security – Does an IP lockout policy prevent most public RDP attacks?

My company uses RemoteApp to provide a “cloud edition” of our desktop software.

The RDP port has been changed from default, and we run RDP Shield, which blocks the IP address after 5 failed login attempts.

Each customer has their own Windows user account on the server they are hosted on (Windows Server 2016). Security software whitelists the programs that can run from their account etc.

I can see that Brute force attacks would be far more difficult due to lockouts, as they would require an endless supply of IP addresses.

But are there other login vulnerabilities that are present, that wouldn’t be present if we used an RD Gateway to log in?

I see RD Gateway always recommended, but can’t see a clear advantage over firewall based blocking using RD Shield.

Is TLS inherently more secure than RDP’s encryption?

Tldr.

Does an IP lockout policy prevent most public RDP attacks?

ux field – Is it a good user experience to prevent user from deselecting an item from a dropdown if it is required in a form?

Before I ask my question, I feel like I need to provide some context.

The application that I’m working with has a form for executing queries. This form has the following components:

  1. inputs and textareas – native html elements that use the native constraint form validation api that the browser provides.

  2. Single and multi select dropdowns – These are custom select components and do not use the native select html tag that browser provides and need their own form validation mechanism.

Each field in the form is either required or optional(The number of fields that are required or optional depends on how the query was created in the server. There could be more optional fields than required and vice versa).

On top of that, each select dropdown can very well have a default option(s) that is/are selected when the form is rendered i.e option(s) that is/are programmatically chosen.

Single Select Dropdown:

  • if it is not required, there should be a blank/empty item
    added to the list. (This is not sent when a query is executed).

  • if there is a defaultValue, select it; otherwise, select the first
    item in the list (either ‘blank’ if not required or 1st choice – so that
    we satisfy the required constraint)

Multi Select Dropdown:

  • if a parameter is required and there is no defaultValue, select
    all items in the list (default to “select all”).

  • if a parameter is not required and there is no defaultValue, unselect/clear all items (default to “select none”).

With all of that context, I’ll now get into my main question.

For dropdowns that are required, is it to intrusive or restrictive to prevent the user from having no options selected to stop them from accidentally submitting a query that would 100% fail? I would still allow the user to deselect options from the dropdown assuming deselecting that option still leaves you with at least one option selected.

Of course, if they try to deselect from a dropdown with only one option selected, a popup message, hint etc would render and inform the user that this field cannot be left empty and would suggest them to replace this option with another one.

Obviously for dropdowns that are not required they can leave it empty or add/deselect however many options they want.

What do you guys think about this? Would this be a good validation mechanism to add to my dropdown components when they are required(both single and multi-select)?

How can i prevent duplicate submissions in webform

I was able to set under
SUBMISSION LIMIT SETTINGS
PER USER
1
EVER
that the form is only submittable ONCE, when using the same browser.

But if you use an other browser. You can enter again.

I found the answer: “to prevent duplicate submissions need to be handled using custom code”.

I would like to check the Firstname and Lastname to prevent duplicate entries.

Where could I get this code from ??

Thanks for an answer.

Can an Intrusion Prevention System (e.g. Snort) prevent CSRF and XSS attacks?

I am currently learning about IPS and was wondering about a query that applies to how IPS works. I have knowledge of CSRF and XSS attacks, however I am unsure if Intrusion Prevention Systems can prevent these attacks as it aims to block intrusions and is performed in-line/in-band. If someone could provide me further clarification that would be great, thanks

Is it possible to prevent content types from other SharePoint online sites to recognized?

When a user from Department A recieve an email from Department B and either open the attachment or save it in SP, it automatically attempts to tag it with the existing Content-Type and Metadata (from Dept B).
Problem is that content type and metadata do not exist in Dept A, and it auto assigns the wrong content type.
Is there a way to prevent SP from recognizing Content Types coming from different sites?

P.S.
We don’t wan to use Content Hub.

unity – How to prevent Rigidbodies with restricted movement from clipping

My player is a rigidbody cube with a box collider that can push other “NPC” rigidbody cubes that also have a box collider. These NPC cubes have restricted movement either in horizontal or vertical direction. If the player pushes a cube that can only move horizontally into a cube that can only move vertically, the cubes start clipping. I recorded the whole situation in this video. Note that the NPC cube on the left has frozen X position, while the one on the right has frozen Z position.

I know that one way of preventing this would be to increase the mass of the NPC cubes, but that would only resolve the problem proportionally to the increased mass (the higher the mass, the lower the clipping), and at some point my player is not strong enough to move the NPC cubes anymore.

How can I solve this?

uri – How to prevent proxy URLs in link field from being encoded?

Others appear to have similar issues to Drupal 8/9 encoding URLs in the link field though I see no solutions.

We’re a library site and have many links for our patrons to external database websites that we link to with proxy URLs such as:

https://somewebsite.com/login?auth=password&url=https://link.gale.com/apps/doc/K1606004825/BIC?u=schools&sid=BIC&xid=2aefeae4

However, Drupal encodes the URL after the second https so it looks like:

https://somewebsite.com/login?auth=password&url=https%3A//link.gale.com/apps/doc/K1606004825/BIC%3Fu%3Dschools&sid=BIC&xid=2aefeae4

which returns an error.

Is there a way to turn off this function or disable URL encoding for the link field?

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123