By default, Apache reveals its version number a couple of ways. Most often, the server version is returned in server response headers although it is also printed in the default footer of directory listings generated via the handy mod_autoindex module.
Revealing the server type and version number can make it easy to identify servers vulnerable to attacks affecting a given web server version. By hiding or changing the ServerSignature, a system wont be inherently more secure, but it will make it less visible considering most machines will more easily give up their version numbers. Perhaps you want to display a message to the users in an auto-indexed sectioned of your website. You can setup a "readme" file and tell apache to include it as a footer to auto-index pages with the ReadmeName directive. What if you wanted to hard code a message, or even display a message after a readme file has been included?
Need to modify the Apache source...
(more...)
The impetus for this solution was to eliminate the duplication of functions a javascript source file. The concepts could be applied with little modification to any language with c-like syntax. I chose to implement in PHP because that's what I happen to be working with these days though I do make use of a grep trick which means it would be easiest to run this on some type of posix system with grep & php.
(more...)
When using the tabbed browsing feature of Mozilla Firefox, I run sessions with 10s of tabs. Often times I will close a tab by mistake as I try to quickly pare down on tabs as I'm processing information.
To "undo" the closing of a tab, you can press [ctrl]+[shift]+t. Try it out.
I have gotten to the point of needing another laptop, and I've been hearing so much about the EEE.
I decided to give it a shot.
(more...)
I use this handy-dandy Regular Expression:
preg_match_all("/href=[\'|\"]http:\/\/([a-zA-Z0-9\.\/\?\-\_\:\=]*)[\'|\"]/i", $haystack, $links_array);
This fills an array ($links_array) with any URLs found in $haystack. No more complex than that, though as you can see, regular expressions can be complex in their own right - they're powerful!
If I were just starting out learning about databases, this is what I would do.
Make yourself a personal goal to learn as much about database concepts as you can. Don't limit yourself to MySQL or any one database system for that matter. There are a lot of peculiarities in the way certain features are implemented in certain ways, depending on the engine that you will not find in any other database system.
(more...)
This is a solved problem, yet the volume of applications that are exposed to vulnerabilities due to improperly filtered input is staggering.
(more...)
