Solved

How to run crontab from remote unix server to execute a password protected asp script on another server?

Posted on 2008-10-31
6
708 Views
Last Modified: 2010-04-21
Hi,

I have a client hosting with GoDaddy on a windows server using classic asp. I need to run a cron job to execute an asp page on that server. I have setup the cron job on one of my shared unix servers (not hosted on GoDaddy) successfully BUT I do not want anyone else to be able to access the asp page (on GoDaddy) and accidently trigger the script. How do I protect the asp page from unwanted hits? If I password protect it, how do I access the page from cron?

Thanks in advance.
Christina
0
Comment
Question by:ChristinaPupo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 8

Accepted Solution

by:
saoirse1916 earned 500 total points
ID: 22850210
I've never used cron so I may be way off base here, but you could trigger the script using a username/password in a querystring, such as http://www.yoursite.com/protecteddirectory/yourscript.asp?u=username&p=123HardPassword456.  Then on the script itself, simply check to see if those values were passed properly before executing:

<% If Request.QueryString("u") <> "username" AND Request.QueryString("p") = "123HardPassword456" Then
     Response.Redirect("errorpage.asp")
End If %>

The page is susceptible to a brute-force crack attempt this way, but provided you make your username/password difficult enough it should suffice.  Also,  you could add in some IP address limiting using Request.ServerVariables("REMOTE_ADDR"), assuming of course that the server that's calling the script never changes IP address.
0
 
LVL 8

Expert Comment

by:saoirse1916
ID: 22850215
Oops!  This should be OR, not AND

<% If Request.QueryString("u") <> "username" OR Request.QueryString("p") = "123HardPassword456" Then
     Response.Redirect("errorpage.asp")
End If %>
0
 

Author Comment

by:ChristinaPupo
ID: 22851693
That sounds like it may work. Let me give it a try and get back to you.
0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 

Author Comment

by:ChristinaPupo
ID: 22860561
Hi saoirse1916:

It works with cron but only with one quesrystring variable, the second one always seems to get left out. I also had to use response.End() instead of Response.Redirect because the cron gets redirected to the error page and then saves it (because the cron uses wget), which is undesirable.

I added both a Password and an IP Adress check for extra security. Thanks!

      'GET REMOTE IP
      IpAddress = Request.ServerVariables("REMOTE_ADDR")
      
      'GET UPD AND VALIDATE
      if request.querystring("upd") <> "_UPD_" or IpAddress <> "_IPADDRESS_" then
            response.End()
      else...
0
 

Author Closing Comment

by:ChristinaPupo
ID: 31512003
Thank you!
0
 
LVL 8

Expert Comment

by:saoirse1916
ID: 22864175
Ahh, makes sense.  Well, between the password and the IP address check, it should be pretty secure.
0

Featured Post

Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question