I'm asking myself if it is possible to send the ip address from my router to a php script on a web hosting package (not an own server), safe it (like http://www.axelteichmann.de/DynamicDNS/index-DynDNS-mit-Fritzbox.php) and relay all incoming traffic on port 80 http and 443 https (via socket_create_listen) to the safed ip address, where my local owncloud instance (on a more powerful machine) is waiting for incoming request. I'm not quite sure if this would work. Does anyone knows that?
I found an interesting post on: http://www.phpgangsta.de/client-ip-problem-bei-reverse-proxy-betrieb
But it's also requiring changes on the underlying server.
Related
As the title suggests, I'm wondering If it's technically possible for a PHP script to act as an SOCKS proxy. If not what are the technical limitations?
I have access to a paid hosting which provides me with executing PHP scripts and a domain name is connected to the host. (e.g. example.com).
Is there any SOCKS proxy written in PHP so I may upload it a directory at host (e.g. example.com/proxy) and configure a client (like Firefox) to connect via the proxy.
cURL and other extensions are supported.
I'm not yet sure about SSH access.
I have seen projects like php-proxy or glype but These are not things I need because they can be used only by browsing proxy's homepage. (They are web proxies, But I need a proxy server)
What you describe will not work. While PHP does have the ability to create a TCP server, a proxy server in particular must already be running and listening for connections before a client tries to connect to it, and hosting providers execute a PHP script only on an as-needed basis whenever a client requests the script via the HTTP/S protocol, running the script only for the duration of that request. For what you want, you need a dedicated server running your PHP application separate from a web server. You won't get that with a hosting provider.
So this is the situation: I have a bunch of Arduinos and Raspberry Pis along with an ubuntu server on a local network. The arduinos and pis communicate with that local server routinely using PHP GET & POST requests.
Now this local server sometimes "fetches" something from a remote server in the cloud (also using PHP GETs) to respond to local requests from Arduinos and Pis.
Now here's the problem: The local server has no issues communicating with the remote server by GETs, but what if I want the server in the cloud to send a GET to the local server?
This part is kind of confusing to me as the local server is on a regular LAN and connects to the internet via a router through a local commercial ISP that issues dynamic IPs.
How can I send PHP GETs from an "online" server to a local server?
Please note that both servers are running Apache/PHP/MySQL on Ubuntu 14.04.
Thanks a ton in advance!
You will need two steps to accomplish that.
step 1 - make router forward external requests to LAN server
step 2 - make external server know the current dynamic WAN ip
step 1:
The router has to be configured to forward WAN requests to your LAN server. Assuming you use a normal home router, you typically point your browser towards the router ip and login on the router. Now you have to find where to configure forwarding (unfortunately naming of this feature varies from router to router).
While you typically can define an "exposed host" where just all external requests go to, you are better of in terms of security if you just forward specific ports to your server. As you are going to use HTTP protocol, the standard ports here would be 80 (http) and 443 (https). So assuming you use HTTPS with default port, a typical forwarding would be:
router WAN ip, port 443 --> server LAN ip, port 443
This forwards any external request to the router on port 443 to your internal server on port 443.
Now your server should be able to receive those requests, but you still would need to know your router's current dynamic WAN ip.
step 2:
As your router's WAN ip changes from time to time, you need to somehow announce that ip to your external server.
One easy way of doing is by using an external service which will provide you with a URL, which will resolve to your current ip. This is often referred to as DDNS or dynamic DNS. One quite well known DDNS provider is https://dyn.com/dns/ - but there are plenty others, and you will even find free ones. After registering with such a provider you will be given a URL which your external server can use instead of the ip.
Now you still would have to let know the DDNS provider you current dynamic WAN ip. Most easy way to do this again involves your router. Check its config for DDNS settings, typically routers do support this feature, often there are even some specific providers pre-configured. Setup your router with the credentials you got from the DDNS provider.
Now everything is set. You should be able to send requests to your internal server by using the URL you got from your DDNS provider, while your router both forwards such requests and notifies the DDNS provider about any ip changes.
A word of warning - you just exposed your local server to the internet. So you will have to treat it like any server on the internet to keep it safe, including careful configuration, installing security updates and so on.
You have to open a port on your router, and specify where the router should lead the request to. Lets assume your external ip is: 80.82.71.24, going to this ip address (fx: http://80.82.71.24) will lead to your router. Then the router decides what to do with this request, normally the request would timeoutted / refused. But on the router, if you specify that this certain request (could be: tcp/udp) (to a specified port) should point to a certain internal ip (the local server ip), then it's possible to do what you want.
But to do this, you need to read up on your router - first of all, see if you can login into it. Could you specify what router you use and if your internet connection is yours or shared (fx. campus, school, etc)?
By the way, it would not be a good idea to open up the port for the whole world, so maybe you should consider to only allow your cloud server ip to gain access to that specific port.
I have forwarded the ports from my modem and while checking from "canyouseeme.org" it says,
Success: I can see your service on 1.186.*.* on port (8510) `Your ISP is not blocking port 8510.
But when I access my files the browser responds as,
This webpage is not available
ERR_CONNECTION_REFUSED
Hide details
Google Chrome's connection attempt to 1.186.*.* was rejected. The website may be down, or your network may not be properly configured.
I have put my wamp server online,changed port to 8510,set "Allow from all" in the httpd.conf but everything in vain.Can anyone help me out.
Thanks in advance.
You might either face a configuration problem with all your forwards, or - the most common reason for this behaviour - your router does not support Loopback-Connections.
Meaning: Even IF your external ip would be 1.1.1.1 - calling 1.1.1.1 from within your local network does not work, because your router is unable to determine that 1.1.1.1 refers to itself on the WAN-side. (or it forwards all connections on the external ip to its internal ip, therefore failing for machines behind the router which rely on port-forwarding to be executed, which does not happen for requrests arriving on the internal ip adress.)
don't be afraid, only very little routers are supporting this. Even if you use an external dynamic dns, you usually can't connect from withing your local network. To verify whether this is the case or not - you need to move physicaly outside to check connectivity (or use a thethered connection with internet-Sharing on your mobile and connect through your smartphone, tablet or notebook using the internet sharing feature)
If canyouseeme.org can see you - but you can't from your local network I'll bet, you are running in exactly this issue.
Edit: I'm having the exact same Problem. (well not a problem, if you know about):
CanYouSeeMee
Local Network:
Smartphone (Wifi Disconnected)
Sidenode: To have everything like owncloud working internally as well, I just configured my DNS-Server to serve a fake Forward-Lookup, so that http://externaldomain.com is resolved as an local ip from inside my network.
So, from outside: http://externaldomain.com resoles to whatever my external ip is (91.48.*.*) but from the inside, it resolves to the internal ip of the very same server (192.168.5.5).
So, I could use all DNS-Names without limitation, only can't use my external ip.
Change laptop firewall to allow inbound connections to port 8510.
Open a Port in Windows Firewall
This can be very broad, as firewall layers can including many components, such as those from Norton, etc.
I have set up a websockets chat with the purpose of learning. Everything is working but I can't figure this issue out.
When I supply 127.0.0.1 as the address of the connection on the client side then I can access the server from the computer that's hosting it, but when I change the address to the actual LAN address of the hosting computer I can't connect the server even from the host itself. See:
Server = new FancyWebSocket('ws://127.0.0.1:9300'); Appears to work but only the computer that's hosting the server can connect ( for obvious reasons )
Server = new FancyWebSocket('ws://192.168.1.3:9300'); No computers can connect. I confirm 192.168.1.3 is the LAN address of the hosting computer.
What address do I need to put in there so that other computers from my local network can connect?
I solved the problem. Since it was a combination of two answers I thought the only fair thing to do was add another answer with an explanation.
As #Mehran suggested, I have had the server address set up as 127.0.0.1 instead of the network address. After changing that to 192.186.1.3 I was able to connect from the server itself, but other machines were unable to connect. Then I did the steps from the guide provided in #vtortola's answer to add a new inbound rule into the server's firewall in order to allow that port to be used.
So finally it all works now, thank you very much for helping me. +rep to everyone!
I'm pretty sure this is due to the configuration of your WebSocket server. It must be listening to localhost (127.0.0.1) to accept incoming connections in which case it won't answer to those aiming 192.168.1.3.
Since you didn't mention which server you are using I can not be specific but in general there are two ways to instantiate a listening socket, binding it to a specific IP address or * to bind whatever addresses system has. You need to configure the later if you intend to answer server connections coming from any computer within your LAN.
It looks like a Firewall/Policies issue to me.
