I want to write a program that can monitor all system HTTP/HTTPS protocols used to open the default browser, and block certain ones, automatically changing certain requested URL into another. The process of changing a URL is simple, but the monitoring and blocking part is quite puzzling.
e.g. When clicking on the URL 'https://example.com/asdf.htm', the request will be blocked by the program and the the Windows system will receive the command of 'http://www.example2.org/asdf.htm' instead and the latter instead of the former URL will be opened by the default browser.
I am an amateur developer and student who do not have much experience in solving such problems.
I searched the web and found someone asked a similar question years ago:
https://superuser.com/questions/554668/block-specific-http-request-from-windows
However, I didn't find any useful advice on coding in the page. Maybe I can use an antivirus program to block certain URLs or change the hosts file to block certain URLs but the URL replacement cannot be done. Certainly, changing the hosts to a certain server which redirects certain requests might work but that's too complex. I wish someone can help me solve the problem by giving a simple method on monitoring the Windows system itself. Thanks!
To summarize our conversation in the comments, in order to redirect or restrict traffic, either to sites, either to ports (protocols are actually "mapped" via ports) the main solutions usually are:
a software firewall - keep in mind that SWFW don't usually redirect, they just permit or allow traffic via ports
a hardware firewall (or advanced router, not the commercial ones, but enterprise grade) - they do what you want, but they are very expensive and not worth for a home experiment
a proxy server - this can do what you want
Other alternatives that might or might not work would include editing the hosts file, as you said, but as stated earlier I don't recommend it, it's a system file and if you forget about it, then it can be a hindrance (also keep in mind that normally you should not use a Windows user with admin rights even at home, but that is another story) and a browser extension (which Iwould guess only changes content on pages, not the way a browser works (such as changing URLs).
I think a proxy server is the best pick here. Try it and let me know.
Keep in mind I still recommend you read about networking in order to get a better idea of what you can and can't do in each setup.
I have one specific domain that this issue is connected with. I have 10+ more domains from the same registrar. This one domain is on a on a different webhosting account that the rest of the domains (the same webhosting company though).
Whenever I make changes to CSS, the changes are not reflected until I change an IP address via VPN. And even then, it only refreshes once, then I need to change the IP again to see another change made. Sometimes not even that helps.
This happens on different internet networks.
The website runs on wordpress, but I have tested it with a separate set of files outside of WordPress.
Does anyone have a clue what it may be and how could it be resolved? Thank you!
I have tried broadband, mobile network but it's the same scenario for both. This makes me believe that it's not a router or device issue (local cache). It goes without saying that I have cleared cache and DNS multiple times.
One thing to mention is that all of my domains run through Cloudflare - yet only one is affected.
My webhosting company is not very helpful this time and only have checked whether my IP is blocked, which I think is a useless taken the above scenario.
All of my other 10+ domains reflect the changes immediately, even without clearing the cache.
Just in case anyone is experiencing something similar, it was due to Cloudflare. I have set the nameservers to point directly to the hosting provider and that fixed the issue.
This may be a simple question, but I've done a fair bit of googling/watching tutorial videos and I have no idea why this is failing.
Background
I have a codebase that I'm going to be working on with rest of my dev team. Everyone is using different setups. They have dev servers to roll out to, but they are also not particularly well maintained and do have slightly different installs. The next project I start also requires a php upgrade, so I thought to use vagrant to allow a uniform testing environment (amongst other reasons).
Using puphpet seems logical and has served me well before.
The problem
While setting up the box I configured puphpet as expected. The commant vagrant up also works as expected. I can SSH in as required.
I can also access the server via it's configured ip (192.168.56.101). If I do, I get the standard message:
Congratulations! You are pretty awesome.
[blah blah]
However, if you are seeing this page, it means you are using IP Address, not virtual host!
So - I then opened my (windows) host and added the following:
192.168.56.101 iccell.local
When I then navigate to http://iccell.local I get caught by some search engine and end up at http://searchguide.level3.com/search/?q=http%3A//iccell.local/&r=&t=0
The hosts entry doesn't seem to be correct, but I have no idea why.
Can any body suggest how to fix it/why that would be the case/point me in the right direction?
Thanks
As I posted this, I looked for other possible explanations.
I found a very informative post on SO's sister site; Server Fault.
https://serverfault.com/questions/452268/hosts-file-ignored-how-to-troubleshoot
In my case, for some reason, my hosts file had been saved in a non standard encoding. I fixed this, replacing tabs/space and adding a blank line. I then flushed DNS and things seemed to be fixed.
I'm answering here as a tool to point to the above answer. It's in depth and very informative.
It's been 2 days and I think i might have to kill myself.
