Hacking

FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Hacking


Firefox Add-ons for Web Developers

askapache favorite addonsAdvanced Web Development by AskApache is a Firefox Collection I created since I’m always trying new Addons out and using multiple computers and I wanted a quick and easy way to install my favorite’s and keep a running list. Firebug, YSlow, LastPass, and Web Developer are the only ones I always use regularly.

I like the idea of the last.fm but it’s not as powerful as the site, which is awesome. Lately listening to Kings of Leon Radio

· Developers  ·  RSS | 8:14 PM


Windows Optimization – Intense Part II

HDTune_BenchmarkIf you ever wanted to know the best way to defragment and speed up your Windows-Based PC, I mean you really wanted to know, here is the 2nd part to my article on Windows Speed Optimizing that details the process I have found works really well. Definately not a quick process, and certainly not the best ever, just my best ever and one that you only have to do once to get the benefits.
This article has a lot of incredibly useful (and FREE) tools I recommend, which you can grab and use without reading the article..

· MyDefrag  ·  RSS | 9:42 AM


Advanced WordPress wp-config.php Tweaks

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

· wp-config.php  ·  RSS | 3:23 AM


Protecting Files with Advanced Mod_Rewrite Anti-Hotlinking

Stop hotlinking with .htaccess mod_rewriteIf you have files on your site that you don’t want indexed by malicious search engines, grabbed and leeched by malicious spammers, or stolen and made available elsewhere, you can use mod_rewrite to drastically reduce or totally reduce that activity.

· block hotlinking  ·  RSS | 1:09 AM


Custom bash_profile for Advanced Shell Users

Want to get started with my custom bash file without reading this page (recommended as page is not updated)? Execute the following in your shell and rock and roll.

curl -O http://z.askapache.com/askapache-bash-profile.txt && . askapache-bash-profile.txt

· profile  ·  RSS | 2:32 PM


An AskApache Plugin Upgrade to Rule them All

apache-server-statusSo my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last… So for all of you who’ve helped me out by sending me suggestions and notifying me of errors and sticking with it… Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I’ve been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.

· Google 404 Plugin  ·  RSS | 1:59 PM


The Right to Read

The proponents of this scheme have given it names such as “trusted computing” and “palladium”. We call it “treacherous computing”, because the effect is to make your computer obey companies instead of you. This was implemented in 2007 as part of Windows Vista; we expect Apple to do something similar. In this scheme, it is the manufacturer that keeps the secret code, but the FBI would have little trouble getting it.

· copyprotection  ·  RSS | 4:48 PM


PHP and AJAX shell console

PHP AJAX shell console Ever wanted to execute commands on your server through php? Now you can. I’m calling this file (see below) shell.php and it allows you to run commands on your web server with the same permissions that your php executable has.

· PHP  ·  RSS | 9:01 PM


Student under Criminal Investigation for Allegedly Sending Email

What is most surprising is how easy the police and authorities were able to break the law and flip the bird to the U.S. Constitution. A lot of people worry about government groups like the NSA having illegal access to data, but I don’t mind that.. I don’t care about the Chinese Government doing similar activity that much either.. The thing that I DO care about is this could happen to anyone.. It’s happened to me before but never to this extent with the courts.. This is NOT cool.

The police used inapplicable criminal laws as a basis for a fishing expedition to determine the author of an anonymous email,” said EFF Senior Staff Attorney Matt Zimmerman. “Now, this student has been suspended from his job, and he is without a laptop and other devices he needs to do his schoolwork. His private communications and papers are in the hands of police who are searching for evidence without just cause. Even his cell phone and iPod were taken, clearly an overreach if the goal is tracking the source of an email.

This search warrant is invalid, as there is no probable cause that a crime was committed at all… Every day this student’s private information is in the hands of the police department, he suffers harm to his property interests and his constitutional rights.

