Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Angelxalfa2015-04-02 16:35:15
PHP
Angelxalfa, 2015-04-02 16:35:15

Accessing a script on the local network?

Hello!
Situation:
There are two servers, let's call them 1 and 2
1 - it has Internet access, it hosts a website, and it is aimed at interacting with website users. It works on a bunch of LAMP. The site is powered by Wordpress.
2 - does not have access to the Internet, but is connected to server 1 locally. It is running Linux+Apache+php+postgress. The database contains highly sensitive and confidential information.

The idea is as follows - the user of the site accesses serv.1 and wants to get some of his information from the database ->
clicks the get button ->
an AJAX script is launched, which sends certain identification and authorization data to the php script on serv.2 via the post or get method (via locale) ->
the script checks the authorization data, clears the request from possible injections and, according to the identification data, takes information from the database and feeds it to the AJAX script on serv1->
The latter displays it on the user's screen.

Why such hemorrhoids? In order for the database with important information not to be directly accessible from the Internet, and in case of a possible hacking of the site, it was not stolen.

So the question is - How can I use an AJAX script from serv1 to a php script on serv2? How can I find the path to this script?
And in general, advice is needed - is the scheme working? And in reality, does it provide such tough base protection as it seems in theory?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
A
Adamos, 2015-04-02
@Adamos

If your external server is hacked, it is unlikely that anything will prevent the hacker from leaving it in the local area.
No matter how it turns out that by building non-standard solutions, you really do not benefit from them except for a headache.

Report
F
FanatPHP, 2015-04-02
@FanatPHP

The AJAX script is not accessing from the server.
It is impossible to access server 2
with an AJAX script In order to be able to access server 2 with an AJAX script, it must have access to the Internet.
That's right, for starters.

Report
S
Sergey, 2015-04-02
@serzik

did this with fopen

Report
M
Mike, 2015-04-02
@Mike77

not ajax but jsonp
stackoverflow.com/a/6879276
But, IMHO this is nonsense) just set the configs correctly, don't be paranoid

Report
S
ShamblerR, 2015-04-03
@ShamblerR

damn man, tell me honestly, how do you like this layout of the
frontend apache all things, the database is connected as
host: vasya.pupkin.vasiliy.vasya.vaska.loh
and 192.128.4.5 is registered in the host file, you can stupidly use the internal ip
as a result, you get
1 .when receiving a host login and password, you can connect to them, as you understand, only from a local machine, because Ip is gray
2. database no crutches
3. what else do you need for a good life?

Similar questions
M
MrLumusss2022-01-12 20:01:57
Is it possible to enable XMP if some dice don't support it? 4Reply
S
sinout2017-04-05 02:08:24
Does it make sense to use Immutable along with React? 4Reply
D
deadmemoras2016-06-18 10:28:34
Work abroad without experience? 10Reply
I
ITpie2021-03-25 20:16:06
How to make docker to test python code with certain libraries? 3Reply
P
Petr2016-06-23 10:33:40
Convert from HTML to PSD? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question