Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
i tried to block countries nginx.conf with below codes:
geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allow_visit {
default yes;
RU no;
}
But im using CLoudFLare /cdn service.so when i block some countries.sometimes i cannot login to my system.Coz cloudflare servers maybe in my block countries.So i should remove cloudflare ips from block country list.But how can i do that?
any advice?
im using ubuntu 14.04 / nginx on my server..
*
and now im under the attack.You guys know, theres cyber war so i
should solve this problem fastly.
*
Thanks in advance.
CloudFlare allows you to block certain countries from accessing your website at the CloudFlare level. To do so:
Select your domain in your CloudFlare Control Panel
Select the "Firewall" tab
On the "IP Firewall" tab, you can enter a IP, IP range, or Country and click block.
This will block the country from all your websites on the CloudFlare level, before any attack even hits your server.
If you require to block it with your Nginx solution rather than CloudFlare's firewall for whatever reason, you can look at enabling "IP Geolocation" under the "Network" tab of the Control Panel. This adds the header "HTTP_CF_IPCOUNTRY" to all requests, and will contain the Country Code (I.e US, UK, RU) in the header.
If you need to block any requests based off certain IPs, or perform the IP lookup yourself. Then you should use the default CloudFlare header that is included with every request that holds the client's IP named "CF-Connecting-IP".
For future information, CloudFlare has a good article written here on how they handle their headers.
If you are using the free plan (cloudflare), you won't get the visitor IP address, so using geoip_country which matching IP <-> Country is not working.
You should turn on IP Geolocation in CloudFlare, and config nginx to read that country code.
Meanwhile, make sure your origin server only accept connection from CloudFlare IP range.
Details on how to config nginx: http://nginxlibrary.com/using-cloudflare-for-country-blocking/
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I am trying to find website with url https://example.com:8888 in iis, but iis bindings looks like this, this iis is on a vm instance hosted on azure,
when I do netstat I get this (copied picture from internet but I am getting exact same response for 8888),
Problem:
Wildcard certificate expired on "*.example.com" we renewed it on website in iis, it shows certificate valid for 443(https) and 80(http) but it shows certificate as expired for port 8888. I am unable to find binding for this website with port 8888 so that IT team could update it's certificate.
We stopped IIS server and website on 443 and 80 stoped serving however on port 8888 it kept showing certificate expired and didn't go down. However when we shutdown the server instance, it went down as well.
How to find this website so that we could update it's certificate ? thanks
You could check whether 8888 is listened by (PID 4)IIS by using command line:
netstat -ano
If the command line show that IIS is listening to 8888, then you could use this to find the binding& site with port 8888
appcmd list site
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I want to redirect my static IP to my domain.if entered IP its redirect to domain and show domain on URL. My web site is http://www.ramadoor.co and ip is : 87.247.179.84 .its on IIS and ASP.NET webform.Tanks
May be it helps you.
If the IP is assigned properly in the site binding and you're not using a host header then all you need to do is ensure that the domain name is registered and the A Record (host record) in DNS is pointing to the IP of the site.
It sounds like either DNS is not configured properly or the IIS site bindings are not configured properly or within your application there is some type of redirect occurring.
Add a binding to a site IIS 7
http://technet.microsoft.com/en-us/library/cc731692(v=ws.10).aspx
Configure a Host Header for a Web Site (IIS 7)
http://technet.microsoft.com/en-us/library/cc753195(v=ws.10).aspx
Copied from here
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 6 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
Im trying to configure everything in order to allow only VPN users to accesss to certain folders (wp-admin etc) and the thing is that by following some tutorials like https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04 i can connect to my openvpn (it gives me a 10.8.0.X ip through tun0 and the external IP is my server's one when checking at http://www.whatsmyip.org/ but when i enter my own server domain in my browser it sees my real IP (getenv('REMOTE_ADDR') shows my real IP) and not the one from the VPN so i cant set up a .htaccess file to restrict to my own server IP.
As a summary of above tutorial config, i have:
/etc/openvpn/server.conf
dh2048.pem
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
user nobody
group nogroup
/proc/sys/net/ipv4/ip_forward
1
/etc/sysctl.conf
net.ipv4.ip_forward=1
/etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"
/etc/ufw/before.rules
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
ufw status verbose:
root#XXX:/# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), allow (routed)
New profiles: skip
To Action From
-- ------ ----
1194/udp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
53 (Bind9) ALLOW IN Anywhere
80/tcp (Apache) ALLOW IN Anywhere
443/tcp (Apache Secure) ALLOW IN Anywhere
1194/udp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
53 (Bind9 (v6)) ALLOW IN Anywhere (v6)
80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
443/tcp (Apache Secure (v6)) ALLOW IN Anywhere (v6)
Is there something im missing or a different workaround?