The dorm room search stemmed from an investigation into who sent an email to a Boston College mailing list alleging that another student was gay. Police say they know who sent the email and that the sender committed the crimes of “obtaining computer services by fraud or misrepresentation” and obtaining “unauthorized access to a computer system.” However, nothing presented by the investigating officer to obtain the warrant, including the allegation that the student sent …

· criminal investigation  ·  RSS | 11:35 PM


Password Protection Plugin Status

Apache Security Model - In ColorI wanted to address why the update to the AskApache Password Protection plugin didn’t happen pre-2009 as I had hoped.. Mostly due to my job but I thought I could at least fill you in. Oh and this is going to get very boring very fast, unless you’re ready to rumble in the zone.

· plugin upgrade  ·  RSS | 1:39 PM


Ultimate Htaccess Tutorial for .htaccess files

.htaccess tutorial and htaccess sampleThis is not an introduction to .htaccessThis is the evolution of .htaccess… The BEST, the ORIGINAL, the NEWEST, and the most HIGHEST, FLYEST .htaccess tricks I can find.

Originally known as the “Ultimate .htaccess Guide”, its changed over the years by adding new .htaccess tricks and .htaccess examples to it.. I also add my favorite .htaccess links, the best .htaccess articles on AskApache, the coolest .htaccess experiments, the Web’s best .htaccess hacks, and update this article on the regular.

· htaccess  ·  RSS | 9:05 AM


Advanced .htaccess Tricks for Securing Sites

This is all new, experimental, and very very cool. It literally uses .htaccess techniques to create several virtual “locked gates” that require a specific key to unlock, in a specific order that cannot be bypassed. It uses whitelisting .htaccess tricks to specify exactly what is allowed, instead of trying to specify everything that isn’t allowed. Also, by setting specific cookies/tokens after successfully passing through a gate, we can then require the exact cookie/token from the previous gate, which stops an attacker from skipping or bypassing gates.

· cookie  ·  RSS | 10:28 PM


.htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog

.htaccess security plugin 2

Well what can I say, other than this is sooo DOPE! Here is a list of the modules this plugin (version 4.7 unreleased) will automatically detect. I compiled the list myself using every module included with any default Apache installation for ALL the versions listed below, 1.3 to 2.2+

Want to know something else I’m including in this plugin? For each and every module that is detected, this plugin can then detect ALL of the modules .htaccess Directives! For instance, RewriteRule, AccessFileName, AddHandler, etc.. are each a directive belonging to a module that is allowed to be used from within .htaccess files.

Talk about sick.. these tricks have the diamond disease!

RSS | 10:18 AM


Chmod, Umask, Stat, Fileperms, and File Permissions

that fire.. chmod, umask, and file permission heatUnix file permissions are one of the more difficult subjects to grasp.. Well, ok maybe “grasp” isn’t the word.. Master is the right word.. Unix file permissions is a hard topic to fully master, mainly I think because there aren’t many instances when a computer user encounters them. I’ve done a lot of research on it the past couple weeks… and now here’s everything I’ve learned so far.. cuz you guys AskApache Regs Rock!

· Fileperms  ·  RSS | 6:16 AM


Optimize a Website for Speed, Security, and Easy Management

Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I’m piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.

· cache  ·  RSS | 8:45 PM


SEO Secrets of AskApache Part 2

This is part II of the Advanced SEO used on AskApache.com Series and describes how to control which urls are indexed by Search Engines and how to move them higher up in Search Results.

· SEO  ·  RSS | 5:44 PM


Mod_Rewrite Variables Cheatsheet

We’ve figured out what mod_rewrite variables look like, a cheatsheet of the actual value.

· Mod  ·  RSS | 1:05 AM


Pimp out your FeedBurner Count

I’ve had a lot of people ask about the FeedBurner FeedCount image on AskApache. Specifically how to set it up with custom messages and different colors each page view… It is pretty sweet..

· htaccess  ·  RSS | 4:50 AM


Elite Log File Scrolling with Color Syntax

Scrolls the latest log entries for multiple log files to the current screen or to any other monitor or TTY in color using syntax highlighting, making debugging easier and saving a lot of time for multi-monitor workstations.

