HTTP34 728x90 skipfish - web application security scanner A rough list of the security checks offered by the tool is outlined below. High risk flaws (potentially leading to system compromise): Server-side SQL injection (including blind vectors, numerical parameters). Explicit SQL-like syntax in GET or POST parameters. Server-side shell command injection (including blind vectors). Server-side XML / XPath injection (including blind vectors). Format strin.. 2010. 3. 30. Varnish HTTP accelerator (state-of-the-art) VCL - Varnish configuation Language The VCL language is a small domain-specific language designed to be used to define request handling and document caching policies for the Varnish HTTP accelerator. When a new configuration is loaded, the varnishd management process translates the VCL code to C and compiles it to a shared object which is then dynamically linked into the server process. Examples.. 2010. 2. 22. The HTTP verb PUT under Apache: Safe or Dangerous? "Is the HTTP verb PUT under Apache safe or dangerous?" This is a question I come across often, and have now run into it twice in the work on Atom. So is it safe? The answer is maybe. Here are two such examples: Using DELETE and PUT may be the "right thing to do" in an ideal world, but the fact of the matter is that a lot -- if not the vast majority -- of webservers do not allow these operations... 2010. 2. 10. HTTP State Management Mechanism Network Working Group D. Kristol Request for Comments: 2109 Bell Laboratories, Lucent Technologies Category: Standards Track L. Montulli Netscape Communications February 1997 HTTP State Management Mechanism Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the curr.. 2009. 10. 6. Nginx Proxy 서버 정보 모음 "엔진 엑스"라고 읽는 Nginx는 HTTP, 리버스 프록시, IMAP/POP3 프록시 서버 기능을 제공하는 고성능의 서버다. Nginx는 러시아에서 두번째로 많은 방문자 수를 자랑하는 Rambler.ru에서 사용하기 위해 Igor Sysoev가 만들었다. Rambler.ru는 2년 반 이상을 Nginx를 이용하여 서비스 중이다. Igor는 Nginx의 소스코드를 유사 BSD라이센스로 공개하였다. 아직은 베타지만, Nginx는 안정성, 다양한 기능, 간결한 설정, 적은 리소스 소모로 알려졌다. 대부분의 Nginx 문서들이 러시아어로 작성되어 있기 때문에 이 위키는 한국어를 사용하는 사람들을 위해 설치, 설정, 간단한 팁들을 공유하기 위해 만들었다. 대부분의 문서들은 Aleksandar Lazic 에 의해.. 2009. 9. 29. 이전 1 ··· 3 4 5 6 7 다음 728x90 728x90