Table of Contents
Known Problems
None currently known.
Planned Changes
I plan to make these changes fairly quickly if there appears to be some non-zero interest in this script. For right now I just want to get the script out there to see what happens.
Allow for ignore: settings for sufficiently few errors (less than 2 401's, for example)
Extract all strings from the product for easy translation
Allow for multiple actions per rule (AND OR NOT syntax)
Requested Changes
None currently.
Version History
Version numbers are of the format x.y.z.wwww. "x" is the major version; "y" is the minor version; "z" is the sub-minor version; "wwww" is the build number. The build number is increased by 1 with each release, independent of the other fields; the major and minor versions are incremented when there is a major architectural redesign.
v2.0.0.0011 - under development
...
v2.0.0.0010 - 2003-10-10 - stable
Fixed bug in which query string would be doubled in error reports on some Apache systems. For example, URL http://xav.com/foo?bar would be reported as http://xav.com/foo?bar?bar.
Fixed bug in the auto-installer in which the "favicon.ico" file would be incorrectly transferred in ASCII format, corrupting it.
Changed "trailer" special-case filter rule to analyze URL with all trailing non-alphanumerics strips, instead of just a few (space, quotes). This fixes a bug whereby text like "(link: http://www.xav.com/)" would be highlighted as URL http://www.xav.com/) which would result in 404. Now the trailing "/)" is stripped and the client is directed to the proper location.
The "test message" interface link no longer appears on the Manage System Settings page in cases where no email address or mail transport method have been defined. Previously following that link would results in a confusing error message when those settings had not yet been defined.
The "Status:" HTTP header will no longer be returned on Microsoft IIS 6.0 and higher (i.e., Windows 2003 +) following reports of problems with that header on that platform.
v2.0.0.0009 - 2003-01-17 - stable
The "redirect" response now contains a "noindex" robots META tag, instead "none". The less restrictive "noindex" allows robots to follow the redirect. If upgrading from an earlier version of Guardian, you must update the "moved.txt" template for this change to take effect.
The "http-redirect" Filter Rule now returns respond code "301 Moved Permanently" instead of "302 Moved Temporarily". New response type "http-redirect-temp" will respond with "302 Moved Temporarily" (help topic).
Now checking REQUEST_URI environment variable on Apache, in addition to REDIRECT_URL. On some Apache systems, only REQUEST_URI is supported, and so Guardian will be able to correctly detect the error URL on those systems. On other Apache systems, both REQUEST_URI and REDIRECT_URL are supported, but the former is more accurate, and so Guardian will have more accurate information there.
The query string will now be included in the error URL on all platforms. Previously, the query string was only included on IIS servers. This change may cause certain filter rules to stop working. For example, "url-pattern: \.asp$" which previously matched all ASP pages, will now fail to match if there is a query string. Rules should be rewritten as "url-pattern: \.asp($|\?)" to take this into account.
Fixed bug in which a server error would not be saved to the log (step2) if there were an error while sending mail (step1). Guardian now attempts both logging and emailing independently.
Guardian will no longer update ".htaccess" files that are larger than 32768 bytes (help topic).
Fixed bug in which the check-all and clear-all Javascript action links would appear for browsers which do not support those actions. Now only Internet Explorer should see those action links.
v2.0.0.0008 - 2002-08-11 - stable
Fixed bug whereby multiple identical errors all occuring within a one-second window of time would be displayed as only a single error on the "Review Log" page.
Fixed several XHTML and CSS bugs.
Minor changes to the first-time user help.
Added work-arounds and documentation for some filter rules that do not work properly on the Zeus web server (help topic).
Guardian does not work on netfirms.com. Added special-case code to print warnings to this effect during the setup and auto-install process.
Added the server date and time to the System Information and Testing screen.
Now using
<label>tag alongside checkboxes and radio buttons.Changed code to accomodate minor changes in IIS error handling for Windows 2000 SP3 release.
The error log and system log can now have records be deleted on a record-by-record basis.
When the errors.log file exceeds MaxLogBytes, the script no longer logs this as an error condition to the "syslog" file. Instead, it will print a warning on the Admin Page when the administrator next visits.
The MaxLogBytes setting is now applied to both "errors.log" and "syslog". Previously only applied to "errors.log", while "syslog" was hard-coded to a 100000-byte limit.
