Re: [Zope] VHost logs.
mod_rewrite is your friend. You just make a Rule that redirects
anyone accessing your site on port 80 to port 443, something like
this:
VirtualHost 123.123.123.123
ServerName www.foobar.com
RewriteEngine on
RewriteRule ^/(.*)https://www.foobar.com/
/VirtualHost
I don't want to force ALL access to port 443, only certain sections of
the site which require authentication to access. I guess the above
still holds true (your correction in a later message is noted), I just
need to get more creative with my rewrite rules. Thanks for the tip.
FYI, in these situations I put bits I want to enforce SSL on in a
folder called secure, and then do mod_rewrite variations on
RewriteCond %{REQUEST_URI} ^/.*secure.*/
RewriteRule ^/(.*) https://www.foobar.com/$1
seb
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VHost logs.
Jason C. Leach wrote: hi, With Apache in front of zope, do you disable Medusa? No. Apache merely acts as a proxy server. Apache gets a request, passes the request on to Zope, Medusa/Zserver serves up the results back to Apache, which then hands them out to the original requester. And do you need to set both Apache and Zope to have the vhosts (do I need to set up a vhost twice?). In a manner of speaking, yes. That is, Apache needs to have correctly configured VirtualHost directives to handle the requests from the outside world appropriately, and Zope needs to have the SiteAccess product installed with correctly configured SiteRoots and access rules. It takes a little bit of time to figure out, but it works like a charm and is really quite simple, once you wrap your head around it. There's a great HOW-TO on this at http://www.zope.org/Members/anser/apache_zserver. Another benefit of this setup is that it can allow for both regular HTTP and SSL connections to all of your sites, so you can remotely access the manage screens without sending your passwords in the clear. A HOW-TO for this lives at http://www.zope.org/Members/unfo/apache_zserver_ssl. I still haven't figured out a clean way to make it impossible to access sensitive areas UNLESS you're using SSL, however. Anyone out there doing this? -rob On Wed, 29 Nov 2000, Rob Miller wrote: Jason C. Leach wrote: hi, Has anyone implemented there own logging for Virtual Sites? I was thinking in the site rules an External Method could be called, passed the Request obj, and from that generate logs for virtual sites. If anyone has done that, or knows of a better way I'd be interested in hearing it. I'm not exactly sure what your goal is... but if you're just trying to generate separate log files for each of your virtual sites, I'm accomplishing that by having my virtual sites proxied behind Apache (using SiteAccess and the ProxyPass directive) and specifying the log files for each VirtualHost in my httpd.conf file. You can control the contents of the logs using the LogFormat directive; I use the same format for all of my virtual hosts, but I think you can specify a different log format for each host if you desire. If you're trying to accomplish something else which requires you to handle the logging on the Zope side of things, then it seems to me that your idea would work, although I'd want to find out how my server performance would be affected... Hope this is useful for you, rob ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VHost logs.
In a manner of speaking, yes. That is, Apache needs to have correctly configured VirtualHost directives to handle the requests from the outside world appropriately, and Zope needs to have the SiteAccess product installed with correctly configured SiteRoots and access rules. It takes a little bit of time to figure out, but it works like a charm and is really quite simple, once you wrap your head around it. There's a great HOW-TO on this at http://www.zope.org/Members/anser/apache_zserver. I would also point you to http://www.apache.org/docs/vhosts/mass.html for more info on the apache side, particularly this bit: The main disadvantage is that you cannot have a different log file for each virtual host; however if you have very many virtual hosts then doing this is dubious anyway because it eats file descriptors. It is better to log to a pipe or a fifo and arrange for the process at the other end to distribute the logs to the customers (it can also accumulate statistics, etc.). Another benefit of this setup is that it can allow for both regular HTTP and SSL connections to all of your sites, so you can remotely access the manage screens without sending your passwords in the clear. A HOW-TO for this lives at http://www.zope.org/Members/unfo/apache_zserver_ssl. I still haven't figured out a clean way to make it impossible to access sensitive areas UNLESS you're using SSL, however. Anyone out there doing this? mod_rewrite is your friend. You just make a Rule that redirects anyone accessing your site on port 80 to port 443, something like this: VirtualHost 123.123.123.123 ServerName www.foobar.com RewriteEngine on RewriteRule ^/(.*)https://www.foobar.com/ /VirtualHost seb ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] VHost logs.
