Rob, I have my own linux servers and the control panel software i use creates new vhost accounts with the webroot (public_html) as a sub directory of the users home directory. i think thats a fairly common setup but may differ, especially on windows.
If your host provides a way to set permissions (via .htaccess or the iis equivalent) on the directories then thats probably all you need. It may be worth moving everything you want to secure into a single directory in the webroot and then per-app-mapping them, then you only have one directory to secure. 2009/8/20 Sir Rawlins <[email protected]> > > Ok, speaking with the hosts support desk they don't allow access above > the webroot however they do allow me to full permissions control over > directories in the webroot which they said should allow me to make > them web-inaccessible which keeps them safe. > > We'll see how that goes. > > Rob > > On 20 Aug, 16:40, Sir Rawlins <[email protected]> > wrote: > > Hello Chris, > > > > I'm not sure if the host supports access to files outside of the > > webroot or not, I was working on the assumption that they didn't but > > if you're working with one who does then perhaps I'll do a little more > > research into the accounts we've been looking at. > > > > Cheers mate, > > > > Rob > > > > On 20 Aug, 16:15, Chris Blackwell <[email protected]> wrote: > > > > > > > > > does your shared hosting account give you access to any directory above > the > > > webroot? If it does you can move your framework and config files up a > level, > > > this is how i setup my MG apps > > > ftp root > > > - public_html / wwwroot > > > - frameworks > > > - ModelGlue > > > - Reactor > > > - coldspring > > > - application > > > - config > > > - views > > > - model > > > - etc.. > > > > > you can then per-app-map each of those directories, and with a few > changes > > > to paths, mainly in your index.cfm (using expandpath("/../")) it'll all > > > work. > > > > > chris > > > > > 2009/8/20 Sir Rawlins <[email protected]> > > > > > > Hello Dan, > > > > > > Thanks for your advice on this, sorry for the late reply, I've been > > > > away for the past few days. > > > > > > I've made this change to my xml files and appended all the paths > > > > within my coldspring XML file to point to the new .xml.cfm paths > > > > however it doesn't seem very happy creating Transfer like this: > > > > > > <!-- ORM Adapter Configuration --> > > > > <!-- Create the Transfer Alias objects. --> > > > > <alias alias="ormAdapter" name="ormAdapter.Transfer" /> > > > > <alias alias="ormService" name="ormService.Transfer" /> > > > > > > <!-- Create the transfer configuration object --> > > > > <bean id="transferConfiguration" > > > > class="transfer.com.config.Configuration"> > > > > <constructor-arg > > > > name="datasourcePath"><value>/config/transfer/ > > > > Datasource.xml.cfm</value></constructor-arg> > > > > <constructor-arg > name="configPath"><value>/config/transfer/ > > > > Transfer.xml.cfm</value></constructor-arg> > > > > <constructor-arg > > > > name="definitionPath"><value>/model/data/transfer</ > > > > value></constructor-arg> > > > > </bean> > > > > > > And the exception which gets thrown looks like so: > > > > > > "Bean creation exception during init() of transfer.TransferFactory > > > > > > An error occured while Parsing an XML document.:The processing > > > > instruction target matching "[xX][mM][lL]" is not allowed." > > > > > > Any ideas what this might be about? > > > > > > Another questions I wanted to ask, is it deemed a security risk > having > > > > the /ColdSpring /Transfer /ModelGlue directories in the webroot? > > > > should I be looking to rename these with some strange paths and then > > > > use a per-app mapping to them? or are they safe to keep as they are? > > > > > > Cheers, > > > > > > Rob > > > > > > On 12 Aug, 18:43, Dan Wilson <[email protected]> wrote: > > > > > Many people rename all their .xml config files to xml.cfm and put a > > > > comment > > > > > near the top with a CFAbort. > > > > > <!-- <cfabort /> --> > > > > > > > Like that. > > > > > > > DW > > > > > > > On Wed, Aug 12, 2009 at 12:30 PM, Sir Rawlins < > > > > > > > [email protected]> wrote: > > > > > > > > Hello Guys, > > > > > > > > I've got a small MG/CS/Transfer based project which I've been > putting > > > > > > together for a friend, pretty much done with things now and we're > > > > > > going to be sticking them up on a bit of shared hosting space > over the > > > > > > next week or two. > > > > > > > > I've done all the usual checks with the host to ensure that the > > > > > > frameworks will run on their space, they don't limit the use of > cffile > > > > > > or any of those tags so we should be good to go. > > > > > > > > I'm looking for your advice on how to secure my installation on a > > > > > > shared hosing account as all files are effectively going to be in > the > > > > > > webroot. I'd imagine that masking the XML files as a somehow is > pretty > > > > > > much top of the list, should I also be giving the framework > folders > > > > > > random character names and then use per-app mappings to refer to > them? > > > > > > > > I'd appreciate your thoughts on this. > > > > > > > > Rob > > > > > > > -- > > > > > “Come to the edge, he said. They said: We are afraid. Come to the > edge, > > > > he > > > > > said. They came. He pushed them and they flew.” > > > > > > > Guillaume Apollinaire quotes > > > --~--~---------~--~----~------------~-------~--~----~ Model-Glue Sites: Home Page: http://www.model-glue.com Documentation: http://docs.model-glue.com Bug Tracker: http://bugs.model-glue.com Blog: http://www.model-glue.com/blog You received this message because you are subscribed to the Google Groups "model-glue" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/model-glue?hl=en -~----------~----~----~----~------~----~------~--~---
