Search Results

Search found 14878 results on 596 pages for 'mod security'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 197/596 | < Previous Page | 193 194 195 196 197 198 199 200 201 202 203 204  | Next Page >

  • modrewrite RewriteRule problem

    - by timpone
    I am using Apache 2.2 and mod_rewrite. I would like to take the following urls and map them to another url. The pattern is simple and like this: http://domain/test/ex1.html - http://domain/app/index.php/content/?name=ex1 I tried the following in an .htaccess file: RewriteEngine On RewriteBase /app/ RewriteRule (.*)\.html index.php/content/?name=$1 and RewriteEngine On RewriteRule (.*)\.html /app/index.php/content/?name=$1 I wasn't sure if the backreference was correct so set to $0 and $2 but never seemed to help. I also tried setting the RewriteLogLevel to 9. There is a step where it is almost there: rewrite 'ex1.html' - 'index.php/content/?name=ex1' The last line of the rewrite log is as follows: [perdir /var/www/domain/htdocs/test/] internal redirect with /app/index.php/content/ [INTERNAL REDIRECT] How can I get this to rewrite to /app/index.php/content/?name=ex1 ? thanks

    Read the article

  • django (under mod_wsgi) and php

    - by Hellnar
    Hello Under my debian copy, I run a django site runs via apache2 and mod_wsgi. Now I want to include a wordpress to it, for that I need to install php - apache bindings. I am curious what library is recommended for this, aswell as how shall I be doing the apache2 config file ? Here is my current apache 2 000-default file: <VirtualHost *:80> Alias /media /home/myuser/myproject/statics Alias /favicon.ico /home/myuser/myproject/statics/pic/favicon.ico Alias /robots.txt /home/myuser/myproject/templates/robots.txt Alias /admin_media /usr/lib/python2.5/site-packages/Django-1.1.1-py2.5.egg/django/contrib/admin/media WSGIScriptAlias / /home/myuser/myproject/myproject_wsgi.py WSGIDaemonProcess myproject user=myuser group=myuser threads=25 WSGIProcessGroup myproject </VirtualHost> I want to add Wordpress to my www.mysite.com/blog

    Read the article

  • How to make an Asp.net MVC 2 website have a Private Beta Mode.

    - by Mark Kitz
    I am creating an ASP.Net MVC website that I am launching soon in private beta. What I am using. ASP.NET MVC 2 ASP.NET Sql Membership Provider Authorization Attributes on ActionMethods. ex. [EditorsOnly] What I am trying to accomplish: During the private Beta period of my website, I want no anonymous users to access my site. Only Beta Testers of my site should be able to login and use my site as normal. After the private beta period people can access it using the security structure I already have set up. I am hoping I do not have to recompile but can have a setting in the webconfig to switch between Private Beta mode to Normal mode. Thanks for your suggestions.

    Read the article

  • Is php fileinfo sufficient to prevent upload of malicious files?

    - by Scarface
    Hey guys, I have searched around a bit, and have not really found a professional type response to how to have secure fileupload capability so I wanted to get the opinion of some of the experts on this site. I am currently allowing upload of mp3s and images, and while I am pretty confident in preventing xss and injection attacks on my site, I am not really familiar with fileupload security. I basically just use php fileinfo and check an array of accepted filetypes against the filetype. For images, there is the getimagesize function and some additional checks. As far as storing them, I just have a folder within my directory, because I want the users to be able to use the files. If anyone could give me some tips I would really appreciate it.

    Read the article

  • How to write mod_security friendly PHP code?

    - by KPL
    Hello people, I made a theme in WordPress which hit the mod_security rule on HostGator and gave 403 error. I contacted people there(at HostGator) and they fixed it for me. But I don't want my theme to work like this. I just wanted to know if there are any guides/blog post/tutorials telling about writing PHP code which is mod_security friendly? I tried Google, but didn't find anything helpful.

