The trouble is, while PL/SQL procedures do generate HTML, I cannot make image folder work. That is, when I try to insert an IMG tag, it shows that it can't find that file in /xxx/img folder.
I tried to redefine DocumentRoot in httpd.conf - it works only on that folder itself, not recursively.
I tried to change DOCUMENT_ROOT in dads.conf - it doesn't work at all.
So the question is, how can I make images deep inside that root folder show up?
At last I have found an answer and a reason of this behavior.
The reason is Oracle's hand-made handler, pls_handler, used for any DADs, made up as Apache Locations.
Trying to create folders for storing images like $ORACLE_HOME/htdocs/myapp/img, I interfered with that directive:
<Location /myapp>
SetHandler pls_handler
# lots of stuff
</Location>
And thus, anything under $ORACLE_HOME/htdocs/myapp folder was processed as PL/SQL procedures.
This is a plain Apache configuration issue. You simply must define an alias in your Apache configuration file.
Assume that your image resources are in a directory /middleware/project/img. Then just add the following line to your httpd.conf or (that's where I configure it) dads.conf:
Alias /i/ "/middleware/project/img/"
If you now have a file alert.png in your /middleware/project/img directory you can access it with an /i/alert.png url.
Related
how is it adviced to alternate between online and local development, since you want to modify your websites on local.
Do you systematically change all URLs (by search/replace) in your project code to fit local URL type and sometimes create personal SSL certificate for https, or do you use another solution like localhost aliases, rewrite rules, or online developpement tools?
What could be an automatic solution in order to avoid this fastidious modifications like search/replace sometimes looking quite primitive and time costing since I develop during the few hours left after my main work.
What are the operation modes to facilitate developpment,
Have a nice day,
for all the biginners, here's the thing.
I've created a config.php file which contains constants: one config file for the local project folder and one for the online server folder.
Inside this config file, I've create a constant (constant are then available everywhere in the project) to define the main URL of the project. e.g.:
define('CST_MAIN_URL',http://www.myproject.com); // for the online config.php file
define('CST_MAIN_URL',http://localhost:8888); // for the local config.php file
Thus, each header or redirection can work with that constant, like:
header('location:' . CST_MAIN_URL . 'index.php');
Then, things must have to do with RewriteEngine in your htaccess file, for instance whenever you must modify the behavior of MAMP/WAMP if an interrogation point or a slash provokes you with its malicious resistance. But, unfortunately RegEx expression must be understood as a basic level for mastering those url rewritings.
Hope it'll helps.
I want nginx to deny users who have folders inside /webroot/uploads
e.g.
/webroot/uploads/user1
/webroot/uploads/user2
/webroot/uploads/user999
to execute any shell script or binary (php, pl, py).
The malicious codes are often hidden in jpg or gif files. like badfile.php.jpg
I also see malacious binary files being uploaded to the folder.
Here my preliminary rules:
location ~ /webroot/uploads/(.+)\.php$ {
deny all;
}
location ~ /webroot/uploads/(.+)\.pl$ {
deny all;
}
But I am not sure it is robust enough. So I appreciate your help.
nginx doesn't have CGI support exactly for this reason - by default, people can't upload random scripts or executables and then run them.
If you have a FastCGI bridge which executes files, check its configuration and whether you can deny the webroot/uploads directory.
You could also force uploaded files to not have the execute bit set, though (depending on who is running the files, see below) that may not help. For details, use something like upload_store_access user:rw (see the HttpUploadModule documentation for details).
One last point is a vulnerability by misconfiguration, through which someone could have random files (not ending in .php) be executed by the PHP handler. Follow this article for the details and correct configuration.
I am migrating from a hosted site to hosting wordpress in s3. One of the things I'd like to do is have a folder at the root level into which I can put all the files. This makes it easier to delete if I need to.
The problem is that my prior has the format of blog.site.com/post.
If I put all the posts in a separate folder, the format shows up as blog.site.com/folder/post
Question: Is there a way to write a rewrite rule using s3_website to rewrite/redirect blog.site.com/folder/post to blog.site.com/post?
This is based on the sample code from s3_website:
routing_rules:
- condition:
key_prefix_equals: site/folder
redirect:
host_name: www.site.com
replace_key_prefix_with: /
http_redirect_code: 301
When I try it, I get an error. Thoughts?
Try this for key_prefix_equals
key_prefix_equals: folder/
I am not positive this is the correct solution.
I'm attempting to set up my own directory structure for serving up static files:
\s (statics)
\c (css)
\j (js)
\i (images)
etc ...
The issue is that I'm seeing a 404 for this directory when referencing it. When I inspect the file path, it is pointing to the correct location localhost:port/s/c/style.css, but for some reason it can't find the file.
Is there a way that I can make this path available via my Web.config, or possibly through my Global.asax file via routes? I've heard there are performance penalties associated with using routes, so using the Web.config - or an alternative solution - is preferred.
http://localhost:port/s/c/style.css should work without any problems. It seems that you have specified a wrong filename which is the reason for the 404 error.
Installing Sparks assumes that you are abiding by the default CodeIgniter installation pattern; extracting the application, system, and user guide folders, along with with a index.php and a license file into your web root.
However, many of us pull the application and system folders out of the web root for security reasons and re-route the $system_path and $application_folder variables in the main index.php file.
This separation tends to break Spark installs. In particular, the simple example-spark used in the getsparks installation instructions.
Getting an error:
An Error Was Encountered Cannot find
spark path at
sparks/example-spark/1.0.0/
I maintain the following directory structure:
CISYS
V202
V200
project1_application
project2_application
project3_application
www (public html)
project1
css
js
images
etc
project2
etc
What must I reroute to achieve both security + sparks? Open to suggestions of any sort. How do you set up your installation?
To answer my own question: The solution was in the MY_Loader.php file. By modifying the SPARKPATH variable on line 43, one can reroute the location of all sparks! Cheers!