Bitcoin with ssl and domain get 401 error response about laravel-bitcoinrpc HOT 8 CLOSED

so as far right now this issue should be resolved then. thanks for the explanation and assistance given.

from laravel-bitcoinrpc.

Bitcoin Core dropped direct support for RPC over SSL since version 0.12.0. Please see changelog and consider using suggested method of securing connection through stunnel.

As for accessing bitcoind via domain, it's nothing special - you just specify following in your dot env file (first line if you want to use ssl):

BITCOIND_SCHEME=https
BITCOIND_HOST=api.example.com

Although I'm sure you already did this...
Your issue is actually probably related to cloudflare. Cloudflare blocks requests from laravel-bitcoinrpc client (or any other api client for that matter) when security features (specifically Browser Integrity Check) are enabled, because it can't detect it as a proper browser.

You can circumvent this by delegating subdomain (i.e. api.example.com) for api requests and configuring Page Rules for it as described in this guide.

from laravel-bitcoinrpc.

right now im adding a A record for the new subdomain via cloudflare. so if that blocks me, then ill need to add A record to the domain provider itself right?

from laravel-bitcoinrpc.

from laravel-bitcoinrpc.

one more thing, i manage to use domain and ssl for the connection and now i tried implementing ht authentication to the domain.

on web browser, whenever i put the domain on search bar it will prompt me for that username and password that ive set. but then i put the url with username and password on my configuration file, it will return the same 401 response.

Kindly assist me on this matter.

URL format that ive user :
https://username:[email protected]:rpcport

is this the correct way?

from laravel-bitcoinrpc.

External HTTP Authentication is not supported by this package.

Bitcoin Daemon already using authentication via rpcuser and rpcpassword parameters in bitcoin.conf, it won't ask for you credentials when visiting through your browser since it's expects POST requests, but on proper POST it'll ask client this information.

BITCOIND_HOST MUST contain only host name without scheme or any credentials.

from laravel-bitcoinrpc.

is there any other security implementation that i need to be considered other than ssl and domain integration to bitcoin nodes?

from laravel-bitcoinrpc.

As far a network stuff concerned not really. SSL encryption via stunnel should be good enough. If you don't trust stunnel, SSH tunneling will work as well. Any of the above would be secure enough for mitigating MITM attacks.

Note that when using stunnel or SSH tunneling, requests will be coming from localhost as far as Bitcoin Core concerned, so rpcallowip option in bitcoin.conf will have no effect and any connecting IP will be allowed. You can use your system firewall (e. g. iptables) to restrict access to node from trusted IPs only.

You should also think of some kind of rate-limiting on your client in order to not overwhelm Bitcoin node that has no rate limiting on its own and cause DoS.

Finally, please be aware that running node and client on separate machines is no more (it's actually slightly less) secure that running both on the same, so it should be done only for easier scaling and better resource utilization, not better security.

from laravel-bitcoinrpc.