    Read the article

  • Setting up repoze.who with make_redirecting_plugin

    - by Timmy
    my file is: [plugin:form] use = repoze.who.plugins.form:make_redirecting_plugin login_form_url = /account/signin login_handler_path = /account/login logout_handler_path = /account/logout [identifiers] plugins = form;browser auth_tkt i created a form on /account/signin, but it doesnt find the identity? what has to be on the form?

    Read the article

  • apache mod_rewrite regex problem with multiple parameter

    - by iko
    Regular expressions have always been my pet peeves. Every time I think that I finally got it I have a new problem ! I want to catch url like this : http://www.mydomain.com/boutique/blabla-1/bla-bla2/99/104 http://www.mydomain.com/boutique/blabla1/99 and eventually : http://www.mydomain.com/boutique/blabla-1/bla-bla2/product1/99/104/55/ after a lot of tries and errors I came up with this which seems to work with http://www.gskinner.com/RegExr/ but not in apache ^.*/boutique/([a-zA-Z-]*)(/?[a-zA-Z-]*)/?([0-9]*)/?([0-9]*)/?$ boutique.php?c1=$3&c2=$4 (I was only working with the first two url so far) MY apache rewrite log debug files are helpless : pass through /Users/iko/Sites/mysite/boutique.php I'm only interrested in getting the ids. Any help we'll be welcomed ! Thank you.

    Read the article

  • Django website on Apache with wsgi failing

    - by notagain
    I have a website I've built in django that I'm trying to get working on our corporate Apache server (on debian) for our intranet at my workplace. Unfortunately, Apache keeps returning server errors whenever I try to navigate to my site. Although I can navigate to the statics folder. My Apache config and wsgi script look like the following... lbirdf.wsgi import os import sys sys.path.append('/home/lbi/rdfweb/web') sys.path.append('/home/lbi/rdfweb/lbirdf') os.environ['DJANGO_SETTINGS_MODULE'] = 'lbirdf.settings_production' import django.core.handlers.wsgi application = django.core.handlers.wsgi.WSGIHandler() Apache config Listen 8080 <VirtualHost *:8080> ServerName server1 WSGIScriptAlias /rdfweb /home/lbi/rdfweb/web/lbirdf/apache/lbirdf.wsgi Alias /statics /home/lbi/rdfweb/web/lbirdf/statics Alias /admin_media /home/lbi/rdfweb/web/lbirdf/admin_media <Directory /home/lbi/rdfweb/web/lbirdf/apache> Order allow,deny Allow from all </Directory> <Directory /home/lbi/rdfweb/web/lbirdf/admin_media> Order allow,deny Allow from all </Directory> </VirtualHost> Any ideas on where I might be going wrong?

    Read the article

  • Case Insensitive URLs with mod_rewrite

    - by Paul Tarjan
    I'd like for any url that doesn't hit an existing file, to do a lookup on the other possible cases and see if those files exist, and if so, 302 to them. If that's not possible, then I'm ok with these compromises: Only check the lowercase version Only check the first path portion For example http://example.com/CoOl/PaTH/CaMELcaSE should redirect to http://example.com/cool/path/camelCase (assuming the latter exists). but of course a full solution is much more useful to me and others

    Read the article

  • Apache modules: C module vs mod_wsgi python module - Performance

    - by Gopal
    Hi A client of ours is asking us to implement a module in C in Apache webserver for performance reasons. This module should handle RESTful uri's, access a database and return results in json format. Many people here have recommended python mod_wsgi instead - but for simplicity of programming reasons. Can anyone tell me if there is a significant difference in performance between the mod_wsgi python solution vs. the Apache + C.module. Any anecdotes? Pointers to some study posted online?

