Prev: displaying constants
Next: array_walk_recursive pass by reference
From: Tamara Temple on 29 Aug 2010 00:48
Sorry, forgot to include the mailing list email when I replied to this
originally...

On Aug 28, 2010, at 8:28 PM, tedd wrote:

> Sorry for not making sense. But sometimes you have to confirm the
> players (both server and remote) in communications.
>
> Try this -- place this script on your site:
>
> <?php
> print_r($_SERVER);
> ?>
>
> You will note that:
>
> [SERVER_NAME] => is the domain name of your site.
>
> Also:
>
> [SERVER_ADDR] => is the IP of your site. If you are on a shared
> host, then it will still be the IP of the main host.
>
> Please note:
>
> [REMOTE_ADDR] => is the IP of the remote server. It *will be* the IP
> of the remote main host regardless of if the requesting script is
> running on the remote main host OR is running under a remote shared
> host.
>
> Here's an example:
>
> My site http://webbytedd.com is running on a shared host.
>
> The server address reported for this site is: 74.208.162.186
>
> However, if I enter 74.208.162.186 into a browser, I do not arrive
> at webbytedd.com, but instead go to securelayer.com who is my host.
>
> Now, if webbytedd.com was the requesting script, how could the
> original script know what domain name the request came from? As it
> is now, it can only know the main host ID, but not the domain name
> of the requesting script. Does that make my question any clearer?
>
> So my questions basically is -- how can I discover the actual domain
> name of the remote script when it is running on a shared server?
>
> I hope that makes better sense.
>
> Cheers,
>
> tedd


I really don't understand what you mean by "remote script" -- most
requests are made by clients. REMOTE_ADDR is the IP address of the
*client* - i.e. the requesting system. It may or may not be a script.
And it may or may not have an accessible hostname.

Is this a situation where you are establishing a service that is to be
called by other servers, i.e, some form of API? If not, and if it is a
case of a browser client calling a PHP script on your server, most
browser clients aren't running on very useful hostnames for the
outside world anyway. E.g. the hostname of my mac is "paladin.local"
but it obviously can't be called by the outside world by that name.
Maybe tell us what you are trying to accomplish by knowing the
hostname of the calling machine? Maybe there's another way.

Are you trying to set up two-way communication between the two
servers? Normally, communication is established without regard for
the calling machine's hostname, because it's going through the
connection established by the web server. PHP just returns info along
that connection to the calling machine. It seems you would only need
to know the requesting system's hostname if you were going to
establish some other channel of communication with it, i.e., if your
original script was somehow going to call back the calling machine,
webbytedd.com to do some other kind of activity. If that *is* what
you're doing, I can probably guarantee there's a better way to do it.

However, if what you're after is *authenticating* that the requester
is who they say they are, there are ways to do that as well without
knowing the requesting host's name (and better than knowing the
requesting host's name, you can establish authenticity and access
control for a particular script which is much better than just
establishing blanket authority for a particular hostname).

However, I'm really reaching here with trying to understand what you
want to accomplish by knowing the requesting machine's hostname.

So, please, explain what you are trying to do and maybe we can help
with that.

Tamara

From: Jim Lucas on 29 Aug 2010 02:08
tedd wrote:
> At 12:15 AM +0200 8/29/10, Peter Lind wrote:
>> On 28 August 2010 23:45, tedd <tedd.sperling(a)gmail.com> wrote:
>>
>> > So, I'm trying to figure out a compliment to
>> $_SERVER['SERVER_NAME'] such as
>>> something like $_SERVER['REMOTE_NAME'].
>>>
>> > Is there such a beast?
>>
>> You're not making any sense. For the script on your local host to be
>> able to connect and communicate with the remote host, it would need to
>> know the name of the remote host. Hence, the local host already knows
>> the name and has no reason to ask the remote host for a name by which
>> to contact it.
>> That's what I get from your description of the problem. You probably
>> want to clarify some things.
>>
>> Regards
>> Peter
>
> Peter:
>
> Sorry for not making sense. But sometimes you have to confirm the
> players (both server and remote) in communications.
>
> Try this -- place this script on your site:
>
> <?php
> print_r($_SERVER);
> ?>
>
> You will note that:
>
> [SERVER_NAME] => is the domain name of your site.
>
> Also:
>
> [SERVER_ADDR] => is the IP of your site. If you are on a shared host,
> then it will still be the IP of the main host.
>
> Please note:
>
> [REMOTE_ADDR] => is the IP of the remote server. It *will be* the IP of
> the remote main host regardless of if the requesting script is running
> on the remote main host OR is running under a remote shared host.
>
> Here's an example:
>
> My site http://webbytedd.com is running on a shared host.
>
> The server address reported for this site is: 74.208.162.186
>
> However, if I enter 74.208.162.186 into a browser, I do not arrive at
> webbytedd.com, but instead go to securelayer.com who is my host.
>
> Now, if webbytedd.com was the requesting script, how could the original
> script know what domain name the request came from? As it is now, it can
> only know the main host ID, but not the domain name of the requesting
> script. Does that make my question any clearer?
>
> So my questions basically is -- how can I discover the actual domain
> name of the remote script when it is running on a shared server?

