I have developed a web interface for a system in django, which is running on my institution server (abc.edu). So the web address for the interface is http://def.abc.edu:8000/mysystem.
I am going to submit a paper about the system in a double blind conference (reviewers should not know which institution I am from). SO, I can not put the link http://def.abc.edu:8000/mysystem in my paper, I have to hide the domain name. Is there a way to do that in django, or in any other way? Any help will be appreciated.
As stated in the comments, this is not done using Django but using a DNS. The reason is simple: when you type an address in the URL bar of your browser, it asks a DNS to which IP does the domain of the URL correspond, which Django (or any other web framework) is oblivious of. Changing your address in Django will only change the URL on links which will become invalid.
Providing directly the IP of your server, as stated in the comments, won't provide any protection of any kind because universities IP addresses ranges are well known. Finding from which university a given IP comes from is easy.
The easiest way to achieve your need would be to get (for free or purchase) a DNS which redirects to your address. Dyndns.org, noip.com and similar DNS service providers gives you some features such as embedding your website in a frame to hide its address from the URL and similar tricks. Most of these tricks are pretty easy to deceive and discover the origin URL or address, though.
You may also host your project on another server, outside your university. Depending on the requirements of your web interface, some hosts may host you for free.
Related
I have programmed in python a web application using flask. I decided to deploy it from my home with a raspberry pi which runs the code continuously. I would like it to be accessible from a web browser and for that I have thought to configure my router to redirect the requests to my server. I also took care to configure my firewall accordingly. It turns out that the application works well and is perfectly accessible by typing its public IP in my URL bar. The problem is that I can't access it using a domain name. I have rented a new one and I have configured the DNS records so that it points to my server. I tested the DNS servers and it seems that the pointing is effective. However, when I enter the domain name I don't get my web application but the page of hostinger, the hosting company where I rented the domain name. I have contacted the technical department and they assure me that the problem is not in the DNS but in the hosting, so in my python code. This leaves me perplexed because my web application is accessible from its public IP. So the code should be good.
Please do not hesitate to ask me for additional details, either on the level of my python program or on the level of my server.
Thanks in advance for your help
I have a web-based Django app where users congregate and chat with one another, under pseudonyms.
Most of the users hitting this website do so via Opera Mini. Unlike straightforward web browsers, Opera Mini has a twist that it fetches all content through a proxy server, and reformats web pages into a format more suitable for small screens.
I want to implement a banning feature in this app. Some users are terrorizing others - if I manually ban them right now, they simply return under new nicknames. Note that these users aren't very tech savvy - almost all are not more than semi-educated. My question is thus-pronged:
Is banning user IP effective when they're using proxy such as Opera Mini?
Is there any reputable Django plugin available that handles IP blocking elegantly?
If 1 doesn't hold (in which case, 2 won't either), is there any other robust method I can follow to keep out antagonistic users and protect my community?
Currently, I've given these users a "downvote" feature, muting accounts whose posts receive too many downvotes. But that is of virtually no help in flame-wars. The abuser keeps returning under new pseudonyms, undermining the whole community. Maybe I should try hellbanning, if nothing else works?
Note: I'm not an advanced programmer (more of a designer), so I'll prefer swift solutions that have a small time-to-market for someone like me.
Have a look at this section of the Opera Mini documentation. The Opera servers will be sending you an X-Forwarded-For header which contains the original IP of the client, which you can access in Django with request.META['HTTP_X_FORWARDED_FOR'].
That said, some things to bear in mind (I live and build websites in a country where Opera Mini has largest web browser market share):
It sounds like many of your users are connecting from phones. This means that they are highly likely to have dynamic IP addresses. Their IP can change frequently and if you ban one IP now it may end up blocking access for a different user a few minutes/hours later. If you do ban IPs, then it is advisable to set a fairly short timeout.
X-Forwarded-For headers are notoriously unreliable. They will often contain internal IPs and you need to filter those out. There is also no guarantee that you will get the correct upstream IP (consider cases where the user is behind a VPN/Tor node/etc). You also need to account for any reverse proxies that you may have in front of your application.
