Preventing PHP RFI with Apache's ReWriteRules

Posted by coldtobi | 6 Mar, 2008, 17:21 In the last time, there a lots of -- well -- tries to hijack the server via a attack method called "Remote File Inclusion". RFI is a exploit that works if a script writer forgets about sanitize incoming http request strings. For more details, look up RFI in Wikipedia, as they have a nice article about that.

But there is an easy way to get block these silly attemps, as they have a common pattern to look for. At least if you have access to your .htaccess, the module mod_rewrite and a Apache around.

Blog and Website | Comments (4) | Trackbacks (0)

Installing Debian on the Thecus N2100 -- PART 4 -- Installing Debian (2)

Posted by coldtobi | 5 Mar, 2008, 23:56

The third part stopped with creation of the raid array. As this is a very time consuming process, which takes some resources to complete, this is a good point where to make a break and just let it finish. However, this is not really required, as rebuilding the RAID is also perfectly done by the the OS while you can still use it. But if you stop the procedure – by a reboot, as a example – the kernel will restart the process from the beginning. So take this as a hint, that you maybe want to check the progress before you finally reboot / power down.

Just  repeating my self, please note, that this VOIDS YOUR WARRANTY. So the usual disclaimer apply: You brick, you repair it. I do not recommend installing linux on the box, if you are not sure you can handle it. Linux requires more hand-on than the GUI -- you won't have a GUI anyway -- but on the other side, it reveals the real power.

Table of Contens

  1. Part 1: Get Prepared
  2. Part 2: Installing the Installer
  3. Part 3: Installing Debian I
  4. Part 4: Installing Debian II (this article)
  5. Part 5: Fine tuning after the installation

Blog and Website | Comments (6) | Trackbacks (0)