views:

49

answers:

4

I have an ASP.NET app running on a webserver. A third party is created another app in PHP which needs to send data to my app for processing.

Initially it was assumed that the PHP app would be deployed elsewhere so we agreed that the communication would occur over the internet via HTTP (over SSL). My app would simply use a generic handler (ashx) file to recieve the data and send confirmation back.

Now it seems that the PHP app might be deployed on the same machine as my app. I like the fact that using HTTP (as opposed to say direct database access), the PHP app needs to know nothing at all about how my app works. But using the public internet seems silly for communication between two apps on the same machine.

If the PHP app simply used a localhost address, would this ensure that all the data stays within the machine? Is there a better way to do this?

A: 

The public Internet would never be used, even if the PHP app specified an address on an external interface. But if you want to be... overcautious... then just use 127.0.0.1.

Ignacio Vazquez-Abrams
Sorry to clarify... if the PHP app used the full public URL of my app, the communication would still occur internally only?
David
Assuming the full public URL's domain name resolves to the server, yes. If it resolves to a load balancer or proxy server separate to the app server. no.
Paul
If it resolves to an interface on the machine, then yes. If it resolves to some reverse proxy somewhere else, then no.
Ignacio Vazquez-Abrams
Excellent, thank you for the clarification.
David
But using localhost or 127.0.0.1 will not help since most probably host headers are used to host multiple websites. See my answer.
Aliostad
That's easily solved. Deploy the ASP.NET app to an additional internal hostname that resolves to 127.0.0.1. Then just use that hostname in the PHP app.
Ignacio Vazquez-Abrams
A: 

If the PHP simply used a localhost address, would this ensure that all the data stays within the machine?

Yes

Is there a better way to do this?

Makes sense to me. It's a common architectual choice, and it makes it easier should the two apps be deployed on separate machines again in future.

Paul
A: 

Yes, if you configure your TCP-connection using localhost, there will be no traffic sent out to the web. We have lot of applications which communicates with services using the TCP interface. No traffic will ever leave the server.

If you are unable to change the address in the PHP app, you may consider adding a hosts entry and redirect it to the local machine instead.

Scoregraphic
A: 

If they are deployed to the same machine, they must have been set up with host headers so that the IIS sends the traffic to the correct website - it is true that they can be listening tio different ports and no host headers but being a public web site, this is not an option.

If host headers are setup - which I am pretty sure they are - you cannot use localhost.

Aliostad
Wow, that's interesting. I think that because my ASP.NET app uses SSL, it listens on port 443 so it doesn't need a specific host header. I am finding that when remoted onto the server, typing https:// localhost brings the web app up, but only after a warning that there is a problem with the certificate - presumably because I'm not using the domain name associated with the certificate. Whether this will cause problems for inter-app communications, we'll find out during testing I guess.
David
You could still bind multiple IP addresses to one interface and stick to port 80. You can't use host-headers on an SSL site with different domain names anyway (and since the apps were to be on two servers), I'm assuming they are on different domains. And if the ASP.Net app is only to be accessed from the PHP one, it could run on a different port without any big issue
Paul