Ip Loopback Webserver Restriction Rule

[Debbie-Leigh]

Hi,

 

Has anyone else run foul of the IP loopback restriction rule that shared server hosting companies seem to have been implementing?

 

I've been told by my hosting company that it's to stop programming loops from occurring, but IMHO, there are far more common ways to create coding loops etc. that could slow a server down than calling a program on another website on the same server, which then calls back to the same program on the originating website.

 

It seems to me that this one rule can end up preventing a lot of quite legitimate web programming from happening, unnecessarily.

 

For example, you may want to park a domain on a sub-domain, which could then call a module on the main domain to retrieve some database info for display, which you would quite legitimately need to use the main domain's full url for, instead of either a relative url or a full path url - not with this rule.

 

Or you might provide a service that other websites (which could be owned by you or other people) could call from code to retrieve information to display on their pages. With the loopback rule in place, if any of the calling websites reside on the same web server as the called website, which is entirely possible with the larger hosting companies, then this won't be allowed either.

 

Of course, with enough thought, work arounds can always be found, but it just seems to me that this is an unnecessary rule too far.

 

Does anyone know how this rule came into being (e.g. was it a theoretical problem dreamt up by an academician or a real problem experienced by a hosting company) and why the hosting companies seem to be so fixated on it, when, IMHO, it is a rule that can cause far more problems than it solves?

 

Debbie

[gizmola]

I'm not really clear on what you're talking about. There's loop devices which are used in Linux to accomplish various things like creating virtual filesystems inside of files for use in virtualization, or of course there's the network Loopback device. Neither of these seem applicable to Shared hosting, which is facilitated by the sharing of an IP address amongst numerous sites via HTTP 1.1 named based vhosts. If you have a link to someplace where this restriction is explained, I might be able to offer some ideas as to what they might be protecting against, but the terminology you employed in describing the issue doesn't ring a bell.

[Christian F.]

I think he might want to do a HTTP call to a server on the same network/box that he's got his site hosted on, by using the domain (which resolved to a shared external IP). Something which the firewall blocks, or the router is incapable of routing properly.

 

Closest thing I can think of. Though, a situation I've only experienced on cheap consumer hardware. So..

Edited November 3, 2012 by Christian F.