· color  ·  RSS | 12:56 AM


Fsockopen Power Plays

PHP’s fsockopen function lets you open an Internet or Unix domain socket connection for connecting to a resource, and is one of the most powerful functions available in the php language.

· Power  ·  RSS | 7:42 AM


Undetectable Sniffing On Ethernet

Invisible Undetected Sniffing on an Ethernet NetworkI have been in some tight spots where I had to sniff a password or two off the wire, or sniff some packets off the wire and based on the packets content perform some action… Accidentally, I stumbled on a method to sniff data while remaining undetected and invisible.

· ethernet  ·  RSS | 2:05 PM


Blocking Bad Bots and Scrapers with .htaccess

Block Bad RobotWant to block a bad robot or web scraper using .htaccess files? Here are 2 methods that illustrate blocking 436 various user-agents.

RSS | 11:04 AM


Hacking VLAN switched networks

Bypassing VLAN security on networked switchesThere isn’t much vlan info on the net in terms of specifics and I had to learn all about it because I needed to log in to a switch that was on a different vlan. With the help of the Ettercap developers NaGA and ALoR I figured it out.

RSS | 7:48 PM


AskApache Password Protection, For WordPress

AskApache Password Protect ScreenShot 1AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.

· WordPress  ·  RSS | 9:02 AM


Hack WP-Cache for Maximum Speed

WP-Cache with Full AskApache HackIf you desire SPEED from your WordPress blog, the #1 speed improvement comes from using the WP-Cache Plugin. If you still desire SPEED after installing the Plugin, you can modify the WP-Cache Plugin code to make your blog even faster!

· Maximum  ·  RSS | 2:37 AM


Removing Category Base from WordPress URLs

How To remove the /category/ from WordPress category urls.

James
We’re using WP as a CMS with pages and posts. Done a bit of customization, so it looks sweet. Problem – i have some child categories that throw 404 when the category redirect is in place. How did you remove the category base from the url structure in wordpress?

RSS | 11:57 AM


SetEnvIf and SetEnvIfNoCase Examples

SetEnv, SetEnvIf, and SetEnvIfNoCase directives conditionally set environment variables accessible by scripts and apache based on HTTP Headers, Variables, and Request information.

· SetEnvIf  ·  RSS | 1:36 PM


WordPress Plugin for Apache .htaccess Security

Askapache Password Protect Security Features

  1. gzip’s previous .htaccess file and sends it as an attachment to the logged in users email account along with password user setup.
  2. Now also works for sites running on SSL (PHP version >4.3.0)
  3. Rewrote the security module code in the form of snort, nessus, and mod_security rules and signatures
  4. Added a *real* check to see if mod_rewrite is installed
  5. Added Modules that remove directoryindexes
  6. Much more on the way..


· security  ·  RSS | 5:17 PM


Top 5 Vulnerability Port Scanners

Asked some hackers and Computer Security gurus to list their 5 favorite Vulnerability/Port Scanners. Here are the results.

· Vulnerability  ·  RSS | 2:59 PM




My Picks
Related Articles
Newest Posts
Random
Tech Topics

htaccess Guide

Website Speed Tips Series
  1. Turn On Compression
  2. Add Future Expires Header
  3. Add Cache-Control Headers
  4. Turn Off ETags
  5. Remove Last-Modified Header
  6. Use Multiple SubDomains

Good Causes

The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect. Tim Berners-Lee



It's very simple - you read the protocol and write the code. -Bill Joy

HTML | DCMI | GRDDL | XOXO | XDMP | XFN | DOM | XML | XHTML 1.1 Strict | CSS 2.1 | W3C | TLDP | WAI | DISA | ICSI | GIAC | SANS RR | GHOST | DEFCON | NIST | DHS CYBER | NIST

↑ TOPExcept where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. HTTPD based on NCSA HTTPd

Site Map | Contact Webmaster | Email AskApache | Glossary | License and Disclaimer | Terms of Service