Search Results

Search found 794 results on 32 pages for 'x forwarded for'.

Page 27/32 | < Previous Page | 23 24 25 26 27 28 29 30 31 32  | Next Page >

  • I'm having trouble getting my server to appear online.

    - by JMRboosties
    Total newb question I'm sure. First I had installed WAMP (http://www.wampserver.com), and I was able to access my pages from other computers in my router network, and the virtual device used to debug Android programs (the purpose of my having a server). This functionality failed, however, at some point over these past few days. While my own browser displays the pages just fine, other computers, my Android phone (on our room's wifi), and my virtual device are no longer able to connect to my pages. I had not made any changes in the settings. I uninstalled WAMP and installed EasyPHP. However, the problem was not resolved. I know this is rather vague, but does anyone here have an idea of what may have happened? I forwarded both port 80 (I know its the default HTTP port, I did it just to be safe), and now port 8888 which EasyPHP uses. I turned my firewall on my hosting computer off for good measure. I cannot access my pages from neither remote computers or computers using my router. Any ideas you may have on how to resolve this would be awesome, thanks a lot. And if you need anymore info please tell me.

    Read the article

  • Squid + Dans Guardian (simple configuration)

    - by The Digital Ninja
    I just built a new proxy server and compiled the latest versions of squid and dansguardian. We use basic authentication to select what users are allowed outside of our network. It seems squid is working just fine and accepts my username and password and lets me out. But if i connect to dans guardian, it prompts for username and password and then displays a message saying my username is not allowed to access the internet. Its pulling my username for the error message so i know it knows who i am. The part i get confused on is i thought that part was handled all by squid, and squid is working flawlessly. Can someone please double check my config files and tell me if i'm missing something or there is some new option i must set to get this to work. dansguardian.conf # Web Access Denied Reporting (does not affect logging) # # -1 = log, but do not block - Stealth mode # 0 = just say 'Access Denied' # 1 = report why but not what denied phrase # 2 = report fully # 3 = use HTML template file (accessdeniedaddress ignored) - recommended # reportinglevel = 3 # Language dir where languages are stored for internationalisation. # The HTML template within this dir is only used when reportinglevel # is set to 3. When used, DansGuardian will display the HTML file instead of # using the perl cgi script. This option is faster, cleaner # and easier to customise the access denied page. # The language file is used no matter what setting however. # languagedir = '/etc/dansguardian/languages' # language to use from languagedir. language = 'ukenglish' # Logging Settings # # 0 = none 1 = just denied 2 = all text based 3 = all requests loglevel = 3 # Log Exception Hits # Log if an exception (user, ip, URL, phrase) is matched and so # the page gets let through. Can be useful for diagnosing # why a site gets through the filter. on | off logexceptionhits = on # Log File Format # 1 = DansGuardian format 2 = CSV-style format # 3 = Squid Log File Format 4 = Tab delimited logfileformat = 1 # Log file location # # Defines the log directory and filename. #loglocation = '/var/log/dansguardian/access.log' # Network Settings # # the IP that DansGuardian listens on. If left blank DansGuardian will # listen on all IPs. That would include all NICs, loopback, modem, etc. # Normally you would have your firewall protecting this, but if you want # you can limit it to only 1 IP. Yes only one. filterip = # the port that DansGuardian listens to. filterport = 8080 # the ip of the proxy (default is the loopback - i.e. this server) proxyip = 127.0.0.1 # the port DansGuardian connects to proxy on proxyport = 3128 # accessdeniedaddress is the address of your web server to which the cgi # dansguardian reporting script was copied # Do NOT change from the default if you are not using the cgi. # accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl' # Non standard delimiter (only used with accessdeniedaddress) # Default is enabled but to go back to the original standard mode dissable it. nonstandarddelimiter = on # Banned image replacement # Images that are banned due to domain/url/etc reasons including those # in the adverts blacklists can be replaced by an image. This will, # for example, hide images from advert sites and remove broken image # icons from banned domains. # 0 = off # 1 = on (default) usecustombannedimage = 1 custombannedimagefile = '/etc/dansguardian/transparent1x1.gif' # Filter groups options # filtergroups sets the number of filter groups. A filter group is a set of content # filtering options you can apply to a group of users. The value must be 1 or more. # DansGuardian will automatically look for dansguardianfN.conf where N is the filter # group. To assign users to groups use the filtergroupslist option. All users default # to filter group 1. You must have some sort of authentication to be able to map users # to a group. The more filter groups the more copies of the lists will be in RAM so # use as few as possible. filtergroups = 1 filtergroupslist = '/etc/dansguardian/filtergroupslist' # Authentication files location bannediplist = '/etc/dansguardian/bannediplist' exceptioniplist = '/etc/dansguardian/exceptioniplist' banneduserlist = '/etc/dansguardian/banneduserlist' exceptionuserlist = '/etc/dansguardian/exceptionuserlist' # Show weighted phrases found # If enabled then the phrases found that made up the total which excedes # the naughtyness limit will be logged and, if the reporting level is # high enough, reported. on | off showweightedfound = on # Weighted phrase mode # There are 3 possible modes of operation: # 0 = off = do not use the weighted phrase feature. # 1 = on, normal = normal weighted phrase operation. # 2 = on, singular = each weighted phrase found only counts once on a page. # weightedphrasemode = 2 # Positive result caching for text URLs # Caches good pages so they don't need to be scanned again # 0 = off (recommended for ISPs with users with disimilar browsing) # 1000 = recommended for most users # 5000 = suggested max upper limit urlcachenumber = # # Age before they are stale and should be ignored in seconds # 0 = never # 900 = recommended = 15 mins urlcacheage = # Smart and Raw phrase content filtering options # Smart is where the multiple spaces and HTML are removed before phrase filtering # Raw is where the raw HTML including meta tags are phrase filtered # CPU usage can be effectively halved by using setting 0 or 1 # 0 = raw only # 1 = smart only # 2 = both (default) phrasefiltermode = 2 # Lower casing options # When a document is scanned the uppercase letters are converted to lower case # in order to compare them with the phrases. However this can break Big5 and # other 16-bit texts. If needed preserve the case. As of version 2.7.0 accented # characters are supported. # 0 = force lower case (default) # 1 = do not change case preservecase = 0 # Hex decoding options # When a document is scanned it can optionally convert %XX to chars. # If you find documents are getting past the phrase filtering due to encoding # then enable. However this can break Big5 and other 16-bit texts. # 0 = disabled (default) # 1 = enabled hexdecodecontent = 0 # Force Quick Search rather than DFA search algorithm # The current DFA implementation is not totally 16-bit character compatible # but is used by default as it handles large phrase lists much faster. # If you wish to use a large number of 16-bit character phrases then # enable this option. # 0 = off (default) # 1 = on (Big5 compatible) forcequicksearch = 0 # Reverse lookups for banned site and URLs. # If set to on, DansGuardian will look up the forward DNS for an IP URL # address and search for both in the banned site and URL lists. This would # prevent a user from simply entering the IP for a banned address. # It will reduce searching speed somewhat so unless you have a local caching # DNS server, leave it off and use the Blanket IP Block option in the # bannedsitelist file instead. reverseaddresslookups = off # Reverse lookups for banned and exception IP lists. # If set to on, DansGuardian will look up the forward DNS for the IP # of the connecting computer. This means you can put in hostnames in # the exceptioniplist and bannediplist. # It will reduce searching speed somewhat so unless you have a local DNS server, # leave it off. reverseclientiplookups = off # Build bannedsitelist and bannedurllist cache files. # This will compare the date stamp of the list file with the date stamp of # the cache file and will recreate as needed. # If a bsl or bul .processed file exists, then that will be used instead. # It will increase process start speed by 300%. On slow computers this will # be significant. Fast computers do not need this option. on | off createlistcachefiles = on # POST protection (web upload and forms) # does not block forms without any file upload, i.e. this is just for # blocking or limiting uploads # measured in kibibytes after MIME encoding and header bumph # use 0 for a complete block # use higher (e.g. 512 = 512Kbytes) for limiting # use -1 for no blocking #maxuploadsize = 512 #maxuploadsize = 0 maxuploadsize = -1 # Max content filter page size # Sometimes web servers label binary files as text which can be very # large which causes a huge drain on memory and cpu resources. # To counter this, you can limit the size of the document to be # filtered and get it to just pass it straight through. # This setting also applies to content regular expression modification. # The size is in Kibibytes - eg 2048 = 2Mb # use 0 for no limit maxcontentfiltersize = # Username identification methods (used in logging) # You can have as many methods as you want and not just one. The first one # will be used then if no username is found, the next will be used. # * proxyauth is for when basic proxy authentication is used (no good for # transparent proxying). # * ntlm is for when the proxy supports the MS NTLM authentication # protocol. (Only works with IE5.5 sp1 and later). **NOT IMPLEMENTED** # * ident is for when the others don't work. It will contact the computer # that the connection came from and try to connect to an identd server # and query it for the user owner of the connection. usernameidmethodproxyauth = on usernameidmethodntlm = off # **NOT IMPLEMENTED** usernameidmethodident = off # Preemptive banning - this means that if you have proxy auth enabled and a user accesses # a site banned by URL for example they will be denied straight away without a request # for their user and pass. This has the effect of requiring the user to visit a clean # site first before it knows who they are and thus maybe an admin user. # This is how DansGuardian has always worked but in some situations it is less than # ideal. So you can optionally disable it. Default is on. # As a side effect disabling this makes AD image replacement work better as the mime # type is know. preemptivebanning = on # Misc settings # if on it adds an X-Forwarded-For: <clientip> to the HTTP request # header. This may help solve some problem sites that need to know the # source ip. on | off forwardedfor = on # if on it uses the X-Forwarded-For: <clientip> to determine the client # IP. This is for when you have squid between the clients and DansGuardian. # Warning - headers are easily spoofed. on | off usexforwardedfor = off # if on it logs some debug info regarding fork()ing and accept()ing which # can usually be ignored. These are logged by syslog. It is safe to leave # it on or off logconnectionhandlingerrors = on # Fork pool options # sets the maximum number of processes to sporn to handle the incomming # connections. Max value usually 250 depending on OS. # On large sites you might want to try 180. maxchildren = 180 # sets the minimum number of processes to sporn to handle the incomming connections. # On large sites you might want to try 32. minchildren = 32 # sets the minimum number of processes to be kept ready to handle connections. # On large sites you might want to try 8. minsparechildren = 8 # sets the minimum number of processes to sporn when it runs out # On large sites you might want to try 10. preforkchildren = 10 # sets the maximum number of processes to have doing nothing. # When this many are spare it will cull some of them. # On large sites you might want to try 64. maxsparechildren = 64 # sets the maximum age of a child process before it croaks it. # This is the number of connections they handle before exiting. # On large sites you might want to try 10000. maxagechildren = 5000 # Process options # (Change these only if you really know what you are doing). # These options allow you to run multiple instances of DansGuardian on a single machine. # Remember to edit the log file path above also if that is your intention. # IPC filename # # Defines IPC server directory and filename used to communicate with the log process. ipcfilename = '/tmp/.dguardianipc' # URL list IPC filename # # Defines URL list IPC server directory and filename used to communicate with the URL # cache process. urlipcfilename = '/tmp/.dguardianurlipc' # PID filename # # Defines process id directory and filename. #pidfilename = '/var/run/dansguardian.pid' # Disable daemoning # If enabled the process will not fork into the background. # It is not usually advantageous to do this. # on|off ( defaults to off ) nodaemon = off # Disable logging process # on|off ( defaults to off ) nologger = off # Daemon