I run http server, listening on port 10001, on my PC. I can access http://localhost:10001 from all browsers on my PC. I can access http://192.168.1.1:10001 (192.168.1.1 is my PC's local IP) from all browsers but not from Microsoft Edge. When I access http://192.168.1.1:10001 from Edge, my http server even doesn't receive any incoming TCP connection. After several seconds, Edge displays error page that the page is unavailable.
Is there any settings that will allow accessing http://192.168.1.1:10001 in Edge?
By default, Edge blocks localhost loopback. To enable it, navigate to:
about:flags
Once there, enable the "Allow localhost loopback (this might put your device at risk)" under the Developer Settings section.
Related
I have a website that is hosted in apache web server under ubuntu. Now i setup a reverse proxy (ARR) in IIS (windows server 2016) to point the subdirectory (/daily) to the website that is hosted in apache web server - ubuntu. When i try to access the website via safari on iOS, the website is not loading (The loading bar appears on the top-left corner; The loading bar disappears (almost immediately); I am back on the page I was before - The page was not reload, it is as if I did nothing...) however when i try to access it in chrome (laptop, android, pc), firefox, internet explorer and other non-ios browser, i can load the website successfully.This is the twist: when i try to access the website in ios safari using http (not secure), the page was loaded successfully.
I have tried another setup:
Instead of using apache web server for the reverse proxy website, i tried to use different server but this time its hosted in IIS, windows server 2016 and setup the same thing (same SSL certificate, same content). When i try to access this in safari ios (https & http), the page was loaded successfully.
I am guessing that there is an issue in reverse proxy that points to the apache web server when accessing via https in safari ios. It's really weird and i don't know what is really the issue here because when i try to access a normal website that is hosted in IIS along with the reverse proxy, i can access them successfully.
I hope you guys can help me in this issue.
This is the website url: https://www.investagrams.com/daily/ (you can also test them --- try to access in ios safari it would fail, and other browser --- all successful).
I did some research and this happens because iOS 11 is improperly negotiating a HTTP/2 TLS connection and the connection fails. Microsoft has a fully supported workaround, which disables HTTP/2 TLS connections.
More information about the issue can be read here: https://www.essential.exchange/2017/09/18/ios-11-about-to-release-things-to-be-aware-of/
Workaround
Disable HTTP/2 until its fixed by Apple.
To enable or disable HTTP/2, follow these steps:
Start regedit (Registry Editor).
Move to this subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
Set DWORD type value EnableHttp2Tls to one the following:
Set to 0 to disable HTTP/2
Set to 1 to enable HTTP/2
Restart the computer.
Reference: https://support.microsoft.com/en-us/help/4032720/how-to-deploy-custom-cipher-suite-ordering-in-windows-server-2016
I'm using Mikrotik device to make a Hotspot service and using Freeradius running on Centos server ( running on different server ) for AAA ( Authentication , Authorization and Accounting )
Now, What i need is to log every single website that certain user visited ( monitoring web surfing )
actually, I i don't know if it is possible with Freeradius or using Mikrotik services
This can be done with a web proxy.
You can use either integrated mikrotik proxy feature by enabling proxy (https://wiki.mikrotik.com/wiki/Manual:IP/Proxy#Transparent_proxy_configuration_example) and log proxy activity (https://wiki.mikrotik.com/wiki/Manual:System/Log#Example:Webproxy_logging).
You can use also proxy program like Squid on your CentOS box to save CPU and storage resources on your Mikrotik router.
Another option, you can also use a program called "conntrack" on your CentOS to, as the name says, keep track of all connections. This can include any connections, not only HTTP requests. Of course, all internet traffic must pass through the CentOS box.
I am working on blackberry Push Notification and facing a big issue while registering from the device. I'm getting the Exception:
Java.io.IOException:Network operation(Subscribe)failed. Make sure that Content Provider Url is accessible..
I go through this guide and set up all things according to it.
However I am unable to register. My tomcat server is running and I can access content provider URL from my computer and the same from device's browser.
PC URL is: https:/loaclhost:8443/sample-push-initiator
I changed local host to IP address of my Computer. and can access it over WiFi.
Please help me regarding this.
Your push initiator URL must be publicly accessible from the internet to be accessible from your device. Using localhost or any local IP address (e.g. 192.168.0.2) won't work.
You'll have to set up your router to forward traffic on port 8443 to your PC's local IP.
You should ensure that this URL is accessible from your blackberry normal web browser (not the hotspot browser) before trying with the sample push app.
I am currently developing a client server app , but i want to clarify some information about the following.
What must be my idtcpserver binding IP adress (127.0.0.1 ,192.168.1.1 or my public IP)
I checked it using IPconfig it replied me 192.168.1.1 ;but i have connected to the internet using my home adsl router(single port).
