Server – Page 27 – WindowsTechs.com

Best practice handling external API accces_token in a server

Posted on June 29, 2020 by Ghimpu Lucian Eduard

I’m currently building a mobile app using the Spotify Web Api.
The thing is, I need the mobile app to only get the authorization code and then send it to the server since the server will call the Spotify web api when needed.
So the server … Continue reading Best practice handling external API accces_token in a server→

Risks of running network services on a LAN hardware firewall

Posted on June 18, 2020 by afora377

I am planning to set up a dedicated hardware firewall like Protectli and run a pfsense on it. I already know that:

it is a good practice NOT to have a wireless adapter on the firewall unit
it is ok to run two independent LANs from the sam… Continue reading Risks of running network services on a LAN hardware firewall→

How to protect HTTP requests coming from mobile from CORS attacks?

Posted on June 10, 2020 by Subhrangshu Adhikary

HTTP request coming from mobile comes from localhost domain, however White Listing localhost in backend open up chances for CORS attacks.
How to secure or filter HTTP request coming from mobile devices?

Continue reading How to protect HTTP requests coming from mobile from CORS attacks?→

XSS Bruteforcing results in 500 internal server error

Posted on June 10, 2020 by Ananda Sai A

I’ve been trying to trigger xss in a website with the following url

https://website.com/login/error?username_or_email=xyz%40gmai.com&redirect_after_login=%2wall

While trying different payloads with Burp Intruder, I noticed that v… Continue reading XSS Bruteforcing results in 500 internal server error→

What is a 504 Gateway Timeout Error and What can you do?

Posted on June 8, 2020 by DigvijayKumar@TWC

If you are reading this, it indicates you recently came across an error message that says –…

For more visit TheWindowsClub.com. Continue reading What is a 504 Gateway Timeout Error and What can you do?→

Untouchable local server

Posted on June 8, 2020 by Sepehr Nematollahi

We have a software that needs a connection to our servers for license management purposes. Now we have a new customer who wants to use our software on systems that don’t have access to internet. So I was thinking about setting up a local s… Continue reading Untouchable local server→

How to build arbitrary code without risking the server?

Posted on May 19, 2020 by Alberto Salvia Novella

I’m creating a server that is in charge of building code. This server should be able to run arbitrary building scripts without those being able to harm the server. For example by modifying configuration files, tampering binaries or stealin… Continue reading How to build arbitrary code without risking the server?→

How to secure a web-only end to end encrypted chat with message persistence?

Posted on May 18, 2020 by Sossenbinder

Currently, I’m trying to create a web-only end to end encrypted chat, with message persistency.

I did some readup on how to create an end to end encrypted chat in JS, I found out there are quite some libs for encryption in js, which is go… Continue reading How to secure a web-only end to end encrypted chat with message persistence?→

Getting a "so-called valid" certificate to work inside the application

Posted on May 8, 2020 by DummyBeginner

There is a Python client app connecting to a Java server app via a secure socket. The connection works great with a self-signed certificate, however, it fails when I attempt to utilize a given valid certificate signed via a CA. I’m suspici… Continue reading Getting a "so-called valid" certificate to work inside the application→

What is DNS Aging & Scavenging & How to configure the feature on Windows Server?

Posted on May 7, 2020 by Obinna@TWC

Windows computers refresh their DNS records in the domain zones hosted by the DNS servers every 24…

For more visit TheWindowsClub.com. Continue reading What is DNS Aging & Scavenging & How to configure the feature on Windows Server?→