Given the following URL: htttp://domain/index.php, where index.php is the main webpage in a joomla server. I want to get the URL with the IP format, http://IP/index.php. I've tried that with several Joomla servers without success. What is it happening?
I will try to keep this answer simple, yet understandable.
The relation between Internet domains and IP address is not necessarily one-to-one.
In shared hosting, a single IP address may be used by several domains (or hostnames).
A Host header, which is a part of the HTTP standard, is sent with the HTTP request. This allows the server to determine which site to serve.
When you are trying to access a domain for which you don't know the IP, DNS lookup is performed, which provides the requested IP address.
A HTTP request is then sent to that IP with a Host header with the hostname (which contains the domain name).
If you are trying to access the ip directly, for example by typing in a web browser's address bar, the value of the Host header will be the IP itself and the server will have no indication what domain you actually want.
It is possible to set up a default behavior for cases where the IP address is directly accessed, but it is highly likely that a shared host will not allow you to set it yourself.
Related
I'm trying to figure out whether a website I use was hacked.
When I access the site via www.site-name.com, I'm taken to the website.
However, when I access the site without the "www," i.e. site-name.com, I'm taken to a different website.
Why is this happening? I did a little research and my only guess is that someone changed the site's .htaccess file, but that seems unlikely, as the different website has no relation to the official site.
Can someone help me understand what's going on here?
One IP address can host multiple websites with different hostnames using Virtual Name Hosting.
The HTTP server will look at the Host header in the request to determine what site to use for a given request.
This lets you have one IP address serving example.com and example.net.
Typically, the first Virtual Name Host will be the default, so if you were to ask for example.org the server would not recognise it and give you example.com instead.
In this case, it appears that the server has a Virtual Name Host configured for www.site-name.com but not for site-name.com so requests for site-name.com get the default site for the server.
Lets say I use DNS to configure ftp.mysite.com to my site's IP, I want to give clients the credentials to use the ftp site. Can I give them the URL (ftp.mysite.com) OR should I give then the IP directly (even though the URL points to that IP).
Am I risking compatibility issues of some sort?
Do not use an IP address, always use a domain name. A domain name is less likely to change and carries more information than an IP address.
While a domain name is indeed just an alias to an IP address, a single IP address can be used for multiple domains. This is common with virtual hostings.
In this case, an IP address may not carry enough information. This more common with HTTP, where a domain name, that is otherwise lost in domain-to-IP resolution, is provided to an HTTP server using Host: HTTP header.
FTP protocol has a similar mechanics, the HOST command. But as that command was introduced relatively recently, it is actually quite rare that an FTP server relies on this. Even on shared hostings, a domain is usually included in an FTP username to allow even FTP clients, that do not (yet) support the HOST command.
See also Do the SSH or FTP protocols tell the server to which domain I am trying to connect?
there is no deference. you can give either you IP or your domain name. once people have the domain, they can get your IP very easy.
the domain can be better choice in case the IP is going to be changed.
Most FTP servers are hosted on port 21 (or 22 for SFTP).
ftp.mysite.com usually points to localhost:21 or localhost:22
So there is no difference, except for the ports.
I understand that if I want customers to be able to use a custom domain that points to their space at customer.mysaasapp.com, they must define a CNAME record that aliases the canonical customer.mysaasapp.com domain.
What I don't understand is how this alias persists across requests. For example, if the customer site links to its resources, how does it know whether to link to the customer.mysaasapp.com/videos domain vs the customclientdomain.com/videos resource? I don't want the true subdomain to show up in the navigation bar as soon as a link is clicked. How is this handled?
Let me try to explain it for you. As you already know CNAME are canonical names for another domain.
As you know when we hit a domain in browser address bar. Browser asks the DNS (domain name server) where to send the request. DNS matches the domain name and sends the IP address back to browser and browser hit those IP address to get the response.
But when we want multiple sites to be served from same IP address which is the case in SAAS app. We can define CNAME for each client. Which is alternative to IP mapping.
So when browser asks the DNS about the address for the provided host url. DNS sends back the actual domain name/path and tell's the browser that it's the right address to ask.
So now browser sends the request to actual domain behind the scene and sets the HOST header to the provided address which user entered. (customclientdomain.com/videos for your case).
Now the server knows which host was provided by the user and responds accordingly.
