Tag: security

Disable SSLv2 and SSLv3 in Apache

As we always disable SSLv2 in Apache. Now it is SSLv3 turn. The recent news about the SSL 3 vulnerability is so important that I have to disable it as well. So just modify the ssl.conf of Apache [ssh]SSLProtocol All -SSLv2 -SSLv3[/ssh] The web site still has TLS 1.0, TLS 1.1 and TLS 1.2. For

How to config PHP to secure Web Server

There are certain PHP configuration tat affect security features.  The following recommended security configuration options is for production servers. register_globals set to off safe_mode set to off error_reporting set to off disable these functions: system(), exec(), passthru(), shell_exec(), proc_open(), and popen() open_basedir set for both the /tmp directory and the web root so that scripts

Windows Update 2013-08

Windows Update in August 2013 on my Windows 7 64bit. Threr are three critical updates. All must-see. Cumulative Security Update for Internet Explorer (2862772) Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869) Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063)

Windows Update 2013-07

It is time to update Windows. Here is the list of Windows Update 2013 July on my Windows 7 64bit. There are  six security updates Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)  Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851) Vulnerability in GDI+ Could Allow Remote Code

Windows Updates 2012-10

Microsoft monthly Security updates released today. Only one critical update Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) Six important updates Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670) Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (2741517) Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow