Questions tagged [web-applications]

369 questions
30
votes
6 answers

Why do 'hackers' setup bots repeatedly fill out web forms?

There is something I don't get, one of my web apps has a small form that allows you to enter you name and email address to "subscribe" to a user list for a site I maintain. The site is very low traffic, and only useful to a very small number of…
EJB
  • 1,329
  • 5
  • 15
  • 23
20
votes
14 answers

Should I force my users to change passwords every n days/weeks/month?

Question says it all. We are designing a system where security is very important. One of the ideas someone had was to force users to change passwords every 3 months. My take on this is that while its more secure because the password changes often it…
Iznogood
  • 320
  • 3
  • 12
20
votes
18 answers

What are some good web based trouble ticket systems?

I'm looking for a trouble ticket system so that I can track issues for various customers. I used one before at my previous employer but it wasn't anything too great. I'm wondering which ones you would recommend and what other features that I might…
kovert
  • 437
  • 3
  • 8
19
votes
8 answers

Software http load balancer?

Right now we only have one back-end server per site/web service. I'd be interested to hear people's experiences with various load balancer apps (something that runs on Linux). What would you recommend?
Mark Renouf
  • 1,353
  • 1
  • 16
  • 22
15
votes
6 answers

Who is responsible for maintaining IIS for web apps?

IIS/Web Applications has been a tricky issue in the shops I've worked in over time. On one hand, IIS is a service built into the server (by in large) and is typically the responsibility of the server administrators to maintain and configure. When an…
Dillie-O
  • 521
  • 8
  • 15
14
votes
8 answers

Is using integrated security (SSPI) for accessing SQL Server better for web applications?

When deploying web applications (.net) to a production environment, is it better to use integrated security or does it even matter? It seems to me that if a hacker breaks the web server, it won't really matter as they can easily impersonate the…
NotMe
  • 3,772
  • 7
  • 30
  • 43
14
votes
7 answers

How do I set up a web server out of my home?

I want to run a web server from home, so my family, and clients can see what I am doing. It would not run a large load, at most 2 or 3 users at a time. I would like to know how to do it with a Windows machine running IIS. I have a router from my…
David Basarab
  • 1,157
  • 5
  • 15
  • 20
13
votes
3 answers

What are perfect unix permissions for usual web project directories?

What are the perfect minimal permissions in octal format for the followings in a web application written? A directory where user uploaded static files (images/swf/js files) will reside A directory where admin uploaded static files (images/swf/js…
user893730
  • 614
  • 2
  • 12
  • 20
12
votes
1 answer

Reverse proxy application and its static files with Nginx

I am trying to do something that seems to me very simple but I must be stupid or miss something very obvious because I cannot figure it out. I want to access the multiple web applications running on my server with a unique prefix for each one of…
12
votes
2 answers

improve our deployment strategy

We have an ecommerce app that we develop at our company. Its a reasonably standard LAMP application that we have been developing on and off for about 3 years. We develop the application on a testing domain, here we add new features and fix bugs etc.…
robjmills
  • 990
  • 8
  • 24
11
votes
1 answer

Restart a single tomcat 7 webapp at a specific time?

Tomcat 7 is running on a Windows System. I need to restart one of the deployed web applications each day at a specific time. Is there an option to do that via script or (even better) does tomcat offer a feature to do so? Is it possible to use Curl…
jalu
  • 113
  • 1
  • 1
  • 6
11
votes
2 answers

What is a secure and user-friendly way to provide only a few users access to web app on Amazon EC2?

Situation We have a web app hosted on Amazon EC2. It's intended to be used only by a few users in a company. How we're dealing with this We share the (Elastic) IP address of the instance with the users. We add each user's IP address to the security…
10
votes
10 answers

How do you deploy your .NET Web Application? (Recommendations, please!)

We've recently upgraded our ASP.NET Website to a Web Application and we're shocked by the sudden leap in difficulty when deploying it. Considering how common a task this must be, I was wondering what plug-ins/software people use to deploy a rapidly…
Django Reinhardt
  • 2,256
  • 3
  • 38
  • 55
9
votes
2 answers

Tomcat 9 - catalina.out log file missing and console printouts are not shown anywhere

Tomcat9 deployed on Ubuntu 18.04. This issue ONLY applies to Tomcat version 9. There is a catalina.date.log file present in the logs folder but it does NOT show any console printouts from our web applications. I've set the ConsoleHandler level to…
Lucian
  • 93
  • 1
  • 1
  • 4
9
votes
1 answer

What causes a 400 Bad Request error for null ("") and why would our nginx logs have so many?

Daily logs from Logwatch regularly report 400 Bad Request, null: 1744 Time(s) from our nginx logs. The log entries look like: 123.123.123.123 - - [25/Jan/2011:14:44:19 -0500] "-" 400 173 "-" "-" Can anyone explain how these are generated and why…
johnml
  • 203
  • 2
  • 4
1
2 3
24 25