Skeleton .htaccess file for Powweb Hosting Customers

.htaccess file designed for powweb customers

read more | digg story

Update: AskApache Password Protect Plugin

Update for AskApache Password Protect Plugin that automates installation of .htaccess Server-based HTTP Basic Authentication including creating encrypted passwords for .htpasswd

read more | digg story

XMLHttpRequest and Basic Authentication

If the readyState attribute has a value other than 1 (Open), an INVALID_STATE_ERR exception must be raised. Otherwise, a request to url using method method is sent. url, if relative, must be resolved using window.document.baseURI of the window whose constructor is used. If the async flag is set to false, then the method must not return until the request has completed. Otherwise, it must return immediately. (See: open().)

If data is passed to the send() method it must be used for the entity body following these rules (the term entity body is defined by section 7.2.1 of [RFC2616]):

• If data is a DOMString, it must be encoded as UTF-8 for transmission.
• If the data is a Document, it must be serialized using the encoding given by data.xmlEncoding, if specified and supported, or UTF-8 otherwise [DOM3Core].
• If data is not a DOMString or a Document the host language its stringification mechanisms must be used on the argument that was passed and the result must be treated as if data is a DOMString.

Invoking send() without the data argument must give the same result as if it was invoked with null as argument.

Authors should specify the Content-Type header via setRequestHeader before invoking send() with an argument. If the argument to send() is a Document and no Content-Type header has been set user agents must set it to application/xml for XML documents and to the most appropriate media type for other documents (using intrinsic knowledge about the document).

If the response is an HTTP redirect (status code 301, 302, 303 or 307), then it must be transparently followed (unless it violates security, infinite loop precautions or the scheme isn't supported). Note that HTTP ([RFC2616]) places requirements on user agents regarding the preservation of the request method during redirects, and also requires users to be notified of certain kinds of automatic redirections.

Once the request has been successfully acknowledged readyState must be set to 2 (Sent). Immediately before receiving the message body (if any), the readyState attribute must be set to to 3 (Receiving). When the request has completed loading, the readyState attribute must be set to 4 (Loaded). In case of a HEAD request readyState must be set to 4 (Loaded) immediately after having gone to 3 (Receiving).

If something goes wrong (infinite loop, network errors) the readyState attribute must be set to 4 (Loaded) and all other members of the object must be set to their initial value.

In future versions of this specification user agents will be required to dispatch an error event if the above occurs.

If the user agent allows the specification of a proxy it should modify the request appropriately; i.e., connect to the proxy host instead of the origin server, modify the Request-Line and send Proxy-Authorization headers as specified.

If the user agent supports HTTP Authentication ([RFC2617]) it should consider requests originating from this object to be part of the protection space that includes the accessed URIs and send Authorization headers and handle 401 Unauthorised requests appropriately. if authentication fails, user agents should prompt the users for credentials.

If the user agent supports HTTP State Mangement ([RFC2109], [RFC2965]) it should persist, discard and send cookies (as received in the Set-Cookie and Set-Cookie2 response headers, and sent in the Cookie header) as applicable.

If the user agent implements a HTTP cache ([RFC2616]) it should respect Cache-Control request headers set by the author (e.g., Cache-Control: no-cache bypasses the cache). It must not send Cache-Control or Pragma request headers automatically unless the user explicitly requests such behaviour (e.g., by (force-)reloading the page). 304 Not Modified responses that are a result of a user agent generated conditional request must be presented as 200 OK responses with the appropriate content. Such user agents must allow authors to override automatic cache validation by setting request headers (e.g., If-None-Match, If-Modified-Since), in which case 304 Not Modified responses must be passed through.

If the user agent implements server-driven content-negotiation ([RFC2616]) it should set Accept-Language, Accept-Encoding and Accept-Charset headers as appropriate; it must not automatically set the Accept header. Responses to such requests must have content-codings automatically removed.

If the user agent supports Expect/Continue for request bodies ([RFC2616]) it should insert Expect headers and handle 100 Continue responses appropriately.

abort(), method

When invoked, this method must cancel any network activity for which the object is responsible and set all the members of the object to their initial values.

getAllResponseHeaders(), method

If the readyState attribute has a value other than 3 (Receiving) or 4 (Loaded), user agents must raise an INVALID_STATE_ERR exception. Otherwise, it must return all the HTTP headers, as a single string, with each header line separated by a CR (U+000D) LF (U+000A) pair. The status line must not be included.

