Can I limit the displaying of Django's Page not found? - django

When I develop Django websites, I always develop them on a server that sits on the Internet in order to mirror my production environment (I run macOS locally but my servers are Linux). During development I also will set DEBUG = True for debugging purposes. The problem is that if I or anyone else who's poking around on my site enters an invalid URLconf string, Django displays the "Page not found (404)" page along with all valid URL patterns, which I feel is a bit of a security risk. For example, my custom URL for the Django admin site is listed there. Is there a way to disable the showing of this specific error page when I have DEBUG set to True or perhaps to limit its display to particular IP addresses?

you can override the default 404 view.
Read here to know how to do

Related

Is it possible to keep Django Admin Panel accesible in production mode? (DEBUG=False)

I am developing a webpage for my college where we will show ouur investigations, to solve that i decided to use the admin panel. The problem is that when I deply in production the webage I get a 500 Bad request
I have left the deault admin path
Also changed the path for admin and still having the same issue
Try opening on a different browser like chrome etc

django redirect is applied to all projects directly

I was studying mozilla django tutorial and in between that I came across one point where I have to redirect the url ' ' to '/catalog/' with permanent = True.
Now I have one new project (another project in different directory ) with django-admin and gave the command of manage.py runserver (notice I haven't made any changes in this project) the url '' is automatically being redirect to '/catalog/' in chrome it works fine in opera mini though.
It’s probably not a Django issue, but due to Chrome caching certain requests. You could try a hard refresh of the page:
https://www.getfilecloud.com/blog/2015/03/tech-tip-how-to-do-hard-refresh-in-browsers/
Unless the redirect is being handled by some unusual Javascript (and you are doing this in Django so probably not), you probably just need to refresh the page. Hold the shift key while clicking on the refresh button in Chrome.
This is because chrome has cached this particular redirect and uses it without checking with the server. You can get rid of this by clearing your browser cache - but you might not want to do this because you'll lose other data too. Instead, right click on the page in question and go to developer tools (or hit F12). Go to the Network tab and tick "Disable cache". Now refresh the page without the redirected part of the url, and the page should load correctly. Now close developer tools and it should continue to work as intended.
I solved it by deleting the browser history(going to Advanced mode and selecting everything).

Can't Open Web forms for marketers Form Designer or Security Manager

I have had WFFM running on a Sitecore instance for a while, but it has recently stopped working. When I go to "Form Designer" on an existing form, I get the standard Sitecore "The requested document was not found" page.
Requested URL: /applications/modules/web
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
Note that the requested URL is stated as /applications/modules/web instead of /applications/modules/web forms for marketers.
A lot of development has occurred on this site recently, so I'm not sure when exactly this started happening.
Additional: info:
Folder and file permissions are correct.
I've tried reinstalling the WFFM package, and made sure that all the files are in place.
Several processors have been added to the HttpBeginRequest pipeline, but I removed them all to test if they were the cause - they weren't.
I haven't upgraded Sitecore since WFFM was working and the version is correct.
No errors are logged
EDIT
This also seems to be affecting the Sitecore Security Editor:
Requested URL: /appl
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
EDIT 2
Further investigation with this is making me think it is related to the Requested URL. I originally thought the the "Not found" page was displaying the requested url incorrectly. However, if I attempt to goto mysite.com/sitecore/shell/applications/fake folder with spaces/fake page with spaces I get this error message:
Requested URL: /applications/fake folder with spaces/fake page with
spaces
User Name: sitecore\admin
Site Name: shell
If the page you are trying to display exists, please check that an
appropriate prefix has been added to the IgnoreUrlPrefixes setting in
the web.config.
As you can see the Requested Url is correct in the error message. So in relation to my problem, I think maybe Sitecore is requesting the wrong URL in the first place.
Additionally if I go to the go the following url by typing directly into the browser, then the Security Editor opens as expected:
mysite.com/sitecore/shell/Applications/Security/User-Editor
This is quite old now but I thought I'd provide an update for anyone else who encounters the problem.
Unfortunately, Sitecore support weren't able to help beyond pointing out that setting the addAspxExtension attribute to 'true' in the link provider seemed to solve the problem. This may have been acceptable except that extensionless URLs were important to the customer.
In the end I had to amend my link provider so that addAspxExtension is set to 'true' in the web config, and then I set it to false inside the GetItemUrl method for specified sites only.
So now whenever the context site is 'Shell' or 'Admin' etc, the extensions are added by default, but switched off in my main website.
Of course, this is a work around. I still don't know how to actually fix the problem
So the first thing that I am going to tell you is that I suspect that there is something wrong with your site declaration for Sitecore Modules. In your web.config, there's a site declaration for "modules_shell" and "modules_website". Those are where the code files that run the modules are usually located... a shell folder to run the parts that run in the Sitecore shell and a web folder to run the part that is accessed by the externally facing site. Please check your site declarations (and the form.config file) to make sure that you're not in live mode or something like that. I would definitely say that this is where you should start looking.
The next thing is to say that your comments about Sitecore not serving a url in the /sitecore/shell directory is really not surprising. Sitecore processes all requests unless you specifically tell it to ignore requests (like setting it in the IgnoreUrlPrefixes in web.config), it's going to try processing it. Like going to /sitecore/shell/applications gives me a layout error because it doesn't have anything set to handle that request. Now your error suggests that there is something wrong with Site declarations.. however, even if they were all right, it still wouldn't work.

Django admin "view on site" gets a wrong redirection

I have just copied a working Django project from a development server to a production server. I have not touched the code in any way. In the admin interface there is a blog app, in each blog post there is a get_absolute_url so the admin creates the "view on site" button. On the development server when I click this button it opens the post on the site as expected: an example link would be /admin/r/25/515/ which when loaded then redirects to /blog_app/posts/515/slug. That's perfect. On the production server though the "view on site" link has the exact same value of /admin/r/25/515/ but when loaded returns a strange url that leads to nowhere: admin/r/25/515/.com/blog_app/posts/515/slug. I have no idea where this ".com" comes from, I started looking everywhere but have no clue. Any idea?
That was an Nginx conf problem, I use it as a proxy / load balancer and in the proxy_pass setting I did not enter the full domain name thinking it was a kind of variable. My bad. Not really Django related but since many people use it that way it can be useful to know.

Django, from php to Django

I have a website done with Django, that was previously done with PHP and CodeIgniter. I've moved the website to Webfaction, changed the DNS and all other configurations, but now my email is full of errors like this:
Error (EXTERNAL IP): /index.php/main/leer/7497
I don't know why the Django app is looking for pages from the PHP app, specially since the PHP app was in another host.
Are those URLs from your old site? That's probably a case of people having stale bookmarks, trying to navigate to them, and getting 404s. You might want to consider catching those, and redirecting to the new URL with response code 302.
I can't imagine those errors are caused by Django (except in the sense that the reports are from Django reporting 404s, which it does for free).
I agree with above. Just want to add you should use django.contrib.redirects to move the redirects.
You can read more about it here