I'm trying t use Ngrok to create a local tunnel to an SSL Virtual host I have on my local machine, but can't seem to get it to work.
My Vhost works perfectly. The site is https://local.mysite.com
Any of the command I try to use to predefine the pointing url on Ngrok, e.g.
./ngrok http -host-header=rewrite local.mysite.com:443
or
./ngrok http -subdomain=local.mysite.com local.mysite.com:443
always seems to return:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
I get that this is happening because I am trying to access a HTTPS connection via a HTTP call but I can't see alternatives in the ngrok docs.
https://ngrok.com/docs#expose
You need to use tls which is only available in the pro subscription.
If you use Vagrant, you can use the share function which is free and support https.
Related
I'm trying to expose my local web server IIS Express using ngrok.
Followed steps from https://ngrok.com/docs and fired the tunnel, but can't get response.
Screenshot - ngrok fired
I'm using Visual studio via IIS Express. (Debug mode, local website works well.)
If local website not started, access to XXXXX.eu.ngrok.io will get error directly:
Failed to complete tunnel connection
The connection to https://2713343d.eu.ngrok.io was successfully tunneled to your ngrok client, but the client failed to establish a connection to the local address localhost:44320.Make sure that a web service is running on localhost:44320 and that it is a valid address.The error encountered was: dial tcp [::1]:44320: connectex: No connection could be made because the target machine actively refused it.
No errors shows on Ngrok's Web Interface too.
Is there any way to check where the problems are? or see ngrok's log?
Indeed it works with http, but it is strongly recommended to work with https, so you should properly start ngrok in order to work with https:
ngrok http -host-header=localhost https://localhost:{your_IIS_express_port}
After this you should be able to access your URL:
https://{id}.ngrok.io
Credits
Try make your service as http, not https.
I have a corporate proxy using Squid and kerberos for authentication, the proxy is configured for standard use, I.E allow http, https, a few others and block everything else. Now, there are many applications that support basic proxy authentication, but do not support Kerberos based authentication and many others that connect directly to the internet. I used Proxifier before the upgrade to kerberos to make my applications use the proxy, but I cannot do so now. I then installed an application called PX to create a proxy that connects to kerberos, but the proxy it creates is a simple HTTP Proxy and proxifier doesn't work correctly with it. Anyone has a setup for a situation like this?. I use Windows 10 and I obviously don't have access to the server where squid is configured. The application I need to connect to the internet uses standard https ports, it's not a torrent application nor anything that uses the ports blocked by squid. Thanks in advance.
Ok, for this particular case I've found the following setup to solve 99% of my problems.
First get Px here https://github.com/genotrance/px
Next get Fiddler: http://www.getfiddler.com/dl/Fiddler4BetaSetup.exe
Configure PX with your user and your domain and run it. By default it creates a running proxy on 127.0.0.1:3128
Configure your sistem proxy to use the proxy supplied by PX.
Execute fiddler, it should create ANOTHER proxy at 127.0.0.1:8888
Use this proxy in your apps. Proxifier should work as well.
Why use fiddler and not the direct 127.0.0.1:3128?, PX creates a pure http proxy and fiddler allows to tunnel https and connect request through it.
Any requests will pass through fiddler which will redirect them to the PX proxy which will redirect them to the squid proxy (So expect very slow speeds).
In the end since you're just redirecting your apps towards your proxy, if your proxy bans using regex expressions or direct IP connections some apps will NOT work, and in these cases using TOR or a VPN is the only real solution. Hope it helps someone avoid all the headaches I went through.
Charles Web Debugging Proxy not connecting to localhost. It was working right after I installed, but all of a sudden get connection refused, when trying to connect to localhost. Other traffic is going through proxy ok. The web server and proxy ports are different. *.8888 proxy listening on all addresses.
Get the following error
Charles Error Report
Failed to connect to remote host
Charles failed to connect to the remote host. Check that your Internet
connection is ok and that the remote host is accessible. Maybe your
network uses a proxy server to access the Internet? You can configure
Charles to use an external proxy server in the External Proxy
Settings.
The actual exception reported was:
java.net.ConnectException: Connection refused Charles Proxy,
http://www.charlesproxy.com/
Did you use PHP Built-in server?
The FAQs of office document say:
Localhost traffic doesn't appear in Charles
Some systems are hard coded to not use proxies for localhost traffic, so when you connect to http://localhost/ it doesn't show up in Charles.
The workaround is to connect to http://localhost.charlesproxy.com/ instead. This points to the IP address 127.0.0.1, so it should work identically to localhost, but with the advantage that it will go through Charles. This will work whether or not Charles is running or you're using Charles. If you use a different port, such as 8080, just add that as you usually would, e.g. localhost.charlesproxy.com:8080.
You can also put anything in front of that domain, e.g. myapp.localhost.charlesproxy.com, which will also always resolve to 127.0.0.1.
Alternatively you can try adding a '.' after localhost, or replace localhost with the name of your machine, or use your local link IP address (eg. 192.168.1.2).
If Charles is running and you're using Charles as your proxy, you can also use local.charles as an alternative for localhost. Note that this only works when you're using Charles as your proxy, so the above approaches are preferred, unless you specifically want requests to fail if not using Charles.
If you use php built-in server use
php -S 127.0.0.1:8080 -t ./public
instead of
php -S localhost:8080 -t ./public
I already tried to create a proxy server on heroku using java, python and nodejs but for some reason I can't.
I can only use port 80 so I would need to use the proxy as appname.herokuapp.com:80 but I get the response as "app doesn't exist".
Is this possible or not? Is there any alternative for what I want to do?
The Heroku routing layer routes your http requests based on the Host header it finds in the HTTP request from your client. And if you have your own endpoint, it at least validates that the Host header content is one of your apps' domains.
If you look at this answer you see that the Host header contains the name of the server you are trying to reach through the proxy server, not the proxy itself.
So there is no way you can run a http proxy server on heroku.
I followed the example in the following SO question to successfully set up an Apache forwarding proxy: Setting up an Apache Proxy with Authentication
It works well, except that when accessing sites via https, it says it cannot find the site. For example, Chrome gives
Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.
And on the server, I do not even see something in the access logs. For my proxy settings, I have configured the same for http and https (i.e. port 80 on my proxy server).
Do you perhaps have an example of how to set up a forward proxy with Apache for https?
It seems the only thing I was missing is that I had not enabled mod_proxy_connect which was achieved with
sudo a2enmod proxy_connect
To quote the mod_proxy_connect documentation page:
This module requires the service of mod_proxy. It provides support for
the CONNECT HTTP method. This method is mainly used to tunnel SSL
requests through proxy servers.
Are you attempting to terminate the SSL or just trying to create a forward proxy without handling any SSL certs? The issue that you are having is because during HTTPS proxying, the browser attempts to create an HTTP tunnel and it seems that your server is not correctly configured to handle tunneling. You can see another example here: Implementing a Simple HTTPS Proxy Application.
Here is another helpful thread on proxying HTTPS traffic with HTTP tunneling: Tunnel over HTTPS.
If you can choose something else other than Apache, I would suggest you use a robust forward proxy such as Squid or TrafficServer that are built to handle this type of setup.