What is a reverse proxy?
First, the concept of forward agent:
The forward agent, the legendary agent, works like a springboard. To put it simply, I'm a user, I can't access a website, but I can access a proxy server. This proxy server, he can access that I can not visit the site, so I first connected to the proxy server, told him I need that can not access the content of the site, proxy server to fetch back, and then return to me. From the point of view of the website, only when the proxy server to pick up the content of a record, sometimes do not know is the user's request, but also hides the user's data, depending on the agent does not tell the site.
The conclusion is that the forward proxy is a server between the client and the original server (Origin server), in order to get content from the original server, the client sends a request to the agent and specifies the target (the original server), and then the agent forwards the request to the original server and returns the contents to the client. The client must make some special settings to use the forward proxy.
So what about the concept of reverse proxies?
For example, the user visits Http://www.nowamagic.net/librarys/veda this page, but www.nowamagic.net actually does not exist this page, he is secretly from another server to take back, and then spit to the user as their content.
But users do not know, this is normal, users are generally very stupid. The www.nowamagic.net this domain name corresponds to the server that sets up the reverse proxy function.
The conclusion is that the reverse proxy is just the opposite, and for the client it is like the original server, and the client does not need to make any special settings. The client sends a normal request to the contents of the reverse proxy's namespace (name-space), and then the reverse proxy determines where (the original server) forwards the request and returns the obtained content to the client as if it were its own.
the harm of malicious reverse proxy
What is the harm of web site being malicious reverse proxy? Here are a few examples:
• First of all will occupy server resources, Web site open speed is affected.
Second, other people through the agent to steal your website data, users and not so intelligent search engine, the equivalent of a site with you, so it is likely that your site will be into the search engine sandbox, or even down the right.
• If the malicious agent of the page, but also hung your affiliate ads (such as AdSense), which is very dangerous, if someone clicked on the above ads, it is easy to be AdSense seal.
• There are many dangers, readers can be their own brain repair ...
JS-Level Solutions
Copy Code code as follows:
<script type= "Text/javascript" >
if (document.domain!= ' nowamagic.net ' && document.domain!= ' www.nowamagic.net ') {
window.location.href= ' http://www.nowamagic.net/';
}
</script>
The script is simple, if the URL in the address bar is not nowamagic.net and www.nowamagic.net any one, then the address bar to http://www.nowamagic.net/. This code also avoids the use of reverse proxy technology to "forge" a website that is exactly the same as yourself.
Digression: How to prevent web sites from being embedded in IFRAME. Some people use the IFRAME to make a frame, embed our website, the visitor comes to browse, as if is browsing his own website, so how to solve? The following methods can be broken:
Copy Code code as follows:
<script type= "Text/javascript" >
<!--
if (top.location!= self.location) top.location=self.location;
-->
</script>
PHP-Level Solutions
The JS-level solution can make the malicious proxy page bounce back, but it's not very friendly to search engines. The following is a server-side (PHP) solution, the code is relatively simple, do not say more.
Copy Code code as follows:
$proxy _rs = $this-> proxy_filter ();
if ($proxy _rs!= ' nowamagic.net ' | | | $proxy _rs!= ' www.nowamagic.net ')
{
echo ' Illegal reverse proxy access ';
Header (' location:http://www.nowamagic.net/');
Exit
}
Public Function Proxy_filter ()
{
/*
$svrUrl = ' http://'. $_server[' server_name '].$_server["php_self"];
if (!empty ($_server["query_string"]))
{
$svrUrl. = "?". $_server["Query_string"];
}
return $SVRURL;
*/
return $_server[' server_name '];
}
Htaccess-Level Solutions
. htaccess
Copy Code code as follows:
Rewriteengine on
Rewritebase/
Php_value Auto_append_file proxy.php
proxy.php
Copy Code code as follows:
<?php
$f = getenv ("Http_x_forwarded_for");
$server = getenv ("Http_host");
if (($f!= "") && ($server!= "Nowamagic.net") && ($server!= "Www.nowamagic.net")) {
Echo ' This server prohibits malicious reverse proxy! ';
}
?>
This is due to the particularity of my website, has not been tested, but this method is commonly used on the Internet.
Apache httpd.conf-Level solutions
This Apache how to forbid I haven't figured out, Nginx can, but I use Apache, if you know, please tell me next ~