People who really want to abuse the system will find a way in. A moderation and/or reputation based system is the only way to keep their noise to a minimum.
I've set up a free account on Google App Engine, and I currently have something like this deployed:
import webapp2
class MainHandler(webapp2.RequestHandler):
def get(self):
self.redirect('http://x.x.x.x:9000/')
This works and accomplishes what I was in the basic sense but since it's just issuing a http redirect I don't get my fancy Google Domain name and it ends up being the ip address (and port) of the final server. I am aware of why this happens, but was hoping for a solution that would preserve the domain name (and leave the port hidden).
Normally for something like this, you'd just have a rewrite rule in Apache, but that only works if both URLs are hosted by that same server. When the two servers are different, you'd probably go with some transparent proxy (Squid?), but I don't have a server capable of hosting that (this is for personal use, and though my router is ddwrt, I've had no luck getting squid installed on it).
So is there a python one-liner that let's me proxy to a single address but is smart enough to mangle resource requests and send along any request headers? I've found various solutions for writing proxies in python, but they seem overly complicated because they're intended to be general purpose.
This isn't even easy to google, since the obvious keywords all bring back too many results with only slightly relevant results.
You are looking for a reverse proxy setup. Here is one that I have used before. https://code.google.com/p/bs2grproxy/
You can either setup the DNS to point your domain directly to the IP address OR you can use urlfetch.
However, please keep in mind that urlfetch has quota and limitations [1]. It might not be worth it just to have a "pretty domain/URL".
[1] https://cloud.google.com/appengine/docs/quotas#UrlFetch
I am trying to scrape a website which serves different page depending upon the geolocation of the IP sending the request. I am using an amazon EC2 located in US(which means it serves up a page meant for US) but I want the page that will be served in India. Does scrapy provide a way to work around this somehow?
If the site you are scraping does IP based detection, your only option is going to be to change your IP somehow. This means either using a different server (I don't believe EC2 operates in India) or proxying your server requests. Perhaps you can find an Indian proxy service?
I need to figure out which IP address my application is actually connecting to when it makes a urlfetch to a provided domain. My application on the production server is having problems connecting to a domain but connecting works perfectly fine using the SDK on my computer. I am trying to debug this problem and it occurred to me that Google App Engine may be resolving the domain to a different IP address than my local computer is.
If I had access to the socket library this would be as simple as socket.gethostbyname('thedomainiwant.com') but unfortunately Google does not allow the socket library on App Engine.
Any ideas?
If there is a solution that requires Java or Go on App Engine I am willing to try that too.
Update June 26, 2011:
I changed the production code to use the IP directly right away just to get this working (and it did) but this is not a good long term solution as I don't control the server I am making urlfetches to so the IP may change on me without warning.
Returned headers would not be helpful in this case because whatever IP address the production instance is resolving the domain to is not responding at all and the request times out.
If the server I am doing urlfetches to was blocking App Engine then doing an urlfetch by IP would not work either...but it does work. Also, I talked to the team managing the server and they confirmed they are not blocking App Engine. I am still pestering them for more info but it does not seem to be a problem on that end.
Update July 7, 2011:
Google has confirmed that there was a problem on their end that affected my application. They have applied a work around and are working on a fix. See here:
http://code.google.com/p/googleappengine/issues/detail?id=5244
There's currently no way to do name resolution on App Engine. You'll have to call an external service over HTTP if you want to do that.
Take a look at the response headers, you might get a HOST header back with exactly this info.
Otherwise, why not just use the raw IP's for your connections while you're diagnosing this?
You can use web services that perform DNS lookup. You can embed the address in the URL, like this:
http://www.dnswatch.info/dns/dnslookup?la=en&host=HOST_HERE&type=A&submit=Resolve
(replace the HOST_HERE) and then parse the result. Unfortunately it is HTML, but even simple regex should make it. You can also try find some service, which allows some XML output or so - there are a lot of such services, just type "dnslookup" in Google, someone might have it.