Skip to main content

Posts

Showing posts from August, 2017

How to enable Audit Logging in Glassfish Server

Auditing is the process of recording key security events in your GlassFish Server environment.  You use audit modules to develop an audit trail of all authentication and authorization decisions. To enable audit logging, two steps are required: 1. On the Security page, select the Audit Logging Enabled checkbox to enable audit logging.
2. Set the auditOn property for the active audit module to true.

<audit-module classname="com.sun.enterprise.security.Audit"name="default"> <property name="auditOn"value="false"></property>
</audit-module>


How to fix postfix master dead but pid file exists

$ sudo service postfix status master dead but pid file exists One possible likely problem is that another process has already occupied the default port 25.



$ sudo -i lsof -i :25 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME sendmail 2607 root4uIPv4114060t0TCP localhost:smtp (LISTEN)

In /var/log/maillog you could get the line in the log:
Code: postfix/master[7240]: fatal: bind 127.0.0.1 port 25: Address already in use
You can fix it by:

$ sudo yum -y remove sendmail

Exim works best when its queue is kept short

# There are circumstances where this is not always possible. If you uncomment
# the setting below, messages on the queue are held in 62 subdirectories of
# "input" instead of all in the same directory. The subdirectories are called
# 0, 1, ... A, B, ... a, b, ... z. This has two benefits: (1) If your file
# system degrades with many files in one directory, this is less likely to
# happen; (2) Exim can process the queue one subdirectory at a time instead of
# all at once, which can give better performance with large queues.

# split_spool_directory = true


The good programmer

The good programmer is the one that analyze the problem, but does not just think to a solution but to a "class of solutions" that happens when requirements can change a little bit, and implement code in a way that such changes can be easily feasible. But at the same time does not push differentiation over the limits that invalidate the solution.

Free courses at code school this weekend

To celebrate reaching 4 million Code School students, code school is opening up FREE access to its entire content library for everyone from August 18–20. It's a learning free-for-all! (Literally — it's free for all to learn.)

How to change PowerMTA SMTP port

smtp-port specifies the TCP port number to use for listening for incoming SMTP connections, allowing you to run PowerMTA on a non-standard port. 
Default:
25 (standard SMTP port)

This can be useful if a second mailer handles all incoming traffic while PowerMTA is fed through another TCP port.

If smtp-port is set to 0, PowerMTA does not listen for incoming connections (and feeding is only possible through the submission APIs).

Example:
# use port 2525 since port
smtp-port 2525

Another way:

Email throttling

Many email providers like Gmail, yahoo, and Hotmail all will limit the amount of email sent to their servers from a specific source by various means.  These include "only so many per hour" which is a type of throttling functionality.  For instance, if Gmail detects a mail server sending emails to it in a burst, it may limit or shut down the ability for that mail server to send additional email to it for awhile. 

How to maximum open file descriptors on Linux

Linux default open file limit is 1024. If you need to increase this value: check current connections:     ulimit -n To increase the limit, open file:     vi /etc/security/limits.conf add the following lines at the end:     * soft nofile 65535     * hard nofile 65535

How to examine the performance behavior of AWS EFS file system

$ sudo fio --name=fio-efs --filesize=10G --filename=./efs/fio-efs-test.img --bs=1M --nrfiles=1 --direct=1 --sync=0 --rw=write --iodepth=200 --ioengine=libaio fio-efs: (g=0): rw=write, bs=1M-1M/1M-1M/1M-1M, ioengine=libaio, iodepth=200 fio-2.1.5 Starting 1 process fio-efs: Laying out IO file(s) (1 file(s) / 10240MB) Jobs: 1 (f=1): [W] [98.1% done] [0KB/0KB/0KB /s] [0/0/0 iops] [eta 00m:06s] fio-efs: (groupid=0, jobs=1): err= 0: pid=8292: Wed Aug 16 18:21:06 2017 write: io=10240MB, bw=34459KB/s, iops=33, runt=304294msec slat (usec): min=52, max=212, avg=87.60, stdev=13.28 clat (msec): min=38, max=26291, avg=5941.21, stdev=5225.86 lat (msec): min=38, max=26291, avg=5941.30, stdev=5225.86 clat percentiles (msec): |1.00th=[ 1123],5.00th=[ 2089], 10.00th=[ 2114], 20.00th=[ 2212], | 30.00th=[ 2311], 40.00th=[ 2442], 50.00th=[ 2704], 60.00th=[ 3097], | 70.00th=[12125], 80.00th=[13173], 90.00th=[13173], 95.00th=[13173], | 99.00th=[16712], 99.50th=[16712], 99.90th=[16712], 99.95th=[16712], | 99.99th=[16712] bw …

