lubblig

Oh, thank god! I have just started (a couple of weeks ago) a project myself with a MySQL DB and it took me a while to setup and follow a bunch of different guides to secure the DB and the server itself. I'm using the MySQLi one so I guess I'm fine? Thank you for the explanation!

I had no idea of this, do you have a source for this? I'm not saying you're wrong just wanted to see if there are any articles on the matter since I had not heard of it before. When did they stop supporting it?

I found that, but I didn't think bcrypt was an hashing "type", just an algorithm generating it. So is bcrypt similar to what sha1/sha256 is (but better/safer)?

I've got this PHP code to generate a password hash, $hash = password_hash($input_password, PASSWORD_DEFAULT, ['cost' => 10]); But I'm having troubles finding what type of password hash is used. I've tried googling it but without finding what it is (might just be me using bad search terms). I'm assuming it's not MD5 or SHA1 since that's not considered safe anymore but I want to be sure and I want to know what's actually being used, so if anyone could tell me (and preferably link to a source that tells me what's being used), I would really appreciate that! Thanks!

Thanks! Why PDO? I don't know what it is so I'm not questioning it, I'm just curious what I'll benefit from it. Is it more secure or easier to use? If so, why? I'll try to do some reading on it right now but I'd love to hear your input on it!

In your link, they use the following code in the .htaccess file: # In case there is no PHP, deny access to php files (for safety) <IfModule !php5_module> <FilesMatch "\.(php|phtml)$"> Order allow,deny Deny from all </FilesMatch> </IfModule> # the following should be added if you want to parse .php and .phtml file as PHP # .phps will add syntax highlighting to the file when requesting it with a browser <IfModule php5_module> AddType text/html .php .phtml .phps AddHandler application/x-httpd-php .php .phtml AddHandler application/x-httpd-php-source .phps </IfModule> The second line says php5_module, since I'm running the latest version of PHP (7), could I just replace the 5 with a 7 or has something changed since version 5 that would make it not work?

Would this be done with the .htaccess file? If so, how?

I'm trying to understand how PHP works and how to secure it when connecting to a MySQL database (DB created with PHPMyAdmin). I found this example on W3Schools: <?php $servername = "localhost"; $username = "username"; $password = "password"; // Create connection $conn = new mysqli($servername, $username, $password); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } echo "Connected successfully"; ?> And I'm kind of skeptical to the whole having the password stored like that in plain text. Is this the way to do it and make sure that the user being used in the PHP file has restricted access to the DB or is there any other ways of securing it? What is consider the industry standard? Since I'm new to PHP and MySQL databases, I haven't really gotten to best security practices part yet (as I'm still learning and running it locally) but as I would like to put things on my webserver for access outside of my house (purely for me to test, but I still want to secure it as well as possible to learn how it works), I would like to make sure that I've secured everything. So if you've got any other tips or does/don'ts that might seem super obvious to you, please tell me because I likely don't know it! This includes PHP, HTML, JS, MySQL and PHPMyAdmin (and any other I might have forgotten) since this is what I'm currently using for it all. Thanks!

Ok, yeah it might be the initial backup that Crashplan didn't "like" being too large. I'm not sure, I just remember reading it on the datahoarder subreddit that some people were having issues with CP a while ago. So not really any proof just what I've heard from others.

I've heard that Crashplan isn't that great with lots of data. Not sure if this is true or not since I don't have that much data to even test it. But their upload speed isn't that great, that I know (at least to me, might be different in other areas). I've heard good things about Amazon Cloud Drive (ACD) but I don't know if there are any limitations to storage.

