Tag: Security
Sorted by: Newest Newest Oldest

: Uploading user files: should I rename them? I have a website which allows users to upload their files (say, like attachments to messages in forums). ~90% of the files are pictures and the rest

: How to restrict web site/intranet access to company network? What is the best/most secure way to create a web site or intranet on an externally hosted server, but make it only accessible from

: How do I get Google to mark my website as "safe" in the search results with a small green icon? Some websites are marked as safe in the Google search results like shown in the image: My

: Is it illegal to create a website that allow a user to upload a file and make it accessible and downloadable for others? I am working on a website in which a user can sign in and upload

: What to do about certificates being distrusted Recently Google Chrome started issuing a warning on the console which says: The SSL certificate used to load resources from https://www.example.com

: Keep order status private from search engines? I searched hard before posting this question. I apologize if it is a duplicate or if this is not the correct forum. We have a homegrown shopping

: Odd Apache Request "GET /shell?echo+jaws+123456;cat+/proc/cpuinfo HTTP/1.1" I've been looking into an issue with my servers, and while looking I found this weird request in the Apache Access Log

: HTTP webpage is Showing "Not Secure" in Chrome I've called GoDaddy a few different times and they said that it looks like it is a problem with my HTML file. Except, my HTML file is the

: Does SSL require a client side certificate of any kind at all? A friend insists it does, that both browser and server both need certificates. I say no, only the server requires one, with two

: Adding another domain SAN to a shared hosting server's multi-domain SSL certificate? I am familiar with simple DV certificates, but not any of the other fancier stuff - like EV, wildcard and

: Are there security concerns with migrating a sub-sub domain to a new platform, leaving another in place, and abandoning a third? I have been tasked with launching a website for my organization.

: Google Search Console alert: Harmful content - Uncommon Downloads today Google Search Console show me some alert on my website click on link "Malware detected?" open a page with details: but

: Are there other options besides HTTPS for securing a website to avoid text input warnings in Chrome? One week ago Google sent me an email to go HTTPS. If I won't transfer HTTP to HTTPS then

: Can access to Google Analytics with historical data be recovered after losing administrator access? I have lost my administrative accessibility to my website under User Management in Google Analytics.

: COMODO SSL Analyzer Error -14 I have a hard time understanding Comodo's SSL Analyser error in some cases. If queried on smtp.tiscali.it:465,it returns the image below: However, if querying in

: How could viruses/malware launch from websites in user environment? I'm familiar with web frontend only superficially. However I'm wondering how is it possible to inject virus on the web site and

: People can see my site but I can't, what can be wrong? I can't see my own site, but other people can. I tried private settings and I don't see firewall. It is so frustrating, it keeps saying:

: What does "Require all granted" on Directory / (root) REALY means? (Apache 2.4 on CentOS7 im sure, this question looks really stupid first. but i need a "second opinion" on this, even i did

: Google wants sites to use SSL, but complains when compression is turned off to prevent BREACH hacks Google has let it be known that they want websites to move to SSL, and they will start

: Reach only one file through :80 I have an owncloud server which is using HTTPS (www/owncloud). I redirected all HTTP request to HTTPS. Now I need to reach one file using HTTP (www/other/directory/file.txt).

: Website getting lots of visits from this address? As the title says one of my clients website getting lots of visit from this domain ? notify.discoverfinancial/notify-Legal_Notice_Splash_Page What

: Where can I redirect exploit scanning bots? I get a lot of those exploit scanning bots like the ones looking for a WordPress login (which I don't have) or guessing other exploitable URLs.

