Search Results

Search found 41497 results on 1660 pages for 'fault'.

Page 257/1660 | < Previous Page | 253 254 255 256 257 258 259 260 261 262 263 264  | Next Page >

• What is /opt/sun_docs used for, in Solaris 10?

  - by benc

  Solaris 10, SPARC. While trying clean up my "/opt" directory, I saw the "sun_docs" directory. I scanned the contents with "du -a", and also found a single, possibly related file (/var/opt/sun_docs/sundocs.html). If I understand correctly, it looks like a local set of HTML files, designed to be ready by a locally running browser? It looks like it could be shared via http, if an admin knew how to turn that on. I did google and check docs.sun.com. -ben

  Read the article

• Server taking too long to respond error

  - by DCJones

  This is my first post on serverFault and my first entry in to web server configuration. The hardware and software. CPU: GenuineIntel, Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz OS: Linux 2.6.18-128.el5 Memory: 2Gb Background. I am running a small database (MySQL), around 1000 records with each record containing 44 fields. At the start of each day “00:01” the tables are cleared and populated with fresh data. The are 10 remote PCs all running Winodws XP and Firefox internet browser. All remote PC’s are connected to the internet using a min 4Gb broadband connection. Each remote PC runs a URL which displays a dynamic page of data which is refreshed every 20 seconds. This is a continual process 24 hours a day. I problem I am having is on odd occasions throughout the day the PC browser error with “Server taking too long to respond error”. What I am trying to find our is if I have the correct setting in the httpd.conf file on the server. Any help or advice anyone can provide would be very helpful. Best regards Dereck Server config file: httpd.conf ServerRoot "/etc/httpd" PidFile run/httpd.pid Timeout 120 KeepAlive On MaxKeepAliveRequests 200 KeepAliveTimeout 5 <IfModule prefork.c> StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 254 MaxRequestsPerChild 4000 </IfModule> <IfModule worker.c> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 150 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule>

  Read the article

• CentOS only detecting 50% of ram

  - by Devator

  I have 16GB ram in my machine. Before, free -m outputted the normal 16 GB ram, however now (after a reboot) it only detects 8 GB ram. Is one ram module damaged? grep -i memory /var/log/dmesg outputs Memory: 15621184k/16017200k available (2535k kernel code, 387120k reserved, 1748k data, 196k init). (Which looks like 16 GB to me). Free -m outputs: total used free shared buffers cached Mem: 7484 7415 68 0 6104 524 -/+ buffers/cache: 786 6697 Swap: 2055 0 2054 Anything I might be missing? Thanks in advance.

  Read the article

• Working around Gmail mailing-list "feature."

  - by Paul J. Lucas

  I'm using Google Apps for my domain's e-mail via IMAP. Whenever I send mail to a mailing list, I don't receive a copy of my own mail back in my inbox. According to Google, this is a "feature." Is there a way to disable this "feature" so that all mail I send to mailing lists appears in my inbox just like all other e-mail? Perhaps something along the lines of this method for disabling Google's spam filter??

  Read the article

• SSL security error

  - by shah

  What would the reason of getting the following error? Microsoft OLE DB Provider for SQL Server error '80004005' [DBNETLIB][ConnectionOpen (SECDoClientHandshake()).]SSL Security error.

  Read the article

• SBS 2008 Duplicate Files - what can I delete

  - by Stu

  I'm trying to look after my company's SBS 2008 server. It keeps running out of space on the C: (OS)drive, so Exchange stops when it gets down to 4Gb free space. From what I can tell after the last time I had a consultant in to fix it, there should comfortably be about 20Gb. Running a duplicate files report gives me a huge list of duplicated files, and identifies just how much space they are hogging. But my question is, which ones can I delete to recover the space? Can I tell, from what's shown on the report, the files that are redundant and can safely be deleted?

