Skip to main content

Questions tagged [web]

"The web," or "world-wide web" is a term for the system of hypertext linked documents accessed over the internet, with a web browser. The "www" that comes before most webpages is a reference to the "world-wide web."

Filter by
Sorted by
Tagged with
55 votes
5 answers
27k views

Ordering: 1. nginx 2. varnish 3. haproxy 4. webserver?

I've seen people recommend combining all of these in a flow, but they seem to have lots of overlapping features so I'd like to dig in to why you might want to pass through 3 different programs before ...
Joel K's user avatar
  • 5,933
52 votes
6 answers
63k views

SSL for devices in local network

Initial question We make devices which run a webserver and the user can control some functionality of the device by browsing directly to the IP of the device. This can be a fixed IP when a direct WiFi ...
Daan Pape's user avatar
  • 621
40 votes
4 answers
131k views

FTP/FTPS/SFTP/SCP - Speed comparison [closed]

How do FTP, FTPS, SFTP, and SCP compare in terms of transfer rate and how can I compare them through testing?
Graham's user avatar
  • 409
35 votes
2 answers
21k views

Any disadvantage to short DNS TTL? [closed]

Any disadvantage to short DNS TTL?
webnat0's user avatar
  • 623
31 votes
1 answer
7k views

Should my website have an IPv6 address?

My website only has an IPv4 address. With IPv6 being the future, is it possible that some users may not be able to reach the website if it does not have an IPv6 address? Also, does having an IPv4/IPv6 ...
Reado's user avatar
  • 702
31 votes
1 answer
7k views

illegitimate traffic from user agent Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)

This is a rapidly changing event that has no answer yet. Please do not post your findings or assumptions as answers; reserve the answer field for when you actually have an answer. If you ...
24 votes
2 answers
48k views

How to test keep-alive is working on client end

What are some different ways/tools to verify that keep-alive is working on the server from the client's end?
Ron Garrity's user avatar
19 votes
2 answers
20k views

What is a cookie-free domain?

What is a cookie-free domain? I've seen these words many times but I never understood what it is.
Alon Gubkin's user avatar
16 votes
3 answers
437 views

My site seems to be hijacked... but only when visited from another site... how?

My website is altoonadesign.com if you type it directly in your browser it takes you to the correct site. However if you do a search for "altoona design" and click on the link to my site you ...
JD Isaacks's user avatar
16 votes
1 answer
23k views

nginx Request line too large

I'm getting the error: Bad Request Request Line is too large (6060 > 4094) When I access the a specific url on my server like this: /api/categorize?packages=package1,package2,...packageN On ...
Rafael Barros's user avatar
15 votes
1 answer
19k views

Who (What?!) is "http://1.1.1.1/bmi"? [closed]

I'm not sure if this is the place to ask but I found some pages who contain links in them that start with "http://1.1.1.1/bmi". Who or what is 1.1.1.1? or maybe http://1.1.1.1/bmi has a meaning more ...
user7777777777777's user avatar
15 votes
3 answers
5k views

Which is faster at serving up PHP pages, Apache or NGINX

I've read quite a bit on the major benefits to running NGINX over Apache for serving static files. However, I have never seen an article talking about Apache vs NGINX for serving PHP pages. Question: ...
user avatar
14 votes
5 answers
44k views

How to use ssl_verify_client=ON on one virtual server and ssl_verify_client=OFF on another?

I want to force ssl client verification for on of my virtual hosts. But get "No required SSL certificate was sent" error, trying to GET something from it. Here are my test configs: # defaults ...
Alexander Artemenko's user avatar
13 votes
4 answers
534 views

How to convince my Administrator that Java ON A SERVER is not insecure per se?

The Application We have a small Java application which uses some Camel routes to pick up uploaded files from a webserver, process them and send out some e-mails with the results. The server on which ...
lajuette's user avatar
  • 771
13 votes
4 answers
449 views

Suspected server or data vulnerability and reporting a fraud site

Two days ago someone created a website that has the exact same domain of the company I work for, but missing one letter, and sent a mail campaign to many people that there is a promotion on the ...
mpcabd's user avatar
  • 233
12 votes
6 answers
85k views

How can I check if my IIS site is using NTLM or Kerberos?

How can I check if my IIS site is using NTLM or Kerberos? And how can I change authentication from Kerberos to NTLM? I'm using IIS 7.5.
KlimczakM's user avatar
  • 223
11 votes
8 answers
358 views

What is the first thing you do if your website was hacked?

