Search Results
SSI , Server Side Includes, can be very useful to webmasters and visitors alike. Before we look at how to implement SSI, and dig into the Apache module
Tags:Apache, askapache, curl, DreamHost, Forms, GET, Gmail, Hacking, HTTPS SSL, Perl, PHP, post, SEO, server, SSI, stat, trick, YouTube
For example, the INCLUDES output filter processes documents for ssi. See:Filters;Fully-Qualified Domain-Name (FQDN):The unique name of a network entity,
Time-dependant rewriting uses mod_rewrite and apache server time . to only use SSL and fix double login problem 2 Enable SSI 3 Deny users by IP address 4
Server-parsed (SSI) documents processed by mod_include's INCLUDES filter can print Apache also provides SSI pages with the standard CGI environment
Tags:Apache, askapache, Email, encryption, feed, GET, Hacking, HTTPS SSL, Linux, Port, post, ram, Scanners, Security, server, servers, SOCKS, SPEED, SSI,
Enable SSI. AddType text/html .shtml AddHandler server-parsed .shtml Options The user permissions for .htaccess are controlled on server level with the
mod_env:Modifies the environment which is passed to CGI scripts and SSI pages . shared object file or library to load into the server at runtime.
PHP is a server-side scripting language that, when built into the server, can be used to embed scripts inside a page's HTML, much like SSI, but with a far
Therefore, every time a browser loads a page that includes the ga.js file own server wouldn't be much faster UNLESS you implement server-side caching,
Take your site's error handling to the next level, enhanced ErrorDocuments that go beyond 404′s. View "Advanced Htaccess – SSI, ErrorDocuments,
A proxy server is a gateway for users to the Web at large. Users configure the proxy in their browser .. mod_proxy_html has the side-effect of transforming content to your HTML includes elements that are closed implicitly, it
It should include the http:// part too. Do not put a slash "/"at the end. .. On the other hand, the rewrite engine can create higher server load than Because your entity is cached client-side with no validation information,
Most UNIX users run the open source OpenSSH server and client. .. It includes more than 150 exploits and is less expensive than Core Impact, Helix also has a special Windows autorun side for Incident Response and Forensics.
Options SymLinksIfOwnerMatch IncludesNOEXEC AddOutputFilter Includes html SetEnv mod_include:Server-parsed html documents (Server Side Includes)
DNS servers respond with my server IP, so for servers dedicated as . levels are an automatic side-effect of the recalibrated dynamic range of nice levels. .. The first addend in the formula, which includes sizeof(struct msg_msg
Server timeout waiting for the HTTP request from the client. \n”);case HTTP_GONE:return(apr_pstrcat(p, . URI includes query information (stuff after a ?-mark). . as chunked [we know the (r->chunked = 1) side-effect is ugly];
To find out if the modules are enabled in your server, find the httpd binary err on the side of caution and treat it as possibly out-of-date or stale. An HTTP/1.1 server that includes a cache MUST include an Age header field
Luckily I had configured an older 3rd machine as a syslog server and cut the TX wires so it and also started using server-side programming quite a bit. This includes everything and anything our client wants and to start we do a
Jan 26, 2008 How to remove the videos at side?? radikal zen ~ .. i'm not a programmer. so… it takes me few weeks googling to make this work on any server with php. .. The Web Search results may include up to 2-4 clearly marked
I am almost ready to publish the final tutorial on using ssh tunnels from a truecrypt partition on a Windows machine. Of course I choose to go way overboard in my research and the tutorial is full of some pretty awesome windows tricks.. I will come back to this post soon and post all the other advanced tools I use for debugging windows, for now though you MUST know how to debug the kernel and use these basic debugging tools.