From next request onward Browser does the magic and give you a mimic that it's a totally new website.
All of the modern browser including WGET , CURL also handles this.
Here is a link with more details.
If we have something like this url:
https://www.example.com/Some/Page/index.html?id=15
I know that example.com will be sent as plain text, but /Some/Page/index.html?id=15 is sending securely.
Now, my question is, if we have something like this:
https://somesubdomain.example.com/Some/Page/index.html?id=15
May attackers know that I'm visiting somesubdomain.example.com? or they just can know I'm visiting example.com?
In other words, is subdomain part of url sending securely?
If the client is using Server Name Indication (most modern web browsers/platforms do), the host name (not the rest of the URL) will be visible in clear in the handshake in the server name indication extension, so both www.example.com and somesubdomain.example.com will be visible.
If the client isn't using SNI, an eavesdropper would still see the server certificates and the target IP address(es). Some certificates can be valid for multiple host names, so there may be some ambiguity, but this should give a fairly strong clue to the eavesdropper.
In addition, the same eavesdropper might be in a position to see the DNS requests (unless you've configured the hosts explicitly in your hosts file perhaps).
In general, you shouldn't assume that the host name you're trying to contact is going to be hidden. Whether it's a subdomain isn't relevant, it's the full host name as it's requested by the client that matters.
When using https all traffic between http client and server is encrypted. That does not mean it is safe, but it is encrypted according to what you refer here. Something a network sniffer can see is the ip address you communicate with. That is regardless of what network name had been resolved to that address.
Simply try yourself and use a network sniffer. I recommend wireshark.
I'm using the Play Framework which uses http://localhost:9000 by default. I'm also trying something with Twitter and it needs to use a callback url for authentication, but Twitter won't accept http://localhost:9000 as a callback URL.
How can I configure my localhost to map to something like http://mylocal.loc, (similar as with an Apache vhost), instead of http://localhost:9000?
The problem is that the URL needed to be entered in the following format:
http://127.0.0.1:9000/twitter-callback
The above works perfectly as a Twitter callback address.
Twitter isn't trying to access localhost directly, it simply takes the above address as far as I understand, sticks it into the HTTP response header, prompting whichever browser being used to perform a straight forward 302 redirect.
The following blog post had some invaluable information in regards to this question:
http://www.tonyamoyal.com/2009/08/17/how-to-quickly-set-up-a-test-for-twitter-oauth-authentication-from-your-local-machine/
The reason that twitter can't use localhost as a callback url is because localhost is a redirect to your computers loopback interface. In other words, localhost is always the computer that you're on. In order for other computers (including twitter) to access your host, you need to use an external IP address, or a hostname.
To get your IP address, visit whatsmyip. This will tell you your external IP address (which other computers on the internet can access). If you have a static IP address, you can purchase a domain name, or get a free one from something like no-ip or dyndns to make it easier to remember and type. You'll need to point a DNS record from that domain to your IP. You'll also probably need to do some port forwarding and stuff to get it to go to your computer on port 9000, rather than your router (dependent on your network setup).
Possibly an easier option would be to obtain a free hosting/domain service whilst you're testing.
EDIT: josef's problem was not related to the absence of internet access to his local server, see his own answer for what was going on and a solution. This answer handles the case where a local server needs to be visible from the internet.
localhost, aka 127.0.0.1 is the name that on each computer points to the computer itself. So Twitter looks at itself, obviously doesn't see the service, end of story.
If your computer is connected to a local network, most likely that network is NATed and using private addresses like 192.168.x.x, 10.x.x.x or 172.16x.x.x. These addresses are private (not known outside of the local network because not routed on the internet), so that doesn't help you either.
What remains is your public IP address, ie the address your router gets from your ISP. Via DNS you can map that address to a name, a free service that allows you to map a fixed name also to a variable address is DynDNS.
But wait, there is more! Your router protects your network by not allowing traffic originating OUTSIDE the private network IN, unless you define some forwarding rule in the router, in your case a rule that forwards incoming tcp traffic on port 9000 to your machine's port 9000.
Once all that has been taken care of, your computer will be accessible from the outside, and your callback should work.
Edit your hosts file and add the following line:
127.0.0.1 mylocal.loc
For Windows, it is located in C:\Windows\System32\drivers\etc\. On *nix, you can find it in /etc.