If ModSecurity is Turned On via your Web Server , then build a .htaccess file and place it in the root of the folder running the script that may be having issues.

Issues such as Web Scripts and Broken Graphics also any script that use’s the Spaw Editor will break the format of the editor button layout, this is due to Mod_Security in effect.

Building a .htaccess file and / or adding the noted commands below will resolve. this.

ModSecurity is an open source embeddable web application firewall, or intrusion detection and prevention engine for web applications. ModSecurity provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure, by operating as an Apache Web server module mod_security or standalone, and thus increase web application security. However, misconfigured or overly strict rule sets, ModSecurity may cause your website to return various errors such as HTTP 403 Forbidden error or access denied error, login problems, or HTTP 412 Precondition Failed error, or HTTP 406 Not Acceptable error and other false positive symptoms.

To make matter worse, the configuration of ModSecurity rules and filters have to be done manually. Although there are free predefined certified rule set which can be used with ModSecurity out of the box, however the rule sets may be not suitable for each and every environment and may interfere with the operation of websites or blogs, and customizing and modifying the rules may be too sophisticated or complicated for some users. And for some websites that hosted on shared hosting service, the mod_security may be enable by default without options. So in this case, the best solution or workaround for mod security related issues is to disable mod_security filtering and rules.

If you’re using Apache web server (which mostly do), mod_security can be disabled by adding a specific in .htaccess file. Locate the .htaccess file in Apache web root directory (public_html or /var/www/ or others), if it does not exist, create a new file named .htaccess, and add in the following code:

SecFilterEngine Off
SecFilterScanPOST Off

The above entries in the .htaccess will disable the ModSecurity (mod_security) module for the domain.

Uninstallation of ModSecurity (mod_security) from Apache module

The easiest way to remove and uninstall mod_security is to comment out or delete the related mod_security entries from httpd.conf Apache configuration file. The lines that should be removed include:

AddModule mod_security.c
LoadModule security_module modules/mod_security.so
Include “/usr/local/apache/conf/modsec.conf” This line may be different depending on what variant of Linux or Unix you used and the installation location

Save the httpd.conf and restart the Apache. ModSecurity will not be loaded and as if uninstalled.

If you’re using WebHost Manager (WHM), uninstallation is even simpler. Just scroll to cPanel section, and click on Addon Modules. Then scroll to module named modsecurity. It should be checked Install and Keep Updated currently. Just click on Uninstall to remove the mod security feature from Apache web server.

http://www.pidgin.im/

Pidgin is a multi-protocol Instant Messaging client that allows you to use all of your IM accounts at once.

Pidgin can work with:

• AIM
• Bonjour
• Gadu-Gadu
• Google Talk
• Groupwise
• ICQ

• IRC
• MSN
• MySpaceIM
• QQ
• SILC

• SIMPLE
• Sametime
• XMPP
• Yahoo!
• Zephyr

Pidgin is free software. It is licensed under the GNU General Public License (GPL) version 2. This means you are free to use it and to modify it, but if you distribute your modifications you must distribute the modified source code as well.

Pidgin is an instant messaging program for Windows, Linux, BSD, and other Unixes. You can talk to your friends using AIM, ICQ, Jabber/XMPP, MSN Messenger, Yahoo!, Bonjour, Gadu-Gadu, IRC, Novell GroupWise Messenger, QQ, Lotus Sametime, SILC, SIMPLE, MySpaceIM, and Zephyr.

Pidgin can log in to multiple accounts on multiple IM networks simultaneously. This means that you can be chatting with friends on AIM, talking to a friend on Yahoo Messenger, and sitting in an IRC channel all at the same time.

Pidgin supports many features of the various networks, such as file transfer, away messages, and typing notification. It also goes beyond that and provides many unique features. A few popular features are Buddy Pounces, which give the ability to notify you, send a message, play a sound, or run a program when a specific buddy goes away, signs online, or returns from idle; and plugins, consisting of text replacement, a buddy ticker, extended message notification, iconify on away, spell checking, tabbed conversations, and more.

Pidgin runs on a number of platforms, including Windows, Linux, and other UNIX operating systems. Looking for Pidgin for OS X? Try Adium!

Pidgin integrates well with GNOME 2 and KDE 3.1’s system tray, as well as Windows’ own system tray. This allows you to work with Pidgin without requiring the buddy list window to be open at all times.

Pidgin is under constant development, and releases are usually frequent. The latest news regarding Pidgin can be found on the news page.

What is Finch?

Finch is the text-based version of Pidgin. It supports the same IM networks, but you can run it in a console window. You can use it on Linux, BSD, and other Unixes.

What is libpurple?

libpurple is the programming library that powers Pidgin and Finch. It’s responsible for connecting to all the IM networks, and for managing your accounts and preferences. It’s written in C and makes heavy use of Glib.

Is all of this free?