runas user and group # This is the user that DansGuardian runs as. Normally the user/group nobody. # Uncomment to use. Defaults to the user set at compile time. # daemonuser = 'nobody' # daemongroup = 'nobody' # Soft restart # When on this disables the forced killing off all processes in the process group. # This is not to be confused with the -g run time option - they are not related. # on|off ( defaults to off ) softrestart = off maxcontentramcachescansize = 2000 maxcontentfilecachescansize = 20000 downloadmanager = '/etc/dansguardian/downloadmanagers/default.conf' authplugin = '/etc/dansguardian/authplugins/proxy-basic.conf' Squid.conf http_port 3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? cache deny QUERY acl apache rep_header Server ^Apache #broken_vary_encoding allow apache access_log /squid/var/logs/access.log squid hosts_file /etc/hosts auth_param basic program /squid/libexec/ncsa_auth /squid/etc/userbasic.auth auth_param basic children 5 auth_param basic realm proxy auth_param basic credentialsttl 2 hours auth_param basic casesensitive off refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl NoAuthNec src <HIDDEN FOR SECURITY> acl BrkRm src <HIDDEN FOR SECURITY> acl Dials src <HIDDEN FOR SECURITY> acl Comps src <HIDDEN FOR SECURITY> acl whsws dstdom_regex -i .opensuse.org .novell.com .suse.com mirror.mcs.an1.gov mirrors.kernerl.org www.suse.de suse.mirrors.tds.net mirrros.usc.edu ftp.ale.org suse.cs.utah.edu mirrors.usc.edu mirror.usc.an1.gov linux.nssl.noaa.gov noaa.gov .kernel.org ftp.ale.org ftp.gwdg.de .medibuntu.org mirrors.xmission.com .canonical.com .ubuntu. acl opensites dstdom_regex -i .mbsbooks.com .bowker.com .usps.com .usps.gov .ups.com .fedex.com go.microsoft.com .microsoft.com .apple.com toolbar.msn.com .contacts.msn.com update.services.openoffice.org fms2.pointroll.speedera.net services.wmdrm.windowsmedia.com windowsupdate.com .adobe.com .symantec.com .vitalbook.com vxn1.datawire.net vxn.datawire.net download.lavasoft.de .download.lavasoft.com .lavasoft.com updates.ls-servers.com .canadapost. .myyellow.com minirick symantecliveupdate.com wm.overdrive.com www.overdrive.com productactivation.one.microsoft.com www.update.microsoft.com testdrive.whoson.com www.columbia.k12.mo.us banners.wunderground.com .kofax.com .gotomeeting.com tools.google.com .dl.google.com .cache.googlevideo.com .gpdl.google.com .clients.google.com cache.pack.google.com kh.google.com maps.google.com auth.keyhole.com .contacts.msn.com .hrblock.com .taxcut.com .merchantadvantage.com .jtv.com .malwarebytes.org www.google-analytics.com dcs.support.xerox.com .dhl.com .webtrendslive.com javadl-esd.sun.com javadl-alt.sun.com .excelsior.edu .dhlglobalmail.com .nessus.org .foxitsoftware.com foxit.vo.llnwd.net installshield.com .mindjet.com .mediascouter.com media.us.elsevierhealth.com .xplana.com .govtrack.us sa.tulsacc.edu .omniture.com fpdownload.macromedia.com webservices.amazon.com acl password proxy_auth REQUIRED acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 563 631 2001 2005 8731 9001 9080 10000 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port # https, snews 443 563 acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port # unregistered ports 1936-65535 acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 10000 acl Safe_ports port 631 acl Safe_ports port 901 # SWAT acl purge method PURGE acl CONNECT method CONNECT acl UTubeUsers proxy_auth "/squid/etc/utubeusers.list" acl RestrictUTube dstdom_regex -i youtube.com acl RestrictFacebook dstdom_regex -i facebook.com acl FacebookUsers proxy_auth "/squid/etc/facebookusers.list" acl BuemerKEC src 10.10.128.0/24 acl MBSsortnet src 10.10.128.0/26 acl MSNExplorer browser -i MSN acl Printers src <HIDDEN FOR SECURITY> acl SpecialFolks src <HIDDEN FOR SECURITY> # streaming download acl fails rep_mime_type ^.*mms.* acl fails rep_mime_type ^.*ms-hdr.* acl fails rep_mime_type ^.*x-fcs.* acl fails rep_mime_type ^.*x-ms-asf.* acl fails2 urlpath_regex dvrplayer mediastream mms:// acl fails2 urlpath_regex \.asf$ \.afx$ \.flv$ \.swf$ acl deny_rep_mime_flashvideo rep_mime_type -i video/flv acl deny_rep_mime_shockwave rep_mime_type -i ^application/x-shockwave-flash$ acl x-type req_mime_type -i ^application/octet-stream$ acl x-type req_mime_type -i application/octet-stream acl x-type req_mime_type -i ^application/x-mplayer2$ acl x-type req_mime_type -i application/x-mplayer2 acl x-type req_mime_type -i ^application/x-oleobject$ acl x-type req_mime_type -i application/x-oleobject acl x-type req_mime_type -i application/x-pncmd acl x-type req_mime_type -i ^video/x-ms-asf$ acl x-type2 rep_mime_type -i ^application/octet-stream$ acl x-type2 rep_mime_type -i application/octet-stream acl x-type2 rep_mime_type -i ^application/x-mplayer2$ acl x-type2 rep_mime_type -i application/x-mplayer2 acl x-type2 rep_mime_type -i ^application/x-oleobject$ acl x-type2 rep_mime_type -i application/x-oleobject acl x-type2 rep_mime_type -i application/x-pncmd acl x-type2 rep_mime_type -i ^video/x-ms-asf$ acl RestrictHulu dstdom_regex -i hulu.com acl broken dstdomain cms.montgomerycollege.edu events.columbiamochamber.com members.columbiamochamber.com public.genexusserver.com acl RestrictVimeo dstdom_regex -i vimeo.com acl http_port port 80 #http_reply_access deny deny_rep_mime_flashvideo #http_reply_access deny deny_rep_mime_shockwave #streaming files #http_access deny fails #http_reply_access deny fails #http_access deny fails2 #http_reply_access deny fails2 #http_access deny x-type #http_reply_access deny x-type #http_access deny x-type2 #http_reply_access deny x-type2 follow_x_forwarded_for allow localhost acl_uses_indirect_client on log_uses_indirect_client on http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access allow SpecialFolks http_access deny CONNECT !SSL_ports http_access allow whsws http_access allow opensites http_access deny BuemerKEC !MBSsortnet http_access deny BrkRm RestrictUTube RestrictFacebook RestrictVimeo http_access allow RestrictUTube UTubeUsers http_access deny RestrictUTube http_access allow RestrictFacebook FacebookUsers http_access deny RestrictFacebook http_access deny RestrictHulu http_access allow NoAuthNec http_access allow BrkRm http_access allow FacebookUsers RestrictVimeo http_access deny RestrictVimeo http_access allow Comps http_access allow Dials http_access allow Printers http_access allow password http_access deny !Safe_ports http_access deny SSL_ports !CONNECT http_access allow http_port http_access deny all http_reply_access allow all icp_access allow all access_log /squid/var/logs/access.log squid visible_hostname proxy.site.com forwarded_for off coredump_dir /squid/cache/ #header_access Accept-Encoding deny broken #acl snmppublic snmp_community mysecretcommunity #snmp_port 3401 #snmp_access allow snmppublic all cache_mem 3 GB #acl snmppublic snmp_community mbssquid #snmp_port 3401 #snmp_access allow snmppublic all

