Re: [WebDNA] Webcatalog folder missing on a Windows Server

This WebDNA talk-list message is from

2017

It keeps the original formatting. numero = 113544
interpreted = N
texte = 1139--Apple-Mail=_6D7BCC41-0EDC-4468-BF5D-6D9DA81AFA01Content-Transfer-Encoding: quoted-printableContent-Type: text/plain;charset=us-asciiI'm not sure if this is the same on Windows, but the admin folder is =actually in the WebCatalogEngine folder on linux. So on linux you would =access http://yourserver/cgi-bin/WebCatalogEngine/Admin/ = =20You may experiment with the Windows server equivalent of that URL and =find all the stuff you're looking for.MD> On Apr 11, 2017, at 6:31 PM, Kenneth Grome =wrote:>=20> I tested this and was able to make it work. I reset my workstation's =apache config to pretty close to stock, and installed WebDNA Server =8.5.1 with the Ubuntu 14 installer. I put this right in the apache =config's virtual host:>=20> RewriteEngine On> RewriteCond %{HTTPS} off> RewriteRule "^/cgi-bin/WebCatalogEngine/Admin/" https://% ={HTTP_HOST}%{REQUEST_URI} [L,R=3D301,NC]>=20> I ran quite a few tests and it worked as expected. Hopefully that =looks good, please let me know if there are any problems.>=20> - chris>=20>=20>> On Mar 31, 2017, at 06:38, Jan Huijsmans > wrote:>>=20>> I've been trying this for ages, didn't work on the cgi-bin dir, as =that's a special case in apache. The /WebCatalog dir is easy to rewrite =(but did a redirect in apache config, as that's where the admins have =control, not the content writer), /cgi-bin/WebCatalog/Engine/Admin =refuses to be rewritten.>>=20>> I'm hoping the WebDNA specific code will rewrite correctly..>>=20>>> On March 29, 2017 at 10:27 PM Stuart Tremain > wrote:>>>=20>>> Or something as simple as adding>>>=20>>> RewriteCond %{SERVER_PORT} 80=20>>> RewriteRule ^(.*)$ https://yoursecureddomain.com/$1 = [R,L]>>>=20>>> To .htaccess>>>=20>>>=20>>> Kind regards>>>=20>>> Stuart Tremain>>> Pharoah Lane Software>>> AUSTRALIA>>> webdna@idfk.com.au >>>=20>>>=20>>>=20>>>=20>>>=20>>>=20>>>> On 30 Mar 2017, at 05:04, Michael Davis > wrote:>>>>=20>>>> If you want to lock down your Admin templates, and any template on =the server that is using plain http auth in the clear with the [protect] =tag, add this line to the top of your MultiGroupChecker:>>>>=20>>>> [showif [thisport]!443][redirect https://[GetMIMEHeader = HTTP_HOST][ThisURL]][/showif]>>>>=20>>>> Not sure at what version [thisport] was added, so you'll have to =test with your version.>>>>=20>>>> This will redirect every [protect]-ed page on your server that is =not listening on port 443. So you'll need to assess whether this will =break any web sites you are serving. If you're not comfortable putting =this kind of blanket over the [protect] tag globally, you can always add =a qualifier:>>>>=20>>>> [if =("[thisport]"!"443")&("[ThisURL]"^"/WebCatalogEngine/")][then][redirect =https://MySecureDomainUsedToAccessWebCatalog[ThisURL]][/then][/if =]>>>>=20>>>>=20>>>> MD>>>>> On Mar 27, 2017, at 1:52 AM, Jan Huijsmans => =wrote:>>>>>=20>>>>> Hi,>>>>>=20>>>>> Ok, we managed to secure /WebCatalog/ dir with a permanent =redirect to https, but the Admin dir itself is placed in cgi-bin dir, =which has a special status and can't be handled in the same way. (other =then redirecting the complete cgi-bin dir)>>>>>=20>>>>> To be honest, I'm surprised that the application itself doesn't do =anything to improve security, other then username/password over an =unencrypted link. Personally I'm glad we can contain WebDNA in virtual 1 =server. I wouldn't want to provide services for several customers on 1 =server with it. It shows it's age.>>>>>=20>>>>>> On March 9, 2017 at 2:46 PM Jan Huijsmans => =wrote:>>>>>>=20>>>>>> Hi,>>>>>>=20>>>>>> With all the help, the environment we're setting up is running as =I (and more importantly, the customer) expect it to.>>>>>>=20>>>>>> Is there an official way to secure the admin interface within =WebDNA so connects are only accepted on https? We're trying to add a =rewrite via apache config for the WebCatalogEngine/Admin dir, but =somehow it feels as the wrong way to secure the admin interface.=20>>>>>>=20>>>>>> Vriendelijke groet,>>>>>>=20>=20>=20>=20>=20> --------------------------------------------------------- This message =is sent to you because you are subscribed to the mailing list . To =unsubscribe, E-mail to: archives: =http://mail.webdna.us/list/talk@webdna.us = Bug Reporting: =support@webdna.us --Apple-Mail=_6D7BCC41-0EDC-4468-BF5D-6D9DA81AFA01Content-Transfer-Encoding: quoted-printableContent-Type: text/html;charset=us-asciiI'm not sure if this is the same on Windows, but the admin =folder is actually in the WebCatalogEngine folder on linux. So on =linux you would access http://yourserver/cgi-bin/WebCatalogEngine/Admin/ =

