I have a simple requirement. I have a nginx web server and a netscaler proxy. From netscaler, the option Client_IP header is checked, and name of header is HTTP_CLIENT_IP.
I want to access this ip in nginx log. I have specified a custom log format, so i can access this value:
I have tried the following variables in the log format, and they just return in '-'.
$http_client_ip
$http_request_body
Basically, i want to read the entire request header / body that nginx receives from netscaler.
Any help would be appreciated !
Netscaler inserts a http header with the client ip, if enabled. However You have to configure the http header name on the netscaler.
Related
I am looking at the http-requests in BurpSuite. I see a field named as 'Host'. What is the importance of this field?
What happens if I change this field and then send the request? If I change the host header field to some other IP then would the server respond back to this new modified IP?
A single web server can host multiple websites with different domains and subdomains.
The Host header allows it to distinguish between them.
Given the limited availability of IPv4 addresses, this is important as there are more websites than available IP addresses.
What happens if I change this field and then send the request?
If the server pays attention to it and recognises the hostname, it will respond with that website (otherwise it may fall back to its default website or throw an error).
For an example, see Name-based Virtual Host Support in the Apache HTTPD manual.
If I change the host header field to some other IP then would the server respond back to this new modified IP?
No. The Host header is the host the client is asking for. It has nothing to do with where the response should be sent.
To quote from https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Host :
The Host request header specifies the host and port number of the server to which the request is being sent.
If no port is included, the default port for the service requested (e.g., 443 for an HTTPS URL, and 80 for an HTTP URL) is implied.
A Host header field must be sent in all HTTP/1.1 request messages. A 400 (Bad Request) status code may be sent to any HTTP/1.1 request message that lacks a Host header field or that contains more than one.
In the HTTP protocol, there are multiple status codes that can be used to redirect a request to another URL, such as 301 Moved Permanently or 302 Found. To my knowledge, the target URL can either contain a host (http://example.com/example.html) or let the host implicitly be the current host (/example.html).
When using the first form, one can redirect to a non-standard port (http://example.com:8080/example.html). How can this be done when not specifying the host?
Currently, I parse the HOST request header and build the new URL. But AFAIK, that header is not strictly required to be sent, so I want to avoid it.
You can't specify just the port in a redirect. And yes, the "Host" header field is strictly required in HTTP/1.1.
I am trying to configure n NGINX server as a reverse proxy.
I need to setup a configuration to follow this logic:
Check if the request is coming from a a specific IP address range.
If yes then send it upstream and if No then check for a custom header, if the header is present then pass the request upstream and if no then drop/block the request.
Can someone guide in how the configuration file would look like for this please?
I am using nginx in front of apache servers as a load balancer and to log access logs. To log some variables from web services to the nginx log, the services are writing to Http header which gets extracted by nginx. The problem is that these variables are rather internal info which I want to remove before passing back to the client. Is there an easy of removing specific http header line(s) in nginx?
Which headers are passed from a proxied server to the client that made the request can be controlled with the config entries for proxy_hide_header and proxy_pass_header.
The 'pass' one forces headers that are normally removed to be shown to the client, and the hide one forces headers that are normally shown to be removed.
This allows you to remove or hide headers that you don't want to be shown to the end user.
Apache has something called VirtualHosts.
You can configure it in that way that when you go to example.com get a different site than example2.com even if you use the same IP's.
A HTTP Request looks something like this:
GET /index.html HTTP/1.0
[some more]
How does the server know you are trying to access www.example.com or www.example2.com?
In addition to the GET line, the browser sends a number of headers. One of these headers is the Host header, which specifies which host the request is targeted at.
A simple example request could be:
GET /index.html HTTP/1.0
Host: example.com
This indicates that the browser wants whatever is at http://example.com/index.html, and not what is at http://example2.com/index.html.
Further information:
The Host header in the HTTP specification
IIS also has this and I believe refers to it as host header redirection.
The http packet header contains the destination hostname which the server uses to determine which website to serve up. Some more reading: http://www.it-notebook.org/iis/article/understanding_host_headers.htm