I have assigned my client application with
idtcpclient.host := my public IP address
the application is working well when i assign both with 127.0.0.1 // as both are in the local machine
How to make my application work over the internet.When i try to connect over the internet the client is replying me
Socket error #10061 connection refused.
but my kaspersky network monitor is showing that my port is opened my myapplication (I set it to 6000)
original project
sourceforge
You don't need to create a binding on the server machine. Just assign the default port. At run time, a single binding will be created with that port and a blank IP address.
When you connect to your network from the outside using the external IP address, you are actually connecting to your router (or other hardware). You should be able to tell your router that traffic received on a specific port will be directed to an internal IP address.
I have a handful of servers running on my internal network, and this is how I make them available from the Internet.
You mention that you have a DLink router. If it works the same as mine:
Using your favourite web browser, open the router's settings page.
I think the default address is http://192.168.0.1. User name is "admin" with no password.
Click the Advanced tab and select Virtual Server.
The virtual server settings are pretty straight forward.
Assume that you have complete programmatic control over a wireless router (running say OpenWrt or DD-WRT - linux). The router is configured to broadcast an ssid, and the network is wide open.
A mobile user (iPhone/Android/BB) walks up.
1) on iPhone, if the device is not currently wifi connected, a dialog appears that offers to connect to available SSIDs. The user picks my ssid and connects. Is there a way, from my router (say using Bonjour or ??) to trigger the iPhone to launch the web browser and try to load the home page, or an autoconfig url automatically?
2) any different answer for Android/BB?
The reason is that in a 'walled garden' application I need to be able to pop up a greeting page and don't want the user to have to fumble around loading a default page first.
Any and all thoughts appreciated!
Thanks
RM.
Update - I think the answer may lie in either 802.21 or UMA. I read somewhere that ATT uses this with iPhones for authentication.
On iPhone there is a switch called 'autologin' when connecting to a wifi gateway. If you turn that on, the iPhone sends an HTTP request, and receives a redirect from my hotspot, and then I send the welcome page. (the spot is totally open). Problem is that iPhone seems to be waiting for something specific - it doesn't change from '3G' to wifi and may eventually time out. Also it still displays the 'Login' banner docked to the top of the window.
Anyone know of documentation for the frames I need to send to do a proper autologin?
What you're describing is a captive portal system (hotspot, walled garden, etc). This functionality can be implemented with several application on openwrt. Check out another answer for details on each specific option offered in openwrt Answer.
There are a few common techniques to implement a captive portal
HTTP 302 Redirect
The most common technique is to simply block all out bound traffic on the network and then redirect any port 80 traffic to your own portal page, either local or remotely hosted. This portal page would then provide the means to "authenticate" the user (by poking a hole in the firewall). There are layer 2 methods such as chillispot which provide all the same functionality and can be authenticated against a radius server if you wanted to get fancy.
DNS Rewrite
Another technique is to use dns rules to rewrite any dns query to resolve to your own webserver which will then present the user with a login page, once the user has "authenticated" you simply updates their dns, or allow the dns request from that user to pass upstream.
IP Redirect
This technique often times overlaps a bit with the HTTP redirect. Essentially you redirect their requests to a new destination IP. You could setup a squid proxy to then handle these requests.
Both iOS and android devices will detect for captive portals by simply checking for a standard URI resource (eg: http://www.apple.com/library/test/success.html) and if that resource is blocked then you're offline, if that resource gets 302 or 307 redirected then it assumes there is a captive portal in place and they will open a browser. If that resource is found then they assume you are online and no browser is auto opened.
Android will open the standard browser on the phone or tablet to allow the user to authenticate. iOS devices will however open a pseudo browser which is a limited application which doesn't allow things like video playback popups etc.
The WISPr protocol I believe was originally intended for devices which do not have a web browser to accept the terms and conditions and thus allowing these devices a generic protocol to accept and authenticate against a captive portal. I'm not even sure that the WISPr protocol was ever really accepted. (perhaps they redrafted it)
(Didn't realize how old this originally was, sorry)
Ok, solved it.
The protocol is called WISPr - now version 2.0
some links
http://erratasec.blogspot.com/2010/09/apples-secret-wispr-request.html
and traces
http://coova.org/node/4346
HTTP 302 Redirect
The most common technique is to simply block all out bound traffic on the network and then redirect any port 80 traffic to your own portal page, either local or remotely hosted. This portal page would then provide the means to "authenticate" the user (by poking a hole in the firewall). There are layer 2 methods such as chillispot which provide all the same functionality and can be authenticated against a radius server if you wanted to get fancy.
// Working on creating a wifi Hotspot, which would automatically trigger mobile browsers(directly to my shop's link) when the mobile device is connected to the wifi.. This would serve as an interesting factor to user's, get noticed something special about our Hotspot when they cross across it..
I think what you're looking for is the ability to create a standard wifi "hotspot".
There are several very good tutorials online about how to do this, several using DD-WRT.
For example, check out this one: http://www.hotspotsystem.com/en/hotspot/install_guide.html
which gives some examples.