I have an Access DB app that exports a table (to XLS) then FTPs to our FTP server over our VPN. This routine has been working for several years, until ~yesterday. I am not sure what could have changed to break this function.
This is not really an Access DB issue as I see the same "Closed Connection" when manually attempting to FTP PUT at the Windows command line. Other users of the Access app (VPN and local) are not seeing this same issue.
I did receive a Win10 Security update this week - possible this affected my firewall settings?
Any suggestions where to begin? Googling suggests to portforward Port 20/21, but this seems to have no effect either.
Thank You!
Note 1: I do use WinSCP for passive transfers for another specific task to FTP to a 3rd party who requires passive transfers. Some of our users in India are unable to use this tool reliably, so I am hesitant to convert this basic function in my Access app as it works everywhere but my local machine.
Note 2: I attempted to add "QUOTE PASV" before a command line transfer with no effect. As I am reading, Windows FTP utility does not support Passive transfers
Note 3: FileZilla can see and transfer to the FTP server using "Plain FTP" mode. Interesting, but I really need this to work via command line without requiring a 3rd part app installation.
Note 4: I uninstalled the Win10 Security Update - No effect
Related
My Laravel database got hacked for the second time. the hacker deleted all tables and left a table threatening to delete it If I didn't send bitcoin. That's not a problem since I do have a backup but what can I do to prevent it?
This is for Laravel 6. the first time I had debugging mode ON in the .env file so I thought this might be the problem. after turning debugging off I still got hacked am I missing anything?
Hello Mohamed Elmoniry,
I would check your server database configuration for the following security settings I mean this is pretty basic and normally done automatically if you are not self hosting and using a service like forge or digital ocean, but here you go:
Update the password plugin
Change the root password
Remove anonymous users
Disallow remote root login
Remove test database
If you are new to this and you are using MYSQL on your server you can run the following command/script that will automatically guide you through that process
sudo mysql_secure_installation
Additionally:
If you are using a web server I would also enable SSH and deactivate password login.
If you are using a firewall I would check that only the necessary ports to your application are allowed by the UTM (Unified threat management) if it is a hardware firewall. (same applies to a software firewall)
It would be great if you know how the hacker got into the database. Maybe you have an old database version? Maybe you have an easy-to-crack password and have exposed your database to the internet. Laravel by default blocks SQL injection, so that can't be it.
If you have exposed your database, a good first step is to block all requests and allow only ones from certain IP addresses, like your server and IP addresses where you often work. This way, hackers can only get to your database if they are on one of those IP's.
Do you publish your code to GitHub? Maybe the hacker got the password from your repository (this is only possible if this is public). You should make sure you NEVER EVER publish your .env file to the internet and only keep local copies.
But the best solution would be to find out how he got in. Then you can block that entrance. You should certainly check your database version and update it if necessary.
it seems your website has some shell (malware) stored. Virus take palace with following reasons :
Old version framework (but you are using v6, that is updated)
A shell/virus already in code (check if a php shell exist, & scan with antivirus)
You have public git repo, where attacker placed his malware
You have credentials hardcoded that leaked, either through git repo or JS files.
You have unrestricted file upload option in your code, which allow hacker to upload shell.
your database server is publicly exposed,allowing anyone to access.
If you are using older jenkins or other automation tool, which exploit used.
SQL injection, (check logs)
Thanks, Jaikey
Check whether your .env or .env.sample files expose to public for some reason?
https://yourdomain.com/system/.env
If yes, block the public access of .env by adding the code below to the .htaccess file.
<FilesMatch "^\.env">
Order allow,deny
Deny from all
</FilesMatch>
I have never used PhpStorm before for remote development because I used to work locally.
I am wondering if there is a method to set PhpStorm to work in such a way so it will be identical, in terms of functionality, to local development?
At least, debugging and jumping to functions/variables declaration across the whole project?
Tried to google it but found nothing. Maybe someone knows?
There are two ways to work with remote server development :
With a physically server
With a Virtual Machine locally
Those 2 ways are identical workflow parameters for working with this.
In PHPStorm the main area for parameters workflow deployement on remote server is : PHPStorm > Settings > Build, Execution, Deployement > Deployement
In this area you config the connection on your remote server (you before must config access on your remote server). SFTP is the best way to use this connection.
