I want to know how to build a rails server and host an app on it locally. I know I can use heroku or aws but in the case of this app I can’t, the database should be hosted locally in the company for security reasons; they do not want to store their data on servers that are not theirs.
How do I start?
What are the main things to consider?
Do I host on heroku and link the local database to the site or do I host them all in the same place?
How much power does the machine need for around 10-20k users?
What OS should I use Ubuntu or what?
Would really appreciate if you have any tutorials or article links.
You can just use ngrok. It doesn't require any side server deployments.
Today I download neo4j-community-3.2.0 in windows, when i start the server, i meet one problem in browser, i meet this problem in neo4j-community-3.1.2 and i had solved it by Ticking the "Do not use Bolt" option in settings solved the issue. But in neo4j-community-3.2.0 , i can't see "Do not use Bolt" option ,and i don't know how to do.
N/A: WebSocket connection failure. Due to security constraints in your web browser, the reason for the failure is not available to this Neo4j Driver. Please use your browsers development console to determine the root cause of the failure. Common reasons include the database being unavailable, using the wrong connection URL or temporary network problems. If you have enabled encryption, ensure your browser is configured to trust the certificate Neo4j is configured to use. WebSocket readyState is: 3
This happens because the browser is trying (under the hood) to also access the bolt port, which uses an unsigned certificate.
You probably allowed the browser to access the SSL 7474 port through allowing the unsigned certificate as an exception on your browser (and if you didn't, you should in order to make it work).
The url was:
https://[neo4j_host]:7474
Do the same for the bolt certificate, allow it as an exception for url:
https://[neo4j_host]:7687
I ran into the same problem trying to use Neo4j Community Edition on an AWS Ubuntu 16.04 instance. The key thing that solved it was to open port 7687 (the bolt port) in the AWS security group settings.
Found this based on https://stackoverflow.com/a/45234105/1529646
Thus, full answer is:
Make sure to configure Neo4j correctly, ie. uncomment the line dbms.connectors.default_listen_address=0.0.0.0 AND the line dbms.connector.bolt.listen_address=:7687
Open ports 7474 AND 7687 in the AWS security group settings.
In the lower left corner of the browser gear, select do not use bolt.
Open your ${NEO4J_HOME}/conf/neo4j.conf file and edit the bolt settings. It is just about uncommenting this line dbms.connector.bolt.address=0.0.0.0:7687
Change the version of Neo4j
Check your JDK version, use JDK1.8
Adding another option, which worked for me. If your bolt's tls_level is set to REQUIRED, you need to change it to OPTIONAL, if you are not using it with SSL certificate; to get this working.
If you are using Neo4J Community Edition (ver 3.5.1 - in my case) from AWS Marketplace, you need to change the configuration in:
/etc/neo4j/pre-neo4j.sh
Change this line:
echo "dbms_connector_bolt_tls_level" "${dbms_connector_bolt_tls_level:=REQUIRED}"
to
echo "dbms_connector_bolt_tls_level" "${dbms_connector_bolt_tls_level:=OPTIONAL}"
You can find more about Neo4J connector configuration option here. Ideally as per docs, by default bolt.tls_level should have been OPTIONAL only. But I'm not really sure what exactly happened in my case, which got it changed to REQUIRED. Or if it came as is from AWS Marketplace.
Assuming you have valid certs and placed them under the correct certificates directory:
dbms.ssl.policy.bolt.client_auth=NONE
Version 4.0. Took it from this article.
I shared my full ssl config on this other answer.
I had the same error. New to Neo, so take this with a grain of salt, but my solution didn't match these above idea. But thanks as they did lead me to the right "water". So
I went into the conf file, noticed that there was the same port number (previously, the Neo desktop had been constantly telling me it'd needed to update the port numbers...I never checked to verity, but they'd be #, #+1 and #+2. But that didn't work yet that'd happened again and again...but now, after checking the conf file myself, I noticed that the number was the same for all three port requirements for BOLT. Tried that and it didn't work either...but maybe that was important in what did:
In the folder, where the specific database is housed, named "..neo4jdatabases/[GUID Value]" there were two directories titled "/installation-3.4.0" and "...1". I removed the ".0", restarted things and IT WORKED.
So, either there should NOT be two versions under the same database collection OR that's true AND you need the three ports to be the same.
Final add for any Neo4j experts who actually know what they're doing, I have three databases running, two without issue. This occurred AFTER I was messing around trying to see how PowerShell might be useful. Not sure if this is related, but the other databases have worked fine...but, this db is the original playground/sandbox I'd had since the beginning. Not 100% sure, I made the version update before or after, creating the other two databases. HTH.
Using a windows trial version on a Windows 10 machine. Current N4j version is 3.4.1.
Do love what I see so far with Neo BTW!!!
Please mention the correct bolt port under the Connect URL textbox.if you are using the service port the mention the service port in place of bolt port.
Then finally I resolve it by replacing the bolt port with service port inside k8s.
user: neo4j
password: neo4j
I resolve this error by replace the port 7687 with node port 30033 inside Neo4j
then it works fine.
I was facing the same issue with Neo4J version 4 installed on an Ubuntu 18 EC2 instance. Tthe workaround that did the trick for me was to replace the 0.0.0.0 entries in /etc/neo4j/neo4j.conf with the actual private IP of my instance.
