Today's Question:  What are you most afraid of as a programmer?        GIVE A SHOUT

  WRITE ARTICLE

 SERVER SECURITY


  How to secure an Ubuntu Apache web server

Securing server software is not a straightforward task. Not all of our operating environments are the same, leading to a variety of potential security vulnerabilities. However, using a few basic configuration and security options, you can stay a little ahead of where you want to be. 1. Fail2ban Fail2ban is a Python-based intrusion prevention software that detects and blocks malicious IP addresses from multiple unsuccessful attempts at software logins. In other words, if someone is attempt...

2,737 0 0          CACHE .HTACCESS UNIX SERVER SECURITY LOG


  How does CSDN dare to use plain text as password?

Recently, the China's largest Chinese IT community website named CSDN leaked its user's account information. Later today CSDN made an announcements to its users on their website. The announcement said that some user account information was leaked and the passwords of the accounts were stored as plain text in their database before 2009, and after 2009, they adopted an encryption algorithm to encrypt user password. They urged all users who registered the account before 2009 to change their passwor...

3,345 0 0          SECURITY INFORMATION LEAK CSDN PLAIN TEXT


  Bad code plagues business applications, especially Java ones

A new study examining 365 million lines of code in 745 applications identifies bad coding practices that affect security, performance and uptime, with Java Enterprise Edition applications having the greatest number of problems. Cast Software, which makes tools that automate the analysis of business applications, examined programs written in Java-EE, .NET, ABAP, C, C++, Cobol, Oracle Forms, and Visual Basic, used across a wide range of industries from energy and financial services to IT co...

1,900 0 0          JAVA PROGRAM SECURITY DEFECTS


  Three Simple Ways to Improve the Security of Your Web App

It seems like web app security has entered the public conscious recently, probably as a result of the press covering the activities of groups like Anonymous and incidents like security breaches at several CAs. Here are a couple of quick security tips to improve the security of your web apps. Think of these as low-hanging fruit, not as a substitute for thorough analysis of your app’s security. If there’s interest in this topic we can do more posts, too - let us know in the comments! Pro...

1,787 0 0          SECURITY SSL WEB APP X-FRAME-OPTIONS


  FUCK PASSWORDS

I'm so tired of passwords. So, so, so tired. Most people don't understand this. Most people use the same password everywhere. Most people can just mechanically type out password3 in every password box, smirking to themselves at how clever they are, because who would ever guess 3 instead of 1? I don't do that. Let me tell you what i do. I generate a different password for every service, based on a convoluted master password and the name of the thing. I do this because it's what you're...

3,023 0 0          SECURITY PASSWORD RANDOM GENERATION HARD TO REMEMBER


  Full disk encryption is too good, says US intelligence agency

You might be shocked to learn this, but when a quivering-lipped Chloe from 24 cracks the encryption on a terrorist’s hard drive in 30 seconds, the TV show is faking it. “So what? It’s just a TV show.” Well, yes, but it turns out that real federal intelligence agencies, like the FBI, CIA, and NSA, also have a problem cracking encrypted hard disks — and according to a new research paper, this is a serious risk to national security.The study, titled “The growing...

1,133 0 0          FDE FULL DISK ENCRYPTION CRACK DIFFICULTY


  Setting server timezone

To set your web servers date timezone, for example for Eastern Standard Time (EST) use the following code:SetEnv TZ America/IndianapolisFor example, for Los Angeles time (Pacific time), use the following code:SetEnv TZ America/Los_AngelesOther location examples include:America/New_York - Eastern Time America/Detroit - Eastern Time - Michigan (most locations) America/Louisville - Eastern Time (Louisville, Kentucky) America/Indianapolis - Eastern Standard Time (Indiana, most locatio...

1,192 0 0          SERVER CHANGE .HTACCESS TIME ZONE