I need to bypass an MVC route for an application where the developer left - we're going to fully replace it, but for now if I can bypass this one route, it'll save us a ton of time.
The route is (e.g.) www.this.site/path/subpath
Since it's on IIS, I can take advantage of the default document and create the following folder / file structure: /path/subpath/index.htm
However if I do this, I'll "break" the parent www.this.site/path route (it throws a 403 - Forbidden: Access is denied) because I now have an actual file folder where the /path/ route was.
Is there a way to get around this / have IIS defer to MVC on /path/ but still handle the child html file?
thanks. Again, this is not intended as a long term solution but a work-around until we can replace the app entirely.
Perhaps a better workaround would be to use the IIS AAR module and it's reverse proxy functionality out the app.
To do so:
a) stand up the app at it's own site the proper path -- so it should work at something like http://localhost:1234/path/subpath/index.htm
b) install IIS AAR module and enable the reverse proxy functions using the WebPI and the IIS management tools
c) Ignore the /path/subpath route in your app
d) Add a virtual directory for /path/subpath to IIS
e) Configure that to reverse back to localhost:1234 or whatever port you configured the site
This will keep the legacy app completely separate while keeping the public facing URLs looking correct for the rest of the world.
Related
how is it adviced to alternate between online and local development, since you want to modify your websites on local.
Do you systematically change all URLs (by search/replace) in your project code to fit local URL type and sometimes create personal SSL certificate for https, or do you use another solution like localhost aliases, rewrite rules, or online developpement tools?
What could be an automatic solution in order to avoid this fastidious modifications like search/replace sometimes looking quite primitive and time costing since I develop during the few hours left after my main work.
What are the operation modes to facilitate developpment,
Have a nice day,
for all the biginners, here's the thing.
I've created a config.php file which contains constants: one config file for the local project folder and one for the online server folder.
Inside this config file, I've create a constant (constant are then available everywhere in the project) to define the main URL of the project. e.g.:
define('CST_MAIN_URL',http://www.myproject.com); // for the online config.php file
define('CST_MAIN_URL',http://localhost:8888); // for the local config.php file
Thus, each header or redirection can work with that constant, like:
header('location:' . CST_MAIN_URL . 'index.php');
Then, things must have to do with RewriteEngine in your htaccess file, for instance whenever you must modify the behavior of MAMP/WAMP if an interrogation point or a slash provokes you with its malicious resistance. But, unfortunately RegEx expression must be understood as a basic level for mastering those url rewritings.
Hope it'll helps.
I have always thought the api controllers where not found by physical paths. The reason I ask is I have a website example.com I created a folder example.com/testing and uploaded my project to there. When I ran it I got errors saying that none of the apiControllers could be found. So I changed /api/apiCustomers to /testing/api/apiCustomers. It then worked, well not the actual posting of any new records. It did locate and retrieve all the records from the database though. But it doesn't seem like that is what I would actually need to do? I have a domain with WinHost and the default publish folder is example.com/myApp
AM I looking at this the wrong way?
To handle request where you do not know the root path, you can use (as in ASP.NET) the ~-character like this:
~/api/apiCustomers
~ will then be replaced by the root (i.e. /api/apiCustomers for prod and /testing/api/apiCustomers for your test environment)
I'm using GroceryCRUD to act as a front end for a database containing news releases. Secretaries can go in and add/edit/delete news releases in the database easily now. Only qualified users are able to access the application root via an .htaccess password. The problem with this is that GroceryCRUD uploads assets such as photos are uploaded to the directory /www/approot/assets/uploads/ which is password protected since /approot/ is protected.
My ideal solution would be to set an upload directory outside of the application root which is where I'm running into trouble. By default this is how GroceryCRUD handles uploads:
$this->grocery_crud->set_field_upload('photo1','assets/uploads/');
I've tried changing it to something like this:
$this->grocery_crud->set_field_upload('photo1','/public/assets/uploads/');
I was hoping this / would make the path start from the document root instead of the application root, but it throws this error:
PHP Fatal error: Uncaught exception 'Exception' with message 'It
seems that the folder "/Users/myusername/www/approot//public/assets/uploads/"
for the field name "photo1" doesn't exists.
This seems to suggest that CI or GroceryCRUD just takes the second argument in set_upload field and just concatenates it onto the end of the site URL that is defined. Is there any way around this that doesn't involve creating a user login system?
Try using relative path.
$this->grocery_crud->set_field_upload('photo1','../assets/uploads/');
.. -> Go up one directory
I ended up implementing a login system outlined in this tutorial:
http://net.tutsplus.com/tutorials/php/easy-authentication-with-codeigniter/
It was quite simple to set up and suits my needs. I found ways to give access to the directory using httpd.conf directives but I feel like this was a more viable solution since I don't have direct access to server configuration files.
Maybe in the future GroceryCRUD will allow placement of uploads outside the application folder.
I have a web application that requires multiple domains to point to the same site in IIS. I would like to be able to do this from a web interface but that would mean adding site bindings programmatically.
Im sure applications like Plesk access some sort of Windows API to do it, I just dont know how.
A related post is this one but it doesnt solve this specific problem.
I'm not sure if this is what you're after, but if you are using .NET you can use ServerManager class from the Microsoft.Web.Administration namespace you can add bindings like so:
using (ServerManager manager = ServerManager.OpenRemote("serverName"))
{
manager.Sites["mySiteName"].Bindings.Add("*:80:domain.com", "http");
manager.CommitChanges();
}
So in the example above the * means the IP to match to, 80 is the port, and domain.com is the host header. To add https bindings is a bit more involved and you need to load the certificate programatically.
I am trying to create a secure download web app with the following scenario. Anybody know how this can be achieved:
1) The user is given a one-time URL
a) This one-time URL is stored in an Oracle DB mapped to the actual URL
2) When the user visits the one-time URL:
a) Apache module connects to the DB to see if the one-time URL exists
b) if it exists, apache does an internal rewrite to the actual URL
c) if not, then 404 or any sort of error (404 or something else) is good enough
2.a and 2.b are the what I am looking answers on. I am not sure how to do this and make sure the rewrites happen internally.
Thanks
This should be possible using the new dbd-type RewriteMap functionality available in the trunk version of Apache. Obviously with this being the current development branch of the server you'll need to be careful about config-breaking changes over time.
RewriteEngine On
RewriteMap urlmapper "dbd:SELECT redirect_url from my_table WHERE some_key = %s"
RewriteRule /one_time/(.+) ${urlmapper:$1|/404.html}
Of course you will need some additional logic for handling cases where no results are returned.
http://httpd.apache.org/docs/trunk/rewrite/rewritemap.html#dbd
AFAIK this is not possible just by apache. What you must want to do is:
Configure apache to redirect that unique links to a server script which will make the "magic" happen
the server script checks if the unique provided url is still valid and acts in accordance:
serves the file and invalidate (delete or mark as served) the unique-url row in database
replies with status 404 or redirects to a 404 page in other cases
The exact details on how to make things happen depends on the scripting engines available to you on the server, and your preferences. It can be done in a variety of engines, from php to cgi to .NET to asp and many others.
Figured this out... You can achieve this using XSEND (https://tn123.org/mod_xsendfile/)... Setup a php script to handle any URI's with file download and denied all access to the actual file directory so the only way to get the file it to force it through XSEND.