How to enable outbound Internet access for private server in private subnet in AWS

The main route table sends Internet traffic from the instances in the private subnet to the NAT gateway. The NAT gateway sends the traffic to the Internet gateway using the NAT gateway’s Elastic IP address as the source IP address.


Avoid using string concatenation.

Use StringBuffer's append() method because the string is an unchangeable object while string concatenation creates a lot of unnecessary objects. A large number of temporary objects will slow down performance.

What Is Java Heap?

Java objects are in an area, which is called the heap. It is created when the program is run, and its size may decrease or increase as your program runs. It can easily become full, and when it does, garbage collection is initiated. This is when objects that are no longer used are deleted to make way for new objects.

How To Manually Test Your Email Server for Open Relays

From your local machine, run the following command through cmd (Windows®) or SSH (Mac and Linux): telnet [server IP] 25
helo me
mail from: [email protected]
rcpt to: [email protected] Where [server IP] is your server's IP address. If your relays are closed, you will receive an error that you cannot connect, similar to the following error: Trying IP address...
Connected to mail.myserver.com.
Escape character is '^]'.
...
550 5.7.1 relaying denied for recipient in "rcpt to: [email protected]" If you receive any other outputs, your relays are open.

How to search in title and url

intitle  -- intitle:blockchain bitcoin Google will serach for page titles with "blockchain" and everywhere for "bitcoin". allintitle  -- allintitle:blockchain bitcoin Google will serach for page titles with "blockchain bitcoin". inurl -- inurl:i88ca Use to find pages from a specific organization based on their URL. Search URLs conatining "i88ca" only.

How to access cPanel, WHM and Webmail?

The below links/URLs are generic for all cPanel servers. If you are ever unsure of the port to use, you can simply add the respected service to the end of your URL like so: http://yourdomain.com/cpanel http://yourdomain.com/whm http://yourdomain.com/webmail

cPanel: http://yourdomain.com:2082 (non-SSL) https://yourdomain.com:2083 (SSL encrypted)  http://serverip:2082 (non-SSL)  https://serverip:2083 (SSL encrypted)
WHM (Web Host Manager): http://yourdomain.com:2086 (non-SSL) https://yourdomain.com:2087 (SSL encrypted)  http://serverip:2086 (non-SSL)  https://serverip:2087 (SSL encrypted)
Webmail: http://yourdomain.com:2095 (non-SSL) https://yourdomain.com:2096 (SSL encrypted)  http://serverip:2095 (non-SSL)  https://serverip:2096 (SSL encrypted)

What ports are used by cPanel?

cPanel and its WebHost Manager use the following ports for the management of Dedicated and Virtual Private Servers:2082 cPanel TCP inbound2083 cPanel SSL TCP inbound2086 WHM TCP inbound2087 WHM SSL TCP inbound2089 cPanel license TCP outbound2095 Webmail TCP inbound2096 Webmail SSL TCP inbound

[HDGEM] Google Custom Search enables you to create a search engine for your website, your blog, or a collection of websites.

You can configure your engine to search both web pages and images. You can fine-tune the ranking, add your own promotions and customize the look and feel of the search results. You can monetize the search by connecting your engine to your Google AdSense account.

