MAMP Expires in one week?

I got a message that the full-working demo will expire...


What does that mean?

I really do not want to pay $69 for an installation I made as a simple test-bed for WordPress and PowerPress. I plan to host the podcast in a few weeks.

What will I not be able to do once this demo has expired?

Can I simply register?

Thanks

We're going to run a webservice to receive messages from one client. We are required to use mutual TLS. The client did send us the certificate he will use to connect to our webservice. (it needs to be this certificate) Our environment is Nginx+Apache+PHP.

My question is: what is the best way to do this? How can I let Nginx or Apache require a client certificate and trust this particular certificate? Or should I do this in PHP. What's the best approach?

Win 10 64 bit
Apache 2.2
PHP v (unknown)
Microsoft SQL Serve 2008 r2 Express
Dreamweaver CC 2019

Ehem… I have little experience with PHP, but I can fumble around "reading" it, I can't program it.

Background:
Using Dreamweaver, I attempted to create a php test server with this locally hosted and previously functioning web back office.
I have since backed this out and will be attempting to use another machine on the network as the testing server.
Back office (web) comes with Point of Sale software. POS Software is functioning fine as WAS the back office until... my Dreamweaver experiment.

Problem:
Since the attempted test server setup, and after a successful (not using Live View) Chrome localhost login I’m getting this:
"http://localhost/OCPOS/OCPOS/login.php" and the error of The requested URL /OCPOS/OCPOS/login.php was not found on this server.
The second "OCPOS" should not exist at all, and the file was never present to begin with, so why is it being requested?
I should be seeing a dashboard, and I'm not.

This login problem only happened after I mapped the files with Dreamweaver in site setup; again I have since backed this out.

Localhost – login file path:
C:\OCPOS\htdocs index.php - passes the request "header("location: OCPOS/login.php");"

login.php file path:
C:\OCPOS\htdocs\OCPOS - login.php (which looks to run a check on the user name and pword by a call to another "settings" file)
“login.php” also requests these
…

I try to use this guide https://github.com/zmartzone/mod_auth_openidc/wiki/Azure-OAuth-2.0-and-OpenID-Connect to enable authentification on a directory in Apache.

I have a Running site where SSL/PHP and everything else works.

A part of my .conf file for this site looks now like this.

<VirtualHost 123.12.12.12:443>

OIDCProviderMetadataURL https://sts.windows.net/hiddenc123-5ahiddensds-b3f2-sds22/.well-known/open$
OIDCRedirectURI https://mysite.com/test2/

OIDCClientID hidden123123123
OIDCClientSecret Test
OIDCCryptoPassphrase hiddenasdasdasdasd

OIDCScope "openid email"

OIDCRemoteUserClaim email


<Location /var/www/mysite/html/test>
    SSLRequireSSL
    SSLOptions +StdEnvVars

    AuthType openid-connect
    require valid-user


    Options Includes FollowSymLinks
    AllowOverride AuthConfig Limit
    Order allow,deny
    Allow from all
</Location>

Then I did service apache2 restart
When I run apachectl configtest I get no error regarding mod_auth_openidc. So I think this module is correctly installed.

But no authentification is enabled on the folder that I would like to protect. Also no error messages appears in webbrowser.

I now have some questions:

I expect an error message when it not works? So it must be something wrong? Or somthing that is not correctly activated?

What is OIDCRedirectURI? Do I need some PHP code for this? Is that not the url that I would like to protect? (https://mysite.com/test2/)

Where can I …

Upgrading Apache Tomcat on a Coldfusion 10 server.  Our company recently revived a security notification about a possible vulnerability. The vulnerability is called CVE-2019-0232 . The recommendation is to upgrade from our current Tomcat 7.0.75.0 to Tomcat version 7.0.94

Does anybody know if doing a manual upgrade is possible on Coldfusion 10 on Windows? Or is it best to wait for Adobe to release a patch? I'm skeptical that Adobe will do much about this anytime soon.

I have a customer with an ecommerce Magento 1.9.x website.  We have discovered that our hosting package bandwidth usage has gone up considerably.  It appears that some of our product pictures on the site are victim of hotlinking.  I have found some references on how to stop the hotlinking or replace it image when hotlinked.  For example: https://alistapart.com/article/hotlinking/  However, I was wondering is there a way to give the user that viewed the "hotlinked" picture from the remote site, a link back to our site.  If their going to steal our pictures/bandwidth, then maybe we can redirect their visitors to our site??

