php virtual space penetration intranet

How do I get LAN access to my local site with php built with phpStudy?

Configure the virtual host. Open the virtual host on the Apache folder \conf\extra\ under the httpd-vhosts.conf file, in the end of this file to add the code (note that the following code also need to change the path to the path to the root directory of your Web site, and then reboot on it, if not successful, remember to turn off the firewall):

& lt;VirtualHost192.168.1.112:80>

DocumentRoot “D:/web/www”


<Directory “D:/web/www”>








The main features of a LAN:

1. Wide Area Network (WAN), which is what we usually call Internet, is a network that extends all over the network all over the world. Local Area Network (LAN), as opposed to Wide Area Network (WAN), mainly refers to a small range of computers connected to the Internet. This “small area” can be a family, a school, a company, or a government department.BT often refers to public networks and extranets, i.e., wide area networks (WAN); BT often refers to private networks and intranets, i.e., local area networks (LAN).

2. Every computer (or other network device) on a WAN has one or more WAN IP addresses (or public or extranet IP addresses), which are usually applied for after paying a fee to an ISP, and cannot be duplicated; every computer (or other network device) on a LAN has one or more local area network (LAN) IP addresses (or private or extranet IP addresses). IP address (or private network, intranet IP address), LAN IP address is assigned within the LAN, the IP address of different LANs can be repeated and will not affect each other.

3. Wide area network (WAN, public network, extranet) and local area network (LAN, private network, intranet) computers exchange data through NAT (Network Address Translation) of the router or gateway. Generally speaking, the router or gateway will not block the external connection requests initiated by computers on the LAN (LAN, private network, intranet), but the router or gateway will block the requests from the WAN to connect to computers on the LAN in most cases. WirelessLocalAreaNetwork (WLAN).

Is there a simple tool for intranet penetration?

1, Ngrok

ngrok is a reverse proxy, by creating a secure channel between a public endpoint and a locally running web server, realizing that the services of an intranet host can be exposed to the extranet. ngrok captures and analyzes all traffic on the channel for easy post-analysis and replay, so ngrok can easily assist in server-side program testing.

Refer to the blog: 10 minutes to teach you to build your own ngrok server

2, Natapp

natapp natapp is based on the ngrok domestic toll intranet penetration tool, similar to peanut shells, there is a free version, better than peanut shells. Free version: provide http, https, tcp full tunnel penetration, random domain name / TCP port, untimely forced to change the domain name / port, customize the local port

Reference article: NATAPP 1 minute quick newbie graphic tutorial

3, millet ball

Millet ball is based on the ngrok secondary development of the intranet penetration tool, which supports multi-protocol, multi-tunnel, multi-purpose, multi-tunnel, multi-purpose, multi-tunnel. Support multi-protocol, multi-tunnel, multi-port mapping at the same time (http, https, tcp, etc. …). , while supporting a variety of systems win, linux, linux_arm, mac and so on. Specific use of direct reference to the official website.

4, Sunny-Ngrok

Sunny-Ngrok is also ngrok secondary development of intranet penetration tools, support for http, https protocols, while supporting a wider range of systems and languages: linux, win, mac, openwrt, python, php and so on.

Tutorial: Sunny-Ngrok tutorial

5, echosite

echosite also ngrok secondary development of intranet penetration tools, support for a variety of protocols, previously all free, and now introduced a paid version and a free version, according to their own needs to choose.

Refer to the tutorial: EchoSite — to make intranet penetration easy

6, ssh, autossh

ssh with autossh tool to use, because autossh will be fault-tolerant, automatic restart of the SSH session and tunneling. autossh is a program to start a copy of the SSH and monitor, in case of death or stop transmission traffic. monitor it, restarting it as needed when it dies or stops transmitting traffic. The idea comes from rstunnel (ReliableSSHTunnel), but is implemented in C. The The author’s point is that it’s not as easy to work in a hurry. Connection monitoring is done using port forwarding loops or remote echo services. Turn off the speed of connection attempts in case of fast failures such as connection denial. Compiled and tested on OpenBSD, Linux, Solaris, MacOSX, Cygwin and AIX; should work on other BSDs. Freeware.

Using tutorial: SSH intranet penetration

7, Lanproxy

lanproxy is an intranet penetration tool that proxies LAN PCs and servers to the public network, and currently only supports tcp traffic forwarding, which can support any tcp upper-layer protocols (access to intranet sites, debugging of local payment interfaces, ssh access, remote desktop …) . There are peanut shells, TeamView, GoToMyCloud and so on in the market that provide similar services, but to use a third party’s public server you have to pay for the third party, and all these services have all kinds of limitations, in addition, as the packets will flow through the third party, so it is a big hidden danger to the data security.

Reference tutorial: amateur grass recommended a LAN (intranet) penetration tool lanproxy

8, Spike

Spike is a can be used to expose your intranet services in the public network of the fast reverse proxy, based on ReactPHP, using IO multiplexing model. Implemented using Php.

Reference tutorial: using PHP to achieve the intranet penetration tool “Spike”

9, Frp

frp is a high-performance reverse proxy application can be used to penetrate the intranet , support for tcp, udp, http, https protocol. The use of machines in the intranet or behind the firewall , the extranet environment to provide http or https services. For http, https service support based on the domain name of the virtual host , support for customized domain name binding , so that multiple domain names can share a port 80. Using the machine in the intranet or behind the firewall, to provide tcp and udp services to the extranet environment, such as at home through the ssh access to the company’s intranet environment in the host.

Tutorial: a very good use of the intranet penetration tool – FRP, the use of frp to achieve intranet penetration

10, Fcn

FCN [freeconnect] is a foolproof one-click access to the private network of the tool, fcn use of the public servers as well as data encryption technology to achieve: in the absence of the public IP environment, in any networked machine transparent access to the server’s bureau. fcn utilizes the public server and data encryption technology to achieve: in a public IP-free environment, in any networked machine transparent access to the server’s LAN segment. It supports a variety of systems and has both free and paid versions.

