Forum Moderators: coopster
Weird situation here, I'll lay out what I was thinking of doing, and am more than willing to hear suggestions...
We normally do our online collaboration on a server that we contract, however for a couple of our latest projects we need to do this on (one of) our in house server(s). Fine. Hello world, our server is public.
Problem is, during a recent relocation, due to a clusterxxck by the local ISPs we wound up with a dynamic IP address. Getting it 'fixed' (ouch!) is going to take time.
My idea was to use the login box on our website, redirecting successful logins to their correct directory on our server. In that manner, if for whatever reason we have to reconnect to the internet (and our ip changes) I can simply change the URL for the redirect.
The problem is that I am restricting access to our server with Apache, as I have no idea how I can protect a whole server with PHP. So once redirected, using this method, they have to log in again at our server, as I have no idea how to (if you can) pass the variables from PHP to Apache.
Even if this can be done it would seem to me to be a little insecure.
So:
- mipapage
Yeah, you can. Apache has mod_auth modules built in for user authentication using text files and DBM files but you'll have to go to Open Source for Mysql --> mod_auth_mysql [sourceforge.net]
I am using mod_auth on my (local) windows server, to protect the whole thing.
What happens though, is that the user would log in on our website (hosted externally on a linux box - LAMP), and then if it is one of the members of this project, they would be redirected 'here'.
Authentication on the website is done with PHP/mySQL. The $PHP_AUTH_USER and $PHP_AUTH_PW could be passed, but to what on this end if they are greeted with Apache authentication?
could I:
What I don't know is:
Can I pass the $PHP_AUTH variable from one domain to another?
I would think that the risks from #3 would be small...
Setup an account at some dynamic dns (I use dyndns.org) provider. Setup a client (again I use ddclient) and create an entry for your server that's currently dynamic. (ie mytempserver.dyndns.org)
Then create a CNAME for your real domain address (ie secure.mysite.com) and point it to mytempserver.dyndns.org.
That way you guys can go to [secure.mysite.com...] and get to your server that's on a dynamic IP every time.
You could simply use [mytempserver.dyndns.org...] if you wanted but it looks a little better if you do the CNAME thing.
ddclient will automatically check if your IP changes and if it does it will update the DNS. Process happens quite quickly and you don't have to think about it.
Then just do whatever security you were planning on directly on the server since that's where people are connecting.
daisho.
That looks really nice! I'm going to go and read more. Thanks a lot, I had no idea this existed.
- mipapage
Added - All signed up, thanks again.
