Our partners have whitelisted our server IP so we can send them cURL requests with new client data but their CRM returns Error: IP address of a connected platform is not allowed
probably because the headers contain a CloudFlare IP rather than the real IP of our server which we asked to whitelist.
Is there a way to reveal our real server IP with a cURL request?
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://clients.domain.com/api');
curl_setopt($curl, CURLOPT_POST, TRUE);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$res = curl_exec($curl);
return $res;
Tried this with no success:
curl_setopt($curl, CURLOPT_HEADER, FALSE);
curl_setopt($curl, CURLOPT_INTERFACE, '1.1.1.1');
And:
curl_setopt($curl, CURLOPT_HTTPHEADER, array("REMOTE_ADDR: 1.1.1.1, HTTP_X_FORWARDED_FOR: 1.1.1.1"));
EDIT: their logs show an IPv6 IP instead of the IPv4 server IP and it looks like this: 2a02:7aa0:1201::xxxx:xxxx
after some investigation it appears that this IPv6 IP is hosted by out hosting company and after whitelisting it everything started working. Any thoughts on why cURL send out some strange IPv6 instead of real server IPv4?
yeah well, if clients.domain.com
is going through CF's proxy, then you could connect directly to the server, and probably just fake the host header. as of PHP 7.0.7, this can be done as
curl_setopt_array($ch,array( CURLOPT_URL=>'http://clients.domain.com/api',//to set the host CURLOPT_CONNECT_TO=>'::8.8.8.8:80' ));
- but replace :80
with :443
if you're connecting with httpS
and replace 8.8.8.8
with the real server's IP (not the cloudflare IP)
or if you're not on PHP 7.0.7+ yet, in older versions, you can do
curl_setopt_array($ch,array( CURLOPT_URL=>'http://8.8.8.8/api', CURLOPT_HTTPHEADER=>array('Host: clients.domain.com') ));
(again, replace 8.8.8.8
with the real server's IP, not the cloudflare IP) to set the host header manually. im not sure that will work properly with http Location redirects and CURLOPT_FOLLOWLOCATION, though, so you might have to handle Location http redirects manually
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.