I host several websites with Dreamhost. Today, I shelled into my main user account and found a few dozen .txt files at the top level of my main user account that looked incredibly suspicious. They are named `logins.1234567890.txt` (the numerical portion being uniquely generated, it appears) and contain csv's showing apparent logins under this main username, including IP addresses and (variably) times/dates of the login. Most of them are my IP, but several are not, and some come from locations both near my home and business as well as outside the US (Canada was the only one I've seen so far).

Here's what I've found:

The files are generated at around the same time every week since last June (yeah, this is the first time I've noticed them – I'm not a frequent shell user). They appear to show logins with IP addresses and number of logins, along with dates and/or times. More often than not, it's my IP address, but sometimes it shows others.

Below I peeked inside a few of the files (with ls -l) to find out when they were created, in the order in which they appeared:

myuser@my_dreamhost_server:~$ ls -l logins-1554572892.txt
-r-------- 1 myuser pg17700 234 Apr  6 10:55 logins-1554572892.txt
ladot@ds11468:~$ ls -l logins-1553969843.txt
-r-------- 1 myuser pg17700 180 Mar 30 11:24 logins-1553969843.txt
ladot@ds11468:~$ ls -l logins-1553364634.txt
-r-------- 1 myuser pg17700 180 Mar 23 11:17 logins-1553364634.txt
ladot@ds11468:~$ ls -l logins-1552759601.txt
-r-------- 

Select all Open in new window

…

Hi,

I recently had an internal security scan and it highlighted access to Tomcat manager web app is possible using default credentials,
I have found the tomcat-users.xml file that contains the below, can I just change the password or will this stop something working?

- <tomcat-users>
  <role rolename="tomcat" />
  <role rolename="role1" />
  <role rolename="manager" />
  <role rolename="admin" />
  <user username="tomcat" password="tomcat" roles="tomcat" />
  <user username="both" password="tomcat" roles="tomcat,role1" />
  <user username="role1" password="tomcat" roles="role1" />
  <user username="admin" password="admin" roles="admin,manager" />
  </tomcat-users>

In my .htaccess file, there are references to favicon. I want to delete my graphics folder. Is it of to move any favicon files to the root of my site, not inside a folder?

#do things different on prod
<IfDefine prod>
RewriteRule ^favicon\.ico$ /graphics/live_favicon.ico [L]
</IfDefine>
<IfDefine !prod>
RewriteRule ^favicon\.ico$ /graphics/test_favicon.ico [L]
</IfDefine>

and where is "prod" defined? Is that an Apache thing? Sorry for the newbness, Im taking over for a departed employee and trying to sort things out.

Hello,

I have changed part of  an old Drupal Site to a Wordpress site in a subdomain.  

The main part of the Drupal site still exists, I have just taken the shopping cart portion and built it in a Wordress, which sits in a subdomain

I am trying to redirect the old product pages ot the new ones, but my htaccess code is ignored..

Options +FollowSymLinks
RewriteEngine on

Redirect 301  /cgi-bin/commerce.cgi?preadd=action&key=A30-E https://resources.beststart.org/a30-e-risks-of-cannabis/

Select all Open in new window

I have tried writing the redirect a few ways, all are ignored..  Redirect, RedirectMatch 301, redirectPermanent, etc.

I do have a lor of products as well, it would be good if I could do a wildcard for all /cgi-bin/commerce.cg*

I want any request that goes to mysite.com/index.html to be 301 redirected to mysite.com

Will the following mod_rewrite work in my htaccess file, is it comprehensive enough, and where would it need to be placed in the file?

RewriteCond %mysite.com/index.html HTTP [NC]
RewriteRule (.*)index.html$ /$1 [R=301,L]

Hi everybody.
So I'm using a cde in .htaccess to remove php extension from the url:

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteCond %{REQUEST_URI} ^(.+)\.php$
RewriteRule (.*)\.php$ /$1 [R=301,L]

Select all Open in new window

It works fine. But I have some dynamic url I want to make SEO compliant. For instance, I would like that

wines?wine=bordeaux

Select all Open in new window

become

wines/bordeaux

Select all Open in new window

So I looked around and I found this to put in my .htaccess

RewriteCond %{THE_REQUEST} \s/vinos\.php\?v=(\w+)\s [NC]
RewriteRule ^ /vinos/%1? [R=301,L]
RewriteRule ^vinos/(\w+)$ /vinos.php?v=$1 [L]

Select all Open in new window

With this the url is rewritten as expected but in the page which is open php just doesn't work. And all css is lost...
Any idea about how can I remove the extension from the simple page and make dynamic urls seo friendly?
Thank you in advance for any suggestion :)

Difference between URL forwarding and re-routing?

I am curious what the difference is from an MVC .NET Framework perspective, if that makes any difference...

Thanks