Is there an easy forwarding/transparent php proxy script that I can host on my web server? These are my conditions:
I'm using free web hosting, so I have pretty much no control over my machine. Otherwise I could use Perl's HTTP::Proxy module. This means no root password. It does run php though.
I already have a server running on port 80. What I mean is I would like to put a php script as index.php on my server that will forward all requests.
I don't want a script like PHProxy or Glype where I go to the site, then enter a URL. I want a server so I can enter proxy.example.com:80 in Firefox's or IE's or whatever's proxy settings and it will forward all requests to the server.
Preferably (though not fatal if not possible) I would like for it to pass on the USER_AGENT environmental variable (That's the browser) instead of setting itself to be the USER_AGENT
I can't start a new Daemon. My server won't allow it.
Is there a script that will do this? If so, which?
No, I'm fairly sure this is not possible on shared hosting. It will fail your condition number 3. This needs support on web server level (e.g. using Apache's mod_proxy)
For this to work, you would have to set up the remote server to be able to deal with proxied requests. No sane web server will offer that possibility.
Related
I have been trying to develop web pages locally (in Windows 10) and running in my local browser (chrome, vivaldi). Right now I have 3 different ways to run simple servers locally: php's built in server, python's http.server module, and vscode's LiveServer. When I run the php server, I can execute php code properly, as one would expect. But calling php urls using the other two, I get a "Save File" dialog! Where is that coming from? Instead of a simple "not found" I get the dialog. So I have two questions: (1) Why am I getting the save file dialog? (2) Is it possible to process php files using LiveServer or python's http.server module (which I don't expect can ever support php)
if the save dialog is being shown it's cause the server can't interpret php code. You have to check these servers configs to check their integration with PHP (if they they can do that).
Good questions. Erick has answered the 1st one. I'll just elaborate more on it and then answer the 2nd one.
Why do you get save file dialog?
At a high level, a web server is serving files. When serving HTML/CSS/JS files to the browser, life is easy. Your browser understands HTML/CSS/JS and knows how to render it for the user. If your browser was sent unprocessed PHP file (assuming that file was present), the browser won't know what to do with <?php .. ?> tags and such. So, the browser offers the user to download the file. Same thing with a zip file. If you went to http://someurl.com/abc.zip, if the webserver found that file under the root of someurl.com, it'll send it to the browser and the browser will offer the user to download it. There's more to it than just that.
So, how does a web server process PHP files? It depends on the web server, but the common thing is that they need help in processing PHP files. Web server is configured to send the request to php.exe or some other system such as PHP-FPM, which processes the file and returns back to the web server to send it to the user. Processing of the file converts echo "<div>$variable</div>"; to clean HTML <div>I am awesome</div>. This processing system (php.exe or PHP-FPM) tag team with web server to serve to the browser what it can render.
Is it possible to cross-render languages?
Yes, you can in multiple ways. One of the common ways is to find the best processing system for the language of choice. For example, PHP can be processed with PHP-FPM running as a service. So, http://someurl.com/test/index.php could run through PHP-FPM. Python may use WSGI and you may choose gunicorn to process Python files. In that case, your webserver can be asked to send python-related directories/subdomains directly to gunicorn (essentially a proxy).
Reverse proxy
Let's say you have multiple sites with multiple language needs.
http://py.someurl.com serves Python/Django
http://someurl.com serves straight HTML
http://ph.someurl.com services PHP
http://js.someurl.com is powered by NodeJS
py.someurl.com could run on the server using gunicorn web server (or other wsgi-friendly servers) on port 8000. Node could be serving using Express web server on port 9000.
You could run NGINX server that serves straight HTML and also serves ph.someurl.com by sending requests to PHP-FPM service. It can also be configured to take all requests to js.someurl.com and hand it off to http://localhost:9000 where Node will service the request and send output back to NGINX and NGINX can send the request to the browser. Similarly, requests to py.someurl.com can be sent to localhost:8000 where gunicorn processes the request and sends the request back to NGINX, which forwards the request to the browser.
From a user's perspective, all they know is the NGINX server. All the other things in the background are known to NGINX. NGINX, in that case, serves as a web server and a proxy.
Can the PHP variable $_SERVER['SERVER_NAME'] be forged or faked? I was planning on using that as a security measure for form posting. I would check to make sure that variable is my site name (www.example.com). I know HTTP_REFERRER can be faked, but I wasn't sure on this one.
Thanks!
Actually $_SERVER['SERVER_NAME'] can be affected by what the client browser sends over... See http://shiflett.org/blog/2006/mar/server-name-versus-http-host for a through investigation on the issue.
