Re: [PHP] How to limit source IP in PHP
Sorry for the top post but I don't have my laptop with me and, well frankly I'm too tired to be arsed! I think the confusion is coming from the word bind. I don't think man people at aware of he difference between binding a socket and having it listen on the port to which it's bound. People... when you make an outgoing connect ion (using the curl functions, the socket functions, or whatever), the socket is bound to an IP and arbitrary port on the network interface over which the connection is being made. Antonio is wanting to specify which IP address on the interface is used (this is the IP address from which the other end will see the connection coming). This is not hard to understand but it's not well known that the bonding process happens to both ends of a socket connection, and from what I've seen nobody has bothered to explain that. Apache, nginx, whatever the web server is has nothing to do with the question. I hope that helps clear it up for those who are confused. -Stuart -- Sent from my leaf blower On 14 Sep 2012 21:01, "Tonix (Antonio Nati)" wrote: > Il 14/09/2012 21:19, Jim Lucas ha scritto: > >> On 09/13/2012 04:15 PM, Tonix (Antonio Nati) wrote: >> >>> >>> Jim, sorry but you did not read carefully my posts. >>> >>> Since the fist post, I ALWAYS spoke about connections a PHP script may >>> open autonomously (what you name second connection). >>> >>> I'm never speaking about listening/intercepting/using the original HTTP >>> request. >>> >> >> Then why did you bring up apache? That seems to be the source of >> confusion... >> >> > There is no confusion at all. > > When a script is executing under apache, it can do whatever it wants > (within its permissions of course), opening other sockets and making any > kind of processing and IO. It does not interphere with apache connections, > it just uses new connections. > > So, my request is clear: how to force a PHP script to bind only to > permitted IP (i.e. using directive similar to OPEN_BASEDIR). > > The answer is clear. Actually PHP cannot force a PHP script to bind only > to specific IPs. > > So I've filed a request in PHP bug's repository for examining this > possibility. > > In a multi IP apache configuration, I feel right each PHP script should > only (eventually) bind to the IP where the connection is received, or to a > permitted IP. > > Hope this helps. > > Tonino > > > > -- > --**-- > Inter@zioniInterazioni di Antonio Nati >http://www.interazioni.it to...@interazioni.it > --**-- > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > >
Re: [PHP] How to limit source IP in PHP
Il 14/09/2012 21:19, Jim Lucas ha scritto: On 09/13/2012 04:15 PM, Tonix (Antonio Nati) wrote: Jim, sorry but you did not read carefully my posts. Since the fist post, I ALWAYS spoke about connections a PHP script may open autonomously (what you name second connection). I'm never speaking about listening/intercepting/using the original HTTP request. Then why did you bring up apache? That seems to be the source of confusion... There is no confusion at all. When a script is executing under apache, it can do whatever it wants (within its permissions of course), opening other sockets and making any kind of processing and IO. It does not interphere with apache connections, it just uses new connections. So, my request is clear: how to force a PHP script to bind only to permitted IP (i.e. using directive similar to OPEN_BASEDIR). The answer is clear. Actually PHP cannot force a PHP script to bind only to specific IPs. So I've filed a request in PHP bug's repository for examining this possibility. In a multi IP apache configuration, I feel right each PHP script should only (eventually) bind to the IP where the connection is received, or to a permitted IP. Hope this helps. Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/13/2012 04:15 PM, Tonix (Antonio Nati) wrote: Jim, sorry but you did not read carefully my posts. Since the fist post, I ALWAYS spoke about connections a PHP script may open autonomously (what you name second connection). I'm never speaking about listening/intercepting/using the original HTTP request. Then why did you bring up apache? That seems to be the source of confusion... It is well clear for anyone with a minimum knowledge of programming in apache that only apache listens and answers from the binded port of httpd. And, of course, any program/script/binary called from apache, will return his data to apache, and apache only will send them back to the original requester. That is why your mentioning Apache confused me (and probably others). At the same time it is well clear too that each called program/script/binary may live autonomously before returning data to apache, and do whatever action it requires to do, including the opening of a network socket to an external or internal server. Your still talking about Apache... And this is true for any