Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 196/596 | < Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203  | Next Page >

  • php url routing question

    - by Ahmet vardar
    Hi, http://mysite.com/songs/company-name/song-name i want to redirect it to http://mysite.com/songs/index.php?name=company-name&song=song-name i read some articles about that mod_rewrite but actually i couldnt understand exactyly, i appreciate if you can help me. thanks

    Read the article

  • htaccess - Redirects with more than 1 slash not working

    - by barfoon
    Hey everyone, Just moved to shared hosting on GoDaddy and Im trying to get my .htaccess rules working. Heres what I have: ErrorDocument 404 /error.php Options FollowSymLinks RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} ^www\.mydomain\.org$ RewriteRule ^(.*)$ http://mydomain.org/$1 [R=301,L] RewriteRule ^view/(\w+)$ viewitem.php?itemid=$1 [R=301,L] RewriteRule ^category/(\w+)$ viewcategory.php?tag=$1 [R=301,L] RewriteRule ^faq$ faq.php RewriteRule ^about$ about.php RewriteRule ^contact$ contact.php RewriteRule ^submit$ submit.php RewriteRule ^contactmsg$ handler-contact.php All the pages @ the root of the domain seem to be working i.e mydomain.org/faq, mydomain.org/about are working. But whenever I try mydomain.org/category/somecategory, I get a 404. How can I fix my .htaccess to obey these rules that are more than 1 level deep? Thanks,

    Read the article

  • Prevent Method call without Exception using @PreAuthorize Annotation

    - by Chepech
    Hi all. We are using Spring Security 3. We have a custom implementation of PermissionEvaluator that has this complex algorithm to grant or deny access at method level on the application. To do that we add a @PreAuthorize annotation to the method we want to protect (obviously). Everything is fine on that. However the behavior that we are looking for is that if a hasPermission call is denied, the protected method call only needs to be skipped, instead we are getting a 403 error each time that happens. Any ideas how to prevent that? You can find a different explanation of the problem here; AccessDeniedException handling during methodSecurityInterception

    Read the article

  • mod_rewrite in conjunction with "options indexes"

    - by Travis
    I have a directory ("files") where sub-directories and files are going to be created and stored over time. The directories also need to deliver a directory listing, using "options indexes", but only if a user is authenticated, and authorized. I have that part built, and working, by doing the following: <Directory /var/www/html/files> Options Indexes IndexOptions FancyIndexing SuppressHTMLPreamble HeaderName /includes/autoindex/auth.php </Directory> Now I need to take care of file delivery. To force authentication for files, I have built the following: RewriteCond %{REQUEST_URI} -f RewriteRule /files/(.*) /auth.php I also tried: RewriteCond %{REQUEST_URI} !-d RewriteRule /files/(.*) /auth.php Both directives are redirecting to auth.php when I request: foo.com/files/bar/ foo.com/files/bar/baz I am outputting the SERVER global on auth.php during testing and it is showing the requests as I made them (I thought Apache may have been doing something behind the scenes by adding something like "index.html" to the end with "Options Indexes" being on). Ideas?

    Read the article

  • Apache Rewrite problems with my blog

    - by roacha
    Hey Guys, I am having a hard time getting the rewrite rule setup correctly for my website&blog. Here is the current line in Apache's virtual host: RewriteRule ^/(?:blog|apc|_em|phpsecinfo|blog/)/ - [L] I am able to access my URL at www.domainname.com/blog/ But I am unable to access it at www.domainname.com/blog (without the ending /) How can I edit my Rewrite rule so that I can reach the blog without the ending / ? Thanks

    Read the article

  • mod_rewrite with location-based ACL in apache?

    - by Alexey
    Hi. There is a CGI-script that provides some API for our customers. Call syntax is: script.cgi?module=<str>&func=<str>[&other-options] The task is to make different authentiction rules for different modules. Optionally, it will be great to have nice URLs. My config: <VirtualHost *:80> DocumentRoot /var/www/example ServerName example.com # Global policy is to deny all <Location /> Order deny,allow Deny from all </Location> # doesn't work :( <Location /api/foo> Order deny,allow Deny from all Allow from 127.0.0.1 </Location> RewriteEngine On # The only allowed type of requests: RewriteRule /api/(.+?)/(.+) /cgi-bin/api.cgi?module=$1&func=$2 [PT] # All others are forbidden: RewriteRule /(.*) - [F] RewriteLog /var/log/apache2/rewrite.log RewriteLogLevel 5 ScriptAlias /cgi-bin /var/www/example <Directory /var/www/example> Options -Indexes AddHandler cgi-script .cgi </Directory> </VirtualHost> Well, I know that problem is order of processing that directives. <Location>s will be processed after mod_rewrite has done its work. But I believe there is a way to change it. :) Using of standard Order deny,allow + Allow from <something> directives is preferable because it's commonly used in other places like this. Thank you for your attention. :)