    Read the article

  • Problems with MembershipUser / System.Web.ApplicationServices when upgrading to .net 4

    - by DaveK
    I have a large vb.net web project that I am trying to updgrade to .net4/VS2010. During compile I get the following error: 'System.Web.Security.MembershipUser' in assembly 'System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' has been forwarded to assembly 'System.Web.ApplicationServices'. Either a reference to 'System.Web.ApplicationServices' is missing from your project or the type 'System.Web.Security.MembershipUser' is missing from assembly 'System.Web.ApplicationServices'. I researched the issue and the error is accurate. I added a reference to System.Web.ApplicationServices but I am still having problems. The project does not seem to recognize that the reference has been added. Intellisense will not pick it up, I can not use it in an Import statement, etc ... The assembly is listed in the compile section of my web.config: <assemblies> ... <add assembly="System.Web.ApplicationServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/> </assemblies> Any ideas?

    Read the article

  • 550 5.7.1 our Bulk Email Senders Guidelines

    - by darkandcold
    Hello, I moved to a new server with integrated merak mail. since I forgot merak(used before), i missed to configure security options. So before I realize the issue, my smtp server was used by spammers for 2 days, hundreds times I configured security settings as what it should be (at least i hope) then i realize, i can't send e-mail to gmail or hotmail. gmail says "550 5.7.1 see our Bulk Email Senders Guidelines" yes, I saw its guidelines. first, I creat SPF records via msn senderID wizard. it completed very well. then as gmail says, I created DKIM dns records. (in Merak mail, there is option to create DKIM, i created it and save it to DNS as TXT record) it's been 2 days after doing the fixes above. but still i can't send mail gmail or hotmail. (P.S, some of my domain in merak is forwarded to my gmail account i mean when a mail arrives to [email protected] it will forward to my gmail. and the surprise it, merak mail can forward them very vell :S but can't still send mail from outlook etc.)

    Read the article

  • nginx serving Django static media | 502 bad gateway

    - by MMRUser
    I'm trying to serve Django static media through nginx, Here's my nginx.conf server { listen 7777; listen localhost:7777; server_name example.com; location / { proxy_pass http://localhost:7777; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } location /test-app-media/ { root /sites/mysite/staticmedia/; expires max; } } but give a 502 bad gateway error, the path to /sites/mysite/staticmedia/ is in the nginx root/ is that the problem.. Django running on Apache 2.2 + mod_wsgi nginx 0.7.65 Thanks..

    Read the article

  • How to pass touch from a UITextView to a UITableViewCell

    - by Martin
    I have a UITextView in a custom UITableViewCell. The textview works properly (scrolls, shows text, etc.) but I need the users to be able to tap the table cell and go to another screen. Right now, if you tap the edges of the table cell (i.e. outside the UItextView) the next view is properly called. But clearly inside the uitextview the touches are being captured and not forwarded to the table cell. I found a post that talked about subclassing UITextView to forward the touches. I tried that without luck. The implementation is below. I'm wondering if maybe a) the super of my textview isn't the uitableviewcell and thus I need to pass the touch some other way or b) If the super is the uitableviewcell if I need to pass something else? Any help would be much appreciated. #import "ScrollableTextView.h" @implementation ScrollableTextView - (void)touchesBegan:(NSSet *)touches withEvent:(UIEvent *)event { if (parentScrollView) { [parentScrollView touchesBegan:touches withEvent:event]; } [super touchesBegan:touches withEvent:event]; } - (void)touchesCancelled:(NSSet *)touches withEvent:(UIEvent *)event { if (parentScrollView) { [parentScrollView touchesCancelled:touches withEvent:event]; } [super touchesCancelled:touches withEvent:event]; } - (void)touchesEnded:(NSSet *)touches withEvent:(UIEvent *)event { if (parentScrollView) { [parentScrollView touchesEnded:touches withEvent:event]; } [super touchesEnded:touches withEvent:event]; } - (void)touchesMoved:(NSSet *)touches withEvent:(UIEvent *)event { if (parentScrollView) { [parentScrollView touchesMoved:touches withEvent:event]; } [super touchesMoved:touches withEvent:event]; } - (BOOL)canBecomeFirstResponder { return YES; } @end