What would you do as first thing if your website was hacked? Taking the site from net? or rollback a backup? not realy or? Did you made any experiences in this way?
11 votes
6 answers
2k views

How do you manage large web farms? [closed]

I have a quickly growing web farm running IIS 7 (30+ servers). All servers are identical copies of each other and all servers are physical. We update the software about once a month, and in the ...
user avatar
10 votes
1 answer
4k views

When should you use and not use Etags?

I was just looking at our site on WebPageTest.org and one of their recommendations for speeding up a website is: ETag headers should generally not be used unless you have an explicit reason to need ...
Django Reinhardt's user avatar
9 votes
5 answers
11k views

How to get nginx to redirect from www to non-www domain?

Let's say I want to redirect from www.example.com to example.com and I want to do this using nginx. I looked around and did not see any good documentation on this so I figured I would ask and answer ...
Jauder Ho's user avatar
  • 5,595
9 votes
1 answer
224 views

With IPv6, should we be assigning distinct IP addresses to each host name served over HTTP(S)?

With IPv4, it's pretty much a given that unless there is some specific need that warrants IP-based virtual hosting, name-based virtual hosting should be done to avoid needlessly exhausting the address ...
user's user avatar
  • 4,455
8 votes
4 answers
47k views

Allow a certain URL path with Squid

I'm using Squid 3.4 on Debian, and I want to know how to allow certain sub-URLs while banning the rest of them. Particularly, I want to ban access to reddit.com/* but allow access to reddit.com/r/foo/...
unsi's user avatar
  • 81
8 votes
9 answers
72k views

how to provide a web interface to sftp server

We need to securely serve files to our clients. We want the transport to be encrypted, users should require user/password and they should be able to access their files through the web, ftp/sftp and ...
user23398's user avatar
  • 1,251
8 votes
1 answer
733 views

Dell PowerEdge server crashed, how to repair? What happened? Information inside

I am currently in high school and run our school's website. This summer, our SysAdmin was diagnosed with cancer, and he went off for treatment, so I have been thrown into an interesting situation. I'...
ankurkdotcom's user avatar
7 votes
4 answers
21k views

Expose Fileserver (SMB) over WEB / HTTP(S) Interface [closed]

I have a Windows Fileserver (SMB), for internal storage. I'm looking for a way to add a Web-interface to expose the fileserver over HTTPS. The requirements are: Accessible over HTTPS in a standard ...
Sam's user avatar
  • 370
7 votes
2 answers
2k views

ISP grade Proxy

We are a ISP in Africa (bandwidth is expensive, more than 800 USD per Mbit). Instead of investing in more bandwidth I believe it can be worthy to invest on web proxy appliance. I prefer to use mature ...
Andre's user avatar
  • 1,351
7 votes
6 answers
11k views

Is there a simple LDAP-to-HTTP gateway out there?

We have a local LDAP directory that provides basic contact information about our user community. We would like to integrate this into some third-party hosted services that allow us to implement ...
larsks's user avatar
  • 45.6k
7 votes
1 answer
3k views

Is Tomcat Native worth the trouble?

A little background: I have a webapp that has both Servlet/JSP dynamic content and static files. Pages are always dynamic, and ~10 static resources are served for each page. Everything is served ...
David Ehrmann's user avatar
7 votes
3 answers
3k views

Does Azure support UCC/SAN SSL Certificates?

I have an Azure Web App that has 15 domain names associated with (i.e. all domain names map to the same application). I need to provide SSL for all 15 domains, pointing to the same Web App. My ...
Simon Ordo's user avatar
7 votes
1 answer
6k views

WebRTC on standalone asterisk - no audio

After struggling with Asterisk for WebRTC for a few weeks now, I decided to put my problem on this forum. My Problem is as follows: Im not getting audio from WebRTC to WebRTC clients. I work in a LAN ...
Haije Ploeg's user avatar
6 votes
3 answers
4k views

How is possible that the web site is down but the traceroute is ok?

I have a web site at BlueHost ("Pro" plan) that is down often. Firefox says: The connection has timed out The server is taking too long to respond. The site could be temporarily unavailable or ...
IceCold's user avatar
  • 345
6 votes
6 answers
3k views

Correct recursive chmod, separate for files & dirs

I'd like to recursively chmod a directory so that: Files are 0664 Directories are 0775 How to do it better, shorter, fancier? :) Maybe, use umask somehow? All find solutions are too long: I always ...
kolypto's user avatar
  • 11.3k
6 votes
7 answers
15k views

fastest web server for static, dynamic content?

I'm looking for the fastest http server available for: serving static content -- huge set of large images. Minimal features need, just as fast as possible. dispatching dynamic content plugins -- ...
Mark Harrison's user avatar
6 votes
3 answers
1k views

What's the best centralized syslog viewing tool for *nix out there

Looking for what people think are the best for doing web viewing of a centralized syslog server. I am open to using any syslog server also. EDIT I actually went with GrayLog2
Mike's user avatar
  • 22.5k
6 votes
1 answer
34k views

Why can't I access my site with a WWW. prefix?

