How to put a website in maintenance mode, for anyone else, except yourself?
Hello everyone,
my first topic on nrrd.de is about putting a website in maintenance mode, not usuable for anyone except you.
On wednesday I had the task to upload a major update to one of our companies projects.
My first idea was to disable the system by adding something like the below to the ‘index.php’ files:
include('include/template/fricking_maintenance.html');
die();
Not such a good idea if you have to test the stuff, because no one, including yourself can access the stuff.
So … what now? After a short break I got the simple, but stunnig idea. ;-)
Custom HTTP header + modified (in my case, already existing) .htaccess => Everyone, except yourself, get a the ‘maintenance mode’ message. ;-)
1: # .htaccess
2: RewriteCond %{HTTP:maintenance} !^1$
3: RewriteRule ^(.*)$ maintenance.html
This rule will force everyone, who has NOT a custom http header named ‘maintenance’ with the value ‘1’, to the ‘maintenance.html’. Which literally means everyone, except yourself, get a fancy ‘maintenance mode’ message thingy while you can view your page as usual and test all your changes. And if an error occurs, no one will see it and you can proceed fixing it.
The very best on that solution is, if you have a complex set of RewriteConds and RewriteRules, then you can still use them if you have the matching HTTP header set and that lines are at the very beginning of your .htaccess . Stunning! :-D
Edit:
To clarify an important thing, you can also use a RewriteCond which is matching your current IP Address. But if your webserver is behind a (complex) Load Balancing solution, the webserver will ALWAYS get the IP Address of the Load Balancer and not yours. Therefore the solution with the HTTP header is a good deal, because it will work in the most cases!
References:
Apache Module: mod_rewrite – RewriteCond
Modify Header, a cool Firefox extension
- Weblog von twobee
- 3203 Aufrufe
- Stumble
Kommentare
nice one!
i’ve actually been wondering how to properly do this for some time now.
haven’t had the real need to use it yet
but this will sure come on handy in the future
thanks for sharing!
-.-
No problem, I thought it would be a good start for writing a nrrd.de ;-)
Thanks for the possibility of writing here, I am to lazy to maintain my own blog,
therefore I linked my personal domain (twobee.org) here. ;-)
“Ignorance is a virtue.”
lazy++
wrong
procrastination is a virtue
ignorance just plain old bliss :D
insecure
Hey twobee,
i would suggest using a random hash-value instead of the “1” for the header-value. This gives you some security by obscurity ;-)
A more secure solution would be to use a real public-key mechanism. – Generate a key pair. – Encrypt a passphrase using the public key. – Modify the rewriting condition to pass the header value as a parameter to your index scripts. – Modify your index scripts to decrypt the passphrase using the private key and to verify the key. – Redirect the user to the maintenance page if the passphrase does not match.
Just my 2 cents ;-)
rofl
I am still laughing. ;-)
p.s.: man that captcha is strange “raising missiles” o.O wtf?
thanks. It was totally a
thanks. It was totally a weird situation though, I had just posted then done a google search and I ended up looking at all these great other versions, then I saw the web address 70-536 testking and I all I could think was “damn, I’m going to look like an idiot” Oh well, you’re right though. I probably shouldn’t be so mean to myself.
In Südkalifornien hat
In Südkalifornien hat meine Schwester Asthma bis gehandelt. Sie verbringt die meiste Zeit ihres Tages der Arbeit an Atmung. Sie rief ihren Arzt vor ein paar Wochen ccent zu sehen. Sie bekam einen Termin im März! Ich denke, wenn sie geht blau, gibt es immer die Notfallstation. Das ist nur einen halben Tag zu warten!
Kommentar hinzufügen