We believe in freedom of communication. To support our aspirations of “IM Freedom,” we release Pidgin, Finch, and libpurple as free software under the GNU General Public License (GPL). We believe that giving others the freedom to modify, share, and augment our code contributes to the goal of bringing freedom of communication to the Internet. The GPL allows us to ensure that any modifications to our code remain free, so that everyone may enjoy their benefits.

How can I help?

We always welcome feedback and contributions. You don’t need to be a developer to help out, but if you are, you can help us by fixing bugs in our code or building new functionality into it. Our development site includes numerous resources for getting started with libpurple, Pidgin, and Finch development.

If you are a regular user, we encourage you to let us know about any problems you encounter and to provide us with suggestions for improvement. You can do so via our support system, IRC channel, XMPP conference, or development mailing list. We also encourage users to help one another solve problems and discover new features using any of these media.

Aggregation: ParagonHost, LLC http://www.ParagonHost.com

Content Filtering: Scan Defense http://www.ScanDefense.com

Email Spam Prevention: The Spam Busters http://www.TheSpamBusters.com

Source: http://www.blackberry.com/btsc/articles/551/KB02318_f.SAL_Public.html

Select the Wipe Handheld option

To delete all the data from your BlackBerry smartphone, complete the following steps. This option is available with BlackBerry® Device Software 3.8 and later.

1. On the Home screen of the BlackBerry smartphone, click Options.
2. If you are running BlackBerry Device Software 4.1 or later, click Security Options > General Settings. Otherwise, click Security.
3. Open the menu and then select Wipe Handheld > Continue.
4. Type blackberry and then press the Enter key. All the data on the BlackBerry smartphone is deleted.

Type an incorrect password

To delete all the data from your BlackBerry smartphone, lock the BlackBerry smartphone, then type an incorrect password ten times. During this process you may be prompted to type blackberry a few times. Once completed, all data on the BlackBerry smartphone is deleted.

Note: You must have a password set on your BlackBerry smartphone in order to perform this task.

Use the Application Loader tool to delete all data

To delete all the data from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and type the password of your BlackBerry smartphone, if prompted.
2. Double-click Application Loader > Next.
3. On the Device Security Password screen, type the password of your BlackBerry smartphone. Click Next.
4. On the Device Application Selection screen, click Next.
5. On the Completing the Application Loader Wizard screen, click Advanced. The Device Data Preservation screen is displayed.
6. To delete all application data from the BlackBerry smartphone, select the Erase all application data check box. Click Next.
7. Select Do not automatically back up and restore the device application data during the loading process. Click Next.
8. Click Finish. The BlackBerry smartphone resets. This might take several minutes.

Use the Backup and Restore tool to clear the application databases

To clear the application databases from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and type the password of your BlackBerry smartphone, if prompted.
2. Double-click Backup and Restore > Advanced.
3. Press and hold the Shift key while selecting all the databases in the Handheld Databases list box.
4. Click Clear.
5. Click OK on the Warning window. All application databases on the BlackBerry smartphone are erased.

Type an incorrect password in the Application Loader tool

To delete all the data from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and double-click Application Loader.
2. In the Application Loader Wizard window, click Next.
3. On the Device Security Password screen, type an incorrect password, and click Next. Perform this step ten times.
4. Click Close. Without software, the BlackBerry device is unresponsive and displays device error 507.
5. Reinstall the BlackBerry Device Software. For instructions, see KB03621

Procedure

Environment

• BlackBerry® Device Software 4.2.2
• BlackBerry® Enterprise Server software version 4.1 Service Pack 4 (4.1.4) 

To remove an IT policy from a BlackBerry smartphone, the BlackBerry Enterprise Server administrator must perform the following steps:

1. In BlackBerry Manager, in the left pane, click BlackBerry Domain.
2. On the Global tab, click Edit Properties.
3. Click IT Policy.
4. Assign the IT policy Remote Wipe Reset to Factory Defaults to the BlackBerry smartphone user account.

   Note: This IT policy is located in the Security Policy Group.

Note: It is required that the IT policy Erase Data and Disable Handheld be applied to the BlackBerry smartphone first in order for the IT policy Remote Wipe Reset to Factory Defaults to become effective.

Additional Info

Prior to BlackBerry Enterprise Server software version 4.1 Service Pack 4, an IT policy could not be removed on the BlackBerry smartphone, even when the data on the BlackBerry smartphone was erased using the Wipe Handheld option. The reason for this is, when a BlackBerry smartphone is activated on the BlackBerry Enterprise Server, the BlackBerry smartphone retrieves the IT policy and then locks it in a read-only state.

However, with the release of BlackBerry Enterprise Server software version 4.1 Service Pack 4 and later and BlackBerry Device Software 4.2.2, the IT policy Remote Wipe Reset to Factory Defaults allows BlackBerry Enterprise Server administrators to remove IT policies from BlackBerry smartphones.

When the IT policy Remote Wipe Reset to Factory Defaults is applied to a BlackBerry smartphone user account, the following actions are performed automatically on the BlackBerry smartphone:

• All data is erased
• All third-party applications are removed
• The IT policy is removed

Essentially, the BlackBerry smartphone is reset to its factory defaults.

