Question about the Access Restictions

Hi Hillen! Long time no talk! I hope your doing well! Invoice Ninja is still working as perfect as ever, with one slight hiccup.

I unfortunately ran into a situation with an unrecoverable disk, so I have to rebuild my billing server which means a new install of Invoice Ninja from scratch. Not what I call fun, however, I am trying to install everything the way I had it, which means the server configuration is pretty much the same. The thing is that I run multiple websites from this server, and while I never had a problem with this prior to now, I am now being punished for finding a way to work around the file system access restrictions.

First, let me say, I love the fact that you went to such a secure process for that. It shows the quality of your product which is far better then Apps costing thousands, however, in the past I was able to get around the restrictions with out risking any compromise, only now, it seems you must have changed something because that work around, no longer works.

On the old server, I was able to create another site on the same server, but I just ran it from a completely separate Document Root. This allowed the other site to be able to server the files, but, Invoice Ninja was still the guardian, should you try to stray from the designated path. Now, I don’t know what has changed, though I do know that all of the supporting subsystems like mqsql, Apache etc, have all stepped up their game on Security, so perhaps this is not the fault of Invoice Ninja, however, the problem remains, that I need to find a way of allowing other websites to be served from that host. I would prefer not to go down the rabbit whole of Docker, or a Reverse Proxy,

Is there any way to set some sort of an Environment Variable, that would allow others sites to be treated as part of the family? Perhaps, even, since I did some digging and I see that you created user account sessions records which is how your able to know who is legit and who may be shady, perhaps, there is a way to incorporate my other sites into that mix some how?

The old way, of just attacking the other sites to a completely different volume mounted on the same systems, and having the http.conf files separate, worked great until my disk died, and I am left having to rebuild from scratch.

If you could please provide me any advice on this, I would love some good news cause I have been battling with this for a while now, and all the little tricks I once had in my pocket, seems to fall out on me.

Thanks a bunch!! Hope your well, and as always, I keep looking forward to the awesome changes!

Cheers!

John Durchak

Hi John,

I’m not sure, I’m not aware of any changes related to this. As far as I’m aware you should be able to run multiple instances of the app on one server.

Hey * Message Hillel Thanks for getting back to me. The issue isn’t with running multiple versions of Invoice Ninja, it’s running other web apps on that same server thats and issue. Since this server is my most powerful server, I put Invoice Ninja on there for my clients, but them I have apps that I use for my business, which are not Customer Facing, though they are on the internet, but unless you can get past my trickery, no one would ever find them.

I have different Analyzers, and web apps that perform tasks and functions, they are password protected and all, but because they effectively are their own Apache VHosts, and their files don’t fall under the rules for the Access Restrictions (which I don’t know how to make them compliant for
, Invoice Ninja displays the "Opps the page your looking for can’t be found. I am unsure how to make sure they are able to be servered.

I did look at the code and bit, and I know you are using a combination of .htaccess, and some either propitiatory or 3rd party integration that goes far beyond the Apache mod_authz stuff, but I could really use your help to figure out a way I can satisfy the Ninja so it will let me server my pages. This server costs me good money, and I know that it far too powerful for just Invoice Ninja alone, so I figured this would be the perfect place to run my utilities because they would not affect anyone, but until I am able to get this figured out, I am stuck…

Any thoughts or suggestions you may be able to provide?

The only thing I can possible think is to move them under the Ninja Document Root, but I am very hesitant to do that as that would completely bypass all the restrictions which are good to have and I really don’t want thing living in the house with Ninja, that just asks for problems.

I will be online, hopefully you will come up with something.

Cheers

You should be able to run multiple vhosts on the one server, it is just a matter of configuring, there are loads of examples, here is a link to one:

https://httpd.apache.org/docs/2.4/vhosts/examples.html

1 Like