Re: Multi-User Security on *nix using mod_rewrite

This WebDNA talk-list message is from

2002


It keeps the original formatting.
numero = 41720
interpreted = N
texte = Right, but if it's us doing webcat and 'them' doing regular hosing, it frees up a server for us... On 7/18/02 4:05 PM, Clement Ross mashed the following keys :> That's a good idea performance wise but it does not add much security. Any > site > that has the WebCat handler can still play with files of other virtual hosts. > > Clem. > > Alain Russell wrote: > >> Why not just remove the webcatalog handler from the main httpd,conf file and >> add to each virtual host as needed .. >> >> We do this .. Mean sone site can map- .html to webcatalog and the next can >> be standard static Apache files .. >> >> As follows: >> >> >> ServerName www.blackpepper.co.nz >> >> Options -Indexes FollowSymLinks IncludesNoExec >> >> DocumentRoot /Library/WebServer/WebSites/www.blackpepper.co.nz >> TransferLog /var/log/httpd/www.blackpepper.co.nz_access-log >> ErrorLog /var/log/httpd/www.blackpepper.co.nz_error-log >> ServerAlias www 210.55.24.6 localhost 127.0.0.1 blackpepper.co.nz >> AddHandler webcatalog2-handler .html >> NameVirtualHost 210.55.24.6 >> >> >> Alain >> >>> After reading through the docs on mod_rewrite I believe that it >>> could be used to secure, on a directory or host basis, the usage of >>> the WebDNA Engine based on file extension. This could be a great >>> way to provide standard hosting on the same machine as WebDNA if it >>> really could be made to work. I haven't yet started in on it >>> because I wanted to know if anyone has already tried it. If so, >>> does it work. If not, why not. It seems, as it runs off of >>> regular expression, that explicit denial of any registered >>> extension processed by WebDNA could be rewritten to an error page >>> or the like and that this denial could be either file path based or >>> host header based or both. >>> >>> Any mod_rewrite gurus out there that want to comment? >>> >>> Mike > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Multi-User Security on *nix using mod_rewrite (Alain Russell 2002)
  2. Re: Multi-User Security on *nix using mod_rewrite (Aaron Lynch 2002)
  3. Re: Multi-User Security on *nix using mod_rewrite (Aaron Lynch 2002)
  4. Re: Multi-User Security on *nix using mod_rewrite (Clement Ross 2002)
  5. Re: Multi-User Security on *nix using mod_rewrite (Alain Russell 2002)
  6. Multi-User Security on *nix using mod_rewrite (Michael Davis 2002)
Right, but if it's us doing webcat and 'them' doing regular hosing, it frees up a server for us... On 7/18/02 4:05 PM, Clement Ross mashed the following keys :> That's a good idea performance wise but it does not add much security. Any > site > that has the WebCat handler can still play with files of other virtual hosts. > > Clem. > > Alain Russell wrote: > >> Why not just remove the webcatalog handler from the main httpd,conf file and >> add to each virtual host as needed .. >> >> We do this .. Mean sone site can map- .html to webcatalog and the next can >> be standard static Apache files .. >> >> As follows: >> >> >> ServerName www.blackpepper.co.nz >> >> Options -Indexes FollowSymLinks IncludesNoExec >> >> DocumentRoot /Library/WebServer/WebSites/www.blackpepper.co.nz >> TransferLog /var/log/httpd/www.blackpepper.co.nz_access-log >> ErrorLog /var/log/httpd/www.blackpepper.co.nz_error-log >> ServerAlias www 210.55.24.6 localhost 127.0.0.1 blackpepper.co.nz >> AddHandler webcatalog2-handler .html >> NameVirtualHost 210.55.24.6 >> >> >> Alain >> >>> After reading through the docs on mod_rewrite I believe that it >>> could be used to secure, on a directory or host basis, the usage of >>> the WebDNA Engine based on file extension. This could be a great >>> way to provide standard hosting on the same machine as WebDNA if it >>> really could be made to work. I haven't yet started in on it >>> because I wanted to know if anyone has already tried it. If so, >>> does it work. If not, why not. It seems, as it runs off of >>> regular expression, that explicit denial of any registered >>> extension processed by WebDNA could be rewritten to an error page >>> or the like and that this denial could be either file path based or >>> host header based or both. >>> >>> Any mod_rewrite gurus out there that want to comment? >>> >>> Mike > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Aaron Lynch

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Nested vs conditional (1997) Include files (1998) Date search - yes or no (1997) typhoon... (1997) Using [sendmail] for mass mailings (2001) Trouble with [fileinfo] - update: TIP OF THE DAY (THE/) WebCatalog for guestbook ? (1997) multiGroupChecker code redundant? (2000) Re2: frames & carts (1997) locking variables? (2000) Emailer and encryption (1997) [WebDNA] Send Mail and SMTP Host (2015) Multiple prices (1997) WCS Newbie question (1997) [WebDNA] WebDNA licenses discount from 12/23 to 12/31 (2012) ShowNext Command (1997) PIXO Support (1997) [WebDNA] WebDNA Crashing or Not **YES** (2008) ODBC problems between webcat and filemaker pro (2001) Repeating Fields (1997)