Limiting what IP curlopt_interface can use per client

crspyjohn · Apr 30, 2013

I'm having a problem where my customers are able to bind their php scripts to any IP address assigned to the server. Is there a way to limit which IP address can be used for outgoing network connections per account? Ideally, I would like to limit them to the shared server IP and their dedicated IP address...

// Set IP for outgoing network connection
$IPS = Array('199.167.133.17','199.167.133.20','199.167.1 33.21','199.167.133.22');
srand(time()); //seed start of PRNG
$ip = $IPS[ rand(0, count($IPS)-1) ];

$toSet[CURLOPT_INTERFACE] = $ip;

chatwizrd · May 1, 2013

Use a firewall.

crspyjohn · May 1, 2013

chatwizrd said:
Use a firewall.

Could you explain a little bit more? I'm not sure how to limit CURLOPT_INTERFACE with the firewall.

chatwizrd · May 1, 2013

http://linuxpoison.blogspot.com/2010/11/how-to-limit-network-access-by-user.html

crspyjohn · May 1, 2013

chatwizrd said:
http://linuxpoison.blogspot.com/2010/11/how-to-limit-network-access-by-user.html

Thannk you! Any reason why DirectAdmin doesn't do this by default?

nobaloney · May 2, 2013

DirectAdmin runs on both Linux and FreeBSD, and since the firewall methodology is completely different, leaves firewalling to the administrator, depending on which OS he or she selects.

Jeff

Limiting what IP curlopt_interface can use per client

crspyjohn

Verified User

chatwizrd

Verified User

crspyjohn

Verified User

chatwizrd

Verified User

crspyjohn

Verified User

nobaloney

NoBaloney Internet Svcs - In Memoriam †