Mudy’s Blog

I have played Cherokee server on my personal blog a couple of days. I used it for some private file. Some directories need to be password protected. Initially I set it up in this way.

Incorrect password protection for Cherokee webserver

Then I tested against some static files, it obviously worked. However a couple days later, I realize the php script inside this directory was not protected at all including index.php. A rather easy fix, I added the same auth method to php handler as well. However as I add more stuff into my private directory, some of them require individual handler to work correct, so I added same http authentication method to all of them. It is really a pain to maintain such a long auth list, suddenly I realized I must have done this in a wrong way.

After digging into the cherokee document and cookbook, I find this simple solution to protect a whole directory.

1. Add a directory rule which match the directory you want to protect.
2. Set the handler to None in Handler tab
3. Set authentication method in Security tab.
4. Move this rule to the top and uncheck final.

Correct way to password protect cherokee webserver.

That’s it.

 Tweet
 

Yejun Linux, Web cherokee, http authentication, password protection, webserver

There is no built in function to do redirecting in Varnish.  After googling around, here is the result.

Using error page of varnish to return an object with location header, since obj is not available within vcl_recv.

sub vcl_recv {
if (req.http.host ~ "^(www.)?mudy.info$")
{
error 302;
}
}

sub vcl_error {
if (obj.status == 302 && req.http.host ~ "^(www.)?mudy.info$")
{
set obj.http.Location = "http://blog.mudy.info/";
}
}

I am unsure whether there is a simpler way to verify the request, so I test the same condition again inside vcl_error.

If you want request url appended to redirection, you can use this instead.

set obj.http.Location = "http://blog.mudy.info" req.url;

 Tweet
 

Yejun Linux, Web 301, 302, http, redirect, varnish, Web