?
Solved

How to run crontab from remote unix server to execute a password protected asp script on another server?

Posted on 2008-10-31
6
Medium Priority
?
709 Views
Last Modified: 2010-04-21
Hi,

I have a client hosting with GoDaddy on a windows server using classic asp. I need to run a cron job to execute an asp page on that server. I have setup the cron job on one of my shared unix servers (not hosted on GoDaddy) successfully BUT I do not want anyone else to be able to access the asp page (on GoDaddy) and accidently trigger the script. How do I protect the asp page from unwanted hits? If I password protect it, how do I access the page from cron?

Thanks in advance.
Christina
0
Comment
Question by:ChristinaPupo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 8

Accepted Solution

by:
saoirse1916 earned 2000 total points
ID: 22850210
I've never used cron so I may be way off base here, but you could trigger the script using a username/password in a querystring, such as http://www.yoursite.com/protecteddirectory/yourscript.asp?u=username&p=123HardPassword456.  Then on the script itself, simply check to see if those values were passed properly before executing:

<% If Request.QueryString("u") <> "username" AND Request.QueryString("p") = "123HardPassword456" Then
     Response.Redirect("errorpage.asp")
End If %>

The page is susceptible to a brute-force crack attempt this way, but provided you make your username/password difficult enough it should suffice.  Also,  you could add in some IP address limiting using Request.ServerVariables("REMOTE_ADDR"), assuming of course that the server that's calling the script never changes IP address.
0
 
LVL 8

Expert Comment

by:saoirse1916
ID: 22850215
Oops!  This should be OR, not AND

<% If Request.QueryString("u") <> "username" OR Request.QueryString("p") = "123HardPassword456" Then
     Response.Redirect("errorpage.asp")
End If %>
0
 

Author Comment

by:ChristinaPupo
ID: 22851693
That sounds like it may work. Let me give it a try and get back to you.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:ChristinaPupo
ID: 22860561
Hi saoirse1916:

It works with cron but only with one quesrystring variable, the second one always seems to get left out. I also had to use response.End() instead of Response.Redirect because the cron gets redirected to the error page and then saves it (because the cron uses wget), which is undesirable.

I added both a Password and an IP Adress check for extra security. Thanks!

      'GET REMOTE IP
      IpAddress = Request.ServerVariables("REMOTE_ADDR")
      
      'GET UPD AND VALIDATE
      if request.querystring("upd") <> "_UPD_" or IpAddress <> "_IPADDRESS_" then
            response.End()
      else...
0
 

Author Closing Comment

by:ChristinaPupo
ID: 31512003
Thank you!
0
 
LVL 8

Expert Comment

by:saoirse1916
ID: 22864175
Ahh, makes sense.  Well, between the password and the IP address check, it should be pretty secure.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I would like to start this tip/trick by saying Thank You, to all who said that this could not be done, as it forced me to make sure that it could be accomplished. :) To start, I want to make sure everyone understands the importance of utilizing p…
This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question