It depends on how many devices you'll be using simultaneously. But if you're only going to stream/transcode to one device at a time, a fairly low powered computer should work. If you are going to transcode, you're going to need a somewhat beefier CPU (as previously mentioned, if a device doesn't support the file format/codec/bitrate etc, the streaming software will have to transcode the file to make it playable on that device). I recommend using Plex for streaming as it will get meta data (cover art and information etc) automatically for you and works on most devices out there. It is completely free to use (You can purchase a Plex Pass to get extra features such as trailers for your movies, and their mobile apps has a one time fee) https://www.plex.tv/ Their recommendation is a cpu of at least 2000 passmark score to transcode one 1080p for streaming (source: https://support.plex.tv/hc/en-us/articles/201774043-What-kind-of-CPU-do-I-need-for-my-Server-). If you're unsure if you're going to need transcoding, you can freely download and use the Plex Server software (windows program) on your computer now just to test if your files will need transcoding to whatever devices you may want to watch content on (phone, console, webbrowser etc). If they need transcoding, you may want to consider a pc with a CPU with a passmark of at least 2000 to handle it. It's possible to pre-transcode content with Plex. Which means that it doesn't have to transcode as you're watching but can transcode it during the night for example and then be able to directly stream the content to your device that needs it as it has transcoded copy of the file. I put together a computer that should work for you if you need transcoding. But please only consider this an example, there may be things you want to consider changing before purchasing. http://pcpartpicker.com/list/FqkJwV The CPU in the list has a passmark score of about 3500 (http://www.cpubenchmark.net/cpu.php?cpu=Intel+Pentium+G3470+%40+3.60GHz) You should do some research before though of course, and don't forget to buy an operating system (or use linux for free).

So I've got a computer that I have at my parents house to perform backups of my files to. The specs are: Asrock E3C226D2I Pentium G3240 Generic Samsung 8GB ECC ram @ 1600MHz EVGA Supernova GS 550W PSU 2x WD Red 6TB, 2x WD 8TB & 1 WD 3TB Samsung 850 EVO 250GB (boot drive) Bitfenix Phenom Mini It's running Windows 10 with Crashplan to backup. It's cooled properly and the CPU is around 40-50 degrees Celsius and the HDD's are at about 30-45 degrees Celsius idle. It crashes roughly every 24 hours. I've got Teamviewer installed on it that gets unresponsive and I cannot connect to the computer like I normally can. The backups stop (crashplan stops sending files from my PC) and when I'm physically at the computer, I'm not getting any signal from the VGA output on the motherboard (there's no dedicated GPU). It's still powered on though, in terms of fans and HDDs spinning, as well as the lights. I haven't overclocked or changed anything in the BIOS, everything is default except for boot order. The computer is running Avast and Malwarebytes and I've done complete systems scans with no results. I seriously doubt that it's got a virus since it is never used for anything but backups (not using any browsers etc). I cleared CMOS but still crashing after about 24 hours. The computer is running on a battery backup from APC (although this isn't one of those that the computer always uses, it's only when the powers actually out that the battery is used. Which means that if the power were to be lost, which hasn't happened for years, the PC would turn off before the battery backup kicked in). I tried plugging it into the wall directly but still the same issue. So given all of this, I took it home to test the hardware and to give me more space to be etc. I ran several passes of Memtest86+ and ran the stress test from OCCT for almost 48 hours. But no errors found and the computer doesn't seem to be crashing at all. No matter what I do. I live in Sweden and our power delivery is generally really good so it shouldn't be that the power is bad at my parents house. Especially since they got their own computer standing a couple of meters next to it, plugged into the same power outlet and we live in the same city and are on the same power grid. I've got no idea what to test next or what could be causing these issues since nothing happens when it's at my house. Anyone with ideas of why this is happening? TL;DR Computer at my parents house, stops working after being on for about 24 hours. Memtest and OCCT ran extensively without any errors. CMOS has been cleared and the computer is virus free. When at my house, the computer doesn't crash at all, even during stress testing for about 48 hours.

It's over already http://www.ign.com/articles/2016/09/06/battlefield-1-beta-gets-an-end-date

Yeah, I've been meaning to learn Git and use Github but it seems so complicated. I might just have to start learning it. It was a couple of years ago since I looked at it so there may be better tools/tutorials than what I could find back then. Good tip btw!

Yeah I'd think that's best. Since I've never used a domain to redirect to another URL (only hosted my own server with domains), I'm not sure how it works or if it works. You should look into it and see if you can get a domain that redirects that works with the "web.DownloadString" code. As what I've used before has been more like hosting the textfile on my server and accessing it via "example.com/version.txt" and not have it redirect from a subdomain like version.example.com to onedrive.ms.com/version.txt. The problem I can see here is that the DownloadString doesn't work as it wants the direct link and possibly not the redirect part. I'm unsure and I think you should look into it. As for the how to actually redirect, I looked at this tutorial on Godaddy that should work: https://se.godaddy.com/help/manually-forwarding-or-masking-your-domain-name-422