  Read the article

• Trouble virtualizing application under Windows 7

  - by vtimmerm

  Hi, I'm trying to virtualize an application for Windows 7 but am running into trouble: Application will run fine in Windows 7 if installed in the base. When it is virtualized, it will run on XP, but not on Windows 7. I have tried this in three ways: Captured on XP with ThinApp 4.0 Captured on XP with ThinApp 4.5 Captured on Windows 7 with ThinApp 4.5 Even when captured on Windows 7, it will not run on Windows 7 but will run on XP. When captured with a rival product, Altiris SVS, the virtualized app runs fine on Windows 7. Any idea what could cause this behaviour? Looking at the trace file, you see that they are different right from the start when comparing Windows 7 and XP tracefiles. What could cause it to go in completely different directions? (And why does the tracefile on Windows 7 say: Operating System Unknown? Does everybody have that on Windows 7 even with 4.5?) The error message is: "Object variable or with block variable not set".

  Read the article

• Setting up Splunk/IronPort WSA

  - by Ciddan

  I recently stumbled across Splunk 4 (by way of an advert on this very site...) and found that it had an "App" that's designed to work with Cisco IronPort WebSecurity and E-Mail Appliances! That's really awesome, because good IronPort reporting is something our IT-dept. is looking for. Anyways - I'm totally lost on how to configure this thing. I've googled like a mad-man to find a guide or such like - but I haven't found anything. Has anyone here set up IP / Splunk? Any tips/pointers?

  Read the article

• Using hdparm for better performance on Web Servers

  - by Rishav

  I just heard about using hdparams to optimize the Hard Disk Performance of a server ? Is this common practice ? What file systems do you use ? I generally deploy on the second last release of Ubuntu for stability reasons, do you some other filesystems or use distributed file systems from the get go ? Do the hdparam settings change for different File systems ? I haven't tried this yet, so how much difference do changes like this make ?

  Read the article

• Software for monitoring internal software?

  - by Tyler Eaves

  Is there any good software for monitoring the health of a collection of related software? Requirements are as follows: Web-based, deployable on standard Linux/BSD software. Configurable to support a variety of processes, scheduled at various intervals. Some sort of dashboard interface, for monitoring status, viewing errors, etc. As an example, suppose we have a daily export that's scheduled to run at 6AM each morning. After the export completes, it would POST a status message, saying it had completed, passing in some sort of application key to identify the export. If that status message hadn't come in, by, say, 6:30AM, an e-mail might be sent, that application should go red on the dashboard, etc. Applications should also be able to post error/warning messages. Basically the goal is to be able to monitor all of our internal projects from one system, rather than a multitude of e-mails, log files, etc. I suspect that I'll probably have to end up writing this from scratch, but I just thought I'd ask.

  Read the article

• Enabling WinRM by Group Policy

  - by SaintNick

  I'm having partial success enabling WinRM through Active Directory GPO's on our Server 2008 R2 environment. I've created a GPO that enables "Allow automatic configuration of listeners" and also enables all the necessary predefined WinRM Firewall rules. This GPO works fine for our webservers. Indeed, this is reflected by the "Server Manager Remote Management" nicely flipping to "enabled" in Server Manager Server Summary. However, the same GPO applied to both our Management servers, which are Domain Controllers, does not give the same result. I see the GPO settings being applied, including the listener as confirmed by C:\Windows\system32>winrm e winrm/config/listener Listener [Source="GPO"] Address = * Transport = HTTP Port = 5985 Hostname Enabled = true URLPrefix = wsman CertificateThumbprint ListeningOn = 10.32.40.210, 10.32.40.211, 10.32.40.212 But in Server Manager, Server Summary, Remote Management remains on "disabled" and indeed when trying to connect to one of these machines Server Manager gives an "Access Denied". Manually enabling WinRM locally via Server Manager "Configure Server Manager Remote Management" on either of these machines works fine. What can be the cause? Can it have something to do with theses machines being DC's and needing extra settings in the GPO? Nick Reid

  Read the article

• TAB completion not working in ubuntu hardy heron

  - by Tutul

  I have recently installed ubuntu hardy and found that shell command completion with TAB doesn't work, the package 'bash-completion' is installed in my system. I guess it is related to dash being the default shell? Is there a way to use tab completion in dash? If there isn't a way then how can i change my default shell to bash?

