Let's say you have an office location, internal network only accessible via VPN. Your users want to enable users to RDP into their workstations from home. You can deploy this webapp on your office's internal server, provide the address to your users so they can wake up the workstations, and then shut them down when not in use.
- Simple web frontend built with Bootstrap & PHP, which can be run on any web server
- Tested on IIS, Apache & Nginx
- Wake-on-LAN: Turn on computers remotely that have WoL enabled.
- Shutdown: Remotely shut down Windows computers.
- Requires Local windows user password
- Restart: Remotely restart Windows computers.
- Requires Local windows user password
- PHP 8.0+
- Sockets (for Wake-on-LAN)
- CURL (for WinRM operations)
- WebServer
- Windows computers with WinRM enabled (for shutdown and restart operations)
This webapp allows for remote computer startup, shutdown, and restart operations.
The Wake-on-LAN functionality works by having a PHP server within the network receive a command and then dynamically generate a WoL packet to specific computers in the same subnet. This circumvents the issue of many routers disabling/ignoring broadcast addresses from outside the local network.
The shutdown and restart functionality uses Windows Remote Management (WinRM) to securely execute commands on remote Windows machines.
To add or modify hosts, edit the hosts.php file. Each host is represented by an associative array with the following keys:
hostName: The name of the host (used for display purposes)- Must match the username, for Restart & Shutdown functionality!
macAddress: The MAC address of the host's network interfaceipAddress: The IP address of the host
Example:
$hosts = [
[
"hostName" => "computer1",
"macAddress" => "AA:AA:AA:AA:AA:AA",
"ipAddress" => "192.168.1.11",
],
// Add more hosts as needed
];- Open Device Manager
- Expand "Network adapters"
- Right-click on your network adapter and select "Properties"
- Go to the "Power Management" tab
- Check the box next to "Allow this device to wake the computer"
- If available, also check "Only allow a magic packet to wake the computer"
- Click "OK" to save changes
You may also need to enable WoL in your computer's BIOS/UEFI settings.
To enable WinRM, run the following commands in an elevated PowerShell:
-
Enable & setup WinRM:
winrm quickconfig -q # Configure WinRM to allow unencrypted traffic (use with caution, consider using HTTPS in production) winrm set winrm/config/service '@{AllowUnencrypted="true"}' # Allow basic authentication winrm set winrm/config/service/auth '@{Basic="true"}' # Set trusted hosts to allow connections from a specific host (use * to allow all hosts) winrm set winrm/config/client '@{TrustedHosts="192.168.x.x"}' -
Restart the WinRM service:
Restart-Service WinRM
Note: These settings are for a basic setup. For production environments, consider using more secure configurations, such as HTTPS and specific trusted hosts.
- When setting up winRM with Basic auth, make extra sure that you don't expose the machine on the internet!
Forked from castab/phpWOL. Replaced the backend with PHP_WOL developed by Radovan Janjic
- Toni Uebernickel [email protected]: Original WoL packet generator function
- Radovan Janjic: PHP_WOL backend
- vmatt/phpwinrm: Lightweight WinRM client