NuSphere Forums Forum Index
NuSphere Forums
Reply to topic
Binding to localhost


Joined: 25 Sep 2007
Posts: 6
Reply with quote
Hello,

I just installed phpdock ... what I found was that any computer on the network can access it while running, at ip:8001

Is there any way to force the server to bind only to localhost, and/or block external access to the application?
View user's profileFind all posts by intellispireSend private message
Site Admin

Joined: 13 Jul 2003
Posts: 8334
Reply with quote
yes indeed, it listens on 0.0.0.0:8001 and 127.0.0.1:8001, but you can block it easily in the firewall (Deny inbound connections on 8001 port)

_________________
The PHP IDE team
View user's profileFind all posts by dmitriSend private messageVisit poster's website


Joined: 29 Aug 2007
Posts: 39
Reply with quote
Firewall modifications could be a pain for client systems, and if the intent is to prevent clients from networking the app, it's going to be pretty easy to bypass.

I haven't actually tried it, but I'd imagine you could lock it down with PHP.

I'm thinking a comparison of $_SERVER['HTTP_CLIENT_IP'] or $_SERVER['REMOTE_ADDR'] with $_SERVER["HTTP_HOST"]. If they match then the viewer is on the machine running the dock, otherwise it's networked. It should be then easy enough to knock up a friendly "This version does not support network use - Please contact us to upgrade this installation" message.

I'll have a tinker when I get a chance and see if it works. Will post back any code I come up with.

Cheers
View user's profileFind all posts by StryksSend private message


Joined: 29 Aug 2007
Posts: 39
Reply with quote
As promised ...

Code:
      if($_SERVER['SERVER_ADDR'] === $_SERVER['REMOTE_ADDR']) {
         echo "Access Allowed";
      } else {
         exit("Sorry ... Remote access not allowed.");
      }


Of course, the suitability of this depends on your concern. If you're just worried about the security of your system, then the firewall approach is your best bet.

If you just want to lock down an app from external access, then the above should work if you use it at the start of each functional page (adjusted to take the action you need of course).

Cheers
View user's profileFind all posts by StryksSend private message
Binding to localhost
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT - 5 Hours  
Page 1 of 1  

  
  
 Reply to topic