Collaborate Disseminate
I’m using an Apache Proxy with LDAP modules for authentication management. But I don’t want to hardcode the password of the LDAP service user to query the domain.
I have already used other applications that work with secure storage or wall… Continue reading How to avoid hardcoded passwords on Apache httpd config file [migrated]
How can I block composer attacker access in Apache?
But keep composer working for the application?
I’m running Ubuntu and Apache, does anyone know?
Using auxiliary/scanner/http/tomcat_mgr_login, I get the following reply after run the exploit command: authorization not requested.
I have set rhosts and my test server is listening on rport 80. Can anyone help me out on this?
Continue reading Authorization not requested tomcat_mgr_login [closed]
I am setting up a company intranet (extranet) and need to block all traffic requesting to the portal besides anyone connected to our VPN.
What I’ve tried
I’ve tried adding this to /etc/apache2/httpd.conf
<Directory /var/www/portal>
… Continue reading Blocking all incoming traffic besides one IP [migrated]
I am trying to get an Apache server running over HTTPS on a local network with an IP address 192.168..
And our requirement is to make this local server secure. (no outside network / internet connection available)
I have gone through many t… Continue reading TLS certificate with private IP address [duplicate]
I’m running:
Ubuntu 20.02
Apache/2.4.41
PHP 7.4.3
I am running a simple web server that will accept file uploads, store them and catalog them in a database.
When I check /var/log/apache2/error.log, I see
–2022-06-01 00:07:44– https://… Continue reading How do I prevent this PHP/Apache exploit?
This is a comprehensive Apache Hadoop and Spark comparison, covering their differences, features, benefits, and use cases. Continue reading Hadoop vs Spark: Data Science Tools Comparison
I’m setting up an server, the default configurations allow for connections with deprecated TLS versions. Should I remove deprecated TLS versions from my server? What is the difference between a deprecated and insecure algorithm?
Continue reading Should deprecated versions of TLS not be used
I’ve configure multiple apache web servers so they filter the request and if they have a specific request_uri the request would be redirect to a c2 server.
I do that with the next line in the apache conf files
ProxyPassMatch "^/thisis… Continue reading Chain apache web server acting like reverse proxys using proxychains
I am doing a reverse proxy with apache to redirect https traffic filtering by the uri request.
Right now I have the next
ProxyPassMatch "^/thisisthepath$" "https:192.168.1.40/thisisthepath/$1"
Like that it works fine b… Continue reading ProxyPassMatch redirect to the same request uri