  Read the article

• How can i link a oracle user to a business objects user

  - by Robert Speckmann

  I have a problem with linking the oracle user to a business objects user. I will try to explain it as detailed as possible; I have a Oracle database (10g) where a couple of users are defined. These users can query on information with application X. Those records will then be written into the oracle database. The records that is written into the database has a ID that links to the person that has run the query. I also have a active directory in wich a couple of users are made; testuser1, testuser2. When those users log on, and want to load a report in Business Objects XI i want them to see the information that was created when the report was activated by that same user that had runned the query before with application X. The name of the person in the active directory and the name in the oracle database are not the same but i dont think that would be a problem in this stage. So the steps i took: First, i run a report in application X (with a account prodpim_rs) wich fills my Oracle database with a record. The second step is logging on as testuser1 (from the AD) and then login on Business Objects XI with the account. Now i want to load a report with the information in my Oracle database. So the prodpim_rs user and the testuser must have a link between them. I am wondering how to forfill this. Can i link the account, wich is made in a Oracle database, with the user of BO wich is linked to my AD? Thank you in advance for your reply Robert

  Read the article

• Best use of a RAM disk?

  - by JamesHannah

  Just wondering, have you ever made anything useful with a RAM disk in production? I wonder if the performance benefit they afford possibly outweighs their temporary nature in a specific circumstance. I've only ever used one once, and it wasn't for performance. It was when I needed some writable disk space on a server showing hard drive errors – it gave just enough space for me to install the 3ware RAID utility to identify the dodgy disk. How have you used a RAM disk in production?

  Read the article

• solved: puppet master REST API returns 403 when running under passenger works when master runs from command line

