We have a local web server in our office that we use for some reporting and mundane order processing -- nothing major. I recently added some quick code to add a cookie to certain workstations so the user doesn't have log in all the time. The problem I am running in to is that since the server itself acts as an additional workstation, people can access it from http://127.0.0.1, http://localhost or http://192.168.1.111. This ends up creating three distinct cookie domains. Is there any way to configure the server to force one or the other? Or is my only option to move all bookmarks to point to the actual IP address and warn people not to use 127.0.0.1/localhost?
The server is running Apache 2.2 on Windows.
You could check the $_SERVER['HTTP_HOST'] and redirect the browser if a visitor hasn't gone in via the correct hostname.
if('servername' != $_SERVER['HTTP_HOST']) {
Location('http://servername/');
}
If you're running an internal DNS server, you can configure a host/domain name for the server without having to register it - since it's for internal use only, you don't need to expose the name to the rest of the world.
Even without a DNS server, you can add an entry to each machine's hosts file to do the name->ip mapping.
Configure your site to use that name, tell everyone to use that instead, and then the cookies will take care of themselves, since they'll all be set using that host/domain name. You can then add vhosts for the IP-only hits and redirect them to the new named address.
Typically cookies are set to domain names, not ip address. When using a domain name you can use a wildcard setting
.apple.com
Then any variation of that domain will accept the cookies.
Related
I am running a website on AWS with a domain name registered on Godaddy. The Godaddy domain mydomainname.com points to the IP of my AWS EC2 instance, which has public DNS ec2-x-xx-xxx-xxx.compute-1.amazonaws.com.
I am using PHP for the server side code and running into a problem with sessions. I set the $_SESSION variable when a user logs in, but the only problem is that if I log in at mydomainname.com the session is only set here and if I log in at ec2-x-xx-xxx-xxx.compute-1.amazonaws.com, the session is only set there. How can I get the sessions to coordinate across both of the sites, when they should be one-in-the-same?
I am a beginner at web dev, so please be kind :)
No one (other than you, and even then not for normal usage, just internal use and debugging) should be using ec2-x-xx-xxx-xxx.compute-1.amazonaws.com. Point mydomainname.com at it via DNS (using a CNAME, or Route53's ALIAS record) and have your users use the real domain name.
This won't work. Sessions require cookies on the clients browser which are sent with each request. This is the usual way that the server identifies which session relates to which incoming request.
The browser will only (almost only) send cookies back to the domain that issued them. This means that when the session sets a cookie from 'ec2-x-xx-xxx-xxx.compute-1.amazonaws.com', the browser will not send that cookie to 'my-domain.com' or any other domain.
There are a few exceptions and workarounds to this rule, Single Sign on being one example of transferring some state information between domain names.
If you are concerned about users accessing your website with multiple domains, then an solution is to configure the web server to redirect any requests for alternative hosts to the primary host name you wish to use on the server.
I have a site say abc.com and a user account is accessed at abc.com/user. Now I want to add functionality that user can link his site say user.com to abc.com/user. Can u please give me an overview that how this process can be done dynamically via php?
Set up DNS to point the host name at the server
Set up the server configuration so the site is the default virtual host (so if an unrecognised domain name is used to request it, the right site will be loaded)
Use $_SERVER['HTTP_HOST'] instead of the path.
If I understood correctly - you want that a person who is entering user.com will see the content from abc.com/user.
I would recommend checking out launchrock.com they do exactly this, and it involves adding a CNAME dns record as I remember, another way to do this is to create a Proxy flag rule in httpd (mod_proxy must be enabled for this), so that you won't have to restart the server, you can always the .htaccess in your www dir.
doing so dynamically will be easy if you go the proxy route, as you just need to append a new proxypass every time a new site is deployed, or create a parameterized rule, like a regular htaccess, as far as automating DNS records creation, I'm sure that's possible and maybe DNS provider such as godaddy or AWS have api for those kinds of things, but more research is required.
How would this have to be created if possible? Can it only be created in cPanel, or is it possible to make a script for users to use without logging into cPanel that allows them to make their domain?
