Don’t abuse PHP’s header function for redirects

PHP’s Header function can come in quite handy when you’re building your next greate web application.  Its powerful, but as a result, its tempting to misuse it to do even the simplest things, like permanent redirects.  Usually, its done like this: // redirect /publications (this page) to real page (/documents)Header("Location: /documents/"); One line of code,

Don’t abuse PHP’s header function for redirects Read More »

Fail2Ban + Mod_Security = Spammer Bouncer

Under debian, fail2ban’s configuration is in /etc/fail2ban/.  In the filter.d directory add the following file and name it apache-modsec.conf. [Definition]# Option:  failregex# Notes.:  regex to match the password failure messages in the logfile. The#          host must be matched by a group named “host”. The tag “<HOST>” can#          be used for standard IP/hostname matching.# Values:  TEX#failregex

Fail2Ban + Mod_Security = Spammer Bouncer Read More »

PHP File Uploads

Yesterday at work I spent the better part of the afternoon trying to figure out why a form couldn’t handle multiple file uploads. These uploads where failry big – quicktime and wmv files – so I thought the culprit was the large file size. But the script was not returning any error warnings or notices

PHP File Uploads Read More »