Search Results

Search found 76098 results on 3044 pages for 'http gdata youtube com'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 161/3044 | < Previous Page | 157 158 159 160 161 162 163 164 165 166 167 168  | Next Page >

  • Blocking HTTP clients which request certain URLs repeatedly

    - by Guido Domenici
    I run a website on Windows Server 2008 R2. Looking through the IIS logs, I have noticed that there are some IP addresses repeatedly requesting certain URLs (such as for example /mysql/phpmyadmin/main.php, /phpadmin/main.php) which do not exist, as the site is entirely served off of ASP.NET. They are obviously fishing for known vulnerabilities. My question is, are there any firewall or other tools (Windows built-in or commercial) that allow me to block those IP addresses which request certain URLs multiple times?

    Read the article

  • Postfix / Dovecot and Email Retrieval

    - by Eric J.
    I have setup Postfix and Dovecot on an Ubuntu box following the instructions http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ I can see that email is being delivered to and accepted by the server, but the email is not available for retrieval via POP3. What could be missing in my configuraton? It seems that email is not being properly handed off to Dovecot. Here are what I believe are the relevant /var/log/mail.log entries for an attempt to send email from another domain (hosted by Gmail) to the domain I have setup: Logged during SMTP connection postfix/smtpd[14689]: connect from mail-vb0-f50.google.com[209.85.212.50] postfix/smtpd[14689]: Anonymous TLS connection established from mail-vb0-f50.google.com[209.85.212.50]: TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits) postfix/smtpd[14689]: 5782740ACF: client=mail-vb0-f50.google.com[209.85.212.50] postfix/cleanup[14696]: 5782740ACF: message-id=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com> postfix/qmgr[14687]: 5782740ACF: from=<[email protected]>, size=1947, nrcpt=1 (queue active) postfix/smtpd[14702]: connect from mail.destinationdomain.com[127.0.0.1] postfix/smtpd[14702]: 2940A41AA9: client=mail.destinationdomain.com[127.0.0.1] postfix/cleanup[14696]: 2940A41AA9: message-id=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com> postfix/qmgr[14687]: 2940A41AA9: from=<[email protected]>, size=2450, nrcpt=1 (queue active) amavis[21309]: (21309-02) Passed CLEAN, [209.85.212.50] <[email protected]> -> <[email protected]>, Message-ID: <CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com>, mail_id: W52ZB8FAAA+8, Hits: -0.101, size: 1946, queued_as: 2940A41AA9, dkim_id=@sourcedomain.com, 784 ms postfix/smtpd[14702]: disconnect from mail.destinationdomain.com[127.0.0.1] postfix/smtp[14698]: 5782740ACF: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.29/0.01/0/0.79, dsn=2.0.0, status=sent (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2940A41AA9) postfix/qmgr[14687]: 5782740ACF: removed dovecot: lda([email protected]): msgid=<CAEjmKcjHnTY4yk=3QXoNrD76=04g-s9utPguTFB02Fx53GMPmw@mail.gmail.com>: saved mail to INBOX postfix/pipe[14703]: 2940A41AA9: to=<[email protected]>, relay=dovecot, delay=0.08, delays=0.02/0.02/0/0.04, dsn=2.0.0, status=sent (delivered via dovecot service) postfix/qmgr[14687]: 2940A41AA9: removed Logged during POP3 retrieval attempts dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=209.85.220.135, lip=10.195.83.10, mpid=14706 dovecot: pop3([email protected]): Disconnected: Logged out top=0/0, retr=1/2557, del=1/1, size=2540 postfix/smtpd[14689]: disconnect from mail-vb0-f50.google.com[209.85.212.50] dovecot: pop3-login: Login: user=<[email protected]>, method=PLAIN, rip=209.85.212.31, lip=10.195.83.10, mpid=14708 dovecot: pop3([email protected]): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0

    Read the article

  • In Nginx, can I handle both a location:url or a content-type: text/html response from memcached?

