.tld and firewall.ourdomain.tld. We now created a zone in our local DNS-server in which we pointed the hosts to the corresponding private-ips. Now, each time another record for ourdomain.tld, like for example www.ourdomain.tld or alike are changed, we need to update it on both our public-dns-server AND the local dns-server. I would like our local bind-dns to serve all the information from our public-dns but serve different information for these 2 hosts. I know I could possibly have our private-ips in our public-dns but I don't want that for security reasons. The internet dns-server is being managed by a third party, while we have full control of the intranet one. Because of this I am looking for a solution which lets the intranet retrieve the records from the internet one.

  Read the article

• Debian apache2 restart fault after some updates

  - by Ripeed

  can anyone give me an advice with this please: I run update on my debian server by Webmin. After updating some apache2 and etc. It shows update fail. After that I cant start apache2. I must run netstat -ltnp | grep ':80' Then kill pid kill -9 1047 and now i can start apache2 When I started it first time after update some websites on fastCGI wont work I must change them in ISPconfig3 to mod-PHP and now works NOW - I cant restart apache without kill pid. In log of ISP I see Unable to open logs (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down In log of some website I see [emerg] (13)Permission denied: mod_fcgid: can´t lock process table in pid 19264 Do you thing it will be solution update everithing by: apt-get update and apt-get upgrade to complete all updates? I have little scare if I do that then next errors will occur. If I look at apache log i see error: Debian Python version mismatch, expected '2.6.5+', found '2.6.6' But that was there before that problem before. Thanks A LOT for help.

  Read the article

• ProFTPD mod_tls is not loaded properly?

  - by develroot

  The server is running CentOS 5 with DirectAdmin. I am trying to get ProfFTPD work over TLS, however it seems that proftpd is lacking mod_tls support, even though it was compiled with mod_tls. # proftpd -l Compiled-in modules: mod_core.c mod_xfer.c mod_auth_unix.c mod_auth_file.c mod_auth.c mod_ls.c mod_log.c mod_site.c mod_delay.c mod_facts.c mod_ident.c mod_ratio.c mod_readme.c mod_cap.c As you can see there is no mod_tls.c, however, the DirectAdmin configuration file for proftpd suggests that it was built with TLS support: # cat /usr/local/directadmin/custombuild/configure/proftpd/configure.proftpd #!/bin/sh install_user=ftp \ install_group=ftp \ ./configure \ --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var/run \ --mandir=/usr/share/man \ --without-pam \ --disable-auth-pam \ --enable-nls \ --with-modules=mod_ratio:mod_readme:mod_tls And all I get when I try to connect over FTPS using FileZilla is: Raspuns: 220 ProFTPD 1.3.3c Server ready. Comanda: AUTH TLS Raspuns: 500 AUTH not understood Comanda: AUTH SSL Raspuns: 500 AUTH not understood Am I missing something? thanks.

  Read the article

• Re-using port 443 for another service - is it possible?

  - by Donald Matheson

  The ultimate goal is to allow a remote data connection service to operate on port 443 on a the SQL server. The application accessing the connection is behind a firewall and it is because of the client's reluctance to open another port that I have been asked to try and get this working. The current environment is Windows 2003 R2 (SP2) and SQL Server 2005. IIS is not installed, but when I try and install the third party connection software (SequeLink) it won't as it reports something is still configured on/using port 443. Netstat does not show anything listening on the port and I've tried editing the system32\drivers\etc\services file removing any reference to port 443 and also using sc delete to delete the HTTP and HTTPFilter (HTTP SSL in services console) services to see if this would help. Rebooting after each change. What could still be using the port? Is what I'm trying even possible (I have my doubts but have to investigate every avenue)? Any help/pointers would be greatly appreciated.

  Read the article

• Unable to use Gmail in Thunderbird 3

  - by Jatin Ganhotra

  Mozilla Thunderbird v.3.1.7 I am trying to setup Gmail, but none of the settings are working. I have tried every resource: Blogs, tutorials Instructions by Google Instructions by Thunderbird Questions here But, still its not working. My settings are as follows Server Settings Server Type: IMAP Mail server Server Name: imap.gmail.com Username: [email protected] Port: 993 Default: 993 Connection Security: SSL/TLS Authentication method: Encrypted password Outgoing server (SMTP) Server Name: smtp.gmail.com Port: 587 Default: 25 Connection Security: STARTTLS Authentication method: Encrypted password Username: [email protected] IMAP is enabled in my Gmail settings. ERROR: Connection to the server [email protected] timed out. I am behind a proxy server and I have configured those settings under: Thunderbird Preferences - Advanced - Network and Disk Space - Connection Settings - Manual Proxy Configuration The proxy configuration works, as when I created a Blogs and News feeds a/c, it was working properly and fetching the feeds for me. So, Thunderbird is configured properly as per the proxy settings. Help me.

  Read the article

• Where to get grub files without using grub-install

  - by Jacky

  I am in a particular situation. I have a MacBook Pro with no internal CD drive and both MacOS X (minimal setup) and Linux (my main system) is installed. During a cross-upgrade to Ubuntu 12.04 I messed up grub, so that my /boot/grub directory is basically empty. This means I can't boot Linux on the laptop anymore but only get into grub rescue. Normally this is no issue as you'd just boot from a rescue CD or USB stick, but unfortunately with a MacBook Pro this is not possible (I have reFIT installed and it attempts to boot, but it fails and the manual says that Apple's EFI firmware is not able to handle this situation). From MacOS X, however, I still have write access to the Linux partition. I've now been trying to figure out how to populate the /boot/grub folder with the necessary files, to no avail so far. The ISO image of Ubuntu 12.04 contains an EFI folder which is not what I am looking for, instead I need the normal.mod files for the grub version of Ubuntu 12.04. I do not have any other machine to set up a virtual machine of Ubuntu 12.04 to extract this from after a grub-install, so I am asking for ideas here how to solve this mess. P.S.: I installed the Linux previously when I still had a working internal CD drive. This is gone now.

  Read the article

• What permission(s) does an application pool identity required to manage other application pools?

  - by Mr Shoubs

  I have a web site (used to manage various parts of our software) that needs the permissions required to start/stop other application pools. I've created a user and set the app pool identity to custom, however the web app still can't start/stop the app pools. I get the following Error: System.UnauthorizedAccessException: Filename: redirection.config Error: Cannot read configuration file due to insufficient permissions at Microsoft.Web.Administration.Interop.AppHostWritableAdminManager.GetAdminSection(String bstrSectionName, String bstrSectionPath) at Microsoft.Web.Administration.Configuration.GetSectionInternal(ConfigurationSection section, String sectionPath, String locationPath) at Microsoft.Web.Administration.ServerManager.get_ApplicationPoolsSection() at Microsoft.Web.Administration.ServerManager.get_ApplicationPools() Discussion here suggests setting the application pool to local system or administrator, this does work, but I don't want to do this for security reasons (external support will need access this site). I did give the user higher permissions (as suggested here), starting by making it part of the local administrators group, but initially this didn't work, and giving the user read/write/mod permission on C:\Windows\System32\inetsrv\config also didn't work. I must have done something wrong as local administrator now works, however this still isn't what I want. So can anyone suggest the permissions I need to add to this user, and how can I apply them? An answer my problem (but different question) is here, but to clarify, I think I need to give an individual user "IIS Runtime Operation Permissions", does anyone know how to do this, if indeed this is the permissions I require?

  Read the article

< Previous Page | 176 177 178 179 180 181 182 183 184 185 186 187  | Next Page >