I need consume two services from two differente providers.
I need connect with one SOAP server (WSDL), this code works correctly, the server required use SSL, but the problem is, in the same application, we need connect against another server who uses VPN and XML over HTTP, how can make this works correctly.
How separate this two ways of connection
Configure your network properly. This is nothing that PHP can influence. All PHP can do is connect via the network to a target server using HTTP or HTTPS. So if the server can ping and connect to both services on the command line (try to download the WSDL or any other resource with wget or curl), it will work.
If not, you have to find out how the servers are to be called (domain names), which IP they have, if the domain name properly resolved to these IPs, and if that IP is actually reachable by network (using a VPN does not really make a difference, it simply is another network connection).
Unfortunately going into these network details is probably beyond the scope of an answer here.
Related
I'm at a complete loss as to why this is failing, so get ready for the novel describing exactly what I'm trying to accomplish and what I've tested so far.
Goal:
I'm building a webpage on my GoDaddy hosting account that I want to connect to my locally hosted Radarr server's API via PHP cURL.
I want to use PHP so I can obfuscate the IP, port, and APIKey on the client side. Plus, some of Radarr's API calls I would like to use cannot be run via query string.
Problem:
No matter what I try, I am getting nothing but the following error:
Failed to connect to <MY PUBLIC IP ADDRESS> port <PORT NUMBER>: Connection refused
(And yes, this is the publicly opened port, not the internal port on the server.)
Setup:
I installed Radarr on a FreeNAS (11.3-U5) jail hosted in my home. This is working beautifully.
I setup the FreeNAS jail with a dedicated IP address instead of allowing it to NAT internally, just to make sure it doesn't cause any issues.
I configured port forwarding on my router to allow external traffic into the Radarr server. This is working. Note: Xfinity is my ISP, but I purchased the router separately.
I have a GoDaddy hosting account where I've written a webpage to tie into Radarr's API on my local network. Currently, the webpage is also working beautifully to query data from the API, BUT it's connecting to Radarr via $.getJSON with JavaScript and jQuery.
(Before anyone says it, yes, I know GoDaddy hosting isn't the best option, but it's the one I'm using.)
Testing:
I swear I've tested EVERYTHING and I don't know why this is failing.
This IS working through the JavaScript/jQuery solution, meaning the Radarr server is up and running, the port is properly forwarded through my router, and GoDaddy's hosting isn't blocking the connection.
I CAN access the raw JSON API response in the browser simply by entering the full API URL call.
And while I'd say I am versed in PHP, I'm certainly no expert, so I even tried pulling a generic PHP cURL script from another StackOverflow post, changing the URL to mine, and running that with no luck. Note: The original script DID work to connect to another external API though.
Then I tried Postman, which worked, and I used Postman to create a PHP script, but that script failed.
All of the functional testing done on my local network was done using my publicly facing IP address. However, just to be certain, I also tried reaching the API through the browser off my network, and that worked just fine.
In a desperate attempt, I also reached out to GoDaddy support to see if they had any ideas. They went as far as creating a test PHP cURL script in the same hosting directory and had it simply pull Google's homepage. That worked just fine.
After GoDaddy was unable to help, I setup a free hosting account and free subdomain on AwardSpace, uploaded the script, and that failed too.
In digging into the Connection Refused error, someone suggested just trying to ping the IP through PHP. I attempted this, but it returned 100% packet loss. Also, I logged into my router and watched the incoming connections as I tested. Using the jQuery solution, I saw the incoming connection and it worked great. Using the PHP solution, it didn't register anything inbound.
Lastly, I have confirmed that the publicly opened port on my router is in the list of blocked port by Xfinity. However, since I can access the server externally through the browser and via the jQuery script, that can't be the issue.
There seem to be many, many, many articles online about the general Connection Refused error, but I haven't found a solution to my problem from any of them.
Does anyone have any suggestions?
So this is the situation: I have a bunch of Arduinos and Raspberry Pis along with an ubuntu server on a local network. The arduinos and pis communicate with that local server routinely using PHP GET & POST requests.
Now this local server sometimes "fetches" something from a remote server in the cloud (also using PHP GETs) to respond to local requests from Arduinos and Pis.
Now here's the problem: The local server has no issues communicating with the remote server by GETs, but what if I want the server in the cloud to send a GET to the local server?
This part is kind of confusing to me as the local server is on a regular LAN and connects to the internet via a router through a local commercial ISP that issues dynamic IPs.
How can I send PHP GETs from an "online" server to a local server?
Please note that both servers are running Apache/PHP/MySQL on Ubuntu 14.04.
Thanks a ton in advance!
You will need two steps to accomplish that.
step 1 - make router forward external requests to LAN server
step 2 - make external server know the current dynamic WAN ip
step 1:
The router has to be configured to forward WAN requests to your LAN server. Assuming you use a normal home router, you typically point your browser towards the router ip and login on the router. Now you have to find where to configure forwarding (unfortunately naming of this feature varies from router to router).
While you typically can define an "exposed host" where just all external requests go to, you are better of in terms of security if you just forward specific ports to your server. As you are going to use HTTP protocol, the standard ports here would be 80 (http) and 443 (https). So assuming you use HTTPS with default port, a typical forwarding would be:
router WAN ip, port 443 --> server LAN ip, port 443
This forwards any external request to the router on port 443 to your internal server on port 443.
Now your server should be able to receive those requests, but you still would need to know your router's current dynamic WAN ip.
step 2:
As your router's WAN ip changes from time to time, you need to somehow announce that ip to your external server.
One easy way of doing is by using an external service which will provide you with a URL, which will resolve to your current ip. This is often referred to as DDNS or dynamic DNS. One quite well known DDNS provider is https://dyn.com/dns/ - but there are plenty others, and you will even find free ones. After registering with such a provider you will be given a URL which your external server can use instead of the ip.
Now you still would have to let know the DDNS provider you current dynamic WAN ip. Most easy way to do this again involves your router. Check its config for DDNS settings, typically routers do support this feature, often there are even some specific providers pre-configured. Setup your router with the credentials you got from the DDNS provider.
Now everything is set. You should be able to send requests to your internal server by using the URL you got from your DDNS provider, while your router both forwards such requests and notifies the DDNS provider about any ip changes.
A word of warning - you just exposed your local server to the internet. So you will have to treat it like any server on the internet to keep it safe, including careful configuration, installing security updates and so on.
You have to open a port on your router, and specify where the router should lead the request to. Lets assume your external ip is: 80.82.71.24, going to this ip address (fx: http://80.82.71.24) will lead to your router. Then the router decides what to do with this request, normally the request would timeoutted / refused. But on the router, if you specify that this certain request (could be: tcp/udp) (to a specified port) should point to a certain internal ip (the local server ip), then it's possible to do what you want.
But to do this, you need to read up on your router - first of all, see if you can login into it. Could you specify what router you use and if your internet connection is yours or shared (fx. campus, school, etc)?
By the way, it would not be a good idea to open up the port for the whole world, so maybe you should consider to only allow your cloud server ip to gain access to that specific port.
I want to connect to a remote database from my localhost, but the remote DB only allows connections from whitelisted IPs.
Since I'm on a dynamic IP from my ISP, I can't have my home IP whitelisted, because it will just change again.
I have a VPS with full root access and a fixed IP, which is whitelisted.
What I want is to:
Run a php script from my local machine
Connect to the remote database via my VPS
Get the query results back to my local machine for handling
How do I do this?
Having a PHP proxy to execute arbitrary SQL statements from any IP address is really dangerous. I would suggest you abstract the SQL statements into an API, so rather than allowing any query through, you limit it to a specific set of queries to retrieve or update specific data. Your local machine could then just call that API to retrieve or update information.
