I have 2 servers, let's call them server A and server B. Server A is publicly hosted and has a public facing front-end. Users can visit a page on Server A and submit a form, which needs to be submitted to a page hosted on a private network that Server A does not have access to Server B, however does have access to said private network.
What I need to achieve, is for Server A formulate the request and then execute it from Server B, so that it can hit the page on the private network. The flow would be:
1. User submits form
2. Server A formulates an HTTP request and passes it to Server B
3. Server B executes the HTTP request and passes the result back to Server A
3. Server A acts upon the result of the executed request
The solution I have so far come up with is to have Server B host a PHP built API-like interface with 1 function: ExecuteHTTPRequest(targetURL, requestBody, parameters). Server A will then call this function, passing in the URL it wants to hit, the body of the request, and any additional parameters that have been set, and receive the result of the request, as if it had executed it itself.
The downside of this solution is that it means opening up access on an entire port on Server B for this specific purpose (albeit only from Server A), and that a web server is required to be running on Server B. So, I'm wondering if there is some other solution that might be more appropriate?
Related
I have a multi-server architecture i.e Server a and server b, Now I want all the URL's hit containg a perticuler keyword should always go to server a, So I added a nginx rule (if url have keyword redirect to server a)
Now every thing is working fine but file upload is returning error code 501, But the issue resolves if I make an entry for server a IP in my /etc/hosts.
Using Angular and php
Ok So finally I found the issue. It was happening because of the options request.
Options is a special kind of request which is used when the client wants to determine other available methods to retrieve or process a document on the Web server.
So in my case my web server a and b have options method implemented while the server c (which is acting as a load balancer) does not resulting in 501 not implemented error
Suppose server A, via domain A, hosts a website.
Suppose server A, via domain B, also hosts a web service.
The website calls this web service via a PHP/cURL-based API.
Question: even though they live on the same physical server, am I right in thinking the request goes out to the ether and back in, because the domains are different, or does cURL/something have some way of "knowing" it's really the same server, and so there's no reason to go outside?
As far as I know, the request leaves the server no matter what since it's over http - there's no way of it knowing weather the two resources are on the same server or not. You could rip through all the source code but I don't think it would do that - usually if you want to call a resource on the same server you can use absolute file paths as opposed to http requests.
curl source:
curl source
I have two servers A and B. User accesses some page on server A and server A sends redirection (302 status code) and returns. now client sends the request to server B. So now what I want is some way to find the ip address of the server A from this request, any identity of server A will do the work, $_SERVER['HTTP_REFERER'] is coming blank.
PS: I have control on Server B only not on A.
Also if I access the page of server A directly (which is sending redirect to Server B) I am getting blank referer at server B.
Thanks in advance
You cannot get the IP of the referrer (i.e. the server that initiated the redirect to your server).
I have a login form on one server, server A. Hosted on another server, server B, I have a script to check the data and return the result. Server B sends the result to server A, but I don't want to pass the result back in the URL or headers with various redirects, because people can spoof a "true/false" to change the result of the login.
e.g.
I can't use HTTPS/SSL as my web host does not support it for free.
You could set up an ssh tunnel between the servers and have the web server on B listen only on localhost:Bs_tunnel_port, while A connects to its localhost:As_tunnel_port.
Or get that SSL thing going... ;)
I have never needed to do this before, but I am developing an application which will be installed to a users website - but it will need to query data held in a database stored on the application's server.
Server A (client - domian: www.example.com)
Server B (application).
There will be a form on Server A (a Search form) which POSTS search data to the Server B (application) along with some information about Server A (domain, IP).
Server B handler will:-
1.) Check if Server A is an actual client (i.e. is domain (www.example.com) in the allowed domains list and does the request come from the IP of Server A.
2.) If 1.) is TRUE, it will process the request, and return a response being the results of the query.
I can't seem to find anything on Google or this site where someone wants to do this? I could be searching for the wrong thing though.
Also, would there be any limits on the size of the array that is returned back to Server A??
I do not want to grant DB access to the user - unless this is the only solution (i.e. create a new mysql DB user with READ only capability upon activation of the application).??
Any help much appreciated
IF you're posting data to server b (the db host) then the query will be run locally on that server.
What you need is some script that can handle your post OR if you want to connect to the db from server A and also handle the post i server A then you have to give that server the right to connect to the db-server.
So then thing you need to do is to write a script on the server B that will handle the post.
My guess is that you're better of giving server A (proper)access rights to the db on server B.