    Read the article

  • Tomcat Clustering and HTTPS Issue

    - by Angelo
    Hi I have two instances of Tomcat 6 with content accessible via HTTP and HTTPS for other pages. I have configured the instances this way: 1) Instance one to listen on port 8080(Http) and 8443(Https) 2) Instance two to listen on port 7080(Http) and 7443(Https) I have mod_proxy configured with Apache 2.2 to do clustering. The requests are coming in properly and all works well for HTTP traffic but when you are in the app and it becomes HTTPS then i get the page cannot be found when tomcat tries to serve the page. Now if I access the two tomcat instances directly bypassing the load balancer then everything is fine. So http/https is configured properly on tomcat but not on Apache. I have a feeling i must configure Apache to handle this(or mod_proxy). Thanks,

    Read the article

  • Rewrite URL if file exists

    - by Anthony Faull
    I need to redirect web requests of the form /{language}-{country}/{file} to: /{language}-{country}/{file} if it exists, otherwise /{language}/{file} if it exists, otherwise /en-US/{file} The existing .htaccess fulfils requirements 1 and 3. What changes do I need to fulfil requirement 2? .htaccess: Options +FollowSymLinks RewriteEngine On RewriteCond $0 !i18n/en-US [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(i18n)/([^/]+)/(.*)$ $1/en-US/$3 [NC,L]

    Read the article

  • Are there cross-platform tools to write XSS attacks directly to the database?

    - by Joachim Sauer
    I've recently found this blog entry on a tool that writes XSS attacks directly to the database. It looks like a terribly good way to scan an application for weaknesses in my applications. I've tried to run it on Mono, since my development platform is Linux. Unfortunately it crashes with a System.ArgumentNullException deep inside Microsoft.Practices.EnterpriseLibrary and I seem to be unable to find sufficient information about the software (it seems to be a single-shot project, with no homepage and no further development). Is anyone aware of a similar tool? Preferably it should be: cross-platform (Java, Python, .NET/Mono, even cross-platform C is ok) open source (I really like being able to audit my security tools) able to talk to a wide range of DB products (the big ones are most important: MySQL, Oracle, SQL Server, ...)

    Read the article

  • Symfony Rewrite rules on Zeus webserver

    - by Ben
    I would like to run a symfony project on a zeus webserver, however i cannot get the rewrite rules to work. Has anyone done this successfully The symfony .htaccess is as follows: Options +FollowSymLinks +ExecCGI <IfModule mod_rewrite.c> RewriteEngine On # uncomment the following line, if you are having trouble # getting no_script_name to work #RewriteBase / # we skip all files with .something #RewriteCond %{REQUEST_URI} \..+$ #RewriteCond %{REQUEST_URI} !\.html$ #RewriteRule .* - [L] # we check if the .html version is here (caching) RewriteRule ^$ index.html [QSA] RewriteRule ^([^.]+)$ $1.html [QSA] RewriteCond %{REQUEST_FILENAME} !-f # no, so we redirect to our front web controller RewriteRule ^(.*)$ index.php [QSA,L] </IfModule> From what I can tell the following should work on zeus: match URL into $ with (^(.*)$) if matched then set URL = index.php But it doesn't... I can only load the home page from / all other pages just 404. Thanks..

    Read the article

  • Am I missing a flag or something? RewriteRule tip needed

    - by Kirill
    RewriteEngine On RewriteRule ^([a-zA-Z0-9_]+)/([a-zA-Z0-9_]+)$ index.php?p=$1&l=$2 RewriteRule ^([a-zA-Z0-9_]+)/([a-zA-Z0-9_]+)/$ index.php?p=$1&l=$2 this works fine if I do site.com/param_one/param_two/, but returns a 404 when I omit param_two. I'm a newbie to routing requests with htaccess, is there a simple quick fix?

