similar to: Help, PHP/Mysql connections are so slow.

Dear Security team, I'm Kamolpat Pornatiwiwat, Sys admin of DMaccess Co., Ltd. I'm got the problem, My FreeBSD 6.0 got Dos attacked. What should I do? At the present, I decide to stop apache and leave only mail feature on functioning. Any guide/recommend/solution will be appreciated. More detail about my server: ====================== FreeBSD 6.0 apache-1.3.34_4 php5-5.1.2_1 MySQL

Hello, I have a server running CentOS 4.3 with all the latest updates. The server in question has been hacked by spammers a few times. The details of the hack have been basically the same every time. I find some directory created by the apache user account in /tmp. The new directory contains an html file, and a list of email addresses to spam and a perl script that spams all those email

hello all: I want to install ModSecurity v2.5.4 in my system. I do the following setup to install the lua tar -xzvf lua-5.1.3.tar.gz cd lua-5.1.3/src make linux cd .. make install The ModSecurity ask me to add "LoadFile /usr/lib/liblua5.1.so" to the http.conf,but there is no liblua5.1.so in /usr/lib. I have search it and i didn't find the solution. Can any one tell me why

Hi, I recently tried reviewing/committing some of my code on Phabricator/Arcanist for the first time and I noticed that the docs [1] ask for feedback, so here it is! Phabricator functions reasonably well and it is a lot easier to write comments and respond to comments on particular parts of code as opposed to the old way of copy and pasting patches into e-mails sent to llvm-commits. Two minors

I'm trying to install apache 2.2.x from a tarball. And it works. But I'm also trying to install modsecure, and I can't get that to work. It might help to know what CentOS uses to install Apache when doing the ./configure. === Al

Hello, Is that possible to disable running of PHP on certain directories? I am running a server which provides personal homepage service. However, not every user are familiar with security, some may upload some PHP scripts with bugs/holes. I do not want them to be executed on the server. I can enable the safe_mode, but I have some other PHP scripts which need safe_mode to be disabled. Any

has anybody ever got eaccelerator working with open_basedir on CentOS? https://bugzilla.redhat.com/show_bug.cgi?id=751569 i wonder that the last build is more than a yaer ago and nobody hitted until now or nobody is secring his vhsost and so did not take notice about it http://koji.fedoraproject.org/koji/buildinfo?buildID=181336 -------------- next part -------------- A non-text attachment was

I want to add mod_security to my Apache server running CentOS 5.3 and am trying to find a repository to get it from. I found it in EPEL, but they have version 2.1.7, which is over a year old according to what I found on the modsecurity.org website. Is there a repository which is keeping this up to date? Or should I just build it from source? -- Bowie

I have a group of users (content editors) who need read-write access to apache document root. The apache web server is running as user:apache and group:apache. The filesystem permissions are currently set as apache:apache. How should I modify filesystem permission so that content editors can have read-write permissions and webserver can serve files as well? Following is what I have setup now, but

Hi guys, I''m doing some hackish stuff with manually installing RPMs. Basically I''m pulling them down to /tmp and installing them using provider => rpm, then making the service check that the package is installed before it''ll start. Here are the relevant sections of the pp file: class tomcat inherits httpd { $tomcat_connectors_pkg = $architecture ? {

I'm testing the Samba4 rc6 and Phpldapadmin 1.2.3 in Debian Wheezy. All is working, but phpldapadmin.. When i click to edit any item on the left menu, the "retrieving DN" message is displayed for some seconds and after this, other message is displayed: "There was a problem with the request." Looking at the logs: /var/log/apache2/error.log PHP Fatal error: Allowed memory

On 1 July 2015 at 17:15, Russell Wallace <russell.wallace at gmail.com> wrote: > I'm proposing that LLVM unilaterally replace most undefined behaviour with > implementation-defined behaviour. That's precisely the problem. Which behaviour? Let's have an example: struct Foo { long a[95]; char b[4]; double c[2]; }; void fuzz(Foo &F) { for (int i=0; i<100;

hi all,can I use puppet for security configuration check in centos ? 1.check the kernel version whether great than 2.8.18.237-1 or not. 2.check the glibc,systemtap and udev version whether great than secure version or not. 3.check the php.ini whether set safe_mode to on or not. 4.check the sshd_config whether set PermitRootLogin to no or not. If puppet can make it ,would you like to be kind

On Sun, Dec 27, 2015 at 10:59 PM, Manuel Klimek via llvm-dev < llvm-dev at lists.llvm.org> wrote: > Hi Dan, thanks for the feedback. > > On Mon, Dec 28, 2015 at 6:24 AM Dan Liew <dan at su-root.co.uk> wrote: > >> Hi, >> >> I recently tried reviewing/committing some of my code on >> Phabricator/Arcanist for the first time and I noticed that the docs

Hi I am running ruby 1.8.4 and rails 1.0.0 with Apache 2. I made a simple rails application called demo and also created a controller called say and an action called hello which is working fine using webrick. To run it under Apache I created a symlink demo1 which is linked to the demo/public directory. If I run it using www.example.com/demo1 then I get the "Rails- Welcome Aboard"

after having my own dnsbl feeded by a honeypot and even mod_security supports it for webservers i think dovecot sould support the same to prevent dictionary attacks from known bad hosts, in our case that blacklist is 100% trustable and blocks before SMTP-Auth while normal RBL's are after SASL i admit that i am not a C/C++-programmer, but i think doing the DNS request and in case it has a

Oops, I just missed the python part. Does mod_python have similar options? Or how to stop other users to run python scripts in some directories? On 9/26/07, Miskell, Craig <Craig.Miskell at agresearch.co.nz> wrote: > > > > Hello, > > > > Is that possible to disable running of PHP on certain directories? > > I am running a server which provides personal

Hi Olly and co, On an Ubuntu 15.10, following the docs at https://trac.xapian.org/wiki/FAQ/PHP%20Bindings%20Package When running debuild -e PHP_VERSIONS=5 -us -uc I get (sorry for the French): " dpkg-buildpackage -rfakeroot -D -us -uc dpkg-buildpackage: paquet source xapian-bindings dpkg-buildpackage: version source 1.2.21-2.1 dpkg-buildpackage: distribution source unstable

WE have a centos 5.3 install, and our server is keep getting hacked. We see load averages of 500+ and see people from all over the world logging into our server (used last). Is there a good place to start to avoid these kinds of things? For example, here is what I already did. Open up sshd port only setup iptables to only accept port 80 and 22 No FTP No other ports are allowed according to IP

> On Jan 7, 2016, at 9:57 AM, Mehdi Amini via llvm-dev <llvm-dev at lists.llvm.org> wrote: > >> >> On Jan 7, 2016, at 9:45 AM, David Blaikie via llvm-dev <llvm-dev at lists.llvm.org <mailto:llvm-dev at lists.llvm.org>> wrote: >> >> >> >> On Sun, Dec 27, 2015 at 10:59 PM, Manuel Klimek via llvm-dev <llvm-dev at lists.llvm.org