I have two servers , on the first one my website is running, the user interacts with.
The second one creates certain files which should be downloaded by the user, but the user shouldn´t know about the second server.
Another little problem: my second server uses htaccess
Client <---> Webserver <---> File Server
How can I perform a download over the first server, where the file actually comes from the second one, without making the url to the second server public?
Your client uploads an file like this.
<form action="#" method="post" enctype="multipart/form-data">
<input name="file" type="file" />
<button type="submit" name="send">Send</button>
</form>
Then you could work with that.
<?php
// Deny access from all except your first (file) server
$publicDir = '/srv/www/private/';
$fileName = basename($_FILES['file']['name']);
$filePath = $publicDir . $fileName;
if (move_uploaded_file($_FILES['file']['tmp_name'], $filePath))
{
shell_exec("ssh www-data@file-server-ip 'cd /srv/www/mypath && wget \"http://srv/private/" . $fileName . "\"' 2>&1");
}
Using mogilefs, install on file server and use on webserver. So you can add really simple the file to your "mogilefs" which contains your file server. Later you could add more servers without problems.
On linux you could mount a path (eg /mnt/fileserver) to your file server. Then you could give www-data the permissions to write to the directory. And then you could move_uploaded_file to the mounted directory.
In this case you could work with this files easily.
Got it working now
$file = "myURL"
$htaccessLogin = "user:password"
set_time_limit(0);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $file);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERPWD, $htaccessLogin);
$r = curl_exec($ch);
curl_close($ch);
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
header('Cache-Control: private', false);
header('Content-Type: application/force-download');
header('Content-Disposition: attachment; filename="'myfile.zip"');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . strlen($r));
header('Connection: close');
echo $r;
Are you using Apache?
try mod_proxy Apache documentation
ProxyPass /foo http://foo.example.com/bar
ProxyPassReverse /foo http://foo.example.com/bar
/foo is the path on server1 (where this config is placed) and delegates its requests to server2
With this you can setup something like this
http://server1.tld/download/file => server2.tld/file
without the user seeing the url of server2
I use this mainly to provide a port proxy. I have a service running on a port other than 80 and i'd like to have it available on http standard port.
Best, André
added http basic auth possibility
found here
you also have to add the following lines to your apache config, best next to the proxy rules.
<Location /foo>
RequestHeader set Authorization "Basic dXNlcm5hbWU6cGFzc3dvcmQK"
</Location>
the hash behind Basic will be generated with this command (the -n is needed to prevent a linefeed from being added to the base64 output):
> $ echo -n "username:password" | base64
dXNlcm5hbWU6cGFzc3dvcmQK
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.