By a visitor it can't normally be faked out. But I suspect you would want to enforce a certain SERVER_NAME to license scripts so they can only be used by particular domains. In this case the answer is yes, this variable can definitely be faked.
The reason is simple, the server sets this value. In most cases you would have PHP running as an Apache module, but sometimes you have other Apache modules, sometime you have PHP running in CGI mode with NGINX or IIS, sometimes you even have PHP running as CLI forked as a child process by a custom-built server deployed in a cloud. Those servers would be responsible for setting that variable.
Plus, there's always the manual assignment.
$_SERVER['SERVER_NAME'] = ... // this can go above all your scripts
It can't be faked, persay, but it will always return your site name. It is useful if you are running multiple sites off of the same script and, for example, use a different database depending on the host name provided.
The PHP documentation says:
'SERVER_NAME'
The name of the server host under which the current script is executing. If the script is running on a virtual host, this will be the value defined for that virtual host.
I have application called unistat installed on my pc. I want to pass an argument from a web page and retrieve output from that program.
Is this possible?
How i can connect the website based on PHP to a remote desktop? ask to run .exe file by passing data and send output to specific location?
In order to access your local machine from the remote server, you're going to have to open up your router configuration settings and port forward all incoming port 80 traffic to your local web server's IP.
On your local machine, install PHP and set up an endpoint that runs the exec command, calling the .exe you wish to run.
You'd be wise to put this behind an authentication system, as it will be exposed to the www.
On the remote site, just fire a request off to the local machine's endpoint and the exec command will be run. Of course, if you have a dynamic IP, it's going to require constant maintenance.
See the following link about setting up custom protocols on Windows:
https://support.shotgunsoftware.com/entries/86754-launching-external-applications-using-custom-protocols-rock-instead-of-http
The idea would be that your web site could direct the browser to a special URL, i.e. unistat://my-data-goes-here and the application would be triggered with this data.
edit: better, MSDN link on the subject. http://msdn.microsoft.com/en-us/library/ie/aa767914(v=vs.85).aspx
edit2: Just realized you want to pipe the output from the EXE back to the webserver.... You may be better off building a browser extension. That, or writing a wrapper around unistat which can trap the output and submit it to a web service.
I want to write either a perl (CGI) or php script on a server to behave like a proxy server. I want to be able to enter the hostname and port on firefox proxy settings (or IE, chrome, whatever) and then go to a site, and have my webserver forward the request to another server, and forward the response back to the client. This way, I am basically using my server as a proxy server. Is there a perl or php script that can do this? If so, what?
Do not suggest anything along the lines of PHProxy or Glype.
I don't want a server that I go into with my browser and enter a URL to browse. That's a big NO-NO.
The CPAN module HTTP::Proxy implements a simple HTTP proxy server that you can start and run out-of-the-box.
I need to deploy a Django project on a shared server which I have no root access for, and no administration capabilities whatsoever.
Each user on the server has a dedicated directory from which Apache serves that users files (public URL would be /~username/).
Problem is, Apache on this server has no CGI capabilities, no mod_python, no mod_wsgi. I can work with PHP, however.
What hacks do I have to deploy a Django project on this server, maybe employing PHP somehow?
This is in no way a production scenario, and any hack you can think of which will work would be great. Ignore any performance or scalability factors - this is only a POC.
Without mod_python, mod_wsgi, or fastCGI, you won't be able to do it directly.
I'm thinking what you might have to do is run the django app as standalone, listening on another port, then basically use PHP to proxy requests to it.
So you do your
python manage.py runserver 9999
maybe starting it with a nohup instead to keep it running when you logout:
nohup python manage.py runserver 9999 &
Then, in ~username, you make a proxy.php script that takes any additional PATH_INFO and makes a request to localhost:9999, passing along HTTP headers, collects the response, and sends it back to the browser.
So, eg, the browser requests http://example.com/~username/proxy.php/some/path/ and the PHP script requests http://localhost:9999/some/path/ and sends along the results.
I'm not a PHP programmer so I can't exactly show you how to write that, but I'm sure someone out there must have implemented an HTTP proxy in PHP.
If you have .htaccess support in that directory and apache has mod_proxy_http enabled, you could just have apache directly proxy the request. The documentation is pretty easy to follow. But if they don't have CGI enabled, they probably don't have that set up either.
Of course, the easiest thing would be if you could just get away with django running and listening on a public facing port and access it directly. Ie,
python manage.py runserver example.com:9999
and access it directly as http://example.com:9999/