TIPS & TRICKS BLOG

What is .htaccess file . htaccess files provide a way to make configuration on a per-directory basis. In the .htaccess file, we provide directives to apply a configuration. When to use .htaccess Generally, this file should be used when you have no access to your server configuration file (httpd.conf). The best example would be shared hosting providers where you don’t get root access to make changes in httpd.conf file. In such scenarios .htaccess plays a very important role. In shared hosting, we make .htaccess files to secure our websites. We create this file on each directory to secure it from hackers or attackers. When to avoid .htaccess file We should not use this if we have access to our main configuration file. There are two main reasons to avoid the use of .htaccess file. The first of these is performance . When  AllowOverride  is set to allow the use of  .htaccess  files, httpd will look in every directory for  .htaccess  files. Thus, permitting  .htaccess  files cause a perfo

The PHP Configuration by default shows the PHP version in HTTP server header X-Powered-By to display the version installed on the server. But for security reasons, it is generally recommended to hide the version info from attackers or hackers. Sometimes versions has some vulnerabilities which help the attackers to find loop holes and gain access to your system. If the attacker knows the PHP version then it would be easier for them to exploit and find security holes. Therefore in this article “ Server Security – Hide PHP Version ” I will be explaining how to hide PHP Version from the response header. Suggested Read: Secure Apache Web Server To hide the version we need to open php.ini file in the file editor. expose_php = On expose_php = Off You may find php.ini on the following locations Debian/Ubuntu – /etc/php/7.0/cli/php.ini CentOS – /etc/php.ini Now locate expose_php and sets its value to Off expose_php = off Save the file and exit. Afterwards restart the server $ sudo servi

Directory Listing Directory Listing is by default enabled in an apache server. This happens when there is no index.html file (default) available in the directory. If there is no index file available in the directory then doesn’t understand which file to display so it displays all the files and folders in the directory. Please see the below screenshot The above image index file is the default file that is under the website folder. So when I will access my localhost with the following address – localhost/website1 or 192.168.1.2/website 1 then it shows the following page. It is actually showing the website because Apache knows exactly which file to display i.e. index.html But in case I have renamed the index.html file to index1.html then let’s see what happens. So this time when I access my website1 folder again then it will show all the files and folders inside the website1 folder. Files & Folders List Prevention In order to prevent this, you need to disable directory listing in h

Whenever any request is made from client to server then it sends some headers from server to client or vice versa. So when we receive server response we get some headers that give some extra information about the server. This information or headers sometimes becomes vulnerable for hackers to break your server and get into it. In order to stop unauthorized access we secure our server. So in this article “Server Security – Apache Web Server Hardening” I will secure the apache server by removing the server details from response headers. This comes under the Banner Grabbing Attack . In the Banner Grabbing method, Hacker tries to identify the target system OS or server name and version to penetrate into the system. To understand this look at the image below. Server Details If you will look at the image you will find out, In server response headers we are actually getting the lots of details . We are getting the following items: 1. Server Name and Version (Apache & 2.4.43) 2. OS Na

In the article “ Android – Create Force Update App Module in 30 minutes “. I will be using the firebase remote config for the app force update module. First, navigate to Firebase and login with your Google account . Once signing will be done you will be able to see Go to Console on the right top corner of the page. Click on Go to Console After entering into the console you will have to create a new project. Click on the Add Project button. Now on the next screen, you have to enter the project name and click on Continue to move further. On the next screen, You will be asked to enable google analytics on your project it is by default enable so just click on continue to move further. Click on continue Then on the next screen, you will be asked to select google account for google analytics . Select default account for Firebase if you don’t have already created an account. Otherwise, in the drop-down you will see your other account. For this example, I am using the default Firebase

In this article, I will be discussing how you can create a dialog from service. As we all know that service in android does not have any UI and it is intended for long-running background tasks. But sometimes it is required to show some information to the user when your app is running in the background. Today I will show you how you can implement this type of functionality in your application. Before starting the tutorial let me tell you about the special permission that we are going to use. Permission AndroidManifest.xml<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/> This permission allows the app to use the system level window. AndroidManifest.xml <?xml version="1.0" encoding="utf-8"?><manifest xmlns:android="http://schemas.android.com/apk/res/android" package="com.app.dialogfromservice"> <uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/> <appl

Today , I will show you how easily we can create a root checker app in android. It only takes 10 minutes to create this kind of application. activity_main.xml <?xml version="1.0" encoding="utf-8"?><androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" android:layout_height="match_parent" tools:context=".MainActivity"> <TextView android:id="@+id/textView2" android:layout_width="wrap_content" android:layout_height="wrap_content" android:layout_marginTop="60dp" android:text="This app checks the rooting status of your phone" android:textAlignment="center" android:textSize="18sp&q