--
Posted By Blogger to HDGEM at 11/30/2016 10:21:00 AM

How to reset your iPhone data usage

Go into ‘Settings’ then select ’Cellular’ if you scroll down you can see your Call Time and Cellular Data Usage.Scroll down and select System Services. You will then be able to see how much cellular data you are using.You can reset this each month (at the start of your billing cycle) to get a real time reflection of your data usage.

Use Google Mobile Management to manage your organization’s mobile devices and keep them secure

Google G suite Mobile management Your users will also want to access apps from their mobile device. G Suite works great on all mobile devices, including Android, iOS, and Windows.
You can use Google Mobile Management to manage your organization’s mobile devices and keep them secure, without the need for an on-premise device management server. Learn More
With Google Mobile Management, you get:
Screen lock required to unlock mobile devicesSelective account wipe of corporate data on mobile devicesInventory management of all mobile devices in your organization

How to change wechat group name

Your WeChat Name or Alias can be changed for any group you wish. To edit, visit your group's chat settings (indicated by the group icon above). Under "My Alias in Group" you may edit and save your changes.

How to Create a Group Chat on WeChat

Open WeChat. It's a green app with two white speech bubbles. ...
    Tap Chats. This is a speech bubble icon in the bottom-left corner of the screen.
    Tap +. It's in the top-right corner of the screen.
    Tap New Chat. ...
    Tap at least two contacts' names. ...
    Tap OK.


Google’s workforce needs to “represent the world in totality,” said Sundar Pichai, Google’s chief executive, at an international girls coding competition held on the company’s campus

His comments come as the search engine giant grapples with a high profile internal debate over the number and influence of its female employees. Last year, the company reported that women represent just 31 percent of Google's workforce and held 24 percent of leadership roles. Several initiatives are underway to boost those numbers, but those efforts are now a focus of some criticism.

Facebook confirmed Monday that it took down the event page that was used to promote and organize the “Unite the Right” rally in Charlottesville.

Facebook allows people to organize peaceful protests or rallies, but the social network said it would remove such pages when a threat of real-world harm and affiliation with hate organizations becomes clear.

"Facebook does not allow hate speech or praise of terrorist acts or hate crimes, and we are actively removing any posts that glorify the horrendous act committed in Charlottesville," the company said in a statement.

only the Twitter account most recently linked to this phone number can perform SMS commands and receive SMS notifications

If your phone number is attached to other Twitter accounts, only the Twitter account most recently linked to this phone number can perform SMS commands and receive SMS notifications for things like Direct Messages, new followers, Retweets, etc. Any other accounts you have associated with your phone number will not be able to edit Text notifications settings.

Why doesn't AWS throttle ports 465 and 587?

Default rate limits are enforced on port 25, as this is the common sending port. This leads to a lot of spam being sent on this port. To prevent this, AWS EC2 throttles port 25 by default. Ports 465 and 587 are less well known, and are not as subject to as much spam abuse.

How to find problem scripts on your site

If you’re a web developer, you can see the unsecure scripts found on your site. Bad extensions and code that isn't secure can cause problems.On your computer, open Chrome.Go to your website.At the top right, click More .Click More toolsDeveloper tools.In the right sidebar, at the top, click Console.

Playing DRM-controlled content in Firefox

In Firefox version 47 and above, Firefox for desktop supports the Google Widevine CDM for playing DRM-controlled content.Firefox downloads and enables the Google Widevine CDM on demand, with user permission, to give users a smooth experience on sites that require DRM. The CDM runs in a separate container called a sandbox and you will be notified when a CDM is in use. You can also disable a CDM and opt out of future updates by following the steps below. Once you disable a CDM, however, sites using this type of DRM may not operate properly.
Some sites may use DRM that is not supported by the Google Widevine CDM. Support for viewing this content may require a third-party NPAPI plugin, such as Microsoft Silverlight.

How to configure Firefox browser to enable pop-up windows

Open the browser.    Click the "hamburger" menu icon (top right) to open the Firefox menu.    Click Options.    Click the Content icon located at the top of the window.    Make sure that Block pop-up windows is activated (checkbox).    Click the Exceptions button located to the right of Block pop-up windows.