: Customer's financials compromised - they think it was my site Sorry for the title, this is a confusing problem and I wasn't sure how to make the title succinct. The background: I have a

: Google searched links (to a site I administer) are redirecting users to fake websites I'm quite stumped here as I am not an expert when it comes to scripts.. Some users, searching for a product

: Is adding Disqus to website safe for user privacy? Some guides (see gohugo.io or webmasters.stackexchange.com for examples) recommend Disqus as a commenting feature for static sites. Is adding Disqus

: Wordpress security from bots One of my clients website is getting massive traffic from China most of which are bots. These bots are hitting the site nonstop causing the VM to use very high

: Is it bad practice to change the "From" name when sending emails? I have an email module that lets users send an email to their city councillor. As of now, the From address of every email

: Non Secure Ecommerce Website effects For the past couple weeks now we have seen a non-secure warning displayed on our site where the SSL/Security info for a website would normally be displayed

: Does cPanel overwrite passwd, shadow, and group files? I had the need to use SSH to update the /etc/passwd, /etc/shadow, and /etc/group files in order to add multiple SFTP and SSH users for

: Web security features from host provider I am working with a contractor to get a website built with text, video, facebook and twitter integration. No commercial transaction, just plain information

: What cipher suites should I consider on government website I maintain a website for the government, which is http only. The target audience is all civilian, so the browser client may be very

: Browsers to accept a self-signed certificate I have created a self signed certificate like this: #!/bin/bash EXPIRE=3650 if [ $# -gt 1 ]; then EXPIRE= fi mkdir -p cd openssl genrsa

: What events caused mass migration to HTTPS? For several years I see that Google, Facebook, etc start serving (and even redirect to) content via HTTPS. Serving sites that prompts passwords in

: Amazon EC2 and CA-signed certificate with LAMP stack I have an EC2 server set up, using the free trial. I have installed my LAMP stack and the docs urge me to get SSL going. Using yum, I

: My personal website was cloned in its entirety, is this a security concern? I was googling my (real) name yesterday (which is the name of my site) on a lark and discovered a website that

: Weird new users in Joomla user group "Administrator" I noticed today that 30 people or so registered to my Joomla site (I don't expose a registration/login form), most of them appear to be

: Google reports URL injection - but the reported URL returns a 404 even when fetched as Google Yesterday we found out that in Google Search, the website is reported as "This site may

: What is the range of IPs that someone with a dynamic IP address can be assigned? I am working on a security policy and I'm wondering about users who have a dynamic IP address. If their IP

: Why do many websites block requests from common HTTP libraries by user-agent? Writing spiders, I have noticed that many sites will return a 403 error if I hit them from popular HTTP software

: With ICANN control change, what other ways can users find web address? ICANN is now going to shift from US control to international community control. My questions is - how can my users find

: Is a "Show Password" option on login form safe? A website I use occasionally has had a recent overhaul and added a "Show" checkbox next to the password field on their login form. I understand

: How to require user login using htpasswd within the htaccess file? I'm trying to require users to login and would like to handle the request with htpasswd in the htaccess file: Any ideas on

: What is SymLinksIfOwnerMatch? What is SymLinksIfOwnerMatch in .htaccess, in layman's terms? I have this option active. Do I need it? I have a plain HTML web site (though might go for Joomla one

: How do i exclude a Wordpress Site from search engines? The goal is to have a simple Site (Wordpress) for company employees to retrieve information wich can be sensitive. The site is supposed

: How do I exclude a WordPress site from search engines and make it accessible only via password? The goal is to have a simple WordPress site for company employees to retrieve information that

: Has my website got a virus? Building a website for a customer and as I sent him a link on Skype to the new page, he said he got alerted of a trojan virus. He clicked on the link on Skype

: What do I need to do before deleting a domain name? I've owned a domain name including webhosting for a couple of years. No I don't need the domain anymore. Is there something I should do

: WIll a HTTPS page with video player & a video served off HTTP become insecure? A page is on HTTPS and all content on it is served from HTTPS, however, this page contains a video player,

: Should use HTTPS on a simple website? I am a bit confused regarding when should I use HTTPS. I have some websites: a blog, a forum, a website with some forms and other websites like these.

: Someone trying to attack my Joomla website with many different IP's I have a serious issue here. Someone is trying Brute force login into my site. I already have plugins to nullify that attack.

