Questions tagged [web]
"The web," or "world-wide web" is a term for the system of hypertext linked documents accessed over the internet, with a web browser. The "www" that comes before most webpages is a reference to the "world-wide web."
546
questions
55
votes
5
answers
27k
views
Ordering: 1. nginx 2. varnish 3. haproxy 4. webserver?
I've seen people recommend combining all of these in a flow, but they seem to have lots of overlapping features so I'd like to dig in to why you might want to pass through 3 different programs before ...
52
votes
6
answers
63k
views
SSL for devices in local network
Initial question
We make devices which run a webserver and the user can control some functionality of the device by browsing directly to the IP of the device. This can be a fixed IP when a direct WiFi ...
40
votes
4
answers
131k
views
FTP/FTPS/SFTP/SCP - Speed comparison [closed]
How do FTP, FTPS, SFTP, and SCP compare in terms of transfer rate and how can I compare them through testing?
35
votes
2
answers
21k
views
Any disadvantage to short DNS TTL? [closed]
Any disadvantage to short DNS TTL?
31
votes
1
answer
7k
views
Should my website have an IPv6 address?
My website only has an IPv4 address. With IPv6 being the future, is it possible that some users may not be able to reach the website if it does not have an IPv6 address? Also, does having an IPv4/IPv6 ...
31
votes
1
answer
7k
views
illegitimate traffic from user agent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)
This is a rapidly changing event that has no answer yet.
Please do not post your findings or assumptions as answers; reserve
the answer field for when you actually have an answer.
If you ...
24
votes
2
answers
48k
views
How to test keep-alive is working on client end
What are some different ways/tools to verify that keep-alive is working on the server from the client's end?
19
votes
2
answers
20k
views
What is a cookie-free domain?
What is a cookie-free domain? I've seen these words many times but I never understood what it is.
16
votes
3
answers
437
views
My site seems to be hijacked... but only when visited from another site... how?
My website is altoonadesign.com if you type it directly in your browser it takes you to the correct site. However if you do a search for "altoona design" and click on the link to my site you ...
16
votes
1
answer
23k
views
nginx Request line too large
I'm getting the error:
Bad Request
Request Line is too large (6060 > 4094)
When I access the a specific url on my server like this:
/api/categorize?packages=package1,package2,...packageN
On ...
15
votes
1
answer
19k
views
Who (What?!) is "http://1.1.1.1/bmi"? [closed]
I'm not sure if this is the place to ask but I found some pages who contain links in them that start with "http://1.1.1.1/bmi".
Who or what is 1.1.1.1? or maybe http://1.1.1.1/bmi has a meaning more ...
15
votes
3
answers
5k
views
Which is faster at serving up PHP pages, Apache or NGINX
I've read quite a bit on the major benefits to running NGINX over Apache for serving static files. However, I have never seen an article talking about Apache vs NGINX for serving PHP pages.
Question: ...
14
votes
5
answers
44k
views
How to use ssl_verify_client=ON on one virtual server and ssl_verify_client=OFF on another?
I want to force ssl client verification for on of my virtual hosts. But get "No required SSL certificate was sent" error, trying to GET something from it.
Here are my test configs:
# defaults ...
13
votes
4
answers
534
views
How to convince my Administrator that Java ON A SERVER is not insecure per se?
The Application
We have a small Java application which uses some Camel routes to pick up uploaded files from a webserver, process them and send out some e-mails with the results.
The server on which ...
13
votes
4
answers
449
views
Suspected server or data vulnerability and reporting a fraud site
Two days ago someone created a website that has the exact same domain of the company I work for, but missing one letter, and sent a mail campaign to many people that there is a promotion on the ...
12
votes
6
answers
85k
views
How can I check if my IIS site is using NTLM or Kerberos?
How can I check if my IIS site is using NTLM or Kerberos? And how can I change authentication from Kerberos to NTLM? I'm using IIS 7.5.
11
votes
8
answers
358
views
What is the first thing you do if your website was hacked?
What would you do as first thing if your website was hacked?
Taking the site from net? or rollback a backup? not realy or?
Did you made any experiences in this way?