How to remove AWS EC2 Port 25 Throttling

You can request Amazon Web Services to remove the throttling on port 25  using theRequest to Remove Email Sending Limitationsform.Note: you must sign in with your root account credentials. Amazon Web Services will request that you provide a use case description with your request to remove the throttle. Once your request is approved, they will alert you via email that the block has been removed.

The Amazon SES mailbox simulator is a set of test email addresses.

Amazon Simple Email Service (Amazon SES) provides a mailbox simulator that you can use to test how your application handles various email sending scenarios without affecting your sending quota or your bounce and complaint metrics. 
Each email address represents a specific scenario. You can send emails to the mailbox simulator when you want to:


    Test your application without having to create test "To" addresses.    Test how your email sending program handles bounces, complaints, and out-of-the-office (OOTO) responses.    See what happens when you email an address that is on the Amazon SES suppression list.    Generate a bounce without putting a valid email address on the suppression list.    Find your system's maximum throughput without using up your daily sending quota.    Send test emails without affecting your email deliverability metrics for bounces and complaints.


Dedicated IP Addresses

If you send a large volume of email, you may want to purchase dedicated IP addresses in order to more carefully develop your sender reputation.

Digital Rights Management (DRM) is technology that enables online video and audio services to enforce that the content they provide is used in accordance with their requirements.

This technology may restrict some of the things you can do in the browser. While some DRM-controlled content can be viewed using the Adobe Flash or Microsoft Silverlight plugin, many services are moving towards HTML5 video that requires a different DRM mechanism called a Content Decryption Module (CDM). 

DMARC is a type of email authentication protocol that leverages the widely used SPF and DKIM protocols to improve a sender’s understanding of how their email in circulation is processed.

Email claiming to be from their domain is analyzed by receiving organizations and a digest of acceptance/failures is sent back to the sender. DMARC is used to reduce spam and fraudulent email by giving senders information on what recipients see. DMARC stands for Domain-based Message Authentication, Reporting & Conformance.

Minimal install of CentOS 7

Minimal install of CentOS 7 from the official image. If you have previously installed CentOS, there are some additional steps you might want to consider:
●  Remove all development tools (compilers, etc.)
●  Remove all services listening so that only port 22 is exposed for SSH access. Our firewall configuration will stop traffic intended for any other running services but it is best practice to stop and remove these additional services. 

Google fires the engineer behind sexist memo

Google has fired the engineer that penned the exit memo criticizing the company's approach to diversity and asserting harmful stereotypes about gender. The engineer's memo violated the company's Code of Conduct, resulting in the dismissal.

Disney will launch its own streaming service

Disney is taking its content and saying goodbye to Netflix, with a plan to start its own streaming service in 2019. The plan is to end its distribution deal with Netflix in 2019 (specifically for its movies) and use its new controlling stake in MLB streaming spin-out BAMTech to build something it owns entirely.

OAuth2 is the modern standard of providing security for REST and SOAP APIs.

However, a lot of enterprises have existing SAML Identity Providers (IdP) and that they use as their internal authentication standard. They would like their web and mobile applications to have end-users authenticate with these existing providers and then translate that to OAuth, enforce access and policies, and pass the calls to the backend.

Firefox 55: Improvements to functionality and core browser performance

New features include:
- support for WebVR, making Firefox the first desktop browser on Windows to support VR experiences.
- significantly faster startup times when restoring lots of tabs and settings that let users take greater control of our new multi-process architecture.
- upgraded address bar to make finding what you want easier, with search suggestions and the integration of our one-click search feature, and safer, by prioritizing the secure - https - version of sites when possible.

Great customer support

Great customer support professionals know how to "read the room" and evaluate each customer within each specific situation to offer the right sort of response.

Making use of Gmail draft

Turn your drafts folder into a catch-all for on-the-go ideas, meeting notes, or anything else you might want to quickly share out. The content will be sitting in your Gmail, ready for you to polish and send.

