I have a setup with one authoring site and two remote publishing sites.
If I publish from the /Home/ content tree from authoring that is reflected in all remote targets.
If I publish from any other content tree, say /Quotations/, that is not reflected in any of the remote targets. It is, however, reflected on the authoring machine's "Internet" site so the changes are being published locally.
The log file on the authoring site says that the publish of the Quotations content tree worked correctly and that N number of items were published (varies depending on how much I change and/or if I do a full or incremental publish but N is about what I expect it to be).
I'm feeling I've missed something in configuration but not sure where to look.
Many thanks!
rjsjr
A couple of ideas:
Are the templates and other items needed on the remote targets there to properly store the content? If "Quotations" is using different templates that aren't published onto the remote target then you may be publishing empty content items.
Are the remote targets configured within Sitecore's config files to be the proper databases to be pushing the content?
Time for another approach, could we isolate the problem to being one of the following:
DB server. This would be taking the database for the remote target and running it on another web server to ensure that the DB is doing everything correctly in terms of serving up the data.
Web server. This would be taking the web server that hosts the remote target and pointing it at another server to see that there isn't anything wrong with the web server like a misconfiguration in IIS or something like that.
Connectivity between the two. This is what is left if the DB works with another web server and the web server works with another DB server as each part can be eliminated as the problem being solely in one area.
Or do we know it is that last one that is the ugliest one to try to debug?
Are Home and Quotations siblings of each other? If not, then there may be something above Quotations that is the source of the problem.
That I don't know. I'd be tempted to ask this on the Sitecore forms on their site if you are certified in Sitecore you should be able to access it.
Related
I am just about to go live with a website and am addressing security issues. The site has been public for some time but not linked to the search engines.
I log all incoming requests and today noticed this one:
GET /home/XXXXX/code/repositories/YYYYY-website/templates
where XXXXX is a sudo user on my server and YYYYY is my company name.
This is actually the structure of my Django project code.
My website is coded using Django and runs under Apache2 on Ubuntu.
My question is how can this guy possibly know the underlying code/directory structure on my server, in order to create this request?
Their IP is : 66.249.65.221.
They come up as 100% a hacker on https://ip-46.com
Any contributions welcome.
EDIT1 25/11/2019
With some helpful input from Loïc, I have done some investigation.
The Ubuntu 18.04 server is locked down as far as logging in goes - you can only get in with one of my private keys. The PostgreSQL is locked down - it will only accept connections from one IP where my dev machines reside. RabbitMQ is locked down - it won't accept ANY external incoming connections. The robots.txt allows all crawling but the robots meta restricts access to about 12 pages only.
Somebody who knows Django, would know how to form this directory path if they knew the Django project directory but they also have this relative to root on the server. The only place where this is available is in the Apache2 config file. Obviously Apache needs to know where to pick up the Django web server.
I am 99% sure that this 'hacker' got this via some sort of command to Apache. Everything is redirected to port 443 https. The above GET request doesn't actually do anything because the url doesn't exist.
So to make the question more refined. How can a hacker pull my Django absolute project path from my Apache2 config file?
There are a lot of different ways to learn about the directory structure of a given server.
The easiest usually being error logs;
If in your django settings, DEBUG is set to True, it is very easy for an attacker to get the directory structure of your project.
Then there is LFI, a security issue allowing an attacker to read local files. It's then possible to read some logs, or apache configuration to learn what is your project directory...
The problem could come from another service running on your server as well...
One cannot really give you a complete answer on this topic, as there are a lot of different ways this could happen.
I'm working on Sitecore 7 and I have configured the Sitecore GeoIP module (Sitecore IP Geolocation Service Client 1.2 rev. 150602.zip) on our site.
Sitecore IP Geolocation Service is running on our site's App Center.
When I tried to use its functionality with the personalization, it seems not working.
I created the following condition for a component of a page using the presentation details --> personalize
But when I access the site from the give country, the item is still exists on the page (which need to be hidden).
I did test the GeoIp module using the TestIp.aspx page and it's tracking the ip data correctly.
Can someone please advice on this.
Thanks.
UPDATE
This actually works. There is a ip caching mechanism with the MaxMind service.
When the ip is cached the change that we made from sitecore client is not getting activated for certain time.
Is there are any config change that we can do to change or skip this caching mechanism ?
Thanks.
Sitecore's GeoIP/MaxMind module does not resolve GeoIP information in real time. It does this in batch background processes - for performance reasons, no doubt.
I can show you a way to change this, but I would not recommend you do this in practice on any real site as calls to the MaxMind service can take a while and will block your page load until they complete.
You need to add a processor to your httpRequest pipeline, early as possible, that forces a lookup for the client IP. It will then be cached for subsequent page loads.
Sitecore.Analytics.Lookups.LookupManager.GetInformationByIp(string ip)
Where the ip argument will be your request Host.
But as I said, I really would not recommend doing it like this, unless your site is very light weight.
My suggestion to you instead of this, will be to build something up around the GeoLite database that MaxMind provides, free of charge. You will then perform lookups in a local database (instead of a web service) - for an example of how this could be done, look here:
http://sitecoresnippets.blogspot.dk/2011/12/sitecore-geoip-country-resolving-jump.html#.Vhdui_l_NBc
I've designed a desktop app using PyQt GUI toolkit and now I need to embed this app on my Django website. Do I need to clone it using django's own logic or is there a way to get it up on website using some interface. Coz I need this to work on my website same way it works as desktop. Do I need to find out packages in django to remake it over the web or is there way to simplify the task?