You may experiment with the Windows =server equivalent of that URL and find all the stuff you're looking =for.

On Apr 11, 2017, at 6:31 PM, =Kenneth Grome <ken@webdnasolutions.com> wrote:

I tested this and was able to =make it work. I reset my workstation's apache config to pretty close to =stock, and installed WebDNA Server 8.5.1 with the Ubuntu 14 installer. I =put this right in the apache config's virtual host:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ="^/cgi-bin/WebCatalogEngine/Admin/" https://%{HTTP_HOST}%{REQUEST_URI} =[L,R=3D301,NC]

I ran quite a few tests and it =worked as expected. Hopefully that looks good, please let me know if =there are any problems.

- chris

On Mar =31, 2017, at 06:38, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

I've been =trying this for ages, didn't work on the cgi-bin dir, as that's a =special case in apache. The /WebCatalog dir is easy to rewrite (but did =a redirect in apache config, as that's where the admins have control, =not the content writer), /cgi-bin/WebCatalog/Engine/Admin refuses to be =rewritten.
I'm hoping the WebDNA specific code =will rewrite correctly..
On =March 29, 2017 at 10:27 PM Stuart Tremain <webdna@idfk.com.au> =wrote:

Or something as simple as adding

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://yoursecureddomain.com/$1 [R,L]

To .htaccess

Kind regards

Stuart Tremain
Pharoah Lane Software
AUSTRALIA
webdna@idfk.com.au

On 30 Mar 2017, at 05:04, Michael Davis <admin@network13.net>= wrote:

If you want =to lock down your Admin templates, and any template on the server that =is using plain http auth in the clear with the [protect] tag, add this =line to the top of your MultiGroupChecker:

[showif =[thisport]!443][redirect https://[GetMIMEHeader HTTP_HOST][ThisURL]][/showif]=

Not sure at =what version [thisport] was added, so you'll have to test with your =version.

This =will redirect every [protect]-ed page on your server that is not =listening on port 443. So you'll need to assess whether this will =break any web sites you are serving. If you're not comfortable =putting this kind of blanket over the [protect] tag globally, you can =always add a qualifier:

[if =("[thisport]"!"443")&("[ThisURL]"^"/WebCatalogEngine/")][then][redirec=t https://MySecureDomainUsedToAccessWebCatalog[ThisURL]][/then][/=if]

MD
On Mar =27, 2017, at 1:52 AM, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

Hi,
Ok, we managed to secure =/WebCatalog/ dir with a permanent redirect to https, but the Admin dir =itself is placed in cgi-bin dir, which has a special status and can't be =handled in the same way. (other then redirecting the complete cgi-bin =dir)
To be =honest, I'm surprised that the application itself doesn't do anything to =improve security, other then username/password over an unencrypted link. =Personally I'm glad we can contain WebDNA in virtual 1 server. I =wouldn't want to provide services for several customers on 1 server with =it. It shows it's age.
On March =9, 2017 at 2:46 PM Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

Hi,
With all the help, the =environment we're setting up is running as I (and more importantly, the =customer) expect it to.
Is there an official way to =secure the admin interface within WebDNA so connects are only accepted =on https? We're trying to add a rewrite via apache config for the =WebCatalogEngine/Admin dir, but somehow it feels as the wrong way to =secure the admin interface.
Vriendelijke groet,

--------------------------------------------------------- =This message is sent to you because you are subscribed to the mailing =list . =To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us

=---------------------------------------------------------This message is sent to you because you are subscribed tothe mailing list .To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.usBug Reporting: support@webdna.us--Apple-Mail=_6D7BCC41-0EDC-4468-BF5D-6D9DA81AFA01--. Associated Messages, from the most recent to the oldest:

