1 Topic by ripat

  • ripat
  • Junior Member
  • Offline
  • From: Belgium
  • Registered: 2008-01-22
  • Posts: 6

Topic: base URL, intranet only and limited external access

I just installed PunBB on a intranet. From inside that intranet the forum is accessed with the internal host name. Base URL is that internal host name.

No problem so far, at least locally. But...

As it is an intranet only forum, access is restricted in a .htaccess to the locale IP's (192.168.10.0/8) and to my own external IP.

I can access the forum with it's external IP (no host name, just a fixed IP) but, as soon that I want to do some changes I get the infamous "Bad HTTP_REFERER." message. And I can't use the fixed (external) IP as the access is restricted to the local IP's.

Any work around without removing the base URL protection?

2 Reply by yemgi

  • yemgi
  • Senior Member
  • Offline
  • From: Crawley, West Sussex
  • Registered: 2007-04-10
  • Posts: 254

Re: base URL, intranet only and limited external access

You can setup a reverse proxy on your LAN then connect to your forum via this reverse proxy or maybe remote access to a local machine and then access to the forum via this machine

Powered by FluxBB

yemgi's Website

  • From: Leuven, Belgium
  • Registered: 2005-06-14
  • Posts: 2,653

Re: base URL, intranet only and limited external access

You could also look into setting up multiple base URLs.

4 Reply by ripat

  • ripat
  • Junior Member
  • Offline
  • From: Belgium
  • Registered: 2008-01-22
  • Posts: 6

Re: base URL, intranet only and limited external access

elbekko wrote:

You could also look into setting up multiple base URLs.

And how and where can I define this?

  • From: Leuven, Belgium
  • Registered: 2005-06-14
  • Posts: 2,653

Re: base URL, intranet only and limited external access

Let's see...

Open functions.php
Replace

function confirm_referrer($script)
{
    global $pun_config, $lang_common;

    if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
        message($lang_common['Bad referrer']);
}

With

function confirm_referrer($script)
{
    global $pun_config, $lang_common;
    
    $baseurls = array(
        'url1',
        'url2');
    $bad = true;
    
    foreach($baseurls as $baseurl)
        if (preg_match('#^'.preg_quote(str_replace('www.', '', $baseurl).'/'.$script, '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
            $bad = false;
    
    if($bad)
        message($lang_common['Bad referrer']);
}

Note that it's untested and you can't use the admin config setting anymore.

6 Reply by ripat

  • ripat
  • Junior Member
  • Offline
  • From: Belgium
  • Registered: 2008-01-22
  • Posts: 6

Re: base URL, intranet only and limited external access

Thanks elbeko, as you anticipated, it works fine as long as you don't update the admin options.

To avoid this, all values of $pun_config['o_base_url'] have to be changed as well. I noticed that they are stored in the cache/cache_config.php file which, in turn, is generated by the include/cache.php script.

I came up with this little work around that works fine so far:

In include/cache.php, the function generate_config_cache() generates the code that defines the config array $pun_config that is apparently used across all scripts.

// When accessed from the extranet on the external IP 123.123.123.123
$insertBaseUrl='
if (preg_match(\'#123\.123\.123\.123#\', $_SERVER[\'HTTP_REFERER\'])) {
    $pun_config[\'o_base_url\'] = "http://123.123.123.123/forum" ;
}
';

fwrite($fh, '<?php'."\n\n".'define(\'PUN_CONFIG_LOADED\', 1);'."\n\n".'$pun_config = '.var_export($output, true).';'."\n\n$insertBaseUrl\n\n".'?>');

I'll see if it works in all cases.  Thanks for your input anyway.