I have 3 server that same server application is running on each of them. each installation of server app has its own configurations, data and settings.
other client users or client applications can connect to this servers and communicate with them.
this servers are in different places.
this application are created by PHP and servers are ubuntu servers, each server has its own static IP.
but now i need to share some data between this server applications. for example server A needs to access to information of server B's customers. or main admin of system want to see some information of server C. other scenario may be back up/sync. each server with 4th server with special application.
what is the best and more secure way to share some data between server applications? for example application A on server A needs some data get from application B on server B, or send some data to it.
There are several ways to do this, and it depends on if your goal is to send data synchronously or asynchronously.
If you want to send data synchronously (that is, send data, and wait for a response before proceeding to whatever the next step), use HTTPS.
If you want to send data asynchronously (that is, send data, then go off and do something else while the response can come back at any time), use XMPPS.
Both run over SSL, so that will handle the security side of things. Both HTTP and XMPP services are plentiful, so building the scripts to use these services for communication would be relatively straight-forward.
Related
I need to create an application using php which is hosted in a server and need to communicate with a csv file located in clients local machine. Is there any way we could do this ? How can I connect to a remote csv file ? Is this possible ?
Server machine accessing a csv file directly from a client machine is not a good idea. It's a security threat indeed. Consider you are navigating some website and it's server is able to access your computer's file system!!!
There are various alternatives to achieve this, some of these might be:
Make the user upload csv files to server in order to make it
available to the server application
If the client and server are in the same network, then share the
folder on client machine to make it accessible from the server
etc... I would have preferred the first option as mentioned above.
As #AnthonyB mentioned in comment under your question, server can't directly call client, and that is true. Server is called "server" as it serves requests from the client.
To be able to give away files to remote requests, your client needs its own server application, like Apache HTTPD for example.
In case if you need continuously request client's server to collect files with your PHP server, what you are looking for called "worker". One of AWS tools called Elastic Beanstalk offers possibility to choose a server or a worker application during start up wizard for PHP. It is pretty straight forward and easy to use.
Please note, that your client must have dedicated IP address or use Dynamic DNS approach by pushing its IP to a DB (or directly to a server) where worker will take it from.
If you don't need dedicated worker, you can configure CRON JOB to send requests to clients server applications.
IMHO, all that scenario worth it only if you are building corporate grade application. In most cases (and if you do REALLY need to collect files from clients) you have to install Apache + PHP server on the client side and make this guys to wait for request from YOUR remote php server. Without it, you can not get files from clients computers via browser without user input interactions. At least legally :)
I've been reading this book about PHP and MySQL and at the end of each chapter it asks you some questions for you to research about and one of them I don't really get:
What is a Proxy script? When might a proxy script be necessary?
I hope you could help me answering this question because I don't really know what it is (I do know what a proxy server is though)
From WikiPedia's article on Proxy Servers
In computer networks, a proxy server is a server (a computer system or
an application) that acts as an intermediary for requests from clients
seeking resources from other servers. A client connects to the proxy
server, requesting some service, such as a file, connection, web page,
or other resource available from a different server and the proxy
server evaluates the request as a way to simplify and control its
complexity.
That explains it pretty much. So basically, a PHP proxy script can be used to access the blocked content i.e. websites in a network i.e. a college's WiFi network.
For an example, suppose facebook.com is blocked by your college's WiFi and you want to access it then a PHP proxy script might come in handy. Which will take requests from you and send it to the facebook on your behalf and sends the received data back to you. So you're not directly communicating with the facebook's server but that proxy script is doing that job for you.
Here's a simple PHP proxy script I found from a quick search that you might find helpful : Simple-php-proxy-script
I am thinking about a scenario where I want to send a data packet from my php service (based on certain behaviour) to a client (can be Android or Windows) connected to it.
A device which is connected to the internet is going to have an ip address.
So is it possible to send a packet (using socket or else) to this ip directly (without polling from client end) and can this data be read from the client.
Scenario is like this :
Client A --------------Registers Own IP Address-----------------> Server
Client B --------------Registers Own IP Address-----------------> Server
Events :
Some changes occur in the database (say)
Server detects the affected client (via some algo),say Client A
Sends a packet to Client A
Client A <--------------Send Data Packet----------------- Server
Is this at-all possible ?
If yes, how effective can this be ?
Please note that, Push notifications is not applicable in my situation.
I am looking for a live (realtime) data transmission system between client and server (both ways).
Any suggestion, help will be useful. Thanx
Absolutely possible to have persistent sockets open.
but I would say this would fail in a hosted environment. GoDaddy etc shuts that down. Been there done that.
I would highly recommend choosing a programming language like java (Whatever you are comfortable with). It is only going to be 200 lines of code.
I want to control a robot from the web, the robot is connected to Android device. The operation will be as the following :
a web application written using JavaScript and HTML runs on desktop computer which takes the keyboard input from the user and send them to the android device connected to the robot.
the android device receive the commands and then send them to Arduino board which used to control the robot.
