I'm managing a PLESK server and got this error from a client after they did a PCI scan on their site. What is ProFTP and is this really an issue? How would I go about fixing this issue?
Proftpd version 1.3.5 is used in latest version of Plesk. Please, consider upgrade possibility.
I don't mean to sound harsh but you are managing a Plesk server and you don't know what ProFTPd is? Its an FTP server. FTP is File Transfer Protocol and is the protocol used to upload web pages to websites. The version you are using is out of date and has more than one known vulnerability which could mean your server gets compromised. I'd recommend you upgrade.
Related
Our company currently hosts a web application for a customer which runs on Orion Application Server. Unfortunately, support for OAS stopped about 10 years ago after Oracle acquired the source code and turned it into OC4J, as such there is very little documentation available, other than it's Wikipedia page.
The issue I am having is now that Chrome/Firefox/Opera are actively blocking insecure SSL connections, the site is inaccessible (Chrome gives the error: Server has a weak, ephemeral Diffie-Hellman public key).
I believe to fix this issue, I need to specify a list of acceptable ciphers that the server is allowed to use, but with no documentation available, I have no idea how/where to set this (if it is even possible).
Has anyone else had this issue and been able to resolve it?
It turned out updating to Java 8 resolved this issue for me; after the update, the server started using TLS 1.2 (though I couldn't work out which exact cipher it was using) and the website is now working in Chrome 45.
I have pretty strange problem with Collectd. I'm not new to Collectd, was using it for a long time on CentOS based boxes, but now we have Ubuntu TLS 12.04 boxes, and I have really strange issue.
So, using version 5.2 on Ubuntu 12.04 TLS. Two boxes residing on Rackspace (maybe important, but I'm not sure). Network plugin configured using two local IPs, without any firewall in between and without any security (just to try to set simple client server scenario).
On both servers collectd writes in configured folders as it should write, but on server machine it doesn't write data received from client.
Troubleshooted with tcpdump, and I can clearly see UDP traffic and collectd data, including hostname and plugin names from my client machine, received on server, but they are not flushed to appropriate folder (configured by collectd) ever. Also running everything as root user, to avoid troubleshooting permissions.
Anyone has any idea or similar experience with this? Or maybe some idea what could I do for troubleshooting this beside trying to crawl internet (I think I clicked on every sensible link Google gave me in last two days) and checking network layer (which looks fine)?
And just small note: exactly the same happened with official 4.10.2 version from Ubuntu's repo. After trying to troubleshoot it for hours moved to upgrade to version five.
I'd suggest trying out the quite generic troubleshooting procedure based on the csv and logfile plugins, as described in this answer. As everything seems to be fine locally, follow this procedure on the server, activating only the network plugin (in addition to logfile, csv and possibly rrdtool).
So after no way of fixing this, I upgraded my Ubuntu to 12.04.2 LTS (3.2.0-24-virtual) and this just started working fine, without any intervention.
OpenDNS introduced DNSCrypt, and they runs the server in their OpenDNS server.
http://www.opendns.com/technology/dnscrypt/
And the client program is opensourced:
https://github.com/opendns/dnscrypt-proxy
This is significant for network environment that is censorship-ed, like China.
But OpenDNS servers are quite slow responsive to China, I hope to setup a DNSCrypt server on my own server, but can find nothing like that.
Does anyone know about if the DNSCrypt server part opensource or not ?
Many other servers are supporting the protocol, and it is easy to add it to your own server as well.
See the DNSCrypt implementations section of the documentation for some information.
Most of the servers, if not all, use encrypted-dns-server, either directly or via the DNSCrypt docker image.
The dnscrypt-proxy client also includes step by step instructions to install a dnscrypt server on a VPS.
Another option is PowerDNS dnsdist.
sorry if I made any wrong describing becasue I am not so familiar in this field. I am currently run a website on the webserver, if I have a local linux server, so if I want to move the url to my local linux server, How to conficure that? can anybody give me some advice and help me, thanks a lot! I use php on the server side
I am not sure if I understand correctly, but perhaps this will help. Edit your host file on your computer, so that you can redirect a domain (example.com) to an IP address of your choice (127.0.0.1 for local host).