  - by Anadi Misra

  I am using the standard auth.conf provided in puppet install for the puppet master which is running through passenger under Nginx. However for most of the catalog, files and certitifcate request I get a 403 response. ### Authenticated paths - these apply only when the client ### has a valid certificate and is thus authenticated # allow nodes to retrieve their own catalog path ~ ^/catalog/([^/]+)$ method find allow $1 # allow nodes to retrieve their own node definition path ~ ^/node/([^/]+)$ method find allow $1 # allow all nodes to access the certificates services path ~ ^/certificate_revocation_list/ca method find allow * # allow all nodes to store their reports path /report method save allow * # unconditionally allow access to all file services # which means in practice that fileserver.conf will # still be used path /file allow * ### Unauthenticated ACL, for clients for which the current master doesn't ### have a valid certificate; we allow authenticated users, too, because ### there isn't a great harm in letting that request through. # allow access to the master CA path /certificate/ca auth any method find allow * path /certificate/ auth any method find allow * path /certificate_request auth any method find, save allow * path /facts auth any method find, search allow * # this one is not stricly necessary, but it has the merit # of showing the default policy, which is deny everything else path / auth any Puppet master however does not seems to be following this as I get this error on client [amisr1@blramisr195602 ~]$ sudo puppet agent --no-daemonize --verbose --server bangvmpllda02.XXXXX.com [sudo] password for amisr1: Starting Puppet client version 3.0.1 Warning: Unable to fetch my node definition, but the agent run will continue: Warning: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /certificate_revocation_list/ca [find] at :110 Info: Retrieving plugin Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /file_metadata/plugins [search] at :110 Error: /File[/var/lib/puppet/lib]: Could not evaluate: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /file_metadata/plugins [find] at :110 Could not retrieve file metadata for puppet://devops.XXXXX.com/plugins: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /file_metadata/plugins [find] at :110 Error: Could not retrieve catalog from remote server: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /catalog/blramisr195602.XXXXX.com [find] at :110 Using cached catalog Error: Could not retrieve catalog; skipping run Error: Could not send report: Error 403 on SERVER: Forbidden request: XX.XXX.XX.XX(XX.XXX.XX.XX) access to /report/blramisr195602.XXXXX.com [save] at :110 and the server logs show XX.XXX.XX.XX - - [10/Dec/2012:14:46:52 +0530] "GET /production/certificate_revocation_list/ca? HTTP/1.1" 403 102 "-" "Ruby" XX.XXX.XX.XX - - [10/Dec/2012:14:46:52 +0530] "GET /production/file_metadatas/plugins?links=manage&recurse=true&&ignore=---+%0A++-+%22.svn%22%0A++-+CVS%0A++-+%22.git%22&checksum_type=md5 HTTP/1.1" 403 95 "-" "Ruby" XX.XXX.XX.XX - - [10/Dec/2012:14:46:52 +0530] "GET /production/file_metadata/plugins? HTTP/1.1" 403 93 "-" "Ruby" XX.XXX.XX.XX - - [10/Dec/2012:14:46:53 +0530] "POST /production/catalog/blramisr195602.XXXXX.com HTTP/1.1" 403 106 "-" "Ruby" XX.XXX.XX.XX - - [10/Dec/2012:14:46:53 +0530] "PUT /production/report/blramisr195602.XXXXX.com HTTP/1.1" 403 105 "-" "Ruby" thefile server conf file is as follows (and goin by what they say on puppet site, It is better to regulate access in auth.conf for reaching file server and then allow file server to server all) [files] path /apps/puppet/files allow * [private] path /apps/puppet/private/%H allow * [modules] allow * I am using server and client version 3 Nginx has been compiled using the following options nginx version: nginx/1.3.9 built by gcc 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) TLS SNI support enabled configure arguments: --prefix=/apps/nginx --conf-path=/apps/nginx/nginx.conf --pid-path=/apps/nginx/run/nginx.pid --error-log-path=/apps/nginx/logs/error.log --http-log-path=/apps/nginx/logs/access.log --with-http_ssl_module --with-http_gzip_static_module --add-module=/usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/nginx --add-module=/apps/Downloads/nginx/nginx-auth-ldap-master/ and the standard nginx puppet master conf server { ssl on; listen 8140 ssl; server_name _; passenger_enabled on; passenger_set_cgi_param HTTP_X_CLIENT_DN $ssl_client_s_dn; passenger_set_cgi_param HTTP_X_CLIENT_VERIFY $ssl_client_verify; passenger_min_instances 5; access_log logs/puppet_access.log; error_log logs/puppet_error.log; root /apps/nginx/html/rack/public; ssl_certificate /var/lib/puppet/ssl/certs/bangvmpllda02.XXXXXX.com.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/bangvmpllda02.XXXXXX.com.pem; ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem; ssl_client_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; ssl_session_cache shared:SSL:128m; ssl_session_timeout 5m; } Puppet is picking up the correct settings from the files mentioned because config print command points to /etc/puppet [amisr1@bangvmpllDA02 puppet]$ sudo puppet config print | grep conf async_storeconfigs = false authconfig = /etc/puppet/namespaceauth.conf autosign = /etc/puppet/autosign.conf catalog_cache_terminus = store_configs confdir = /etc/puppet config = /etc/puppet/puppet.conf config_file_name = puppet.conf config_version = "" configprint = all configtimeout = 120 dblocation = /var/lib/puppet/state/clientconfigs.sqlite3 deviceconfig = /etc/puppet/device.conf fileserverconfig = /etc/puppet/fileserver.conf genconfig = false hiera_config = /etc/puppet/hiera.yaml localconfig = /var/lib/puppet/state/localconfig name = config rest_authconfig = /etc/puppet/auth.conf storeconfigs = true storeconfigs_backend = puppetdb tagmap = /etc/puppet/tagmail.conf thin_storeconfigs = false I checked the firewall rules on this VM; 80, 443, 8140, 3000 are allowed. Do I still have to tweak any specifics to auth.conf for getting this to work? Update I added verbose logging to the puppet master and restarted nginx; here's the additional info I see in logs Mon Dec 10 18:19:15 +0530 2012 Puppet (err): Could not resolve 10.209.47.31: no name for 10.209.47.31 Mon Dec 10 18:19:15 +0530 2012 access[/] (info): defaulting to no access for 10.209.47.31 Mon Dec 10 18:19:15 +0530 2012 Puppet (warning): Denying access: Forbidden request: 10.209.47.31(10.209.47.31) access to /file_metadata/plugins [find] at :111 Mon Dec 10 18:19:15 +0530 2012 Puppet (err): Forbidden request: 10.209.47.31(10.209.47.31) access to /file_metadata/plugins [find] at :111 10.209.47.31 - - [10/Dec/2012:18:19:15 +0530] "GET /production/file_metadata/plugins? HTTP/1.1" 403 93 "-" "Ruby" On the agent machine facter fqdn and hostname both return a fully qualified host name [amisr1@blramisr195602 ~]$ sudo facter fqdn blramisr195602.XXXXXXX.com I then updated the agent configuration to add dns_alt_names = 10.209.47.31 cleaned all certificates on master and agent and regenerated the certificates and signed them on master using the option --allow-dns-alt-names [amisr1@bangvmpllDA02 ~]$ sudo puppet cert sign blramisr195602.XXXXXX.com Error: CSR 'blramisr195602.XXXXXX.com' contains subject alternative names (DNS:10.209.47.31, DNS:blramisr195602.XXXXXX.com), which are disallowed. Use `puppet cert --allow-dns-alt-names sign blramisr195602.XXXXXX.com` to sign this request. [amisr1@bangvmpllDA02 ~]$ sudo puppet cert --allow-dns-alt-names sign blramisr195602.XXXXXX.com Signed certificate request for blramisr195602.XXXXXX.com Removing file Puppet::SSL::CertificateRequest blramisr195602.XXXXXX.com at '/var/lib/puppet/ssl/ca/requests/blramisr195602.XXXXXX.com.pem' however, that doesn't help either; I get same errors as before. Not sure why in the logs it shows comparing access rules by IP and not hostname. Is there any Nginx configuration to change this behavior?