    Read the article

  • Excluding a script from the general UrlRewrite rules

    - by Steven
    Hi, I have following rewrite rules for a website: RewriteEngine On # Stop reading config files RewriteCond %{REQUEST_FILENAME} .*/web.config$ [NC,OR] RewriteCond %{REQUEST_FILENAME} .*/\.htaccess$ [NC] RewriteRule ^(.+)$ - [F] # Rewrite to url RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !^(/bilder_losning/|/bilder/|/gfx/|/js/|/css/|/doc/).* RewriteRule ^(.+)$ index.cfm?smartLinkKey=%{REQUEST_URI} [L] Now I have to exclude a script including its eventually querystrings from the above rules, so that I can access and execute it on the normal way, at the moment the whole url is being ignored and forwarded to the index page. I need to have access to the script shoplink.cfm in the root which takes variables tduid and url (shoplink.cfm?tduid=1&url=) I have tried to resolve it using this: # maybe?: RewriteRule !(^/shoplink.cfm [QSA] but to be honest, I have not much of a clue of urlrewriting and have no idea what I am supposed to write. I just know that above will generate a nice 500 error. I have been looking around a lot on stackoverflow and other websites on the same subject, but all I see is people trying to exclude directories, not files. In the worst case I could add the script to a seperate directory and exclude the directory from the rewriterules, but rather not since the script should really remain in the root. Just also tried: RewriteRule ^/shoplink.cfm$ $0 [L] but that didn't do anything either. Anyone who can help me out on this subject? Thanks in advance. Steven Esser ColdFusion programmer

    Read the article

  • Getting a new session key after Facebook offline_access permission

    - by Richard
    I have a mobile application that I'm using with Facebook connect. I'm having trouble getting an offline_access session key after a user has granted extended permissions. Here's the user flow: User goes to my site for the first time I send them to m.facebook.com/tos.php? and pass my api key and secret The user logs in using Facebook connect Facebook returns them to a page in my site, mysite/login-success.php with an auth_token in the query string On mysite/login-success.php I instantiate the FB api client and check to see if I already have an offline_access session key for them: $facebook = new Facebook($appapikey, $appsecret); If they haven't already provided offline_access FB gives me a temporary session key I need to get offline_access permission from the user so I forward them on to www.facebook.com/connect/prompt_permissions.php? and pass offline_access in the querystring. The user authorizes offline_access and get forwarded to mysite/permissions-success.php The problem I'm having is that after instantiating the API client on permissions-success.php the session key I have is still the temporary session key, not a new offline_access session key. The only way I've found to get the offline_access key is to delete all cookies for the user and then have them login again using Facebook connect. A fairly poor user experience. Can anyone shed some light on how to use the Facebook api to generate a new session key even if one already exists (in my case a temporary session key)?

    Read the article

  • Web service SSL handshake fails in production environment unless SSL debugging enabled

    - by JST
    Scenario: calling a client web service over SSL (https) with mutual SSL authentication. Different service endpoint URLs and certs (both keystore and truststore) for test vs. production environments. Both test and production environments run tomcat / JBoss clustered. Production environment has load balancing / BigIP, runs Blade and non-Blade machines. Truststore is set (using -Djavax.net.ssl.trustStore=value) at startup. Keystore is set using System.setProperty("javax.net.ssl.keyStore", "value") in Java code. Web service call made using Axis2. All works fine in test environment, but when we moved to production environment (6 servers), it appears certs are not being forwarded for the handshake. Here's what we've done: in test environment, handshake using test versions of certs has been working all along, with no ssl debugging enabled confirmed in test environment that handshake with client production endpoint succeeds (production certs, both ours and theirs, are fine) -- this was done using -Djavax.net.debug=handshake,ssl confirmed that the error condition occurs on all 6 production servers took one server out of the cluster, turned on ssl debugging for just that one (with a restart), hit it directly, handshake works! switched to a different server without the debugging turned on, handshake error condition occurs turned debugging on on that second server (with a restart), hit it directly, handshake works! From the evidence, it seems like somehow the debugging being enabled causes the certificates to be properly retrieved/conveyed, although that makes no sense! I wonder whether somehow the enabled debugging makes the system pay attention to the System.setProperty call, and ignore it otherwise. However, in local and test environments, handshake worked without debugging enabled. Do I maybe need to be setting keystore on server startup like I'm setting truststore? Have been avoiding that because the keystore will differ for each of our test environments (16 of them).

    Read the article

  • IIS as proxy to rails/mongrel - force a proxied host to generate REMOTE_USER

    - by rbn
    Hello -- Using Application Request Routing I have IIS 7.5 set up as a reverse proxy to a Mongrel service which is serving a rails app. IIS is set up to use Windows Auth and is working but I cannot access the REMOTE_USER variable in the rails app to get at current user's identity. I have inspected the request object in rails and I don't have any other variables like LOGON_USER, HTTP_REMOTE_USER, AUTH_USER, etc. I am trying to find a way to inject the REMOTE_USER variable into Mongrel's server variables. This post describes what I am looking for using mod_rewrite on Apache but I am having trouble recreating this rule for iis. this is the rewrite rule from the post mentioned above for Apache RewriteEngine On RewriteCond %{LA-U:REMOTE_USER} (.+) RewriteRule . - [E=RU:%1] Header add X-Forwarded-User %{RU}e I tried reproducing the rule in IIS and got a URL Rewrite Module error ("The condition's expression "%{LA-U:REMOTE_USER}" is invalid."). I know I'm probably using Apache syntax where IIS syntax is needed but am not sure how to proceed at this point. Any help greatly appreciated.

