I'm using a v2ray server I want each client user can have ability to access the internet just with one device and he can't use multiple devices to use the connection that I provide for him
please let me know if you have solution
I have tested several x-ui forks that claims their x-ui can provide me that ability but none of them work for me
This Script can help you. Of course, if you create multiple users with different UIDs.
Related
I am working on an iOS project for my client from Iran using Firebase. When my client tries to open the Firebase website (https://www.firebase.google.com), he is getting error like:
"Your client does not have permission to get URL / from this server.
That’s all we know."
Anyone has any idea about this? Is firebase not available in Iran? Lets say I tell him to use VPN, will the user from Iran be able to use this app after release?
Would appreciate if somebody from Iran can help me out.
By my friends, I know that many things are filtered in Iran.
Some filters are by government ( porn sites or some social media sites) and some are by sanctions ( some technological tools). This which you are facing now is a sanction.
For browsers: he has to go into incognito to avoid any previous caches and also Yes use a VPN.
As for the app: it depends, would firebase.google know about the IP address of where it was originated? if so then yes it won't be able to work and you must somehow think of some local service or somehow incorporate a VPN into your app.
I recommend you seek consultation from your client, it's really not your responsibility and I assure you that this isn't a huge problem, there must be plenty of workarounds that you just don't know of.
EDIT: It seems that there is an Iranian alternative to Firebase. It's called Pushe.
google does not provide their service to Iran,Cuba,North Korea,Syria and Crimea.
in terms of Policy page
The Software is controlled by U.S. Export Regulations, and it may be
not be exported to or used by embargoed countries or individuals.
so the Problem is USA Government
I have the same problem with FireBase (only in android)
This is the exact exception I'm getting:
signInWithEmail
com.google.firebase.FirebaseException: An internal error has occured. [ This service is not available from your country ]
at com.google.android.gms.internal.zzacq.zzbN(Unknown Source)
at com.google.android.gms.internal.zzacn$zzg.zza(Unknown Source)
at com.google.android.gms.internal.zzacy.zzbO(Unknown Source)
at com.google.android.gms.internal.zzacy$zza.onFailure(Unknown Source)
at com.google.android.gms.internal.zzact$zza.onTransact(Unknown Source)
at android.os.Binder.execTransact(Binder.java:446) at com.google.android.gms.internal.zzact$zza.onTransact(Unknown Source)
at android.os.Binder.execTransact(Binder.java:446)
I guess it's clear that fire base won't work in Iran.
And here I thought it was going to be available for everyone!
pushe is just a notification service
There is a way that you can use https://github.com/kreait/firebase-tokens-php and something like php laravel for backend.
This is how you can change ip address for requesting and get response to the firebase database service.
Working with Firebase in Iran isn't possible. Therefore, you should use an alternative solution.
One of the best backend service out there is Parse Platform.
Although You can set your own Parse server up, you can use Back4App, which is based on Parse.
Easy to use, vast capabilities and generous free tier makes Back4App service suitable for learning and doing small projects as an alternative of Firebase.
I am wondering about what the best way to keep users in sync with each other in a social network is. The concerned stack is an iOS app with a NodeJS backend. Let me give you an example:
Say X and Y are friends on a social network. Y's posts appear in X's feed, and as such, Y is cached somewhere on the X's phone. This morning, Y decided to change profile pictures however. Everything is well, the new picture is uploaded to the server, but how do we go about letting X know about the change of profile picture?
My possible solution: Create a route /<UID>/updates that contains a stack of "cookies" which lets the user know what and who changed since the last time they made a GET request to the route.
This seems elegant enough, but what worries me is what happens on the client side (am I supposed to make a GET request every 2 minutes during my app's uptime?). Are there any other solutions?
One solution is indeed to poll the server, but that's not very elegant. A better way is to make use of websockets:
WebSockets is an advanced technology that makes it possible to open an interactive communication session between the user's browser and a server. With this API, you can send messages to a server and receive event-driven responses without having to poll the server for a reply.
They are a 2-way connection between client and server, allowing the server to notify the client of any changes. This is the underlying technology used in the Meteor framework for example.
Take a look at this blogpost for an example of how to use websockets between an iOS client and a NodeJS backend. They make use of the open source SocketRocket iOS library.
We've developed a web application which is hosted on premises available for people in the shop floor via Wifi. However, the wifi signal is not reliable and it's not possible to use wired network or improve the signal.