  Read the article

• Group policy software installation feature on server 2008

  - by Force Flow

  What is the proper procedure for distributing software updates using group policy's software installation feature? For example, if I want to install Java, and Java 1.7u6 is already added as a package, should I: A) Remove the Java 1.7u6 package (selecting the "allow users to continue to use" option), and add Java 1.7u7? B) Add Java 1.7u7 and specify that it is an update to the existing 1.7u6 package? (Will this install the oldest version first, then install each update one after the other, or will it just install the latest package?) Note that this question is geared toward the operation of the software installation feature of group policy, not specifically the behavior of the Java installers. This could easily apply to the installation of Adobe Flash, Adobe Reader, or any other common software applications with frequent updates.

  Read the article

• centos 6 debuginfo repository does not have httpd debug version available

  - by Zippy Zeppoli

  I am trying to get the debug version of httpd so I can use it in conjunction with gdb. I am having a hard time getting them, and they don't seem to be in the standard epel-debuginfo repository. What should I do? > [root@buildbox-rhel6 ~]# debuginfo-install httpd Loaded plugins: fastestmirror, presto enabling epel-debuginfo Loading mirror speeds from cached hostfile epel-debuginfo/metalink | 8.3 kB 00:00 * base: mirrors.cicku.me * epel: mirrors.kernel.org * epel-debuginfo: mirrors.kernel.org * extras: mirrors.arpnetworks.com * updates: linux.mirrors.es.net epel-debuginfo | 3.1 kB 00:00 epel-debuginfo/primary_db | 487 kB 00:01 Checking for new repos for mirrors Could not find debuginfo for main pkg: httpd-2.2.15-15.el6.centos.1.x86_64 Could not find debuginfo pkg for dependency package apr-1.3.9-5.el6_2.x86_64 Could not find debuginfo pkg for dependency package apr-util-1.3.9-3.el6_0.1.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package db4-4.7.25-17.el6.x86_64 Could not find debuginfo pkg for dependency package expat-2.0.1-11.el6_2.x86_64 Could not find debuginfo pkg for dependency package openldap-2.4.23-26.el6_3.2.x86_64 Could not find debuginfo pkg for dependency package openldap-2.4.23-26.el6_3.2.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package pcre-7.8-4.el6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package glibc-2.12-1.80.el6_3.6.x86_64 Could not find debuginfo pkg for dependency package libselinux-2.0.94-5.3.el6.x86_64 Could not find debuginfo pkg for dependency package zlib-1.2.3-27.el6.x86_64 No debuginfo packages available to install