11
votes
6
answers
2k
views
How do you manage large web farms? [closed]
I have a quickly growing web farm running IIS 7 (30+ servers). All servers are identical copies of each other and all servers are physical. We update the software about once a month, and in the ...
10
votes
1
answer
4k
views
When should you use and not use Etags?
I was just looking at our site on WebPageTest.org and one of their recommendations for speeding up a website is:
ETag headers should generally not be used unless you have an explicit reason to need ...
9
votes
5
answers
11k
views
How to get nginx to redirect from www to non-www domain?
Let's say I want to redirect from www.example.com to example.com and I want to do this using nginx. I looked around and did not see any good documentation on this so I figured I would ask and answer ...
9
votes
1
answer
224
views
With IPv6, should we be assigning distinct IP addresses to each host name served over HTTP(S)?
With IPv4, it's pretty much a given that unless there is some specific need that warrants IP-based virtual hosting, name-based virtual hosting should be done to avoid needlessly exhausting the address ...
8
votes
4
answers
47k
views
Allow a certain URL path with Squid
I'm using Squid 3.4 on Debian, and I want to know how to allow certain sub-URLs while banning the rest of them.
Particularly, I want to ban access to reddit.com/* but allow access to reddit.com/r/foo/...
8
votes
9
answers
72k
views
how to provide a web interface to sftp server
We need to securely serve files to our clients. We want the transport to be encrypted, users should require user/password and they should be able to access their files through the web, ftp/sftp and ...
8
votes
1
answer
733
views
Dell PowerEdge server crashed, how to repair? What happened? Information inside
I am currently in high school and run our school's website. This summer, our SysAdmin was diagnosed with cancer, and he went off for treatment, so I have been thrown into an interesting situation.
I'...
7
votes
4
answers
21k
views
Expose Fileserver (SMB) over WEB / HTTP(S) Interface [closed]
I have a Windows Fileserver (SMB), for internal storage. I'm looking for a way to add a Web-interface to expose the fileserver over HTTPS.
The requirements are:
Accessible over HTTPS in a standard ...
7
votes
2
answers
2k
views
ISP grade Proxy
We are a ISP in Africa (bandwidth is expensive, more than 800 USD per Mbit). Instead of investing in more bandwidth I believe it can be worthy to invest on web proxy appliance.
I prefer to use mature ...
7
votes
6
answers
11k
views
Is there a simple LDAP-to-HTTP gateway out there?
We have a local LDAP directory that provides basic contact information about our user community. We would like to integrate this into some third-party hosted services that allow us to implement ...
7
votes
1
answer
3k
views
Is Tomcat Native worth the trouble?
A little background: I have a webapp that has both Servlet/JSP dynamic content and static files. Pages are always dynamic, and ~10 static resources are served for each page. Everything is served ...
7
votes
3
answers
3k
views
Does Azure support UCC/SAN SSL Certificates?
I have an Azure Web App that has 15 domain names associated with (i.e. all domain names map to the same application).
I need to provide SSL for all 15 domains, pointing to the same Web App.
My ...
7
votes
1
answer
6k
views
WebRTC on standalone asterisk - no audio
After struggling with Asterisk for WebRTC for a few weeks now, I decided to put my problem on this forum. My Problem is as follows:
Im not getting audio from WebRTC to WebRTC clients. I work in a LAN ...
6
votes
3
answers
4k
views
How is possible that the web site is down but the traceroute is ok?
I have a web site at BlueHost ("Pro" plan) that is down often. Firefox says:
The connection has timed out
The server is taking too long to respond.
The site could be temporarily unavailable or ...
6
votes
6
answers
3k
views
Correct recursive chmod, separate for files & dirs
I'd like to recursively chmod a directory so that:
Files are 0664
Directories are 0775
How to do it better, shorter, fancier? :) Maybe, use umask somehow?
All find solutions are too long: I always ...
6
votes
7
answers
15k
views
fastest web server for static, dynamic content?
I'm looking for the fastest http server available for:
serving static content -- huge set of large images. Minimal features need, just as fast as possible.
dispatching dynamic content plugins -- ...
6
votes
3
answers
1k
views
What's the best centralized syslog viewing tool for *nix out there
Looking for what people think are the best for doing web viewing of a centralized syslog server. I am open to using any syslog server also.
