All geek questions in one place

How to determine if an HTTP request is being performed on the internal network or on the Internet?

I am trying to write a proxy server to register and generate traffic from sites hosted on the IIS farm. Hosting guidelines say:

Add or configure your proxy server to allow web server requests for Internet resources. Make sure you request logs from web servers. Β·

Allow the web server to proxy requests to the Internet, not the internal network. So, if the addressee of the request is the Internet, it should be allowed to go through the proxy. But if the application is trying to request a resource or server on the internal network, it should be prevented.

I use FiddlerCore (the library that runs Fiddler), which allows me to check requests before sending them and again after returning the response headers (at which point I have the host IP address).

What can I do to determine if a query is running locally or on the Internet? I am currently blacklisted for known internal IPs, but this seems wrong.

0
source share
3 answers

The HTTP RFC indicated that the client should specify a header. Thus, determine if the host is local or Internet by checking the host header.

If you have clients that violate this (no pointer is specified), you have the right to reject / reject them using 400 (Bad Request). (It’s better to check if there are any that do not comply with the protocol)

0
source

What happened to the blacklist of internal IP addresses? As a rule, you consider that all non-routed RFC 1918 networks are internal (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) and call it good. If you are actually publicly routing in all directions, then the same thing, but add your public routable networks (networks) to the list. Did I miss something?

0
source

The problem usually solves which addresses are "internal" and external. RFC1918 is one of the mechanisms by which you can do this, but IE uses a different strategy; see http://msdn.microsoft.com/en-us/library/bb250483(v=vs.85).aspx for more information on how IE does this.

0
source

Source: https://habr.com/ru/post/905086/

More articles:


All Articles