Hallo,
Ich hab mal versucht einen PHP Webproxy zu bauen. Er soll alle Seiten über meine Domain darstelen können. die url der aufzurufenden seite soll über einen GET parameter übermittelt werden, anschließend werden alle weieren aufrufe von dieser ip an meine domain automatisch zu der domain der beim ersten aufruf übergebenen url geleitet. Leider stellt sich das ganze schwieirger als erwartet heraus, ich habe bereits eine funktion die alle domains / ip im content und in den headers replaced, bevor die seite zurückgeben wird, leider funktionieren seiten die cloudflare benutzen immer noch nicht. hat irgendjemand einen plan woran diese seiten erkennen, dass es sich um einen webproxy handelt?
Das ist mein bsiheriger code:
<?php
$ownDomain = "web.tilo-behnke.de";
$servername = "db.meginder.de";
$username = "searchEngine";
$password = "SagIchNicht";
$dbname = "searchEngine";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
echo "Verbindung fehlgeschlagen: " . $conn->connect_error;
}
function addIPUrl($ip, $url) {
$data = [];
if (file_exists('ip_urls.json')) {
$data = json_decode(file_get_contents('ip_urls.json'), true);
}
$data[$ip] = $url;
file_put_contents('ip_urls.json', json_encode($data, JSON_PRETTY_PRINT));
}
function getUrlForIP($ip) {
if (file_exists('ip_urls.json')) {
$data = json_decode(file_get_contents('ip_urls.json'), true);
if (isset($data[$ip])) {
return $data[$ip];
}
}
return null;
}
function addIPGoal($ip, $url) {
$data = [];
if (file_exists('ip_goals.json')) {
$data = json_decode(file_get_contents('ip_goals.json'), true);
}
$data[$ip] = $url;
file_put_contents('ip_goal.json', json_encode($data, JSON_PRETTY_PRINT));
}
function getGoalForIP($ip) {
if (file_exists('ip_goals.json')) {
$data = json_decode(file_get_contents('ip_goals.json'), true);
if (isset($data[$ip])) {
return $data[$ip];
}
}
return null;
}
$isGivenURL = isset($_GET['url']);
$url = $_GET['url'] ?? null;
if(!$url){
$url = getUrlForIP($_SERVER['REMOTE_ADDR']);
}
if(!$url) $url = "https://example.com";
addIPUrl($_SERVER['REMOTE_ADDR'], $url);
$path = $_SERVER['REQUEST_URI'] ?? "";
$domain = parse_url($url, PHP_URL_HOST);
$url = "https://".$domain.$path;
$localIP = $_SERVER['SERVER_ADDR'];
$clientIP = $_SERVER['REMOTE_ADDR'];
$goalIP = null;
if(!$goalIP) $goalIP = getGoalForIP($clientIP);
if(!$goalIP) $goalIP = gethostbynamel($domain)[0];
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST)) {
$neuerEintrag = $conn->prepare("INSERT INTO post (url, json, ip) VALUES (?, ?, ?)");
$json_encoded = json_encode(array("post" => $_POST, "get" => $_GET));
$neuerEintrag->bind_param("sss", $url, $json_encoded, $_SERVER['REMOTE_ADDR']);
$neuerEintrag->execute();
}
$conn->close();
$allowedHeaders = array(
"host"=>true,
"connection"=>true,
"cache-control"=>true,
"sec-ch-ua"=>true,
"sec-ch-ua-mobile"=>true,
"sec-ch-ua-platform"=>true,
"upgrade-insecure-requests"=>true,
"user-agent"=>true,
"accept"=>true,
"accept-language"=>true
);
$blocked = "";
$headers = getallheaders();
$modifiedHeaders = [];
foreach ($headers as $name => $value) {
if($goalIP){
$name = str_replace($localIP, $goalIP, $name);
$value = str_replace($localIP, $goalIP, $value);
}
$name = str_replace($clientIP, $localIP, $name);
$value = str_replace($clientIP, $localIP, $value);
$name = str_replace($ownDomain, $domain, $name);
$value = str_replace($ownDomain, $domain, $value);
if(!isset($allowedHeaders[strtolower($name)])){
$blocked .= $name."; ";
continue;
}
if ($name === 'Host') {
$modifiedHeaders[] = "Host: $domain";
} else {
$modifiedHeaders[] = "$name: $value";
}
}
$cookies = [];
foreach ($_COOKIE as $cookieName => $cookieValue) {
$cookieName = str_replace($ownDomain, $domain, $cookieName);
$cookieValue = str_replace($ownDomain, $domain, $cookieValue);
$cookies[] = "$cookieName=$cookieValue";
}
$cookieHeader = "Cookie: " . implode('; ', $cookies);
$modifiedHeaders[] = $cookieHeader;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $modifiedHeaders);
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST)) {
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($_POST));
}
$response = curl_exec($ch);
$headers = curl_getinfo($ch);
curl_close($ch);
$content = $response;
function replaceURLs($content, $ownDomain) {
return preg_replace_callback(
'/(https?:\/\/[a-zA-Z0-9.-]+\.[a-zA-Z]{2,6}(?:\/[^\s]*)?)/',
function ($matches) use ($ownDomain) {
$url = $matches[1];
$parsed_url = parse_url($url);
if ($parsed_url === false) {
return $url;
}
if (isset($parsed_url['scheme']) && isset($parsed_url['host'])) {
$scheme = $parsed_url['scheme'];
$host = $parsed_url['host'];
$path = $parsed_url['path'] ?? '';
$query = $parsed_url['query'] ?? '';
$fragment = $parsed_url['fragment'] ?? '';
if($host === $ownDomain) return $url;
$query = $query ? '?' . $query . '&url=' . urlencode($scheme . '://' . $host) : '?url=' . urlencode($scheme . '://' . $host);
$fragment = $fragment ? '#' . $fragment : '';
$replacement = "https://" . $ownDomain . $path . $query . $fragment;
return $replacement;
} else {
return $url; // Ignoriere URLs ohne Schema oder Host
}
},
$content
);
}
if(!isset($_SERVER['HTTP_REFERER']) || $isGivenURL) $content = str_replace($domain, $ownDomain, $content);
$content = replaceURLs($content, $ownDomain);
foreach ($headers as $key => $value) {
if($key === "primary_ip"){
$goalIP = $value;
addIPGoal($clientIP, $goalIP);
}
$key = str_replace($localIP, $clientIP, $key);
$value = str_replace($localIP, $clientIP, $value);
if($goalIP){
$key = str_replace($goalIP, $localIP, $key);
$value = str_replace($goalIP, $localIP, $value);
}
$key = str_replace($domain, $ownDomain, $key);
$value = str_replace($domain, $ownDomain, $value);
header("$key: $value");
}
header("amb: $blocked");
echo $content;
Alles anzeigen
Vielen Dank für eure Hilfe!