Following are the lines where the replace happened:
dbms.default_listen_address=172.X.X.232
dbms.connector.bolt.address=172.X.X.232:7687
Post restart of the DB, the Connect URL when accessing from browser should also use the private IP instead of localhost.
I'm trying to connect to SQL Express from a Rails app, and I've installed the TinyTDS gem. I keep getting an error:
--------------------
Unable to connect: Adaptive Server is unavailable or does not exist
--------------------
Everything I find on Google relates to FreeTDS. Do I need it in order to use TinyTDS on Windows? The TinyTDS github page says it requires it but it makes no mention of Windows.
Do I need drivers or something else? I already isntalled the 'activerecord-sqlserver-adapter' gem.
If I do need FreeTDS, where do I get it?
There is a binary version of Tiny_TDS that is installed on Windows when you install this gem. This includes FreeTDS, so there's no need to install it separately. Only time you have to worry about FreeTDS on Windows is if you want to work with SQL Database on Windows Azure, which requires you to manually build FreeTDS.
There's a couple things that could go wrong that might cause a connection failure:
SQL Express doesn't install a default instance, but instead installs a 'sqlexpress' instance. Maybe try connecting to 'servername\sqlexpress'.
SQL Express may not allow network connections. If you're trying this over the network you may have to enable networking.
TCP/IP and named pipes may not be enabled. I think Tiny_TDS uses TCP/IP.
SQL Express might be using a dynamic port rather than the expected 1433, so maybe check ports.
Here's an article that might help:
http://blogs.msdn.com/b/sqlexpress/archive/2005/05/05/415084.aspx.
We have just finished developing a new website for my company using the .NET MVC framework. The sql server supporting our application holds some critical data such as the profiles of other web users and we would like to make sure this data is never leaked due to a reputational risk to the company.
We have a number of ideas on things to do to secure our website but I would like to get the stackoverflow take on them. We will be using SSL for login screens and we prevent against basic attach methods such as sql injection, cross site scripting attacks.
However we are worried about the physical machine being taken over using some exploit. We will be running the webserver (Windows Server 2008 SP2 with IIS7) in a DMZ with only port 80 and 443 open to the internet. Currently the sql server sits on the webserver machine but we are considering if this is a security risk. Would hosting the sql server in a machine in a second DMZ help in security?
We also considered using an Ubuntu box running Apache with mod_proxy in one DMZ that will be "redirecting" the 80 or 443 requests to separate windows machine in a second DMZ that will do the web serving and sql server hosting.
Some other suggestions we are getting is to use a product such as WatchGuard that can apparently filter the http packets for standards compliance thus blocking dodgy packets from reaching the webserver.
What other things should we be looking to secure?
Thanks
Allowing only 80 and 443 is a very good idea. DMZ stands for Demilitarized Zone, this is to define a machine on a NAT that is accessible by all traffic and this should be avoided. Allowing SQL Server and port 445 will get you hacked, after all you are running windows and its only a matter of time before yet another RPC vulnerability comes out.
The most important thing you must do is TEST YOUR SECURITY. Its not enough to say that you are preventing xss and sql injection. All secuirty systems must be proven that they can stop attacks.
How do you test your system? I like Acunetix but it is over priced, however there is a free xss tester. For SQL Injection and other vulnerabilities i recommend using Wapiti which is free. I recommend using OpenVAS which is the new open source version of Nessus which is now a commercial product. OpenVAS will tell you if your server is misconfigured or if you are running old software. You should do a full port scan of the system to test your firewall, this command will work nmap -sT -p 1-65535 domain.com, this can also be done form OpenVas.
After testing your system. Then install a Web Application Firewall, mod_secuirty is a good choice for Apache, you can use a reverse proxy to get mod_security to work with IIS. Aqtronix is an open source WAF built for IIS, but i haven't used it.
1- Critical data must be encrypted in your tables.
2- Take care from all types of SQL Injections.
3- encrypt the connection string in web.config file
I am using rails freeze 1.2.3 to run a rails app. Because the app is on a remote machine, I used ssh tunnel (ssh -l -L) to show the app on my screen. When I ran it, it correctly prompted the login page, after I put in the info, I got this error:
OCIError in ServiceController
Error while trying to retrieve text for error ORA-12154
I have tried the same app on a different machine w/o using freeze (because that machine has rails version 1.2.3 while current one has 2.0.2). Is that where the error comes from?
Thanks.
That's an Oracle error. It sounds like your database setup is incorrect. Put the error number ORA-12154 in Google and you'll find some useful stuff.
ORA-12154 is a classic. As Sarah points out its nothing to do with your Rails or Ruby per se. ORA-12154 is generated when the Oracle Client can't connect to the oracle server. So most likely your setup is wrong in:
Your database.yml, if you can connect using tnsping or sqlplus (Oracle client utils) you probably just need to look at this.
Your Oracle networking setup, particularly your tnsnames.ora file (found in $ORACLE_HOME/network/admin if I remember correctly). This may need some extra help from a friendly DBA as the tnsnames.ora syntax has quirks. Check this link link text for more info.
Hope that helps.