I am developing an online accounting project. I do not want to give my code to the clients, but I have to give control of the domain to them. How can I configure the application such that it uses the Database from my client's domain and the application from my own domain ?
For eg : my application domain in www.a.com and my clients domain are b.com, c.com and so on.
a.com holds the application source code and b.com holds the database.
Now what I want to do is get the application code from a.com and get database from b.com whenever b.com is opened.
Or is there any other way to achieve it ?
Look into setting a CNAME record through your domain name's administration settings and using sub-domains, perhaps.
Here's more information from Google http://support.google.com/a/bin/answer.py?hl=en&answer=47283 and Wikipedia http://en.wikipedia.org/wiki/CNAME_record
Related
My customer has a domain, www.sample.com. I have completed a simple webapp for them, and is planning to host it at webapp.sample.com. Both sites are hosted at different servers (sample.com is hosted at their own hosting), while webapp.sample.com is hosted at my own AWS server. I am having trouble with the PHP Session ID, as the browser looks at both domain and subdomain, assuming it the same server. Since it is different servers (and I don't have access to their web server), I am unable to login to my webapp, unless I clear the existing Session ID from the main domain. Is there a way to have 2 separate PHP Session IDs for the main domain and sub domain.
By clearing the Cookies/Session ID from the main domain, it will allow me to login to my webapp. However, if I don't clear the Cookies/Session ID, my webapp will detect the exiting Session ID (From main site), and fail to login, as it unable to access any data/info from it, since it is a different session ID and from different server
I'm trying to create an application architecture similar to that of Shopify's.
I am running this application from Forge and I've set up the necessary configuration for wildcard DNS to work.
At the moment people can sign up to my Laravel Spark app and then a subdomain will be created dynamically for them at:
Route::group(['domain' => '{company}.app.com'], function () {
Route::get('/', 'SubdomainController#index');
});
So if they register an account and set the company name as Company then they will have a subdomain created at company.app.com. This subdomain returns a view with data related to their account (It pretty much returns a custom website for my user).
I'd like to give users the ability to mirror their site at company.app.com to their own domain address. I have tried setting up a mask within GoDaddy on a spare domain I have to test this however it doesn't seem to work :( I get this error in the console:
Refused to display 'http://company.app.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
So I'm guessing this is definitely not the right way to do it.
After this happened I looked at how other companies managed this and it looks like they create an A record and CNAME that points to the root of their app. Shopify's guide explains that they add their IP as an A record and then the CNAME is set as the shops.myshopify.com domain.
So now I'm left wondering how I can point requests in the right direction when they land on my app. So for example if traffic hits random.com and it has an A record that is equal to my servers IP, plus a CNAME of app.com, then how do I handle the request and redirect it to the correct subdomain whilst keeping the user on their custom domain?
Thanks, Nick
It's much easier than that. Your server is setting the X-Frame-Options header to SAMEORIGIN which means content from your site can only be rendered within a frame if that frame is on your domain.
You either get rid of that totally, so anyone can frame your content on any site, or you save your customers domains and do some sort of database lookup on the fly, or configure some sort of specific url for them to use for content linking which proxies to their directory on your server and has a part of the url which you can capture as a variable to use in your server config. Then you set your header to allow from their domain only.
So embed.myapp.com/example.com could serve the content from example.myapp.com and add the header
X-Frame-Options: ALLOW-FROM https://example.com/
I am creating an e-commerce platform and will allow hosting of e-commerce pages using CNAME records for store domain and an ssl certificate page on another domain for the sector checkout page. Both the domains below will reside on my server pointing to same code base.
Here is an example:
http://store.mystore.com
https://checkout.phpppointofsale.com/checkout?domain=store.mystore.com
Is the only real way to not using session data for checkout process and pull from a database instead? Or use database driven sessions and look up the data that way?
I currently have a website which allows our clients with other domains to redirect their domains to our website and use some of our features.
My problem is our clients dont want their clients and customers know that they are being redirected to another site.
So my question is, Is it possible to cloaking (using .HTACCESS or PHP) my domain such that the user will enter our clients' domain and be redirected to our site without the browser showing that they have been redirected?
Thanks
No.
Your customers will have to create A or CNAME DNS records pointing to your servers (CNAME is preferred so you can change the IP without your customers changing anything).
Then you need to configure your webserver to handle requests for their domains (ServerAlias their.domain in the VirtualHost).
Why not? Just google php proxy. This should do the trick for you.
I am working on a browser based application that will have many users. The catch is that every user should have their own customized login page, but the actual application is the same for everyone, and needs to be in a central location.
The login page is static. That is, if we have a user that requires a separate login, we will make a separate landing page for them, lets say at user1.application.com, that will have a blue background. User two will be handed a url to user2.application.com, which will have a green background. The application does not have to dynamically change the look of the login page, that will be static and managed on a higher level.
What is the most secure way of doing this?
Would it make more sense to have a copy of the application for each user, and keep the database centralized?
The projected number of users is not very high, probably around 20-80.
Thank you,
I can give you instructions on how to do this using Microsoft IIS and ASP.NET. Other servers and programming languages still apply, but the specifics will be a little different.
You'll need to have access to your DNS settings. Create a DNS entry for *.applicaiton.com. We do this as a CNAME record that points to our www domain record that is registered as the A record that is associated with the IP Address.
Option 1:
In IIS 6, create a web site and modify the Host Headers (web site Properties, Web Site tab, "Advanced..." button in the "Web site identification" section). Add an empty host header. This will cause that web site of IIS to answer all requests for all domains associated with the IP Address it is listening on.
Then create a default page and in the code behind, you'll have logic that looks at the Request.UserHostName of each request. It should return "user1.application.com" or "user2.application.com" or perhaps "www.application.com". You'll then have to parse that string and do all the dirty work to load the appropriate page.
Hmm, well, that's how you would do it dynamically, with one web site. Re-reading your question, you talk about "static" login pages. For that you have two options. You can create the static login pages and have your dynamic page read those files and send them down as the response, or option two would be...
Option 2:
In IIS, create a new web site for every user. Modify the host headers as described above such that each web site only have one host header that is equal to the user's login. Do not have a web site with an empty host header. You'll have to create a web site and add the host header for every new user, manually.
Neither option may sound very elegant, but Option 1 does work rather well. We are using it in a similar fashion to host multiple "skins" of our application.