A client wants to FTP some files to my server but I don't want him to see/have access to all the other stuff on the server. Is there a way that I can 'corden-off' an area for him to FTP stuff to? A password protected area perhaps?
View 2 Replies
I was wondering if it would be advisable to use the Password Protected Directory option in cPanels to limit part of my website to no more than 1,000 paying customers (yearly subsciption). Can cPanels handle this? Would accessing .htaccess and .htpassword to authenticate be too slow? Would management become too much? Has anyone attempted this? Are there any good alternatives such as open source programs? I've looked and found a few that are expensive and do way more than what I need.
View 2 Replies View RelatedI have 2 domains on 1 account. My main website is www.aviationcafe.net and i added on www.modelcuir.com thats what it looks like to the public. But with my host it will be www.modelcuir.aviationcafe.net.
I noticed in the files area that modelcuir is it's own file, i can password protect that but it will stop people getting onto the website completly and i only want to stop them getting into the members area.
I can't create a members area either unless i can add a new folder which i can't i dont think.
I've got a file I want to access via cURL that is within a password protected directory.
I've tried sending:
Code:
$headers = array(
"HTTP_AUTH_LOGIN: admin3e",
"HTTP_AUTH_PASSWD: opensesame",
"Content-Type: text/html"
);
curl_setopt($curl, CUROPT_HTTPHEADER, &$headers);
(insecure)
and:
Code:
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($curl, CURLOPT_USERPWD, '[user]:[pass]');
but I can't figure out how to get past the login:
Authorization Required
This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.
Apache/2.0.52 (CentOS) Server at ****** Port 80
I have been trying to get password protected directories working on my Linode server. It works / behaves in a desktop browser somewhat but not like I am used to with hostmonster. Also for some reason my phone (windows phone just loads the page in the protected directory without prompting for a password. So I imagine there is some security thing I am missing that none of the info I have found searching talks about. Here is what I have done. I have created a password file and set the permissions correctly on that and it works on the desktop. However when I close the browser or open a private browsing session I am never prompted for a password again. It just feels insecure. Plus my windows phone just loads the page with no prompt. With hostmonster if I closed the browser window it would ask me for the username and password again. I also tested hostmonster directory passwords on my phone and it prompts for a username/password.
Here is what I have added to the apache2.conf file. The rest is pretty much default. There is no .htaccess file for that directory.
<Directory "/var/www/protected">
AllowOverride All
AuthType basic
AuthName "Enter Login"
AuthUserFile /etc/htpasswd/.htpasswd
Require valid-user
Order deny,allow
Allow from user1
</Directory>
It may be worth noting that I have two virtual sites / domain names running on this server at the moment however the one that is being used for this is the primary domain name.
OS: Debian 7.3
Apache 2.2.22
On Plesk 11.5 / Centos 6.5 / Linux
I normally protect a given directory in the Plesk Contral Panel with a Username / Password. I would like to bypass the username and password for visitors from one IP.
Plesk 11.5.30 Update #47
When I look in a directory password protected by the Plesk Panel, I don't see an .htaccess file...
So, how does Plesk password protect directories?
And, is it possible to add functionality that would limit number of login attempts, and block an offending IP for a period of time?
Hello, I want to buy a dedicate server which support DDOS,ACK,SYN .....
I can provide 500usd most
My friend introduce dragonara.net for me, but they don't support world of warcraft website.
Can you introduce one similar with dragonara ?
You can see details of dragonara provide
dragonara.net/ddos-protection.html
protect from all types of DDoS, which can be
TCP SYN Flood
Tribe Flood Network and Tribe Flood Network 2000
TCP SYN-ACK Reflection Flood (DRDoS)
HTTP Flood Attack
ICMP Echo Request Flood
TCP ACK Flood
UDP Flood Attack
UDP Flood Attack (Trinoo)
Features of Dragonara DDoS Mitigation service* Up to 14 Gbit/s or 10,000,000 PPS ddos attack mitigation* Automatic attacks detection* Full transparency, no <click here to continue> links* Multi-Gigabit protection* SEO friendly* ALL TCP BASED PROTOCOLS SUPPORTED (HTTP, SSL, DNS, UDP protocol support)* Load Balancing to the Customer's Server Farm* Advertise your network block /prefix using BGP
Individual 10gb+ DDoS Protection Suite.Full Managed DDoS Protection with 100% uptime guarantee for Corporate clients.We use 95% burstable billing scheme.SLA agreement;1000 mbit/s included (can be upgraded);Web Caching Service (optional);10+ Gig Protection Available;Money Back Guarantee.
