I am developing an app which has many users and (hopefully) will have many more in the future and therefore I want to get rid of my current one-server-makes-it-all solution to a many server structure. My app has customers in different countries and I want to handle each country with an own server. You can see this in the picture above. The app only knows the URL of the distribution server and I want to achieve, that the distribution server redirects to the right server.
How can I technically do this? I am using PHP / MySQL and my app is talking to my server with simple HTTP requests (GET and maybe later also POST) like
http://distributionServer.com/script.php?appCountry=us&work=getListOfItems
Server Sends back JSON data.
I have some technical questions:
how to make the redirect in PHP with all the parameters? The Servers that will finally handle the user need these params. Can I just make a simple redirect with "header()" ?
When I make redirect with header() does the communication still runs then over the distribution server? Because I don't want that all the "return" traffic is going over the distribution server, this server only needs to say "ok USA-App you talk to server USA". When server USA sends back data it should not go the way: ServerUSA -> Distribution Server -> App. Because these Server do not share a LAN, just somewhere in the net.
I know I could just hardcode the server URLs in the app so that US user always connect directly to USA Server but I need some flexibility to add new servers / change servers / change URLs / add new countries.. and I don't want to always update the app when something changed on the server side.
This is simplest way you can do this : https://support.rackspace.com/how-to/simple-load-balancing-with-apache/
Related
I've built a Slack App for our team.
I was able to create a Slack Button and used that to authorize the app with oauth.access
My Slack App adds a Slash Command to a channel in Slack
So far so good.
The Slash Command needs a Request URL which is simply the page that will receive the slash command payload and optionally, send a response back to the Slack channel.
Here's the rub, the server that host the page I need to use for the Request URL is on our internal network and only accessible to users on our VPN.
Our main site accessible to the world at, https://example.com
The server on which this page is hosted is at, https://slack.example.com which is only accessible to users on our VPN (both are apache 2.4 servers)
Anyone not on the VPN that requests slack.example.com is instead served https://example.com
It is not possible for me to move the php page to a server that is accessible outside our VPN (it's part of a larger application that can't be moved) but I can add a php page the serve that hosts https://example.com.
I'm thinking that I might be able to add a php page to example.com that could act as a proxy recieving messages from slack.com, passing them to slack.example.com then getting the response from slack.example.com and sending that response back to slack.com.
Is this possible, and if so, how would I go about it? I'm open to other solutions as well, possibly using Apache to do the proxying?
I would run the request page on a separate server in your DMZ functioning as proxy to the internal application server. Here is a brief description:
The php script for the request url (=request page) needs to be accessible to the public internet, so that Slack can call it. I would put it on a separate server and I would put that server in the DMZ of your company. That is usually the best place for servers that need to be accessible from the outside, but also need to access servers on the inside of your company. Make sure to use SSL and the verification token to secure your calls from Slack.
The request page can run on a small server and will need to have a webserver (e.g. apache) and php. If you planning to have more complex requests you may also need a database. It will also need to run SSL, so you will need a certificate. You can also use your existing webserver to the outside (example.com) if is meets these requirements.
The request page needs to have access to your application server, e.g. via VPN. It would need to function as proxy: receive the request from Slack, make requests to the application server based on the specifics of the slash command and then return the info back to Slack.
Another important point is user authentication. I read from your question that not all users on your Slack team should have access to the application server, so your request script needs to have a method to distinguish which users are allowed access and which are not. It would be easiest, if these users could be identified by membership of a specific Slack group. In any case you probably would need an additional bot that ensures mapping of Slack users to VPN users.
To clarify, I am not after the url of my server, or the scripts running on my server. What I have is a game program that I rent out to other sites who wish to use it for traffic building. The game runs on my server so I can take care of any administration or programming issues. How I normally handle this is they create a folder with the same name as on my server, and use a .htaccess in that folder to redirect. The result is the game runs apparently from their site (the URI is their domain), but it actually is running on my server.
Now, one of my newer games, a customer wishes to have a 3 month exclusive right to run it from their site. Since their site and my site are not on the same server, I cant use sessions to track if they visited the customers site first before accessing the game.
