Re: Multi-User Security on *nix using mod_rewrite

This WebDNA talk-list message is from

2002


It keeps the original formatting.
numero = 41721
interpreted = N
texte = No .. The handler has to be part of the httpd.conf file ..This is useful for us because we can host normal html sites and webcat on one server .. We use webcat and we donšt need to worry about people adding [redirect] for [search] or any other webcat code in their sites ..I'm not sure you could limit webcat to directories with Apache as WebCat happens independent of Apache .. And as such does not follow it's rules ..In webcat you could have [include file=*/directory/directory/file.txt] and Apache is none the wiser where it came from ..The easiest way I can think to limit webcat is to have a rules database that webcat looks at .. Ie ..URL LIMITS Www.domain.com /Library/WebServer/WebSites/www.domain.com/*Allows that url to access only that directory .. Add this to the admin section and let webcat handle the security internally .. Then it will work on all web servers ..Alain> Is it possible to add the handler in ANY other way, ala htaccess or > something. I don't really know that much about Apache, but this seems like > it could be VERY useful indeed. > > > On 7/18/02 3:28 PM, Alain Russell mashed the following keys : > >> Why not just remove the webcatalog handler from the main httpd,conf file and >> add to each virtual host as needed .. >> >> We do this .. Mean sone site can map- .html to webcatalog and the next can >> be standard static Apache files .. >> >> As follows: >> >> >> ServerName www.blackpepper.co.nz >> >> Options -Indexes FollowSymLinks IncludesNoExec >> >> DocumentRoot /Library/WebServer/WebSites/www.blackpepper.co.nz >> TransferLog /var/log/httpd/www.blackpepper.co.nz_access-log >> ErrorLog /var/log/httpd/www.blackpepper.co.nz_error-log >> ServerAlias www 210.55.24.6 localhost 127.0.0.1 blackpepper.co.nz >> AddHandler webcatalog2-handler .html >> NameVirtualHost 210.55.24.6 >> >> >> Alain >> >>> After reading through the docs on mod_rewrite I believe that it >>> could be used to secure, on a directory or host basis, the usage of >>> the WebDNA Engine based on file extension. This could be a great >>> way to provide standard hosting on the same machine as WebDNA if it >>> really could be made to work. I haven't yet started in on it >>> because I wanted to know if anyone has already tried it. If so, >>> does it work. If not, why not. It seems, as it runs off of >>> regular expression, that explicit denial of any registered >>> extension processed by WebDNA could be rewritten to an error page >>> or the like and that this denial could be either file path based or >>> host header based or both. >>> >>> Any mod_rewrite gurus out there that want to comment? >>> >>> Mike >>> >>> >>> ------------------------------------------------------------- >>> This message is sent to you because you are subscribed to >>> the mailing list . >>> To unsubscribe, E-mail to: >>> To switch to the DIGEST mode, E-mail to >>> >>> Web Archive of this list is at: http://search.smithmicro.com/ >> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://search.smithmicro.com/ > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. Re: Multi-User Security on *nix using mod_rewrite (Alain Russell 2002)
  2. Re: Multi-User Security on *nix using mod_rewrite (Aaron Lynch 2002)
  3. Re: Multi-User Security on *nix using mod_rewrite (Aaron Lynch 2002)
  4. Re: Multi-User Security on *nix using mod_rewrite (Clement Ross 2002)
  5. Re: Multi-User Security on *nix using mod_rewrite (Alain Russell 2002)
  6. Multi-User Security on *nix using mod_rewrite (Michael Davis 2002)
No .. The handler has to be part of the httpd.conf file ..This is useful for us because we can host normal html sites and webcat on one server .. We use webcat and we donšt need to worry about people adding [redirect] for [search] or any other webcat code in their sites ..I'm not sure you could limit webcat to directories with Apache as WebCat happens independent of Apache .. And as such does not follow it's rules ..In webcat you could have [include file=*/directory/directory/file.txt] and Apache is none the wiser where it came from ..The easiest way I can think to limit webcat is to have a rules database that webcat looks at .. Ie ..URL LIMITS Www.domain.com /Library/WebServer/WebSites/www.domain.com/*Allows that url to access only that directory .. Add this to the admin section and let webcat handle the security internally .. Then it will work on all web servers ..Alain> Is it possible to add the handler in ANY other way, ala htaccess or > something. I don't really know that much about Apache, but this seems like > it could be VERY useful indeed. > > > On 7/18/02 3:28 PM, Alain Russell mashed the following keys : > >> Why not just remove the webcatalog handler from the main httpd,conf file and >> add to each virtual host as needed .. >> >> We do this .. Mean sone site can map- .html to webcatalog and the next can >> be standard static Apache files .. >> >> As follows: >> >> >> ServerName www.blackpepper.co.nz >> >> Options -Indexes FollowSymLinks IncludesNoExec >> >> DocumentRoot /Library/WebServer/WebSites/www.blackpepper.co.nz >> TransferLog /var/log/httpd/www.blackpepper.co.nz_access-log >> ErrorLog /var/log/httpd/www.blackpepper.co.nz_error-log >> ServerAlias www 210.55.24.6 localhost 127.0.0.1 blackpepper.co.nz >> AddHandler webcatalog2-handler .html >> NameVirtualHost 210.55.24.6 >> >> >> Alain >> >>> After reading through the docs on mod_rewrite I believe that it >>> could be used to secure, on a directory or host basis, the usage of >>> the WebDNA Engine based on file extension. This could be a great >>> way to provide standard hosting on the same machine as WebDNA if it >>> really could be made to work. I haven't yet started in on it >>> because I wanted to know if anyone has already tried it. If so, >>> does it work. If not, why not. It seems, as it runs off of >>> regular expression, that explicit denial of any registered >>> extension processed by WebDNA could be rewritten to an error page >>> or the like and that this denial could be either file path based or >>> host header based or both. >>> >>> Any mod_rewrite gurus out there that want to comment? >>> >>> Mike >>> >>> >>> ------------------------------------------------------------- >>> This message is sent to you because you are subscribed to >>> the mailing list . >>> To unsubscribe, E-mail to: >>> To switch to the DIGEST mode, E-mail to >>> >>> Web Archive of this list is at: http://search.smithmicro.com/ >> >> >> ------------------------------------------------------------- >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> >> Web Archive of this list is at: http://search.smithmicro.com/ > > > ------------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to > > Web Archive of this list is at: http://search.smithmicro.com/ ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Alain Russell

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Authenticate (1997) Maybe off topic but how to charge (1997) Stopping bad HTML propagation ? (1997) WebStar Secure on other machine (1997) Chat Area (2000) expansion domain freak out (2003) RSS parser for download (2002) RequiredFields parameter (1998) Problem 2: Prefs file... (1997) bug report -- leading < character (1998) [closeDataBase myDataBase.db] not working? (1997) Unformatted Messages (1998) Extended [ConvertChars] (1997) UPDATE PROBLEM (1997) Error:Too many nested [xxx] contexts (1997) How to append text after the sign & (1997) JS and Webcatalog (2001) WebCat2 - Getting to the browser's username/password data (1997) Categories and Sub-categories (2003) [isfile] ? (1997)