My website for some reason suddenly started taking way way wayyyy to long to load.
I have cloudflare enable on my domain to cache content so my site can load faster, I've tried turning it off, but my site is still taking forever to load.
I've used pingdom(http://tools.pingdom.com/fpt/#!/dFvagb/http://streamaton.com/) and according to the results it shows that the domain itself is taking to much time to load(whut?).
I've tried visiting other section of my site like my admin panel and the site loads up pretty fast.
I have no idea how to pin point the root of this problem.
it depends a bit on the circumstances:
Could the case be that you have much higher load than usually?
If not, did you perform any code changes that might be responsible for that change?
it could also be the case that the server your website is on is under unusual high load or in some weird half-dead state. Sending a mail to your ISP asking them to check your server might be a good idea in any case.
As many of you probably know, online banks nowadays have a security system whereby you are asked some personal questions before you even enter your password. Once you have answered them, you can choose for the bank to "remember this computer" so that in the future you can login by only entering your password.
How does the "remember this computer" part work? I know it cannot be cookies, because the feature still works despite the fact that I clear all of my cookies. I thought it might be by IP address, but my friend with a dynamic IP claims it works for him, too (but maybe he's wrong). He thought it was MAC address or something, but I strongly doubt that! So, is there a concept of https-only cookies that I don't clear?
Finally, the programming part of the question: how can I do something similar myself in, say, PHP?
In fact they most probably use cookies. An alternative for them would be to use "flash cookies" (officially called "Local Shared Objects"). They are similar to cookies in that they are tied to a website and have an upper size limit, but they are maintained by the flash player, so they are invisible to any browser tools.
To clear them (and test this theory), you can use the instructions provided by Adobe. An other nifty (or maybe worrying, depending on your viewpoint) feature is that the LSO storage is shared by all browsers, so using LSO you can identify users even if they switched browser (as long as they are logged in as the same user).
The particular bank I was interested in is Bank of America.
I have confirmed that if I only clear my cookies or my LSOs, the site does not require me to re-enter info. If, however, I clear both, I had to go through additional authentication. Thus, that appears to be the answer in my particular case!
But thank you all for the heads-up regarding other banks, and possibilities such as including the User-Agent string.
This kind of session tracking is very likely to be done using a combination of a cookie with a unique id identifying your current session, and the website pairing that id with the last IP address you used to connect to their server. That way, if the IP changes, but you still have the cookie, you're identified and logged in, and if the cookie is absent but you have the same IP address as the one save on the server, then they set your cookie to the id paired with that IP.
Really, it's that second possibility that is tricky to get right. If the cookie is missing, and you only have your IP address to show for identification, it's quite unsafe to log someone in just based of that. So servers probably store additional info about you, LSO seem like a good choice, geo IP too, but User Agent, not so much because they don't really say anything about you, every body using the same version of the same browser as you has the same.
As an aside, it has been mentioned above that it could work with MAC adresses. I strongly disagree! Your MAC address never reaches your bank's server, as they are only used to identify sides of an Ethernet connection, and to connect to your bank you make a bunch of Ethernet connections: from your computer to your home router, or your ISP, then from there to the first internet router you go through, then to the second, etc... and each time a new connection is made, each machine on each side provide their very own MAC addresses. So your MAC address can only be known to the machines directly connected to you through a switch or hub, because anything else that routes your packets will replace your MAC with their own. Only the IP address stays the same all the way.
If MAC addresses did go all the way, it would be a privacy nightmare, as all MAC addresses are unique to a single device, hence to a single person.
This is a slightly simplified explanation because it's not the point of the question, but it seemed useful to clear what looked like a misunderstanding.
It is possible for flash files to store a small amount of data on your computer. It's also possible that the bank uses that approach to "remember" your computer, but it's risky to rely on users having (and not having disabled) flash.
My bank's site makes me re-authenticate every time a new version of Firefox is out, so there's definitely a user-agent string component in some.
It could be a combination of cookies, and ip address logging.
Edit: I have just checked my bank and cleared the cookies. Now I have to re-enter all of my info.
I think it depends on the bank. My bank does use a cookie since I lose it when I wipe cookies.
Are you using a laptop? Does it remember you, after you delete your cookies, if you access from a different WiFi network? If so, IP/physical location mapping is highly unlikely.
Based on all these posts, the conclusions that I'm reaching are (1) it depends on the bank and (2) there's probably more than one piece of data that's involved, but see (1).
MAC address is possible.
IP to physical location mapping is also a possibility.
User agents and other HTTP headers are quiet unique to each of the machines too.
I'm thinking about those websites that prevents you from using an accelerating download managers. There must be a way.