Products

Solutions

Resources

Partners

Community

About

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Static HTML Facebook validation files outside of DNN: a security risk?Static HTML Facebook validation files outside of DNN: a security risk?
Previous
 
Next
New Post
12/28/2017 6:08 PM
 

Hi all,

This may not be the best forum area in which to ask this question, but I couldn't figure out a better one - if there is, please direct me! 

We have a large Evoq install with lots of portals. One client is requesting the addition of a static HTML file from Facebook to validate their domain name, which needs to live at the root of the site. Of course, DNN itself doesn't support that, but as a server admin I could add the HTML file (long character string name, single long character string as only content) directly to the root of the install. However, this feels wrong, and I'm wondering if it may be a security risk, or a conflict, as any of the bound domain names would have access to that same HTML file. 

I'm pushing them to implement the alternate, DNS-record based validation method instead, but would love to hear some feedback on this issue and learn something in the process.

Thanks, DJ

 
New Post
12/29/2017 5:28 PM
 
DJ,
I would agree, that likely would become an issue if you're sharing multiple domains across an install of DNN.

That being said, I never setup client installs running out of the same installation of DNN. I find that it always leads to potential conflict that I would rather avoid.

Chris

Chris Hammond
Former DNN Corp Employee, MVP, Core Team Member, Trustee
Christoc.com Software Solutions DotNetNuke Module Development, Upgrades and consulting.
 
New Post
1/1/2018 10:29 PM
 
I understand the economic reason to share a DNN install for multiple clients and it should work as expected.
The risk of placing a file with a fixed name in the root of the website is this would be referenced from any website and domain alias inside your DNN

Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Static HTML Facebook validation files outside of DNN: a security risk?Static HTML Facebook validation files outside of DNN: a security risk?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out