6th October 2018, 1:33 AM
(This post was last modified: 6th October 2018, 1:36 AM by bls1999. Edited 1 time in total.)
WARNING: Technical stuff below. Click away now if that sort of thing scares you. 
For undisclosed reasons, a future project I'm working on requires a connection to a socket server from another server using PHP. The function I was using (fsockopen, like a normal person) wasn't working. I spent about a half hour on the phone with my hosting provider's support team this afternoon, only for the guy (who had no idea what he was doing) to tell me that the company is totally dumb and they block outgoing socket connections to the port to which I was trying to connect.
For the rest of the day, I attempted to find ways around this. I tried different functions (stream_socket_client and cURL), and neither worked. Of course, I didn't realize that the restriction was network-level and not function-level. So, essentially, I wasted an hour or so trying desperately to solve a problem in a method which definitely was not possible.
I took a brief interlude in my work to try to explain to Mom what this highly technical problem was. I love explaining this stuff to her because I'll try to compare it to a real-life scenario, she'll have no idea what I'm talking about, and we'll both dissolve into hysterical laughter.
After some more troubleshooting and wanting to throw my computer out the window, I came to the realization that I could connect to an allowed port via my PHP script and forward the connections once they got to the destination server from the allowed port to the prohibited port. I spent about two hours trying to figure out why the connections would work from my local computer and not my PHP script. When it still wasn't working, I called my hosting provider and spent about 45 minutes speaking to another guy that had no idea what he was doing. He told me the allowed port I was connecting to on my other server was not open. I was like "the connection isn't even getting to my server, so it must be a *company name* issue." He said something like "uh well if you figure it out give us a callback."
I spent a bunch more time messing with my firewall's rules to try to allow connections to this port from a specific IP address only, and then forward the connection over to the correct port. I restarted the server multiple times (you may have noticed downtime in Dots, Kong Racing, or PR1) and still didn't have any luck trying to diagnose the issue.
Then I had an idea. I enabled network logging and tried to search for my site's IP address again. When that turned up no results, I searched the port. Surprisingly, there were many entries for a bunch of different IP addresses. I decided to unblock that port for all IP addresses temporarily so I could log the connections and see where the requests were coming from. I was flooded with a bunch of Chinese IP addresses in my log; definitely not me. It had been a while since I tried to connect to the server using fsockopen from my server, so I ran the command via SSH for the hell of it.
And it worked.
Instant replay of me figuring out it worked:
![[Image: tenor.gif?itemid=5362501]](https://media1.tenor.com/images/e986f3cda38e718a181ce57cfad77fe4/tenor.gif?itemid=5362501)
I instantly reblocked the port and checked my log. What was surprising to me was the IP address of my server wasn't there. I was bewildered, to say the least. To diagnose the issue, I decided to unblock the port again, log the connections to that port, and spam the command that ran the PHP script to see if I could find the IP address of my server. I still didn't, so I looked through the IPs that did connect. There was one IP listed awfully frequently, but I didn't recognize it all. I figured I might as well do an IP search on it to see where it was coming from, and... you guessed it, it was a different IP from my hosting provider.
Nobody ever told me this was a possibility. Gee, thanks, guys! Y'all are really knowledgeable about your own servers. -.-
The only good thing that comes out of having absolutely no idea how to do something and doing the same thing multiple times, is you get really good at what you're doing. I now know about different aspects of my OS's firewall that I had no idea existed.
Anyway, it works now. What a relief! Now I can get back to the actual project instead of worrying about this nonsense.
For undisclosed reasons, a future project I'm working on requires a connection to a socket server from another server using PHP. The function I was using (fsockopen, like a normal person) wasn't working. I spent about a half hour on the phone with my hosting provider's support team this afternoon, only for the guy (who had no idea what he was doing) to tell me that the company is totally dumb and they block outgoing socket connections to the port to which I was trying to connect.
For the rest of the day, I attempted to find ways around this. I tried different functions (stream_socket_client and cURL), and neither worked. Of course, I didn't realize that the restriction was network-level and not function-level. So, essentially, I wasted an hour or so trying desperately to solve a problem in a method which definitely was not possible.
I took a brief interlude in my work to try to explain to Mom what this highly technical problem was. I love explaining this stuff to her because I'll try to compare it to a real-life scenario, she'll have no idea what I'm talking about, and we'll both dissolve into hysterical laughter.
After some more troubleshooting and wanting to throw my computer out the window, I came to the realization that I could connect to an allowed port via my PHP script and forward the connections once they got to the destination server from the allowed port to the prohibited port. I spent about two hours trying to figure out why the connections would work from my local computer and not my PHP script. When it still wasn't working, I called my hosting provider and spent about 45 minutes speaking to another guy that had no idea what he was doing. He told me the allowed port I was connecting to on my other server was not open. I was like "the connection isn't even getting to my server, so it must be a *company name* issue." He said something like "uh well if you figure it out give us a callback."
I spent a bunch more time messing with my firewall's rules to try to allow connections to this port from a specific IP address only, and then forward the connection over to the correct port. I restarted the server multiple times (you may have noticed downtime in Dots, Kong Racing, or PR1) and still didn't have any luck trying to diagnose the issue.
Then I had an idea. I enabled network logging and tried to search for my site's IP address again. When that turned up no results, I searched the port. Surprisingly, there were many entries for a bunch of different IP addresses. I decided to unblock that port for all IP addresses temporarily so I could log the connections and see where the requests were coming from. I was flooded with a bunch of Chinese IP addresses in my log; definitely not me. It had been a while since I tried to connect to the server using fsockopen from my server, so I ran the command via SSH for the hell of it.
And it worked.
Instant replay of me figuring out it worked:
I instantly reblocked the port and checked my log. What was surprising to me was the IP address of my server wasn't there. I was bewildered, to say the least. To diagnose the issue, I decided to unblock the port again, log the connections to that port, and spam the command that ran the PHP script to see if I could find the IP address of my server. I still didn't, so I looked through the IPs that did connect. There was one IP listed awfully frequently, but I didn't recognize it all. I figured I might as well do an IP search on it to see where it was coming from, and... you guessed it, it was a different IP from my hosting provider.
Nobody ever told me this was a possibility. Gee, thanks, guys! Y'all are really knowledgeable about your own servers. -.-
The only good thing that comes out of having absolutely no idea how to do something and doing the same thing multiple times, is you get really good at what you're doing. I now know about different aspects of my OS's firewall that I had no idea existed.
Anyway, it works now. What a relief! Now I can get back to the actual project instead of worrying about this nonsense.
![[Image: mczzo9.png]](http://i64.tinypic.com/mczzo9.png)
