Search Results

Search found 14878 results on 596 pages for 'mod security'.

Page 204/596 | < Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211 | Next Page >

Configure Django project in a subdirectory using mod_python. Admin not working.

- by David

HI guys. I was trying to configure my django project in a subdirectory of the root, but didn't get things working.(LOcally it works perfect). I followed the django official django documentarion to deploy a project with mod_python. The real problem is that I am getting "Page not found" errors, whenever I try to go to the admin or any view of my apps. Here is my python.conf file located in /etc/httpd/conf.d/ in Fedora 7 LoadModule python_module modules/mod_python.so SetHandler python-program PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE mysite.settings PythonOption django.root /mysite PythonDebug On PythonPath "['/var/www/vhosts/mysite.com/httpdocs','/var/www/vhosts/mysite.com/httpdocs/mysite'] + sys.path" I know /var/www/ is not the best place to put my django project, but I just want to send a demo of my work in progress to my customer, later I will change the location. For example. If I go to www.domain.com/mysite/ I get the index view I configured in mysite.urls. But I cannot access to my app.urls (www.domain.com/mysite/app/) and any of the admin.urls.(www.domain.com/mysite/admin/) Here is mysite.urls: urlpatterns = patterns('', url(r'^admin/password_reset/$', 'django.contrib.auth.views.password_reset', name='password_reset'), (r'^password_reset/done/$', 'django.contrib.auth.views.password_reset_done'), (r'^reset/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/$', 'django.contrib.auth.views.password_reset_confirm'), (r'^reset/done/$', 'django.contrib.auth.views.password_reset_complete'), (r'^$', 'app.views.index'), (r'^admin/', include(admin.site.urls)), (r'^app/', include('mysite.app.urls')), (r'^photologue/', include('photologue.urls')), ) I also tried changing admin.site.urls with ''django.contrib.admin.urls' , but it didn't worked. I googled a lot to solve this problem and read how other developers configure their django project, but didn't find too much information to deploy django in a subdirectory. I have the admin enabled in INSTALLED_APPS and the settings.py is ok. Please if you have any guide or telling me what I am doing wrong it will be much appreciated. THanks.

Read the article
mod_rewrite and relative urls

- by Davide Gualano

I'm setting up some simple url rewriting rules using mod_rewrite and a .htacces file, but I've got some problems. If I set up the .htacces this way: Options +FollowSymLinks RewriteEngine On RewriteBase / RewriteRule /index.html /index.php [L] when I call from the browser this url: http://localhost/~dave/mySite/index.html I got a 404 error. Using this .htacces instead Options +FollowSymLinks RewriteEngine On RewriteBase / RewriteRule /index.html http://localhost/~dave/mySite/index.php [L] everything works fine and I get the index.php page I'm expecting. Am I forced to user absolute urls as the target of a rewrite? Is this a Apache configuration problem? I'm using Max OS X 10.6.2 with its standard Apache installation.

Read the article
How to send file from C# to apache with mod_wsgi (django) and python?

- by SuitUp

How to send file from C# to apache with mod_wsgi (django) and python? It will be nice to see code example in both c# (client) and python (server).

Read the article
Rewrite URL based on file existence check

- by Anthony Faull

I need to redirect web requests of the form /{language}-{country}/{file} to: /{language}-{country}/{file} if it exists, otherwise /{language}/{file} if it exists, otherwise /en-US/{file} The existing .htaccess fulfils requirements 1 and 3. What changes do I need to fulfil requirement 2? .htaccess: Options +FollowSymLinks RewriteEngine On RewriteCond $0 !i18n/en-US [NC] RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(i18n)/([^/]+)/(.*)$ $1/en-US/$3 [NC,L]

Read the article
Rewrite css/js paths

- by wooptoo

So I rewrote my paths to something like: URL/really/nice/paths/ using mod_rewrite rules like this: <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?url=$1 [PT,L] </IfModule> The question is how could I rewrite the paths for js/css/image files too, so when they are requested with a relative path from URL/really/nice/path/ to be served from URL/scripts/, URL/styles/ and URL/images/ folders instead? Can this be done without using RewriteBase?