: My website URLs have fake search term query strings that are appering in Google search A few days ago I was informed that my website appears when searching some random terms with a URL that,

: How can I give my users the proof that their data are encrypted? I want to implement a feature on my website that will hold private client data. I want to promote this feature, but how can

: Restricting Google Maps js API keys to just my domain My site uses the Google Maps javascript API, so I'm using a "Browser key", which is plainly visible in my javascript to anyone who does

: Collect personal data in europe using google forms Since there have been issues regarding web service providers that store personal/confidential data of users outside of the European Union, I am

: Can browser vulnerabilities effect wesbite security? Can browser vulnerabilities lead to problems with a website Security? Let's say that I have a website that is globally accessed. Can an old

: Separate server for images? Should I be using a separate server for hosting images that are created on a website? For example, my application creates images and currently stores them on the

: Web hosting service with support for HTTPS, HSTS, HPKP Currently, I have my website deployed on a private server, but I'm looking to move to a "real" web hosting service to better serve my

: Creating an archive/snapshot of a wordpress site -- how? I help to run a 15 year old site which is powered by wordpress (along with various kinds of legacy static content). The site has probably

: Block IP requesting xmlrpc.php We have a firewall with modsecurity installed. I would like to write a rule to block any IP address for 24 hours if that IP requests xmlrpc.php. Please note that

: Single Page Web App - Auto-login security conundrum We have a single page web application written in Angular with a Java back-end. It is public facing and as part of the security model we

: Is it able to disable secure attribute for Cookie on SSL connection? There are HTTP and HTTPS page on our site on Apache. So We need to convert from HTTPS to HTTP or from HTTP to HTTPS

: Cannot get Content-Security-Policy to work I'm trying to implement CSP, but cannot make the script-src work correctly. I strongly want to avoid unsafe-inline, but all attempts to circumvent this

: How to find the folder in a host server with its name starts with a "~"? For example: http://my-domain/~service In this case, I couldn't find a "~service" folder or file in the server but

: How do you handle input sanitization on forms? how do you handle input sanitization on forms? do you use javascrpt or just client?

: Someone/something accessed a link in an email, but it was not who the email was sent to Could anyone solve this mystery? We have an web application that is only available to invited users.

: How can I tell if my website visitors are using LastPass or other password managers? I want to make sure visitors to my website have the best experience possible so I want them to be able

: When setting up LAMP for testing at a local machine, how do I make sure it's not remote accessible? I'm setting up a LAMP stack on my local machine for testing. How do I make sure the web

: How can I avoid being hacked? I have a website built on Joomla/PHP and it was going well until I found a RewriteCond directive in my .htaccess file to a website with porn content. RewriteEngine

: Does using the same mail and web server increases risk of DDos due to IP exposure? I use the same server for sending my emails and web hosting.I send user registration and support forum mails

: How to Secure Wordpress website using .htaccess , allowing only index.php execution access I am responsible for security of lots of shared hosting server. We have at least 500 wordpress website

: How can I find out if my website is being scraped? And how do I stop it? Is there a way to identify that someone is scraping my website?

: How to find out the strength of the Wordpress (already stored) password? I am responsible for security of lots of shared hosting server. Most of them are having WordPress websites. Each server

: How to list all URLs in the source code files of a website with command line tools? I have folder that contains the source code files of a website (tons of html, css and php files). I would

: How to determine if a user agent string has proper syntax or might be a hacking attempt? I was checking my server via awstats to see who was visiting my site and I have a user-agent of

: How to monitor a website's networking activity towards 3rd party servers? I have a Wordpress site with some plug-ins installed. I would like to check if my site tries to access any 3rd party

: What are the benefits of requiring HTTPS between AWS CloudFront and the origin server? I am hosting a website on Amazon CloudFront and we've recently updated the distribution to require HTTPS

: Are indexed Wordpress admin pages a security threat? Because it was blocking Googlebot from accessing important files, I recently updated our /robots.txt file and removed most of it, including