Transfer Appliance beta

Transfer Appliance is a hardware appliance you can use to securely migrate large volumes of data (from hundreds of terabytes up to 1 petabyte) to Google Cloud Platform (GCP) without disrupting network and business operations

The Chinese government has announced that it will use BlockChin to collect taxes as well as issue invoices (electronic invoices).

According to the Chinese government, the country is considering working on how to use the Financial and Tax Office. Under an agreement with Shenzhen Zhanhe Technology Investmen, the Chinese government is working on a collaborative development plan for the government-funded financial and tax chain.


The recent Chinese-led initiative can be an example of how Blockacin technology can be used for everyday life. Also, because of its security and transparency, Blockacin can be an attractive and attractive option for tax matters.

Google Fusion Tables is a web application used for sharing, visualizing, and publishing tabular data.

You can upload your own CSV, KML, ODS, XLS, or Google Spreadsheet data to a Fusion Tables table. Once your data is in Fusion Tables, you can collaborate on it with others in real time, publish it for Google Search, create map and chart visualizations for private use or for embedding on websites, filter it according to specific criteria, and update the data behind your visualizations or filters at any time.

Samsung and Google have partnered together to build the best Chromebook with the Samsung Chromebook Plus.

Samsung Chromebook Plus is incredibly well-built, has one of the best displays of any laptop, and is the first Chromebook with the new Pen that adds pressure sensitive drawing. It has 12.3-inch 2400x1600 IPS touch panel.
The Chromebook Plus is incredibly well built with an aluminum chassis and full-size keyboard and trackpad.
There is plenty of power to run Chrome and Android apps, and you can do it all day without charging.

How to fix sudo: sorry, you must have a tty to run sudo

It is most-likely that you are running on a Linux distribution with sudo configured to require a tty. This is generally enforced by having Defaults requiretty in the /etc/sudoers.
To disable requiretty globally or to a single command, you have two options:
Replace Defaults requiretty by Defaults !requiretty in your /etc/sudoers. This will impact your global sudo configuration.
Alternatively, you can change this configuration at a per user, per group or per command basis
Defaults!/path/to/my/bin !requiretty Defaults:myuser !requiretty
 Connect by ssh using -t options
From man ssh: text -t Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.

If -t is not enough, you can use  ssh -t -t Or ssh -tt. 

Use the -t or -tt options to ssh which spawns a pseudo-terminal on the remote side, but beware that i…

How to delete a S3 bucket

A S3 bucket needs to be completely empty before it can be deleted. You must delete all the objects manually or setup a lifecycle policy to remove everything after 24 hours or you may use 3rd party tool, s3nukem.

Delete a Bucket:
You can delete a bucket and its content programmatically using AWS SDK. You can also use lifecycle configuration on a bucket to empty its content and then delete the bucket.

-->>> There are additional options, such as using Amazon S3 console and AWS CLI, but there are limitations on this method based on the number of objects in your bucket and the bucket's versioning status.<----

Here are some CLI commands that you can use to delete everything from the bucket:

-= Delete all the versions =-
aws s3api list-object-versions --bucket mybucket --output json --query 'Versions[].[Key, VersionId]' | jq -r '.[] | "--key '\''" + .[0] + "'\'' --version-id " + .[1]' | xargs -L1 aws s3api d…

Amazon S3 bucket names are globally unique

Once a Amazon S3 bucket name has been taken by any user, you can't create another bucket with that same name.
             * You can optionally specify a location for your bucket if you want to
             * keep your data closer to your applications or users.

How to set up Amazon AWS S3 Static Website Hosting - Enable permission

To enable permission for Amazon AWS S3 Static Website Hosting:

After you enable Static Website Hosting for your S3 bucket, you need to give the objects  s3:GetObject permission for it to work.

For example, the following allow everyone to have s3:GetObject permission to bucket it.i88.ca, which is very common for public static hosting.

{ "Version": "2008-10-17", "Id": "Policy1407788858888", "Statement": [ { "Sid": "Stmt1407788848888", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::it.i88.ca/*" } ] } Also grant everyone List and View permissions in properties.