Apache virtual hosts

Hi;

quick question;

I have CFMX8 installed and running nicely, though it is on a system with about 60 virtual hosts.
I would like to deny use of cfml pages to all vhosts except the ones I explicitly allow

so I have:
LoadModule jrun_module /opt/coldfusion8/runtime/lib/wsconfig/1/mod_jrun22.so

<IfModule mod_jrun22.c>
    JRunConfig Verbose false
    JRunConfig Apialloc false
    JRunConfig Ignoresuffixmap false
    JRunConfig Serverstore /opt/coldfusion8/runtime/lib/wsconfig/1/jrunserver.store
    JRunConfig Bootstrap 127.0.0.1:51800
#    #JRunConfig Errorurl url <optionally redirect to this URL on errors>
#    #JRunConfig ProxyRetryInterval 600 <number of seconds to wait before trying to reconnect to unreachable clustered server>
#    #JRunConfig ConnectTimeout 15 <number of seconds to wait on a socket connect to a jrun server>
#    #JRunConfig RecvTimeout 300 <number of seconds to wait on a socket receive to a jrun server>
#    #JRunConfig SendTimeout 15 <number of seconds to wait on a socket send to a jrun server>
#   AddHandler jrun-handler .jsp .jws .cfm .cfml .cfc .cfr .cfswf
</IfModule>



<directory /var/www/vhosts/**VHOST**/subdomains/cfide/httpdocs>
        AddHandler jrun-handler .jsp .jws .cfm .cfml .cfc .cfr .cfswf
        order deny,allow
        deny from all
        allow from 70.31.38.45
</directory>




now: the directory rule is for the cfide directory - works, is fine, however I figured if I commented out the addhandler line in the ifmod directive, no other vhosts would be able to process cfml pages....

This is not the case, any vhost can place cfm pages in the webroot and have htem executed.


What is the correct way to configure this so that only vhosts I allow can use cmfl pages?

-thanks
-sean

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-server/message.cfm/messageid:6834
Subscription: http://www.houseoffusion.com/groups/cf-server/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.10

You need to place all the JRunConfig directives only in the vhost that  
you want to have CF access.  What you want is a jrun-per-vhost setup  
(instead of the jrun-per-Apache default), with only a single vhost/
jrun pair, and all the other vhosts without a jrun.

cheers,
barneyb

--
Barney Boisvert
bboisvert@...
http://www.barneyb.com/

On Jul 12, 2009, at 5:42 PM, Sean Kimball <sean@...> wrote:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-server/message.cfm/messageid:6835
Subscription: http://www.houseoffusion.com/groups/cf-server/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.10

Hmm no - that's not working.

If I place all the jrun directives in the virtual host container:

<IfModule mod_jrun22.c>
        JRunConfig Verbose false
        JRunConfig Apialloc false
        JRunConfig Ignoresuffixmap false
        JRunConfig Serverstore /opt/coldfusion8/runtime/lib/wsconfig/1/jrunserver.store
        JRunConfig Bootstrap 127.0.0.1:51800

        AddHandler jrun-handler .jsp .jws .cfm .cfml .cfc .cfr .cfswf
</IfModule>


Then ONLY the first loaded virtual host can run coldfusion - all other cannot process pages .... ?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-server/message.cfm/messageid:6840
Subscription: http://www.houseoffusion.com/groups/cf-server/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.10

On Tuesday 14 Jul 2009, Sean Kimball wrote:
Take AddHandler out.
Put the otherwise intact IfModule outside all VHosts.
Put the AddHandler into the VHost's you want enabled.

--
Helping to continuously create virtual ubiquitous slick paradigms as part of
the IT team of the year, '09 and '08

****************************************************

This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB.  A list of members is available for inspection at the registered office together with a list of those non members who are referred to as partners.  We use the word “partner” to refer to a member of the LLP, or an employee or consultant with equivalent standing and qualifications. Regulated by the Solicitors Regulation Authority.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may be confidential or legally privileged.  If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents.  If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500.

For more information about Halliwells LLP visit www.halliwells.co

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists
Archive: http://www.houseoffusion.com/groups/cf-server/message.cfm/messageid:6841
Subscription: http://www.houseoffusion.com/groups/cf-server/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=17837.14401.10