But how should I deliver the data to the Android device which doesn't has a static IP address?
I have two approaches to solve that :
the JavaScript application sends the keyboard input to a web server runs PHP and MySQL , then the php application store the data on the MySQL database. An application runs on Android connected to that web server and extract the data from the MySQL database.
the JavaScript sends the data to the web server. The android application connected to the web server receives the data directly so the web server is just used as a relay.
The first approach is easy to do but its slow , so my question is...
How to implement the second approach and which web technologies should I use to implement it? And how to make the web server works as relay between two sides?
PS : I am planning to use 000webhost.com as web server. so I will not use my own server
You can either have your Android application poll the webserver for outstanding commands. This is a little inefficient in terms of data usage, but if you're on an unlimited 3G plan / wi-fi, you could live with it. It will be very easy to implement.
Alternatively, set up a TCP server on your server, and have your Android application open a socket connection with the server. This way, your web application can send commands to the server which will immediately stream them to the Android device. It will be slightly harder to implement, but will be more efficient and robust if done right.
PS - Most shared servers don't allow you to open a TCP server on your host so you might be forced to go with the first option.
PPS - I wasn't aware of Google Cloud Messaging. It seems to be a good solution for you what you're attempting to achieve. You should have a look into it.
I have recently written a socket server in PHP that will be handling communication between an Android phone application and my PHP webserver. Due to the fact that Android doesn't natively support push style notifications we are going to be using our webserver as the middleware layer to handle our 'pushes'.
The socket server is stable, runs well, and seems to scale nicely. While I would eventually like to re-write this in C I don't have the skill necessary to do that right now so I am going to be staying in PHP for at least a short while. As of this moment our Android emulator is able to communicate through the server, get pushes, etc. so that part is all covered.
My concern is that, right now, anyone can open a socket to my server and will be given a client connection. While we won't be passing sensitive data back and forth I don't want to allow just anyone to connect over and receive broadcast information, eat up my resources, and clog my server in general.
The question is, how do I secure a server like this? Let's assume that I am running on port 25,000--can I set up some sort of SSL layer on that port and expect devices like the Android to be able to communicate over that port without any special protocols or jumping through hoops?
I have considered asking the connecting clients to authenticate their user against our user database before being given a client connection, but that would require the passing of credentials in plain text over the network which I am NOT about to do.
Any suggestions on this would be very helpful--I am rather new to straight TCP communication from PHP and feel like I might just be missing something simple that allows for authentication on this level.
Additional information: If I am able to get a valid username and password securely I would be using MySQL to validate the user and then accept/reject their connection based on the results of the query.
Thanks in advance..
First, I hope you've implemented your PHP socket server in a fashion that allows more than one client to be connected at the same time. This is not as trivial as it should be given the absence of threads in PHP, but it's certainly.
Now, if you already have a socket server implemented, adding TLS support is easy. Just run stunnel and have your PHP socket server only accept requests on the local interface.
I don't think SSL is really going to solve your problem. At best with SSL you can provide each client with a client certificate and do client certificate validation on the server. But you'll need to manage tons of certificates then. Or give everyone the same client certificate (not a good idea).
You'll have to authenticate the client using his credentials. You are right that you don't want to send the credentials in plain text over the network, but there are simple alternatives. Take a look at e.g. HTTP Digest Authentication (http://en.wikipedia.org/wiki/Digest_access_authentication) or xAuth (http://dev.twitter.com/pages/xauth). You don't have to implement these techniques over HTTP; you can just as well send a challenge (a realm) over a simple tcp socket after you have accepted the connection. The client should then send a valid response within a short timeframe or the server aborts the connection.
By the way, did you consider HTTP streaming? See http://ajaxpatterns.org/HTTP_Streaming
It would probably make your life a lot easier as you can rely upon some other service (e.g. Apache) doing the hard work for you, and you can focus on the business value of your application.
you might want to consider:
Cloud to Device Messaging : http://code.google.com/android/c2dm/index.html
The only drawback is that it is only supported by android >=2.2
Not sure why you guys didn't use some off the shelf messaging library/server for java, then create an android service that connects to the message broker and handles all initial authentication.
The service would simply sit there and wait for any incoming messages.
(I'm pretty sure that listening for network data doesn't power up the radio, only when the data is actually there that the radio powers up. I suspect this is how C2DM works.)
This is better then polling because you're only waiting for data. You're not constantly sending packets requesting data. But you knew that already.
I did this, (I used the rabbitmq-java library and the rabbitmq message queue server) and had push style notification for my app in no-time. Even with Android 1.5 devices.
About security:
You could also implement your own security but without having to send plain-text passwords. Simply encrypt the passwords using something like MD5 before passing it through the network.
Then compare the encrypted password with the encrypted password you have on file.
This way, only encrypted passwords will go through the network.