1) Cheat using JavaScript :
javascript:alert(c=0)
2) Changing your IP address
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit
PHPDevShell is a stable, secure, fast PHP Web administration framework. It allows rapid deployment of Web based PHP applications. It is robust, secure, clean, fast, and includes many administrative functions. It supports an unlimited number of users, user groups, security levels, menu tree levels, and menus. 
Grafist is a bandwidth utilization viewer. It gets the bandwidth utilization information for network interfaces from the /proc/net/dev file in 15-second periods, and stores it in four data files (daily, weekly, monthly, and yearly). When a request is sent to index.php, it executes four programs to create graphics (using the GD library) and a summary for each file. Grafist provides localization support for 24 languages.
php Free Chat is a simple, fast, and customizable chat server that uses the filesystem for message and nickname storage. It uses AJAX to smoothly refresh and display the chat zone and the nickname zone. It supports customized CSS stylesheets and a plugin system that allows you to write your own storage routines.
Mollify is an AJAX based Web file manager with a clean and customizable user interface and a PHP backend. It is very easy to configure, including multiple fully configurable published directories with aliases.
Because of a new law suit, Gmail might not be able to keep using the name Gmail.
This is an old news, and Google have already done something to “unload” the name. The changes have been done quietly that the general public may not notice, but not to us developer. For example, because of its change in URL from gmail.google.com/gmail to mail.google.com/mail, gmail-lite and libgmailer failed to use immediately. Fortunately we discovered that and fixed it quickily. And now it seems that you cannot find any references to the word “Gmail” anywhere in its AJAX source code.
Google would probably rename Gmail back to “Google Mail”. Boring name, but safe. After this, I think Google will no longer “invent” new names for its new products. They will keep on using the pattern “Google xxxx”: Google Maps, Google Reader, Google Suggests, Google Desktop, Google OS (okay I faked this one), etc etc. You can see them in Google Labs.
What about all the “hacks” based on it, such as gmail-lite? Should we change to googlemail-lite and libgooglemailer also?
I think I will keep on using this name, unless they, uh, shoot sue me.
Do you have a directory full of images or zips that you do not want people to be able to browse through? Typically a server is setup to prevent directory listing, but sometimes they are not. If not, become self-sufficient and fix it yourself:
IndexIgnore * The * is a wildcard that matches all files, so if you stick that line into an htaccess file in your images directory, nothing in that directory will be allowed to be listed.
On the other hand, what if you did want the directory contents to be listed, but only if they were HTML pages and not images? Simple says I:
IndexIgnore *.gif *.jpg This would return a list of all files not ending in .jpg or .gif, but would still list .txt, .html, etc.
And conversely, if your server is setup to prevent directory listing, but you want to list the directories by default, you could simply throw this into an htaccess file the directory you want displayed:
Options +Indexes If you do use this option, be very careful that you do not put any unintentional or compromising files in this directory. And if you guessed it by the plus sign before Indexes, you can throw in a minus sign (Options -Indexes) to prevent directory listing entirely--this is typical of most server setups and is usually configured elsewhere in the apache server, but can be overridden through htaccess.
If you really want to be tricky, using the +Indexes option, you can include a default description for the directory listing that is displayed when you use it by placing a file called HEADER in the same directory. The contents of this file will be printed out before the list of directory contents is listed. You can also specify a footer, though it is called README, by placing it in the same directory as the HEADER. The README file is printed out after the directory listing is printed.
Using .htaccess, you can disallow hot linking on your server, so those attempting to link to an image or CSS file on your site, for example, is either blocked (failed request, such as a broken image) or served a different content (ie: an image of an angry man) . Note that mod_rewrite needs to be enabled on your server in order for this aspect of .htaccess to work. Inquire your web host regarding this.
With all the pieces in place, here's how to disable hot linking of certain file types on your site, in the case below, images, JavaScript (js) and CSS (css) files on your site. Simply add the below code to your .htaccess file, and upload the file either to your root directory, or a particular subdirectory to localize the effect to just one section of your site:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|js|css)$ - [F] Be sure to replace "mydomain.com" with your own. The above code creates a failed request when hot linking of the specified file types occurs. In the case of images, a broken image is shown instead.You can set up your .htaccess file to actually serve up different content when hot linking occurs. This is more commonly done with images, such as serving up an Angry Man image in place of the hot linked one. The code for this is:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?mydomain.com/.*$ [NC]
RewriteRule \.(gif|jpg)$ http://www.mydomain.com/angryman.gif [R,L] Same deal- replace mydomain.com with your own, plus angryman.gif.
