SEARCH KEYWORD -- Server security


  New HTTP status code: 451 Unavailable for Legal Reasons

On June 11th,2012, Google proposed a new HTTP status code to indicate webpage contents which are not conform to law. The new HTTP status code is 451 Unavailable for Legal Reasons. Google Android Developer Advocate Tim Bray submitted the draft for the new HTTP status code, it will be used on some webpages which can not be served because of legal reasons. Visitors will know that the page cannot be seen because of the government censorship.According to the draft, responses using this status code sh...

   HTTP status,451,Tim Bray     2012-06-12 09:07:44

  What you may not know about PHP session

When we access one website, the site usually should have a mechanism to keep track of the status of the user on the site. There are a few mechanisms supported by many server side languages to help track user status such as session and cookie. Today we will talk about session, when creating a session, we need to keep track of many data, besides user data, we also need to tell the server what is the timeout of the session so that we can garbage collect the session data which should not be stored a...

   PHP session,session timeout,example     2013-07-06 08:44:18

  System programming is still there

System programming is the practice of writing system software. System software lives at a low level, interfacing directly with the kernel and core system libraries. Your shell and your text editor, your compiler and your debugger, your core utilities and system daemons are all system software. But so are the network server, the web server, and the database. These components are entirely system software, primarily if not exclusively interfacing with the kernel and the C library. But nowadays more...

   System programming     2014-02-27 05:46:48

  Why should we drop or reduce use of MD5?

MD5 is a frequently used one-way hash algorithm, it is commonly used in following situations: Check data integrity. We take hash of the data stored in two different places and compare them. If the hash results are the same, then there is no need to check the actual data. This utilizes the collision-resistant feature. Two different data block will have little chance that their hash values will be the same. Many data service providers use such technique to check repeated data to avoild repeating...

   MD5,Vulnerability,attack     2012-09-29 04:47:49

  Generate certificate in Java -- Store certificate in KeyStore

In previous post, we have explained how to create a certificate chain in Java. After generating the chain, we need to store it somewhere so that it can be used later when we are doing the actual SSL communication, either in a key store or trust store. This post will show you how to store the private key and its associated certificate chain in a keystore file. There are different types of keystore in Java, in this post, we will choose the JKS to demonstrate how to store the certificate chain. Whe...

   Java,Certificate chain,Keystore     2014-08-20 03:56:39

  How to do pprof for gRPC service

gRPC is a RPC framework based on HTTP and is frequently used for communications among micro service inside the same organization network. However,  the service functions cannot be accessed via normal HTTP URL as it's not a WEB framework. In this case, how to do pprof on a gRPC service? The trick is starting a HTTP server asynchronously while starting the gRPC service. This HTTP server can be accessed to run prrof debug. go func(){ http.ListenAndServe(":10001", nil) }() Since it uses the de...

   GOLANG,PPROF,GRPC     2021-01-29 23:11:33

  FTP active mode and passive mode

1. What's active mode and passive mode a. FTP has two ports to control: Port 20 is for data transfer Port 21 is for control or establish TCP connection b. The process of active connection Note: C represents Client and S represents Server S opens port 20 and 21 C connects to port 21 of S with a random port, this port can be between 1024 and 65536, it sends port+x to server at the same time to specify C(X)->S(21) When S receives the command, it will sends back ACK, S(21)->C(X) S will set ...

   FTP,Active mode,Passive mode     2013-04-01 07:01:25

  Apache Tomcat Installation and Configuration

When you want to install Apache Tomcat on Windows System. You may find that there are some tricky parts. Next I will elaborate the steps to install and configure Tomcat. If you want to install Tomcat as a service without GUI. You need to download the 32-bit Windows.zip from http://tomcat.apache.org/download-70.cgi. After downloading this zip file. You need to unzip this file to the directory which you want to put this software to. After unzipping, you can go to the bin directory and find t...

   TOMCAT 7,WINDOWS,APACHE,INSTALL,CONFIGUR     2011-04-10 14:17:21

  JSON in JavaScript

When sending an AJAX request to the server, the response can have two formats : XMLHttpRequest.responseXML to access data with XML format and XMLHttpRequest.responseText to access data with string format. XML is the standard data transfer format, but one weakness is it's troublesome to parse and retrieve the data. JSON(JavaScript Object Notation) is a light weight data interchange format, we call it the JavaScript object representation. The advantage of using JSON as the data format is itself is...

   JSON,JavaScript     2013-05-04 23:25:57

  How to check which Ohai plugin hangs in chef client run

Ohai plugins are very important components in chef client which aims to provide resource management automation on a server. The data discovered by Ohai plugins are describing the current state of the server and they will be used to maintain the server in a desired state. Each Ohai plugin discovers a specific pierce of information about the server such as cpu, memory, middleware etc. However, there are rare occasions(well I am a bit optimistic here) someone may find that the chef client...

   HOW TO,CHEF-CLIENT,OHAI,UPTIME,HANG     2017-12-24 22:09:59

RECENT