// The following script:
var client = new XMLHttpRequest();
client.open("GET", "test.txt", true);
client.send();
client.onreadystatechange = function() {
if(this.readyState == 3) {
 print(this.getAllResponseHeaders());
}
}

// ...should output something similar to the following text:
Date: Sun, 24 Oct 2004 04:58:38 GMT
Server: Apache/1.3.31 (Unix)
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

getResponseHeader(header), method

If the header argument doesn't match the field-name production a SYNTAX_ERR must be raised. Otherwise this method works as described below.

If the readyState attribute has a value other than 3 (Receiving) or 4 (Loaded), the user agent must raise an INVALID_STATE_ERR exception. Otherwise, it must represent the value of the given HTTP header (header) in the data received so far for the last request sent, as a single string. If more than one header of the given name was received, then the values must be concatenated, separated from each other by an U+002C COMMA followed by an U+0020 SPACE. If no headers of that name were received, then it must return null. Header names must be compared case-insensitively to the method its argument (header).

// The following script:
var client = new XMLHttpRequest();
client.open("GET", "test.txt", true);
client.send();
client.onreadystatechange = function() {
if(this.readyState == 3) {
 print(client.getResponseHeader("Content-Type"));
}
}

// ...should output something similar to the following text:
Content-Type: text/plain; charset=utf-8

responseText of type DOMString, readonly

If the readyState attribute has a value other than 3 (Receiving) or 4 (Loaded), the user agent must raise an INVALID_STATE_ERR exception. Otherwise, it must be the fragment of the entity body received so far (when readyState is 3 (Receiving)) or the complete entity body (when readyState is 4 (Loaded)), interpreted as a stream of characters.

If the response includes a Content-Type understood by the user agent the characters are encoded following the relevant media type specification, with the exception that the rule in the final paragraph of section 3.7.1 of [RFC2616], and the rules in section 4.1.2 of [RFC2046] must be treated as if they specified the default character encoding as being UTF-8. Invalid bytes must be converted to U+FFFD REPLACEMENT CHARACTER. If the user agent can't derive a character stream in accord with the media type specification, reponseText must be null.

Preloading .flv and .mp3 files with Flash

pre-load .flv files or .mp3 files into a visitors browser cache using flash

read more | digg story

Securing php.ini and php.cgi with .htaccess

Using .htaccess to secure your /cgi-bin/ folder and php.cgi, php.ini files and other interpreters.

read more | digg story

Speed Up Google Analytics, use local ga.js

Host Google Analytics ga.js file locally for increased speed

read more | digg story

Advanced WordPress 404.php

Some of the features of a WordPress 404.php, advanced

read more | digg story

Log all .htaccess/.htpasswd logins

Log and debug usernames and passwords used to login to a htaccess basic authorization protected website using php.

read more | digg story

Making SEO Fun Again

Brief look at keeping SEO skillsets updated

read more | digg story

Locate weak web application password hashes

Search rainbow tables for a match to a md5 or sha1 password hash to locate weak web app passwords to improve security.

read more | digg story

Cracking Hashes

Web Applications like phpBB, WordPress, almost all online apps with authorization capability store user passwords by creating an encrypted hash of your password. The hash is unique to the password so hashing the password in the future will result in the same hash every time.

156 Useful Run Commands

156 Useful Run Commands: "To Access…. Run Command

Accessibility Controls


access.cpl

Accessibility Wizard


accwiz

Add Hardware Wizard


hdwwiz.cpl

Add/Remove Programs


appwiz.cpl

Administrative Tools


control admintools

Adobe Acrobat (if installed)


acrobat

Adobe Designer (if installed)


acrodist

Adobe Distiller (if installed)


acrodist

Adobe ImageReady (if installed)


imageready

Adobe Photoshop (if installed)


photoshop

Automatic Updates


wuaucpl.cpl

Bluetooth Transfer Wizard


fsquirt

Calculator


calc

Certificate Manager


certmgr.msc

Character Map


charmap

Check Disk Utility


chkdsk

Clipboard Viewer


clipbrd

Command Prompt


cmd

Component Services


dcomcnfg

Computer Management


compmgmt.msc

Control Panel


control

Date and Time Properties


timedate.cpl

DDE Shares


ddeshare

Device Manager


devmgmt.msc

Direct X Control Panel (If Installed)*


directx.cpl

Direct X Troubleshooter"