    Read the article

  • need help with 301 redirect and seo urls

    - by tyler
    Ok, i used the below to "seoize" my urls. It works great..the only problem is when i go to the old page it doesnt redirect to the new page.. so i have a feeling i will get two pages indexed in google... how can i just permenantly redirect the old pages eto new urls... RewriteRule ^city/([^/]+)/([^/]+) /rate-page.php?state=$1&city=$2 [NC] http: / / www.ratemycommunity.com/city/Kansas/Independence and old page = http://www.ratemycommunity.com/rate-page.php?state=Kansas&city=Independence

    Read the article

  • What's wrong with this .htaccess rewrite

    - by titel
    Hi guys, I spend a lot of time trying to figure out what's wrong with this .htaccess rewrite with no success. It produces a "500 Internal Server Error" :( RewriteEngine On RewriteCond %{REQUEST_URI} ^/(([^/]+/)*)gallery/ RewriteCond %{DOCUMENT_ROOT}%1gallery/cache/$0 -f RewriteRule ^.+ cache/$0 [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^.* index.php/$0 [L] Can anyone see any problem? Thanks in advance, Constantin TOVISI

    Read the article

  • What is the sense of permiting the user to use no passwords longer than xx chars?

    - by reox
    Its more like a usability question or maybe database, or even maybe security (consider injection attacks) but what is the sense of permiting the user's password to a be not longer than xx chars? It does not make any sense to me, because longer passwords are mostly considered better and even harder to crack, and some users use password safes, so the password length should not matter. I understand that passwords with more than 20 chars are hardly to remember, but if you use diceware or password safe you dont have any problem with that. I really cant understand why there are sites that say "your password need to be between 5 and 8 chars"... also should the password saved as hash, so the length of the field in the database is fixed, so where is the problem? i think that most of the sites where the password is has to be a fixed length are not even using any hashing method...

    Read the article

  • php website url matching question

    - by jj
    hi, i am new to a php site, only familiar with .net web forms sites. i can't figure out how routing is working on this php site. www.oursite.com/suggestions.php is to suggestions.php www.oursite.com/suggestions also loads the php fine www.oursite.com/suggestions/ loads the php, but no css is applied www.oursite.com/suggestions/anything - anything that comes after the '/' is ignored and suggestions is loaded without css. so oursite.com/suggestions////// works, as does oursite.com/suggestions/2/2/2/2/whatever i have searched but not found any good explanation on how this is working. can someone explain or provide a good resource? thank you.

    Read the article

  • mod_rewrite if file exists

    - by Mathieu Parent
    Hi everyone, I already have two rewrite rules that work correctly for now but some more code has to be added to work perfectly. I have a website hosted at mydomain.com and all subdom.mydomain.com are rewrited to mydomain.com/subs/subdom . My CMS has to handle the request if the file being reached does not exist, the rewrite is done like so: RewriteCond $1 !^subs/ RewriteCond %{HTTP_HOST} ^([^.]+)\.mydomain\.com$ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ subs/%1/index.php?page=$1 [L] My CMS handles the next part of the parsing as usual. The problem is if a file really exists, I need to link to it without passing through my CMS, I managed to do it like this: RewriteCond $1 !^subs/ RewriteCond %{HTTP_HOST} ^([^.]+)\.mydomain\.com$ RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.*)$ subs/%1/$1 [L] So far it seems to work like a charm. Now I am being picky and I need to have default files that are stored in subs/default/. If the file exists in the subdomain folder, we should grab this one but if not, we need to get the file from the default subdomain. And if the file does not exist anywhere, we should be using the 404 page from the current subdomain unless there is none. I hope it describes well enough. Thank you for your time!

    Read the article

  • mod_wsgi daemon mode vs threaded fastcgi

    - by t0ster
    Can someone explain the difference between apache mod_wsgi in daemon mode and django fastcgi in threaded mode. They both use threads for concurrency I think. Supposing that I'm using nginx as front end to apache mod_wsgi. UPDATE: I'm comparing django built in fastcgi(./manage.py method=threaded maxchildren=15) and mod_wsgi in 'daemon' mode(WSGIDaemonProcess example threads=15). They both use threads and acquire GIL, am I right?

    Read the article

  • Use Tomcat with Java SecurityManager?

