Invalid "host" information in access and error logs
Valentin V. Bartenev
vbart at nginx.com
Wed Oct 28 15:35:10 UTC 2015
On Wednesday 28 October 2015 16:29:55 tamere22 wrote:
> Thanks for your time.
> So you're saying clients request www.siteA.com but rewrite packets to say host: www.siteB.com in their http request ?
>
> Why would google bot do such a thing ?
>
> I'm still unsure because I don't see why legitimate clients would do that.
>
>
>
> For you, it's ok to have in log file "abc.com-error.log" the following :
>
> 2015/10/26 09:44:38 [error] 12338#0: *26891713 access forbidden by rule, client: 141.8.143.173, server: abc.com, request: "GET / HTTP/1.1", host: "def.com"
>
>
> with the following configuration :
>
> server {
> server_name abc.com;
> include conf.d/listen-ssl-wildcard;
> location / {
> allow 192.168.0.0/16;
> deny all;
> proxy_set_header Host $http_host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded_Proto $scheme;
> proxy_pass https://backend:443;
> }
> error_log abc.com-error.log error;
>
> }
> server {
> server_name def.com;
> include conf.d/listen-ssl-wildcard;
> location / {
> allow 192.168.0.0/16;
> deny all;
> proxy_set_header Host $http_host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
> proxy_set_header X-Forwarded_Proto $scheme;
> proxy_pass https://backend:443;
> }
> error_log def.com-error.log error;
>
> }
>
For this configuration it doesn't look ok. If this is indeed your configuration
rather than an oversimplified example, then you should provide a debug log:
http://nginx.org/en/docs/debugging_log.html
wbr, Valentin V. Bartenev
More information about the nginx
mailing list