See http://en.wikipedia.org/wiki/Hosts_(file)
I am looking for an enterprise subversion setup, that will fit the following requirements:
I need at least 2 instances of the repository server for high availability reasons
Management of multiple repositories
The 2 repository servers need to be synchronized.
Easy administration and configuration
User & authorization management with LDAP integration (web-interface) - optional
Backup & restore features, that guarantee the recovery with not more than 1 day of lost data
Fast and easy setup.
Monitoring of the repository(traffic, data volume, hotspots..) - optional
good security
either open source or low price tag, if possible
some pricing range, if a commercial tool is recommended.
a VMWare appliance would be great.
I am interested in an appliance or a set of subversion tools, that support these requirements. The operating system should be Ubuntu.
The configuration and setup of the toolset should be doable in hours or at the most a few days...
Our development team is not huge (about 30 people), but grows continually.
I have been unable to find anything (with the exception of Subversion MultiSite, that seems to big (and expensive? - they give no price information) for our enterprise)
Can anyone recommend a solution? Could you also describe your experiences with the recommended tool?
The easier and faster installation and configuration is, the better... If it is without a price tag, this is even better..
Thank you for any help.
I haven't seen a shrink-wrap setup for this, so far. If you want to build that from scratch, here are some pointers:
You can use builtin commands for the mirroring of the repo.
For multiple repos, just create a huge one and then add paths below the root.
For me, the command line is "easy admin&config", so can't help you there
To get user management, let subversion listen to localhost (127::1) and put an apache web server in front. There a loads of tools for user management for web servers.
For backup&restore, see your standard server backup tools.
VisualSVN Server answers most of your requirements.
From the web promo page (my emphasis):
Zero Friction Setup and Maintenance
One package with the latest versions of all required components
Next-Next-Finish installation
Smooth upgrade to new version
Enterprise-ready Server for Windows Platform
Stable and secure Apache-based Windows service
Support for SSL connections
SSL certificate management
Active Directory authentication and authorization with groups support
Logging to the Windows Event Log
Access and operational logging (Enterprise edition only)
Based on open protocols and standards
Configured by Subversion committer to work correctly out-of-the-box
I can vouch for visual SVN. I use the free version for our team of 4 developers, and it does everything it says on the tin reliably. Installation also took all of 5 minutes. That said, it does require a windows box.
Running a subversion server in a VMWare instance with one of VMWare's "High Availability" tools will give you most of what you need. There are pre-built VMWare Appliances that have a Subversion server built in. http://www.vmware.com/appliances/directory/308
VMWare's HA features will give you the redundancy of the SVN server instance. (You're going to need multiple physical servers for true redundancy. If one server fails, VMWare will re-start the instance on the new server.)
I don't know of any VMWare appliances that have special backup features, but this is pretty trivial to script. Just run an 'svnadmin hotcopy' once a day, so you have a copy of the repository ready to go in case of a corruption. (On top of this, you really should be using a SAN RAID array with tape backups.)
Our setup:
Rack of Blade Servers
VMWare Infrastructure
Virtualized Windows 2003 Server
If Windows crashes or one of the blades goes down, VMWare re-starts the Windows instance.
CollabNet Subversion Server, running Apache with SSPI authentication
SVN repo lives on a SAN
Nightly svnadmin hotcopy and verify of the repo (to another directory on the SAN), so we have a "hot" backup of the repo ready to go in case of a corruption problem.
Nightly tape backups of everything
Tapes taken offsite regularly
The cost of the server hardware and VMWare is going to be your biggest issue (assuming you don't already have this.) If you're not willing to make this kind of cash outlay, it may be worth looking at a hosted SVN provider.
We use svn for enterprise work. It is perfectly adequate. There are plenty of enterprise testimonials, including one from Fog Creek (Joel on Software, Stack Overflow).
I don't believe you need anything beyond the regular version.
I suppose you are aware that it is typical to use Subversion with TRAC, the issue tracking system.