    Read the article

  • Django logs: any tutorial to log to a file

    - by Algorist
    Hi, I am working with a django project, I haven't started. The developed working on the project left. During the knowledge transfer, it was told to me that all the events are logged to the database. I don't find the database interface useful to search for logs and sometimes they don't even log(I might be wrong). I want to know, if there is an easy tutorial that explains how to enable logging in Django with minimal configuration changes. Thank you Bala

    Read the article

  • Websphere exception handling

    - by Benjamin
    Hi all, From a security standpoint, what is the best solution to handle application errors with Websphere? I've been thinking of creating a class that is called every time an application error is generated, log the error and display a generic error message to the users. In PHP this can be achieved using the set_exception_handler() function. Is there something similar for websphere that could be configured in the web.xml? I've found codes like this on the internet: <error-page> <error-code>500</error-code> <location>/servlet/ExceptionHandlerServlet</location> </error-page> But that would only work with "500" HTTP error codes. I really want something generic that catches everything. Something like a class that implements a certain interface which can have access to all information about the error. Thanks for your time.

    Read the article

  • Mod_rewrite Help !

    - by lixon
    RewriteEngine on Rewriterule ^(.*).htm $1.php This works fine when i try to access every php page But how could i make it RewriteRule ^/somepage $ /somepage.php (its not working ) if the page is about.php the url should be about/ (directory type) Please help me . Thanks in advance!

    Read the article

  • mod_rewrite RewriteRule is not working

    - by buggy1985
    Hi, This is a follow-up of this question: Rewrite URL - how to get the hostname and the path? I got this Rewrite Rule: RewriteEngine On RewriteRule ^(http://[-A-Za-z0-9+&@#/%=~_|!:,.;]*)/([-A-Za-z0-9+&@#/%=~_|!:,.;]*)\?([A-Za-z0-9+&@#/%=~_|!:,.;]*)$ http://http://www.xmldomain.com/bla/$2?$3&rtype=xslt&xsl=$1/$2.xsl it seems to be correct, and exactly what I need. But it doesn't work on my server. I get a 404 page not found error. mod_rewrite is enabled, as the following simple rule is working fine: RewriteEngine On RewriteRule ^page/([^/\.]+)/?$ index.php?page=$1 [L] Can you help? Thanks

    Read the article

  • .htaccess rewrite not working

    - by snumb130
    I need help with a rewrite in .htaccess. I am trying to do the following: When a user types http://www.example.com/csc/alabama/ I need to pull info from http://www.example.com/csc/index.php?state=alabama I thought it should be this Options +FollowSymLinks RewriteEngine On RewriteRule ^csc/([^/]*)$ /csc/index.php?state=$1 [L] I keep getting a 404 error. On a side note, I would like to be able to do this with a generic sub-directory, so that csc could be abc or anything else but this is not the priority.

    Read the article

  • .htaccess URL is being cut at a space (I'm using Codeigniter)

    - by Ice
    I've used the following code to map https://live.example.com on to http://example.com/api Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTPS} =on RewriteCond %{HTTP_HOST} ^live\.example\.com [NC] RewriteRule (.+)$ "http://example.com/api/$1" [L,P] The following url: https://live.example.com/userlinks/xml/John%20James/MvPjeUTo15/ Is suppose to map onto: http://example.com/api/userlinks/xml/John%20James/MvPjeUTo15/ Instead it maps it to: http://example.com/api/userlinks/xml/John So it seems to cut it at the space. I am using the Codeigniter framework but I am not sure if the problem lies there. Also using %20 or just a space in the url bar produces no different results. Anyone any idea and/or solution why this happens? Thank you very much, Ice

    Read the article

  • Secure database connection. DAL .net architecture best practice

    - by Andrew Florko
    We have several applications that are installed in several departments that interact with database via Intranet. Users tend to use weak passwords or store login/password written on a shits of paper where everybody can see them. I'm worried about login/password leakage & want to minimize consequences. Minimizing database-server attack surface by hiding database-server from Intranet access would be a great idea also. I'm thinking about intermediary data access service method-based security. It seems more flexible than table-based or connection-based database-server one. This approach also allows to hide database-server from public Intranet. What kind of .net technologies and best practices would you suggest? Thank in you in advance!

    Read the article

  • Django and mod_python intermittent error?

    - by Peter
    I have a Django site at http://sm.rutgers.edu/relive/af_api/index/. It is supposed to display "Home of the relive APIs". If you refresh this page many times, you can see different renderings. 1) The expected page. 2) Django "It worked!" page. 3) "ImportError at /index/" page. If you scroll down enough to ROOT_URLCONF part, you will see it says 'relive.urls'. But apparently, it should be 'af_api.urls', which is in my settings.py file. Since these results happen randomly, is it possible that either Django or mod_python is working unstably?