Re: [WebDNA] Webcatalog folder missing on a Windows Server (Rich Kwas 2017)
Re: [WebDNA] Webcatalog folder missing on a Windows Server (Michael Davis 2017)
Re: [WebDNA] Webcatalog folder missing on a Windows Server (Kenneth Grome 2017)
[WebDNA] Webcatalog folder missing on a Windows Server installation. (Richard Kwasniewski 2017)

1139--Apple-Mail=_6D7BCC41-0EDC-4468-BF5D-6D9DA81AFA01Content-Transfer-Encoding: quoted-printableContent-Type: text/plain;charset=us-asciiI'm not sure if this is the same on Windows, but the admin folder is =actually in the WebCatalogEngine folder on linux. So on linux you would =access http://yourserver/cgi-bin/WebCatalogEngine/Admin/ = =20You may experiment with the Windows server equivalent of that URL and =find all the stuff you're looking for.MD> On Apr 11, 2017, at 6:31 PM, Kenneth Grome =wrote:>=20> I tested this and was able to make it work. I reset my workstation's =apache config to pretty close to stock, and installed WebDNA Server =8.5.1 with the Ubuntu 14 installer. I put this right in the apache =config's virtual host:>=20> RewriteEngine On> RewriteCond %{HTTPS} off> RewriteRule "^/cgi-bin/WebCatalogEngine/Admin/" https://% ={HTTP_HOST}%{REQUEST_URI} [L,R=3D301,NC]>=20> I ran quite a few tests and it worked as expected. Hopefully that =looks good, please let me know if there are any problems.>=20> - chris>=20>=20>> On Mar 31, 2017, at 06:38, Jan Huijsmans > wrote:>>=20>> I've been trying this for ages, didn't work on the cgi-bin dir, as =that's a special case in apache. The /WebCatalog dir is easy to rewrite =(but did a redirect in apache config, as that's where the admins have =control, not the content writer), /cgi-bin/WebCatalog/Engine/Admin =refuses to be rewritten.>>=20>> I'm hoping the WebDNA specific code will rewrite correctly..>>=20>>> On March 29, 2017 at 10:27 PM Stuart Tremain > wrote:>>>=20>>> Or something as simple as adding>>>=20>>> RewriteCond %{SERVER_PORT} 80=20>>> RewriteRule ^(.*)$ https://yoursecureddomain.com/$1 = [R,L]>>>=20>>> To .htaccess>>>=20>>>=20>>> Kind regards>>>=20>>> Stuart Tremain>>> Pharoah Lane Software>>> AUSTRALIA>>> webdna@idfk.com.au >>>=20>>>=20>>>=20>>>=20>>>=20>>>=20>>>> On 30 Mar 2017, at 05:04, Michael Davis > wrote:>>>>=20>>>> If you want to lock down your Admin templates, and any template on =the server that is using plain http auth in the clear with the [protect] =tag, add this line to the top of your MultiGroupChecker:>>>>=20>>>> [showif [thisport]!443][redirect https://[GetMIMEHeader = HTTP_HOST][thisurl]][/showif]>>>>=20>>>> Not sure at what version [thisport] was added, so you'll have to =test with your version.>>>>=20>>>> This will redirect every [protect]-ed page on your server that is =not listening on port 443. So you'll need to assess whether this will =break any web sites you are serving. If you're not comfortable putting =this kind of blanket over the [protect] tag globally, you can always add =a qualifier:>>>>=20>>>> [if =("[thisport]"!"443")&("[thisurl]"^"/WebCatalogEngine/")][then][redirect =https://MySecureDomainUsedToAccessWebCatalog[thisurl]][/then][/if =[thisurl]][/then][/if>]>>>>=20>>>>=20>>>> MD>>>>> On Mar 27, 2017, at 1:52 AM, Jan Huijsmans => =wrote:>>>>>=20>>>>> Hi,>>>>>=20>>>>> Ok, we managed to secure /WebCatalog/ dir with a permanent =redirect to https, but the Admin dir itself is placed in cgi-bin dir, =which has a special status and can't be handled in the same way. (other =then redirecting the complete cgi-bin dir)>>>>>=20>>>>> To be honest, I'm surprised that the application itself doesn't do =anything to improve security, other then username/password over an =unencrypted link. Personally I'm glad we can contain WebDNA in virtual 1 =server. I wouldn't want to provide services for several customers on 1 =server with it. It shows it's age.>>>>>=20>>>>>> On March 9, 2017 at 2:46 PM Jan Huijsmans => =wrote:>>>>>>=20>>>>>> Hi,>>>>>>=20>>>>>> With all the help, the environment we're setting up is running as =I (and more importantly, the customer) expect it to.>>>>>>=20>>>>>> Is there an official way to secure the admin interface within =WebDNA so connects are only accepted on https? We're trying to add a =rewrite via apache config for the WebCatalogEngine/Admin dir, but =somehow it feels as the wrong way to secure the admin interface.=20>>>>>>=20>>>>>> Vriendelijke groet,>>>>>>=20>=20>=20>=20>=20> --------------------------------------------------------- This message =is sent to you because you are subscribed to the mailing list . To =unsubscribe, E-mail to: archives: =http://mail.webdna.us/list/talk@webdna.us = Bug Reporting: =support@webdna.us --Apple-Mail=_6D7BCC41-0EDC-4468-BF5D-6D9DA81AFA01Content-Transfer-Encoding: quoted-printableContent-Type: text/html;charset=us-asciiI'm not sure if this is the same on Windows, but the admin =folder is actually in the WebCatalogEngine folder on linux. So on =linux you would access http://yourserver/cgi-bin/WebCatalogEngine/Admin/ =

