This question already has answers here:
Can't access /elmah on production server with Elmah MVC?
(2 answers)
Closed 5 years ago.
I have included elmah.mvc into an Asp.Net MVC application for logging exceptions and custom error logs. It is working fully as intended and I can view the logs within my ELMAH_Error table using a SQL Server, and as well from the web interface through local host URL(http://localhost:20086/elmah).
My question is: How, if possible, can I view my logs through the web interface on a live site and not "http://localhost:20086/elmah". I want to be able to view the Logging information when necessary from any computer. I have implemented Roles and Authentication, so I should be able to go to the correct URL, login with the appropriate credentials, then view the logs.... right?
Is this possible??
No problem. You can use ASP.NET authentication to secure your logs. Basically you want something like this:
<location path="elmah.axd">
<system.web>
<httpHandlers>
<add verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah" />
</httpHandlers>
<authorization>
<allow roles="admin" />
<deny users="*" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="ELMAH"
verb="POST,GET,HEAD"
path="elmah.axd"
type="Elmah.ErrorLogPageFactory, Elmah"
preCondition="integratedMode" />
</handlers>
</system.webServer>
</location>
There's some more details in this ELMAH Tutorial.
It looks like you're using the Elmah.MVC package. With this package you have another option:
<add key="elmah.mvc.requiresAuthentication" value="true" />
<add key="elmah.mvc.allowedRoles" value="admin" />
Related
I have a Kentico installation at sub.mydomain.com. The CurrentContact cookie is created using a domain of sub.mydomain.com. I want the cookie to be able to be read by other subdmains like app.mydomain.com.
Is there a way to accomplish this? Is there a web.config setting or a system event in which we can change the cookie domain?
If a cookie is issued for .mydomain.com then it will be accessible on all sub domains i.e. sub. and app. but not vice versa. Technically is sub.mydomain.com and app.mydomain.com are two different domains from a browser prospective. I think you need to enable CORS support for domain app.domain.com in your Kentico web.config.
You may try to add something like this to your web.config:
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
<add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS,PUT,DELETE" />
<add name="Access-Control-Allow-Origin" value="http://app.mydomain.com" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>
I have a site that runs on ColdFusion 2016. To access it, user must login. None of the ColdFusion templates are accessible for unauthenticated users within secure directories. However, in some directories html templates, video tutorials and images can be viewed with direct link via url.
Is there way to restrict such access?
UPDATE
I added this code below but, it is blocking all access even from the link on pages. But, how to block non authenticated direct access?
<configuration>
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
<system.webServer>
<handlers>
<add name="HTML" path="*.html" verb="GET, HEAD, POST, DEBUG" type="System.Web.StaticFileHandler" />
<add name="mp4" path="*.mp4" verb="GET, HEAD, POST, DEBUG" type="System.Web.StaticFileHandler" />
</handlers>
</system.webServer>
</configuration>
Currently this value is around 80 seconds. I tried modifying the timeout by multiple ways:
Modifying the web.config file.
<system.web>
<httpRuntime targetFramework="4.5" executionTimeout="600"/>
</system.web>
Modifying SCM_COMMAND_IDLE_TIMEOUT value in application settings in azure portal.
One more solution I got here:
https://azure.microsoft.com/en-us/blog/new-configurable-idle-timeout-for-azure-load-balancer/. I think this doesn't apply to Azure app service.
None of these are working. Is there a way we can modify timeout value?
Change your config as per below for Python.
Set the desired requestTimeout="00:04:00"
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="httpPlatformHandler" path="*" verb="*"
modules="httpPlatformHandler" resourceType="Unspecified"/>
</handlers>
<httpPlatform processPath="D:\home\Python27\python.exe" arguments="manage.py runserver %HTTP_PLATFORM_PORT%" requestTimeout="00:04:00" startupTimeLimit="120" startupRetryCount="3" stdoutLogEnabled="true">
<environmentVariables>
<environmentVariable name="PYTHONPATH" value="D:\home\site\wwwroot"/>
</environmentVariables>
</httpPlatform>
</system.webServer>
</configuration>
Read details https://prmadi.com/django-app-with-httpplatformhandler-in-azure-app-services-windows/
In my WCF4.5 https web service I want to set authorization to specific users/groups, I.e. I only want certain domain users or groups to be allowed to call my service.
