I am trying to access a public url from the Google Cloud Platform. But each time, I am getting connection timeout error. That URL is very well opening in my browsers and on different network as well. I am using Python to make a POST request to this URL and locally it is working fine. I don't know if need to set some security measures in Google or not.
Thanks and regards
Vipendra Singh Sengar
as mentioned here How to access websites that have ip block on GCP
By default, a Cloud Run service connects to external endpoints on the internet using a dynamic IP address pool.Which is problematic if you want to access an external website that requires connections originating from a static IP address, such as a database or API using an IP address-based firewall.
So you need to get an Static outbound IP address
Related
There are websites like, "XYZ.com" and "ABC.com" and those websites can only be accessible with such a range of ip addresses.
We have public IP and using that third party website are accessible. (with only office premises we can access those website)
I have to develop a website (djangoproxy.com) in django so that I can access those third party websites from outside the public ip range.
so i plan to access those website like,
XYZ.djangoproxy.com,
ABC.djangoproxy.com
There is one condition, that access is based on only authenticated users. So I have to write code on djangoproxy.com for an authentic user. and after successfully login open a third party website in the same browser tab.
Had checked some python packages for vpn,
https://gist.github.com/Lazza/bbc15561b65c16db8ca8
Reference:
Python requests, change IP address
Can you guide me if this functionality can be developed using python code or any web-server configuration.
I am using NGINX as a web-server to host djangoproxy.com.
You can use django-revproxy for your purpose. Your Django server will sit between the client and the external website. You can add the authentication logic of Django and allow proxy for only authenticated clients.
I made a script which accesses some data from an API. The problem is that to access the API I have to visit their website and enter my IP in allowed IPs list to get the authorization key for that specific IP. There no such option to allow all IPs. Now my script is running on PythonAnywhere which is a free cloud service and doesn't provide static IP. So any idea how I can get a static IP? or maybe any other free cloud service which provides static IP. I tried Heroku too with that QuotaGuard extension but it asks for credit card details first and I don't have one.
Is there any service out there which can be accessed from any IP address and then use a private IP to get content and deliver that content to me?
If the provider doesn't support giving you a static IP, you use a proxy server.
On Heroku there we have the fixie or quotaguard addons that could help here.
My IDE is Pycharm.
I want to test my app locally, so I run my service locally and use ngrok to expose my app to Internet.
The url showed by ngrok is https://436cb7e9.ngrok.io
But when I want to verify the facebook webhook callback url use this url above, it shows
ERROR 2017-12-27 08:16:37,407 wsgi_server.py:329] Request Host 436cb7e9.ngrok.io not whitelisted. Enabled hosts are set(['localhost'])
I ran the app well before, but I don't know why this time it shows an error.
Could somebody gives me suggestion?
After a bit of digging and thanks to Brady's comment about the gcloud version, I found out that all you need to fix this is to add a flag when you run your app.
So, say you run your app locally with:
python $APPENGINE/dev_appserver.py
just change it to:
python $APPENGINE/dev_appserver.py --enable_host_checking=false
and you should not have the host whitelist errors anymore.
For more information, checkout the release notes here: https://cloud.google.com/appengine/docs/standard/python/release-notes#december_5_2017
This seems to be working fine for me on gcloud 183.0.0 and 187.0.0 (the latest version at the time of writing of this comment).
It is done via the Auth tab of your ngrok dashboard. From IP Whitelisting Tunnel Access:
You may whitelist access to tunnel endpoints on your account. The
whitelist is enforced by the ngrok.com servers. It is applied globally
to all of your tunnel endpoints. Any incoming connection to any of
your tunnel endpoints is checked to guarantee that the source IP
address of the connection matches at least one entry in your
whitelist. If a connection does not match the whitelist it is
terminated immediately and never forwarded to an ngrok client.
As a special case, if your whitelist is empty, all connections are
allowed.
Managing the whitelist
You can manage the IP whitelist on the auth tab of your ngrok
dashboard. Enter a new IP address under the "IP Whitelist" section and
then click Add Whitelist Entry. Changes to the IP Whitelist can
take up to 30 seconds to take effect.
IP Ranges
Sometimes, you may wish to whitelist an entire range of IPs. Instead
of entering just a single IP address, you may instead specify a block
of IP addresses using CIDR notation. For example, to allow all IP
addresses from 10.1.2.0 to 10.1.2.255, you would add 10.1.2.0/24 to
your whitelist.
I had a slightly different question, but google lead me here none the less, the error I had was:
"The callback URL or verify token couldn't be validated. Please verify the provided information or try again later."
When trying to connect facebooks webhook to my localhost. Turns out I needed to authenticate my ngrok agent:
https://dashboard.ngrok.com/get-started/your-authtoken
I'm trying to create an API for the Google Onhub router, but when I sniff my phone's network traffic it doesn't send to the router but to a google server IP and when I try to connect to the IP I timeout, any ideas on how I could do this?
An API already exists for the Google OnHub. Documentation is sparse, but the known URLs at present are as follows:
http://onhub.here/api/v1/status
http://onhub.here/api/v1/diagnostic-report
http://onhub.here/api/v1/welcome-mat
http://onhub.here/api/v1/connected-devices
http://onhub.here/api/v1/get-attestation-information
http://onhub.here/api/v1/get-endorsement-information
I am actually working on something that describes exactly what you said.
What you are looking for is the 'Google Home Foyer' API. It's a private service that's only used by Google's apps.
I am documenting it here. It's still in beta, however. I'm also working on an actual desktop client for it here.
I'm coming up just a little short on this. I know google has a python client library, and it also has Client Location. However, i'm at a loss on how to access Client Location via the API.
What I'm trying to do is make a desktop app Location Aware.
Is it a desktop app running in a browser ? If so, then use the W3C GeoLocation API - see https://stackoverflow.com/a/8973377/156477 and many other questions on SO.
If not, then you need a service that determines location via WiFi MAC address or an IP geolocation lookup. For the WiFi MAC address lookup, check out http://code.google.com/p/maclocate/. For an IP based lookup, MaxMind provide a service (there is a free service accurate to a city, or a paid for service if you need more accuracy). There is also a Python library http://www.maxmind.com/app/python.
Note, I haven't tried either library so I can't vouch for them. I have used the MaxMind service and it works well, with the exception of users who are on a corporate network. These users will always be reported as being located where the corporate network hub is.