Tagged Questions
1
vote
1answer
81 views
In some Host 755 is writable folder and in some its not ? What are the changes once should make to make 755 writable
In some Host 755 is writable folder and in some its not ? What are the changes once should make to make 755 writable.
Is that User Issue to whom the file is served ?
For an Instance, If file is ...
1
vote
0answers
386 views
X-Frame-Options with intranet site
I'm building a web application on Apache. To prevent "click-jacking", it's been suggested that:
Most modern Web browsers support the X-Frame-Options HTTP header, ensure it's set on all web pages ...
0
votes
1answer
91 views
mod_jk.log shows what url?
I have mod_jk connector between Apache and Tomcat (on Ubuntu) and I'm looking at the mod_jk.log. The log mainly looks like this:
[Fri Jan 18 18:37:32 2013]ajp13 <some url from my domain> ...
0
votes
3answers
75 views
.htaccess instead of username password protection
I am just coding a small website with an admin panel.
Since I am going to be the only one who will access that panel I was thinking instead of making traditional username - password matching just ...
0
votes
1answer
128 views
How to disable all file uploads to a server?
Is there a way, through php.ini or .htaccess to disable all file uploads to a server?
The only catch is, I want to have one folder (example an admin folder) to still have access to upload.
I am ...
0
votes
0answers
35 views
How to set binary file download in ErrorDocument or DirectryIndex on Apache webserver
Just a theoretical security question that come to my mind.
Is it possible to set Apache web-hosting via httaccess to present you with binary file instead of document when you access a directory ...
1
vote
3answers
166 views
How to stop too many requests in web applications?
I am looking for alternative security cautions for Apache web server. I generally work with PHP and MySQL.
For processes like user login, I keep IP address, try count, and last try time in database, ...
-1
votes
1answer
44 views
What are the advantages of using folders in a web server? [closed]
I mean, beside organization and permission management, is there any advantage of using folders in the root directory in a web server.
Just out of curiosity.
5
votes
1answer
325 views
403 forbidden error after installing mod_security
I have installed mod_security & created some rules for exception for my domain. However I am still facing 403 forbidden error for some of my scripts.
I have a php file named myajax.php which ...
1
vote
0answers
64 views
Protect a “Friendly URL” with .httaccess
I would like to protect a "friendly url" that i have in my htacces file. Just to be a little bit more clear, i have these rule:
RewriteRule ^([a-z|A-Z|0-9|\/|\-|\_]+)$ index.php?page=$1
That ...
3
votes
1answer
78 views
Trapping Bad Behavior with rewrite -phpmyadmin anywhere in URL
I'm hoping someone can help as I'm a bit of a noob when it comes to apache mod rewrite, and getting this one wrong can screw things up pretty bad.
While going though my security logs I noticed that ...
1
vote
1answer
520 views
How to disable script execution with .htacces [closed]
This is my virtual host configuration file
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName my-domain.tld
ServerAlias www.my-domain.tld
DocumentRoot ...
1
vote
2answers
240 views
Make php files hidden from outside world
My php website have multiple php files , some of them are for user interface and some of them are helper files(the files, which communicates through database and each other to return a result). Now I ...
0
votes
1answer
83 views
Is .htaccess directory restriction enough?
I'm building a Mp3 store with Drupal and Ubercart. I would like to implement the best security measures to proctect the content from hackers etc. I have a file directory with .htaccess file
Contents ...
0
votes
0answers
259 views
Apache web server - tomcat app server - SSO integration
I am designing a system to authenticate user requests against an SSO service. Here is what the flow of events will look like.
The client (browser) sends a request to the app server. The requests are ...
