[Solved] Whitelist of Filetypes/Files + Problem with dir root
Added by cgeks over 9 years ago
Hi all,
i run version 1.4.35 on an ebbedded linux target with kernel 3.14. Config file ist pasted here: [[http://paste.lighttpd.net/Mr#tg4SJBoPV3022X7WVx7FcvNU]].
I am using the following config snipped to whitelist a certain set of files that should be served:
$HTTP["url"] !~ "(\.(html|jpg|gif|png|ico|js|css)|index.php|debugDownload.php)$" {
url.access-deny = ( "" )
}
That does the job it should do. It works fine. However i get a "403-Forbidden" message (Tried in Chrome and Firefox) if i call the site root with "http://192.168.10.1". Opening "http://192.168.10.1/index.php" works fine but the index-file.names = ( "index.php" ) seems not to work. My idea was to solve that with an redirect or and rewrite but so far i had no success to solve that. I tried
$HTTP["host"] =~ ".*" {
url.redirect = ( ".*" => "http://%0/index.php" )
}
and
$SERVER["socket"] == ":80" {
$HTTP["host"] =~ ".*" {
url.rewrite-once = ("." => "http://%0//index.php")
}
}
But the 403 was still the same. Anyone with an idea how to solve that? Suggestions with other ways to realize the whitelist are also welcome.
Replies (2)
RE: Whitelist of Filetypes/Files + Problem with dir root - Added by cgeks over 9 years ago
I have not found a proper solution for this but a workaround.
Implementation of whitelisting is done now by doint the whitelisting in all the subfolders and handling the rootfolder in a separate rule with a negative list using url.access-deny.$HTTP["url"] =~ "^/(folder1|folder2|folder3)" {
$HTTP["url"] !~ "\.(html|jpg|gif|png|ico|js|css)$" {
url.access-deny = ( "" )
}
}
$HTTP["url"] =~ "\.(scss|rb|json)$" {
url.access-deny = ( "" )
}
RE: [Solved] Whitelist of Filetypes/Files + Problem with dir root - Added by gstrauss about 7 years ago
To allow any path ending '/' in addition to the other extensions:$HTTP["url"] !~ "(/|\.(html|jpg|gif|png|ico|js|css)|index.php|debugDownload.php)$" { url.access-deny = ( "" ) }
To allow only root path '/' in addition to the other extensions:$HTTP["url"] !~ "(^/|\.(html|jpg|gif|png|ico|js|css)|index.php|debugDownload.php)$" { url.access-deny = ( "" ) }