    - by Sean Foo
    I'm setting up an nginx - apache reverse proxy where nginx handles the static files and apache the dynamic. I have a search engine and depending on search parameter I either directly forward the user to the page they are looking for or provide a set of search results. I cache these results in memcached as key:/search.cgi?q=foo value: LOCATION:http://www.example.com/foo.html and key:/search.cgi?q=bar value: CONTENT-TYPE: text/html <html> .... .... </html> I can pull the "Content-type...." values out of memcached using nginx and send them to the user, but I can't quite figure out how to handle a returned value like "Location..." Can I?

    Read the article

  • How do I protect large file downloads through PHP and/or Apache?

    - by Eric
    We have some large files (1-8GB) that are not publicly accessible. Currently we're serving them up through a PHP script that buffers the files in 1MB chunks and writes it to the output. It's incredibly CPU intensive and slows the server down when only a few downloads are active. We want to move the file transfer work to Apache or a more efficient method. We are using cookie authentication. FTP downloads are out unless there's some way to authenticate FTP sessions through the existing PHP session cookie. Ideally we'd like something where we can use PHP to hide the link to the file while it passes off the file transfer work to Apache, which is no doubt far more efficient at HTTP file transfers than PHP. We want to be able to resume downloads as well. Any help is appreciated.

    Read the article

  • direct http to https on certain pages?

    - by Elliott
    Hi below is some code I added to my .htaccess code how can I add certain pages to be re-directed to https? such as login.php & login.html also if the user types in www. they get a "untrusted connection" as the SSL is only valid without the www. how could I fix this? Thanks RewriteEngine On RewriteCond %{HTTPS} off RewriteCond %{REQUEST_URI} /login.html RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

    Read the article

  • Varnish doesn't seem to be caching

    - by Charlie Somerville
    I've setup a Varnish cache mirror to sit in front of a file server, but it seems to be endlessly re-downloading data from my file server. There's about 100GB of data in total, but so far Varnish has downloaded 800GB from my file server. I'm using the default VCL file that comes with Varnish and the response headers for files served by the file server are similar to the following: HTTP/1.1 200 OK Cache-Control: max-age=290304000, public Content-Type: image/jpeg Expires: Wed, 29 Dec 2010 21:38:33 GMT Server: Microsoft-IIS/7.0 E-Tag: "8b4723296ab697530768f18b1378b269" Content-Disposition: inline; filename=image046.jpg; X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Thu, 23 Dec 2010 05:38:33 GMT Content-Length: 100592 I'm starting varnishd with the following options: varnish/sbin/varnishd -a 0.0.0.0:80 -f varnish/etc/varnish/default.vcl -s file,varnish/var/lib/varnish/varnish_storage.bin,100G

    Read the article

  • making cookies persistent in IE8

    - by Jamie Stevens
    There's a website I sign into frequently, and I'm getting sick of entering my username and password every time. The website can remember who I am so long as I don't close my browser (Internet Explorer 8), but when I do it forgets me, and asks me to login again. I'm guessing this is because it's using a cookie (and perhaps a session) that expires when I close my browser. Is there anyway to make this information persistent across each time I load my browser? (I tried exporting the cookies to a file, and then importing them as soon as the browser was reloaded, but that didn't work either... I'm thinking the cookie text file needs to be modified somehow.) (FYI The website is http://blackboard.unh.edu, but you won't have access unless you happen to be a student there :-) NOTE: I'm not interested in using any password remembering features in the browser. The only solution I'm open to is making the cookie / session persistent somehow!

    Read the article

  • CNAME to another domain fails on some office networks, why?