    Read the article

  • Create a SSL certificate on Windows

    - by Ben Fransen
    Hi all, Since I'm very new to SSL certificates, and the creation and usage of them I figured maybe StackOverflow members can help me out. I'm from Holland, the common way of online payments is by implementing iDEAL. An online payment protocol supported by the major banks. I have to implement a 'professional' version. This includes creating a RSA private key. Based on that key I have to create a certificate and upload it to the webserver. I'm on a Windows machine and completely confused what to do. I took a look at the OpenSSL website, because the manual forwarded me to that website to get a SSL Toolkit. The manual provides two commands which have to be executed in order to create a RSA key and a certificate. The commands are: openssl genrsa -des3 –out priv.pem -passout pass:myPassword 1024 and openssl req -x509 -new -key priv.pem -passin pass:myPassword -days 3650 -out cert.cer Is there a way I can do this by a utility on a windows machine? I've downloaded PuTTy KeyGenerator. But I'm not sure what to do, I've created a key (SSH-2 RSA, whatever that is..) but how do I create a certificate with that key? Any help is much appreciated! Ben

    Read the article

  • How do I get netcat to accept connections from outside the LAN?

    - by Chris
    I'm using netcat as a backend to shovel data back and forth for a program I'm making. I tested my program on the local network, and once it worked I thought it would be a matter of simply forwarding a port from my router to have my program work over the internet. Alas! This seems not to be the case. If I start netcat listening on port 6666 with: nc -vv -l -p 6666, then go to 127.0.0.1:6666 in a browser, as expected I see a HTTP GET request come through netcat (and my browser sits waiting in vain). If I go to my.external.ip.address:6666, however, nothing comes through at all and the browser displays 'could not connect to my.external.ip.address:6666'. I know that the port is correctly forwarded, as www.canyouseeme.org says port 6666 is open (and when netcat is not listening, that its closed). If I run netcat with -g my.adslmodem's.local.address to set the gateway address, I get the same behavior. Am I using this command line option correctly? Any insight as to what I'm doing wrong?

    Read the article

  • bash - how to filter java exception info

    - by Michael Mao
    Hi all: We've got a multi-agent Java environment where different agent would most likely produce all sorts of exceptions thrown to stderr. Here is a sample taken from the huge exception log **java.security.AccessControlException: access denied (java.io.FilePermission ..\tournament\Driver\HotelRoomAnalyser.class read)** at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkRead(Unknown Source) at java.io.File.length(Unknown Source) at emarket.client.EmarketSandbox$SandboxFileLoader.loadClassData(EmarketSandbox.java:218) at emarket.client.EmarketSandbox$SandboxFileLoader.loadClass(EmarketSandbox.java:199) at java.lang.ClassLoader.loadClass(Unknown Source) **java.security.AccessControlException: access denied (java.io.FilePermission ..\tournament\Driver\HotelRoomAnalyser.class read)** at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at java.lang.SecurityManager.checkRead(Unknown Source) at java.io.File.length(Unknown Source) at emarket.client.EmarketSandbox$SandboxFileLoader.loadClassData(EmarketSandbox.java:218) at emarket.client.EmarketSandbox$SandboxFileLoader.loadClass(EmarketSandbox.java:199) at java.lang.ClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClassInternal(Unknown Source) at MySmarterAgent.hotelRoomBookings(MySmarterAgent.java:108) fortunately all top-tier exceptions are denoted by no leading spaces, as wrapped by ** above. My concern is to get all of the top-tier exception name (delimited by colon :), together with the first line below which contains something like at emarket.client.EmarketSandbox$SandboxFileLoader.loadClassData(EmarketSandbox.java:218) Basically, something with padded style, starts with "at" and ends with ".java:108" So this info can be forwarded to the owner of that error-prone agent and let him/her fix it. My code in ~/.bashrc is incompleted now : alias startmatch='java -jar "emarket.jar" ../tournament 100'; function geterrors() { startmatch 2>"$1"; a=0; while read line do if true; then a=$(($a+1)); echo $a; fi; done } What it does now is to redirect all stderr to a text file specified by the first argument passed in, and after that, parse that text file line by line, if certain conditions returns true, echo only that line. And I am stuck with what to do inside the loop. Any suggestion is much appreciates, any hint is welcomed.

    Read the article

  • https not redirecting to mongrel upstream

    - by kip
    Normal http is working fine for me with nginx and mongrel, however when i attempt to use https I am directed to the "welcome to nginx page". http { # passenger_root /opt/passenger-2.2.11; # passenger_ruby /usr/bin/ruby1.8; include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; upstream mongrel { server 00.000.000.000:8000; server 00.000.000.000:8001; } server { listen 443; server_name domain.com; ssl on; ssl_certificate /etc/ssl/localcerts/domain_combined.crt; ssl_certificate_key /etc/ssl/localcerts/www.domain.com.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; # ssl_prefer_server_ciphers on; location / { root /current/public/; index index.html index.htm; proxy_set_header X_FORWARDED_PROTO https; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://mongrel; } } }

    Read the article

  • Google App Engine - Uploading blobs and authentication

    - by Keyur
    (I tried asking this on the GAE forums but didn't get an answer so am trying it here.) Currently to upload blobs, the app engine's blob store service creates a unique one- time URL that a user can post blobs to. My requirement is that I only want authenticated / authorized users to post blobs in my application. I can achieve this currently if the page that includes the multipart form to upload blobs is in my application. However, I am looking to providing a "REST API" for my users to upload their blobs. While it is true that the one-time nature of the upload URL mitigates the chances of rogue use but it's still possible. I was wondering if there is anyone on the app engine team here that can consider a feature where developers can register an upload listener. (Or if there is already a way, I'll be all ears). A standard servlet filter could also potentially do the job. This will give us an opportunity to authenticate / validate / decorate requests before the request gets forwarded to the blob store service. Thanks, Keyur

    Read the article

  • How do I forward `<Ctrl>-<Tab>` in Konsole?