    Read the article

  • RewriteCond and RewriteRule newbie

    - by mybrokengnome
    I'm taking over a website for a client that is running on a custom built CMS (that I didn't write). I don't mess with .htaccess files usually because a lot of the hosting I do is on IIS, or I used WordPress as a CMS and don't have to worry about messing with the .htaccess file. Here's the contents of the file: RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ framework.php?%{QUERY_STRING}&resource=$1& [L] I get what it's doing (sending all requests through the framework.php file). The client wants a WordPress blog added to their site. I'm placing it in a /blog/ folder. The problem is that because of the rewrite rules and conditions in the .htaccess file whenever I try to go /blog/ the other CMS freaks out because it doesn't like me trying to go there. My question is how do I write a rule/cond that tells apache to send all requests made to the /blog/ folder to the /blog/ folder, but keep all other requests piped through the framework.php file like it is now? Any help is appreciated, thanks!

    Read the article

  • Relative Paths, etc. on an Apache server

    - by Matt H.
    I'm really stuck here. I have 2 issues at once: First, my site is stored (both on local development and on live server), in a subdirectory.. as I'm working on multiple sites. i.e. /Sites/www.mysite.com/(site files here) When I'm referring to files in my web pages, I want to refer to, say, my /images directory without hard-coding every occurrence as /www.mysite.com/images/myfile.jpg Is there a way to simply redefine how the leading "/" gets interpreted by the server? Question two, concerning PHP mod_rewrite I have this set of rewrite rules. The objective is to turn www.mysite.com/faq into www.mysite.com/index.php?page="faq" RewriteEngine On RewriteCond %{REQUEST_URI} !mysite.com RewriteRule (.*) mysite.com/$1 RewriteRule ^([a-zA-Z0-9_-]+)$ /mysite.com/index.php?site=$1 RewriteRule ^([a-zA-Z0-9_-]+)/$ /mysite.com/index.php?site=$1 I don't have a problem when a url gets passed in the 2nd-to-last format (as the example above). However, if the trailing "/" is added: www.mysite.com/faq/, my external script references break: (such as src=js/script.js)...

    Read the article

  • .htaccess Redirect Loop, adding multiple .php extensions

    - by Ryan Smith
    I have sort of a small parent/teacher social network set up for my school. I use my .htaccess file to make the links to teacher profiles cleaner and to add a trailing slash to all urls. I get this problem when going to /teachers/teacher-name/ the link (sometimes) redirects to /teachers/teacher-name.php.php.php.php.php.php.php.php... Below is my .htaccess file. Sometimes if I clear my browser cache in Chrome it temporarily fixes it. I can't exactly wright .htaccess syntax, but I'm pretty familiar with it. Any suggestions are appreciated! RewriteEngine on RewriteBase / #remove php ext RewriteEngine on RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME}\.php -f RewriteRule ^([^/]+)/$ $1.php RewriteRule ^([^/]+)/([^/]+)/$ $1/$2.php #force trailing slash/ RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)([^/])$ /$1$2/ [L,R=301] #other rewrites RewriteRule ^teachers/([^/\.]+)/$ /teachers/profile.php?u=$1 RewriteRule ^teachers/([^/\.]+)/posts/$ /teachers/posts.php?u=$1 RewriteRule ^teachers/([^/\.]+)/posts/([^/\.]+)/$ /teachers/post.php?u=$1&p=$2 RewriteRule ^gallery/([^/\.]+)/$ /gallery/album.php?n=$1 RewriteRule ^gallery/([^/\.]+)/slideshow/$ /gallery/slideshow.php?n=$1 RewriteRule ^gallery/([^/\.]+)/([^/\.]+)/([^/\.]+)/$ /gallery/photo.php?a=$1&p=$2&e=$3 EDIT:I have attached a screenshot of exactly what I'm talking about.

