Remote Server

Mizhad

n00b

Offline

Posts: 3

Remote Server

« on: January 16, 2009, 01:27:02 AM »

Hello every body.. My problem is:

I have a server A and another Server B, there is a file on Server A by the name a.php, and a file on server B by the name b.php. The file a.php wants to get some information from b.php and b.php has to check the URL of a.php before handing over the information to a.php... How can I do this? How can b.php get the domain name of the requesting server? I will be appreciative for any good advice.... Thanks in advance..

Regards
Mizhad


	Logged

No links in signatures please

vsloathe

vim ftw!
Global Moderator
Lifer

Offline

Posts: 1669

Re: Remote Server

« Reply #1 on: January 16, 2009, 06:28:25 AM »

Reverse whois on the IP?


	Logged

hai

nutballs

Administrator
Lifer

Offline

Posts: 5627

Back in my day we had 9 planets

Re: Remote Server

« Reply #2 on: January 16, 2009, 08:09:26 AM »

if your the only user of the IP of the "home" server, then the IP would probably be a good enough check.
if your php its as simple as $_SERVER['REMOTE_ADDR'] to get the ip of the requester

if your doing it from home, on a NON-controlled IP, which you cannot put a domainname on, or the IP is shared, reverseIP wont work really. SO...

you can do a challenge response system which is probably good enough.
just send a secret key. 'nf09htphg0a93paoh3n'
or an encrypted key based off the domainname of the target machine and some salt.
47aishne88somedomain.com8h7yh


	Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.

Mizhad

n00b

Offline

Posts: 3

Re: Remote Server

« Reply #3 on: January 16, 2009, 10:07:45 AM »

Thank you nutballs

The idea of the key is not bad at all but will not resolve my problem.. a.php will be distributed per domain name and these domains will be stored in a database, every time a.php is ran it gets html format from b.php and b.php has to know what domain name is this asking for information by searching in the database, if found then the HTML is handed over to a.php otherwise null.

I read yesterday little bit about HTTP protocol, it seems web server never cares for the domain name of the requesting server... This makes me little bit desperate..


	Logged

No links in signatures please

nutballs

Administrator
Lifer

Offline

Posts: 5627

Back in my day we had 9 planets

Re: Remote Server

« Reply #4 on: January 16, 2009, 02:40:51 PM »

thats exactly what I do.

I pass the domainname, which is untrusted.
and a key which is the domainname + some salt, MD5'd or SHAd

on B.php, i would then take the untrused domain and MD5 with the same secretsalt. if the 2 MD5 from A matches the MD5 that B generates, do whatever A asked, otherwise, send back a giant FU message.

so for example:
file_get_contents('http://bbbbb.com/b.php?domain=aaaa.com&md5=54b0c58c7ce9f2a8b551351102ee0938');


« Last Edit: January 16, 2009, 02:42:26 PM by nutballs »	Logged

I could eat a bowl of Alphabet Soup and shit a better argument than that.

Mizhad

n00b

Offline

Posts: 3

Re: Remote Server

« Reply #5 on: January 16, 2009, 04:41:49 PM »

Sounds interesting nutballs... I have to think

I will come back to you later, hopefully with good news... Thanks you


	Logged

No links in signatures please

Pages: [1]

« previous next »

	Welcome, Guest. Please login or register. Did you miss your activation email?	May 24, 2012, 03:00:59 AM
		Login with username, password and session length