Is there a technical security standard for internet facing test environments?

We have a number of test environments that are permanently internet facing to accommodate external and automated testers with dynamic IP addresses. While we regularly check the servers for security vulnerabilities etc, we found that the servers were indexed by Google and other search engines. This led to a situation where customers were clicking on search engine links and attempting to make use of the UAT environment for business. We’ve put a few controls in place now to ensure this does not happen again but to avoid future errors, I was hoping there is a full standard available to say e.g.

  1. Ensure sites are not searchable by search engines by making use of Robots.txt or other meta tags
  2. Clearly mark UAT environments as different from Prod environments
  3. Etc…

Is there a standard / checklist available for this specific use case?

Facing difficulty in initialize i18next react component with fetch response data?

I am using i18next to do the internalization.

Default fetch request used to get a data from server and the language information available in response data. Based on language info the page has to be loaded with corresponding language

import i18n from 'i18next'; import { reactI18nextModule } from 'react-i18next'; import LanguageDetector from 'i18next-browser-languagedetector'; import translationEN from './locales/en/translation.json'; import translationDE from './locales/de/translation.json';  // the translations let language; function sendRequest(resources) {   console.log('resources', resources);   i18n     .use(reactI18nextModule) // passes i18n down to react-i18next     .init(       {         resources,         lng: language,         fallbackLng: 'en',         keySeparator: false, // we do not use keys in form messages.welcome          interpolation: {           escapeValue: false // react already safes from xss         }       },       function() {         fetch('http://localhost:3100/getLang')           .then(data => data.json())           .then(res => {             console.log(res);             language = res.lang;             i18n.changeLanguage(language, (err, t) => {               if (err)                 return console.log(                   'something went wrong loading the language',                   err                 );             });           });       }     );   return i18n; } function i18() {   const resources = {     en: {       translation: translationEN     },     de: {       translation: translationDE     }   };   return sendRequest(resources); } export default i18(); 

Language variable is undefined initially. For the very first time i18n init method setup with “fallbackLng” variable instead of “lng”. After that fetch request goes in callback of init method. That will have the response of language need to used. Then i18n changeLanguage method will help to change language.

I am just wondering how can i execute fetch request prior to i18n initialization. I don’t like the approach of initialize the i18next with some default language first and then moved to different language. When i tried to initialize i18n in then part of fetch request doesn’t works for me.

Is there any alternative way available to execute fetch request first and then setup i18n before exporting the component?

Thanks in advance for any suggestion!

Facing Issue when trying to disable HTTP methods in Production Sharepoint 2010?

I am trying to disable the below HTTP methods in SharePoint web application config file but when I added below methods total site itself getting down some times I am getting 401 unauthorized access and access denied the issue . methods can be find below link Please find here Methods which i have used in web config.

Below are the methods tried to configure in web.config level. Http methods tried in web.config

appreciate if anyone can help me on this

Create shipment programmatically and facing error

I am trying to create shipment programmatically. Following a tutorial, but facing error on save shipment.

Here is the code that I am using:

$  orderId = 100002156; $  order = $  this->_orderRepository->get($  orderId);  if (!$  order->canShip()) {     echo "Can't Ship";     die; }  $  orderShipment = $  this->_convertOrder->toShipment($  order);  foreach ($  order->getAllItems() AS $  orderItem) {      if (!$  orderItem->getQtyToShip() || $  orderItem->getIsVirtual()) {         continue;     }      $  qty = $  orderItem->getQtyToShip();     $  shipmentItem = $  convertOrder->itemToShipmentItem($  orderItem)->setQty($  qty);      $  orderShipment->addItem($  shipmentItem); }  $  orderShipment->register(); $  orderShipment->getOrder()->setIsInProcess(true);  $  this->save(); $  this->getOrder()->save(); 

Can anyone tell what is the issue?

Ubuntu 16.04 is facing kernel incompatibility with VMWare. Again!

I have problems before, and after the kernel update to 4.4.0-143-generic #169 VMWare 12.5.9 is unable to start, services are incompatible and fail to start. Today I receive the new kernel 4.4.0.145-generic #153 and the problems continues. I do’t know if the Canonical have no interest in keep compatibility or this is another issue. I’m stucked in kernel 4.4.0-142-generic #168, and my VMWare 12.5.9 build-7535481, is working fine as aways! Anyone have the same trouble? Any suggestion, how to fix this?

Problem Facing on website ranking

I need help of experts & Professional.
I am doing SEO for ‘Royalpuregold.com’ and the problem i’m facing is the rank of website on different platforms like Alexa and etc. is showing rank from Pakistan I don’t know why but the website belongs to UAE and all the keywords are set as per UAE and I have set my webmaster tool international location to (UAE) but why i’m facing this problem please help me out on this
suggest me any thing which may help me
Thankyou

Public facing Zabbix Server

I’m running Zabbix server 4.0.4 on Debian 4.19.12-1. Right now to access my Zabbix server I have an nginx proxy_pass for the front end which is public facing. I can access it with mydomain.com/zabbix.

I don’t like that this is public facing, and I’d like to only be able to access zabbix on the local network. IE 192.168.x.x/zabbix. Playing around with the settings, it only allows me to connect to the front end using an nginx proxy_pass which I believe was how it was designed. How do I make the zabbix server only available over the local network so that grafana, which is hosted on the same server, can use it?

/etc/zabbix/zabbix_server.conf

SourceIP=127.0.0.1 ListenPort=10051 

/etc/zabbix/zabbix_agentd

Server=127.0.0.1 ListenPort=10050 

These are the settings I have. Obviously if I go to 192.168.x.x/zabbix it redirects me to mydomain.com/zabbix. This domain is secured with SSL through nginx, and SSL is enabled on mydomain.com/zabbix.

i am facing a problem with and operator in python

I want to take the input in trick1 and print “wrong input” if it is none of “rock” or “paper” or “scissor”…otherwise, my program will go through next process.. I used this code

in this case, if I put “rock” then the execution go through the else statement as it is “rock” or “paper” or “scissor”…but if put paper or scissor the execution goes to the if statement. why is it??

what to do if I want to bring the execution to the else block if the input is none os “rock” or “paper” or “scissor” ????

     trick1=input("Enter rock or paper or scissor")       if trick1 != "rock" and "paper" and "scissor":         print("Wrong input")         switch= res() ##this is a funtion to restart the game      else:      ...................code of the rest............