A client of mine is running an ecommerce store on godaddy shared hosting.
They are trying to pass pci compliance and the only issue is the default apache icons folder by allowing it to be indexed.
This folder is NOT in my web root. So I don't have access to it.
I've tried htaccess rewrites, but it's not working.
Anyone know of any other solutions?
I am sorry but Go Daddy shared hosting is not PCI Complaint. You can review the last part of this page to verify that: http://support.godaddy.com/help/article/4265/quick-shopping-cart-pci-compliance-faq?locale=en
turns out the scan is not required at level 4 with the amount of annual sales this client processes. So, we opted to leave it as-is.
Related
I am using shared hosting.
My site was showing "ERR_CONNECTION_REFUSED".
So i went to see visitors to my (SSL) site.
I found that instead of regular names in the "User Agent" list,
cpanel visitors list is showing
user agent Expanse indexes the network perimeters of our customers. If you have any questions or concerns, please reach out to: scaninfo#example.com"
I want to know whether this is harmful and if yes,
How to avoid such unknown user agents?
Is there something i should do with ".htaccess" file?
Once again, i am using shared hosting (so, i have limited accessibility).
The ERR_CONNECTION_REFUSED you saw when accessing your website had nothing to do with the visitor you saw in cpanel. You might have had a different issue with your server configuration/shared hosting provider.
That "visitor" was an internet crawler, most likely from Palo Alto Networks, who owns Expanse. Long story short, it shouldn't cause any harm. They say that their crawlers are used to index/categorize URLs around the internet and/or to spot malicious content.
I advise you to ignore it, since there's not much you can do - I assume they have some ranges of IPs for their crawlers so you wouldn't be able to blacklist all of them anyway.
Sorry for my poor knowledge about it. I would appreciate if anybody could explainme how can I create a custom download link for a google drive file. I got a domain in freenom.com and I want to change the download link of a google drive file to use my domain name in the url
What I’m try to do is avoid the final url docs.googleusercontent.com/docs/... using a custom link with my domain.
Is that possible?
I know it sound crazy but in my workplace they block docs.google url with a proxy filter and others cloud services like multcloud.com and koofr.eu too. Beside using proxy web or vpn is very suspect for they.
So I need a way to download my files with my own url without lifting suspicions trace.
I know is a nightmare but you never wish to live here. The only internet where I can download something is in my workplace.
Any solution with google colab may helpme too. Maybe create a temporal server via python in google colab and asign my domain name. But I just don’t know how to do it. With flask-ngrok I create one in google colab but the link I obtain is through de domain ngrok and Is blocked too.
The objetive is to create a custom download link to one file that doesn’t lifting suspicions trace and maybe reemplace in the future the file in google drive rename it so that keep the same path.
Any help will be appreciated.
Thanks for your time
Answer
I did it, finally I did it. I’m a beginner, so for me, founding a method to circumvent the stupid proxy filters of my workplace without leaving any suspects in order to download files from the internet is great!!!!!! wonderful!!!!!!. Also I got to say that in my country the price of the internet is a madness. Imagine that you would have to pay the equivalent of 250 dollars of your salary for only 2 gigabytes of data usage in your cellular. And also imagine that you would have to pay the equivalent of 375 dollars of your salary monthly for only 30 hours per month through adsl modem connection with the ridiculous speed of 1 Mbit/s. But only in my workplace the internet is free and fast (at least for me). Add to that situation the fact that they are watching you every move you do in your internet traffic.
As a communist country they control everything and in my workplace they have a man only for censure the internet blocking any suspicious page they found, and if they catching you using vpn or proxy web you receive a big problem. They block google drive, dropbox, and any other cloud storage services. Also they block any site you can use to download files if that site is not related to your work.
But hey, I finally found a way. First I got some free domains in freenom.com and I put them a name related with my work in order to not leave any suspicious trace in my web traffic. Then I got a free hosting service and associated each domains with a Wordpress site retouched in order to apparent something related with my work. Then I use my internet in my cellphone for download files from internet to my google drive account using google colab in order to store my files. After that I use google colab to upload my files from google drive to the ftp account of one of my Wordpress site created and then I create download links for all my file with my own domain name. And finally in my workplace I prepare a curl download script to download my files intermittently in order to not leave the appearance of downloading a big file traffic consuming. Finally I download the equivalent of 1 gb per day. Sad but true. I’m working now in a way to create a free ssl connection for my downloads with authentication system that won’t let the censor man to access to my links. Mabe with a Wordpress plugin
I want to set up Multiple Wordpress Installations on a Single Domain name. I need a wordpress installation for my webdeveloper website, and other installations for developing customer websites. After development I would have to move these new websites to client server. Technical staff of my web hosting company suggested two possibilities:
1)development.domainame.com (create a subdomain for additional wordpress installation)
2)domainame.com/development (use subfolder for additional wordpress installation
They recommended to use solution 1). May I know the pro and con of each solution ? And would be a best practise ? Thx in advance
PS: I cant use multisite, not suited for my case
Your web host's technical staff is correct. You have 2 options:
Use Subdomains. ex: sub1.mydomain.com vs sub2.mydomain.com
Use Subfolders. ex: mydomain.com/folder1 vs mydomain.com/folder2
The benefit of using subdomains is that the "environments" are separated. The two websites will act like they are entirely different websites, making it easier to migrate the clients site in the future.
The benefit of using subfolders is that it's easier to "switch in between the sites". You could access all the files using the same FTP login.
I would suggest the use of subdomains. It separates the sites into 2 clearly different sites, will make it easier to restrict client/user access by-subdomain, and will decrease the chances that making a change to one site would affect the other (for example, if you have 2 wordpress sites as subfolders, it would be much easier to accidentally edit or change the wrong mysql database table)
I am not sure if my question is suitable here. If not, forgive me.
Magento supports multi-websites on a single installation. Let's say that I'd like to make e-commerce websites for fashion industry merchants. I would install an e-commerce solution for each merchant. However, since Magento supports multiple websites on a single installation, can I just install a single Magento to support all the merchants? Each merchant has a domain and they don't share any information each other.
Or should I install a Magento for each merchant?
Thanks.
Sam
Yes, it is possible to support multiple Magento stores on one hosting account. If your hosting account allows parked domains, then it is possible to use one IP address to secure all the sites using a Unified Communications (UC) or multi-domain SSL certificate available from most vendors. Some of these certificates may support up to 100 unique domain names.
There are still other issues regarding performance that you should consider.
Depending on what you want to do this is doable. I was actually searching for a similar thing and found this resource:
Magento KB: How Multiple Websites & Stores Work
It is thus possible to have different web sites (with different domains) or a single web site with different store fronts.
I also found this explanation from the point of view of a hosting service on how to add two domains to a single Magento installation. Please note that this is specific for this service but you get the idea and the steps inside Magento should be roughly the same:
How To Setup Multiple Magento Stores
I'm an enthusiast on web-technology. I want to know where does the code of a website resides? Is it hosting in all possible cases? Do usually people give access code to source code from admin panel? What if I want such functionality in my site? Will it be secure enough?
The site's code lives on your web server. The security depends on the web server itself.
It highly depends on the features of your hosting environment. If they provide ssh or ftp access, then yes, you can most likely access and modify the source code of your sites. Otherwise you are at the mercy of the control panel(s) of the hosting or the admin area of your particular website.