Time to pour a bucket of cold water on hot linking!
Block an IP
Is there a pesky person perpetrating pain upon you? Stalking your site from the vastness of the electron void? Blockem! In your htaccess file, add the following code--changing the IPs to suit your needs--each command on one line each:
order allow,deny
deny from 123.45.6.7
deny from 012.34.5.
allow from all You can deny access based upon IP address or an IP block. The above blocks access to the site from 123.45.6.7, and from any sub domain under the IP block 012.34.5. (012.34.5.1, 012.34.5.2, 012.34.5.3, etc.) I have yet to find a useful application of this, maybe if there is a site scraping your content you can block them, who knows.
You can also set an option for deny from all, which would of course deny everyone. You can also allow or deny by domain name rather than IP address (allow from .nobleatom.com works for www.nobleatom.com or virtual.nobleatom.com, etc.)
htaccess uses redirect to look for any request for a specific page (or a non-specific location, though this can cause infinite loops) and if it finds that request, it forwards it to a new page you have specified:
Redirect /olddirectory/oldfile.html http://yoursite.com/newdirectory/newfile.html Note that there are 3 parts to that, which should all be on one line : the Redirect command, the location of the file/directory you want redirected relative to the root of your site (/olddirectory/oldfile.html = yoursite.com/olddirectory/oldfile.html) and the full URL of the location you want that request sent to. Each of the 3 is separated by a single space, but all on one line. You can also redirect an entire directory by simple using Redirect /olddirectory http://yoursite.com/newdirectory/
Using this method, you can redirect any number of pages no matter what you do to your directory structure. It is the fastest method that is a global affect.
2. Error Handling.ErrorDocument code /directory/filename.extExamples:
or
ErrorDocument 404 /errors/notfound.html
This would cause any error code resulting in 404 to be forward to yoursite.com/errors/notfound.html
Likewise with:
ErrorDocument 500 /errors/internalerror.html
ErrorDocument 400 /errors/badrequest.html
ErrorDocument 401 /errors/authreqd.html
ErrorDocument 403 /errors/forbid.html
ErrorDocument 404 /errors/notfound.html
ErrorDocument 500 /errors/serverr.htmlFor example, a username and password of wsabstract (and I do not recommend having the username being the same as the password), the htpasswd file would look like this:
wsabstract:y4E7Ep8e7EYV Notice that it is UserName first, followed by the Password. There is a handy-dandy tool available for you to easily encrypt the password into the proper encoding for use in the httpasswd file.
For security, you should not upload the htpasswd file to a directory that is web accessible (yoursite.com/.htpasswd), it should be placed above your www root directory. You'll be specifying the location to it later on, so be sure you know where you put it. Also, this file, as with htaccess, should be uploaded as ASCII and not BINARY.
Create a new htaccess file and place the following code in it:
AuthUserFile /usr/local/you/safedir/.htpasswd
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic
require user wsabstract The first line is the full server path to your htpasswd file. If you have installed scripts on your server, you should be familiar with this. Please note that this is not a URL, this is a server path. Also note that if you place this htaccess file in your root directory, it will password protect your entire site, which probably isn't your exact goal.
The second to last line require user is where you enter the username of those who you want to have access to that portion of your site. Note that using this will allow only that specific user to be able to access that directory. This applies if you had an htpasswd file that had multiple users setup in it and you wanted each one to have access to an individual directory. If you wanted the entire list of users to have access to that directory, you would replace Require user xxx with require valid-user.
The AuthName is the name of the area you want to access. It could anything, such as "EnterPassword". You can change the name of this 'realm' to whatever you want, within reason.
We are using AuthType Basic because we are using basic HTTP authentication.
These are some basic commands you can use. In my next post I will extend this discussion.
Posts
All Comments
