I'm using WildFly 8.1.0.Final (JBoss) on a windows server and I've deployed a WAR ("test.war") with a single HTML file at its root.
Now, using CURL I can read any file on my filesystem:
curl http://localhost/test/..\\..\\..\\..\\..\\..\\..\\..\\..\\..\\Windows\\win.ini
Note that this also happens when accessing a remote host.
Also note that the number of "..\" probably depends on where is Wildfly deployed.
Obviously this is not desired...
So I tried to fix this by explicitly disabling directory-listing even though listing is disabled by default and my using "curl" doesn't browse any directory. This didn't help.
It feels like a bug in Undertow though I can't prove it.
Any help will be appreciated.
Thanks.
Related
I recently ran into the issue where I was working on two Laravel projects: one using Docker, the other using XAMPP. I started my Docker project earlier, so I gave it access to port 3306.
When I went to implement the XAMPP project, I tried editing all the DB settings in the proper places to use the port 3308 so that it didn't collide with my DB docker container. Problem was, now I couldn't connect to phpMyAdmin. I was receiving errors that the settings were incorrect. So what was the solution?
The solution was to reset all of my settings to 3306, docker-compose down my Docker project, and then restart the XAMPP services. Worked like a charm.
So I'll note a couple things:
It seems like phpMyAdmin assumes it has access to 3306 even if you've changed your settings in config.inc.php.
Unrelated to this precise problem, I discovered that XAMPP's PHP version was different than what was installed on my Windows machine, which meant that I had two php.ini files. My php-cli was using the C/Program Files/PHP/php.ini, whereas XAMPP was using the XAMPP php.ini. While the XAMPP php.ini had the correct extensions uncommented, I needed to manually uncomment the appropriate extensions in the php-cli ini file. If you have xampp, go to the command line and use php --ini to check where your CLI ini file is located.
I suggest to try devilbox
The Devilbox is a modern and highly customisable dockerized PHP stack supporting full LAMP and MEAN and running on all major platforms. The main goal is to easily switch and combine any version required for local development. It supports an unlimited number of projects for which vhosts, SSL certificates and DNS records are created automatically. Reverse proxies per project are supported to ensure listening server such as NodeJS can also be reached. Email catch-all and popular development tools will be at your service as well. Configuration is not necessary, as everything is already pre-setup.
I have installed a drupal 8.8 site using Composer on a Windows 10 pro system and docker and ddev as the development environment.
The drupal site seems to be functioning normally: I see no errors in the drupal log nor when I run ddev describe.
The only exception: Drupal gives me a warning that sites/default/settings.php needs to be write protected. In the past I have done this on a live site using Filezilla, but this is a development only site and it seems Filezilla does not apply permissions on local files--at least, when I right-click the file locally, I do not find a command for changing permissions.
I tried changing the write permissions with Windows 10 itself, but that did not seem to have any effect--I suspect for windows those are different kinds of permissions.
I poked around online and saw something that made me think I could use phpmyadmin to change permissions. Got caught up in that and struggled with it, until getting some help here (How to access phpmyadmin on DDEV Windows 10 pro localhost with SSL record too long error) but it turns out you can't change file permissions with phpmyadmin, apparently.
I tried to use the address that connected me to phpmyadmin in my browser to connect with Putty, but Putty tells me the host does not exist.
So the help I am looking for: how can I change file permissions for sites/default/settings.php in Windows 10 pro localhost running docker/ddev development environment for my drupal site?
Thank you!
I assume you're talking about this warning?
First, you can ignore this warning completely. You're on a local development environment, and so you shouldn't have any concerns about the permissions of settings.php.
Unfortunately, in a Windows environment, you can't make simple permissions changes as Drupal 8 is suggesting that you do.
Note that settings.ddev.php explicitly provides the skip_permissions_hardening option, $settings['skip_permissions_hardening'] = TRUE; to tell Drupal 8 not to try to change permissions on sites/default and sites/default/settings.php because it's just a dev environment and because when Drupal does these things it just makes things harder.
However, to make most things easier on Windows (doesn't solve that problem)...
