Skip to main content

Tagged: security

  • Validating file uploads in Sitecore WFFM


    Our Sitecore installation was in dire need of a way to lock down file uploads on forms built with the Web Forms for Marketers (WFFM) module; out of the box, it doesn't do any checking at all, which can lead to some risky situations. I …

  • Disable SSLv3 to avoid POODLE attack in web.py


    An open source application that I contribute to uses web.py to provide a web server platform for its services alongside the other platforms available. I recently updated it to use a sane set of default ciphers and to disable the SSLv3 …

  • LDAP authentication with C#


    LDAP, or Lightweight Directory Access Protocol, is a convenient, central repository for a system's personnel information. LDAP (and other Active Directory services) are widely-used by organizations big and small to consolidate user …

  • Add password maintenance feature to cgit with PHP


    Have you ever wanted to have a nifty, browser-driven password maintenance feature in your htpasswd-secured cgit site? I've been meaning to build this for a while—and I finally did it.

  • Easy SSL redirection for select folders in nginx


    I have many various web applications installed on my server; some of them need to be wrapped in a secure connection, while it is less important (or meaningless) for others. For those applications whose security I am concerned about, I've …

  • Programmatically modifying file permissions in .NET


    For one reason or another, somewhere down the line, you're probably going to want to modify a file's access permissions from your code. Maybe your users have a nasty habit of overwriting them, or you want to ensure that newly-created …

  • Redirect Tomcat to FQDN


    Recently, I have been trying to configure several Tomcat servers (versions 5.0, 5.5, and 6.0) to restrict all traffic to SSL and ensure that all requests are served through the FQDN (fully-qualified domain name) of the server involved. …

  • LDAP authentication with VB.NET


    LDAP, or Lightweight Directory Access Protocol, is a convenient, central repository for a system's personnel information. LDAP (and other Active Directory services) are widely-used by organizations big and small to consolidate user …

  • Prepared SQL statements in VB.NET


    Thousands of websites have been hit lately by the rash of SQL injections being perpetrated en-masse. Most languages (current versions, at least) have a procedure for separating parameters from the query they augment in an effort to …

View all tags