language, from perl to C to PHP. Only first two replies understood the initial request, all other just added confusion to the thread. Regards, Tonino Which is it that you are talking about? PHP running through Apache or a dedicated PHP script running on its own as a daemon? -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/12/2012 08:21 AM, Daniel Brown wrote: On Wed, Sep 12, 2012 at 10:18 AM, Tonix (Antonio Nati) wrote: Is PHP able to 'force' binding IP? I hoped there was an external directive I did not see, but probably this is a PHP lack. Not at all. Essentially, PHP is an interface to underlying software, OS commands, and APIs. You'd have to configure the system to bind requests, as PHP does not presently have that capability (and, to my knowledge, there's no plan to change that). Daniel, Correct me if I wrong, but you could use the stream_* functions within a process running as a daemon that can listen on a given IP:port . I do this on my php scripts right now. It accepts, processes, and responds to the client connections without the need of any other applications. And, it responds to the client from the IP & PORT that the client made the connection to. -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Are you looking to use sockets? That's the only thing I can think of when you speak of binding to an ip address/port... http://php.net/manual/en/book.sockets.php ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 14/09/2012 00:09, Jim Lucas ha scritto: On 09/13/2012 12:55 PM, Tonix (Antonio Nati) wrote: Il 13/09/2012 21:41, Jim Lucas ha scritto: On 09/13/2012 12:28 PM, Tonix (Antonio Nati) wrote: You are speaking about incoming connections, I suppose. I'm speaking about connections started from within PHP. Which is a response to the incoming connection. And so? There is no relation between the call received from Apache (which is not passed to PHP), and any connection PHP may open later. My experience has always been, with Apache and lighttpd at least, that the response comes from the IP:PORT that the request was made to. Jim, sorry but you did not read carefully my posts. Since the fist post, I ALWAYS spoke about connections a PHP script may open autonomously (what you name second connection). I'm never speaking about listening/intercepting/using the original HTTP request. It is well clear for anyone with a minimum knowledge of programming in apache that only apache listens and answers from the binded port of httpd. And, of course, any program/script/binary called from apache, will return his data to apache, and apache only will send them back to the original requester. At the same time it is well clear too that each called program/script/binary may live autonomously before returning data to apache, and do whatever action it requires to do, including the opening of a network socket to an external or internal server. And this is true for any language, from perl to C to PHP. Only first two replies understood the initial request, all other just added confusion to the thread. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/13/2012 12:55 PM, Tonix (Antonio Nati) wrote: Il 13/09/2012 21:41, Jim Lucas ha scritto: On 09/13/2012 12:28 PM, Tonix (Antonio Nati) wrote: You are speaking about incoming connections, I suppose. I'm speaking about connections started from within PHP. Which is a response to the incoming connection. And so? There is no relation between the call received from Apache (which is not passed to PHP), and any connection PHP may open later. My experience has always been, with Apache and lighttpd at least, that the response comes from the IP:PORT that the request was made to. So, if I connect to http://10.10.10.10/ Then the response is going to come from PORT 80. You might want to run a little trafshow on your server to see how the traffic behaves. I have a number of web servers that I run, all with either apache or lighttpd, and they all behave this way. Here is the output of my http request from my office to my server: From Address To Address ProBytes CPS == 66.39.178.2..58479 66.39.167.51..80 tcp 725 12 66.39.167.51..80 66.39.178.2..58479 tcp 2720 66.39.178.2..52515 66.39.167.51..80 tcp 1303 66.39.178.2..54506 66.39.167.51..80 tcp 696 66.39.178.2..62658 66.39.167.51..80 tcp 700 66.39.178.2..65382 66.39.167.51..80 tcp 700 66.39.167.51..80 66.39.178.2..52515 tcp 545 66.39.178.2..50794 66.39.167.51..80 tcp 700 66.39.178.2..65015 66.39.167.51..80 tcp 711 66.39.167.51..80 66.39.178.2..54506 tcp 305 66.39.167.51..80 66.39.178.2..62658 tcp 305 66.39.167.51..80 66.39.178.2..65382 tcp 357 66.39.167.51..80 66.39.178.2..50794 tcp 357 66.39.167.51..80 66.39.178.2..65015 tcp 357 This is running Apache. Unless you are talking about PHP being ran from cron or the CLI. if you are talking about YOU running a PHP script as a daemon, then yes, you have the ability to BIND to an IP address. I do this in a few scripts/daemons of mine. I use the