    - by crashalpha
    Our domain "aspenfasteners.com" is hosted by Volusion. We have CNAME records "find" and "search" which point to site indexing accounts on www.picosearch.com. These addresses fail on SOME private office networks which have their own DNS. We suspect the problem comes from Volusion's own name servers, n2.volusion.com and n3.volusion.com. Volusion support on problems this technical is non-existant. We have tried an NSLOOKUP on find.aspenfasteners.com with level 2 debugging info, and we got the results below. Is it possible that the local DNS is recursing to Volusion's name servers, and that while Volusion DOES return the canonical name, they do NOT resolve the address? Can anybody with expertise in this sort of stuff PLEASE look at the NSLOOKUP below and tell me if we are right, because Volusion is giving me absolutely NO support on this topic. I need proof of where the problem lies. Thanks VERY much! Carlo find.aspenfasteners.com Server: mtl-srm-dbsv-01.fastenerwholesale.com Address: 192.168.0.44 SendRequest(), len 61 HEADER: opcode = QUERY, id = 8, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN ------------ Got answer (138 bytes): HEADER: opcode = QUERY, id = 8, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: find.aspenfasteners.com.fastenerwholesale.com, type = A, class = IN AUTHORITY RECORDS: -> fastenerwholesale.com type = SOA, class = IN, dlen = 46 ttl = 3600 (1 hour) primary name server = mtl-srm-dbsv-01.fastenerwholesale.com responsible mail addr = admin.fastenerwholesale.com serial = 10219 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ SendRequest(), len 41 HEADER: opcode = QUERY, id = 9, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: find.aspenfasteners.com, type = A, class = IN ------------ Got answer (141 bytes): HEADER: opcode = QUERY, id = 9, rcode = NXDOMAIN header flags: response, auth. answer questions = 1, answers = 1, authority records = 1, additional = 1 QUESTIONS: find.aspenfasteners.com, type = A, class = IN ANSWERS: -> find.aspenfasteners.com type = CNAME, class = IN, dlen = 17 canonical name = www.picosearch.com ttl = 3600 (1 hour) AUTHORITY RECORDS: -> com type = SOA, class = IN, dlen = 43 ttl = 900 (15 mins) primary name server = ns3.volusion.com responsible mail addr = admin.volusion.com serial = 1 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ADDITIONAL RECORDS: -> ns3.volusion.com type = A, class = IN, dlen = 4 internet address = 65.61.137.154 ttl = 900 (15 mins) * mtl-srm-dbsv-01.fastenerwholesale.com can't find find.aspenfasteners.com: Non-existent domain

    Read the article

  • Most scalable way of serving a small set of static HTTP content

    - by Ekevoo
    The story: Hi guys. I'm among the people responsible for serving the results of the most anticipated (by number of people participating) annual entrance exam in my state. As such, when our results are published, the interest is overwhelming. In the past we delegated the responsibility of serving the results to the media, but that spoils a little the officialness of these results. This year we went with a little (long overdue) experiment of using lighttpd instead of Apache as well as other physical network optimizations I wasn't directly involved with. The results were very satisfactory. The server didn't choke even once, nor we saw any of the usual Twitter complaints on unavailability and/or slowness that were previously common. However, because we still delegated the first publication of the results to the media I'm still not 100% sure we can handle the load of actually publishing the results first. The question: Now because these files are like 14MB in total and a true lightweight Linux distribution isn't that big either, I'm thinking: what if next year we run full RAMdrive? Is there any? Is that useful? Is that worth it for a team that uses Debian almost exclusively? Are there other optimizations that I should be focusing on instead?

    Read the article

  • Send notification from HTTP bot (RESTful service or whatever)

    - by Kuroki Kaze
    I have very simple bot that gathers and parses web pages. It's on a machine in network, behind NAT (so I cannot setup a web server, for example). I don't have MTA set up. The bot should notify me about changes in parsed pages (once in a hour or two, to one recipient). How can this be done? Is there any RESTful email gateways, like SMS ones? I can set up him a twitter account and use curl to post statuses/DM, but it's a very temporary bot.

    Read the article

  • Connect android to database

    - by danny
    I am doing a school project where we need to create an android application which needs to connect to a database. the application needs to gain and store information for people's profiles on the database. But unfortunatly we are a little bit stuck at this point because there are numerous ways to link the application such as http request through apache or through the SOAP/REST protocol. But it's really hard to find good instructions or tutorials on the problem since I can't really find them. Maybe that's cause i'm probably using the wrong words on google. Unfortunately I have little relevant information. So if anyone can help me with finding relevant links to good online tutorials or howto's than those are very welcome.

