Jump to content

[SOLVED] PHP using 127.0.0.1 as local

random1

By random1
in PHP Coding Help

 Share

Recommended Posts

random1 Advanced Member

random1

Posted
Posted

I have some code that handles times for updating and maintenance for a website that denies access by any users other than the local one (127.0.0.1).

 

Is there a way as a user to 'fake' being the 127.0.0.1 visitor? Is there a better way to "forbid access to anyone but the local server"?

Link to comment
https://forums.phpfreaks.com/topic/142204-solved-php-using-127001-as-local/
Share on other sites
corbin Regular Member

corbin

Posted
Posted

It is technically possible to fake an IP address (infact, that's the method used in some attack -- don't remember it's name).  Your computer would reply to 127.0.0.1 though, so there is no security problem with relying on your local IP.  A black list with IPs is much harder to do than a white list though because of proxies and what not.

sKunKbad Advanced Member

sKunKbad

Posted
Posted

Dont know if this is a confirmation, but these are my notes for tunneling in to my phpmyadmin via Putty:

 

XXXX is some random port #

 

Putty can be used on a windows machine, or SSH Tunnel Manager (SSHTM) can be used on a Mac. The trick to getting this to work is to tell Putty or SSHTM to make an SSH connection to the server, same way you normally would, but to do a port forward from XXXX to localhost:80. Then all you need to do is go to firefox and tell it to connect to the internet through localhost:XXXX.

 

Mac console:

ssh -N -p 22 -c 3des admin@mysite.com -L XXXX/localhost/80

 

So, I'm pretty sure in this case, your script/apache would recognize the IP as 127.0.0.1. I'd have to check my server log to be sure.

corbin Regular Member

corbin

Posted
Posted

Dont know if this is a confirmation, but these are my notes for tunneling in to my phpmyadmin via Putty:

 

XXXX is some random port #

 

Putty can be used on a windows machine, or SSH Tunnel Manager (SSHTM) can be used on a Mac. The trick to getting this to work is to tell Putty or SSHTM to make an SSH connection to the server, same way you normally would, but to do a port forward from XXXX to localhost:80. Then all you need to do is go to firefox and tell it to connect to the internet through localhost:XXXX.

 

Mac console:

ssh -N -p 22 -c 3des admin@mysite.com -L XXXX/localhost/80

 

So, I'm pretty sure in this case, your script/apache would recognize the IP as 127.0.0.1. I'd have to check my server log to be sure.

 

 

That's not a security vulnerability though.  The request would come from localhost, yes, but the foreign user would have to have an SSH tunnel going.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.