ColdFusion Development
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsProgramming Languages - MoreColdFusion Development

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Thread Tools Search this Thread Rate Thread Display Modes
  #1  
Old February 14th, 2004, 07:43 PM
CHIngs CHIngs is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jul 2003
Location: Edison
Posts: 143 CHIngs User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 45 m 54 sec
Reputation Power: 5
Send a message via ICQ to CHIngs Send a message via AIM to CHIngs Send a message via Yahoo to CHIngs
Anti-leech the server

how can i anti-leech the whole server, meaning only the sites i assign can access the server and if soeone try to access it directly or thru another site they will be redirected to another page, i searched for the solution everywhere but didnt find anything even close to it, atleast does anyone know how can i do it to a folder instead of the whole server, kinda like .htacess in linux.

by the way i have coldfusion on WIN XP server,

thanx guys

Reply With Quote
  #2  
Old February 15th, 2004, 12:06 PM
kiteless kiteless is offline
Moderator
Dev Shed Loyal (3000 - 3499 posts)
 
Join Date: Jun 2002
Location: Raleigh, NC
Posts: 3,480 kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level) 
Time spent in forums: 1 Week 3 Days 17 h 33 m 17 sec
Reputation Power: 42
As I see it you have two options: application security or web server security.

Using IIS, you can right click on a web site and choose Directory Security. You can grant or deny access based on IP address or domain name of the requesting client.

Using CFMX, you could add code to the Application.cfm file that looks at the user's IP address (in the CGI scope) and if it is not one that you want to allow, you do a redirect or display an error message.

Reply With Quote
  #3  
Old February 15th, 2004, 02:17 PM
CHIngs CHIngs is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jul 2003
Location: Edison
Posts: 143 CHIngs User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 45 m 54 sec
Reputation Power: 5
Send a message via ICQ to CHIngs Send a message via AIM to CHIngs Send a message via Yahoo to CHIngs
what do u mean add a code to application cfm, because application.cfm is all

PHP Code:
 Allaire Cold Fusion Template
Header Size
: New Version.2+y,
&hqؤ8XɿP^qvN҇F'wIM1<D]6=ʕ
#=“>eR:鼖/\w
|>7_jXOQ 



that, i am new to cfml, so i am not sure what code exactly you are talking about.

does the code might be something like this
PHP Code:
<cfset directory "path to directory">
<
cfif CGI.HTTP_REFERER DOES NOT CONTAIN "http://www.domain.com/">
<
cfparam name="url.file" default="">
<
cflocation url="http://redirect url/">
<
cfelse>
<
cfheader name="Content-Disposition" value="inline; filename=#URLDecode(URL.file)#">
<
cfcontent file="#Directory##URLDecode(URL.file)#" type="application/x-zip-compressed">
</
cfif


and i dont have IIS, my CFMX runs on the server that came with CFMX, can can you help me man

Reply With Quote
  #4  
Old February 15th, 2004, 05:32 PM
kiteless kiteless is offline
Moderator
Dev Shed Loyal (3000 - 3499 posts)
 
Join Date: Jun 2002
Location: Raleigh, NC
Posts: 3,480 kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level) 
Time spent in forums: 1 Week 3 Days 17 h 33 m 17 sec
Reputation Power: 42
The code you showed is an encrypted CFML file. Are you saying you don't have access to the original code?

Yes, the CFML code you showed is similar to what I would envision to catch unauthorized IP addresses. Something like:

<cfset authorizedIPList = "173.387.905.21,958.585.484.949" />

<cfif not listFindNoCase( authorizedIPList, cgi.remote_addr )>
error message or cflocation
</cfif>

This assumes that you know the IP addresses that should be allowed in.

Finally, there is no Windows XP server. If you mean Windows XP Pro, it is really not meant to be a web server. If you mean Windows .NET Server then you are in better shape. Both of these have IIS available.

The internal web server that runs the standalone CFMX installation is meant for development only, and is not robust enough to use in a production environment. You should install it to run with IIS or Apache.

Reply With Quote
  #5  
Old February 15th, 2004, 05:34 PM
CHIngs CHIngs is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
 
Join Date: Jul 2003
Location: Edison
Posts: 143 CHIngs User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 45 m 54 sec
Reputation Power: 5
Send a message via ICQ to CHIngs Send a message via AIM to CHIngs Send a message via Yahoo to CHIngs
the application.cfm came encrypted, is there anyway to decrypt it so that i can put the piece of code u game me

Reply With Quote
  #6  
Old February 15th, 2004, 05:36 PM
kiteless kiteless is offline
Moderator
Dev Shed Loyal (3000 - 3499 posts)
 
Join Date: Jun 2002
Location: Raleigh, NC
Posts: 3,480 kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level)kiteless User rank is Sergeant Major (2000 - 5000 Reputation Level) 
Time spent in forums: 1 Week 3 Days 17 h 33 m 17 sec
Reputation Power: 42
Not easily. Is there any way to get the original code? I have heard of some CFML decryptors but not sure if they really work.

Reply With Quote
Reply

Viewing: Dev Shed ForumsProgramming Languages - MoreColdFusion Development > Anti-leech the server


Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump

 Free IT White Papers!
 
Accelerating Trading Partner Performance
One in five. That's how many partner transactions have at least one error. That is an amazing statistic, particularly given the extraordinary leaps in innovation across the global supply chain during the past two decades. Download this white paper to learn more.

 
Competing on Analytics
This Tech Analysis is designed to help identify characteristics shared by analytics competitors, and includes information about 32 organizations that have made a commitment to quantitative, fact-based analysis.

 
Cost Effective Scaling with Virtualization and Coyote Point Systems
An overview of the industry trend toward virtualization, how server consolidation has increased the importance of application uptime and the steps being taken to integrate load balancing technology with virtualized servers.

 
Five Checkpoints to Implementing IP Telephony
Implementation planning for IP PBX software and IP telephony has become vital as businesses replace discontinued legacy PBX phone systems. This informative whitepaper outlines five "checkpoints" for any implementation plan that will help make IP communications a successful proposition.

 
Hosted Email Security: Staying Ahead of New Threats
In the last two years, email has become a fierce battleground between the nefarious forces of spam and malware, and the heroes of messaging protection. The spam volumes increased alarmingly every month, bringing clever new forms of phishing and virus propagation attacks.

 

Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 2 hosted by Hostway