Ratproxy is a passive web application security assessment tool released by Google. Basically you set it up as a proxy server between yourself and the target site, and then click around in the target site doing whatever it is you normally do, while ratproxy analyzes your activity in the background and looks for security holes. ...
When you use nginx to proxy to apache , apache picks up the IP address of your nginx proxy as the client. A consequence of this is that apache log files, and any application running on the apache backend, will all receive the same IP address (for example 127.0.0.1 if apache and nginx are running the same server). Luckily, nginx provides a HTTP X-Forwarded-For header containing the clients real IP address, although apache doesn’t pick it up by default. To allow apache to recognize the original client IP, we need to install the mod_rpaf module. On ubuntu, this is as simple as installing a package : ...
Index-Style is a set of html, css and image files designed to work together with the mod_autoindex module to make the default Apache file listings look a little nicer. The UI design is based almost entirely on the great work done by the guys at Repos-Style, although the code itself is largely done from scratch (as mod_autoindex doesn’t support XSLT). ...
I’ve been wondering for a while why Phusion Passenger seems to completely ignore the PassengerMaxPoolSize, PassengerMaxInstancesPerApp and PassengerPoolIdleTime directives. I recently discovered that they don’t work inside VirtualHost blocks in apache config. The old (non-working) config was something like : ...
