Posted by admin on Dec 29th, 2009 | 0 comments 
I was recently hired to do a PCI compliance scan and complete the remedial work to bring it up to standard. This was on a CentOS5 box. The tool I was using to do the scanning was pretty good, but like all scanning tools plays “the numbers game.” This means it simply looks at the versions of certain services and flags it if that version is known to be vulnerable. In my case, Apache and...
Posted by admin on Jun 10th, 2009 | 0 comments
If you have your DNS hosted in one place (say DNS Made Easy) but host your content on 1and1.com. 1and1 allows you to do this without transferring the domain to them. The problem is they appear to not set the DirectoryIndex directive for hosts using external DNS. This can be overcome with either creating or adding to the .htaccess file in your site’s root directory:
DirectoryIndex...
Posted by admin on Jun 9th, 2009 | 0 comments
I had a client machine reboot today and ssh wasn’t configured to come up on boot. This was a CentOS Plesk machine at my least favorite hosting provider, Media Temple. Secure shell isn’t mentioned in the services section in Plesk, and Media Temple doesn’t have a remote console feature. So in order to avoid submitting a ticket and waiting for Media Temple’s slow support, I...
