The Shed is going Social! Join us on FaceBook and Twitter and chime in on the conversation.
|
 |
|
Dev Shed Forums
> Programming Languages - More
> ColdFusion Development
|
Anti-leech the server
Discuss Anti-leech the server in the ColdFusion Development forum on Dev Shed. Anti-leech the server ColdFusion Development forum discussing CFML coding practices, tips on CFML, and other CFML related topics. Find out why ColdFusion is the tool of choice for many e-commerce developers.
|
|
 |
|
|
|
|

Dev Shed Forums Sponsor:
|
|
|

February 14th, 2004, 07:43 PM
|
|
Contributing User
|
|
Join Date: Jul 2003
Location: Edison
Posts: 143
Time spent in forums: 45 m 54 sec
Reputation Power: 10
|
|
|
Anti-leech the server
how can i anti-leech the whole server, meaning only the sites i assign can access the server and if soeone try to access it directly or thru another site they will be redirected to another page, i searched for the solution everywhere but didnt find anything even close to it, atleast does anyone know how can i do it to a folder instead of the whole server, kinda like .htacess in linux.
by the way i have coldfusion on WIN XP server,
thanx guys
|

February 15th, 2004, 12:06 PM
|
|
Moderator
|
|
Join Date: Jun 2002
Location: Raleigh, NC
|
|
|
As I see it you have two options: application security or web server security.
Using IIS, you can right click on a web site and choose Directory Security. You can grant or deny access based on IP address or domain name of the requesting client.
Using CFMX, you could add code to the Application.cfm file that looks at the user's IP address (in the CGI scope) and if it is not one that you want to allow, you do a redirect or display an error message.
|

February 15th, 2004, 02:17 PM
|
|
Contributing User
|
|
Join Date: Jul 2003
Location: Edison
Posts: 143
Time spent in forums: 45 m 54 sec
Reputation Power: 10
|
|
what do u mean add a code to application cfm, because application.cfm is all
PHP Code:
Allaire Cold Fusion Template
Header Size: New Version.2+y,
&hqؤ8XɿP^qvN҇F'wIM1<D]6=ʕ
#=>eR:鼖/\w
|>7_jXOQ
that, i am new to cfml, so i am not sure what code exactly you are talking about.
does the code might be something like this
PHP Code:
<cfset directory = "path to directory">
<cfif CGI.HTTP_REFERER DOES NOT CONTAIN "http://www.domain.com/">
<cfparam name="url.file" default="">
<cflocation url="http://redirect url/">
<cfelse>
<cfheader name="Content-Disposition" value="inline; filename=#URLDecode(URL.file)#">
<cfcontent file="#Directory##URLDecode(URL.file)#" type="application/x-zip-compressed">
</cfif>
and i dont have IIS, my CFMX runs on the server that came with CFMX, can can you help me man
|

February 15th, 2004, 05:32 PM
|
|
Moderator
|
|
Join Date: Jun 2002
Location: Raleigh, NC
|
|
|
The code you showed is an encrypted CFML file. Are you saying you don't have access to the original code?
Yes, the CFML code you showed is similar to what I would envision to catch unauthorized IP addresses. Something like:
<cfset authorizedIPList = "173.387.905.21,958.585.484.949" />
<cfif not listFindNoCase( authorizedIPList, cgi.remote_addr )>
error message or cflocation
</cfif>
This assumes that you know the IP addresses that should be allowed in.
Finally, there is no Windows XP server. If you mean Windows XP Pro, it is really not meant to be a web server. If you mean Windows .NET Server then you are in better shape. Both of these have IIS available.
The internal web server that runs the standalone CFMX installation is meant for development only, and is not robust enough to use in a production environment. You should install it to run with IIS or Apache.
|

February 15th, 2004, 05:34 PM
|
|
Contributing User
|
|
Join Date: Jul 2003
Location: Edison
Posts: 143
Time spent in forums: 45 m 54 sec
Reputation Power: 10
|
|
|
the application.cfm came encrypted, is there anyway to decrypt it so that i can put the piece of code u game me
|

February 15th, 2004, 05:36 PM
|
|
Moderator
|
|
Join Date: Jun 2002
Location: Raleigh, NC
|
|
|
Not easily. Is there any way to get the original code? I have heard of some CFML decryptors but not sure if they really work.
|
Developer Shed Advertisers and Affiliates
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
Rate This Thread |
Linear Mode
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|