2017 © Pedro Peláez
 

silverstripe-module routewhitelist

Provides a whitelist of known valid URL patterns in a SilverStripe website.

image

silverstripe/routewhitelist

Provides a whitelist of known valid URL patterns in a SilverStripe website.

  • Monday, September 18, 2017
  • by candidasa
  • Repository
  • 4 Watchers
  • 11 Stars
  • 1,359 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 3 Forks
  • 3 Open issues
  • 3 Versions
  • 2 % Grown

The README.md

Route Whitelist

Build Status Scrutinizer Code Quality Build Status codecov.io, (*1)

Latest Stable Version Latest Unstable Version Total Downloads License Monthly Downloads Daily Downloads, (*2)

Dependency Status Reference Status, (*3)

Provides a whitelist of known valid URL patterns in a SilverStripe website., (*4)

Overview

This module takes the approach that while routing is a difficult problem, there is a subset of the routing problem that is quite easy to solve. So, while is a very difficult computation involving multiple database queries to figure out if a given URL is invalid and should result in a 404, or is valid and should be routed to a certain controller, it is much easier to figure out that a given URL is definitely invalid and will under no circumstances result in a valid response. This module does exactly that. It examines the first segment of a URL and very quickly returns a 404 response, if that first segment doesn't match any known controller, route, or top-level page., (*5)

Requirements

The Route Whitelist relies on the Apache's htaccess system to compare the first segment to the URL. Nginx is currently not supported., (*6)

Route Whitelist also only works with SilverStripe installations in the domain route. So, a site running at: "myawesomewebsite.com" works and "localhost:81" works, but "localhost/myawesomewebsite" doesn't work., (*7)

Installation

To install this module run:, (*8)

composer require silverstripe/routewhitelist:*

To configure the module replace the standard SilverStripe .htaccess file with the file in routewhitelist/extra/htaccess. You can do this by running the following commands:, (*9)

cd myawesomewebsite
cp routewhitelist/extra/htaccess .htaccess

Then run a ?flush=all to generate the whitelist. Don't worry, the module doesn't take effect until you generate the whitelist., (*10)

If you have modified the standard SilverStripe .htaccess file, insert the following snippet into your modified file at an appropriate location near the top of the mod_rewrite rules:, (*11)

#routewhitelist: send known invalid URLs straight to the 404 error page
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{DOCUMENT_ROOT}/routewhitelistcache/.htaccess -f
RewriteCond %{REQUEST_URI} ^\/(.+?)(\/.*|\s*)$
RewriteCond %{DOCUMENT_ROOT}/routewhitelistcache/%1 !-f 
RewriteRule  .* assets/error-404.html [L,R=404]

The Versions

18/09 2017

dev-master

9999999-dev

Provides a whitelist of known valid URL patterns in a SilverStripe website.

  Sources   Download

BSD-3-Clause

The Requires

 

by Julian Seidenberg

silverstripe routes ddos 404

18/04 2016

v1.0.1

1.0.1.0

Provides a whitelist of known valid URL patterns in a SilverStripe website.

  Sources   Download

BSD-3-Clause

The Requires

 

by Julian Seidenberg

silverstripe routes ddos 404

09/03 2016

v1.0.0

1.0.0.0

Provides a whitelist of known valid URL patterns in a SilverStripe website.

  Sources   Download

BSD-3-Clause

The Requires

 

by Julian Seidenberg

silverstripe routes ddos 404