Please help.
I'm not aware of any libraries to port a PyQT desktop app to a django webapp. Django certainly does nothing to enable this one way or another. I think, you'll find that you have to rewrite it for the web. Django is a great framework and depending on the complexity of your app, it might not be too difficult. If you haven't done much with web development, there is a lot to learn!
If it seemed like common sense to you that you should be able to run a desktop app as a webapp, consider this:
Almost all web communication that you likely encounter is done via HTTP. HTTP is a protocol for passing data between servers and clients (often, browsers). What this means is that any communication that takes place must be resolved into discrete chunks. Consider an example flow:
You go to google in your browser.
Your browser then hits a DNS server (or cache) that resolves the name google.com to some IP address.
Cool, now your browser makes a request to that IP address and says "get me some stuff".
Google decides to send you back a minimal amount of HTML and lots of minified JavaScript in the page.
Your browser realizes that there are some image links in the HTML and so it makes additional requests to google to get each of the images so that it can display them.
Now all the content is loaded on your browser so it starts to execute the JavaScript code, and that code needs some more data from google so it starts sending requests to google too.
This is just a small example of how fundamentally different a web application operates than how a desktop application does. On a desktop app you have the added convenience that any operation doesn't need to be "packaged up" and sent, then have an action taken, etc (unless you're using a messaging architecture, but that's relatively uncommon outside of enterprise apps).
I'd like to implement a "Website under maintenance" page on a Sitecore powered website, where CMS editors can switch on/off the maintenance mode. During the maintenance mode all requests are forwarded to the maintenance page. A solution with app_offline.htm in website root would be ok, however the problem is that website is load-balanced.
What is the best practice to implement what I want on load balanced websites, and specifically for Sitecore CMS?
In any load-balanced environment you should avoid having this app_offline.html page as a part of your website. Please remember that if you are deploying new code the site may encounter some exceptions or config problems and even your plain html maintenance page won't be accessible.
You should rather think about having a app_offline page redirection set directly on the load balancer. In this case you need to set it only in one place and you don't need to worry about your site being unavailable. Of course you will not be able to manage this page from Sitecore in this case.
And the best solution in the load-balanced environment is not to have app_offline.html page at all. When you're doing any maintenance, you're performing it on one (of half) of the load-balanced servers at the time. The other servers should serve the responses to users' request in the meantime. And when you're ready with maintenance on one server, you put it back to load-balancer and start maintenance of the other servers (taking them out from the load-balancer before making any updates on them).
You can create httpmodule that reads some setting that CMS editor can turn on/off inside sitecore, if the setting is turned off, you redirct to your custom maintainace page.
Make sure that you dont redirect any http request coming from sitecore desktop, by checking logged in user domain.
I used this article when I first started working with a CM to CD load balanced environment: http://csuwannarat.wordpress.com/2011/12/20/sitecore-deployment-process-in-load-balanced-production-environment/
Hopefully this helps you too.
I am trying to create simple flex application, which uses django as a back-end part. Have a question:
Usually when I run my application Flex Builder creates a file in a directory on my local PC and then opens a browser and points to it. Everything was fine, but when I decided to link django server to flex applications via xml data providers I started to get security errors. (Related to absence of crossdomain.xml). When I created the file and put it on the server:
<?xml version="1.0"?>
<!-- http://www.foo.com/crossdomain.xml -->
<cross-domain-policy>
<allow-access-from domain="http://127.0.0.1:8000"/>
<allow-access-from domain="127.0.0.1"/>
</cross-domain-policy>
Then tried the application again, I got error in console of my FB Error: Request for resource at http://127.0.0.1:8000/go/active/ by requestor from file:///Users/oleg/Documents/FB3/usersList/bin-debug/usersList.swf is denied due to lack of policy file permissions.
I don't know how to fix the error. But also the question is there a way to configure FB3 to put my swf files to the server directly, so I will not need any crossdomain?
Thanks
Oleg
We struggled with this a lot. The Flex security stuff didn't strike me as well built, but perhaps we just had different approaches in mind than Adobe's developers. The solution that worked for us was to serve both the SWF and the dynamic data from the same host and port.
On our development boxes, we tell Apache to serve the SWF from a directory in the workspace, and the dynamic data from a local copy of the app. When we push to production, SWF and app get pushed simultaneously to the same virtual host.
If that's inconvenient for you, the Apache ProxyPass directive can be used to make Apache front for other servers. I've not used that in production, but it's been very handy for developer setups.
I don't know a way to get FlexBuilder to automatically deploy your changed SWF; you could certainly look into an automation approach (like Maven and Flex-Mojos) to make that happen.
That said, getting rid of that error is usually just a matter of adding a policy file to the server.
The second error is caused because you're trying to fetch http resources from a "file" location. My recommendation is that you change your Flex Builder project so it outputs to a location within the Django web site, rather than to the flex-bin directory. This setting can be changed in the properties dialog of the project. Then, you should be able to have your front-end and back-end share the same protocol and domain.