Posts

Improve Apache server security by limiting the information

 Typically server have 2 response headers in Apache2 which you want to remove for security reason. ServerSignature - used to configure a footer line under the server-generated documents.  ServerTokens - controls the details which the server sends. The details can include OS and other complied modules. Implementation Procedure in Apache2 Run this command sudo nano /etc/apache2/conf-enabled/security.conf Within that file, search for SeverTokens and set it to Prod Then search for ServerSignature and set it to Off Save and close that file. Restart Apache with the command sudo systemctl restart apache2

Secure cookie with HttpOnly and Secure in Apache Ubuntu

 This is a new security feature introduced by Microsoft in IE 6 SP1 to mitigate the possibility of a successful Cross-Site scripting attack by not allowing cookies with the HTTP only attribute to be accessed via client-side scripts. We can mitigate most common XSS attacks in our web application using HttpOnly and Secure flag with cookie. Implementation Procedure in Apache2 Ensure that mod_headers.so are enabled in Apache HTTP server Add below line in httpd.conf            Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure Restart Apache HTTP server to test ( sudo systemctl restart apache2 ) Note: You can check either leverage the browser’s inbuilt developer tools to check the response header or use an online tool .

Secure Apache from Cross-Frame Scripting on Ubuntu

 A Cross-Frame Scripting (XFS) vulnerability can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page.       The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering, or Cross-Site Request Forgery attacks. To defend Clickjacking attack on Apache web server, we can use X-FRAME-OPTIONS to avoid web application being hacked from Clickjacking attack. Browser vendors have introduced and adopted a policy-based mitigation technique using the X-FrameOptions header. Developers can use this header to instruct the browser about appropriate actions to perform if their site is included inside an iframe.  Developers must set the X-Frame-Options header to one of the following permitted values: ·  DENY: - Deny all attempts to frame the page ·  SAMEORIGIN: -The page can be framed by another page only if it belongs to the same origin as the page being framed ·  ALLOW-FROM origin: - Developer

Solved - $(...).select2 is not a function

 Some time we face a common problem with select2  if select2 library added to all pages and js function too but selection did not exist or was not loaded. So we can fix that issue using below method: Make sure $("#selector") is exists or not. if ( $("#selector").length > 0 ){     //Check selection      $("#selector").select2();     // Call select 2 }

Creating Protected routes in ReactJS

Protected routes are very important for any web application. Below are the code to create authenticated routes that only certain users can access based on their authentication roles. import   React , {  Component  }  from   'react' ; import  {  BrowserRouter   as   Router ,  Route ,  Switch ,  Redirect  }  from   'react-router-dom' ; import   commonService   from   './core/services/commonService' ; import   './App.css' ; import   Loader   from   './views/Loader/Loader' ; // Containers const   FrontEndLayout  =  React . lazy (()  =>   import ( './containers/FrontEndLayout/FrontEndLayout' )); const   UserLayout  =  React . lazy (()  =>   import ( './containers/UserLayout/UserLayout' )); const   loading  = ()  =>   < Loader   /> ; class   App   extends   Component  {    render (){      return  (        < Router >            < React.Suspense   fallback = { loading () } >    

Render a multi-line text string in ReactJS

Sometimes we face a problem to display multiline string in separate line instead of online while rendering ReactJs view. Here are the solution: Add a new class in css file .multi-line-break {   white-space: pre-line; } Add css class with you div or p tag render() {   const textString = 'First Line \n Second Line \n Third Line';   return (      <div className="multi-line-break">         {textString}      </div>   ); } You will get output like this: First Line Second Line Third Line

Multiple Like clauses with where condition in CodeIgniter

Many time we stuck in some situation if we want add multiple like queries with where condition, So for this, you should use Grouping where clause, see below example: $this->db->where('status','1'); $this -> db -> group_start (); //group start $this->db->like('contact_name',$filter_key); $this->db->or_like('contact_email',$filter_key); $this->db->or_like('contact_number',$filter_key); $this->db->or_like('company_name',$filter_key); $this->db->group_end(); //group end $query = $this->db->get('contacts');