The key problem you need to solve is finding a host with a static IP address you can add to the whitelist. You say that you have already solved that problem. However you have not mentioned what OS is running on the vps nor the client. If both are Linux, then you can do this with just iptables. If either or both are mswindows then you could use socat, but if it were me, I'd go with a stunnel link between the client and proxy (although if the whitelist on the server is only applied to the mysql connection, you could terminate the stunnel connection on the server and skip the proxy altogether) using client certificate authentication or an SSH tunnel.
I have forwarded the ports from my modem and while checking from "canyouseeme.org" it says,
Success: I can see your service on 1.186.*.* on port (8510) `Your ISP is not blocking port 8510.
But when I access my files the browser responds as,
This webpage is not available
ERR_CONNECTION_REFUSED
Hide details
Google Chrome's connection attempt to 1.186.*.* was rejected. The website may be down, or your network may not be properly configured.
I have put my wamp server online,changed port to 8510,set "Allow from all" in the httpd.conf but everything in vain.Can anyone help me out.
Thanks in advance.
You might either face a configuration problem with all your forwards, or - the most common reason for this behaviour - your router does not support Loopback-Connections.
Meaning: Even IF your external ip would be 1.1.1.1 - calling 1.1.1.1 from within your local network does not work, because your router is unable to determine that 1.1.1.1 refers to itself on the WAN-side. (or it forwards all connections on the external ip to its internal ip, therefore failing for machines behind the router which rely on port-forwarding to be executed, which does not happen for requrests arriving on the internal ip adress.)
don't be afraid, only very little routers are supporting this. Even if you use an external dynamic dns, you usually can't connect from withing your local network. To verify whether this is the case or not - you need to move physicaly outside to check connectivity (or use a thethered connection with internet-Sharing on your mobile and connect through your smartphone, tablet or notebook using the internet sharing feature)
If canyouseeme.org can see you - but you can't from your local network I'll bet, you are running in exactly this issue.
Edit: I'm having the exact same Problem. (well not a problem, if you know about):
CanYouSeeMee
Local Network:
Smartphone (Wifi Disconnected)
Sidenode: To have everything like owncloud working internally as well, I just configured my DNS-Server to serve a fake Forward-Lookup, so that http://externaldomain.com is resolved as an local ip from inside my network.
So, from outside: http://externaldomain.com resoles to whatever my external ip is (91.48.*.*) but from the inside, it resolves to the internal ip of the very same server (192.168.5.5).
So, I could use all DNS-Names without limitation, only can't use my external ip.
Change laptop firewall to allow inbound connections to port 8510.
Open a Port in Windows Firewall
This can be very broad, as firewall layers can including many components, such as those from Norton, etc.
I'm needing to synchronise two mysql databases between different servers on a regular basis, by a client-initiated interface. I've been doing it by remote MYSQL connection, and adding the IP of the servers to the whitelist for MYSQL remote connections. Problem is however, that the client has a dynamic IP, so as soon as it changes they can no longer sync.
So I'm trying to find an alternative way of synchronising the two databases via some sort of secure php script.
edit: I should make this a bit clearer. I've got a server (WAMP) running on a PC (Win7) the database of which I need to synchronize (both ways) to an online server. I've been doing it via remote MySQL connect, which I'd like to avoid because of dynamic IPs, and also because the local WAMP server connects to different internet connections (being a laptop) and needs to not be restricted to one IP.
However you want to synchronize the databases (replication, a PHP script, etc.), the best way to secure it would be to either use an IPSec/VPN or SSH tunnel to encrypt all the communication between the two servers. Then you'd just open a regular mysql or http connection through the tunnel.
Using either method, you'll have access to a variety of authentication modes. So you could use a pre-shared key or username/password authentication or both.
You can use an SSH client like PuTTY to initiate an SSH tunnel on a Windows systems. Or if you google IPSec and XAuth, you should be able to find some guides on how to set up an authenticated IPSec VPN.