Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Server security

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

  Generate certificate in Java -- Certificate chain

In previous post, we have introduced the use of Certificate and how to generate self signed certificate using Java. In this post, we will show you how to generate a certificate chain. Sometimes we may only have a certificate request or we don't have a trusted certificate which can be used for business. Now we need to have a trusted CA to sign our certificate so that it can be used on SSL communications. To generate a certificate chain, we may first have our own certificate(A), then we may use ot...

   Java,Certificate chain,Creation, Pure Java     2014-07-30 08:24:52

  How long does the heuristic cache of the browser actually cache?

Heuristic cache Heuristic caching is the default behavior of browser caching (i.e., for responses without Cache-Control), which is not simply "not caching", but implicitly caching based on the so-called "heuristic cache". HTTP is designed to cache as much as possible, so even if Cache-Control is not specified, the response will be stored and reused if certain conditions are met. This is called heuristic caching. HTTP/1.1 200 OK Content-Type: text/html Content-Length: 1024 Date: Tue, 22 Feb 2022 ...

   HEURISTIC CACHE,WEB DESIGN     2023-05-26 08:40:13

  Install both 32 bit and 64 bit WAMP server

WAMP server is a platform tool for serving PHP applications on Windows. It includes a combination of Apache, MySQL and PHP service which can help developers test or run PHP applications with minimal setup. Sometimes one would first have a 32 bit version of WAMP installed and a few applications have been configured. But later s/he would mistakenly installed a 64 bit version of WAMP and somehow the 32 bit version configuration is overwritten. This causes a problem where the old applications config...

   PHP,WAMP,64 BIT,32 BIT,MULTIPLE VERSION     2017-03-18 01:14:21

  How to play with cross domain request

What is cross domain request In simple, cross domain request is to request resource from other domain in one domain. Note, the "other domain" doesn't just mean domain name only, it includes much more. If the protocol, domain name, port is not the same, two domains will be considered different.  Below example describes what is considered as different domain. http://www.a.com/a.jshttp://www.a.com/b.js               # Same domainhttp://www.a.com/lab/a.js &nb...

   FRONT END,JSONP,CROSS DOMAIN,CROSS ORIGIN,CORS,DOCUMENT.DOMAIN,WINDOW.NAME     2016-11-06 00:48:54

  Why Outsourcing .Net Services is a Growing Trend?

IT companies are focusing more on .net for application development. This is because; the .net platform empowers developers with a wide range of tools and libraries to create diverse applications in an easy and efficient manner. The dot net framework allows users i.e. developers, to design and develop applications that can interact with web services and a range of online devices. .Net programming language is richer than others in many contexts. It has several objects oriented features like proper...

   dot net services, outsourcing, .net, framework     2014-10-23 22:30:43

  Top 10 PHP Best Security Practices for Sys Admins

PHP is widely used for various of web development. However, misconfigured server-side scripting would create all sorts of problem. And here are php security best practices that you should aware when configuring PHP securely. Nowadays most of the web servers are operated under Linux environment (like: Ubuntu, Debian...etc). Hence, in the following article, I am going to use list top 10 ways to enhance PHP Security Best Practices under Linux environment. My sample setup for PHP Security Tips: D...

   PHP,code security,System admin,Advice,Best practice     2012-02-01 00:04:37

  Different types of keystore in Java -- Overview

Keystore is a storage facility to store cryptographic keys and certificates. They are most frequently used in SSL communications to prove the identity of servers and clients. A keystore can be a file or a hardware device. Three are three kinds of entries can be stored in a keystore depending on the types of keystores. The three types of entries are: PrivateKey : This is a type of keys which are used in asymmetric cryptography. It is usually protected with password because of its sensitivity. It ...

   JAVA,KEYSTORE,OVERVIEW,JKS,PKCS12,JCEKS,PKCS11,DKS,BKS     2014-08-18 02:09:54

  Bad code plagues business applications, especially Java ones

A new study examining 365 million lines of code in 745 applications identifies bad coding practices that affect security, performance and uptime, with Java Enterprise Edition applications having the greatest number of problems. Cast Software, which makes tools that automate the analysis of business applications, examined programs written in Java-EE, .NET, ABAP, C, C++, Cobol, Oracle Forms, and Visual Basic, used across a wide range of industries from energy and financial services to IT co...

   Program,Security,Defects,Java     2011-12-09 07:42:51

  Arrays.equals() vs MessageDigest.isEqual()

Both Arrays.equals() and MessageDigest.isEqual() are used to compare the equality of two arrays. They can be interchangeably in many cases. However, they do have some differences which lead to different use cases in real applications. One difference is that the arrays passed to MessageDigest.isEqual() cannot be null while it's ok for Arrays.equals(). The one major difference between these two methods is that Arrays.equals() is not time-constant while MessageDigest.isEqual() is time-constant. Thi...

   Arrays.equal(),MessageDigest.isEqual(),Java,Security     2015-05-14 22:03:29

RECENT