Use nfs_mount_enabled
I see there are loads of problems with the new "official" Drupal 8.8.0 composer build on Windows. Most of them are due to the composer build making some assumptions about the ability to set time and ownership, but the docker mount used by default (CIFS) has everything owned by root, so the container can't change permissions (even thought they're wide open).
I found that I could get by all of these things by using NFS to mount into the container, and you'll also find it improves performance quite a lot. Set up for NFS by following the instructions at https://ddev.readthedocs.io/en/stable/users/performance/#windows-nfs-setup
I am trying to deploy my grails application on an openshift server. I have created an instance using command "rhc app create MyApp jbossews-2.0". When I ssh to the server, I see a jboss folder but no tomcat folder. How can I deploy my .war file onto the server?
I think the Docs on how to deploy a binary file will help you with this, however what the docs do not say is that with Tomcat the deployments directory is called webapps but they work the same way (except for the marker files, tomcat does not use those).
You may want to check out https://github.com/gssOpenShiftsupportExamples/JavaSample as it shows an example of how to do this with JBoss (the same thing will work for Tomcat if you change the directory as denoted above).
I'm using Grails 2.0.4 and elasticsearch 0.19.8, with a homegrown build of the elasticsearch-grails plugin to use 0.19.8, running on a micro Ubuntu instance of EC2.
I'm building my grails project locally as a war. When I drop this was in a jetty container locally (on my laptop), jetty starts and I'm able to navigate to the root context (as expected) and get my site.
However, when I take the same war (confirmed via md5sum) in the same version of jetty (confirmed via md5sum) on a micro EC2 instance, I get strange results.
Occasionally, jetty starts and my application is available...all is well. But then other times, jetty won't start...and the logs are complaining about elasticsearch.
Now, I'm the first to admit that running both elasticsearch and jetty (with a grails war) on the same node is, well, not the greatest idea...but, this is a test environment, and I'm okay with swapping to disk (not a perf testing lab).
But, what's driving me batty is the inconsistency in running my application. Currently, I cannot get it to start (which, I suppose, counters my "inconsistency" argument). But even taking a "starting" war, with MINIMAL changes in the war (no domain object changes, just changes in controller and/or view), my app won't start - complaining about elasticsearch.
Here's the gist
In the past, I've solved this by stopping elasticsearch, and blowing away /var/lib/elasticsearch/elasticsearch (which is basically, as I understand it, a crude way of blowing away the elasticsearch index).
But now, this doesn't appear to be working. Neither does uninstall/reinstall elasticsearch.
Can anybody offer any advice on what to look for and/or where to look?
Ok, this is driving my crazy, but I found an answer.
/data contains an elasticsearch directory which, apparently, had bad data...I deleted this directory and restarted jetty and...
Viola!
I have NO idea how it got into this state, nor the actual ramifications of deleting the directory (I think elasticsearch data is persisted in the elasticsearch node...)
I suspect an incomplete shutdown of my app...
Thanks for everybody's input.
Recently I configured my instance into a micro environment in EC2 with glassfish and mysql in windows..
I deployed my war and i was able to access my site through http.
I changed my application and redeployed the war and it also worked.
When I was about to redeploy the war for 4th or 5th time, the application got deployed, I saw the message in the log file. But I was unable to access the site through http.
Then I tried the command "asadmin list-applications" and I got the following message.
Error occurred during initialization of VM
Could not reserve enough space for object heap
After that I was not able to connect to my instance through RDP and I had to reboot, I was able to access it again after that. I started the servers again (glassfish mysql), but no luck.
I noticed that the memory usage is around 90% or more. CPU isage is low.
now I can not access my site through http. what shall i do ?
Thanks in advance !
Honestly, there are a couple issues working against you here:
1) Windows requires FAR more RAM than Ubuntu to run at a minimum decent level.
2) GlassFish has a much larger footprint than Tomcat or Jetty.
Is there any particular reason you need Windows? Like is there a specific need that your server run some executables for file processing or something like that outside the JVM? Most would agree that Linux (Ubuntu or other) will give you much better results in performance and stability to run an App Server like GlassFish in any environment.