VirtualHost 123.123.123.123 ServerName www.foobar.com RewriteEngine on RewriteRule ^/(.*) https://www.foobar.com/ /VirtualHost of course i actually meant: VirtualHost 123.123.123.123 ServerName www.foobar.com RewriteEngine on RewriteRule ^/(.*) https://www.foobar.com/$1 /VirtualHost ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VHost logs.
seb bacon wrote: Rob Miller wrote: In a manner of speaking, yes. That is, Apache needs to have correctly configured VirtualHost directives to handle the requests from the outside world appropriately, and Zope needs to have the SiteAccess product installed with correctly configured SiteRoots and access rules. It takes a little bit of time to figure out, but it works like a charm and is really quite simple, once you wrap your head around it. There's a great HOW-TO on this at http://www.zope.org/Members/anser/apache_zserver. I would also point you to http://www.apache.org/docs/vhosts/mass.html for more info on the apache side, particularly this bit: The main disadvantage is that you cannot have a different log file for each virtual host; however if you have very many virtual hosts then doing this is dubious anyway because it eats file descriptors. It is better to log to a pipe or a fifo and arrange for the process at the other end to distribute the logs to the customers (it can also accumulate statistics, etc.). This document refers to handling situations where you have a very large number of virtual hosts and don't want a separate VirtualHost directive for each one (because they're all very similar). This is not my case, but it could be the original poster's. You certainly CAN log to different log files if you have a VirtualHost directive for each host; I'm doing so. Another benefit of this setup is that it can allow for both regular HTTP and SSL connections to all of your sites, so you can remotely access the manage screens without sending your passwords in the clear. A HOW-TO for this lives at http://www.zope.org/Members/unfo/apache_zserver_ssl. I still haven't figured out a clean way to make it impossible to access sensitive areas UNLESS you're using SSL, however. Anyone out there doing this? mod_rewrite is your friend. You just make a Rule that redirects anyone accessing your site on port 80 to port 443, something like this: VirtualHost 123.123.123.123 ServerName www.foobar.com RewriteEngine on RewriteRule ^/(.*) https://www.foobar.com/ /VirtualHost I don't want to force ALL access to port 443, only certain sections of the site which require authentication to access. I guess the above still holds true (your correction in a later message is noted), I just need to get more creative with my rewrite rules. Thanks for the tip. -rob ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VHost logs.
Jason C. Leach wrote: hi, Has anyone implemented there own logging for Virtual Sites? I was thinking in the site rules an External Method could be called, passed the Request obj, and from that generate logs for virtual sites. If anyone has done that, or knows of a better way I'd be interested in hearing it. I'm not exactly sure what your goal is... but if you're just trying to generate separate log files for each of your virtual sites, I'm accomplishing that by having my virtual sites proxied behind Apache (using SiteAccess and the ProxyPass directive) and specifying the log files for each VirtualHost in my httpd.conf file. You can control the contents of the logs using the LogFormat directive; I use the same format for all of my virtual hosts, but I think you can specify a different log format for each host if you desire. If you're trying to accomplish something else which requires you to handle the logging on the Zope side of things, then it seems to me that your idea would work, although I'd want to find out how my server performance would be affected... Hope this is useful for you, rob ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VHost logs.
Jason C. Leach wrote: hi, Has anyone implemented there own logging for Virtual Sites? I was thinking in the site rules an External Method could be called, passed the Request obj, and from that generate logs for virtual sites. If anyone has done that, or knows of a better way I'd be interested in hearing it. I'm not exactly sure what your goal is... but if you're just trying to generate separate log files for each of your virtual sites, I'm accomplishing that by having my virtual sites proxied behind Apache (using SiteAccess and the ProxyPass directive) and specifying the log files for each VirtualHost in my httpd.conf file. You can control the contents of the logs using the LogFormat directive; I use the same format for all of my virtual hosts, but I think you can specify a different log format for each host if you desire. If you're trying to accomplish something else which requires you to handle the logging on the Zope side of things, then it seems to me that your idea would work, although I'd want to find out how my server performance would be affected... I also would prefer to split the log via regexp-filters just before doing statistics or rotating (ie. not in zope). A pure logfile doesn't reveal useful informations anyway without some processing. Related question: Is there away to stop zope's logging, as apache as proxy logs fine for me? cheers, oliver ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