In my web.config I have added the following as a simple test to see if every user is disallowed:
<system.web>
<authentication mode="Windows" />
<authorization>
<deny users="*" />
</authorization>
</system.web>
In my bindings section I have a:
<security mode="Transport">
<transport clientCredentialType="Windows" />
</security>
and a similar entry in my client.
However, when I run my client, it is allowed. So I'm figuring I'm missing something out?
I've read various websites and they either simply mention the above or go into a whole detail about all sorts without a meaningful answer or require hard coding of security in code.
thanks for any help
You need
<allow roles="DOMAIN\Group"/>
Otherwise you deny ALL the users by using <deny users="*" />
<system.web>
<authentication mode="Windows" />
<authorization>
<allow roles="DOMAIN\Group"/>
<deny users="*" />
</authorization>
</system.web>
I have 2 WCF service working together. One is Class Library and another one in webservice.
Its working fine until now. But if i try to send large amount of data it throw me 413 error...
An exception was thrown: The remote server returned an error: (413) Request Entity Too Large.
Below is web.config file-
For Class Library-
<add key="SMTP" value ="dummy"/>
<add key="BookingEmailFrom" value ="dummy"/>
<add key="BookingEmailToWBD" value ="dummy"/>
</appSettings>
<connectionStrings/>
<system.web>
<compilation debug="true" targetFramework="4.0"/>
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows"/>
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"/>
</system.web>
<!--
The system.webServer section is required for running ASP.NET AJAX under Internet
Information Services 7.0. It is not necessary for previous version of IIS.
-->
<system.serviceModel>
<services>
<service name="JSONWebService.Service1" behaviorConfiguration="JSONWebService.Service1Behavior">
<endpoint address="../Service1.svc" binding="webHttpBinding" contract="JSONWebService.IService1"
behaviorConfiguration="webBehaviour"/>
For web service client-
<?xml version="1.0"?>
<configuration>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config.comments usually located in
\Windows\Microsoft.Net\Framework\vx.x\Config
-->
<configSections>
</configSections>
<appSettings>
<add key="ConnectionString" value="Server=dummy;uid=sa;pwd=dummy;database=dummy"/>
---------------------- -->
section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
<pages>
<controls>
<add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral,
PublicKeyToken=31BF3856AD364E35"/>
<!--
Upon deployment, the following identity element should be removed or replaced to reflect the
identity under which the deployed service runs. If removed, WCF will infer an appropriate identity
automatically.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
<endpoint address="basic" binding="webHttpBinding" contract="JSONWebService.IService1"
behaviorConfiguration="webBehaviour"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="ServiceBehavior" >
<!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before
deployment -->
</bindings>
</system.serviceModel>
</configuration>
Any help would be really appreciated.
Thanks
You are encountering a WCF default limit on the message size. To raise the limit, use the maxReceivedMessageSize attribute in your web.config file (server side).
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding maxReceivedMessageSize="10000000">
</basicHttpBinding>
</bindings>
</system.serviceModel>
This is probably really late, but for anyone else that is also stuck.
The initial problem is solved by what BilalAlam described (increase the maxRecievedMessageSize) but your issue is the bindings need to be tied to the endpoint via the bindingConfiguration in the endpoint and the name in the binding.
Example
<bindings>
<webHttpBinding>
<binding maxReceivedMessageSize="2147483647" name="NAMETOTIEENDPOINT">
<readerQuotas maxStringContentLength="2000000"/>
</binding>
</webHttpBinding>
</bindings>
<services>
<service>
<endpoint address="basic" bindingConfiguration="NAMETOTIEENDPOINT" binding="webHttpBinding" contract="JSONWebService.IService1" />
</service>
</services>