EDIT
I actually went with GrayLog2
6
votes
1
answer
34k
views
Why can't I access my site with a WWW. prefix?
For some reason I cannot access my website with the www. prefix.
This is what my current DNS records look like:
example.com A 192.0.2.99
www.example.com A 192.0.2.99
Could anyone help me, ...
6
votes
2
answers
2k
views
DDOS attack - How to prevent [duplicate]
Recently I read about Denial of Service attack on Amazon & PayPal. I am curious that how this is performed. These big companies must have huge servers, so DOS would require billions of bots to ...
5
votes
7
answers
4k
views
Web Application Vulnerability Scanner suggestions? [closed]
I'm looking for a new tool for the ol' admin toolkit and would value some suggestions.
I would like to do some "automated" testing of handful of websites for XSS (cross site scripting) vulns, along ...
5
votes
5
answers
7k
views
Why is this China IP hitting my web site?
I have a web site that uses a couple hundred domain aliases, including franchise-dallas.info, franchise-delaware.info, and detroitfranchise.info (see more below).
I have been getting ten to twenty ...
5
votes
5
answers
26k
views
A web shell to ssh via browser? [closed]
I am traveling for a couple of weeks and I can connect to Internet only via Internet Points (or open access points if I'm lucky) and I doubt I can always find an ssh client to connect to my servers, ...
5
votes
3
answers
1k
views
SSL - should I just make my entire site secured?
I'm planning on building an application wherein my users can create accounts on it, email other users, etc. The site will also have forums, chat, etc. It will also need to process credit cards. I'm ...
5
votes
7
answers
521
views
Real-time website traffic monitoring for operations teams
Working on medium sized websites we've always built our own real-time traffic graphing solutions and displayed those on a big screen mission control style so that if traffic starts to climb, load ...
5
votes
1
answer
1k
views
WMI Impersonation levels within vbscript / ASP code
I have an IIS 7.5 web site running "classic" ASP code (not ASP.NET) where the site is running under the normal service context, and only "Windows Authentication" is enabled. Users and navigate the ...
5
votes
2
answers
943
views
Are SSL Client Certificates well supported by all major browsers?
We're thinking of improving the authentication of some critical webpages with client certificates, but we're not sure whether it's a widely used standard.
Are SSL Client Certificates well supported ...
4
votes
11
answers
11k
views
Can I use a Mac Mini as a web server and database server? What are the pros and cons? [closed]
We are a bootstrapped web start up. We have a LAMP web application that we expect relatively low to mid traffic because users need an account to log in. Our current approach is to colocate two servers,...
4
votes
4
answers
2k
views
Transition domain to new web host without waiting for DNS propagation
I was considering switching to Amazon EC2 to host my website to handle more traffic. It seems like I would have to update DNS records to point to the new server but I was wondering if there was a way ...
4
votes
3
answers
6k
views
Suggestions on large scale web applications architecture?
It's a big question:) We are running a website with LAMP that is not big, 5 web servers with LVS load balancing, 3 MySQL servers with replications and separation of reading and writing, and we use ...
4
votes
3
answers
13k
views
How to redirect port 80 to 8080 while keeping 8080 closed to the Internet?
I have a VM running CentOS with a web server I use for hosting random services I deploy over there, so in order to make it reachable from the Internet I opened port 80 using iptables. Since the web ...
4
votes
2
answers
18k
views
Connecting to IPv4 server from an IPv6 address
I have a server with both IPv6 and IPv4 addresses. Is it possible to connect to another web server (I know only its IPv4 address) over HTTP through the IPv6 interface, so that that server can see only ...
4
votes
2
answers
851
views
What is the technology behind Hostname Based SSL (multiple ssl vhosts on single IP)?
Well known PaaS provider Heroku offers multiple solutions to SSL problem. One of those is a product called Hostname Based SSL
This is not SNI. They claim it works on every browser in any ...
4
votes
1
answer
18k
views
How to limit log file size in Apache2
Log files in /var/log/apache2/ are too big.
I want to limit the file size.
Is it possible to store only the recent 100 lines?
Thanks.