Apologies if this is a basic question but I was unsure what to search to try and get a answer. If someone can point me in the right direction I would be grateful.
Basically this is what I want to do.
I have a pretty much blank website that I want to display text out of a text file on my local pc to at regular intervals (The contents of the text file will change regularly). What are the things that I'll need to learn to do this?
I read up on how you can do this with AJAX but as I understand it the text file would have to be on the server, which in this case it's not.
I understand that this a month old but since no one has really paid any attention to it, might as well answer it.
It really doesn't make sense to keep it in your local PC. Because for your web app to be able to access that text resource you will have to have your local machine accessible from the outside world. If you want it that way, you create a webserver like application in your local machine, get it accessible via a public domain then access that with a (hopefully) secure GET request from your hosted application.
Simplest solution I can think of and a saner way to do this would be
Save it in a database in the hosting server. Whenever you need to update the text, you change the value in the DB using a DB administration application such as phpmyadmin that is also hosted from that same machine (but hopefully you restrict IP access to phpmyadmin only to yourself, but that is another matter). Better yet you can always make a fancy CMS app to make things easier.
Or if you still find that a tad to hard why not just put in the source code, have it versioned and update it whenever you need to.
Related
I have done quite a lot of searching but am not really able to find a clear answer. I'm wondering if storing simple generated record documents (.txt files, e.g. purchase records) in a protected directory with deny from all is secure? Obviously, anyone going directly to the file in the browser will not be able to access it, but I wonder if the information in these text files is visible in other ways?
Why store them in a place accessible by the browser? Can’t you place the files somewhere else in the server, in a directory that is not seen by the http server?
I assume you would like to access them later through the browser and if that’s the case, can’t you create those reports on the fly each time a request is made for them? I have seen servers littered with saved reports when the best solution would have been to generate the reports again by retrieving data from a database. Please do not take this as an insult, but if my assumption is correct, try to consider another solution.
Technically, the answer to your question is “those files are not accessible if the server is configured correctly, you have no bugs in the code, etc.”
I want to create a website for myself that no one else will use at the moment.
Do I need to get a domain name to be able to access the website remotely or can I just use the host IP address when I want to go on it?
It depends on what you're looking to do. For example, Ruby on Rails and Sinatra languages can be locally hosted. So you can basically create the website without ever having to 'push' it to a domain. You'll definitely need a domain if you want to access it remotely - the domain name is basically a mask for an IP address anyway, so they're really somewhat the same.
You can also have basic JavaScript (JS) /HTML/CSS sites locally hosted as well. So you don't really need a domain, until you want people to actually start showing up to it remotely.
Hope this helps!
I am thinking of using another "less" important server to store files that our clients want to upload and handling the data validation, copying, insertion, etc at that end.
I would display the whole upload thingy through iframe on our website and using HTML,PHP,SQL as syntax-languages for the thingy?
Now I would like to ask your opinions is this is a good or bad idea.
I´m figuring out that the pros and cons are:
**Pros:
The other server is "less" valuable, meaning if something malicious could be uploaded there it would not be the end of the world
Since the other server has less events/users/functionality/data it would help to lessen the stress of our main website server
If the less important server goes down the other functionality on main server would still be functioning
Firewall prevents outside traffic (at least to a certain point)
The users need to be logged through the main website
**Cons:
It does not have any CMS+plugins, so it might be more vunerable
It might generate more malicious traffic towards it.
Makes the upkeep of the main website that much more complicated for future developers
Generally I´m not found of the idea that users get to uploading files, but it is not up to me.
Thanks for your input. I´m looking forward to hearing your opinions.
Servers have file quotas and bandwidths defined/allocated for them.
If you transfer your "less" used files to another server ,it will help your main server to improve its performance.
And also there wont be much maintenance headaches with the main server if all files are uploaded there.
Conclusion : It is a good idea.
Well, I guess most importantly, you will need a single sign-on (SSO) solution in place between the two web applications. I assume you don't want user A be able to read or delete files from user B.
SSO between 2 servers is a lot more complicated than for a single web application. Unless this site is only deployed in an intranet with a Active Directory domain controller in which case you can use Kerberos.
I'm not sure it's worth it just for the advantages you name.
Im just done with a cakephp website, but im still in a doubt on what are the things that I must take care of, before making this website live.
Since it is a big application that require users to Register and Login and to manage their accounts. Any sort of help is appreciated.
Thanx.
There is a section in the CakePHP book answering directly that:
http://book.cakephp.org/2.0/en/deployment.html
Harden instillation, set production mode if you are using different SQL services, disable php error reporting, enable caching, disable and remove all client side debugging like DebugKit, make sure any comments in your html will not give hackers an advantage like printing variables.
Php frameworks can be resource hogs. I think the last but most important is to test server with some generated traffic. There are services that can do this for you. You may need to separate resources or set up an additional server for SQL if you expect a lot of traffic.
There may be a couple other things you might want to do.. Just browse your core.php and bootstrap.php. Make sure everything is working is correctly for production environment.
Here are some common but important things to be taken care of before making cake website live.
Check for read/write permissions on desired folders.
Check for images,js files and css files you need on your website .
Check for writable temp folder and clear cache.
Set debug level to 0.
Make sure database connectivity works fine.
i don't know if this is the best approach, but here is it:
I've made a system in django and only want the users in a lab to be able to access it, so they can't go to other web pages(it's a program that the students can answer some tests).
I've read that doing the proxy stuff to limit the IP is very easily bypassed(since all the students from IT).
Them I read somewhere that you can create your own "Chrome" or firefox browser.
And it made me wander if I can make a browser that can only access one domain (in this case my project domain). This way it would be more invisible to the users what's going on.
But I can't find any good references to do this, and don't know if this is a complicated stuff.
Is it necessary to change the code of an existing browser? or can I just create a extension for it?
Why not do your test on a fixed private network where the only IP address that the connected machines can see is the one with the test. Any requests to external pages will fail because the Internet won't be reachable.
Editing a browser is possible, but is likely that it will be simulteniously excessive for what you want and insufficient to stop users from getting content that you don't want them to have.