Read the article
htaccess redirect to subfolder with same path attached?

- by Josh

How can I go about redirecting my old URLs which would have been: http:// blah.com/some/post/name to the new URLs which would be: http:// blah.com/new/some/post/name Is this even possible? I don't want to simply redirect any requests for the blah.com domain to blah.com/new I want to make sure the subpath is still attached to the redirect

Read the article
mod_rewrite browser trying to get content from non-existant dir

- by humgl

I have my mod_rewrite set up so that it redirects all requests that aren't targeting existing files or directories to index.php?req=* where * is the request. Works all fine but when I send the browser to something like this: http://myurl/A/B/C The browser tries to find all images, stylesheets in the non-existing folder C. How can I make the browser to look in / instead of the 'virtual' directory? Do I have to put an absolute path everywhere?

Read the article
Help mod_rewrite to Zeus

- by FFish

I just found out my host is on ZEUS.. Please can somebody help me with my rewrites: domain.com/001234 redirects to domain.com/001234-some-keywords.html Apache: RewriteRule ^([0-9]{6}+)/?$ includes/redirect.php?ref=$1 [L] RewriteRule ^([0-9]{6})-.*?\.html$ templates/default/index.php?ref=$1 [L] tried this in Zeus: match URL into $ with ^([0-9]{6}+)/?$ if matched then set URL = includes/redirect.php?ref=$1 endif match URL into $ with ^id/([0-9]+)/?$ if matched then set URL = home/content.php?id=$1 endif

Read the article
Web Application - Authentication / Login Framework

- by user456563

This is a very simple, probably a most asked question and frequently developed as part of any web application. Say I'm planning to build a web application and some of the functional requirements include (apart from the usual hard hitting security reqs), - Need to have users sign up for a new account profile - Authenticate user using the native app authentication / Facebook or Google or Yahoo or OpenId login - Allow lost password retrieval - Session handling needs Is there an out of the box frameworks (Drupal, Liferay??) that I can use to wrap my application which can be a bunch of JSP's or HTML's with JS? I know I'm asking a very simple and maybe a naive question. But this is a topic every web developer guru will go thru. Any help, advise and pointers much appreciated.

Read the article
URL rewrite to remove parameters

- by samoyed

Hello to all, I'm working on a site where all the pages are actually index.php + a 'name' parameter that is analyzed and loads the appropriate template and content. the homepage url is: http://www.some_site.com/?page=homepage 1. i was asked to "change" the homepage url to: http://www.some_site.com can i use url rewite and htaccess for that and if so, what should i write there? working on my local machine, i tried this code (mode rewrite is enabled): <IfModule mod_rewrite.c> Options +FollowSymLinks RewriteEngine On RewriteRule /index.php /index.php?page=homepage </IfModule> i would still need the 'name' parameter to be available to the php code of course, so i can load the template and css files. 2. it would be nice for other pages (not homepage) to be converted from (example) http://www.some_site.com/?page=products to: http://www.some_site.com/products this is less crucial. thanx in advance and have a nice day :-)

Read the article
Securing an ajax request

- by asdasdsa

i have a website that uses session cookies for security. it works fine and all, but any ajax requests right now are not secure. example being lets say a user is on a page. they can only get to this page if they are logged in with a session - so far so good. but now the ajax request they ask for is ajaxpages/somepage.php?somevar=something&anothervar=something if any other user decides to just go to that link themselves (without a session) they still get the same ajax output that was meant for logged in people. so obviously im going to have to pass session data across when i send an ajax request. anyone have any tips for the best way of doing this? ive never done this before and would rather use trusted methods than make up my own.

Read the article
having trouble with a mod_rewrite rule

- by Jeff

want to rewrite urls like site.com/software to wp-content/themes/dir/software.php and something is not working.. Here's what I have: RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] RewriteRule ^software wp-content/themes/dir/software.php [L] Thanks!

