I have a weird case where I am making http calls to my own site to save a static version of the dynamically generated page. The site is behind a WAF (web application firewall) and I'm finding it hard to identify why traffic is blocked, despite having whitelisted the server IP and the header that the Guzzle HTTP client appends when making requests.

An alternative would be to resolve the domain locally, so that instead of pointing to the CDN/WAF, it is resolved to the local Opalstack server. Due to the app configuration it is difficult to pass an alias to the HTTP client (e.g. the opalstacked.com domain for this site).

Is it possible to add a custom route or dns resolution on a shared hosting so that domain.tld points to the IP address of opalXX.opalstack.com?

TIA

  • sean replied to this.

    pecus if you want your opalstacked.com subdomain to resolve to your Opalstack server then delete the A record that you've used to point it at your CDN: https://docs.opalstack.com/user-guide/domains/#deleting-manual-dns-records

    If you want to point it just for you and not for your general site visitors then instead you can add the IP and subdomain to your local hosts file: https://www.howtogeek.com/27350/beginner-geek-how-to-edit-your-hosts-file/

        sean to specify, I need a script running on opalstack to resolve the domain locally, avoding the CDN and short-circuiting to the server. I cannot replace the external domain with the opalstacked.com alias.
        The DNS is managed externally and uses a CNAME record for the domain (so that it can point to the CDN).

        I would bet that the best solution would be to go with the hosts file, but this needs to be done on the Opalstack shared host, and I believe I am not allowed to.

        • sean replied to this.

            pecus thanks for the clarification. Unfortunately we're not able to modify the system hosts file for you.

            I don't know the details of your setup but it might be possible to route a second domain to your site, one that resolves to the server IP instead of your CDN. You could then use that domain instead of the main site domain when making your requests with Guzzle.

              I think I was approaching this the wrong way. I can configure GuzzleHttp with a proxy, and I can setup a nginx proxy on opalstack and configure it to reverse proxy my app remapping traffic from the CDN domain to the local opalstacked.com domain. I'll try this way (I think most of the work is already documented here https://community.opalstack.com/d/464-howto-run-a-private-php-fpm-stack-on-nginx-or-apache-on-opalstack )

              EDIT: it's a bit more complicated than it seemed, due to this being a forward proxy and needing a MitM approach (thus a set of certificates to handle SSL traffic)

              Mastodon