    Read the article

  • Apache config that uses two document roots based on whether the requested resource exists in the first

    - by mattalexx
    Background I have a client site that consists of a CakePHP installation and a Magento installation: /web/example.com/ /web/example.com/app/ <== CakePHP /web/example.com/app/webroot/ <== DocumentRoot /web/example.com/app/webroot/store/ <== Magento /web/example.com/config/ <== Site-wide config /web/example.com/vendors/ <== Site-wide libraries The server runs Apache 2.2.3. The problem The whole company has FTP access and got used to clogging up the /web/example.com/, /web/example.com/app/webroot/, and /web/example.com/app/webroot/store/ directories with their own files. Sometimes these files need HTTP access and sometimes they don't. In any case, this mess makes my job harder when it comes to maintaining the site. Code merges, tarring the live code, etc, is very complicated and usually requires a bunch of filters. Abandoned solution At first, I thought I would set up a new subdomain on the same server, move all of their files there, and change their FTP chroot. But that wouldn't work for these reasons: Firstly, I have no idea (and neither do they remember) what marketing materials they've sent out that contain URLs to certain resources they've uploaded to the server, using the main domain, and also using abstract subdomains that use the main virtual host because it has ServerAlias *.example.com. So suddenly having them only use static.example.com isn't feasible. Secondly, The PHP scripts in their projects are potentially very non-portable. I want their files to stay in as similar an environment as they were built as I can. Also, I do not want to debug their code to make it portable. Half-baked solution After some thought, I decided to find a way to section off the actual website files into another directory that they would not touch. The company's uploaded files would stay where they were. This would ensure that I didn't break any of their projects that needed HTTP access. It would look something like this: /web/example.com/ <== A bunch of their files are in here /web/example.com/app/webroot/ <== 1st DocumentRoot; A bunch of their files are in here /web/example.com/app/webroot/store/ <== Some more are in here /web/example.com/site/ <== New dir; Contains only site files /web/example.com/site/app/ <== CakePHP /web/example.com/site/app/webroot/ <== 2nd DocumentRoot /web/example.com/site/app/webroot/store/ <== Magento /web/example.com/site/config/ <== Site-wide config /web/example.com/site/vendors/ <== Site-wide libraries After I made this change, I would not need to pay attention to anything except for the stuff within /web/example.com/site/ and my job would be a lot easier. I would be the only one changing stuff in there. So here's where the Apache magic would happen: I need an HTTP request to http://www.example.com/ to first use /web/example.com/app/webroot/ as the document root. If nothing is found (no miscellaneous uploaded company projects are found), try finding something within /web/example.com/site/app/webroot/. Another thing to keep in mind is, the site might have some problems if the $_SERVER['DOCUMENT_ROOT'] variable reads /web/example.com/app/webroot/ but the actual files are within /web/example.com/site/app/webroot/. It would be better if the DOCUMENT_ROOT environment variable could be /web/example.com/site/app/webroot/ for anything within the /web/example.com/site/app/webroot/ directory. Conclusion Is my half-baked solution possible with Apache 2.2.3? Is there a better way to solve this problem?

    Read the article

  • How can Facebook's session get mixed up because of NAT and/or Proxy

    - by Alex
    Have received some reports from a customer (a very large company) they reported issues from clients who are using Facebook. These clients claim that once in a while when they log in to Facebook they end up in someone else's session. I know that network is NATed then Proxied before getting to Facebook.com. Although I'm not able to explain how this issue can occur. Is it possible that the Proxy is not sending the right session back to the clients? How can they end up with someone else's session since Facebook is cookie based session?? Anyone seen this before?

    Read the article

  • *.example.com wildcard domain can be parsed from a single page?

    - by Sean Kean
    For a domain 'example.com' - what is the easiest way to set up a wildcard dns (*.example.com), hosting, and htaccess/httpd.conf/virtualhost, and script on a page so that: how.do.i.setup.a.site.with.wildcards.like.this.example.com or anything.that.is.given.as.a.subdomain.for.example.com is rendered by a page at example.com/index.html - yet keeps the wildcard subdomain in the URL bar and passes the full URL as a parameter for rendering tags in HTML? An example tag is a Facebook comment: { div class="fb-comments" data-href="http://how.do.i.setup.a.site.with.wildcards.like.this.example.com" data-num-posts="2" data-width="500" } I just opened a hosting account with spry.com and have a VPS running Ubuntu 11.04-x86-LAMP - Essentially, what is the most straightforward way of doing this? Thanks so much. (I originally posted this over on stackoverflow but realize its more of a serverfault question)