stream_* functions for this. But, if you are talking about calling fopen() from the CLI and have it "bind" to a specific IP when connecting out, that is more of a OS specific option. You will need to find out how to run a php script and have it "bind" to a given IP (or interface) when it connects to the WWW. When apache starts a php script, the script can open a socket towards another end-point, asking to bind to any local address as source address. But this is a secondary connection (that you open in process) and has nothing to do with the request connection to the server from the client. Period. Regards, Tonino -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 13/09/2012 21:41, Jim Lucas ha scritto: On 09/13/2012 12:28 PM, Tonix (Antonio Nati) wrote: You are speaking about incoming connections, I suppose. I'm speaking about connections started from within PHP. Which is a response to the incoming connection. And so? There is no relation between the call received from Apache (which is not passed to PHP), and any connection PHP may open later. Unless you are talking about PHP being ran from cron or the CLI. if you are talking about YOU running a PHP script as a daemon, then yes, you have the ability to BIND to an IP address. I do this in a few scripts/daemons of mine. I use the stream_* functions for this. But, if you are talking about calling fopen() from the CLI and have it "bind" to a specific IP when connecting out, that is more of a OS specific option. You will need to find out how to run a php script and have it "bind" to a given IP (or interface) when it connects to the WWW. When apache starts a php script, the script can open a socket towards another end-point, asking to bind to any local address as source address. Period. Regards, Tonino Hope this helps. Jim Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/13/2012 12:28 PM, Tonix (Antonio Nati) wrote: You are speaking about incoming connections, I suppose. I'm speaking about connections started from within PHP. Which is a response to the incoming connection. Unless you are talking about PHP being ran from cron or the CLI. if you are talking about YOU running a PHP script as a daemon, then yes, you have the ability to BIND to an IP address. I do this in a few scripts/daemons of mine. I use the stream_* functions for this. But, if you are talking about calling fopen() from the CLI and have it "bind" to a specific IP when connecting out, that is more of a OS specific option. You will need to find out how to run a php script and have it "bind" to a given IP (or interface) when it connects to the WWW. Hope this helps. Jim Regards, Tonino -- Jim Lucas http://www.cmsws.com/ http://www.cmsws.com/examples/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 13/09/2012 18:19, Mihamina Rakotomandimby ha scritto: On 09/12/2012 04:53 PM, Tonix (Antonio Nati) wrote: PHP script can freely choose which IP to bind. PHP doesnt bind at all. The HTTP server (Apache, Lighthttpd,...) does. PHP is called only when the HTTP server wants (you configure it that way): make Apache handle PHP on conditionnal REMOTE_HOST if possible (I did not look deep into APache documentation) PHP is like any other programming language. After it is called by apache, he can read and write files, as well as opening incoming and outgoing connections. Please check carefully http://www.php.net/manual/en/book.sockets.php. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 13/09/2012 18:16, Mihamina Rakotomandimby ha scritto: On 09/12/2012 07:02 PM, Daniel Brown wrote: So, the answer is no, PHP is not able to do that. There is an (heavy) BASEDIR directive for disk, but nothing equivalent (and simpler) for IP. That's correct. However, that doesn't mean you can't put in a feature request at https://bugs.php.net/ to see if it can be included in a future release. PHP handler is triggered depending on the request (ie: GET /dir/file.php) The HTTP transaction stil has to be initiated fisrt then. The TCP connection has been opened before the HTTP gets to Apache. No chance PHP could change the binding IP. Filing the request is IMHO technically irrelevant. You are speaking about incoming connections, I suppose. I'm speaking about connections started from within PHP. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/12/2012 04:53 PM, Tonix (Antonio Nati) wrote: PHP script can freely choose which IP to bind. PHP doesnt bind at all. The HTTP server (Apache, Lighthttpd,...) does. PHP is called only when the HTTP server wants (you configure it that way): make Apache handle PHP on conditionnal REMOTE_HOST if possible (I did not look deep into APache documentation) -- RMA. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On 09/12/2012 07:02 PM, Daniel Brown wrote: So, the answer is no, PHP is not able to do that. There is an (heavy) BASEDIR directive for disk, but nothing equivalent (and simpler) for IP. That's correct. However, that doesn't mean you can't put in a feature request at https://bugs.php.net/ to see if it can be included in a future release. PHP handler is triggered depending on the request (ie: GET /dir/file.php) The HTTP transaction stil has to be initiated fisrt then. The TCP connection has been opened before the HTTP gets to Apache. No chance PHP could change the binding IP. Filing the request is IMHO technically irrelevant. -- RMA. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 12/09/2012 17:52, Tommy Pham ha scritto: On Wed, Sep 12, 2012 at 7:18 AM, Tonix (Antonio Nati) wrote: Il 12/09/2012 16:08, Tommy Pham ha scritto: On Wed, Sep 12, 2012 at 6:53 AM, Tonix (Antonio Nati) wrote: Is there a way to force a PHP script to bind to a prefixed IP? Actually, while you can assign more IPs to Apache for listening, assigning domains to specific IPs, it looks like any PHP script can freely choose which IP to bind. Instead I'd love some domains are permitted to open connections only from the domain IP. In FreeBSD I do it easily, setting up dedicated jails for domains. But how to do it simply using PHP on Linux? Regards, Tonino Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it 1) Use Listen in Apache 2) Use VM such as KVM, VMWare, etc. 3) Make an array containing permissible domains. Check the $_SERVER['SERVER_NAME'] if exists in that array. React/respond accordingly. 1) is only for listening. 2) means a VPS for each domain, which we already do with vmware and FreeBSD jails, but it is too expensive for some customers. 3) means I'm writing the script, which is not the standard situation. You must suppose the script to be written from a malicious user in a shared environment. Is PHP able to 'force' binding IP? I hoped there was an external directive I did not see, but probably this is a PHP lack. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it 2) Previously you've mentioned that you were able to do that in FreeBSD jails. IIRC, the jails are similar to VMs in regards to isolating of environment and dedicated IP for that environment. It seems that you want something that is equivalent of jails and VM but not actual VM/jails. Are you referring to 1 application with one installed point but is used in multiple virtual domains and expect the application to act/respond accordingly to the requests for each virtual domain? Yes, I'm thinking of a low cost shared WEB hosting for people which has limited needs and don't want to spend more for a VM or a jail. In this environment, a well tailored su-exec, with different UID and group for each user, makes an excellent job for protecting disk areas, so the unique point which remains uncovered is to limit network access: * if you have internal interfaces in the same machine where you have public IPs, a web PHP application could try to use the internal address of the interface, exploring internal network (we avoid that thanks to jails). * if apache listens on a specific IP for a single domain, and listens on other IPs for others domains, it would be safe if each domain can use as source IP only the listening IP associated. In our specific case, we always use jails, so each apache is always within a jail and cannot explore other interfaces. When customers ask for dedicated IP, we setup another jail, but that means also one apache server for each domain, and it is justified only for big websites. So, it would be nice if it could exist something which could force a specific source IP or could force to use the listening IP (or both options), on any network binding operation. Of course a script could use external commands (like ping ot telnet) and escape this check, so we don't have complete security, unless we disable any network tool... but it would be a good start. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On Wed, Sep 12, 2012 at 11:38 AM, Tonix (Antonio Nati) wrote: > > So, the answer is no, PHP is not able to do that. > There is an (heavy) BASEDIR directive for disk, but nothing equivalent (and > simpler) for IP. That's correct. However, that doesn't mean you can't put in a feature request at https://bugs.php.net/ to see if it can be included in a future release. -- Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On Wed, Sep 12, 2012 at 7:18 AM, Tonix (Antonio Nati) wrote: > Il 12/09/2012 16:08, Tommy Pham ha scritto: > >> On Wed, Sep 12, 2012 at 6:53 AM, Tonix (Antonio Nati) >> wrote: >>> >>> Is there a way to force a PHP script to bind to a prefixed IP? >>> >>> Actually, while you can assign more IPs to Apache for listening, >>> assigning >>> domains to specific IPs, it looks like any PHP script can freely choose >>> which IP to bind. Instead I'd love some domains are permitted to open >>> connections only from the domain IP. >>> >>> In FreeBSD I do it easily, setting up dedicated jails for domains. But >>> how >>> to do it simply using PHP on Linux? >>> >>> Regards, >>> >>> Tonino >>> >>> >>> Inter@zioniInterazioni di Antonio Nati >>> http://www.interazioni.it to...