: How to detect if file with a .png extension contains code or an image? I was in a trouble last few days since my web host was hacked for POST on PHP files. I've been dealing with files

: Malicious links to our site on Google's SERP redirecting to shady pages Our website is being attacked in a curious way: on the Search Results Page, Google is showing links that look as if

: .CA Domain registratrs for DNSSEC We have a .ca (CIRA) domain that currently uses DNSSEC through the ISC DLV registry service. We are aware that DLV is shutting down by 2017. We have communicated

: Someone else set up a trial Google Apps account on my domain. How can I get Google to disable it? I own my domain (say, mydomain.com) and administer it through my hosting provider. A couple

: AWS EBS Tomcat instance being hacked I'm using AWS EBS instances with tomcat for my java web application. But somehow some guy manages to hack into my instances and all I can see are these

: Allow third party to use domain subdirectory without risk to your server If you have a live site on example.com, is it possible to allow third-parties to set up their own site at example.com/project1,

: Using .htaccess deny returning 302 and not 403 forbidden I'm in the process of adding yet another layer of security to some of my WordPress installs, since some of my customers sites use shared

: Will data be encrypted if an HTTP page POSTs to a HTTPS handler that redirects back to HTTP? My host gave me a subdomain of their domain that has HTTPS: https://mysite.example.com My own

: HTTPS connection is "not safe" due to images I am currently working on a website and I have successfully installed my SSL certificate. The GeoTrust SSL/TLS checker confirmed that the certificate

: Suspicious Web Traffic from Amazon.com ISP Just a few hours back I was checking my logs when I found a whole bunch of traffic from IP address 54.174.xx.xx and ISP Amazon.com (validated from

: What file permissions should I set before I give website project folder to hosting service? I am using a CMS called Jekyll to build a website. My understanding of jekyll at this point is that

: Are Commercial SSL Certificates (key file, and certificate file) portable when migrating between a new and old Apache2 server? We have an SSL Certificate that's currently on our Apache2 server

: What is infecting these networks between 10/25/15 and 11/1/15? Just noticed a fancy new graphical threat dashboard in the Google malware scan systems. There seems to be a cleanup then subsequent

: Is it insecure to make the CPanel username same as domain name? If I set my cPanel username same as domain name, then everybody already knows my cPanel username. Does it pose security risk?

: WordPress security checklists on cPanel I'm installing WordPress on a shared cPanel hosting for blogging. I'm planning to install it in a folder under public_html, that is, public_html/myblog. I

: Is SiteLock really beneficial in protecting medium sized websites (1k pages)? My sites are hosted at a shared server at HostGator who have recently started sneakily pushing their customers to

: Securing images from browsers and humans Particular parts of a website I'm working on will have pictures not intended for the general public. It is already behind a password protection and the

: Can spambots access pages available to only registered, authenticated users? I have a web application where users register and are activated via an email sent to the email address they supplied.

: Unable to locate phishing URL in CPanel file manager I received an email from Google that there may be phishing pages on my website. Below are example URLs on my site which may be part of

: Why are these Google cloud fuzzers hitting our site? How does attekett_dom_fuzzer work on images? Noticing today that there is yet another strange visitor hitting our server/site from a Google

: Part of a PHP file is missing, did I get hacked? my website is built by jooml 3.4, today it gets a syntax error message like this: syntax error, unexpected 'if' (T_IF), expecting function

: Does Cloudflare use different authentication mechanisms across platforms? I'm using Cloudflare flexible SSL for a website I made, and after investigating certificate properties, I realized different

: Use GPG keys in cPanel? So, the cPanel web hosting management console has a GnuPG Keys area, which allows you to create or import GPG/PGP keys. However, it doesn't seem that the server actually
Next Page
Terms of Use Create Support ticket Your support tickets Powered by ePowerPress Stock Market News! Top Seo SMO © vmapp.org2023 All Rights reserved.