    Read the article

  • getting a 404/403 error for payment gateway

    - by Obay Ouano
    We are setting up an online payment facility using a payment gateway. After the payment gateway finishes processing the credit card details for a payment, the user is redirected to a "403 Forbidden" page. The logs show: [MY_IP_ADDRESS_HERE] - - [SOME_DATE_HERE] "GET /POSTBACK_URL.php?txnid=1338434567&result=failure&reason=The+remote+server+returned+an+error%3a+(404)+Not+Found.&digest=7a115270c56df5945c43ad86e56b2e930a3cfd50 HTTP/1.1" 404 - "PAYMENT_GATEWAY_URL_HERE" "BROWSER_DETAILS_HERE" It means that when the PAYMENT_GATEWAY_URL attempts to open our POSTBACK_URL, it gets a 404 error, is that correct? But why does the page say "403 Forbidden"? Anyway, we tried to copy-paste that same URL into the browser window, and the page is opened successfully, with our programmed error notification message. So, why couldn't it be opened when the payment gateway tried to redirect to it, but we could? Is this some sort of permissions issue? If so, the postback URL's file permissions are already 755. What am I missing?

    Read the article

  • ISA caching with no cache-related info in response header

    - by Mike M. Lin
    From the documentation, I can't figure out what criteria an ISA server uses to figure out if a cached file is valid when no cache-related info is in the response header. Let's say I got this header in my response on Thu, 13 Jan 2011 18:43:35 GMT: HTTP/1.1 200 OK Date: Thu, 13 Jan 2011 18:43:35 GMT Server: Apache/2.2.3 (Red Hat) Content-Language: en X-Powered-By: Servlet/2.5 JSP/2.1 Keep-Alive: timeout=15 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=ISO-8859-1 There's no cache directive, no last-modified field, no expires field. How will the ISA server decide for how long to cache this response?

    Read the article

  • Server 2003 answers ping, but wont serve http, ftp,smtp or pop3

    - by Manfred
    After reboot, my server wont respond to any incoming request until it is rebooted again. Then, about 5-6 hrs later, any website on it will return a ping, but it will not serve the page, nor will it serve ftp, pop3 or smtp requests. The System log shows W3SVC errors 1014 and 1074, which relate to an Application pool not replying; I have one phpAdmin app pool which I have stopped - it is showing a solitary website as the default App, but the server no longer serves php extensions, and I can't transfer the default website to another pool to kill the whole app pool. I would appreciate your help.

    Read the article

  • telnet - is there a maximum line limit?

    - by benc
    I am working on several servers that use HTTP for transport of commands. What I have encountered is that some of the commands I am trying to issue by hand are very long GETs, several lines, and that when I telnet from my Mac to my Solaris system, I cannot seem to cut and paste the line successfully. I get a couple bounching sounds (which I assume is a control-g - bell) and then it never pastes everything. From trying to break it up into smaller pieces, I am getting the impression that TELNET, or my bundled telnet client or server has a maximum line length that I had never bumped into. I did some googling and superusering, but did not find anything definitive.

    Read the article

  • Debugging an IP Camera

    - by Kevin Boyd
    Further to my previous question on ServerFault here, I finally can view the stream on RTSP however I still cannot view the camera stream in a web browser. The IP camera uses an activeX control in Internet Explorer. And although I can configure the camera settings from IE, I cannot view the stream it shows connecting for a few sec and shows disconnecting. I have forwarded the HTTP, RTSP and Stream ports of the IP camera. the public port is 7071 and private port is 7070. When I try to see the connections in TCPView it shows that the ActiveX control in IE is trying to connect to port 7070 which is quite unusual since it should connect to 7071 Also the state shows SYN_SENT for sometime and then disconnects. I have really no clue what's going on and why?

    Read the article

  • Animated HTTP request visualisation on Apache

    - by Simon Bennett
    This is more a question to appease my memory in trying to remember what it was I saw a while ago. I remember being introduced to a realtime server visualisation tool that showed the current requests that Apache was handling in a kind of fireworks effect on screen. Each request/group of requests would be shot across the screen in varying colours. I can't for the life for me remember what is was called and hunting around here and Google has left me empty handed. Just wondering if anybody else was able to plug this gem from the memory and ease my pain! Thanks

    Read the article

  • Possible to find what IP address caused a 403.6 error?