Read the article
Making an asynchronous interface appear synchronous to mod_python users

- by Trey

I have a Python-driven web interface powered by Apache 2.2 with mod_python and Python 2.4. I need to make an asynchronous process appear synchronous to users of this web interface. When users access one module on this website: An external SOAP interface will be contacted with a unique identifier and will respond with a number N The external interface will respond asynchronously by contacting a SOAP server on my machine between 1 and 10 times (the number N tells us how many responses we will receive) I need to somehow aggregate these responses and pass them to the original module which will display the information back to the user. The goal is to make the process appear synchronous to the user. What is the best way to handle this synchronization issue? Is this something Twisted would be well-suited for? I am not restricting myself to Python for the solution, though it is preferred because everything else on the server is in Python. I prefer a solution that is both scalable and will take a minimal amount of programming time (though I understand that these attributes are somewhat at odds).

Read the article
Sql server execute permission; failure to apply permissions

- by WestDiscGolf

I've just migrated from SQL2000 to SQL2008 and I have started getting an execute permission issue on a stored proc which uses sp_OACreate. The rest of the system works fine with the db login which has been setup and added to the database. I've tried: USE master GO GRANT EXEC ON sp_OACreate TO [dbuser] GO But this fails with the following error: Msg 15151, Level 16, State 1, Line 1 Cannot find the user 'dbuser', because it does not exist or you do not have permission. I'm logged into the server as sa with full permissions. I can execute a similar sql statement and apply the permissions to a server role, however not a login/user. How do I apply the changes to the specific user/login? I can apply the permissions to the public role and it resolves my issue; however this seems to be a security issue to me which I don't really want to apply to the live server.

Read the article
Established javascript solution for secure registration & authentication without SSL

- by Tomas

Is there any solution for secure user registration and authentication without SSL? With "secure" I mean safe from passive eavesdropping, not from man-in-the-middle (I'm aware that only SSL with signed certificate will reach this degree of security). The registration (password setup, i.e. exchanging of pre-shared keys) must be also secured without SSL (this will be the hardest part I guess). I prefer established and well tested solution. If possible, I don't want to reinvent the wheel and make up my own cryptographic protocols. Thanks in advance.

Read the article
.htaccess: subdomain issue

- by Oden

Hey, How can i redirect a subdomain call to a folder? So when the site, sub.domain.com is requested I want to redirect it to show the content of domain.com/sub/ The server is configured to add every request to the domain, but i get a 404 page everytime i do a non-defined subdomain call (witch is trivial, because theres nothing defined) So the question is: How to solve this, with .htaccess?

Read the article
.htaccess: subdomain to sub-folder

- by Oden

Hey, How can i redirect a subdomain call to a folder? So when the site, sub.domain.com is requested, the name of the subdomain should point to a subfolder. The server is configured to add every request to the domain, but i get a 404 page everytime i do a non-defined subdomain call (witch is trivial, because theres nothing defined) EDIT my request looks like this: sub.domain.com What and i want to get that it works like a "virtual subdomain", because it has to request a folder with the same name that the subdomain. (domain.com/sub/) So the question is: How to solve this, with .htaccess?

Read the article
Django urlconf AND .htaccess rewrites, is this possible?

- by Infinity

Is it possible to have Apache htaccess rewrites take effect before it hits django? For example so I can redirect iPhone users to a completely different domain without even hitting django. Thanks

Read the article
getting error 500 with .htaccess when pointing an existing file / folder (mod_rewrite)

- by Leto

i made a simple .htaccess file to expose the problem. I want that all request made to the folder redirect to a subfolder file "app/index.php" RewriteEngine On RewriteRule (.*) app/index.php [QSA] And this works fine on with the basic url of my hoster (like http//myname.hosting.com/htaccessFolder The problem is that i have a domain pointing on this folder, and when accessed to it, server return Internal Server Error 500. If i do this : RewriteEngine On RewriteRule (.*) somefile.php [QSA] Redirection works only when file does not exists (404 not found error occured). when the file exists i get a 500 error too. I've asked the hosting support without success for the moment..

