RE: [Zope] apache open proxy configuration problem
Title: RE: [Zope] apache open proxy configuration problem I abandoned mod_proxy for mod_rewrite. Security-wise, mod_rewrite had less to worry about (this is important when website administration changes hands). The sample configuration below shows how to handle Zope resource quirks and how to proxy requests to and from folders in Zope (both tested). The last rule is my guess at what proxy everything to and from Zope would look like (untested). Apache is listening on 80 and routes requests to a Zope instance listening on 8080. IfModule mod_rewrite.c RewriteEngine On RewriteLog /path/to/rewrite_log # Zope serves some system-ish content from p_ and misc_. RewriteRule ^/p_(.*) http://127.0.0.1:8080/VirtualHostBase/http/%{HTTP_HOST}/VirtualHostRoot/p_$1 [L,P] RewriteRule ^/misc_(.*) http://127.0.0.1:8080/VirtualHostBase/http/%{HTTP_HOST}/VirtualHostRoot/misc_$1 [L,P] # Apache folders served by Zope folders. RewriteRule ^/folder1(.*) http://127.0.0.1:8080/VirtualHostBase/http/%{HTTP_HOST}/VirtualHostRoot/folder1$1 [L,P] RewriteRule ^/folder2(.*) http://127.0.0.1:8080/VirtualHostBase/http/%{HTTP_HOST}/VirtualHostRoot/folder2$1 [L,P] # Push everything to Zope? RewriteRule ^(.*) http://127.0.0.1:8080/VirtualHostBase/http/%{HTTP_HOST}/VirtualHostRoot/$1 [L,P] /IfModule Aloha, Priam -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ed Colmar Sent: Saturday, October 15, 2005 9:19 AM To: zope@zope.org Subject: [Zope] apache open proxy configuration problem I've been running zope through apache for years and years now, and I have a new machine set up with apache 2.0.48 and zope (Zope 2.8.0-final, python 2.3.5, linux2) Using Identical Vhost configuration settings from an old machine all has been well, up until about 5 days ago, when I noticed the machine getting slammed, and wierd logs started showing up like: xxx.xxx.xxx.xxx - - [14/Oct/2005:14:09:06 -0700] GET http://partners.mygeek.com:80/search.jsp?partnerid=98885=12 HTTP/1.1 403 406 (IP removed to protect the guilty) In my quick research to try to determine the problem, I found people advising to turn ProxyRequests Off, which I did, but did not have any effect. Luckily this is just a development server, not a live production server, so its not super critical, but I'm nervous now that my production server might be in the same state... Here is a sample vhost.conf entry: NameVirtualHost 192.168.1.32 VirtualHost 192.168.1.32 ServerName www.greengraphics.net ServerPath /var/www/greengraphics/www DocumentRoot /var/www/greengraphics/www ServerAdmin webmaster RewriteEngine On TransferLog logs/Vhost-greengraphics-access.log ProxyRequests Off Proxy * Order deny,allow Allow from all /Proxy ProxyPass / http://192.168.1.32:8080/VirtualHostBase/http/www.greengraphics.net:80/greengraphics/VirtualHostRoot/ ProxyPassReverse / http://192.168.1.32:8080/VirtualHostBase/http/www.greengraphics.net:80/greengraphics/VirtualHostRoot/ /VirtualHost mod_proxy.conf looks like: IfDefine HAVE_PROXY IfModule !mod_proxy.c LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_connect_module modules/mod_proxy_connect.so #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so LoadModule proxy_http_module modules/mod_proxy_http.so /IfModule /IfDefine IfModule mod_proxy.c # # Proxy Server directives. Uncomment the following lines to # enable the proxy server: # ProxyRequests Off Proxy * Order deny,allow Deny from all # Allow from .your-domain.com /Proxy # # Enable/disable the handling of HTTP/1.1 Via: headers. # (Full adds the server version; Block removes all outgoing Via: headers) # Set to one of: Off | On | Full | Block # ProxyVia On # End of proxy directives. /IfModule any suggestions? places to look to verify security? Thanks! -ed ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] Exporting Plone objects to Zope CMF
Title: RE: [Zope] Exporting Plone objects to Zope CMF Thanks jcc. I didn't consider FTP at all. I FTP-ed the CMF site to my laptop, reorganized and pruned things filesystem-wise (where grep and friends helped out), then FTP-ed the sanitized tree up to my local Zope instance. With two browsers, gvim, ExternalEditor, and good old copy/paste, it didn't take long to get into a rhythm. One thing to note is that when the files on the filesystem were FTP-ed up to Zope, some got lost when I uploaded them directly into a CMF folder. I gave them their own folder in the top of the ZMI and everything of substance wound up as a file or a DTML document. Aloha, Priam Kanealii, Priam Mr KRS wrote: Dear Zope-list, Running with Zope 2.7.5 Plone 2.0.5.. What nice method exists, if any, to export CMF-ish things like documents, events, and news items from Plone to ZopeCMF? (Or, what search terms may have escaped me?) Ideally, I'd like to be able to export folders in Plone and import them to Zope CMF such that Plone-ized CMF items were magically de-Ploned (and allow for sufficiently Plone-ized things to remain broken). Unfortunately, importing folders or most other objects raises a Copy Error:: Object *broken* does not support this operation. I'm just wondering if there are options to porting content by hand ..which will be less than a day's work in this case (we're just getting started). In absence of a nice method, I'm curious what methods others may have applied in a similar situation. I don't think that's a very common task. Plone over-rides most (or all) of the basic CMF types, and so you wouldn't be able to import them in a site without the Plone software installed. Though, perhaps, you can use FTP to download from one and upload to the other. May lose workflow state and maybe other metadata that way, though. If that's a problem, see CMFSetup and CMFSetupExtensions, which will allow you to export/import your site in XML, retaining metadata. You might have to go and edit the type fields in the XML, though. Though if doing it by hand will only take a day, I might not bother. --jcc ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Exporting Plone objects to Zope CMF
Title: Exporting Plone objects to Zope CMF Dear Zope-list, Running with Zope 2.7.5 Plone 2.0.5.. What nice method exists, if any, to export CMF-ish things like documents, events, and news items from Plone to ZopeCMF? (Or, what search terms may have escaped me?) Ideally, I'd like to be able to export folders in Plone and import them to Zope CMF such that Plone-ized CMF items were magically de-Ploned (and allow for sufficiently Plone-ized things to remain broken). Unfortunately, importing folders or most other objects raises a Copy Error:: Object *broken* does not support this operation. I'm just wondering if there are options to porting content by hand ..which will be less than a day's work in this case (we're just getting started). In absence of a nice method, I'm curious what methods others may have applied in a similar situation. Mahalo, Priam ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )