#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Location
    Edison
    Posts
    143
    Rep Power
    12

    Anti-leech the server


    how can i anti-leech the whole server, meaning only the sites i assign can access the server and if soeone try to access it directly or thru another site they will be redirected to another page, i searched for the solution everywhere but didnt find anything even close to it, atleast does anyone know how can i do it to a folder instead of the whole server, kinda like .htacess in linux.

    by the way i have coldfusion on WIN XP server,

    thanx guys
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,263
    Rep Power
    968
    As I see it you have two options: application security or web server security.

    Using IIS, you can right click on a web site and choose Directory Security. You can grant or deny access based on IP address or domain name of the requesting client.

    Using CFMX, you could add code to the Application.cfm file that looks at the user's IP address (in the CGI scope) and if it is not one that you want to allow, you do a redirect or display an error message.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Location
    Edison
    Posts
    143
    Rep Power
    12
    what do u mean add a code to application cfm, because application.cfm is all

    PHP Code:
    Allaire Cold Fusion Template
    Header Size
    : New Version.2+y,
    &hqؤ8XɿP^qvN҇F'wIM1<D]6=ʕ
    #=“>eR:鼖/\w
    |>7_jXOQ 

    that, i am new to cfml, so i am not sure what code exactly you are talking about.

    does the code might be something like this
    PHP Code:
    <cfset directory "path to directory">
    <
    cfif CGI.HTTP_REFERER DOES NOT CONTAIN "http://www.domain.com/">
    <
    cfparam name="url.file" default="">
    <
    cflocation url="http://redirect url/">
    <
    cfelse>
    <
    cfheader name="Content-Disposition" value="inline; filename=#URLDecode(URL.file)#">
    <
    cfcontent file="#Directory##URLDecode(URL.file)#" type="application/x-zip-compressed">
    </
    cfif
    and i dont have IIS, my CFMX runs on the server that came with CFMX, can can you help me man
  6. #4
  7. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,263
    Rep Power
    968
    The code you showed is an encrypted CFML file. Are you saying you don't have access to the original code?

    Yes, the CFML code you showed is similar to what I would envision to catch unauthorized IP addresses. Something like:

    <cfset authorizedIPList = "173.387.905.21,958.585.484.949" />

    <cfif not listFindNoCase( authorizedIPList, cgi.remote_addr )>
    error message or cflocation
    </cfif>

    This assumes that you know the IP addresses that should be allowed in.

    Finally, there is no Windows XP server. If you mean Windows XP Pro, it is really not meant to be a web server. If you mean Windows .NET Server then you are in better shape. Both of these have IIS available.

    The internal web server that runs the standalone CFMX installation is meant for development only, and is not robust enough to use in a production environment. You should install it to run with IIS or Apache.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jul 2003
    Location
    Edison
    Posts
    143
    Rep Power
    12
    the application.cfm came encrypted, is there anyway to decrypt it so that i can put the piece of code u game me
  10. #6
  11. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,263
    Rep Power
    968
    Not easily. Is there any way to get the original code? I have heard of some CFML decryptors but not sure if they really work.

Similar Threads

  1. htaccess anti leech help
    By jaccinc in forum Scripts
    Replies: 2
    Last Post: October 7th, 2008, 06:11 PM
  2. Website Database Basics With PHP and MySQL
    By guest in forum Development Articles
    Replies: 302
    Last Post: November 12th, 2003, 07:22 PM
  3. Xawtv black picture
    By xyfix in forum Linux Help
    Replies: 10
    Last Post: October 14th, 2003, 12:40 PM
  4. Replies: 0
    Last Post: January 24th, 2003, 10:50 AM
  5. weblogic apache bridge config
    By kalpana in forum Apache Development
    Replies: 0
    Last Post: December 7th, 2000, 12:58 PM

IMN logo majestic logo threadwatch logo seochat tools logo