    - by Abe Miessler
    I have a website setup in IIS that is rejecting all IP addresses except for a specific set. I thought I had added my machines IP address to this list, but evertime I try to access I get the error: HTTP Error 403.6 - Forbidden: IP address of the client has been rejected. Internet Information Services (IIS) I would like to figure out what IP address it think I am coming form when it rejects me. I tried looking at the IIS logs and in the Security Event Logs but I'm not seeing anything. Suggestions on where to look?

    Read the article

  • mod_rewrite not working for subdomain in Apache2

    - by Matt
    Hi, I'm having some trouble with mod_rewrite. So I'm implementing it through .htaccess, and I can get it working on my main vhost, domain.com - what I want it to do is rewrite http:// domain.com to force it to https:// domain.com, which it does well. I want to have name-based vhosts for the one IP with the following redirects: (I'm breaking up domain names with a space because otherwise serverfault recognises them as links) http:// domain.com -- https:// domain.com http:// staging.domain.com -- https:// staging.domain.com http:// test.domain.com -- https:// test.domain.com http:// beta.domain.com -- https:// beta.domain.com domain.com redirects to https:// domain.com, but staging.domain.com doesn't, although I can access https:// staging.domain.com. The .htaccess is identical for both, just with the domain name different. It doesn't seem to do any rewriting at all for staging.domain.com, I've tested this by trying to get it to rewrite to www.google.com. I have a wildcard DNS record, *.domain.com which points to the domain IP. Is there a particular way I should have the virtualhosts configured to allow this? I keep reading in the Apache documentation that it doesn't support multiple SSL name-based vhosts. But I can access both https:// domain.com and https:// staging.domain.com just fine. Any thoughts? Thanks to everyone for your help with this.

    Read the article

  • How to defend agains botnet http requests

    - by Killercode
    I have a server with WHM + CPanel and 5 of my costumer got infected with zbot. This means that the domains they have are constantly receiving requests to certain destinations. I tried to use mod_security but seems that it can't filter every requests... I don't really know why? I still see in the access log the connection comming in and it's consuming a LOT of bandwidth and server load Those accounts have already been clean so all of those requests go to error 404 (the ones catched on mod_security I am dropping the connection). Is there anymore ways to defend against this requests?

    Read the article

  • Protect all XML-RPC calls with HTTP basic auth but one

    - by bodom_lx
    I set up a Django project for smartphone serving XML-RPC methods over HTTPS and using basic auth. All XML-RPC methods require username and password. I would like to implement a XML-RPC method to provide registration to the system. Obviously, this method should not require username and password. The following is the Apache conf section responsible for basic auth: <Location /RPC2> AuthType Basic AuthName "Login Required" Require valid-user AuthBasicProvider wsgi WSGIAuthUserScript /path/to/auth.wsgi </Location> This is my auth.wsgi: import os import sys sys.stdout = sys.stderr sys.path.append('/path/to/project') os.environ['DJANGO_SETTINGS_MODULE'] = 'project.settings' from django.contrib.auth.models import User from django import db def check_password(environ, user, password): """ Authenticates apache/mod_wsgi against Django's auth database. """ db.reset_queries() kwargs = {'username': user, 'is_active': True} try: # checks that the username is valid try: user = User.objects.get(**kwargs) except User.DoesNotExist: return None # verifies that the password is valid for the user if user.check_password(password): return True else: return False finally: db.connection.close() There are two dirty ways to achieve my aim with current situation: Have a dummy username/password to be used when trying to register to the system Have a separate Django/XML-RPC application on another URL (ie: /register) that is not protected by basic auth Both of them are very ugly, as I would also like to define a standard protocol to be used for services like mine (it's an open Dynamic Ridesharing Architecture) Is there a way to unprotect a single XML-RPC call (ie. a defined POST request) even if all XML-RPC calls over /RPC2 are protected?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 157 158 159 160 161 162 163 164 165 166 167 168  | Next Page >