This blog post provides good information about password hashing. The main point of this article is to use strong encryption and make attackers life hard. So if someone gains access to database, attacker could figure out your password using a brute force or rainbow tables.
Recently I wrote about installing and running Xcache under Red hat enterprise Linux and CentOS Linux. By default Xcache use /dev/zero for caching. All you have to do is create /dev/zero in chrooted jail. Type the following command (assuming that your jail is located at /lighttpd.jail directory): # mkdir -p /lighttpd.jail/dev # mknod -m 666 [...]
Many people asked me to write about setting up Lighttpd under CentOS or RHEL 5 Linux using chroot() call. The instructions are almost same but you need to make little modification as compare to Debian / Ubuntu Linux instructions.
Recently I’ve noticed that Redhat removed support for following php pear packages: a) NET/SMTP : An implementation of the SMTP protocol b) Mail : Class that provides multiple interfaces for sending emails c) Net/Socke : Network Socket Interface The simplest solution is downloading and installs these files from php pear repo. Step # 1: Download [...]
PHP offers simple but effective solution to log all errors to a log fiie. On all production web server you must turn off displaying error to end users via a web browser. Remember PHP gives out lots of information about path, database schema and all other sort of sensitive information. You are strongly advised to [...]