IIS 7 Windows 2008, Localhost work but not local ip or external ip
Your TCP 80 could be allowed because the IIS installation will open it, that will explain why normal web browsing works. But you are trying to connect to the TCP 9300, that is very unlikely that is allowed by default.
Give a try to this: How to Open a Port in the Windows 7 Firewall , and allow that port.
Here are some things that you can safely assume while troubleshooting this issue:
If the service is able to work on 127.0.0.1 on the same machine, you can assume that the problem is not in the code or the PHP configuration
If you are not receiving an error when the server tries to bind to 192.168.1.3:9003 you can safely presume that the service is working. Try opening the Resource Monitor to see if it is actually listening on this port to confirm. To do so, go to 'Start Menu' in Windows and type 'Resource Monitor' in the 'Search programs and files' box. After opening the Resource Monitor, click the 'Overview' tab and find the name of the server process (typically 'php' if your using a CLI). With your process selected, switch over to the 'Network' tab and you will be able to see if it is listening on any ports within the 'TCP Connections' panel. This will show you what address and port it is listing on, as well as the remote address and port of any clients connected to the service.
If you know the server is running, and you know that it is actively listening on the expected address and port, it is very likely a firewall issue within Windows or your router. Note that even though 192.168.1.3 is the IP assigned to your interface, this is not a local IP and all communication to and from 192.168.1.3 will still go through the Windows firewall, including if being sent on the same machine. If your already at this point, I would strongly suggest checking your windows firewall first. If it is not the Windows firewall, check your router to see if it is blocking the port, and also check port forwarding and other setting to make sure that the router isn't otherwise interfering. We can likely help you with router issues here, but have your router's manual handy.
HTTP is a common service port so it is very possible that the router is not blocking the port, and windows may have automatically opened it if you are using IIS. 9300 is not a common port so it is unlikely to be open by default under any situation, unless your default is "all in", which effectively means your not using a firewall.
Another thing you might try (if possible) is closing your existing HTTP service and bind to port 80 using your Websocket service, or if possible (and while exercising caution) turn off your windows firewall completely to see if it works long enough to connect.
In general, don't try to reach your local network IP address from your own machine. There are very confusing things that happen at the socket layer here that I'll try not to delve too far into. The OS goes out of its way to make this work. Sometimes. I would expect that you cannot reach 192.168.1.3 (the server I'm assuming) from itself. There's a translation between local endpoint addresses when you do that which complicates everything.
A network switch will typically not send a frame back down a port it just received it from, so what you're seeing when you ping your local IP in cmd prompt is a loopback shortcut the OS is taking.
Not being able to reach it from another machine causes me suspect that the socket is not bound correctly on the server. Double check that you are explicitly declaring the socket on the server (address and port), and that your're binding your listener to that socket. Also ensure that the address you're binding to is for the correct network adapter. I see this all the time with laptops or machines that have multiple connected adapters.
Unfortunately I cannot be more targeted with my response as I am unfamiliar with what a FancyWebSocket is or how it is constructed.
I can help you if its a linux system.
If there is no name server on the local network, it is still possible to establish a small table mapping IP addresses and machine hostnames in the /etc/hosts file, usually reserved for local network stations.
This file is available even during network outages or when DNS servers are unreachable, but will only really be useful when duplicated on all the machines on the network. The slightest alteration in correspondence will require the file to be updated everywhere. This is why /etc/hosts generally only contains the most important entries.
This file will be sufficient for a small network not connected to the Internet, but with 5 machines or more, it is recommended to install a proper DNS server.
Try adding all the 'ip:port' along with a hostname and copy the template in file /etc/hosts in all the system.
Hope it resolves the issue!
I am in the process of building a chat application in PHP using Web Sockets. I started with the code phpwebsocket project and here. The code works fine on my local machine but when i try it on my site (does not have a dedicated IP) it has a problem establishing the web socket connection. I tried it with all possible combinations for socket binding (site addres, external ip addr, local ip addr) but failed.
You must be able to connect to the port on the server where the WebSocket server is running. If you are using a port other than 80 or 443 on your site for the WebSocket server, then you probably need to configure (or ask) the site to accept incoming connections on that port (because they may deny it by default for security reasons). It you are unable to telnet to the WebSocket port on the server, then this is likely the case (or phpwebsocket is not in fact correctly configured to list on that port).