Microsoft sendt til tælling af WannaCrypt?

Så lykkedes det endnu engang for Microsoft at være medårsag til at man skal fravælge propraitere operativ systemer ved selv at være udsatte for WannaCrypt og ikke have styr på IT sikkerheden, men allene fokusere på at høste folks privatliv og firmaers data, på fod med Google og facebook.

Konklusion: Eller som Microsoft retteligt burde have skrevet i deres “Microsoft solution available to protect additional products” Updater til et Linux eller Unix system som stadigt sætter private data og IT sikkerhed højt.

Posted on

Apache order of deny,allow or allow,deny

If you as many other users sometime need to do some allow,deny in apache and can’t remember which order to use them, then here is the link to Apaches Order Directives

But in short:

Ordering is one of:

First, all Allow directives are evaluated; at least one must match, or the request is rejected. Next, all Deny directives are evaluated. If any matches, the request is rejected. Last, any requests which do not match an Allow or a Deny directive are denied by default.
First, all Deny directives are evaluated; if any match, the request is denied unless it also matches an Allow directive. Any requests which do not match any Allow or Deny directives are permitted.
This order has the same effect as Order Allow,Deny and is deprecated in its favor.

Keywords may only be separated by a comma; no whitespace is allowed between them.

Match Allow,Deny result Deny,Allow result
Match Allow only Request allowed Request allowed
Match Deny only Request denied Request denied
No match Default to second directive: Denied Default to second directive: Allowed
Match both Allow & Deny Final match controls: Denied Final match controls: Allowed

In the following example, all hosts in the domain are allowed access; all other hosts are denied access.

Order Deny,Allow
Deny from all
Allow from

In the next example, all hosts in the domain are allowed access, except for the hosts which are in the subdomain, who are denied access. All hosts not in the domain are denied access because the default state is to Deny access to the server.

Order Allow,Deny
Allow from
Deny from

On the other hand, if the Order in the last example is changed to Deny,Allow, all hosts will be allowed access. This happens because, regardless of the actual ordering of the directives in the configuration file, the Allow from will be evaluated last and will override the Deny from All hosts not in the domain will also be allowed access because the default state is Allow.

The presence of an Order directive can affect access to a part of the server even in the absence of accompanying Allow and Deny directives because of its effect on the default access state. For example,

<Directory /www>
Order Allow,Deny

will Deny all access to the /www directory because the default access state is set to Deny.

Posted on