Posts

Showing posts from 2011

make Apache to Proxy/Caching Server

add these config to httpd.conf
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule cache_module modules/mod_cache.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so

Listen 8080
NameVirtualHost *:8080
ErrorLog "logs/proxy-error.log"
CustomLog "logs/proxy-access.log" combined
ProxyRequests On
ProxyVia On
Order deny,allow
Deny from all
Allow from 127.0.0.1
CacheRoot c:/cacheroot
CacheEnable disk /
CacheDirLevels 5
CacheDirLength 3
CacheEnable mem /
MCacheSize 4096
MCacheMaxObjectCount 100
MCacheMinObjectSize 1
MCacheMaxObjectSize 2048
CacheDisable http://security.update.server/update-list/
ProxyTimeout 60

don't forget created c:/cacherootthen open web browser and set proxy to 127.0.0.1 at port 8080

linux search & replace multiple files

just note...

find . -name '*.php' -print | xargs sed -i -e 's/OLD-STRING/NEW-STRING/g'

find ./ -type f -print | xargs sed -i -e 's/OLD-STRING/NEW-STRING/g'

protect webserver/PHP software version

just hidden web server software version from Hacker fingerprint technique.

Remove Apache Version ( I have 2 solutions)

1. change Apache source code then re-compile
extract apache source codemodify file name include/ap_release.h find "AP_SERVER_BASEPRODUCT"
2. install Mod_Security modules -it better!
install mod_security by "yum install mod_security"go to mod_security's config (i.e. /etc/httpd/modsecurity.d) then modify SecServerSignature to what you want.restart httpd serviceRemove PHP Version

quite simple, goto php.ini or php.conf. find "expose_php" - default is On, so change it to Off


but it really protect?
NO! It can't. Have many ways to check it. LoL.


Reference
How to install mod_security for Apache ModSecurity for Apache User Guideการปรับแต่ง WEB SERVER (APACHE+PHP+MYSQL)

mobile phone development tools

my note about mobile phone development tools (RAD).I just interesting these tools.

PhoneGap (http://www.phonegap.com/)Appcelerator Titanium (http://www.appcelerator.com/)Corona (http://www.anscamobile.com/)mosync (http://www.mosync.com/)rhomobile (http://rhomobile.com/products/) - must #Ruby guys!appinventor (http://appinventor.googlelabs.com/) - webbase rad toolwidgetpad (http://widgetpad.com/)Mobile JavaScript Framework? must Sencha Touch or jQTouch only!

here is interested for iPhone/iPad
dragonfiresdkMobiOne

reference:
Getting Started With Cross-Platform Mobile Application Development Frameworks Comparison of Android vs iPhone vs Nokia vs BlackBerry vs Windows Mobile 7