Doc ID : KB14202
Last Modified : 2007-11-02
Document Type : How To

Source: http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB14202&sliceId=SAL_Public&dialogID=29071028&stateId=0%200%2029067990

News Aggregation: ParagonHost, LLC

Powered by: ParagonExchange - http://www.ParagonExchange.com

World Class Internet Services: ParagonHost - http://www.ParagonHost.com

Cheat the GMail Antivirus Scanner: Attach any filetype with GMail

When you send and receive attachments with GMail, they’re auto scanned for viruses. If Gmail thinks your mail has viruses, it will attempt to clean the file or remove it. But if it detects a virus and can’t remove it, then you won’t be able to download it.

Thanks to the new GMail Anti Virus Scanner, you cannot send or receive emails with exe, dll, ocx, com or bat attachments even if they are sent in a zipped (.zip, .tar, .tgz, .taz, .z, .gz) format (The .rar format is still allowed)

GMail has some the best spam filtering and phishing detection capabilities but the GMail virus scanning is a bit disappointing. When I tried to email a Firefox 1.5 installer to a colleague, GMail uploaded the entire file (Firefox Setup 1.5.exe 4.98 MB) and then threw this alert:

This is an executable file. For security reasons, Gmail does not allow you to send this type of file.

This is such a poor solution. GMail Virus Scanner didn’t scan the attachment, it just blocked it since it was an exe file. Why is Google calling it an AntiVirus scanner when it is merely blocking attachments of certain types like .exe? Yahoo! webmail too have an anti-virus but they accept .exe files since the yahoo anti-virus would scan even exe files and clean them if found infected.

Secondly, why did GMail upload the entire exe file to its server for scanning but didn’t scan since it was an exe.? The GMail file uploader should be smart enough to disallow users from uploading files with extensions like exe, com, ocx, etc.

Google has no plans to make the “limited” antivirus feature optional, nor does it plan to stop blocking executables. Yahoo! Mail uses Symantec software to scan for viruses. Hotmail licenses its technology from Trend Micro. Google isn’t saying which vendor is providing the antivirus technology.

Since you cannot Turn Off GMail Anti Virus Scanning, you can use these GMail hacks to send program file (exe), virus samples and other blocked formats with GMail:

Technique 1. Use a free file hosing online service like Rapidshare, Megaupload or Yousendit to upload your file and send the link of the uploaded file in your GMail message.

2. Rename the file: Change the file extension to fool the GMail scanner. The new attachment could contain instructions making it easier for the recepient to derive the actuall attachment type. For instance,

Rename Adobe-Reader.exe to Adobe-Reader.exe.removeme

3. If you have lot of exe files to send, put them in a zip file and change the extension of the zip file as mentioned in the previous step. Remember that GMail denies zip attachments that contain exe files. Pass-Protection won’t work either since GMail can examine exe filenames even in password protected zipped files as the archived filename listings are not encrypted by the Zip program.

4. Use a different compression software like WinRAR which compresses files in .rar format. GMail is currently not scanning or blocking .rar filetypes. But there is a high probability that GMail might support rar formats in future. In that case, you can consider splitting the rar files and attaching them separately (like .r1, .r2..)

Important: I would recommend only the first technique since all others violate Google policies and Google could even terminate your GMail account.

Sending Virus infected files with GMail: Yes, it is against the GMail TOS to send viruses in email but ocassionally, we need to mail an infected file for reporting purposes to an antivirus vendor. Like the Symantec Security Response center encourages users to submit virus samples for analysis. You can use any of the above techniques to bypass the virus scanner and attach infected files in your emails.

Now that limited virus scanning is in, we can expect GMail to move quickly out of the beta once the GCal (Google Calendar) application is available. The Google Calendar domain is already live.

Aggregation: ParagonHost, LLC http://www.paragonhost.com

“World Class Internet Services”

Are you in need to share large files?

From Free to Paid - you now are able to send or share large files in a pinch!

Here is some resources for you…

Pando, FREE - E-mail attachment initiates a BitTorrent-based P2P transfer up to 1GB backed by a server
http://www.Pando.com

YouSendIt, 100MB Free - Sends links to uploaded files good for 14 days; designed for business use.
http://www.YouSendIt.com

Zapr, FREE - Turns any file or folder on your PC into a shareable Web Link
http://www.zapr.com 

 AllPeers, Free - Transfers files to your buddies through a BitTorrent based Add-on to FireFox Browser
http://www.allpeers.com

Glide, 300mb Free - Stores and shares digital media via browser-based desktop or smartphone
http://www.glidedigital.com

MediaMax, 25GB Free - Stores digital photos, movies and other files on the web
http://www.mediamax.com

Myfabrik, 1GB Free - Sends links to shared files stored on the Web or a Maxtor Fusion hard drive
http://www.myfabrik.com

Content powered by: ParagonHost, LLC
http://www.paragonhost.com
“World Class Internet Services”