Added a "detail view" of each error record from the "Review Log" interface. Allows user to view the full strings for records whose strings are truncated in the table view.
v2.0.0.0007 - 2002-05-02 - stable
- Security fix - corrected several locations in the script where outside data was displayed without running it through the HTML-encode routine. This problem relates to the cross-site scripting vulnerability. Please upgrade to this version. Thanks to Daniel Martin for reporting this bug.
- Security fix - now using a special auto-detect algorithm to determine what file permissions to apply to the data files. Keeps data files private on the increasingly-common suexec systems.
- Now consistently setting permissions on all data files created or modified by the script. The exact permissions can be controlled by going to "Admin Page" => "Manage System Settings" => "File Permissions". Fixes bug whereby the script would create certain data files like "filters.txt" using the server ID and then forget to make them writable by the account owner ID.
- Added "First-Time User Help" section to assist with setting up the script. Guardian can now auto-configure the Apache .htaccess file in many cases.
- Improved help text associated with template files. Now enumerates all possible variables for use in templates.
- Speed improvement - made reverse-DNS-lookups during logging be optional. The feature will now be disabled by default.
- Added export-to-CSV format for better inter-operability with spreadsheet programs.
- Added support for regex substitutions in Filter Rules. Can now have a rule like "url-pattern: (.*).htm; redirect: $1.html" to move all .htm files to .html. Thanks to Brian Renken for creating this feature.
v2.0.0.0006 - 2002-03-10 - stable
- Changed name to "Guardian" from "the Apache Guardian"
- Fixed bugs whereby keys PRINT_HTTP_STATUS_HEADER and VERSION were being overwritten in %const
- Display of error log can now be sorted by any field. Continues to display errors in time sequence order by default.
- Now prints a warning message when saving Filter Rules in freeware mode, if there are filter rules defined which are not supported in that mode.
- Fixed bug with "trailer" action type on Windows.
- Now allow multiple reaction strings per rule, i.e. "url-substring: exe NL ignore: 3 NL error-template: foo.txt". Each rule can still have at most one reaction which prints to screen, along with the passive reactions "ignore" and "blacklist".
- Updated help file.
v2.0.0.0005 - 2001-10-07 - stable
- Added support for # comments in the filters file.
- Added strict data validation for when the administrator saves a new set of Filter Rules
- Added
check_regexsubroutine to catch invalid and/or insecure regex's in Filter Rules - Experimented with changes to fix Error-URL detection on Cobalt/Apache systems
- Edited default "500 Internal Server Error" template to no longer reference the pair.com process-killing daemon. Edited "401" default response to no longer request that people send mail to a nickname.net address. Edited "404" template to no longer link to a search engine. Users upgrading from earlier versions will have to manually replace these template files.
- Added additional reporting output to the emails; will now report on any "ignore" and "blacklist" actions taken
- Now consistently forward the query string on "redirect" and "http-redirect" actions
- Added "syslog" feature which will record system errors like "unable to send mail" or "unable to find file". These system errors occur as clients interact with the system, and now they will be saved for review by the administrator.
- Moved bulky WebAuth and SetDefaults subroutines out of ag-shared and into ag-admin; should result in improved performance in the error-handling script.
- Removed get_mx automatic lookups of SMTP servers
- Fixed bug whereby the scripts would not work under safeperl
v2.0.0.0004 - 2001-09-26 - stable
The 0004 build did not have its internal $VERSION variable updated, and so it reported itself as 0003. Sorry.
- Added Zeus support
v2.0.0.0003 - 2001-09-07 - beta
- Added non-cookie authentication support
- Fixed data initialization bug that manifest under Apache mod_perl. Was causing some looping login screens.
- Added HTML code to default template to hide all data that is appended to the error page; helpful for those systems that append a system error message to the end of each custom error message
v2.0.0.0002 - 2001-09-02 - stable
- First official release since 4/26/1997 !!
- Added admin interface
- Added filter rules, which allow errors to be handled rather than just logged (i.e., visitors can be redirected to the new location of the file)
- Added three license modes: Freeware, Trial Shareware, and Registered Shareware. The Freeware mode offers substantially better features than the old pure-freeware Apache Guardian, so hopefully nobody will mind the change too much.
- Created a help file with extensive info on how to configure the web server to redirect errors to a Perl CGI script
- Integrated Apache Guardian with the auto-installer