How to send SQL or HTML data over HTTP without triggering WAF rules?

I’m working on securing an application that receives SQL and HTML-like information that is actually proprietry formulas in some cases, and parts of XML documents in other cases.

So the WAF thinks some HTTP requests are SQL or HTML injection attacks while they actually aren’t.

So how can I send these formulas and XML informaiton without triggering those WAF rules? I tried encoding the data but that didn’t work.

WordPress Contact form 7 falat error while send an email

Fatal error: Uncaught Error: Call to a member function get_status() on null in /home/mywebsite/public_html/wp-content/plugins/contact-form-7/includes/contact-form.php:732  Stack trace:  #0 /home/mywebsite/public_html/wp-content/plugins/contact-form-7/includes/controller.php(14): WPCF7_ContactForm->submit()  #1 /home/mywebsite/public_html/wp-includes/class-wp-hook.php(285): wpcf7_control_init() #2 /home/mywebsite/public_html/wp-includes/class-wp-hook.php(311): WP_Hook->apply_filters(NULL, Array)  #3 /home/mywebsite/public_html/wp-includes/plugin.php(544): WP_Hook->do_action(Array)  #4 /home/mywebsite/public_html/wp-includes/class-wp.php(388): do_action_ref_array('parse_request', Array) #5 /home/mywebsite/public_html/wp-includes/class-wp.php(739): WP->parse_request('')  #6 /home/mywebsite/public_html/wp-includes/functions.php(1274): WP->main('')  #7 /home/mywebsite/public_html/wp-blog-header.php(16): wp()  #8 /home/stagingselectedfirm in /home/mywebsite/public_html/wp-content/plugins/contact-form-7/includes/contact-form.php on line 732 

There has been a critical error on your website.

Learn more about debugging in WordPress.

Can a computer fan send you a code?

Normally, when I turn on my cpu the fan goes to high speed for a second and normalizes. Lately, when I start my CPU the fan seems to send me a code in pulses. Similar to how some devises send an error code through a flashing light, but in this case a flashing fan; can a cpu fan send a code and are used like this? If not intentional, what would cause the fan’s sofeware to be changed or signal to the fan interrupted?

The fan sounds normal and silent as always and cpu is normal too.

Is it possible to send a POST CORS request with json data?

Is it possible to send a custom POST CORS request with json data?

I found that the website example.com is vulnerable to CORS and it’s accepting my origin header:

https://mywebsite.com

, however the request is a POST one and if i try without any post data i get: {"errorCode":"invalid","message":"Invalid json body","statusCode":400}

I was wondering if it’s possible to send cors requests containing json data. If it’s possible how should i edit my proof of concept code?

At the moment i’m using the following:

<script> var createCORSRequest = function(method, url) {   var xhr = new XMLHttpRequest();   if ("withCredentials" in xhr) {     // Most browsers.     xhr.open(method, url, true);   } else if (typeof XDomainRequest != "undefined") {     // IE8 & IE9     xhr = new XDomainRequest();     xhr.open(method, url);   } else {     // CORS not supported.     xhr = null;   }   return xhr; };  var url = 'https://example.com/api/v1/post'; var method = 'POST'; var xhr = createCORSRequest(method, url);  xhr.onload = function() {   // Success code goes here. };  xhr.onerror = function() {   // Error code goes here. };  xhr.withCredentials = true; xhr.send(); </script> 

But i’ll need to add {"id":"test","name":"test"} as POST json data to my PoC to make it work. How could i do that?

Encrypt backup files and send them to AWS S3

I have a backup routine via crontab on Ubuntu. This routine generates a compressed tar.gz file and sends it to AWS S3.

But I want to encrypt these files and be able to decrypt them when necessary on another machine only if I have the private key.

While searching I found gpg, and I execute the command below to compress the backup file:

gpg --output my-backup-file.tar.gz.gpg --encrypt --recipient secret-key-mail-address@example.com my-backup-file.tar.gz 

Is this a safe and good way to encrypt these files?

Why certain sites don’t send newsletters to “anonymous” mail addresses?

I use an “anonymous” mail address (cock.li provider in my case). I have found that mainstream news sites in particular don’t send their newsletters to such an addresses. It looks like the domains blacklisted.

What is the reason? I can understand that they don’t want you writing comments from anonymous mail addresses, but passive reading of a newsletter is also prohibited?

Why this behavior? Why this behavior only with traditional mainstream news?

These newsletters usually have a lot of advertising and tracking, why they don’t wish to deliver them to “anonymous” addresses?

how to send prime and generator of diffie hell-men to client over network node js?

I am using crypto module of node js for exchanging key using diffie-hellman algorithm.

server.js

const crypto = require("crypto");  const alice = crypto.createDiffieHellman(512);  const aliceKey = alice.generateKeys(); 

client.js

const bob = crypto.createDiffieHellman(alice.getPrime(), alice.getGenerator());  const bobKey = bob.generateKeys();  const aliceSecret = alice.computeSecret(bobKey);  const bobSecret = bob.computeSecret(aliceKey); 

The above example is taken from node.js documentation as shown the client uses servers prime number for generating the prime number.

my question is how should I securely send the prime number and the other parameter to client over internet? are there any other alternatives?

and another question is that I am generating keys using generate keys function but I have already generated private-key.pem and public-cert.pem file. can I use those if yes then how?, if no then what is difference between those keys?

Best approach to send 0.5 million emails with lowest cost [closed]

I am from engineering background. I have to send 0.5 million emails to users. I already have email addresses of the users.

I have few confusions

  • Sending mail through sendgrid etc, do I need to buy subscription which can hold 0.5 contacts?

  • I want to send via API, is there any API only approach?

  • What if I send via gmail SMTP?

Any kind of information is highly appreciated.