Add the following list of lines into .htaccess file or to vhost configuration file appropriate to the folder within the website
Deny from all
Same will be the case for denying files within directories
<Files ~ “\.ini$”>
Deny from all
The above lines of code will be helpful for us to prevent .svn files, .ini files, .htaccess files, include files from display within Apache
Whitelist validation refers to data validation techniques such as checking the data type, data length, input range, nature of data by its format (for e.g. phone number will be ten digits separated by hyphens satisfying the format nnn-nnn-nnnn). Regular expressions may be used for format validation in inputs.
Blacklist validation refers to rejecting data based on a know bad list filter. This is not a powerful solution as the list of possible exclusions will be many and it is difficult to implement all possible scenarios. Blacklist validation should be used in conjunction with whitelist validation but in cases where whitelist validation cannot be applied at least blacklist validation should be implemented.
Dynamic SQL (concatenated sql string) is a coding practice where by the queries are built in the program and sent to SQL Server for execution. This can allow the code to be injected into the dynamic queries causing a damage to the database.
A good alternative is to use parameterised queries where placeholders are set for the variables. The possibility of queries getting infected with injected code is completely removed with parameterized queries.
In addition to parameterized queries, it is alway a best practice to sanitize the input parameters before using them in queries.
Also the data input should be encoded appropriately especially in case of dynamic sql usage and to apply appropriate encoding when extracted from the database to avoid cross-site script execution.
First, download the Zend framework and unzip the file contents to a location. At the time of the writing ZendFramework-1.11.12 was in use and we have used that version in this example. Key content of the download is the /library folder which has Zend libraries in it.
Then, go to the “conf” folder that was created when the site was created.
Inside the conf folder, create a new file and name it vhost.conf
Add the below contents to vhost.conf and save it. Continue Reading…
… a question that raises in the mind of programmers developing applications in their local development environments.
This can be achieved by making the following modifications.
Step (i) Install the WAMP / XAMPP server in your windows machine. After this install you will be able to access sites created on the localhost with URL http://localhost
Step (ii) Download and extract the send mail application for Windows from http://glob.com.au/sendmail/. Remember the path where you have extracted sendmail. For e.g. c:\wamp\sendmail
Step (iii) Edit sendmail.ini within c:\wamp\sendmail. This ini file has enough documentation explaining how the configuration changes should happen on the file.
$ mail -s “Subject: Test email from linux server” firstname.lastname@example.org
Press the “Return” key
Enter the body part of the email
Press ctrl + D
Enter a CC email if you would like (e.g. email@example.com)
Press ctrl + D again
Then check the mail box to see if the mail has arrived.
Many email servers depend on Reverse DNS in order to identify if the mail is legit or spam. For the Reverse DNS to work correctly, two points need to be addressed
a) Look for IP address of the mail server should return its name. PTR record should be set for this
b) Reverse look on the name should return back the IP address
$ dig -x 22.214.171.124
;; ANSWER SECTION:
126.96.36.199.in-addr.arpa. 66372 IN PTR mail.example.com.
$ dig mail.example.com
;; ANSWER SECTION:
mail.example.com. 900 IN A 188.8.131.52
Check the IP address that is getting resolved matches the name that is getting returned back.
First Check PHP version that is currently installed
$ php -version
Check Linux Version
$ cat /etc/*-release (or redhat-release)
Create a repo file with the content given below. As you can note, we are looking for package upgrade related to php only.
SELinux is a feature that may be turned on certain servers and it can restrict access to certain ports. In order to gain access and make the ports work, you need to open those ports.
To see if SELinux is set, type
To list all port, try the semanage command
$ semanage port -l
To check for a specific port that is opened
$ semanage port -l | grep 8085
To allow access to a specific port
$ semanage port -a -t http_port_t -p tcp 8085