@interazioni.it >>> >>> >> 1) Use Listen in Apache >> 2) Use VM such as KVM, VMWare, etc. >> 3) Make an array containing permissible domains. Check the >> $_SERVER['SERVER_NAME'] if exists in that array. React/respond >> accordingly. >> > > 1) is only for listening. > 2) means a VPS for each domain, which we already do with vmware and FreeBSD > jails, but it is too expensive for some customers. > 3) means I'm writing the script, which is not the standard situation. > > You must suppose the script to be written from a malicious user in a shared > environment. > > Is PHP able to 'force' binding IP? I hoped there was an external directive I > did not see, but probably this is a PHP lack. > > Regards, > > Tonino > > > -- > > Inter@zioniInterazioni di Antonio Nati >http://www.interazioni.it to...@interazioni.it > > 2) Previously you've mentioned that you were able to do that in FreeBSD jails. IIRC, the jails are similar to VMs in regards to isolating of environment and dedicated IP for that environment. It seems that you want something that is equivalent of jails and VM but not actual VM/jails. Are you referring to 1 application with one installed point but is used in multiple virtual domains and expect the application to act/respond accordingly to the requests for each virtual domain? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 12/09/2012 17:21, Daniel Brown ha scritto: On Wed, Sep 12, 2012 at 10:18 AM, Tonix (Antonio Nati) wrote: Is PHP able to 'force' binding IP? I hoped there was an external directive I did not see, but probably this is a PHP lack. Not at all. Essentially, PHP is an interface to underlying software, OS commands, and APIs. You'd have to configure the system to bind requests, as PHP does not presently have that capability (and, to my knowledge, there's no plan to change that). So, the answer is no, PHP is not able to do that. There is an (heavy) BASEDIR directive for disk, but nothing equivalent (and simpler) for IP. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On Wed, Sep 12, 2012 at 10:18 AM, Tonix (Antonio Nati) wrote: > > Is PHP able to 'force' binding IP? I hoped there was an external directive I > did not see, but probably this is a PHP lack. Not at all. Essentially, PHP is an interface to underlying software, OS commands, and APIs. You'd have to configure the system to bind requests, as PHP does not presently have that capability (and, to my knowledge, there's no plan to change that). -- Network Infrastructure Manager http://www.php.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
Il 12/09/2012 16:08, Tommy Pham ha scritto: On Wed, Sep 12, 2012 at 6:53 AM, Tonix (Antonio Nati) wrote: Is there a way to force a PHP script to bind to a prefixed IP? Actually, while you can assign more IPs to Apache for listening, assigning domains to specific IPs, it looks like any PHP script can freely choose which IP to bind. Instead I'd love some domains are permitted to open connections only from the domain IP. In FreeBSD I do it easily, setting up dedicated jails for domains. But how to do it simply using PHP on Linux? Regards, Tonino Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it 1) Use Listen in Apache 2) Use VM such as KVM, VMWare, etc. 3) Make an array containing permissible domains. Check the $_SERVER['SERVER_NAME'] if exists in that array. React/respond accordingly. 1) is only for listening. 2) means a VPS for each domain, which we already do with vmware and FreeBSD jails, but it is too expensive for some customers. 3) means I'm writing the script, which is not the standard situation. You must suppose the script to be written from a malicious user in a shared environment. Is PHP able to 'force' binding IP? I hoped there was an external directive I did not see, but probably this is a PHP lack. Regards, Tonino -- Inter@zioniInterazioni di Antonio Nati http://www.interazioni.it to...@interazioni.it -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] How to limit source IP in PHP
On Wed, Sep 12, 2012 at 6:53 AM, Tonix (Antonio Nati) wrote: > > Is there a way to force a PHP script to bind to a prefixed IP? > > Actually, while you can assign more IPs to Apache for listening, assigning > domains to specific IPs, it looks like any PHP script can freely choose > which IP to bind. Instead I'd love some domains are permitted to open > connections only from the domain IP. > > In FreeBSD I do it easily, setting up dedicated jails for domains. But how > to do it simply using PHP on Linux? > > Regards, > > Tonino > > > Inter@zioniInterazioni di Antonio Nati >http://www.interazioni.it to...@interazioni.it > > 1) Use Listen in Apache 2) Use VM such as KVM, VMWare, etc. 3) Make an array containing permissible domains. Check the $_SERVER['SERVER_NAME'] if exists in that array. React/respond accordingly. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php