1

I am working on an app where each customer has its own profile. One of the features allows sending SOAP requests to systems owned by customers. Currently all communication with customers web services goes over a single IP address, the same as the app. I would like SOAP communication to have its own IP, separate to the rest of the app.

The app is written in PHP using UserFrosting framework and it will soon be hosted on amazon aws.

Is such separation possible? Can this be done on PHP level?

Reason behind this requirement is to allow customers to whitelist only webservices related IP in their firewalls.

Luke G
  • 1,741
  • 6
  • 23
  • 34

1 Answers1

1

The short answer is no, this cannot be done via PHP.

PHP in terms of SOAP runs on the application layer of the OSI model (HTTP), so this means an IP address is already assigned when using this layer.

https://en.wikipedia.org/wiki/OSI_model

To do this, you could have two web servers (Main & SOAP) which communicate on internal IP range but the requests on SOAP would go outbound on it's own WAN address which you would then give to customers. If you didn't want go down the route of two servers, a second Network Card (Virtual/Hardware) and Apache Listening rules on your server could achieve similar results:

https://serverfault.com/questions/511018/how-to-configure-apache-to-run-on-multiple-network-interfaces#511020

Another way of doing this, communicate to client sites using a different TCP port for SOAP requests. For example, you could send all SOAP requests to a clients WAN IP on port 8080 rather than 80 and get the client to put in place an inbound NAT (Network Address Translation) on their firewall to convert all traffic incoming from your WAN IP from TCP 8080 to be converted back to TCP 80 so there server can take the request. They would then need to convert this back to TCP 8080 if your server is listening on that port.

Community
  • 1
  • 1
Kitson88
  • 2,889
  • 5
  • 22
  • 37