I'm trying to send a request and retrive an information from the website with my program using HttpWebRequest in VB .NET.
The problem is that since the website use Cloudflare, my requests returns an 503 Server Unavailable error.
What can i do to make the web requests works with Cloudflare?
Thank you,
My advice is you whitelist the IP of the server hosting the VB.NET code at a CloudFlare level. To do this, select your site in the CloudFlare admin panel, select Firewall > IP Firewall. Then simply whitelist your IP under Access Rules by adding it there (make sure to select whitelist instead of block).
Related
I'm working on a website based on an apache server hosted on server1 The front end has to get some data from server1 but from others, APIs hosted on server2
I'm quite aware of the same origin constraint and jquery requests are blocked by the CORS security policy
It looks like creating a subdomain dedicated to API calls like https://api.server1 that is a proxy to https://server2 looks the most conventional way.
But I have no control over subdomain and for the moment I would use a specific URI on server1 like https://server1/api-server2 to access to my web services hosted on server2
I've tried several apache configurations (Redirect, proxipass, proxymatch, ...) but I just manage to make a redirection to https://server2, so I don't think it will be compliant with the Same Origin constraint.
Finally, I'm looking for an apache configuration that makes server1 redirect request and manage the response to/from server2 but that stays totally transparent for the webbrowser, webbrowser seeing only https://server1/* request in any case
Could someone at least give some Apache directive to make that based on URI (/api) or eventually sub-domain api.server1 ?
Thank you in advance for your help... I'm stuck :/
RV
Where I work theres an web app that is hosted on windows servers, all users access the application using HTTP, not HTTPS. This is due to some restrictions that the dev team could not solve.
So I thought that i could solve this issue using HAProxy and SSL Termination, so the users would communicate with the proxy first using HTTPs and then the proxy would communicate with the app servers using HTTP. This would be inside a private VLAN so the HTTP traffic cannot be sniffed.
The users access the app using this schema --> http://servername:port/path/to/app
So instead of this, the users should type https://haproxy.domainname:port/path/to/app
and the haproxy should handle the communication against the app servers.
Is this possible? or should i think of another solution to this?
I came up with this:
frontend haproxy.domain.name
bind ipaddress:port ssl crt /home/cert.pem
acl is_bdc path -i -m beg /path/to/app
use_backend web_servers if is_bdc
default_backend web_servers
backend web_servers
balance roundrobin
server server1 ipaddress:port
I can access the app server using this configuration, but the app fills some variables using the URL of the web browser, and as im accessing the app using another URL (haproxy.domain.name instead of the app server hostname) its causing some errors. Is possible to maintain the app server hostname on the url but also keep the SSL termination? The used certificate its a wildcard so adding the domain name would be enought (i think)
Thanks you in advance!
Well there are several options to solve your issue.
1.) Tell the app server that it runs behind a reverse proxy and configure the app engine to use haproxy.domain.name as Domain/Host part, something similar to tomcats Proxy Support How-To
2.) you can use the http-response replace-header or replace value to rewrite the URL. This will not work with links in the body of the response.
As you haven't mention the HAProxy version I link to the latest one.
Maybe you will need also to configure the IIS to know that it works behind a reverse proxy, in case you use IIS.
I have gotten into making web pages with apache/nginx and I want to know whats the best way to have either a proxy or a VPN setup so whenever anyone points at my domain they won't get my IP so easily
The Domain should auto change the IP if it sees any changes so that shouldn't be a problem
I wanted to make a proxy list into a file and use it but I haven't really find a way yet
Any Suggestions?
You can set up a reverse proxy with nginx and apache i.e. when someone tryies to access your website by typing in your domain, their web browser will query a domain name server to get the IP address associated with you're domain. Their web browser will then send a request to your nginx server IP which will then in turn send a request via reverse proxy to your apache server IP where the physical web page files are located. Apache IP address returns the requested web page files to nginx IP address and nginx in turn returns the requested web page files to the client IP address.
Ant-Media-Server is running on an IPAdress without any domains. We just set up this server to be used for streaming in order to use it from different domains pointing to different servers.
Since all of our domains use ssl, we face the typical connection problem:
mixed Content: The page at 'https://SOMEDOMAIN.com/QUERY' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://1.2.3.4:56'. This request has been blocked; this endpoint must be available over WSS.
Ant-Media already offers tutorials on how to install a Let's Encrypt SSL Certificate but sadly it is not available for pure IP-Addresses.
Apart from the Ant-Media Service, the server doesn't has any NGINX, NodeJS, Apache or other http Servers installed - the plan was just to use it for streaming by calling the IP-Address.
Do you have any ideas on how to solve that problem?
Unfortunately, this is not possible.
The goal of having a SSL is ensure you are requesting the right domain name besides encrypting the content between your users and your server.
Here are some alternatives:
create an endpoint in your own app that proxies data to your server.
Instead of playing the IP address, you can play:
/your-proxy-url?stream=http://yourIp.com:port/....
Note that using a proxy will make all the traffic pass through your web app.
As a reference, if you are using PHP on your website, you can have some ideas from here: https://gist.github.com/iovar/9091078
Create a reverse-proxy in front of your web app that redirects the traffic to your IP address.
Both solutions does not change your Ant Media Server, just adds a new resource between your users and your streaming server - adding the SSL on it.
Recently I have installed ssl certificate on my website. After the ssl certificates have been installed ,I found that my subdomain is not working properly. I will address my subdomain as 'xxxx'and main domain as 'primary'. The main domain works well with http as well as https. Now the subdomain works well with http, but with https://xxxx.primary.com delivers me the main site content and not the content of subdomain. I'm using apache server, linux operating system.
Can anyone please help to solve this issue?
Thanks in advance.
This is how SSL protocol works with the browsers. Whenever browsers receive HTTPS request for domain name, it first checks with the server then delivers the site's content. If a website on server has enabled SSL accessed with HTTPS, browser will try to make secure connection and send request to the server.
In your case, your main website is working properly with HTTP as well as HTTPS and delivers proper content, but your sub-domain is not showing proper content for HTTPS. In order to deliver proper content you should consult with your development team. You can better host your sub-domain on another server or you can protect your sub-domain with valid separate SSL certificate.
Suggestion: If you own multiple sub-domains then it is advisable to use Wildcard SSL, that can protect unlimited number of sub-domains with single certificates. Please note, this unlimited does secure first level (blog.domain.com), doesn't second-third-fourth-etc. level (news.blog.domain.com, 1.news.blog.domain.com or abc.1.news.blog.domain.com).