That should be possible depending on your hosting / server setup:
Add a wildcard domain CNAME record *.yourdomain.com;
Use a rewrite rule to direct all traffic to anything.yourdomain.com to a php script to handle the requests;
Do whatever you want in your php script: Use a header redirect, present another page in an iframe, etc.
A subdomain is just an entry in the DNS server configuration. Likely you'll be able to update the configuration by adding a bunch of lines in a file, or a new file altogether. This really depends on the DNS server software, maybe the one you use also has an API to be updated via a TCP socket.
Also if the target IP is shared (and thus you use name-based virtual host), or it's a different one, maybe you want an HTTP server listening on the port 80 on that IP.
Am sure there's answer on Google but I don't know how to formulate my question:
A php website is hosted on server like this: http://sub.realserver.com/website/index.php
Now I want to link the real domain name to it: http://therealwebsite.com
Problem is, when user visits:http://therealwebsite.com, he will see http://sub.realserver.com/website/index.php as he browse through other pages.
Question is how do I hide this realserver path and replace it with the domain name?
Thanks
edit: the website is hosted on a different server as the real domain name
I presume the domain name and the web site are pointing to the same server.
Although you could use URL rewriting (works with almost all popular web servers), the better solution is to set up your web server to provide that web site for the root of that domain name. How to do that completely depends on what server software you are using.
In apache, you need to create a so-called Virtual Host, configure it to respond to your domain name and set its DocumentRoot directive to the directory where your site is located.
See http://httpd.apache.org/docs/2.0/vhosts/examples.html for an example.
EDIT: I just read your comment. I'm afraid your options are rather limited. The easiest solution, but also the most dirty one, is to create one page with an IFRAME on it, that loads the site from the real server. You could also host a PHP proxy and on the server that hosts your domain name, and let it proxy the site on your
http://sourceforge.net/projects/php-proxy/
(I never used this, nor am I affiliated with this project, but it seems to claim to do what you want.)
I highly recommend though that you update your DNS records on your domain name so that it points to your server that hosts your site, and that you add a virtual host there.
you can do this with asp, there is a good resource on it here -
http://weblogs.asp.net/scottgu/archive/2007/02/26/tip-trick-url-rewriting-with-asp-net.aspx
I'm planning to build a webapp where users can show off their data. I want our users to be able to show it off on their own site, just like cloudapp. You can set your own domain name, but still use the application's hosting service.
So my service is http://example.com/showoff but I want users to have the option to use http://showoff.example.net for their data.
I'm planning on doing it in PHP, but i'm open for suggestions if it comes to building this kind of service.
Let's assume your domain is "showoff.com" and their domain is "acme.com"
You have two basic options: "showoff.acme.com" or "acme.showoff.com". I have done this both ways.
For "showoff.acme.com":
The customer will need to set up a CNAME entry pointing to showoff.com in their DNS. Explaining to the customer how to do this is not trivial, and doesn't make much business sense unless you have a small, high-paying customer base.
You will need to configure an Apache virtualhost to answer all requests to all domains (not just showoff.com)
You cannot use SSL unless you configure a virtualhost and IP and certificate for each individual customer. (A pain!)
For "acme.showoff.com":
You will need a wildcard DNS record to point *.showoff.com to your server's IP (whether this is easy depends on your DNS provider); if you are unable to do this, you will need to create a DNS record for each customer.
You will need to configure an Apache virtualhost to answer all requests to *.showoff.com
You can use a wildcard SSL certificate for *.showoff.com
In both scenarios, in your PHP you can find out what domain was requested with $_SERVER['HTTP_HOST']. You will want to check this against your database of recognized domains, to determine which customer's data to show.
As you can see, most of the work is in DNS and Apache; it doesn't really matter whether you use PHP or some other language.
They have to point a DNS entry for showoff.usersite.com to your server. You can read that from the $_SERVER variables and off you go! Point another domain to your site and try: print_R($_SERVER) and you will see the domainname pointing to you.