<div dir="ltr">Should be fairly easy to do with any command to write data over the wire (nc/netcat/echo into /dev/tcp):<div><br></div><div>echo -en 'GET / HTTP/1.0' | nc 1.2.3.4<br><br>It should be worth noting that the Host header is not a required HTTP/1.0 header, so if your app requires the Host header (or derives some other variable value from this header), you should either require HTTP/1.1, or find a way to set this header in the proxies request. The proxy_pass documentation has some discussion on setting the Host header in particular for proxy environments: <a href="http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header">http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header</a></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Dec 9, 2016 at 3:29 PM, Jonathan Vanasco <span dir="ltr"><<a href="mailto:nginx@2xlp.com" target="_blank">nginx@2xlp.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
I got hit with a portscanner a few minutes ago, which caused an edge-case I can't repeat.<br>
<br>
the access log looks like this:<br>
<br>
94.102.48.193 - [09/Dec/2016:22:15:03 +0000][_] 500 "GET / HTTP/1.0" 10299 "-" "masscan/1.0 (<a href="https://github.com/robertdavidgraham/masscan" rel="noreferrer" target="_blank">https://github.com/<wbr>robertdavidgraham/masscan</a>)" "-" cookies="-"<br>
<br>
the server block was:<br>
<br>
server {<br>
listen 80 default_server;<br>
server_name _;<br>
...<br>
}<br>
<br>
but there is another ip block:<br>
<br>
server { listen 80;<br>
server_name ~^[0-9.]*$;<br>
}<br>
<br>
<br>
i can't figure out how to duplicate this request. the 500 was triggered, because the upstream application server didn't get find a "HTTP_HOST" environment variable set up, and i'd like to protect against this.<br>
______________________________<wbr>_________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" rel="noreferrer" target="_blank">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx</a><br>
</blockquote></div><br></div>