Home / server / Questions / 696141
Accepted
smusumeche
Asked: 2015-06-03 08:30:52 +0800 CST

Blocking requests matching HTTP_X_FORWARDED_SERVER header

  • 772

Someone has setup a CDN server which is directing traffic to my server and setting the HOST header to match one of my real domains. Because of this, Apache uses the virtual host for my real domain name instead of the host name for the CDN domain.

For example, the URL is:

http://cdn.example.com/pictures/www.mydomain.com/images/product/6a/229326.jpg

It appears this CDN is a proxy that is overriding the HOST header. Apache sees the host as www.mydomain.com instead of cdn.example.com.

I'd like to block this traffic, but I can't block via host or IP (because it changes). There is a host header:

HTTP_X_FORWARDED_HOST=cdn.example.com

Possible?

edit: don't have mod_security installed

apache-2.2

1 Answers

  1. Best Answer

    You can use mod_rewrite to accomplish this task:

    RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Host} cdn.example.com
RewriteRule .* - [F]

    As you can see, if you test it with curl denies the access:

    [root@RPX conf]# curl -i -H "X-Forwarded-Host: cdn.example.com" http://localhost:80/algo/
HTTP/1.1 403 Forbidden
Date: Tue, 02 Jun 2015 16:49:37 GMT
Server: Apache
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /algo/
on this server.</p>
</body></html>
    • 3