Hi, hopefully simple DNS/SPF question:
Is it possible to set anything in BX DNS settings or via the shell to append
a DNS record to all domains?
My thought is that I'd like to be able to add a TXT record for SPF, just
stating that the A and MX records can be used. It seems the same SPF
con
Hi Michael,
> It's fine to put it into /etc/php.ini. This will only get replaced if you
> install or
> upgrade a third party PHP package.
>
> At all other times php.ini is just edited by the GUI to change certain values.
>
This may be a bit of a doh! question ..
We are using a Solarspeed PHP p
is there is BlueOnyx equivalent to do the iptables commands below?
They also mention lsof.Where can I get that from for blueOnyx?
>From the CBL:
{http://cbl.abuseat.org/lookup.cgi?ip=x.x.x.x}
Finding the problem by network activity: Linux/FreeBSD etc
One way of finding the user that is i
Hi Wayne,
> is there is BlueOnyx equivalent to do the iptables commands below?
>
> They also mention lsof.Where can I get that from for blueOnyx?
Both "iptables" and "lsof" are installed by default on BlueOnyx.
> sudo apt-get install lsof
On BlueOnyx we don't use "apt" to install updates
Wayne,
You should be able to do
/usr/sbin/lsof if your running as normal user.
To install On CentOS or Scientific Linux Blue Onyx Server
yum install lsof
As for finding the bad compromised files on your server, here is what i have
done.
You must do the next steps as root
First, stop se
Hi everyone,
One of our clients recently had an external security audit on their dedicated
server and the security firm recommended disabling all cipher suites that run
in CBC mode (as, apparently, we have some running on that server).
Is this easy to do in BlueOnyx? We’re running 5107R here.
Hi Matt,
> One of our clients recently had an external security audit on their
> dedicated server and the security firm recommended disabling all
> cipher suites that run in CBC mode (as, apparently, we have some
> running on that server).
>
> Is this easy to do in BlueOnyx? We’re running 5107R
Hi Michael,
As always, an incredibly in-depth and educational response. Based on the
limited time working with super-strict security audits, it’s my sense that they
feel the need to flag anything possible (even really crazy things that don’t
matter) to make the case for their fees. I get it —
Hi Matt,
> As always, an incredibly in-depth and educational response.
No problem.
> In any case, this recommendation was made in the “informational”
> category of fixes, so I think we have solid ground to put forward
> ignoring the recommendation.
Indeed. Just file why you're not implementing
Hi Colin,
> This may be a bit of a doh! question ..
>
> We are using a Solarspeed PHP package so need to change the max_input_var in
> the site folder but it says read only.
>
> What am I doing wrong? Logged in as root.
I didn't realize there was such a demand to edit this value. I'll make
it
I'm just as surprised. It really is a terrible thing to do. If you've got
>1000 input fields, you are doing it wrong. Ajax is the right tool for the
job.
I say this as the one that sparked it off. I've got an app that isn't worth
a re-write. :)
On Thu, May 7, 2015 at 6:35 PM, Michael Stauber
wro
Hi Matthew,
> I'm just as surprised. It really is a terrible thing to do. If you've got
> 1000 input fields, you are doing it wrong.
I was thinking that as well. :p
But it's all good. It's a security feature and it's beneficial to have
the ability to edit these settings alongside the other confi
I just had a web developer upload a ca-cert to their vsite but he didn't
check it and it had text comments in it from the CA which you are supposed to
edit out first. This stopped the apache server and it couldn't restart until
the offending ca-cert was manually removed by me. Probably needs some s
Hi Ernie,
> I just had a web developer upload a ca-cert to their vsite but he didn't
> check it and it had text comments in it from the CA which you are supposed to
> edit out first. This stopped the apache server and it couldn't restart until
> the offending ca-cert was manually removed by me. Pr
Hi all,
> I'll have it ready by tomorrow or thereabouts.
Actually: It's done and published now.
I just released updated base-vsite RPMs for 5207R, 5208R and 5209R. You
can now edit the 'max_input_vars' PHP parameter both for the global PHP
settings and on a per Vsite level.
That would be:
Glob
Good to know
Thanks!
On 5/7/2015 8:37 PM, Ernie wrote:
> I just had a web developer upload a ca-cert to their vsite but he didn't
> check it and it had text comments in it from the CA which you are supposed to
> edit out first. This stopped the apache server and it couldn't restart until
> the o
16 matches
Mail list logo