You may experiment with the Windows =server equivalent of that URL and find all the stuff you're looking =for.

On Apr 11, 2017, at 6:31 PM, =Kenneth Grome <ken@webdnasolutions.com> wrote:

I tested this and was able to =make it work. I reset my workstation's apache config to pretty close to =stock, and installed WebDNA Server 8.5.1 with the Ubuntu 14 installer. I =put this right in the apache config's virtual host:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ="^/cgi-bin/WebCatalogEngine/Admin/" https://%{HTTP_HOST}%{REQUEST_URI} =[L,R=3D301,NC]

I ran quite a few tests and it =worked as expected. Hopefully that looks good, please let me know if =there are any problems.

- chris

On Mar =31, 2017, at 06:38, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

I've been =trying this for ages, didn't work on the cgi-bin dir, as that's a =special case in apache. The /WebCatalog dir is easy to rewrite (but did =a redirect in apache config, as that's where the admins have control, =not the content writer), /cgi-bin/WebCatalog/Engine/Admin refuses to be =rewritten.
I'm hoping the WebDNA specific code =will rewrite correctly..
On =March 29, 2017 at 10:27 PM Stuart Tremain <webdna@idfk.com.au> =wrote:

Or something as simple as adding

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://yoursecureddomain.com/$1 [R,L]

To .htaccess

Kind regards

Stuart Tremain
Pharoah Lane Software
AUSTRALIA
webdna@idfk.com.au

On 30 Mar 2017, at 05:04, Michael Davis <admin@network13.net>= wrote:

If you want =to lock down your Admin templates, and any template on the server that =is using plain http auth in the clear with the [protect] tag, add this =line to the top of your MultiGroupChecker:

[showif =[thisport]!443][redirect https://[GetMIMEHeader HTTP_HOST][thisurl]][/showif]=

Not sure at =what version [thisport] was added, so you'll have to test with your =version.

This =will redirect every [protect]-ed page on your server that is not =listening on port 443. So you'll need to assess whether this will =break any web sites you are serving. If you're not comfortable =putting this kind of blanket over the [protect] tag globally, you can =always add a qualifier:

[if =("[thisport]"!"443")&("[thisurl]"^"/WebCatalogEngine/")][then][redirec=t [thisurl]][/then][/if"= =class=3D"">https://MySecureDomainUsedToAccessWebCatalog[thisurl]][/then][/=if]

MD
On Mar =27, 2017, at 1:52 AM, Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

Hi,
Ok, we managed to secure =/WebCatalog/ dir with a permanent redirect to https, but the Admin dir =itself is placed in cgi-bin dir, which has a special status and can't be =handled in the same way. (other then redirecting the complete cgi-bin =dir)
To be =honest, I'm surprised that the application itself doesn't do anything to =improve security, other then username/password over an unencrypted link. =Personally I'm glad we can contain WebDNA in virtual 1 server. I =wouldn't want to provide services for several customers on 1 server with =it. It shows it's age.
On March =9, 2017 at 2:46 PM Jan Huijsmans <jan.huijsmans@baruch-ict.nl> wrote:

Hi,
With all the help, the =environment we're setting up is running as I (and more importantly, the =customer) expect it to.
Is there an official way to =secure the admin interface within WebDNA so connects are only accepted =on https? We're trying to add a rewrite via apache config for the =WebCatalogEngine/Admin dir, but somehow it feels as the wrong way to =secure the admin interface.
Vriendelijke groet,

--------------------------------------------------------- =This message is sent to you because you are subscribed to the mailing =list . =To unsubscribe, E-mail to: archives: http://mail.webdna.us/list/talk@webdna.us Bug Reporting: support@webdna.us

DOWNLOAD WEBDNA NOW!

Re: [WebDNA] Webcatalog folder missing on a Windows Server

2017

Top Articles:

Related Readings: