Search Results

Search found 25324 results on 1013 pages for 'folder security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 209/1013 | < Previous Page | 205 206 207 208 209 210 211 212 213 214 215 216  | Next Page >

  • What prevents an attack on Postfix through its named pipes?

    - by Met?Ed
    What prevents an attack on Postfix through its named pipes by writing bogus data to them? I see on my system that they permit write access to other. I wonder if that opens Postfix to DoS or some other form of attack. prw--w--w- 1 postfix postdrop 0 Nov 28 21:13 /var/spool/postfix/public/pickup prw--w--w- 1 postfix postdrop 0 Nov 28 21:13 /var/spool/postfix/public/qmgr I reviewed the pickup(8) man page, and searched here and elsewhere, but failed to turn up any answers.

    Read the article

  • How I can view and block specific applications temporarily from accessing Internet?

    - by Curious Apprentice
    I don't want to block any application permanently from accessing internet. I just want to block some specific applications for a particular time period to gain speed in running some other. I know about one such great tool - that is "Comodo firewall". It can smoothly block and accurately display apps accessing internet. The only problem of installing this is, Windows recommends only one firewall apps and as Im running Windows 7 x64 Ultimate there will be complications if I install this one. I need a tool which can accurately display which apps are accessing internet (through which port) and how much data they are receiving or sending. I also need some arrangement within the app so that I can easily temporarily block that app from accessing internet.

    Read the article

  • Unix / linux permissions setup for shared hosting with Apache

    - by weiyin
    I'm in the process of setting up a server from a clean CentOS 5 install. What is the best permission structure (users, groups, unix permissions) for running a single instance of apache for multiple users? Ideally, it should satisfy these requirements: Each user's websites are stored in a subdirectory of their home directory. Users can edit files and permissions. Apache can read the websites of all users. No user can read the website files of other users. Bonus question: how to add PHP and/or Perl and/or Ruby to Apache without allowing any users to access any other user's files?

    Read the article

  • Running suspicious X programs in GNU/Linux

    - by Vi
    What the most harmful thing can malware program started as separate limited user account do if it has access to the X server? Network and filesystem things are already considered by chroot and netfilter. It obviously can lock the screen and I will need to switch to other vt and kill it manually. Can it for example disrupt other GUI programs on the same X server (access to root terminal in nearby window)? I know that it is safer to run it in separate X server, for example, in Xtightvnc or even some virtual machine, but how dangerous is to just run it like other programs?

    Read the article

  • Should I host my entire web application using https?

    - by user54455
    Actually my only requirement for using SSL encryption is that when a user logs in, the password is transferred encrypted. However after reading a bit about protocol switching, that an HTTPS session can't be taken over as an HTTP session etc. I've been asking myself if it's so bad to just have the entire application use HTTPS only. What are the reasons against it and how would you rate their importance? Please also mention: How much performance do I lose on server side (roughly)? How much performance do I lose on client side (roughly)? Any other problems on server / client side?

    Read the article

  • How do shared hosting servers keep executing code from crossing accounts?

    - by acidzombie24
    I am kind of curious, how does a hosting server support multiple users with php but keep each user away from the other code? The 'easy' solution i thought were file permissions. So every user can have www-data belong to their group and the server would have executing access but the users cant access the others file. But then i realize the user running the php would be www-data who has permission to read everyones data. So how does a shared host prevent this from happening? PS: I personally use nginx (with fastcgi php). But i am somewhat familiar on how apache works.

    Read the article

  • What is the correct way to use Chef-server's 'validation key'?

    - by Socio
    It seems to me that the recommended way of adding clients to a chef server - or my understanding of it - is flawed. from the docs: When the chef-client runs, it checks if it has a client key. If the client key does not exist, it then attempts to "borrow" the validation client's identity to register itself with the server. In order to do that, the validation client's private key needs to be copied to the host and placed in /etc/chef/validation.pem. So the "validation key" is basically the superuser credential, allowing anyone who possesses it full access to the chef server? Am I reading this right? Surely the correct model would be for clients to generate their own keypair, and submit the public key to the chef server. Clients should never need access to this superuser "validation key". How can I do it in this, more secure, manner?

    Read the article

  • Permission to make symbolic links in Windows 7?

    - by karolrvn
    How to enable a particular user the possibility to create symlinks in Windows 7? I searched "Group Policy" and google, but haven't found it. BTW: Is there a way to search through everything in Group Policy Editor? The filters only seem to work on particular subtrees. Actually I never found anything using the filters. TIA

    Read the article

  • Preventing an Apache 2 Server from Logging Sensitive Data

    - by jstr
    Apache 2 by default logs the entire request URI including query string of every request. What is a straight forward way to prevent an Apache 2 web server from logging sensitive data, for example passwords, credit card numbers, etc., but still log the rest of the request? I would like to log all log-in attempts including the attempted username as Apache does by default, and prevent Apache from logging the password directly. I have looked through the Apache 2 documentation and there doesn't appear to be an easy way to do this other than completely preventing logging of these requests (using SetEnvIf). How can I accomplish this?

    Read the article

  • Best cloud based IT Systems management services out there?