Thank you in advance,
If Wordpress if your CMS, you can do this by installing a plugin. Find Restricted site access plugin on wordpress's website, this plugin will;
Limit access to visitors who are logged in or allowed by IP addresses. Includes many options for handling blocked visitors.
Using this plugin, you can restrict all other people who visit the page with any different IP
Restrict Content Pro is another powerful plugin worth considering if you want to implement advanced content and website access restriction for your WordPress website. Restricted Content Pro offers one of the most complete solutions for members-only access restriction for WordPress.
.htaccess Modifications – You can make a couple of modifications to your .htaccess file to restrict access to certain folders or files in the root of your WordPress installation by authorized users. If you use a dedicated IP, you can block access to the admin folder for all users except your IP address. If you use a dynamic IP address, be sure to modify the IP part or you will be blocked too.
Code snippet:
order deny, allow
allow from 199.199.10.0 (use your IP)
deny from all
You can also add another layer of protection for your admin area using some form of authentication system. This way, other users with access to the admin area will not be able to access the actual admin files and the same is true in case of an external intruder or software bot (since many attacks are carried out using bots).
Additionally, you can restrict access to wp-config.php as well as other individual files in the installation folder. For instance, if you include the code snippet below the top of your .htaccess file, any user trying to access this file will be denied access.
Here’s the code snippet:
order allow, deny
deny from all
The default .htaccess file contains some basic WordPress functions that you shouldn’t break, so before you make any modifications to the file, make a backup copy and keep it safe.
Have a look at this page for further clarification if you're looking to block on page level: http://wpdatatables.com/restricting-access-specific-content-wordpress-site/
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 12 months ago.
Improve this question
My website has implemented by using JAVA. So we have taken VPS and installed Tomcat then deployed
My website is appearing like this
whenever I click www.mysite.com in url ... it is appearing as below.
http://mysite.com:8080/foldername/
But I would like to see my website as www.mysite.com
Can any one suggest me what to do .. should I do any changes in htaccess file ?
If you don't provide the port number in the URL your HTTP requests would be sent to port 80. You can set up a firewall rule to redirect requests headed towards port 80 to 8080.
If you don't want a port number in your URL, you have to use the default port number for HTTP, which is 80. If it's anything other than 80, you will be required to put the port number in the URL. That's all there is to it.
Now, if your question is "how do I host my Tomcat website on port 80", well there are plenty of answers to that question both on SA and teh intertubes. Just search.
If you wish to redirect all request on tomcat on default port you have to stop the IIS and use port 80 for your tomcat application or make the changes in IIS to redirect it.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a couple of personal web-based projects in the pipeline, and am unable to chose how to host them.
I have questions in the area of domain names and actual file hosting (which I believe are separate topics, though many companies provide both).
Domain Names
I have a domain name registered with Freeparking.co.uk, but they don't offer the kinds of services I think I need. Can I just transfer the domain name to somewhere else? Apart from anything the only thing they do is to host a page with a full-page frame on it, which I configure a URL for. Basic URL hiding, but that means that people can't bookmark specific pages in my websites.
Hosting
I wish to host ASP.NET applications (plural) using SQL Server 2005. What are the steps to choosing a hosting environment, and how do I connect the domain name to the hosting environment?
Domain names are best kept separate from the hosting. Decent domain registrars let you freely define name severs, which in then give the IP address for the domain. Typically (but not necessarily) these name servers are provided by the hosting company. So, the steps are:
Choose the hosting provider (sorry, I have don't recommendations on ASP hosting providers).
Configure the name servers so that at least the A record of yourdomain.com points to the ip of your server (this is often automatically done by the hosting company).
Configure your domain name at the registrar so that it refers to the the above mentioned name servers.
Also the domain name registrar can provide the name server stuff, or you can use for example EveryDNS.
your domain name is just an IP address in their Name Server which drives Domain Name System - DNS. Check that Freeparking actually do NameServer stuff.
You can choose what ever host that meets your requirements.
your host will have there own DNS system (ie the IP address of the server that will be your web application host).
Ask Freeparking to point your Domain Name the name at the new IP.
I needed the same ASP.Net and SQL and went for DiscountASP.net (although they are in the US), excellent service so far =>
They also do the email side too. The MX part of your domain name.