1

I am able to execute calls on the server from the server. When I say calls, I mean like this. I.e. I can get the latest addresses doing something like this:

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "http://127.0.0.1:7777");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "{\"id\":\"curltext\",\"method\":\"listaddresses\"}");
curl_setopt($ch, CURLOPT_POST, 1);

$headers = array();
$headers[] = "Content-Type: application/x-www-form-urlencoded";
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}
curl_close ($ch);
print '<pre>';
print_r($result);

The problem is, I don't want to have to execute this on the server. I was hoping there would be a secure way to execute this remotely.

Can someone please tell me if this is possible? I tried opening port 7777, but still can't access it. Is it perhaps on purpose? As I can imagine this being a security problem.

Thanks!

rockstardev
  • 157
  • 8

1 Answers1

0

I got most of my answers here.

Note that HTTP basic auth sends the username and the password unencrypted as part of the request. While using it on localhost is fine in our opinion, using it across an untrusted LAN or the Internet is not secure. Hence, you should take further measures in such cases, such as wrapping the connection in a secure tunnel. For further details, read this.

So it sounds like i'll have to build a PHP wrapper myself, or use a SSL tunnel. (Not excited at all)

rockstardev
  • 157
  • 8