  Read the article

• Backing up VMs to a tape drive

  - by Aljoscha Vollmerhaus

  I've got myself one of these fancy tape drives, HP LTO2 with 200/400 GB cartridges. The st driver reports it like this: scsi 1:0:0:0: Sequential-Access HP Ultrium 2-SCSI T65D I can store and retrieve files like a charm using tar, both tar cf /dev/st0 somedirectory and tar xf /dev/st0 work flawless. However, what I really would like to backup are LVM LVs. They contain entire virtual machines with varying partition layouts, so using mount and tar is not an option. I've tried using something like dd if=/dev/VG/LV bs=64k of=/dev/st0 to achieve this, but there seem to be various problems associated with this approach. Firstly, I would like to be able to store more than 1 LV on a single tape. Now I guess I could seek to concatenate the data on the tape, but I think this would not work very well in an automated scenario with many different LVs of various sizes. Secondly, I would like to store a small XML file along with the raw data that contains some information about the VM contained in the LV. I could dump everything to a directory and tar it up - not very desirable, I would have to set aside huge amounts of scratch space. Is there an easier way to achieve this? Thirdly, from googling around it seems like it would be wise to use something like mbuffer when writing to the tape, to prevent what wikipedia calls "shoe-shining" the tape. However, I can't get anything useful done with mbuffer. The mbuffer man page suggests this for writing to a tape device: mbuffer -t -m 10M -p 80 -f -o $TAPE So I've tried this: dd if=/dev/VG/LV | mbuffer -t -m 10M -p 80 -f -d 64k -o /dev/st0 Note the added "-d 64k" to account for the 64k block size of the tape. However, reading data back from a tape written in this way never seems to yield any useful results - dd has been running for ages now, and managed to transfer only 361M of data from the tape. What's wrong here?

  Read the article

• export command within shell script

  - by shantanuo

  When I use export command at command prompt, it works as expected. But it does not work from shell script. [root@server shantanu]# export myip=10 [root@server shantanu]# echo $myip 10 [root@server shantanu]# vi myip.sh #!/bin/sh export myipadd=10 [root@server shantanu]# sh -xv myip.sh #!/bin/sh export myipadd=10 + export myipadd=10 + myipadd=10 [root@server shantanu]# echo $myipadd I want to make the variable available to the same script next time when it runs. In other words I am looking for some way to memorize the variable value.

  Read the article

• Server Security

  - by mahatmanich

  I want to run my own root server (directly accessible from the web without a hardware firewall) with debian lenny, apache2, php5, mysql, postfix MTA, sftp (based on ssh) and maybe dns server. What measures/software would you recomend, and why, to secure this server down and minimalize the attack vector? Webapplications aside ... This is what I have so far: iptables (for gen. packet filtering) fail2ban (brute force attack defense) ssh (chang default, port disable root access) modsecurity - is really clumsy and a pain (any alternative here?) ?Sudo why should I use it? what is the advantage to normal user handling thinking about greensql for mysql www.greensql.net is tripwire worth looking at? snort? What am I missing? What is hot and what is not? Best practices? I like "KISS" - Keep it simple secure, I know it would be nice! Thanks in advance ...

  Read the article

• Nginx Installation on Ubuntu giving 500 error

  - by user750301

  I just installed nginx on ubuntu 12.04 LTS. When i access localhost it gives me : 500 Internal Server Error nginx/1.2.3 error_log has following rewrite or internal redirection cycle while internally redirecting to "/index.html", client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost" This is default nginx configuration: nginx.conf has: include /etc/nginx/sites-enabled/*; /etc/nginx/sites-enabled/default has following root /usr/share/nginx/www; index index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ /index.html; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules }

  Read the article

• Exchange 2010 OWA with Client Certificates

  - by Christian

  I have enabled Client Certificate Authentication for Exchange 2010 through IIS7 and the users are prompted to choose their User Certificate when they log in, but they are all then presented with the following error message Request Url: https://<domain_name>:443/owa/ User host address: <server_ip_address> OWA version: 14.1.355.2 Exception Exception type: System.NullReferenceException Exception message: Object reference not set to an instance of an object. Call stack Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.GetUserIdentities(OwaContext owaContext, OwaIdentity& logonIdentity, OwaIdentity& mailboxIdentity, Boolean& isExplicitLogon, Boolean& isAlternateMailbox, ExchangePrincipal& logonExchangePrincipal) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.InternalDispatchRequest(OwaContext owaContext) Microsoft.Exchange.Clients.Owa.Core.RequestDispatcher.DispatchRequest(OwaContext owaContext) Microsoft.Exchange.Clients.Owa.Core.OwaRequestEventInspector.OnPostAuthorizeRequest(Object sender, EventArgs e) System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) The method I followed to enable Certificate authentiaction was from this post: http://www.miru.ch/2011/04/how-to-enable-certificate-based-authentication-on-exchange-2010/ Any ideas? Google isn't being very helpful

