Invalid "host" information in access and error logs

tamere22 tamere22 at yopmail.com
Wed Oct 28 15:29:55 UTC 2015


Thanks for your time. 
So you're saying clients request www.siteA.com but rewrite packets to say host: www.siteB.com in their http request ?

Why would google bot do such a thing ?

I'm still unsure because I don't see why legitimate clients would do that.



For you, it's ok to have in log file "abc.com-error.log" the following :

2015/10/26 09:44:38 [error] 12338#0: *26891713 access forbidden by rule, client: 141.8.143.173, server: abc.com, request: "GET / HTTP/1.1", host: "def.com"


with the following configuration :

server {
        server_name abc.com;
        include conf.d/listen-ssl-wildcard;
        location / {
                allow 192.168.0.0/16;
                deny all;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded_Proto $scheme;
                proxy_pass https://backend:443;
        }
        error_log abc.com-error.log error;

}
server {
        server_name def.com;
        include conf.d/listen-ssl-wildcard;
        location / {
                allow 192.168.0.0/16;
                deny all;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded_Proto $scheme;
                proxy_pass https://backend:443;
        }
        error_log def.com-error.log error;

}



More information about the nginx mailing list