How get running squid3 with a local datase user? - authentication

I want get running squid3 and obligate users to authenticate again a local and simple database users-pass file. Can be user-pass file of the system or a simple .txt file, whatever is more easy.

Here is a more comprehensive guide to setting up a Squid 3 server with htdigest authentication: http://dabase.com/blog/Minimal_squid3_proxy_configuration/

Using
/usr/lib/squid3/digest_pw_auth
helper that come with squid installation works.
/usr/bin/htdigest
can be used to create the user-pass file.

Related

Download files from server with WHM

I use a server with WHM. I created monthly backup, it makes full server backup to /backup folder. I can create targz file with SSH, I know how to download gziped file with pscp, but I don't know how to download it from server with link in browser. I think it's possible, because sysadmin before me did it.
Can anybody help me with that?
You want to generate a link that you can access through your browser and will be served up by the web server? (your question is a little vague)
These files are stored out of the standard web directories so you could create a symlink in the public_html folder of your website to /backups and call it something obscure so it can't be easily scraped.
So for example public_html/my-secure-backup-folder can be a symlink to /backups.
Guide on creating a symlink here: https://www.namecheap.com/support/knowledgebase/article.aspx/9561/29/how-to-create-a-symbolic-link-in-cpanel
Easiest way to proceed:
Ssh to your WHM server then decide which cpanel account you need to backup. Create a full backup for that cpanel:
cd /home/cpaneluser/public_html
/script/pkgacct cpaneluser /home/cpaneluser/public_html
chown cpaneluser:cpaneluser /home/cpaneluser/public_html/cpmove-cpaneluser.tar.gz*
Then you can download the backup using your web browser by accessing your cPanel user's domain -> http://domain.tld/cpmove-cpaneluser.tar.gz
If you don't know the actual domain for that cPanel user you can do a cat /etc/userdomains | grep cpaneluser. It will show the configure domain for that account.
That would be all.
Alternatively you can login to the cPanel account using your web browser -> http://domain.tld/cpanel using the user/password combination for that cPanel account. There is a full backup function there (in the cPanel web interface) that does pretty much what I have explained earlier.

how can i hide password_persist txt file in esb_home directory?

I put password_persist.txt file in client site, because esb works as windows server. but we are concern about security of this password. because everyone can have access to that.
They don't want to use password_tmp file every time.
Is there any solution for hiding it or hash it?
Thanks in advance
We run our ESB as a windows service with the Log On As set to a user we setup specifically to run our ESB and other wso2 products (ex. domain\wso2user). We then use a data security product, in our case Vormetric, to lock that file down so that only that user we have setup to run our windows service has access to that file. All other users are denied access to viewing that file.
We worked with our security team to arrive at this solution so I would recommend speaking to yours and seeing if they have a solution in place for this type of scenario. My only experience with this is using Vormetric but I am sure there are countless other products out there that will provide similar functionality.
Joe
Another solution would be to take the base64 encoded key-store password, decode it and generate the password-temp file at server startup using the server startup script. In Linux you could include
echo d3NvMmNhcmJvbgo= | base64 -d | tee $CARBON_HOME/password-tmp
at the start of the
elif [ "$CMD" = "start" ]; then block. You should be able to do something similar for windows as well. It would be better to go with encryption though.

Can I change gerrit authentication type from openid to ldap?

We in our team are planning to use gerrit. So, to get introduced, I did set up a server, used open-id for authentication and created some test-users and test-projects in it.
Now we are ready to use it. But we actually prefer LDAP for real use.
So, can I change my authentication system from open-id from LDAP? What will happen to current users then?
I want to clear test projects and changes. How can I do them?
Can I complete delete existing gerrit setup and initiate a fresh setup in same machine? (I tried extracting the jar in different folder, but I faced some problems in it)
I am using Ubuntu 12.04 as my server.
Please help.
Delete the database (you're not using the H2 database anymore, but some MySQL or PostgreSQL server, don't you?) plus the directory where Gerrit is running (the -d parameter, see docs). Additionally, remove the git repos, if you configured them to be located on a different path.
Then all your data is gone and you can start from scratch.

Create New Application of Yii Framework on cPanel

I uploaded Yii Framework to my cpanel and now I dont know how to create new application while I did it on my local host using CMD.
I have not any shell access on cpanel and search this question but I found no related answer for this question.
Please help me out!
Thanks!
You have to deploy your application in another way, eg. with FTP, git or rsync.
Upload your complete application, but make sure to exclude and/or set the correct permissions manually for certain folders eg. assets and protected/runtime.
create your app on a local pc, then upload your app to your host. It's that simple.
you can skip making app using cmd on your host!
then just point to the frameworks location in index.php
if you have other apps which are been used by your YII app make sure to install them from Cpanel install php packages.For instance if your using LDAP authentication run a php5-ldap package. If your not using any packages upload your site and your good to go.

How to use "htaccess" on synology system for website access control?

I am trying to set up the access control for my personal website on synology NAS. Right now I am using DS212J. I found the following article teaching how to use "htaccess" on apache to achieve that.
http://www.synology.com/support/faq_show.php?lang=enu&q_id=347
But I encountered 2 problem:
1) I don't have the command "htpasswd" after ssh to my DS212J.
2) After I manually create those files, I got the username and password prompting up on the website. However, the password in "admin.pw" and "normal.pw" doesn't work when I type in. I am not sure whether it is because I didn't use command "htpasswd".
What am I missing here?
Thanks.
The htpasswd executable is at /usr/syno/apache/bin/htpasswd. As that directory is not on the PATH, you have to explicitly use the whole path to use it:
Apache doesn't keep passwords in plain text, it uses a hash of them so that even if someone gets access to the password file they won't be able to log in. That's why you must use htpasswd to create the file.
For anyone who comes across this, I couldn't get that synology support tutorial to work either. I am running DSM 5.1-5022 Update 4 on my own domain with ssl. Here's how it got it working:
Follow the steps in the following wiki: Synology Wiki
In the control panel, go to "Web Services" and disable SPDY for secure connections. (Gleaned from this article.)
Good luck.