Tags: Advanced, ASP, Boot, console, debugging, HowTo, Logs, Networking, Performance, Port, Windows XP
Posted in Hacking, Security, Windows | Published on 06/24/2010 |No Comments »
#### No https except to wp-admin -
# If the request is empty ( implies fopen or normal file access by a php script )
RewriteCond %{THE_REQUEST} ^$ [OR]
# OR if the request if for wp-admin or wp-login.php
RewriteCond %{REQUEST_URI} ^/(wp-admin|wp-login\.php).*$ [NC,OR]
# OR if the Referer is https
RewriteCond %{HTTP_REFERER} ^https://www.askapache.com/.*$ [NC]
# THEN skip the following rule, basically all this does is force https or badhost to be redirected
# BUT because of the above 3 rewritecond's, this won't break poorly written admin scripts
RewriteRule .* - [S=1]
RewriteCond %{HTTPS} =on [OR]
RewriteCond %{HTTP_HOST} !^www\.askapache\.com$ [NC]
RewriteRule .* http://www.askapache.com%{REQUEST_URI} [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(wp-admin/.*|wp-login\.php.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Tags: AddHandler, Apache, Backups, Block IP, Cache-Control, cheatsheets, developers, errordocument, etag, htaccess tricks, http cookie, indexes, Mod_Security, open source, password protection, real world, rewritecond, rewriterule, Source Code
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Server Administration, Web Hosting, Webmaster | Published on 04/17/2010 |4 Comments »
Advanced Web Development by AskApache is a Firefox Collection I created since I’m always trying new Addons out and using multiple computers and I wanted a quick and easy way to install my favorite’s and keep a running list. Firebug, YSlow, LastPass, and Web Developer are the only ones I always use regularly.
I like the idea of the last.fm but it’s not as powerful as the site, which is awesome. Lately listening to Kings of Leon Radio…
Tags: 401, 403 Forbidden, 500, Accessibility, Advanced, Ajax, Apache, askapache, Backups, Cache, caching, CommandLine, console, Cookies, CSS, debugging, Dig, DNS, Email, encryption, feed, Firebug, Firefox, Flash, Forms, GET, Gmail, Google, HTTP Headers, HTTPS SSL, Javascript, Login, Networking, Nice, Pagerank, password, Performance, PHP, Port, post, ram, Scripts, Security, SEO, server, servers, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, tmpfs, trick, Username, Web Development, Wireshark, WordPress, YSlow
Posted in Cache, Firefox, Google, Hacking, Javascript, Making Money, Music, Review, SEO, Security, Web Design, Web Tools, Webmaster, Windows | Published on 10/18/2009 |4 Comments »
To prepare for several upcoming articles on AskApache that are focused on optimizing Servers and Sites from a server admin level, here is an article to introduce the main tools that we will be using. These tools are used to optimize CPU time for each process using nice and renice, and other tools like ionice are used to optimize the Disk IO, or Disk speed / Disk traffic for each process. Then you can make sure your mysqld and httpd processes are always fast and prioritized.
Tags: 503, Advanced, Apache, askapache, Backups, Bandwidth, bash, Blocking, Boot, Bottleneck, caching, compression, CPU, CSS, curl, Disk IO, DNS, Examples, feed, fifo, GET, httpd, ionice, iostat, Javascript, Linux, mysql, Nice, Optimization, pagefile, Performance, Perl, PHP, Port, ram, Renice, Round Robin, rsync, Scripts, Security, server, servers, Shell, shell script, Shell Scripting, Socket, SPEED, SSH, SSI, stat, taskset, trick, Ulimit, Web Hosting, WordPress, wp-config.php
Posted in Apache, Cache, Featured, Linux Unix BSD, Review, Security, Server Administration, Shell Scripting, Web Hosting, Webmaster | Published on 10/10/2009 |3 Comments »
Skip this – still under edit
I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and “share” the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don’t use .htaccess much, if AT ALL. It’s much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I’ve never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it’s almost as powerful as httpd.conf itself!
Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It’s common to see “computer gurus” on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf – I wonder if these “gurus” know the history of the htaccess file, like it’s use in the earliest versions of the HTTP Server- NCSA’s HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.
Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA’s, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)
Tags: .htaccess examples, 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, admin, Advanced, Apache, Apache Htaccess, apache ssl, askapache, ASP, authorization, Backups, Bandwidth, bash, Blocking, Boot, Cache, Cache-Control, caching, cheatsheet, chmod, code snippets, compression, Cookies, CSS, debugging, DreamHost, Email, error log, errordocument, Etags, Examples, experiments, feed, FeedBurner, File System, FilesMatch, filesystem, Firefox, Flash, Forms, GET, Google, Hacking, hotlinking, HowTo, Htaccess, htaccess files, htaccess guide, htaccess rewrite, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Error, HTTP Headers, HTTP-EQUIV, httpd, httpd.conf, HTTPS SSL, hyper text transfer protocol, If-Modified-Since, Javascript, Last-Modified, Linux, Login, Logs, mad skills, mod_include, mod_python, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, Mod_Setenvif, mysql, Nice, nsa, password, password protection, PDF, Performance, Perl, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, Python, ram, Redirect, Redirection, Request Method, Rewrite Tricks, rewritecond, rewriterule, Robot, robots, Sample .htaccess, Scripts, Security, SEO, seo secrets, server, server config, servers, SetEnvIf, Shell, Socket, Source Code, SPEED, SSH, SSI, stat, SymLinks, trick, tutorial, ultimate htaccess, Username, Web Hosting, WordPress
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Google, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Web Design, Web Hosting, Web Tools, Webmaster, WordPress | Published on 01/10/2009 |66 Comments »
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.
Tags: admin, Advanced, Apache, askapache, ASP, Bandwidth, Boot, Cache, CommandLine, console, Cookies, debugging, Dig, DNS, Email, encryption, Ethernet, feed, File Permissions, filesystem, Forms, GET, Google, Hacking, HTTPS SSL, Linux, Login, Logs, Networking, Nice, nsa, password, PDF, Performance, Perl, PHP, Port, post, Prompt, Putty, ram, Redirect, Scanners, Scripts, Security, server, servers, Sessions, Shell, shell script, Sniffing, Socket, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, Vulnerability, Vulnerability Scanners, Windows XP, Wireshark
Posted in Security | Published on 09/26/2008 |3 Comments »
The goal of AskApache.com is simple – To provide free access to knowledge and data with the goal of empowering people.. or more melodramatically: “Power to the People!” Why the name AskApache? AskApache was chosen to show and pay respect to the contributors of the Apache Web Server. Literally it means to ask Apache when facing a problem, by searching the Open-Source, contacting a board/list, or browsing the documentation. The Author I work for a multimedia production / brand development & marketing company here in Indianapolis, the greatest city in the world! I started this blog in Dec., ’06 to…
Tags: admin, Advanced, Ajax, Analytics, Apache, askapache, ASP, Backups, Boot, CSS, curl, Dig, Email, Flash, Flash Actionscript, GET, Google, Hacking, Htaccess, httpd, Javascript, Linux, Logs, Mod_Rewrite, Networking, Nice, nsa, Perl, PHP, phpBB, Port, post, Python, ram, Rewrite Tricks, Scanners, Security, SEO, server, servers, Shell, Source Code, SSH, SSI, stat, Web Development, Wireshark, WordPress, WordPress Plugins
Posted in | Published on 09/15/2008 |6 Comments »
I have been in some tight spots where I had to sniff a password or two off the wire, or sniff some packets off the wire and based on the packets content perform some action… Accidentally, I stumbled on a method to sniff data while remaining undetected and invisible.
Tags: admin, Apache, askapache, authorization, Boot, debugging, Ethernet, Examples, Forms, GET, grep, Hacking, HowTo, Linux, nsa, password, PHP, Plink, Port, Prompt, ram, Security, server, Shell, shell script, Sniffing, SPEED, SSI, stat, Undetectable, Username, VLAN, Wireshark
Posted in Featured, Hacking, Linux Unix BSD, Security | Published on 04/14/2008 |No Comments »
AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.
Tags: 403 Forbidden, admin, Apache, askapache, AskApache Password Protection, Backups, File Permissions, GET, Hacking, Htaccess, htaccess files, Htpasswd, Login, Logs, Nice, password, password protection, PHP, phpBB, ram, Robot, robots, Scripts, Security, server, servers, SPEED, SSI, stat, Username, WordPress
Posted in Apache, Hacking, PHP, Security, WordPress, WordPress Plugins | Published on 03/29/2008 |98 Comments »
Implementing an effective SEO robots.txt file for WordPress will help your blog to rank higher in Search Engines, receive higher paying relevant Ads, and increase your blog traffic. Get a search robots point of view… Sweet!