    - by pauline
    I'm writing a web application that is supposed to run on Tomcat on Ubuntu. On Ubuntu, Tomcat is per default configured to run with the Java SecurityManager. Besides my own web application, there will only be some well known third party web applications related to my own, like the BIRT report engine. If one of the web applications fails or gets compromised, it may take down all the others without harm, because they all belong together. What I don't wont to happen is that a compromised web app compromises the system itself, like calling rm -r / Do I need to use the java security manager to achieve this? Or is it only necessary to protect one web app from the other? I'd really like to prevent the effort to create .policy files for all the 3rd party web applications I intend to use.

    Read the article

  • How can I pre-compress files with mod_deflate in Apache 2.x?

    - by Otto
    I am serving all content through apache with Content-Encoding: zip but that compresses on the fly. A good amount of my content is static files on the disk. I want to gzip the files beforehand rather than compressing them every time they are requested. This is something that, I believe, mod_gzip did in Apache 1.x automatically, but just having the file with .gz next to it. That's no longer the case with mod_deflate.

    Read the article

  • How to set the VirtualDocumentRoot based on the files within

    - by Chuck Vose
    I'm trying to set up Apache to use the VirtualDocumentRoot directive but my sites aren't all exactly the same. Most of the sites have a drupal folder which should be the root but there are a few really old drupal sites, a few rails sites, some django sites, etc. that want the Document root to be / or some other folder. Is there a way to set up VirtualDocumentRoot based on a conditional or is there a way to use RewriteRule/Cond to detect that / is the incorrect folder if there is a drupal folder or a public folder? Here's what I have so far: <VirtualHost *:80> # Wildcard ServerAlias, this is the default vhost if no specific vhost matches first. ServerAlias *.unicorn.devserver.com # Automatic ServerName, based on the HTTP_HOST header. UseCanonicalName Off # Automatic DocumentRoot. This uses the 4th level domain name as the document root, # for example http://bar.foo.baz.com/ would respond with /Users/vosechu/Sites/bar/drupal. VirtualDocumentRoot /Users/vosechu/Sites/%-4/drupal </VirtualHost> Thanks in advance! -Chuck

    Read the article

  • Django logs: any tutorial to log to a file

    - by Algorist
    Hi, I am working with a django project, I haven't started. The developed working on the project left. During the knowledge transfer, it was told to me that all the events are logged to the database. I don't find the database interface useful to search for logs and sometimes they don't even log(I might be wrong). I want to know, if there is an easy tutorial that explains how to enable logging in Django with minimal configuration changes. Thank you Bala

    Read the article

  • When do you trust the data / variables

    - by Wizzard
    We all know that all user data, GET/POST/Cookie etc etc needs to be validated for security. But when do you stop, once it's converted into a local variable? eg if (isValidxxx($_GET['foo']) == false) { throw InvalidArgumentException('Please enter a valid foo!'); } $foo = $_GET['foo']; fooProcessor($foo); function fooProcessor($foo) { if (isValidxxx($foo) == false) { throw Invalid...... } //other stuff } To me thats over the top. But what if you load the value from the database... I hope I make sense :)

    Read the article

  • Why is my .htaccess file redirecting to full server path instead of relative path?

    - by death.au
    I've never had a problem with cakePHP before, but something's odd about this server and is causing the redirects in the .htaccess files to behave oddly. CakePHP uses mod_rewrite in .htaccess files to redirect requests to its own webroot folder. The problem is that the redirects are listing the wrong path and causing a 404 error. My CakePHP application, which is stored in the listings directory, has a .htaccess file as follows: <IfModule mod_rewrite.c> RewriteEngine on RewriteRule ^$ app/webroot/ [R=301,L] RewriteRule (.*) app/webroot/$1 [R=301,L] </IfModule> (*note that the R=301 causes an external redirect so we can see what is going on from our end. It should really omit this flag and do the redirect internally, transparent to end-users) This is supposed to redirect any request from http://hostname.com/~username/listings/ to http://hostname.com/~username/listings/app/webroot/ However, rather than simply adding “app/webroot/” to the end as it is supposed to, it is adding the full server path ( /home/username/public_html/listings/app/webroot/ ) resulting in the final URL http://hostname.com/home/username/public_html/listings/app/webroot/ which is obviously incorrect and triggers a 404 error. The hosting is on a shared hosting account, so that limits what I can do with the settings. I've never seen this happen before, and I'm thinking it's something wrong from the hosting side of things, but if anyone has some helpful suggestions then I can put them to the hosting company as well.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 192 193 194 195 196 197 198 199 200 201 202 203  | Next Page >