For some reason I cannot access my website with the www. prefix. This is what my current DNS records look like: example.com A 192.0.2.99 www.example.com A 192.0.2.99 Could anyone help me, ...
Muggles's user avatar
  • 163
6 votes
2 answers
2k views

DDOS attack - How to prevent [duplicate]

Recently I read about Denial of Service attack on Amazon & PayPal. I am curious that how this is performed. These big companies must have huge servers, so DOS would require billions of bots to ...
ashmish2's user avatar
  • 375
5 votes
7 answers
4k views

Web Application Vulnerability Scanner suggestions? [closed]

I'm looking for a new tool for the ol' admin toolkit and would value some suggestions. I would like to do some "automated" testing of handful of websites for XSS (cross site scripting) vulns, along ...
5 votes
5 answers
7k views

Why is this China IP hitting my web site?

I have a web site that uses a couple hundred domain aliases, including franchise-dallas.info, franchise-delaware.info, and detroitfranchise.info (see more below). I have been getting ten to twenty ...
Evik James's user avatar
5 votes
5 answers
26k views

A web shell to ssh via browser? [closed]

I am traveling for a couple of weeks and I can connect to Internet only via Internet Points (or open access points if I'm lucky) and I doubt I can always find an ssh client to connect to my servers, ...
gbr's user avatar
  • 258
5 votes
3 answers
1k views

SSL - should I just make my entire site secured?

I'm planning on building an application wherein my users can create accounts on it, email other users, etc. The site will also have forums, chat, etc. It will also need to process credit cards. I'm ...
ServerFaultNewbie's user avatar
5 votes
7 answers
521 views

Real-time website traffic monitoring for operations teams

Working on medium sized websites we've always built our own real-time traffic graphing solutions and displayed those on a big screen mission control style so that if traffic starts to climb, load ...
ToddH's user avatar
  • 193
5 votes
1 answer
1k views

WMI Impersonation levels within vbscript / ASP code

I have an IIS 7.5 web site running "classic" ASP code (not ASP.NET) where the site is running under the normal service context, and only "Windows Authentication" is enabled. Users and navigate the ...
Skatterbrainz's user avatar
5 votes
2 answers
943 views

Are SSL Client Certificates well supported by all major browsers?

We're thinking of improving the authentication of some critical webpages with client certificates, but we're not sure whether it's a widely used standard. Are SSL Client Certificates well supported ...
netvope's user avatar
  • 2,143
4 votes
11 answers
11k views

Can I use a Mac Mini as a web server and database server? What are the pros and cons? [closed]

We are a bootstrapped web start up. We have a LAMP web application that we expect relatively low to mid traffic because users need an account to log in. Our current approach is to colocate two servers,...
Christopher Altman's user avatar
4 votes
4 answers
2k views

Transition domain to new web host without waiting for DNS propagation

I was considering switching to Amazon EC2 to host my website to handle more traffic. It seems like I would have to update DNS records to point to the new server but I was wondering if there was a way ...
jhchen's user avatar
  • 175
4 votes
3 answers
6k views

Suggestions on large scale web applications architecture?

It's a big question:) We are running a website with LAMP that is not big, 5 web servers with LVS load balancing, 3 MySQL servers with replications and separation of reading and writing, and we use ...
Mickey Shine's user avatar
4 votes
3 answers
13k views

How to redirect port 80 to 8080 while keeping 8080 closed to the Internet?

I have a VM running CentOS with a web server I use for hosting random services I deploy over there, so in order to make it reachable from the Internet I opened port 80 using iptables. Since the web ...
DragShot's user avatar
  • 143
4 votes
2 answers
18k views

Connecting to IPv4 server from an IPv6 address

I have a server with both IPv6 and IPv4 addresses. Is it possible to connect to another web server (I know only its IPv4 address) over HTTP through the IPv6 interface, so that that server can see only ...
Andrey Melnik's user avatar
4 votes
2 answers
851 views

What is the technology behind Hostname Based SSL (multiple ssl vhosts on single IP)?

Well known PaaS provider Heroku offers multiple solutions to SSL problem. One of those is a product called Hostname Based SSL This is not SNI. They claim it works on every browser in any ...
mdrozdziel's user avatar
4 votes
1 answer
18k views

How to limit log file size in Apache2

Log files in /var/log/apache2/ are too big. I want to limit the file size. Is it possible to store only the recent 100 lines? Thanks.
webnat0's user avatar
  • 623

1
2 3 4 5
11