Tags: 301 Redirect, 302 Redirect, 404 Not Found, AdSense crawler, Examples, Google, Googlebot, Optimization, Redirect, Rewrite Tricks, Robot, robots, robots.txt, robots.txt SEO, SEO, trick, WordPress, Wordpress robots txt
Posted in Featured, Google, Making Money, SEO, Web Hosting, Webmaster, WordPress | Published on 03/15/2008 |49 Comments »
Apache .htaccess Directives and Loaded Modules allowed on DreamHost Apache Server 2 Setups.
Tags: admin, Apache, askapache, authorization, Bandwidth, Cache, Cache-Control, Dig, DNS, DreamHost, Email, error log, errordocument, Etags, FilesMatch, filesystem, HowTo, Htaccess, HTTP Error, HTTP Headers, httpd, httpd.conf, HTTPS SSL, Linux, Logs, mod_include, Mod_Rewrite, Mod_Security, Mod_Setenvif, mysql, Performance, Port, ram, Redirect, Redirection, Request Method, Rewrite Tricks, Scripts, Security, server, server config, Server Side Includes, servers, SetEnvIf, Shell, Socket, SPEED, SSI, stat, Web Hosting
Posted in Apache, Apache Modules, DreamHost, Htaccess | Published on 11/23/2007 |No Comments »
Very nice tutorial dealing with the robots.txt file. Shows examples for google and other search engines. Wordpress robots.txt and phpBB robots.txt sample files.
Tags: 401, 403 Forbidden, 404 Not Found, admin, Advanced, Analytics, Apache, askapache, ASP, Bandwidth, Blocking, Boot, Cache, CSS, Elite, Email, Examples, feed, GET, Google, Htaccess, HTTP Headers, HTTP Status Codes, httpd, HTTPS SSL, Linux, Login, Logs, Nice, Optimization, Perl, PHP, phpBB, Port, post, Python, ram, Redirect, Robot, robots, robots.txt, rsync, SEO, server, SSI, stat, Web Hosting, Wget, Windows XP, WordPress
Posted in Google, SEO, WordPress, phpBB | Published on 10/20/2007 |15 Comments »
WordPress robots.txt file can make a huge impact on your WordPress blogs traffic and search engine rank. This is an SEO optimized robots.txt file.
Tags: adsense, Blocking, Examples, feed, Google, Logs, mediapartners, phpBB, Robot, robots, robots.txt, SEO, WordPress
Posted in Google, SEO, WordPress | Published on 05/10/2007 |32 Comments »
.htaccess (Hypertext Access) is the default name of Apache’s directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. The configuration directives need to be in .htaccess context and the user needs appropriate permissions. Statements such as the following can be used to configure a server to send out customized documents in response to client errors such as “404: Not Found” or server errors such as “503: Service Unavailable” (see List of HTTP status codes): ErrorDocument 404 /error-pages/not-found.html ErrorDocument 503 /error-pages/service-unavailable.html When setting up custom error pages, it is important to remember that…
Tags: 301 Redirect, 302 Redirect, 403 Forbidden, 404 Not Found, 503, Apache, askapache, Bandwidth, cheatsheet, CSS, Elite, errordocument, Examples, File System, GET, hotlinking, HowTo, Htaccess, htaccess files, htaccess tutorial, Htpasswd, HTTP Status Codes, httpd, HTTPS SSL, Javascript, Login, Mod_Rewrite, password, password protection, PHP, Port, post, Prompt, ram, Redirect, Rewrite Tricks, rewritecond, rewriterule, SEO, server, Server Side Includes, SSI, stat, SymLinks, trick, tutorial, ultimate htaccess
Posted in Apache, Htaccess | Published on 01/03/2007 |No Comments »
3-Part article covering practical implementation of 3 advanced .htaccess features. Discover an easy way to boost your SEO the AskApache way (focus on visitors), a tip you might keep and use for life. Get some cool security tricks to use against spammers, crackers, and other nefarious sorts. Take your site’s error handling to the next level, enhanced ErrorDocuments that go beyond 404′s. 
AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.