Can I use fiddler on my webserver to log traffic?

1 Answer 208 Views
Fiddler Classic
Alec
Top achievements
Rank 1
Iron
Alec asked on 27 Sep 2021, 02:19 PM

I'm running a webserver on my PC that serves a REST API. I'm trying to capture requests from a remote client having set up the registry ReverseProxyForPort = 50000 where my server is listening on 50000 and my remote client is connecting to https://webseerver:8888/api

I can connect from remote client directly to webserver:50000, but an attempt to connect to webserver:8888 results in a timeout with no sessions in the fiddler traffic window.

 
Nick Iliev
Telerik team
commented on 30 Sep 2021, 06:15 AM

It sounds like your network is having those ports closed which is to be expected for an external network. You should contact your network administrator and ask them to fully open the Fiddler proxy which is actually a security risk. Perhaps, you could use an RD connection to connect locally to the server and test via a local Fiddler proxy?

1 Answer, 1 is accepted

Sort by
0
Alec
Top achievements
Rank 1
Iron
answered on 01 Oct 2021, 08:39 AM

It was not a closed port issue but I did need to open a port for the solution below.   I found that port 8888 did not work for me for https.  Some googling led me to 4 key steps to get this working.

1) Check "Allow remote computers to connect" in Options > Connections (and restart fiddler).

2) Inside Fiddler's QuickExec box, type “!listen 50001 LP10”<enter>

On my fiddler classic v5.0.20204.45441 on win64, the quick exec box is a black single line text box under the captured sessions list. In the above, "LP10" is the host PC name that is running fiddler and my webserver.  50001 is the fiddler proxy port that clients will connect to.

3) Add the script below.  Rules > Customise Rules (opens the script editor), move down to the “OnBeforeRequest” method (approx. line 150) and add after the initial comments at the top of the method:

  if ((oSession.HostnameIs("lp10")) &&
    (oSession.oRequest.pipeClient.LocalPort == 50001) ) 
  {
    oSession.host = "lp10:50000";
  }
  else
  {
    oSession["ui-hide"] = "true";
  }

Save the script with File > save.

This forwards the connection on proxy port 50001 to my webserver on 50000 and hides all other sessions.

4) If your windows firewall is on, allow connections to port 50001. In “Windows Defender Firewall” select advanced settings > Inbound rules > New Rule.  Select “Port”, “TCP”, set specific ports to “50001”, “allow the connection”, uncheck domain and public, the traffic is only on the private network.  Name the rule “Allow Fiddler on 50001”, click finish.

When I connect my client using https://lp10:50001/SomeRESTEndpoint, fiddler captures all REST requests and I can inspect the session content.

Tags
Fiddler Classic
Asked by
Alec
Top achievements
Rank 1
Iron
Answers by
Alec
Top achievements
Rank 1
Iron
Share this question
or