How can I block browser access to MP3 files, yet allow streaming? [more inside]
posted by ascetic on Feb 24, 2012 - 4 answers

Can you help me understand how to approach a couple issues of server security. (1) I want to run things in 'silos', so that if someone from the web has hacked and has code level access to example.com/blog they can't query the db of example.com/app (2) If they do get access to a user database, how do I make it harder for them to figure out passwords (beyond just storing them as md5)? [more inside]
posted by the mad poster! on Nov 16, 2011 - 13 answers

Does this website error message indicate that my financial institution is using a version of Apache built in 2006 on their secure server? Should I be concerned about that? If so, what should I do about it? [more inside]
posted by alms on Sep 15, 2011 - 9 answers

What are the legalities (in the United States) of browsing the contents of an "open folder" on a public website? [more inside]
posted by DocSharpie on Jun 14, 2011 - 24 answers

I have a new EeePC 1000HE with Windows XP, which I want to use for both web development and casual web browsing. Are there security issues with installing Apache and PHP on a machine that is also used to access public wireless internet? If so, what steps can I take to make my netbook more secure?
posted by oulipian on Apr 5, 2009 - 5 answers

Apache Filter: blocking logins after failed attempts. [more inside]
posted by rokusan on Jun 12, 2008 - 12 answers

Apache2 security theory; mod_php versus CGI php and the use of suExec: What is the non-theoretical problem with running Apache2 with mod_php and thus without using suexec on a dedicated system? [more inside]
posted by odinsdream on Jun 10, 2008 - 7 answers

Is deny all, allow (my.ip.add.ress) good enough in Apache over Windoze? [more inside]
posted by foxydot on Jan 7, 2008 - 6 answers

I'm writing some personal wiki software that I want to make as secure as possible. Think wiki software in the footsteps of Tinfoil Hat Linux. The software is intended to run as a CGI Perl script though Apache on the local machine, with data stored in encrypted XML files that will be decrypted for display by the Crypt::GPG module. So the question is, where could plaintext data escape to? More inside... [more inside]
posted by phrontist on Oct 17, 2005 - 27 answers

Apache, LDAP, ActiveDirectory and You: I have an application running on Apache. I would like to restrict access to the folder(s) it runs in by authenticating users against our Windows ActiveDirectory server, but I'm having trouble crafting the right URL. [more inside]
posted by yerfatma on Nov 1, 2004 - 7 answers