I have a squid server that can be accessed from multiple subdomains. My question is: is it possible to log the request's hostname (that is: hostname from the squid server) in the access log?
So, for instance, if a user does a proxy request on "blahbla.example.com" or "blah.example.com", I want to see this specified in my logfile.
Can anybody help me with this? Thanks!
P.S.: Log directive "<la" only logs the IP4/6 number. Not the actual hostname :(
Seems like the only way to accomplish this is using squid log analyzer and if you are not fun of using the web interface, it also have its raw logs on its docroot.
I would recommend LigthSquid amongst all.
Related
I have deployed an OpenVPN server from GCP market Place and have attached a Domain name to it along with the SSL certificate. Currently, I am able to access the server through both
https://domain-name.com
https://x.x.x.x -(Server Static Ip)
I want the server to be accessible only through the hostname and not its Server IP as the latter URL gives an SSL security error as the SSL certificate is attached to the Domain name and not to the server IP.
Can anyone help me to restrict it or give some advice to solve it?
You could try to do it(prevent access by IP) but I advice you to not try to do it.
Theoretically it could be possible for your HTTP server to reset SSL connection when browser sends "wrong" SNI(Server Name Indication) in a handshake.
Thus you could prevent your browser displaying security alerts.
Instead your browser would show network error message.
I doubt you would like to trade one type of error to another one.
I suggest you to do nothing about such "error" because legitimate visitors will come to your site via domain name and will not see such security warning.
Also there is huge possibility that legitimate visitor (with paranoid mindset) will use browser with SNI feature disabled so your server will not be able to make difference between good and bad URLs.
PS: here are relevant questions and discussions at reddit and at ServerFault and another one
I'm trying to open with the question that I really want answered. I want the URL at which outside users can access a particular part of my application.
In my server's setup, we're using Nginx as a reverse proxy, so my app is confugured to be at port 9000. But I can't point users at this, because they can't access that port. Users can access port 8080. But this is part of my system configuration and could (I think) change. Also it does change from development to staging to production. So, I would like to avoid hard-coding this if possible.
So then my question, can I somehow, dynamically, tell the "outermost" port that an incoming request is received at? Possibly through passing a header down from Nginx? I'm thinking of X-Forwarded-For, except I want to know what URL the client contacted to reach me (the server), not what IP address the client is contacting the server from. Is this possible?
$server_port variable holds the port the client connected to.
Currently im trying to make a license server based on ASPNET Web Api.
Basicly the licensed software wont be under my control, hence i need a way to control usage.
I see one problem however, in case the license server responds with json or an statuscode saying a license check is ok, the format could be sniffed on the software location and a service could be created to respond likewise (by changing their dns, so that the hardcoded domain is pointed to their service instead.
Any help in this area is appreciated, as if i recall correct, ssl is only point to point
You could have your application host a wild card DNS record. Meaning an A record that looks something like:
*.foobar 86400 IN A 1.2.3.4
thus requests to the host could include a different host name:
ab34dd8993aedf455c.foobar.mydomain.com
The code in front of the name could be used to authenticate the request based on time/source ip/json in request.
Regards
Frank
I am facing a strange issue.
My ISP has hosted a webservice inside a virtual directory which is placed under a subdomain. now from my system (or network) I cannot access that webservice. Every time I run fiddler, I see a DNS Lookup for "my_sub_domain.com" failed. No such host is known.
But If I run it through web-sniffer.com, it is returning as Status: HTTP/1.1 200 OK
I do not understand what is wrong, Have anyone faced something like this? Is there any problem with my network settings? Can you tell me how to fix this?
If you need any more information please let me know.
This sounds like a DNS issue. Your DNS server doesn't seem to have had the A record for the subdomain propagated to it yet, whereas the DNS server used by web-sniffer.com has had it propagated to it, and thus, can see that it's returning a valid record and IP address.
While waiting for it to propagate to your DNS provider, you could add an entry to your machine's host file with the correct IP address to allow you to continue work.
We are having two load balancing server. In that we have hosted a asp.net 3.5 application right now we are using request userhostaddress to get visitor ip but it is giving load balancer ip instead of real ip. Can anyone have code for this.
I think that you must search not only for HTTP_X_FORWARDED_FOR, but for all that, depent what your loading ballance using
Context.Request.ServerVariables[CheckAllBelowList]
"HTTP_X_COMING_FROM",
"HTTP_X_FORWARDED_FOR",
"HTTP_X_FORWARDED",
"HTTP_VIA",
"HTTP_COMING_FROM",
"HTTP_FORWARDED_FOR",
"HTTP_FORWARDED",
"HTTP_FROM",
"HTTP_PROXY_CONNECTION",
"HTTP_CLIENT_IP",
"CLIENT_IP",
"FORWARDED",
The return of one of that, is the actual Ip of you client, except if is other proxy, I also need to learn how some one can get this, to find the user that is behind 2-3 proxy's...
If you know any other, please tell me so.
The problem is more to do with the fact that the "load balancer" is acting as a proxy. What type of load balancer are you using? I know with Microsoft ISA server there is a setting to pass the original users IP address through to the webserver.
Otherwise you will have to write a page to dump out the server variables and see if there an extra server variable being added that gives you the real client IP address.
depending on the load balancing server the client's IP could/should be written to:
Context.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
But beware if the user is also behind a proxy the value may be the proxies original client instead of the load balancer's client (which would be the proxy IP in this case). I'm not certain what behaviour is "normal".
Hope that helps,
Alex