I am looking for a solution to handle this issue. Is there a way to put the http requests into a local queue and process it asynchronously at the background? If so, how to do it? Or is there any other alternative approach?
Any thoughts are greatly appreciated.
I have the same problem in the company where I work, there are certain places where the WiFi can not reach, and the system needs to get information from the DB in order to show that info to the user and then upload some new info.
Part of this system is done with iPads, so to solve the problem I use LocalStorage to store a JSON object that contains the info the user need to work, I store the info that is going to be uploaded in another JSON object, and when there is a connection available the info is Uploaded.
Hope it helps
I would recommend to build the web app with angularjs or another javascript framework of your choice. Once the user has loaded the site you can perform asynchronous ajax/http requests to load the required data and the web app will never reload the entire page.
In case one http request fails you can implement that the web app should try one more time or whatever :)
I've searched for this a bit on Stack, but I cannot find a definitive answer for https, only for solutions that somehow include http or unencrypted parameters which are not present in my situation.
I have developed an iOS application that communicates with MySQL via Apache HTTPS POSTS and php.
Now, the server runs with a valid certificate, is only open for traffic on port 443 and all posts are done to https://thedomain.net/obscurefolder/obscurefile.php
If someone knew the correct parameters to post, anyone from anywhere in the world could mess up the database completely, so the question is: Is this method secure? Let it be known nobody has access to the source code and none of the iPads that run this software are jailbreaked or otherwise compromised.
Edit in response to answers:
There are several php files which alone only support one specific operation and depend on very strict input formatting and correct license key (retreived by SQL on every query). They do not respond to input at all unless it's 100% correct and has a proper license (e.g. password) included. There is no actual website, only php files that respond to POSTs, given the correct input, as mentioned above. The webserver has been scanned by a third party security company and contains no known vulnerabilities.
Encryption is necessary but not sufficient for security. There are many other considerations beyond encrypting the connection. With server-side certificates, you can confirm the identity of the server, but you can't (as you are discovering) confirm the identity of the clients (at least not without client-side certficates which are very difficult to protect by virtue of them being on the client).
It sounds like you need to take additional measures to prevent abuse such as:
Only supporting a sane, limited, well-defined set of operations on the database (not passing arbitrary SQL input to your database but instead having a clear, small list of URL handlers that perform specific, reasonable operations on the database).
Validating that the inputs to your handler are reasonable and within allowable parameters.
Authenticating client applications to the best you are able (e.g. with client IDs or other tokens) to restrict the capabilities on a per-client basis and detect anomalous usage patterns for a given client.
Authenticating users to ensure that only authorized users can make the appropriate modifications.
You should also probably get a security expert to review your code and/or hire someone to perform penetration testing on your website to see what vulnerabilities they can uncover.
Sending POST requests is not a secure way of communicating with a server. Inspite of no access to code or valid devices, it still leaves an open way to easily access database and manipulating with it once the link is discovered.
I would not suggest using POST. You can try / use other communication ways if you want to send / fetch data from the server. Encrypting the parameters can also be helpful here though it would increase the code a bit due to encryption-decryption logic.
Its good that your app goes through HTTPS. Make sure the app checks for the certificates during its communication phase.
You can also make use of tokens(Not device tokens) during transactions. This might be a bit complex, but offers more safety.
The solutions and ways here for this are broad. Every possible solution cannot be covered. You might want to try out a few yourself to get an idea. Though I Suggest going for some encryption-decryption on a basic level.
Hope this helps.
I'm considering adding email addresses to a marketing web app. Currently users are able to sign up and get a subdomain address that they can choose (theychoose.domain.com). So I'm thinking of also offering theychoose#domain.com for an email address they can use.
I've pretty much decided on sendgrid.com for sending email through the web interface which takes care of a ton of sending headaches. I'd also like to avoid setting up an email server if I could so I'm looking for services that allow me to set up an account and then programmatically create addresses when a user signs up. I want to find a service that will deal with all the spam filtering etc.
Also, this probably makes no difference but it's a Rails app.
One possibility is to use Google Apps Premier Edition. The API description can be found at http://code.google.com/apis/apps/gdata_provisioning_api_v2.0_reference.html.
Keep in mind though, that each user will cost $50/year. However, if you make significantly more than that per registered user, then it may be worth it.