How to setup a site protection activation via a Web interface

These instructions describe how to setup a web page for a site owner to Enable/Disable alone the DAF protection of her/his site. This feature was designed specifically for ISP environments:

  • Less administration task for the NT Administrator. The DAF protection for a new IIS site may be Enabled/Disabled without the intervention of an NT administrator.
  • With the Authorization Url, it is possible to define in advance which site is enabled to use the DAF Protection. For example, you may disallow the use of DAF protection for a basic web hosting plan and allow it for other plan.
  • With the Notification Url, you are notified when a site protection is Enabled/Disabled. For example, you may use this feature to automatically set a flag to charge an extra monthly fee when the protection is enabled.

To install a site protection activation via a web interface:

  1. Enable the feature (global setting) via the global ISP Settings
  2. Create a HTML web form to control the site protection activation (below)

2. Create a HTML web form to control the site protection activation


The Form Action tag should query the DAF Engine with the following Url (where <SiteID> define the site to protect):

http://<DAFEngineAddress>/dcmd/iis/<SiteID>/installfilter.htm

A convenient solution is to expect the Site ID as query string parameter passed to the form page. In this case, the url for the DAF Engine becomes:

http://<DAFEngineAddress>/dcmd/iis/<%= request.querystring("SiteID")
%>/installfilter.htm


The form may also contain hidden fields to specify "success" and "failure" redirection destinations. For example:

<input type="hidden" name="SuccessUrl" value="http://192.168.200.250:82/InstallFilter/success.asp">
<input type="hidden" name="FailureUrl" value="http://192.168.200.250:82/InstallFilter/failure.asp">

Example of a form source code to Enable a site protection:

<form method="POST" action="/dcmd/iis/<%= request.querystring("SiteID") %>/installfilter.htm">
<input type="hidden" value="Install" name="Action">
<input type="radio" name="Options" value="0xF0080" >HTML Login Form,Cookies
<input type="radio" name="Options" value="0xF009C">HTML Login Form,cookie free
<input type="radio" name="Options" value="0xB006E" checked>Basic Authentication
<input type="submit" value="Enable Site Protection"
</form>

Example of a form source code to Disable a site protection:

<form method="POST" action="/dcmd/iis/<%= request.querystring("SiteID") %>/installfilter.htm">
<input type="hidden" name="Action" value="Uninstall">
<input type="submit" value="Disable Site Protection">
</form>
 


DAF Engine "InstallFilter" command:


    http://<DAFEngineAddress>/dcmd/iis/<SiteID>/installfilter.htm

DAF Engine "installfilter" command
Parameters Value Description
Action install
unsintall
Enable the site protection
Disable the site protection
NEWFILTER_ENABLEDONLY (1) Enable the filter only
NEWFILTER_RESET (2) Reset the filter configuration
NEWFILTER_HTMLLOGIN (4) Use an HTML Login form
NEWFILTER_BASICLOGIN (8) Use Basic Authentication
Options NEWFILTER_TICKETIDCOOKIE (16) Store the Ticket ID in cookies
NEWFILTER_TICKETIDURL (32) Emdeb the Ticket ID  in the Url
NEWFILTER_COPY_SAMPLEPRIVATEDIR (64) Create a sample protected directory (1)
NEWDB_RESET (0x10000) Reset the User DB configuration
NEWDB_XML (0x20000) Use a text XML User DB (2)
NEWDB_SESSION_ENABLED (0x40000) Enable Session State
NEWDB_COPY_SAMPLEXMLUSERDB (0x80000) Create a sample text User DB (3)
MSG_ERR_SUCCESS (0)
MSG_ERR_NO_URL_REDIRECT (12)
MSG_ERR_INVALID_SITEID (13)
Result Code MSG_ERR_FILTER_ALREADYINSTALLED (14)
MSG_ERR_FILTER_NOTINSTALLED (15)
MSG_ERR_INVALID_OPTIONS (16)
MSG_ERR_FORBIDDEN (17)
MSG_ERR_PROCESSING_FAILURE (28)
Permission Only a site DAF Administrator may execute this command. By default, a NT account with read/write permission in the web site home directory is a DAF Administrator (for the site in question.)

(1) Will copy directory [<RootDAFData>\default_files\dafdemoprv] to directory [<SiteHome>\dafdemoprv]. This option allows to easily test the site protection by requesting Url [http://mydomain.com/dafdemoprv]

(2) Configure the filter to use the sample XML User DB created with option
NEWDB_COPY_SAMPLEXMLUSERDB

(3) Will copy file [<RootDAFData>\default_files\xmluserdb\users.xml] to [<SiteDAFData>\xmluserdb\users.xml].
 


  • NEWFILTER_CREATE_DCMD
  • NEWFILTER_RESET

     

  • NEWFILTER_COPY_DEFAULTWEBFILES

copies from <DAFAppDataDir>\Default_files\web\*.* to <SiteDAFData>\webfiles

  • NEWFILTER_COPY_WELLKNOWN_IPS

copies from <DAFAppDataDir>\Default_files\ipfilters\*.* to <SiteDAFData>\ipfilters

  • NEWDB_COPY_SAMPLEXMLUSERDB

copies from <DAFAppDataDir>\Default_files\xmluserdb\*.* to <SiteDAFData>\xmluserdb

  • NEWFILTER_COPY_SAMPLEPRIVATEDIR

copies from <DAFAppDataDir>\Default_files\dafdemoprv\*.* to <SiteHome>\dafdemoprv

 

  • NEWDB_RESET
  • NEWDB_XML: setup an XML user DB

NEWSITE_DROP