Read the article
.htaccess url rewrite with ssl redirection

- by Stuart McAlpine

I'm having trouble combining a url query parameter rewrite (fancy-url) with a .htaccess ssl redirection. My .htaccess file is currently: Options +FollowSymLinks Options -Indexes ServerSignature Off RewriteEngine on RewriteBase / # in https: process secure.html in https RewriteCond %{server_port} =443 RewriteCond $1 ^secure$ [NC] RewriteRule ^(.+).html$ index.php?page=$1 [QSA,L] # in https: force all other pages to http RewriteCond %{server_port} =443 RewriteCond $1 !^secure$ [NC] RewriteRule ^(.+).html$ http://%{HTTP_HOST}%{REQUEST_URI} [QSA,N] # in http: force secure.html to https RewriteCond %{server_port} !=443 RewriteCond $1 ^secure$ [NC] RewriteRule ^(.+).html$ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,N] # in http: process other pages as http RewriteCond %{server_port} !=443 RewriteCond $1 !^secure$ [NC] RewriteRule ^(.+).html$ index.php?page=$1 [QSA,L] The fancy-url rewriting is working fine but the redirection to/from https isn't working at all. If I replace the 2 lines containing RewriteRule ^(.+).html$ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,N] with RewriteRule ^(.+).html$ https://%{HTTP_HOST}/index.php?page=$1 [QSA,L] then the https redirection works fine but the fancy-url rewriting doesn't work. Is it possible to combine these two?

Read the article
How long can a hash left out in the open be considered safe?

- by Xeoncross

If I were to leave a SHA2 family hash out on my website - how long would it be considered safe? How long would I have before I could be sure that someone would find a collision for it and know what was hashed? I know that the amount of time would be based on the computational power of the one seeking to break it. It would also depend on the string length, but I'm curious just how secure hashes are. Since many of us run web-servers we constantly have to be prepared for the day when someone might make it all the way to the database which stores the user hashes. So, move the server security out of the way and then what do you have? This is a slightly theoretical area for many of the people I have talked with, so I would love to actually have some more information about average expectations for cracking.

Read the article
Secure to store an ID in an ASP.NET control ID?

- by Curtis White

I'm auto-generating a form in my ASP.NET page. This is already tested and working. I want to know if: If there are any security problems with storing the database ID as part of my controls ID? I can see think of 2 issues: the id will be visible in page source (not really important in this case), and the possibility someone could change the name of the control somehow? This second possibility is more serious. Is this a potential problem and how to void it? If there would be a better preferred way to associate a unique data with any type of control? Is it possible to store a custom item in the viewstate for the control?

Read the article
Getting rid of index.php in the URL when using recess framework and lighttpd

- by spudnik1979

I am using the recess php framework with lighttpd Does anyone know how I can use the shorter urls of: http://www.myserver.com/recess Instead of: http://www.myserver.com/index.php/recess The recess readme file says that if I have mod_rewrite I can use the shorter url: -- "Do you have mod_rewrite? -- Yes: Open your browser to the location you unzipped -- No: Open your browser to the location you unzipped followed by index.php" I do have mod_rewrite enabled on lighttpd and i have removed the index.php but I get a 404. Do I need any special rules in my lighttpd.conf?

Read the article
Can Spring access-denied-handler refer to popup?

- by Rens Groenveld

I am working with Spring Security 3.1.x and have implemented method annotation securities. As I want, when I perform a certain action while being logged in as a used that doesn't have the rights, I get a 403 acces is denied in my console! Perfect! Now I would like to catch this 403, and give the user a popup with a custom message. I don't want to redirect users to a page saying that they have no rights. Is there any way the access-denied-handler of Spring can take care of a popup? Or can it only redirect to another page? Maybe there are other options for me? Thanks in advance!

Read the article
Apache Rewrite Exclusion

- by dtufano

Hey guys! I'm having trouble figuring out how to exclude /public/bin from this rewrite rule RewriteCond %{REQUEST_URI} !firerift.php RewriteRule ^(.*)$ firerift.php/$1 [L,QSA,NC] Any help would be appreciated.

Read the article

< Previous Page | 200 201 202 203 204 205 206 207 208 209 210 211 | Next Page >