Recently someone used a small station data, using reverse proxy technology, made a thief stand. The user accesses his URL, but essentially the content data is mine, which is a malicious reverse proxy event.
What is a reverse proxy?
First talk about the concept of a forward proxy:
The forward proxy, the legendary agent, works like a springboard. Simply put, I'm a user, I can't access a website, but I can access a proxy server. This proxy server, he can access the site that I can not access, so I first connected to the proxy server, told him I need the site can not access the content, the proxy server to fetch back, and then back to me. From the point of view of the site, only in the proxy server to fetch the content when there is a record, sometimes do not know the user's request, but also hide the user's information, depending on the agent does not tell the site.
The conclusion is that the forward proxy is a server between the client and the origin server, in order to get the content from the original server, the client sends a request to the agent and specifies the target (the original server), then the agent forwards the request to the original server and returns the obtained content to the client. The client must make some special settings to use the forward proxy.
So what about the reverse proxy concept?
For example, the user visits Http://www.somesite.net/librarys/veda this page, but www.somesite.net actually does not exist this page, he is secretly from another server to fetch back, and then spit to the user as his own content.
But the user does not know, this is normal, the user is generally very stupid. The www.somesite.net mentioned here has the reverse proxy function set for the server that corresponds to this domain name.
The conclusion is that the reverse proxy is just the opposite, for the client it is like the original server, and the client does not need to make any special settings. The client sends a normal request to the content in the reverse proxy's namespace (name-space), and then the reverse proxy determines where (the originating server) forwards the request and returns the obtained content to the client, as if the content had been its own.
Harm of malicious reverse proxy
What is the harm of Web site being a malicious reverse proxy? Here's a list:
- First of all, it will occupy the server resources, the website opening speed is affected.
- Second, others through the proxy misappropriation of your website data, for users and not so smart search engine, the equivalent of building a site that is exactly the same as you, then it is likely that your site will go into the search engine sandbox, or even down the right.
- If a malicious agent's page is still linked to your affiliate AD (such as AdSense), it's dangerous, and if someone clicks on the ad, it's easy to get an adsense number.
- There are many hazards, the reader can self-repair ...
JS-Level Solutions
<script type= "Text/javascript" >if (document.domain! = ' somesite.net ' && document.domain! = ') Www.somesite.net ') { window.location.href= ' http://www.somesite.net/';} </script>
The script is simple, if the Address bar URL is not somesite.net and www.somesite.net any one, then the address bar to http://www.somesite.net/. This code can also avoid being used by reverse proxy technology to "forge" a website that is exactly the same as yourself.
Off-topic: How to prevent a site from being embedded in an IFRAME. Some people use IFRAME to make a framework, to embed our site, visitors to browse the time, as if browsing his own site, then how to solve it? The following methods can be broken:
<script type= "Text/javascript" ><!--if (top.location! = self.location) top.location= self.location; // -</script>
PHP-Level Solutions
The JS-level solution is not friendly to search engines, although it allows the malicious proxy page to jump back. Here is the server-side (PHP) solution, the code is relatively simple, not much to say.
$proxy _rs=$this-Proxy_filter ();if($proxy _rs! = ' Somesite.net ' | |$proxy _rs! = ' Www.somesite.net ' ) { Echo' Illegal reverse proxy access '; //header (' location:http://www.somesite.net/'); Exit;} Public functionProxy_filter () {/*$svrUrl = ' http://' $_server[' server_name '].$_server["php_self"]; if (!empty ($_server["query_string")) {$svrUrl. = "?". $_server["Query_string"]; } return $SVRURL; */ return $_server[' server_name '];}
Htaccess Level of solutions
/php_value auto_append_file proxy. php
proxy.php
<? PHP $f getenv ("Http_x_forwarded_for"); $server getenv ("Http_host"); if ($f! = "") && ($server! = "Somesite.net") && ($server! = "Www.somesite.net ") { echo ' This server prohibits malicious reverse proxy! ';}? >
This is because of the particularity of my website, has not tried, but the online commonly used this method.
Apache httpd.conf-Level solutions
This Apache on how to forbid I have not come out, Nginx pour can, but I use Apache, if you know, please tell me the next ~
Reprinted from: http://www.nowamagic.net/librarys/veda/detail/2493
Reprint how to prevent a Web site from being accessed by a malicious reverse proxy (several levels of solution)