In Openstack flavors define the size of a virtual server that can be launched. It includes compute, memory, and storage capacity of a virtual server. A flavor consists of many parameters of which the following are required: Flavor ID (required) – If not specified, an auto-generated ID shall be assigned Name…
To access Openstack services through REST APIs, the identity service provides tokens. Clients can obtain the token by supplying their valid credentials to the Keystone authentication service. Credentials are usually a combination of username, password, and optionally the project ID. Once the token is obtained, we can connect to other…
I have used the ssh2_connect() function to establish a connection to a remote SSH server. But it works on one webserver and fails on another (let’s call it as webserver1 and webserver 2 hereafter). I get this error – unable to establish connection error on webserver2. Both the webservers 1…
Created a private repository on GitHub and when tried to push the files from my server using the below commands, I get error: src refspec main does not match any.The complete command and error are as below: # git add . # git commit -m “Initial Commit” # git push…
While verifying Openstack RESTful API, I generated a token with default scope using the cURL command as shown below and exported the token to the OS_TOKEN environment variable as explained in this link. curl -i \ -H “Content-Type: application/json” \ -d ‘ { “auth”: { “identity”: { “methods”: [“password”], “password”:…
I had written a few rewrite rules to disable HTTP TRACE and TRACK as part of VAPT. When looking at the httpd logs, a dozen of [rewrite:trace3] warning messages are logged per request and the actual error messages were lost. Below are the warning message snippets. This article will show…
Setting up an SSL certificate for WSO2 API Manager is not straightforward, as it requires creating Keystore and adding an SSL certificate to the Keystore. In this article, we will see how to set up WSO2 with Let’s Encrypt certificate. I assume that you already have the Let’s Encrypt certificate…
According to Netcraft’s study, 95% of HTTPS servers are vulnerable to Man-in-the-Middle attacks. Therefore, it is very important to implement HSTS properly. HSTS (HTTP Strict Transport Security) is a policy that protects websites against malicious attacks such as clickjacking, protocol downgrades, and man-in-the-middle attacks as explained in my earlier article….
VAPT testing by the security experts group suggested disabling HTTP TRACE/TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. An attacker can create a webpage using XMLHTTP, ActiveX, or XMLDOM to make a client issue a TRACE request and capture the client’s cookies….
Website security is the most important and critical component of web hosting and revealing Apache and PHP versions on the HTTP header helps hackers to attack your web server using version-specific security breaches. Earlier I had written an article on How to hide Nginx and PHP versions in the HTTP…
Moved my local development files to the server after setting up Apache, PHP, and MySQL on my CentOS 7. When I tried to access one of the pages, noticed a “Failed to open stream: Permission denied” warning message in the error_log file. Below is the complete warning message: [Wed Nov…
I recently bought myself Bluetooth-based Boult Audio AirBass TrueBuds for my phone. I also wanted to use the same on my Windows desktop PC rather than buying a new headset for using them for conference calls etc., Since my computer didn’t have Bluetooth, planned to buy a USB Bluetooth Adapter. After…
After removing the .php extension from the URLs, I ended up seeing a warning “RewriteCond: NoCase option for non-regex pattern ‘-f’ is not supported and will be ignored” in the Apache error log. Below is the complete error message. [Wed Nov 17 09:34:36.521614 2021] [rewrite:warn] [pid 9311] AH00665: RewriteCond: NoCase…
When adding a bootstrap javascript library to my webpages, Chrome warned as DevTools failed to load source map. Below is the complete error message: DevTools failed to load source map: Could not load content for http://192.168.10.12/admin/css/bootstrap.min.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE As a developer, I expect console output to…
Whenever I configure Apache on CentOS 7, most of the time I get “(13) Permission denied: file permissions deny server access” error as below: [Fri Nov 12 06:29:24.901157 2021] [core:error] [pid 8287] (13)Permission denied: [client 192.168.10.12:15979] AH00132: file permissions deny server access: /var/www/html/admin/images/logo.png How to fix file permissions deny server…
I love PHP, but my boss does not. Once, he was not happy to see the project coded in PHP by seeing the .php extension on the URL, citing the reason as it is an old language and many new languages like NodeJS have emerged which should’ve been used to…
Recently while looking onto my client’s WordPress dashboard, found a notification that the PHP version might be vulnerable and needs an update as shown below for security reasons. I’m running PHP 7.0 on CentOS 7 which was installed using Remi repo. Here is the step-by-step guide to update PHP to…
I have successfully installed and configured the OpenStack Swift service. However, I see an ‘Account not found’ error while executing swift stat command. Digging the log file revealed this error – OpenStack Swift Could not bind to 0.0.0.0:8080 after trying for 30 seconds. Below are the complete error messages. [root@controller…
SoftHSM is a software implementation of HSM (Hardware Security Module) aims to perform all the functions that a proper HSM would perform without providing the hardware security protections afforded by a real HSM. If you are a user who is not willing to invest in a new hardware device, then…