Available for Customers - using Dragonara Colocation services- with own remote DC infrastructure. Clean traffic sent using GRE / OpenVPN / IPSec tunnels.We use 95% burstable billing scheme.SLA agreement; 10+ Gig Protection Available;Money Back Guarantee.ASK / 24 hours setup
Budget: $120-175. Decent amount of IPs (32+ preferable)
Need it relatively soon.
GodsHost/Awknet is out of stock completely.
Staminus is out of stock except for $700 servers.
Gigeservers has a $150 setup fee that I don't really like, but if desperate, maybe.
Sharktech is **** and there is no way I will even consider them.
DDoS protected meaning nothing too large scale - I just need basic protection against 12 year olds that have pbots.
Any other ideas?
Datacenter in California USA will be better,
View 8 Replies View RelatedAfter being hit by a DDoS (managed to evade it for a while, but it's still painful due to downtimes) I'm looking for a DDoS-protected server somewhere in Europe. I don't care about the exact location, it just has to be outside Canada and the USA. I do not require a lot of traffic - using just about 1.5GBs per day, diskspace also is not an issue, so the main things is the DDoS protection, connection availability and the general level of service.
Searching through this forum, I've found the only possible option for a DDoS-protected being DataPipe (contacted and awaiting for a quote already). Have I missed something else? Are there any alternative good hosters with reliable networks and protection in the EU?
I am looking for a DDOS protected server ( IRC ).
What are your recommendations?
I already contacted Gige, but they are not answering.
At this moment server is with Theplanet, but their Cisco guard is not doing good job at all.
Server also used to be @ Softlayer, but they nullroute IP as soon as that specific IP is attacked.
I also looked @ Staminus, see that they offer up to 500mbps protection for $200 a month, which is okay, but i would like to see other options as well.
We are looking for dedicated server which ddos protection for IRC Hosting. Our budget is $170 USD/month with expect 128+ Ips.
View 8 Replies View RelatedI'm specifically looking for a server in the European area since I am from South Africa.
The reason being they will be more or less in the same timezone as I am and they also generally provide the fastest ping times (220ms to a server in Europe as opposed to 350ms to a server in USA).
I will be using the server as our own hosting space and hopefully be able to rent a monthly license for Parallels Plesk so that I may be able to resell hosting space - this is the primary reason for the dedicated server. I would like to know whether getting at least a quad core for this setup is essential or if I can get away with a dual core (in the case of hosting say 50 - 100 different websites).
So far I have been looking at keyweb.de which has a dual-core setup at 79euro installation fee and 49euro monthly fee. Their quad-core setup is 99euro installation and 59euro monthly. One drawback is it seems that they don't install Ubuntu linux (which is the OS i'm after). Another one is that their website isn't very intuitive - I cannot see whether it is possible to bundle Plesk with my order. I do however like the fact that they generally allow torrents.
Everyday after Backup Panel (Tasks from Backup Manager), I receive next error:
<?xml version="1.0" encoding="utf-8"?>
<execution-result status="error">
<object name="domain.ru" type="domain">
<message severity="error" id="416a91ad-e5e7-480b-b6b4-a60157b8eaae" code="InformationalException">
<description>Could not find password for account id '2648'. Return empty password</description>
</message>
</object>
</execution-result>
Resolve -> only reconfigure domain. How can I automatic fix this problem?
today i changed the password for the admin panel for a customer (username eg. mylogin). 10 minutes later he called me and said that he cannot get into his emailaccount anymore. Checked the password and saw that the emailpassword for his emailaddress (eg. mylogin@mydomain.com) is now the same from the admin panel login. So i changed the emailpassword and checked the admin panel login - it now has the emailpassword. What a mess.. I'm running Plesk Panel 11.5.30 MU47.
View 1 Replies View RelatedAre there any places other than Staminus/Gige/Sharktech Awknet that can protect against small/basic bandwidth attacks (not application attacks, http floods, etc), 5-7Gbps+, occasional up to 10?