  Read the article

• How to Block a HTTP Website along with Its All Subdomain using IPTABLE

  - by netnovice

  I run a small HTTP web proxy site . We can not modify anything there in Proxy program. Few users mainly use Yahoo Web mail for Spamming and We need to block yahoo web mail access only ( complete yahoo website is also Ok) through our proxy . specially .mail.yahoo.com.. Like - we need to block URL like - http://uk-mg61.mail.yahoo.com http://in-mg61.mail.yahoo.com etc. etc. Note : We generaly open http://mail.yahoo.com in browser - but after loggin in it forwards it to Urls like above but all those are subdomain of mail.yahoo.com My target is if we can get all IP list for all available subdomain of mail.yahoo.com I can block it totally . We can only use IPTABLE ...I know using proxy itself we can check HTTP header and check Host field for .mail.yahoo.com. and block it. Solution : Follwoign what I did using IPtable . I collected IP CIDR block for yahoo mainly for yahoo web mail ( mail.yahoo.com ) as much as possible ( using linux host and whois command ) [ like 66.163.160.0/19 nd 98.136.0.0/14 etc ] and applied follwing command Like iptables -A OUTPUT -p tcp -d 66.163.160.0/19 -m state --state NEW -j DROP etc. Things are working fine. user can not access yahoo mail BUT the problem is I need to be updated with the avaialble CIDR YAHOO IP list ... I am ready to do it every week. I collected many from Net... You know theer are countles subdomain of mail.yahoo.com and seems every week Yahoo adding new IP... But what I observed some time user can bypass our rule and the reason obvously all the avaialble Ips are not entered in IPtable yet. What we need to do is enter all Ips of mail.yahoo.co But where do I find all subdomain for mail.yahoo.com I know we can get it from DNS but I must not be allowed to make DNS axfr query. Also doing reverse DNS will have performance issue. I want to know all subdomain of .mail.yahoo.c Can I get it from yahoo site. I have the list of all YAHOO smtp IP....but I need webmail Ip... ( http://public.yahoo.com/carloc/ymail.html ) Can you please share your Idea. Thank you

  Read the article

• One domain, dedicated SSL IP on whm

  - by Vanja D.

  It's long, but please read carefully. I am trying to install an SSL certificate on my dedicated server with WHM/cPanel. I have a dedicated IP to use with the SSL certificate. My main domain is example.com (NOT www.example.com), and I have an account and website already running on it. I bought the certificate for the main domain (example.com without www.). I installed the certificate (successfully). I used the example.com domain, the dedicated IP and the same cPanel user which owns example.com (non-ssl) I double checked ConfigServer for port 443 being open. RESULT: https://example.com won't open, ssl check tool returns a "SSL is not configured on this port (443)" error. I have three questions: where did I go wrong, wht did I miss? is it possible to have one domain on two ips (one for http, one for https)? is it possible to have an ssl host with the same user as the regular one?

  Read the article

• Limit Apache 2 Memory Usage

  - by UltraNurd

  I am running a hobby webserver off of an ancient Blue & White G3/300 running Debian PPC Squeeze 2.6.30. The performance is okay for a while after a restart, but it eventually gets more and more bogged down. Right now it's at 76 days uptime, and the main culprit seems to be the memory usage of 10+ apache2 processes. I think I need to lower the values for StartServers, MinSpareServers, and/or MaxSpareServers, but I'm not sure which one to adjust, and there are three sections for each depending on which mpm module is in use. How do I tell which of the following sections I need to change, and what are some reasonable values given that the box has 448 MB physical memory (weird upgrade history of one each 64, 128, and 256 sticks)? <IfModule mpm_prefork_module> StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 150 MaxRequestsPerChild 0 </IfModule> <IfModule mpm_worker_module> StartServers 2 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxClients 150 MaxRequestsPerChild 0 </IfModule> <IfModule mpm_event_module> StartServers 2 MaxClients 150 MinSpareThreads 25 MaxSpareThreads 75 ThreadLimit 64 ThreadsPerChild 25 MaxRequestsPerChild 0 </IfModule> There aren't any other instances of StartServers in my apache2.conf, but none of those mpm modules appear in mods-available or mods-enabled. Ideas? Thanks!

  Read the article

< Previous Page | 253 254 255 256 257 258 259 260 261 262 263 264  | Next Page >