Search results

I'll take a look at it and check if it can increase the performance of my stack

that is because you are not using mapping software like this (mapCache module of MapServer) Compilation & Installation — MapServer 7.4.2 documentation (to note that Nginx module require to build Nginx from source and is still experimental) and the WMS software Welcome to MapServer — MapServer...

What i need is Apache in HTTP2 because with my stack Nginx doesn't help at all to speed up my app, sadly the mapping software rely on the Apache daemon and after severals tests the only way is Apache in HTTP2

I know that HTTP2 is available just over Nginx but I was wandering if this solution could work. How to enable apache-http/2 in centos 7? I tried this on my Centos 7 no Plesk server and it works but it will work also with Plesk?

From virustotal.com I can see that just Clamav recognize those files as a threat.

I've configured a new server yesterday and seems that grafana is seen as a malware from Clamav, anyone has the same issue? this was the first report (1 hour later I installed everything) /usr/local/psa/admin/sbin/modules/grafana/nssm.exe: Win.Malware.Ramnit-7408490-0 FOUND...

with: I was meaning how easy could be in first place to find the allowed IP that an open port allow E.g. port 22 just allow incoming from 110.110.110.20 and second how to emulate that your connection it come from that specified IP address. The pentest we are going trough of course will test...

Thanks, well we are going to submit our system to a penetration test so better to be ready for it even if you can see which ports are open how easy will be to emulate a connection from the specified IP that is allowed to connect to it? for the moment I'm using just a standard configuration in...

Ok, thanks for the answer. I've already implemented a quite strict firewall rules, basically just the port 80 and 443 are allow to be public while all the other ports are just limited to IP addresses (plesk, nagios, db, etc) and not visible to the outside world. Regards,

I've removed yes the PleskLin part but still in the responde header I can still see what I'm using as a web server (Apache/Nginx) this is a header that I have back from a request accept-ranges: bytes content-length: 1102054 content-security-policy: default-src https: 'unsafe-inline'...

@trialotto I've already change some security issue and removed the "X-Powered-By PleskLin" • Remove Plesk from Server Fingerprint Removing the X-Powered-By header 1. Connect to a Plesk server via SSH. 2. Create a directory for custom templates: mkdir -p...

ModSecurity it comes directly with Plesk I don't know if I would consider it a 3rd party software, BTW ServerTokens and ServerSignature seems to be already disabled in Plesk by default so in the HTTP header you have just the name of the web server. What about to give it a name like "my web...

how can I remove the Server header from the HTTP requests? I don't have any info about the version of Apache or Nginx but still it say which web server I'm using, can I get rid of that header? I found out that this: Header unset Server seems to work at half, it still say Server and then unset...

Thanks :)

Following my security path before to submit the system to a penetration test I find that I should disable this feature in Apache TraceEnable off though I haven't found any article related to Plesk, where should I put this config? in the httpd.conf? or is something that Plesk has already...

Thanks for the reply, so basically if you work with Nginx as a reverse proxy just add header there else just Apache

thanks

thanks, I just tried this morning to insert them in the additional headers and was working. About: ServerTokens ProductOnly already included into plesk config ServerSignature Off is disabled by default where exactly they reside? in the normal httpd.conf file? if I insert them at the end of...

Hello everyone, we are going to submit out system to a penetration testing and we are trying to fix some minor problems before to do it but I have some problems with this configuration for Apache ServerTokens ProductOnly ServerSignature Off Header set X-XSS-Protection "1; mode=block" Header...

Thanks all, in the end I came up with this: # Used to suppress: # "The SSH and rkhunter configuration options should be the same" ALLOW_SSH_ROOT_USER=no # Used to suppress: # "Warning: Package manager verification has failed" PKGMGR_NO_VRFY="/usr/local/psa/etc/modules/watchdog/rkhunter.conf"...