In the Apache default configuration if you access the file it will have no Content-Type. Some browsers will guess/autodetect it as HTML and now you are vulnerable to XSS.

To prevent this, you can set a default Content-Type (e.g. plain/text or application/octet-stream).

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

Prevents you from data breaches and liability risks
Upgrade at your own pace
Works with modern Rubies

Related cards:

FAQ for When PostgreSQL Indexes Are Corrupted After Locale Changes

When changing glibc versions, it's possible to end up with corrupt indexes in PostgreSQL.

Are My Indexes Affected?

If your database has...

Elasticsearch unassigned replica shards on single node instances

If you have a single node elasticsearch instance and indices with replicas enabled your cluster state will be yellow. If you have replica shards they should be moved to a different node for high availability purposes. With a single node this can't...

Keepalived VRRP FAQ

How can I configure virtual IP's?

There are two parameter to set up virtual ips in Keepalived:

`virtual_ipaddress`

Addresses defined here are included into the VRRP Packages and are therefore limited in number, especially with IPv6.

Add...

Installing throttled to fix Lenovo laptops with nvidia graphics running Ubuntu losing performance after a while

We have observed Lenovo laptops with nvidia graphics losing performance after they have been in use for a few minutes. While we have not been able to pinpoint exactly what triggered the performance loss, we have found it mostly correlated with hig...

Mind your locales with glibc upgrades when using PostgreSQL

When changing the glibc version, it's possible that the upgrade also includes changes to how locales work.

This is especially relevant when using [PostgreSQL databases (of any version)](https://wiki.postgresql.org/wiki/Locale_data_changes#What_in...

HowTo: enable termination protection for all EC2 instances not in autoscaling groups via aws cli

aws ec2 describe-instances --output text --query 'Reservations[].Instances[?!not_null(Tags[?Key == `aws:autoscaling:groupName`].Value)] | [].[InstanceId]' | xargs -L1 -t aws ec2 modify-instance-attribute --disable-api-termination --instance-id...

Exim: investigating frozen messages in the mailqueue

Investigate why mails are frozen

The exim documentation says:

Freezing occurs when a bounce message encounters a permanent failure because the...

Resize an Areca Raid by swapping disks

If you want to expand your Areca Raid by swapping out the disks for larger ones you will need to do the following:

Swap out all disks one by one and wait until the syncronisation is finished in between.
Reboot your server and enter the Rai...

HowTo apply Test Driven Development to Container Images

Apply Test Driven Development(TDD) to the process of building container images by defining test before writing code and automate the testing process. Iterate through the TDD cycle while developing and running the tests later in continuous integrat...

Intel Microcode Versions and Updates

Intel CPUs receive updates, including security relevant upgrades, through 2 channels:

Firmware/UEFI BIOS updates can also update the microcode in CPUs. This is the preferred and persistent way
the intel-microcode package can patch the micro...

Kim Klotz

makandra.com

Say thanks1

Last edit

10 months ago

Kim Klotz

License

Source code in this card is licensed under the MIT License.