Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [web-applications]

369 questions
30
votes
6 answers

Why do 'hackers' setup bots repeatedly fill out web forms?

There is something I don't get, one of my web apps has a small form that allows you to enter you name and email address to "subscribe" to a user list for a site I maintain. The site is very low traffic, and only useful to a very small number of…
EJB
  • 1,329
  • 5
  • 15
  • 23
20
votes
14 answers

Should I force my users to change passwords every n days/weeks/month?

Question says it all. We are designing a system where security is very important. One of the ideas someone had was to force users to change passwords every 3 months. My take on this is that while its more secure because the password changes often it…
Iznogood
  • 320
  • 3
  • 12
20
votes
18 answers

What are some good web based trouble ticket systems?

I'm looking for a trouble ticket system so that I can track issues for various customers. I used one before at my previous employer but it wasn't anything too great. I'm wondering which ones you would recommend and what other features that I might…
kovert
  • 437
  • 3
  • 8
19
votes
8 answers

Software http load balancer?

Right now we only have one back-end server per site/web service. I'd be interested to hear people's experiences with various load balancer apps (something that runs on Linux). What would you recommend?
Mark Renouf
  • 1,353
  • 1
  • 16
  • 22
15
votes
6 answers

Who is responsible for maintaining IIS for web apps?

IIS/Web Applications has been a tricky issue in the shops I've worked in over time. On one hand, IIS is a service built into the server (by in large) and is typically the responsibility of the server administrators to maintain and configure. When an…
Dillie-O
  • 521
  • 8
  • 15
14
votes
8 answers

Is using integrated security (SSPI) for accessing SQL Server better for web applications?

When deploying web applications (.net) to a production environment, is it better to use integrated security or does it even matter? It seems to me that if a hacker breaks the web server, it won't really matter as they can easily impersonate the…
NotMe
  • 3,772
  • 7
  • 30
  • 43
14
votes
7 answers

How do I set up a web server out of my home?

I want to run a web server from home, so my family, and clients can see what I am doing. It would not run a large load, at most 2 or 3 users at a time. I would like to know how to do it with a Windows machine running IIS. I have a router from my…
David Basarab
  • 1,157
  • 5
  • 15
  • 20
13
votes
3 answers

What are perfect unix permissions for usual web project directories?

What are the perfect minimal permissions in octal format for the followings in a web application written? A directory where user uploaded static files (images/swf/js files) will reside A directory where admin uploaded static files (images/swf/js…
user893730
  • 614
  • 2
  • 12
  • 20
12
votes
1 answer

Reverse proxy application and its static files with Nginx

I am trying to do something that seems to me very simple but I must be stupid or miss something very obvious because I cannot figure it out. I want to access the multiple web applications running on my server with a unique prefix for each one of…
aallrd
  • 191
  • 1
  • 1
  • 5
12
votes
2 answers

improve our deployment strategy

We have an ecommerce app that we develop at our company. Its a reasonably standard LAMP application that we have been developing on and off for about 3 years. We develop the application on a testing domain, here we add new features and fix bugs etc.…
robjmills
  • 990
  • 8
  • 24
11
votes
1 answer

Restart a single tomcat 7 webapp at a specific time?

Tomcat 7 is running on a Windows System. I need to restart one of the deployed web applications each day at a specific time. Is there an option to do that via script or (even better) does tomcat offer a feature to do so? Is it possible to use Curl…
jalu
  • 113
  • 1
  • 1
  • 6
11
votes
2 answers

What is a secure and user-friendly way to provide only a few users access to web app on Amazon EC2?

Situation We have a web app hosted on Amazon EC2. It's intended to be used only by a few users in a company. How we're dealing with this We share the (Elastic) IP address of the instance with the users. We add each user's IP address to the security…
m01010011
  • 211
  • 1
  • 4
10
votes
10 answers

How do you deploy your .NET Web Application? (Recommendations, please!)

We've recently upgraded our ASP.NET Website to a Web Application and we're shocked by the sudden leap in difficulty when deploying it. Considering how common a task this must be, I was wondering what plug-ins/software people use to deploy a rapidly…
Django Reinhardt
  • 2,256
  • 3
  • 38
  • 55
9
votes
2 answers

Tomcat 9 - catalina.out log file missing and console printouts are not shown anywhere

Tomcat9 deployed on Ubuntu 18.04. This issue ONLY applies to Tomcat version 9. There is a catalina.date.log file present in the logs folder but it does NOT show any console printouts from our web applications. I've set the ConsoleHandler level to…
Lucian
  • 93
  • 1
  • 1
  • 4
9
votes
1 answer

What causes a 400 Bad Request error for null ("") and why would our nginx logs have so many?

Daily logs from Logwatch regularly report 400 Bad Request, null: 1744 Time(s) from our nginx logs. The log entries look like: 123.123.123.123 - - [25/Jan/2011:14:44:19 -0500] "-" 400 173 "-" "-" Can anyone explain how these are generated and why…
johnml
  • 203
  • 2
  • 4
1
2 3
24 25