Their is not existing variable (if you would) that your server, when
connecting to a remote server, would be sending. So, to have the remote
end be able to identify the initiating host identity, the initiating
side would have to add some something to the headers or pass it along in
the body of the request itself.

What type of service are you trying to create on your server? And what
protocol would it be using to connect to the remote server? If you are
using cURL, you could add something to the headers before you send the
request. But, if you are using something like fopen or
file_get_contents, you are stuck. You would not be able to modify the
headers being sent in the request.

If you are in need of identifying the initial server from the second
server, then I would suggest using cURL and adding something unique to
the headers before you send the request to the remote server.

Hope that is clear as mud.

>
> I hope that makes better sense.
>
> Cheers,
>
> tedd
>

From: Peter Lind on 29 Aug 2010 04:56
On 29 August 2010 08:08, Jim Lucas <lists(a)cmsws.com> wrote:

*snip*

> Their is not existing variable (if you would) that your server, when
> connecting to a remote server, would be sending.  So, to have the remote end
> be able to identify the initiating host identity, the initiating side would
> have to add some something to the headers or pass it along in the body of
> the request itself.
>

+1. Let the requestion script send through identification/authentification.

Regards
Peter

--
<hype>
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
</hype>
From: tedd on 29 Aug 2010 10:55
At 10:56 AM +0200 8/29/10, Peter Lind wrote:
>On 29 August 2010 08:08, Jim Lucas <lists(a)cmsws.com> wrote:
>
>*snip*
>
>> Their is not existing variable (if you would) that your server, when
>> connecting to a remote server, would be sending. So, to have the remote end
>> be able to identify the initiating host identity, the initiating side would
>> have to add some something to the headers or pass it along in the body of
>> the request itself.
>>
>
>+1. Let the requestion script send through identification/authentification.
>
>Regards
>Peter

To all:

My post about SERVER globals was simply an observation that the
SERVER global report of host and remote was not symmetric -- for
example you could obtain both the IP and Domain Name of the host, but
only the IP of the remote. Sorry for any confusion I may have caused
in my post.

As to the reason why I was asking, please review my next post, namely
"Secure Communication?"

Cheers,

tedd

--
-------
http://sperling.com/
From: Jason Pruim on 29 Aug 2010 11:54

On Aug 29, 2010, at 10:55 AM, tedd wrote:

> At 10:56 AM +0200 8/29/10, Peter Lind wrote:
>> On 29 August 2010 08:08, Jim Lucas <lists(a)cmsws.com> wrote:
>>
>> *snip*
>>
>>> Their is not existing variable (if you would) that your server, when
>>> connecting to a remote server, would be sending. So, to have the
>>> remote end
>>> be able to identify the initiating host identity, the initiating
>>> side would
>>> have to add some something to the headers or pass it along in the
>>> body of
>>> the request itself.
>>>
>>
>> +1. Let the requestion script send through identification/
>> authentification.
>>
>> Regards
>> Peter
>
> To all:
>
> My post about SERVER globals was simply an observation that the
> SERVER global report of host and remote was not symmetric -- for
> example you could obtain both the IP and Domain Name of the host,
> but only the IP of the remote. Sorry for any confusion I may have
> caused in my post.
>
> As to the reason why I was asking, please review my next post,
> namely "Secure Communication?"
>
> Cheers,
>
> tedd


Hey tedd,

My understanding of how shared hosting works would make this near
impossible... Basically Apache grabs a header that is sent at the
initial connection which includes the destination hostname and from
there it translates it to the proper directory on the shared host.

All the IP's though are based off of the parent site's server...

Now with dedicated hosting where you have the entire machine you can
do what you are looking at because the IP address will always
translate back to your website.

Now hopefully my understanding of shared hosting isn't flawed but if
it is I'm sure someone will nicely point out why :)


First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4
Prev: displaying constants
Next: array_walk_recursive pass by reference