Stop access to specific URL

Forum|Forum|1 year ago
March 25, 2024
1 reply
907 views

Hello there. Me again 😛

I have a website where I have a link https://whatever.com/membersData

Now, this folder membersData has other folders as well but the main point is that access to it should not be allowed. There should be a new page that is being shown each time somebody tries to enter and its IP doesn't match the IP of the website owner.

I would like to do this with Application.cfc or if it's not possible, do it with https://whatever.com/membersData/index.cfm file inside. Keep in mind that index.cfm is always hidden in URL.

This topic has been closed for replies.

BKBK

Community Expert

For example,

	<cffunction name="onRequestStart" returntype="boolean">
	 	<cfargument name = "targetPage" type="String" required="true"> 	
          <!--- You may use arguments.targetPage in place of CGI.SCRIPT_NAME --->	 	      
		<cfif findNoCase("/membersData/", CGI.SCRIPT_NAME) gt 0 and CGI.REMOTE_ADDR is not "123.123.123.123" >
             <!--- Required: the substring "/membersData/" does not occur in the URL to the page tst.cfm --->
			<cflocation url="rerouteDir/tst.cfm" >
		</cfif>

     	<cfreturn true>
	</cffunction>

Charlie Arehart

Community Expert

Thanks for sharing the code fragments, bkbk (though it's not quite clear why it appears twice).

That said, it seems like Aleksandar is new enough to not realize you're proposing that as a method to be added to an application.cfc file, to be placed in the root of the site. (And if none exists, one must be created and with a cfcomponent tag surrounding what is offered above--and yes it could all be written as cfscript, for anyone preferring that). Also, note that if there's already an application.cfm file, there's more to do.

First, Aleksandar, let's clarify that an important feature of cf is that before any request is processed, cf seeks first if there's any such application.cfc (or application.cfm file) in the same folder, and that's run first. If there's none, cf looks in the folder above that and so on. It runs any that it finds, and doesn't seek any other in folders above that.

So yes, this is a very common way to introduce the sort of "gate" you seek, where something is checked before the requested template runs. People have for decades been using it for login checking/processing, and much more.

Finally, the reason it can be application.cfc or cfm is that the latter came first, until about cf7 which introduced application.cfc--which is more powerful, and offers methods that are called implicitly like this onrequeststart which bkbk offered. To be clear, application.cfm does NOT support such implicitly called methods. You'd just put that code he offered (within the method) into the application.cfm file, like any other code to be found there, which is run sequentially like any other cfml.

And I say all that because if you DO already have an application.cfm, you can't JUST create a new application.cfc and plunk in that code. Cf would then run that and NOT your application cfm found in the same directory (nor any above it). You'd need to merge this code into that, as I indicated.

This matter of choosing between the two was a popular topic the past 15 years but has been rarely discussed more recently. It (along with the basics of application.cfc/cfm) has been covered in some docs and books (even older ones, still valuable for this sort of reason).

But let's hear if you're able to move forward with what's been offered here, perhaps even solely based on you already knowing what to do with bkbk's offered code. I offer the rest, then, for future readers who may benefit. 🙂

/Charlie (troubleshooter, carehart. org)

BKBK

Community Expert

Thanks for your feedback, Charlie. I have duly deleted the second suggestion, and added a comment to the first.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded