Hi everyone Does anybody know how to change the path of a defined foxx service.
I would like to have something like "IP/login" and "IP/register".
By default it is accessible under "_db/..." path.
The only way I found was to use a Webserver Like nginx to rewrite or restrict incoming URL paths. Is there a better solution?
Thanks in advance.
I'm Alan from the ArangoDB Foxx team.
If you want to expose your service to the wild, a reverse proxy like nginx or Apache is absolutely the best way to go. Keep in mind that if you allow users to talk to ArangoDB directly you're also likely exposing the HTTP API and the admin interface -- these are probably not things you want on the public web.
There's currently no way to mount a Foxx service at the "root" URL and this is unlikely to change.
Related
With a self hosted instance like matomo, and a smart edge router like traefik, I was hoping to find some automated solution for analytics via traefik configuration instead of injecting JavaScript into each hosted service on my docker based server.
It seems to me the best way to track usage in the backend, instead of relying on 'the goodness of the browser', especially with ad blockers targeting matomo.
Has anyone tackled this in any fashion?
Yes, it's possible with Log Analytics: https://matomo.org/log-analytics-/
See also: https://github.com/matomo-org/matomo-log-analytics
I was just thinking if an app like rails or laravel can receive the request from different server applications like apache or nginx, there must be some sort or request format the servers follow to serve the request to the apps?
What format is this?
Or am I conceptualizing this wrong?
I think the answer you are looking for is the Common Gateway Interface, called "CGI" for short.
https://www.w3.org/CGI/
When I host a self hosted WCF, I define the URL in code.
Is there any best practice to do that?
We first had something like, 'http://localhost:8085/bla'
But that did not work for https, because of ssl certificates.
So we came up with using the full qualified host-name, instead of localhost.
And it worked for now.
But now I'm thinking about hosting the service in the cloud one day?
Will it also be OK to take the full qualified host-name there? Or is there any other best practice?
Or am I missing something?
In my WCF service application , images are saved into application directory. So in one of the service call, it returns the image(http request to the url- http://mydomain:88/Images/Tree/test.png) to the client application.( a mobile application). The url exposes the application directory, so is this a good practice? All the call to the service is protected using basic authentication. But still is this good practice to exposing the directory structure in url?
Thanks.
All you've done is expose a little information to the world about your directory structure behind the scenes - probably not a "best practice". But generally, I'd say you're safe if:
you don't expose the directories to browsing (like via an IIS
setting)
the web service or proxy is located behind a firewall within a
DMZ
the WCF requests are authenticated/authorized before
content is delivered.
You can fix this without too much work, though. Assuming the "Test.png" is the file the client is trying to download, change the host-side endpoint so that it's just ".../Images/Tree/Connect" that receives the file name as a parameter in the Get(). The host and clients would have to change, but it's not a big change.
The question is as simple as the title. I have a webapp (I have no clue as to what technology it was built on or what appserver it is running on). However, I do know that this webapp is being served by an Apache Server/ IIS Server / IBM Http Server. Now, I would like to have a plugin/ module / add-on at the web-server end, which would parse/truncate/cut/regex the http response (based on the requested url's pattern), and mask(encrypt/shuffle/substitute) a set of fields in this response based on different parameters(user's LDAP permissions in the intranet / user's geo-location if on the internet, etc) and send the altered response back to the user.
So, Is there an easy answer to creating such plugins/modules/add-ons? How feasible is this approach of creating extra software at the webserver, when you want to mask sensitive information in a webapp without modfying the web-app code? Are there any tools that help you do this for Apache?
And, finally, is this just a really crazy thing to try?!
Each webserver will have its own way of doing so.
There is no universal plugin architecture for webservers.
In IIS you would write an HTTP Handler or HTTP Module, or possibly an ISAPI Filter. You can also directly interact with the http response using the Response object exposed by the HttpContext.
With apache, there are different modules that can do what you want (mod_headers, for example).
I don't know anything about WebSphere, but I am certain it also has similar mechanisms.
What you are asking is required by most web applications, so would be either built in or very easy to do.
The easiest way is to add a plug-in using the web application container. For example, if it's Tomcat, you can add a filter or valve.
If you want to plug-in to the web server, you'd need to write a custom module using the API of whichever web server is being used.
If all else fails, you could always wrap the entire server in a reverse proxy. All requests would go through your proxy and that would give you the opportunity to modify the requests and the responses.