    - by M. Tibbits
    I want to use intelligent tabbing in Emacs in C++ mode, but I also want to be able to insert a tab character when necessary. From other posts, I gather that the easiest way is to bind <Ctrl>-<Tab> to indent. However, it appears that Konsole in KUbuntu won't forward the <Ctrl>? My current .emacs file contains: (defun my-c-mode-common-hook () (setq c++-tab-always-indent t) (setq tab-width 4) (setq indent-tabs-mode t) ) (add-hook 'c-mode-common-hook 'my-c-mode-common-hook) (global-set-key [C-tab] 'self-insert-command) So I believe that this will bind <Ctrl>-<Tab> to inserting a tab character. However, when I run: <Ctrl>-h k <Ctrl>-<Tab> Emacs only reports that I pressed the tab key. Is there some option to Konsole (which I have searched through to no avail) or global preferences in KUbuntu that I need to set so that the <Ctrl>- is also forwarded? (It certainly forwards all of the other <Ctrl>-blah commands.)

    Read the article

  • Password Confirmation Overlay

    - by Alasdair
    Hello, I'm creating a J2EE web application that uses jQuery and Ajax to help with some of the presentation for a user-friendly interface. I've done a lot of work ensuring security around persistant login cookies, and I've decided to request the password from any user that logged in using a persistant login cookie before being allowed to make any changes that could be malicious. This request would only happen once to confirm the user is who they say they are and will last throughout the session. At present, any requests that meet this criteria has their request information stored in session and then the user is forwarded to a page to confirm their password. Once confirmed, the user's original request is then performed and the requestion information removed from session. What I would like to do is avoid all this redirection and minimize what's held in session (even if it's just for a small time), thus improving usability and convenience for the user. I believe that a jQuery overlay could allow me to prompt the user for their password (if required) and then continue to submit the request if successful. I would of originally used ThickBox, but since that's now deprecated I don't see the benefit in implementing it in an application at this development stage. However, I have tried to create an overlay using jQuery but I've scrapped every attempt as I can't seem to make it all come together. My main problem is preventing the submission when the user incorrectly types a password or cancels the overlay. Desired Flow Persistant Login Sensitive Page Submit Password Confirmation Overlay [Continue Submit | (Cancel | Incorrect] I have already created JavaScript code to encrypt the password to be sent in a parameter, but all I need now is a method of controlling the overlay and how best to use Ajax for this purpose. Please ignore the fact that this is a J2EE web application when answering as it is irrelevant really. Thanks in advance, Alasdair

    Read the article

  • jQuery inconsistent .remove by class on element with multiple classes

    - by pedalpete
    I've got a page where messages and associated elements (responses, forwards, etc) all share a class based on the database id of the parent. For example this is a message this is another message this is a comment this is another comment tim posted a new message sara forwarded a message to john at times I need to remove all elements with the same id, so I originally had jQuery('div#'+id).remove(); but that would sometimes not remove all the ids because ids are supposed to be unique. So I added the id as a class. now I use jQuery('div.'+id).remove(); but this seems to be about 80% effective, and sometimes the divs aren't being removed. I'm not sure if the issue is because the div has more than one class, but I need the classes because that is how I refer to the elements when somebody clicks. For instance, jQuery('div.message').click(function(){ get the id, send it to the server and get the message }); is there something wrong I'm doing here? or is there a better way to do this?

    Read the article

  • PayPal IPN "FAIL"

    - by Rob
    Hey all... I'm trying to figure out how to use PayPal's IPN and I've run into a wall. I want a buyer to be forwarded to a success page after making a purchase, and I want that page to show the details of their transaction. I choose IPN instead of the PDT because I also want to do some other behind the scenes stuff with their data. Anyway, here's the code I'm using -- I'm testing in sandbox mode -- but it returns "FAIL" every time. $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.sandbox.paypal.com', 80, $errno, $errstr, 30); if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // PAYMENT VALIDATED & VERIFIED! echo "Validated!"; } else if (strcmp ($res, "INVALID") == 0) { // PAYMENT INVALID & INVESTIGATE MANUALY! echo "Invalid!"; } } fclose ($fp); }

    Read the article

  • Nginx for static files, Apache isn't working now...

    - by matthewsteiner
    So anything that is a "static file" that exists will just be done with nginx. Otherwise, it should pass it off to Apache. Right now, static files are working correctly. However, if something is passed to apache and it's example.com or subdomain.example.com, apache just spits out the "Apache 2 Test Page" that you get if there's nothing there. Here's my nginx.conf: location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ { root /var/www/vhosts/example.com/public/; access_log off; expires 30d; } location / { proxy_pass http://127.0.0.1:8080/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } Apache worked fine before, so I'm guessing it has to do with the way nginx is "asking". I'm not sure though. Any ideas?