Most important to select where you want to send/push your modified code with Root path. Upload manually or use the sync auto functionality of PHPStorm use this parameter.
Mappings tabs is not very important you can keep this without change except for 'Deployement path on server' which just type '/' character if you have selected the good 'Root Path' in tab before.
For starting you can forget the Excluded Paths tab. after if you work on symfony framework you use this to exclude the vendor directory.
Don't forget to set the options 'use as Default' if you want to upload or sync auto more fastly and friendly.
Now you must parameters and config correctly your remote server for server be able to run the code which send it with PHPStorm. Dependly on your framework or other technologies you use.
Finally you have :
PHPStorm config OK for send correctly your modification code (auto or manually)
remote server config OK for executing and running correctly the code you are before sending from PHPStorm to your server remote
WARNING : you never run your website into your local OS.
IMPORTANT : config a web server on your remote server and don't forget to install layer for PHP executing script.
I have windows server machine on GCE.Whenever I try to take remote or RDP into machine it is showing
The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license.
Please contact the server administrator
I have reset the machine but didn't work. The solutions that I got on the net needs access to the machine first, but I am not able to access the machine. Here is a link http://www.dell.com/support/Article/us/en/04/635765/EN to troubleshoot this, but I am not able to access machine as the machine is on google server.
In my case license has been expired. But I was able to take remote in admin mode. Use the command in Run to take remote in admin mode
mstsc /admin
Then I added new license to continue remote service. For more detail on remote desktop licensing check out the link https://technet.microsoft.com/en-us/library/cc732684.aspx
According to this post the solution is to delete the following key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod
I Followed Sunil Garg's instructions:
mstsc /admin
to remote into the server.
Then I deleted the key. Please note you must run regedit as System user to delete the key. Use the RunAsSystem tool to achieve this
This problem made by some kind of caching of remote desktop licensing in clients you can solve this by remove the bellow key in registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing
It's much easier to make a reg file and run it so .
Make a empty text file
Name it "mypatch.reg" or "mypatch.reg"
Put bellow text in it and save it
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing]
Run it by dubble click on file!
It should remove the key.
I need to make a development version of a cakePHP app with its own db so that a developer can work on it without disturbing the current users.
I thought it would be simple, I just copied the entire director /project to /project_dev and then copied the DB "project_db" to "project_db_dev". Then I went into /project_dev/config/database.php and changed the db to "project_db_dev".
When I went to see what I had done, I saw the app was still connecting to the same db, as if I'd changed nothing. I realized that the original folder name was referenced in /app/webroot/.htaccess so do I need to find/replace all instances of that folder name?
What steps should I follow to duplicate an existing cakePHP app?
You need to setup some kind of development lifecycle.
Generally speaking the developer shouldn't be doing any development on the server. The best way to handle it is locally using a stack of some kind such as Lamp (Linux, Apache, Mysql, PHP) switch out linux with other OS's. There are multiple cloud solution to these environments to such as Koding.com
Using something like Git for version control the developer can develop locally then push the code through to the server after is being thoroughly tested locally or on a dev server or some kind.
Keeping Dev work and Live work away from each other is key.
Could do with a bit more information.
If both databases are hosted on the same server and you have permission to access them both with the same user then all you have to do is change the name of the database in your database.php
If not you will also have to update the IP and any other additional settings port etc.
If you are still having troubles email me simpsond1988#gmail.com
I am using an SSIS package to get a text file from a secure Unix server. One of the steps in the package ftp's the file to a Windows file share using a Flat File Connection. I have specified the connection using the full path name: \\servername\foldername\filename.
The package runs fine on my development machine; however, I am experiencing a problem when the package runs as a service under SQL Server Agent. This is how it will have to run in Test and Production. The service has been given rights to the server and the folder, but since the folder is a hidden folder it has been appended with a $.
So the actual connection string for the Flat File Connection is: \\servername\foldername$\filename.
Could the dollar sign be causing the problem for SQL Server Agent?
I am running out of ideas and I have almost exhausted my search on the Internet. Stack Overflow is always my last resort. I hope someone can help.
This problem has been resolved. There is no issue.
The job had insufficient permissions. The network administrators told us they had taken care of it, but after we had ruled everything else out, they checked again.