I have a site hosted in aws with www.domain.com with 2 sub domains test.domain.com and stage.domain.com. I am using MEAN for development, now what i want is to password protected my sub domains test.domain.com and stage.domain.com but in a similar fashion as we do in php using htaccess.
Now i personally like this htaccess approach because in this approach your code for the application will be same, authentication will be added by htaccess. Any idea how to do that in nodejs without altering application code, so that i can remove that in future if i want.
P.S. : Only hints are welcomed.
.htaccess does not alter the code because it's used by the Apache webserver.
Consider that Node.js IS your webserver, so that's where the magic happens (technically, it takes less code to add basicAuth to node than to add htaccess to apache + write the .htacess file).
Something, somewhere has to know that authentication is to be done :).
Here's the link to an easy way to do that in node :
Basic HTTP authentication with Node and Express 4
Related
We are currently developing a CMS for our clients. We would like to host all their pages on our server like this:
https://www.example.com/client1website or https://www.example.com/client2website.
Is there a simple way to redirect content from https://www.example.com/client1website to https://www.theirdomain.com?
I know that Heroku or Wix work in a similar way, but I don't really know how to achieve it. Setting the CNAME for www to https://www.exmaple.com/client2website is probably not enough?
Godaddy can do https://www.client1website.example.com to https://www.theirdomain.com
But otherwise they are going to need to stop at your server first since you are pointing them down into your directory
You can redirect using status code 308
I am trying to build mu first web application with yii
From what I understood a .htaccess file must be in the project folder
in the localhost every things work fine, but when I upload the whole project my remote server doesn't accept .htaccess files and I get 404 not found (server error not yii error)
there is an alternative to this problem ?
many thanks in advance
There is no alternative when using a Front Controller pattern. Only on the http server you can redirect all wanted requests to a single central point. It is weird though that you cannot use .htaccess.
One more question: are you using apache or something else as a web server? Because .htaccess is apache specific to the best of my knowledge, for other servers you need differend configuration in differend other places.
I would like to ask how to set in the webserver, APACHE.
eg. like cPanel webmail, user only need to enter
http://www.example.com/webmail then it will match with http://www.example.com:2095/
I not sure it is set with .htaccess or set it at router level.
Can anyone advice how to do this?
It's called Reverse Proxy (even if you use it on the same server) : http://en.wikipedia.org/wiki/Reverse_Proxy
It can be done on Apache using standard modules mod_proxy and mod_rewrite. I have not done it myself on Apache, so I cannot tell if mod_rewrite will actually be required here ... but a lot of examples I have seen utilizing functionality of both of them.
There really a lot of examples around -- you should have no issues finding them. Start at the following links:
mod_proxy Apache manual
Using mod_rewrite for Proxying
Basically i developed my app on a localhost wamp server with PHP 5. ON uploading to the actual host i notice that
The server is running php 4.4.9
Everytime i upload my .htaccess file, the server removes it completely.. seems to not be allowed
When i test out the set all i get is a 404 page not found
Any help on how to make it work on this PHP 4 server?
I did a test with CI 1.7.2, default installation.. works on my local server but when uploaded does not work, does this mean that the server does not support it?
I'm sure this isn't what you want to here, but get a new server. Here are the reasons why:
PHP 4 is no longer well supported. It's insecure.
If the server is removing .htaccess files, they are also unsupported on that server, giving you one more reason to move.
Code Igniter runs best with PHP 5 and with an .htaccess file.
The gist of this is you are going to have to hack your code back into the dark ages to get this to work, and then you will still have pretty URL issues and overall system instability. If you can make the switch, do.
If you cannot use .htaccess files with CodeIgniter, in system/application/config/config.php there is a configuration key called index_page. You need to set that to whatever page you have bootstrapping CodeIgniter (usually /index.php)
Then, make sure all your links that get routed through CI either target index.php/controller/action/params... or utilize the URL helper (with site_url or anchor) to automatically put in the index.php
Joe Mills is exactly right in his answer, though. CI works best with PHP 5 and .htaccess.
See CI URLs and CI URL Helper for documentation.
Well i found out how to fix several things
The issue with .htaccess would be to just not use modrewrite as such i put "query_string" option in my path variavable and this works.
The other issue, which was the major issue was that i was using Datamapper library which is a php 5 only library.
I'm in a development environment and we're using basic .htaccess/.htpasswd authentication to keep lurkers out. But some of my AJAX calls are coming back with HTTP/401 authentication failed errors. Is it possible for me to allow access only to those specific URL's? I can't easily do it by popping a new .htaccess in a subfolder because CodeIgniter uses ReWrites.
It's not possible to allow access only to those specific URL's. Unfortunately, .htaccess and .htpasswd authentication operates on a directory level only. And you're exactly right about why just using a subdirectory won't work - b/c of CI rewrites, which happen AFTER Apache has transferred control to CodeIgniter's index.php front controller.
The easy option, if you're working on something that (1) is not likely to be hacked in the first place, and (2) can't reveal sensitive data even if it is, is to use security via obscurity. Don't have any links to your dev site, include a noindex directive for search engine crawlers, and go on your merry way. This also has the advantage that you can test versions of the site with your colleagues and friends by just telling them the URL to go to.
If you're more worried about security, then you're probably building an auth module for your website's users. In that case, for your dev environment, just call that auth module in the constructor for all of your controllers, and redirect to the login page if the user is not logged in.
Good luck!