Reputation: 4721
How Hide url from communication between servers
Let's suppose I've a critical php script which runs on a server. I want to access that php script from another server. I want to not only hide the communication data between the 2 servers but also the URL in order that each time i call the url it's never the same. What is the best way to achieve this behaviour?
Upvotes: 2
Views: 106
Answers (1)
Reputation: 5055
for Hiding Url, url is made up from multiple segments. and we can hide each segment as follow:
lets see the URL itself:
Scheme:://foo@host:port/pathes/querystringKey=val#fragment
so for each section you can hide hide it using an Encoding Mechanism,
By The Encoding i mean, change to something that Eve Couldnot understand what is going on.
The Scheme
can be Encoded When you using a Tunnel . Tunnel is another Protocol for Application Layer Communication which you can send your Actual Link in Tunnels Payload. for Example :
- using
sshfor transferring file is uncommon. but you can using that withscp - using a Proxy which Encrypt HTTP Headers like SOCKS 5
- using a VPN since its Tunnels every packet.
The User
Php scripts are not tend to Authenticate The User with URL User Parameter .
so it will be emitted.
The Host
The Host can be ip and domain. since it will be used by network to route your traffic.
in order to make it hide (deform) you can use a proxy to do that.
if you are worry about intruders finding out the actual Destination Host you can use Onion Routing or Garlic Routing
The Port
its simple as not using Common Ports on Client and Server . like not using 443 for https.
Path
you can use one path like index.php and pass the routing parameters in Http Header.
Since Your Payload in Header Encrypted using SSL. you are not worry for that.
but if you are worry about to not have a distinc path. you can make a random path to mislead intruders and just eliminate the random path in Servers Url Rewrire. since you get the actual in Http Header and can Route The Request.
QueryString
Query String can get into Http Header. b not Using Http Get Requests.
Fragment
in PHP Url Interpretation, Fragment Plays no Rule
Upvotes: 1
Related Questions
- PHP: Get URL when server is shielded from user
- prevent direct url access
- Safely get the URL using $_SERVER
- Allow the URL to be hit from allowed IPs machines only in PHP?
- Hide/protect URL - GET string/data
- Preventing Indirect access to website in PHP
- Secure admin system with hiding admin URLs
- .htaccess url secure
- How to hide or encode the url with some php function?
- How to protect access to a url?