How To Reset Mac OS X User Password In Recovery Mode

By Zilli,

Enter OS X Recovery Mode

To boot into OS X Recovery, the first thing you need to do is to restart your Mac. While restarting, hold down CMD + R until the Apple logo appears. If you time it right, you will enter the recovery mode.

What you need to do next is to go to Utilities > Terminal to open a Terminal. In Terminal, type resetpassword and press Enter.

You will now be presented with the Reset Password window. Next, select your OS X drive. From the drop-down under “Select the user account:”, choose the user account that you want to reset password for.

Type in your new password, re-enter it and try not to forget it this time. You can also choose to write down a hint in the “Enter a new password hint for this user (optional)”, just in case.

Once you’re done, click on Save. You will be prompted with this message saying that your user account password was reset but your keychain is not. Just click OK and close all windows.

Now click the Apple icon at the very top left and choose Restart. You can now enter your account with your new password.

  Category: OS
  Comments: Comments Off on How To Reset Mac OS X User Password In Recovery Mode

Protects your WordPress against brute force login attacks using .htaccess

By Zilli,

write in .htaccess and change example\.com with your domain:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP_REFERER} !^http://(.*)?example\.com [NC]
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteRule ^(.*)$ - [F]

File icons are not showing in Files panel of Dreamweaver CC Mac

By Zilli,

To bring back the lost icons (on Mac) – go to your user configuration folder for DW

~user/library/application support/adobe/Dreamweaver/en_US/Configuration

and edit the Extensions.txt file by adding JPG,GIF,PNG,PDF to the first line (should be the line with ‘:All Documents’)

Now files show up with DW icons and the thousands of console errors are not being generated.

  Category: Apps
  Comments: Comments Off on File icons are not showing in Files panel of Dreamweaver CC Mac

FreeBSD – Install and Configure Webmin Web-based Interface

By Zilli,

Webmin is a web-based interface for system administration for Unix including FreeBSD. Using any browser that supports tables and forms, you can setup user accounts, Apache, DNS, file sharing, firewall and so on. Webmin consists of a simple To install webmin, update your ports, enter:

# portsnap fetch update

Install webmin from /usr/ports/sysutils/webmin, enter:

# cd /usr/ports/sysutils/webmin
# make install clean

Configure webmin

Now, webmin is installed. Start webmin on startup, enter:

# vi /etc/rc.conf

Append following line:

webmin_enable="YES"

Save and close the file. You need to run /usr/local/lib/webmin/setup.sh script in order to setup the various config files, enter:

# /usr/local/lib/webmin/setup.sh

Sample output:

***********************************************************************
*            Welcome to the Webmin setup script, version 1.420        *
***********************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.
Installing Webmin in /usr/local/lib/webmin ...
***********************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.
Log file directory [/var/log/webmin]: [Press Enter]
***********************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.
Full path to perl (default /usr/bin/perl):  [Press Enter]
Testing Perl ...
Perl seems to be installed ok
***********************************************************************
Operating system name:    FreeBSD
Operating system version: 7.0
***********************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
 - What port to run the web server on. There must not be another
   web server already using this port.
 - The login name required to access the web server.
 - The password required to access the web server.
 - If the webserver should use SSL (if your system supports it).
 - Whether to start webmin at boot time.
Web server port (default 10000):  [Press Enter]
Login name (default admin):  [Press Enter]
Login password: [type password]
Password again:
Use SSL (y/n): y
***********************************************************************
Creating web server config files..
..done
Creating access control file..
..done
Creating start and stop scripts..
..done
Copying config files..
..done
Changing ownership and permissions ..
..done
Running postinstall scripts ..
..done

How do I view webmin?

Fire a webbrowser and enter url: https://your-domain.com:10000/ OR https://your-server-ip:10000/

  Category: OS
  Comments: Comments Off on FreeBSD – Install and Configure Webmin Web-based Interface

How to enable root login over SSH on FreeBSD

By Zilli,

Firstly, You will need to edit the SSH daemon configuration file to enable this like so..

vi /etc/ssh/sshd_config

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin yes

Restart SSH daemon

/etc/rc.d/sshd restart

  Category: OS
  Comments: Comments Off on How to enable root login over SSH on FreeBSD

PHP / SQL data protection – anti SQL-Injection function

By Zilli,

SQL Injection

SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input.
Injected SQL commands can alter SQL statement and compromise the security of a web application.

SQL Injection Based on 1=1 is Always True
Look at the example above, one more time.
Let’s say that the original purpose of the code was to create an SQL statement to select a user with a given user id.
If there is nothing to prevent a user from entering “wrong” input, the user can enter some “smart” input like this:

UserId:

How to protect

PHP functions

The function

//Blind SQL-INJECTION Escape sequence. Line codes anti SQL-Injection
function anti_injection($input){
$clean=strip_tags(addslashes(trim($input)));
$clean=str_replace('"','\"',$clean);
$clean=str_replace(';','\;',$clean);
$clean=str_replace('--','\--',$clean);
$clean=str_replace('+','\+',$clean);
$clean=str_replace('(','\(',$clean);
$clean=str_replace(')','\)',$clean);
$clean=str_replace('=','\=',$clean);
$clean=str_replace('>','\>',$clean);
$clean=str_replace('<','\<',$clean);
return $clean;
}

How to use

$id=$_GET['id'];
$id_clean=anti_injection($id);

Hide email headers in Postfix

By Zilli,

Write this code in /etc/postfix/header_checks

/^Received:/                    IGNORE
/^X-PHP-Originating-Script:/    IGNORE
/^X-Originating-IP:/            IGNORE
/^X-Mailer:/                    IGNORE
/^Mime-Version:/                IGNORE