    Read the article

  • Configuring mod_rewrite and mod_jk for Apache 2.2 and JBoss 4.2.3

    - by The Pretender
    Hello! My problem is as follows: I have JBoss 4.2.3 application server with AJP 1.3 connector running on one host under Windows (192.168.1.2 for my test environment) and Apache 2.2.14 running on another FreeBSD box (192.168.1.10). Apache acts as a "front gate" for all requests and sends them to JBoss via mod_jk. Everything was working fine until I had to do some SEO optimizations. These optimizations include SEF urls, so i decided to use mod_rewrite for Apache to alter requests before they are sent to JBoss. Basically, I nedd to implement 2 rules: Redirect old rules like "http://hostname/directory/" to "http://hostname/" with permanent redirect Forward urls like "http://hostname/wtf/123/" to "http://hostname/wtf/view.htm?id=123" so that end user doesn't see the "ugly" URL (the actual rewrite). Here is my Apache config for test virtual host: <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "/usr/local/www/dummy" ServerName 192.168.1.10 <IfModule mod_rewrite.c> RewriteEngine On RewriteRule /directory/(.*) /$1 [R=permanent,L] RewriteRule ^/([^/]+)/([0-9]+)/?$ /$1/view.htm?id=$2 </IfModule> JkMount /* jsp-hostname ErrorLog "/var/log/dummy-host.example.com-error_log" CustomLog "/var/log/dummy-host.example.com-access_log" common </VirtualHost> The problem is that second rewrite rule doesn't work. Requests slip through to JBoss unchanged, so I get Tomcat 404 error. But if I add redirect flag to the second rule like RewriteRule ^/([^/]+)/([0-9]+)/?$ /$1/view.htm?id=$2 [R,L] it works like a charm. But redirect is not what I need here :) . I suspect that the problem is that requests are forwarded to the another host (192.168.1.2), but I really don't have any idea on how to make it work. Any help would be appreciated :)

    Read the article

  • [php] Cookies only changing value every two page refreshes?

    - by Gazillion
    Hello, I'm trying to implement some pixel tracking where I will save certain values in a cookie to then forward users to another page. If users purchase a product after being forwarded to the online store by us the store adds an image tag in the page with our php script included. With the values set in the cookie we would like to track conversions. I understand this tracking technique has some limitations (like if a user has cookies turned off or if they do not load images but that's the direction my client wanted to go in). The problem I'm having is that the cookie's behaviour is extremely... random. I've been trying to track their values (with a var_dump so I don't have to wait for a page reload to view the cookie's value) but it seems the value for one field only gets refreshed every two page reloads. setcookie("tracking[cn]", $cn, time()+3600*24*7,'/','mydomain.com'); setcookie("tracking[t]", $t, time()+3600*24*7,'/','mydomain.com'); setcookie("tracking[kid]", $kid, time()+3600*24*7,'/','mydomain.com'); redirectTo($redirect_url); the values of cn, t are fine but for some reason kid is always wrong (having taken the value of the previous kid) Any help would be extremely appreciated I've been at this all evening! :)

    Read the article

  • JSF manual refresh issue

    - by k.elgohary
    I need your help . i am developing a simple project with jsf2.0 and primefaces 3.2. I have 2 pages first is the page1.xhtml whci contains : <p:column> <p:panel header="#{ct.coTypeName}" > <h:panelGrid columns="1" width="100" height="100"> <h:outputText value="#{ct.coTypeId}" /> <p:commandLink action="distributer/distributersList.xhtml"> <h:graphicImage url="/resources/images/homePagecartoonBusinessMan.jpg" width="100" height="100"/> <f:param name="bt" value="dist" /> <f:param name="ti" value="#{ct.coTypeId}" /> </p:commandLink> </h:panelGrid> </p:panel> </p:column> </p:dataGrid> When i press The command link it forwarded me to another page "distributer/distributersList.xhtml" which have a selectOneMenu which doesn't show its items until i refresh the page manually . <f:selectItems value="#{bussinessOwnersViewerMB.cities}" var="city" itemLabel="#{city.cityName}" itemValue="#{city.cityId}"/> </p:selectOneMenu>

    Read the article

  • Do I need to implement an XMPP server?

    - by WTFITS
    (newbie alert) I need to program a multiparty communication service for a course project, and I am considering XMPP for it. The service needs following messaging semantics: 1) server will provide a method of registering and unregistering an address such as [email protected]/SomeResource. (for now I will do it manually). 2) server will provide a method of forwarding incoming messages from, say, [email protected]/SomeResource to [email protected]/someOtherResource, assuming that the latter is registered, and a method for removing this forwarding. (for now I will do it manually). 3) anonymous clients can send messages to, say, [email protected]/someresource (one way traffic only). If there is any forwarding setup, the message will be forwarded. Finally if the address is [email protected]/someresource is registered, the message will be stored for later delivery (or immediate if a retrieving client is online - see below). If no forwarding and unregistered, message will be silently dropped. 4) clients can connect and retrieve messages from a registered address. Exact method of authenticating clients (e.g., passwords?) is yet to be determined. Eventually, I want to add support for clients to connect from a web browser so they can register/unregister and set/remove forwarding themselves. Thus, the server will have to do some non-standard switching. Will I need to implement an XMPP server for this? I guess some (or all?) of this can also be done using a XMPP client bot

    Read the article

  • Is the m2eclipse mailing list being managed?

    - by sdoca
    Hi, I tried to subscribe to the m2eclipse mailing list by sending an email to [email protected] but it never sent me back any confirmation email. I sent an email to [email protected] asking if the mailing list was still running a couple of weeks ago and haven't received any response back to that either. Then I found another way to subscribe via http://xircles.codehaus.org/lists/info/search. So I did and am now receiving emails sent to the list. However, I can't send the list emails. They get bounced back with a failure notice: Hi. This is the qmail-send program at mail.codehaus.org. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[email protected]>: Sorry, only subscribers may post. If you are a subscriber, please forward this message to [email protected] to get your new address included. (#5.7.2) I've forwarded this message as instructed twice now (once yesterday and once this morning) without result so far. Does anyone know if this mailing list is being managed? It sucks to be only able to read messages and not to send them. Thanks in advance!

    Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32  | Next Page >