IP Abuse Detection for DreamHost

Scan your Apache logs on DreamHost to locate Abuse by IP addresses. Generates .htaccess file to block them.

read more | digg story

Come On and Sprite for your Website

5 Minutes to change the rest of your life... Its a CSS Sprite Party!

read more | digg story

Apache .htaccess Directives and Loaded Modules allowed on DreamHost Servers

Apache .htaccess Directives and Loaded Modules allowed on DreamHost Servers: "For those of you web insiders smart enough to be using DreamHost, here's a list of available modules and directives allowed. They should help you utilize all the incredible features available on the Apache 2 install. See the Directive Quick Reference for detailed .htaccess directive info, or Apache Module Reference for module information.
Available Modules on DreamHosts Apache 2 Servers

mod_access
Provides access control based on client hostname, IP address, or other characteristics of the client request.
mod_actions
This module provides for executing CGI scripts based on media type or request method.
mod_alias
Provides for mapping different parts of the host filesystem in the document tree and for URL redirection
mod_asis
Sends files that contain their own HTTP headers
mod_auth
User authentication using text files
mod_auth_anon
Allows 'anonymous' user access to authenticated areas
mod_auth_dbm
Provides for user authentication using DBM files
mod_auth_digest
User authentication using MD5 Digest Authentication.
mod_auth_mysql
MySQL-based authentication module with VirtualHost support (you need only one database for all VirtualHosts), now with SSL Support for the Connection to the MySQL-Server
mod_auth_svn
This module grabs the v"

Vote for the Search Blogs Awards of 2007

Vote for the Search Blogs Awards of 2007: "Nominees for Best Search Blogs of 2007

Best SEO Blog of 2007

* SEOmoz Blog
* Sebastian’s Pamphlets
* Search Engine Roundtable
* Graywolf’s Wolf-Howl
* Tropical SEO
* PageTrafficBlog
* SugarRae
* SEO Scoop
* Search Rank Blog
* SEO by the SEA
* Search Marketing Gurus
* SEO Book"

Google Analytics Blog: Exciting Announcements at eMetrics Today

Google Analytics Blog: Exciting Announcements at eMetrics Today

Custom Google Search Engine for Apache HTTPD Server

Apache CSE Custom Google Search Engine

Looking for mod_rewrite answers?, a .htaccess file sample, or anything related to the Apache HTTPD Web Server, then use googles free Apache HTTPD Search , which is a Custom Search Engine courtesy of Google.

Want to Contribute?

You can volunteer to contribute links and labels to this CSE.

Bridging XHTML, XML and RDF with GRDDL

Bridging XHTML, XML and RDF with GRDDL: "While SGML and XML languages have had for a long time the possibility to describe syntactic constraints of their vocabularies using DTD and other schema languages, no specific mechanism exists to allow for the mapping between these syntactic constraints and their semantic implications.

GRDDL, a technology in development in W3C, allows to incorporate semantics from XML vocabularies and XHTML conventions into the Semantic Web by re-using existing extensibility hooks of the Web. This paper explains the basic principles of its mechanisms, and explore how it can be applied for various communities.

Table of Contents

Introduction
Bridging semantics across markup languages
GRDDL mechanisms

Specifying a Transformation For a Family of Documents
Specifying a Transformation For an Individual Document
Scenarios of applications

GRDDL status and future development

Specification
Implementations
Test Suite

Conclusion
Bibliography
Changelog

Introduction

Re-using the same same technologies for sharing documents on the Web to share information and data that can be processed directly by computers is an idea as old as the Web itself.

The Semantic Web, built on the Resource Description Framework (RDF), is the point of reference for sharing computer-processable information on the Web. Howeve"

PHP CURL Code Grabs Feed Subscribers from Google Reader

PHP curl example utilizing cookies, POST, and SSL options to login to Google Reader and fetch the number of subscribers for a particular feed url

read more | digg story