    Read the article

  • session is lost after successful login?

    - by sword101
    greetings all um using spring security 3.0.2,all the application pages are secured to see them you must be authenticated um using https protocol i have a strange problem that after successful login and got to the requested page when try to open any link to other pages in the application the session is invalidated or lost or what happened i don't know and the user become anonymous,and redirected to the login page and i got this from debugging: No HttpSession currently exists No SecurityContext was available from the HttpSession: null. A new one will be created. after reviewing the coe many times,nothing in the code is invalidating the session,any ideas why something like this might happen?

    Read the article

  • SQLAlchemy Expression Language problem

    - by Torkel
    I'm trying to convert this to something sqlalchemy expression language compatible, I don't know if it's possible out of box and are hoping someone more experienced can help me along. The backend is PostgreSQL and if I can't make it as an expression I'll create a string instead. SELECT DISTINCT date_trunc('month', x.x) as date, COALESCE(b.res1, 0) AS res1, COALESCE(b.res2, 0) AS res2 FROM generate_series( date_trunc('year', now() - interval '1 years'), date_trunc('year', now() + interval '1 years'), interval '1 months' ) AS x LEFT OUTER JOIN( SELECT date_trunc('month', access_datetime) AS when, count(NULLIF(resource_id != 1, TRUE)) AS res1, count(NULLIF(resource_id != 2, TRUE)) AS res2 FROM tracking_entries GROUP BY date_trunc('month', access_datetime) ) AS b ON (date_trunc('month', x.x) = b.when) First of all I got a class TrackingEntry mapped to tracking_entries, the select statement within the outer joined can be converted to something like (pseudocode):: from sqlalchemy.sql import func, select from datetime import datetime, timedelta stmt = select([ func.date_trunc('month', TrackingEntry.resource_id).label('when'), func.count(func.nullif(TrackingEntry.resource_id != 1, True)).label('res1'), func.count(func.nullif(TrackingEntry.resource_id != 2, True)).label('res2') ], group_by=[func.date_trunc('month', TrackingEntry.access_datetime), ]) Considering the outer select statement I have no idea how to build it, my guess is something like: outer = select([ func.distinct(func.date_trunc('month', ?)).label('date'), func.coalesce(?.res1, 0).label('res1'), func.coalesce(?.res2, 0).label('res2') ], from_obj=[ func.generate_series( datetime.now(), datetime.now() + timedelta(days=365), timedelta(days=1) ).label(x) ]) Then I suppose I have to link those statements together without using foreign keys: outer.outerjoin(stmt???).??(func.date_trunc('month', ?.?), ?.when) Anyone got any suggestions or even better a solution?

    Read the article

  • Best practice for setting up wsgi on root directory?

    - by Timmy
    what's the best ways to mix static files and wsgi app served on the root directory? http://code.google.com/p/modwsgi/wiki/QuickConfigurationGuide recommends setting up WSGIScriptAlias / /usr/local/www/wsgi-scripts/myapp.wsgi and alias other directories and files: Alias /robots.txt /usr/local/www/documents/robots.txt Alias /favicon.ico /usr/local/www/documents/favicon.ico Alias /media/ /usr/local/www/documents/media/ is there a cleaner way to do this?

    Read the article

  • apache: basic authentication before rewrite

    - by pyro
    I have an apache in frontend that redirect a request via a rewrite rule. I have to put a basic authentication before redirect a request, so I put this in the config file: <VirtualHost *:443> ServerAdmin xxxxxx DocumentRoot /var/www/html/ ServerName xxxxxxx RewriteEngine on ErrorLog logs/error.log CustomLog logs/access_log common <Directory /var/www/html/> AuthType Basic AuthName "Restricted Files" AuthUserFile /etc/httpd/conf/tag.pwd Require valid-user RewriteRule ^/(.*) http://xxxxxx:xxx/$1 [P,L] </Directory> </VirtualHost> But doesn't work. Any suggestions?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 193 194 195 196 197 198 199 200 201 202 203 204  | Next Page >