    - by Ryk
    Our startup organisation is growing fast in 2 different office locations. That brings new challenges and headaches. Our entire company is cloud based, and I am looking for a good product to manage our remote systems. Currently we do not have on-site AD servers, we are using the Windows Azure AD services, so cannot rely on group policies at this stage. I would like to be able to achieve the following: (they are all laptops) Remote Desktop Support Patch management Lock down software on machines (restrict them) Monitor and manage systems Other benefits would be good, but if I can achieve the ones listed above, it will go a long way. We have a combination of Windows 7 pro & Windows 8 & 8.1 machines. I am currently using Windows Intune, but it is really limited. Really just a glorified patch enforcer. Thank you in advance to your help.

    Read the article

  • How to specify Multiple Secure Webpages with .htaccess RewriteCond

    - by Patrick Ndille
    I have 3 pages that I want to make secure on my website using .htaccess -login.php -checkout.php -account.php I know how to make just one work page at a time using .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] I and trying to figure out how to include the other 2 specific pages to make them also secure and used the expression below but it didn't work RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.php RewriteCond %{REQUEST_URI} /checkout.php RewriteCond %{REQUEST_URI} /account.php RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] Can someone help me the right expression that will work with multiple pages? The second part of the code is that, if https is already on and a user move to a page that Is not any of the pages i specified about, I want that it should get back to http. how should I write the statement for it to redirect back to http if its not any of the pages above? I have my statement like this but its not working RewriteCond %{HTTPS} on RewriteRule !(checkout|login|account|payment)\.php http://%{HTTP_HOST}%{REQUEST_URI} [L,R] Any thoughts?

    Read the article

  • How can I avoid logging file not founds commonly caused by vulnerability scanners?

    - by agweber
    My apache logs are pretty much full of 'admin.php' not found or unable to stat and similar statements for wp-login.php, default.php, and so on that are often sought after by vulnerability scanners. Can I configure apache to avoid logging these statements for certain files? I don't want to filter out all file not founds as I'd like to fix bad links that I may have put out over the years that no longer correspond to the same files. I can use a tool like fail2ban or denyhosts, but from previous experiences it comes from so many places that those errors are still going to pile up, and the reducing those error messages are what this question is asking about.

    Read the article

  • Hyper-V Manager - Host Access During a Catastrophe

    - by LonnieBest
    How can I ensure that I can always have Hyper-V Manager access to a Hyper-V server, even in the event that the Active Directory Server is down (in a domain-login environment)? Background: The one that came before me, set up the company's servers as virtual machines on top of a host running Hyper-V Server 6.1 (7601) Service Pack 1. For managing Hyper-V, he installed Window 7 onto a virtual machine (run on the same host) with Hyper-V Manager installed. When the (virtual) Active Directory server (run on this same host) is rebooted, during that reboot, I'm unable to RDP into the Windows 7 virtual machine, and I'm therefore unable to access Hyper-V Manager when the Active Directory server is down. I suspect I can't login because I can't authenticate with the Active Directory Server. I'm going to install Hyper-V Manger onto some addition manager's workstations, but how can I ensure they'll have access in a catastrophe where Active Directory authentication isn't possible?

    Read the article

  • Do proxies really provide anonimity?

    - by user36269
    Do web proxies really provide anonimity? I mean, without someone asking for logs in a web proxy server for who/when connected, is it impossible to know who was behind that ip? I'm asking this because I heard somewhere that some technologies (like "flash") bypass personal ip information for requests or something like that. (I'm a noob in server configuration and concepts like DNS and proxies. Thanks!)

    Read the article

  • What is the most secure way to set up a mysql user for Wordpress?

    - by Sinthia V
    I am setting up Subdomain based MU on my domain.Everything is hosted by me running on one CentOS/Webmin VPS. Will I be better off setting the MySQL user's domain as localhost, 127.0.0.1 or with a wildcard %.mydomain.com? Which is more secure? Is localhost === 127.0.0.1? If not what is the difference? Also, what is my domain from MySQL's or Wordpress' pov when I am connected by ssh terminal? How about When I connect by Webmin or Usermin? Does MySQL see me as Webmin or my Unix user?

    Read the article

  • Should the virtualization host be allowed to run any service?

    - by Giordano
    I recently setup a virtualization server for the small company I'm running. This server runs few virtual machines that are used for development, testing, etc... My business partner works from a remote location, thus I also installed a vpn server on the virtualization host to make it possible for him to safely reach the company services. Moreover, again on the virtualization host, I installed bacula to perform the backup of the data. Is it advisable/good practice to do so or should I create one more virtual machine to do backups and VPN? Is it a bad idea to run these services on the host itself? If yes, why? Thanks in advance!

    Read the article

  • Getting much higher than usual brute-force attempts on cPanel

    - by UserZer0
    Although I have many client accounts on my cPanel based server I'm really the only one who has login information to any of the accounts. I have cPhulk setup to alert me and blocking after 4 failed attempts. I usually have only a handful of bots trying to get in each day(2 hosts ago I never had any), but Today the rate has significantly increased, every 10 minutes or so(no not like clockwork, just averaging). Should I be concerned? Is there anything extra I should be doing, is there any automated reporting services I can use? Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 205 206 207 208 209 210 211 212 213 214 215 216  | Next Page >