What I am wanting is to use php to check what the original URI was before redirecting. THat is.. the URI the end user sees in their browser.
Any assistance will be grateful. Thanks
You can use in PHP the variable $_SERVER['HTTP_ORIGIN'] which contain origin domain of the HTTP request.
Lets say there are two server-side applications on two separate servers.
Server #1, IP address 1.2.3.4, contains a PHP web application with MySQL database.
Server #2, IP address 5.6.7.8, contains a NodeJS app with MongoDB database.
How can the PHP app "commands" the NodeJS app (or vice versa) to do something, like :
"please save this data on your database", or
"I want to retrieve data from your database, where some_id = 123"
These internal communication should be secure, it means that no one except both servers can execute them.
I think that this is possible with simple HTTP POST / GET requests.
For example, the NodeJS app sends a POST request with parameters to http://1.2.3.4/do_something.php
Or maybe the PHP app sends GET request to http://5.6.7.8/retrieveSomething
But I think it is not secure because the URL is exposed to public. (correct me if I'm wrong)
I don't even know the google search keyword for this problem.
Is it web services? SOA? RPC?
Your example is perfectly fine. In terms of securing it, a simple way would be to have the "client/sender" send some sort of agreed upon API key along with the request. The "server/receiver" would then check this API key. If it is valid, then the appropriate command would be executed. If it's not, the server will simply return a 404 Not Found.
I have an application that retrieves some info and give them to user from a certain public website. However, i am not sure whether i should let my app immediately connect to the target website or it should get the info through my web server using a simple PHP script (JSON).
Actually I am using Jsoup to get the information and I tried both and they worked perfectly ( immediate and PHP) using Jsoup. However, I have not published my app yet due to the confusion aforementioned.
Use the web service. If your client has logic to parse the HTML, it can break when the web page changes. The web service can absorb this change and make corrections, but your client cannot. Not unless you release another version of your app, and that can be a pain.
I have a website where most of the traffic comes from the API (http://untiny.com/api/). I use Google Analytics to collect traffic data, however, the statistics do not include the API traffic because I couldn't include the Google Analytics javascript code into the API pages, and including it will affect the API results. (example: http://untiny.com/api/1.0/extract/?url=tinyurl.com/123).
The solution might be executing the javascript using a javascript engine. I searched stackoverflow and found javascript engines/interpreters for Java and C, but I couldn't find one for PHP except an old one "J4P5" http://j4p5.sourceforge.net/index.php
The question: is using a javascript engine will solve the problem? or is there another why to include the API traffic to Google Analytics?
A simple problem with this in general is that any data you get could be very misleading.
A lot of the time it is probably other servers making calls to your server. When this is true the location of the server in no way represents to location of the people using it, the user agent will be fake, and you can't tell how many different individuals are actually using the service. There's no referrers and if there is they're probably fake... etc. Not many stats in this case are useful at all.
Perhaps make a PHP back end that logs IP and other header information, that's really all you can do to. You'll at least be able to track total calls to the API, and where they're made from (although again, probably from servers but you can tell which servers).
I spent ages researching this and finally found an open source project that seems perfect, though totally under the radar.
http://code.google.com/p/serversidegoogleanalytics/
Will report back on results.
you would likely have to emulate all http calls on the server side with whatever programming language you are using..... This will not give you information on who is using it though, unless untiny is providing client info through some kind of header.
if you want to include it purely for statistical purposes, you could try using curl (if using php) to access the gif file if you detect untiny on the server side
http://code.google.com/apis/analytics/docs/tracking/gaTrackingTroubleshooting.html#gifParameters
You can't easily do this as the Javascript based Google Analytics script will not be run by the end user (unless of course, they are including your API output exactly on their display to the end user: which would negate the need for a fully fledged API [you could just offer an iframable code], pose possible security risks and possibly run foul of browser cross-domain javascript checks).
Your best solution would be either to use server side analytics (such as Apache or IIS's server logs with Analog, Webalizer or Awstats) or - since the most information you would be getting from an API call would be useragent, request and IP address - just log that information in a database when the API is called.