View 14 Replies View RelatedFirewall settings are great for preventing Denial of Service (DoS) attacks, however it may not always be your only solution. The day has finally arrived when I found this excellent module called mod_dosevasive (DoS Evasive) which keeps track of how many requests each client makes to your server within intervals. If a client is being forceful with your server and making too many requests, then it is more than likely not just a web browser but some automated process unleashed on your site to try and take it down.
This handy Apache module we have found takes care of these issues. Let's get started by setting it up.
Where can I get a DDoS protected shared plan?
View 14 Replies View Related1. towards blocking a very large upscale DDoS attack coming from a large botnet. Physical firewall will not help, due to the attack still entering the network, thus causing trouble for the companies other clients.
2. Or dedicated server companies in Europe that can provide protection against this.
How to change the Password of my FTP?
I know how to change the pwd. of cPanel, but I don't know how to change the pwd. of FTP?
have built quite a library of music now. It would be great if I could upload music to my hosting account, and then just access it from my phone. Would that be allowed so long as I did not share this music with others? Where might I be able to set this up? I checked with hostgator and they said it was not okay.
View 9 Replies View Relatedim hosted on futurehosting and truly they rock with gr8 support and instant services, 3-4 small sites but today whole day it was down due to apparently DDOS attack - as per my hosts response. read history here [url]
When i took FH i had done some research and thought its 100% managed VPS - i never knew its not proactive managed service etc! frankly i did ask on WHT and FH was the most recommended and truly they have lived up to it and i have no complains but just that maybe my requirement is a more proactive support service:-)
seems i need to move on - to som1 who can handle DDOS attacks + offer proactive monitoring which FH says it doesn't offer
1. LiquidWeb.com promises DDOS protections under their [url]
2. another option seems [url]
3. am told wiredtree would work well too for a complete newbie like me ?
I have several customers with wordpress domains. I want to protect these directory's with Nginx on a plesk 12 machine.
I thought:
location /wp-admin/ {
allow 123.123.123.123;
deny all;
satisfy all;
}
would do the trick, but no go, nginx isnt passing it to apache by the looks of it. I tried all kinds of possible solutions but cant get it to work. It works with files though. The logfile says directory index of "/var/www/vhosts/testdomain.eu/httpdocs/wp-admin/" is forbidden. This makes sense, since its turned off.
How to get this to work with plesk 12 and nginx ?
My windows server 2003 server password has been changed. My host tells me they must reload the entire OS in order to fix it..
Is there no way they can go in and rescue my server? Would save me alot of work.
Is it possible to do it through a standard FTP package?
View 2 Replies View RelatedI have this big problem, when I try to create a new signature, it returns me this error (ProtDir_IIS :: update () failed: Add Protected Directory failed: columns SiteId, path are not unique (Error code 1)).
View 3 Replies View RelatedI have a problem with users that want to download files that are in a protected folder. They don't get the login popup when the click on a link, if they use a direct url then they get the login but the download doesn't begin.
iPhone OS 7.12
Plesk Control Panel version: psa v8.4.0_build20080505.00 os_Windows 2003/2008
Operating systemMicrosoft: Windows 5.2;build-3790;sp2.0;suite272;product3
how i transfer 20 website to another server with reseller password?
i use cpanel and whm
I'm trying to set up password protection on an Apache HTTP server, and it's not working.
First, the environment: Apache 2.4.4 installed with XAMPP Control Panel 3.2.1 under Windows 7 Professional.
http.config says "AllowOverride All."
The .htaccess file in the protected directory says:
Code:
htpasswd -c .htpasswd samples
htpasswd prompted me for the password twice, and I entered it twice. When it quit I had a file named .htpasswd in the subsidy directory. I typed it and its contents looked correct according to the examples I've seen.
Then I restarted Apache and tried to load a page from the directory. The browser simply prompted me for the username and password over and over.
The Apache error log says, "AH01617: user samples: authentication failure for "/subsidy/filename.html": Password Mismatch."
I deleted the .htpasswd file and ran htpasswd again, specifying a different (very simple) password. I also confirmed that caps lock was not on both before and after. I restarted the server, tried to load a page, and got the same problem.
Apache seems to think I'm entering the wrong password, but that seems impossible when I've just defined it myself -- and I've tried twice, intentionally choosing a very simple password the second time. If the message means what it says, the cause must be something very different from the obvious one.
