Skip to main content

Posts

LOG4J VULNERABILITY ASSESSMENT AND MITIGATION

LOG4J VULNERABILITY ASSESSMENT AND MITIGATION What is Log4j?   Log4j, Zero-day exploit the popular Javalogginglibrarylog4j2 was discovered that results in Remote Code Execution (RCE) by logging a certain string.Log4j2 is an open-source, Java-based logging framework commonly incorporated into Apache webservers and Spring-Boot web applications. The vulnerability has been reported with CVE-2021-44228 against the log4j-corejar.CVE-2021-44228 is considered an acritical flaw, and it has a base CVSS score of 10, the highest possible severity rating. Who is Impacted !! Too many services are vulnerable to this exploit as log4j is a wild rang used  Java-based logging utility. Cloud  services like Steam, Apple iCloud,  and applications like  Minecraft have already been found to be vulnerable. Anybody using Apache frameworks services or any Spring- Boot Java-based framework applications that uses log4j2 is likely to be vulnerable. HOW THE EXPLOIT WORKS !!   The exploit works when there is a servic
Recent posts

How to Deploy Multiple Dist file to the Apache Server

How to Deploy Multiple Dist file to the Apache Server   To Deploy Multiple Dist file apache server the Easiest way i have describe below follow the instruction whether your project would be html, PHP or any dist file such as angular you can follow the below Steps. To Deploy any project to the Apache Server We have to make changes in 2 files and one folder. Follow the below process to Deploy the dist file. • Rename the dist file to the project name and copy the file to the Path /var/www/html/   • Make changes in the Index.html or Index.php by giving folder name in base href e.g., /foldername/ • Now Go to /etc/apache2/sites-available and make copy of 000-default.conf or any pervious file for example healthgiggle.conf Copy command cp -r healthgiggle.conf /etc/apache2/sites-available/pjname.conf • Now open the file in vi editor vi pjname.conf and make changes ServerName: Your project name which will appear in URL after main domain e.g., healthgiggle/projectname DocumentRoot: Path of the p