Tutorial: Intranet penetration tool FCN introduction

The above is what I know of the intranet penetration tool, which ngrok related I basically used and frp, are similar. Most of them are free to use, but I don’t recommend that you put these free penetration tools into the more important cloud servers to use, easy to be attacked. My little friend, start your penetration journey.

Proxy-Go details

Proxy is a golang implementation of high-performance http, https, websocket, tcp, udp, socks5 proxy server, support for forward proxy, reverse proxy, transparent proxy, intranet penetration, TCP/UDP port mapping, SSH transit, TLS Encrypted transmission, protocol conversion, DNS anti-pollution proxy.


Chained proxies, the program itself can be used as a first-level proxy, and if you set up a higher-level proxy, then it can be used as a second-level proxy, or even N-level proxy.

Communication encryption, if the program is not a first-level agent, and the higher-level agent is also the program, then you can encrypt the communication with the higher-level agent, using the underlying tls high-strength encryption, safe and featureless.

Intelligent HTTP, SOCKS5 proxy, will automatically determine whether to visit the site blocked, if it is blocked, then it will use the parent proxy (provided that the configuration of the parent proxy) to access the site; if you visit the site is not blocked, in order to accelerate access to the site, the proxy will be directly accessed without the use of the parent proxy.

Domain black and white lists, more free control of how websites are accessed.

Cross-platform , whether you are widows, linux, or mac, or even raspberry pi, can run proxy very well.

Multi-protocol support , support for HTTP(S), TCP, UDP, Websocket, SOCKS5 proxy.

TCP/UDP port forwarding.

Support for intranet penetration, protocol support for TCP and UDP.

SSH relay, HTTP(S), SOCKS5 proxy support SSH relay, the parent Linux server does not need any server, a local proxy can be happy to surf the Internet.

KCP protocol support, HTTP(S), SOCKS5 proxy support KCP protocol to transfer data, reduce latency, enhance the browsing experience.

Integration of external API, HTTP(S),SOCKS5 proxy authentication function can be integrated with external HTTPAPI, you can easily control the proxy user through external systems.

Reverse proxy, support for direct domain name resolution to proxy listening ip, then proxy will help you proxy access need to access the HTTP(S) site.

Transparent HTTP(S) proxy, with iptables, in the gateway directly out of the 80,443 direction of the traffic forwarded to proxy, you can realize the perception of intelligent router proxy.

Protocol conversion, you can convert the existing HTTP (S) or SOCKS5 proxy to a port that supports both HTTP (S) and SOCKS5 proxies, the converted SOCKS5 proxy does not support UDP functionality, while supporting strong cascading authentication.

Customizing the underlying encrypted transmission, http(s)\sps\socks proxy on top of the tcp can be encrypted through the tls standard encryption as well as the kcp protocol encrypted tcp data, in addition to support for customized encryption in the tls and kcp after that, that is to say, customized encryption and tls | kcp can be used in conjunction with the internal use of the AES256 The internal AES256 encryption is used, so you only need to define a password when you use it.

The underlying compression and efficient transmission, http(s)\sps\socks proxy on top of the tcp can be customized encryption and tls standard encryption as well as the kcp protocol encryption of tcp data, in the encryption of the data after the compression, that is to say, compression and customized encryption and tls | kcp can be used in conjunction with the function.

Secure DNS proxy, can be provided through the local proxy DNS proxy server and the higher-level proxy encrypted communication to achieve security and anti-pollution DNS query.


When we can’t access our services elsewhere due to security factors or limitations, we can establish a secure tunnel through multiple connected proxy nodes to access our services smoothly.

WeChat interface local development, easy debugging.

Remote access to intranet machines.

Play LAN games with your friends.

What used to be played only on the LAN can now be played anywhere.

Replacement for tools like Holy Sword Intranetcom, Show IP Intranetcom, Peanut Shells.

How to set up an intranet with a domain name to access their own php website

Use peanut shells dynamic domain name resolution, the specific method is as follows:

The first step to build a website

First in the computer comes with iis to build a simple interface, and then use the computer’s IP address to test the access.

The second step is to download the client

Download the peanut shells (intranet penetration) version of the client from the peanut shells website.

Download and install it locally

Step 3: Log in to the client

Step 4: Add mappings

Click on “Intranet Penetration” on the main interface of Peanut Shells to jump to the Peanut Shells Manage Intranet Penetration page, and then click on the Add button in the upper-right corner of the interface to add mappings. Mapping” button in the upper right corner of the interface process as shown:

“Application name” is customized, select the domain name and mapping type, fill in the “intranet host”, “intranet port” and select the “intranet port”, “intranet port” and “intranet port”.

Added successfully, generating an extranet access address.

Step 5: Test access to the extranet

Open a browser on the extranet and enter the peanut shells extranet access address to test access, if the interface is the same as that of the LAN access, it means that the mapping is normal.

I’m using phpStudy to build php, how do I get LAN access to my local website

1. Open your computer’s cmd command prompt tool

2. Type in ipconfig

3. A bunch of IP configurations will come up next, just find the IPv4 address among them

4. I am here:

5. In the (partner’s computer) browser, enter ( to access it

6. Test screenshot:

Note: It must be the same network of the accessing and the computer that is being accessed, and it must be connected to the same network!

How to access the database intranet after phpnow installation

Intranet access to the database after phpnow installation requires phpnow to be decompressed.

1, after decompressing phpnow, double-click init.cmd to initialize, the website source code program is decompressed and placed in the htdocs in phpnow after decompression, then you can access the website.