How to prevent "Host header attack" ?
Posted: Thu Jul 02, 2020 7:51 pm
Hi,
My VestaCP server seams to be used to make requests know as "Host header attack".
Someone is launching hundred request to inexistant subdomains of real hosted domain.
Here an example of request :
I'm looking for the best way to correct this by manipuling Content-Security-Policy inside the /etc/apache2/conf.d/92.xxx.bbb.69.conf file, but I don't know wich rule to use...
Is someone know how to doing this ?
My VestaCP server seams to be used to make requests know as "Host header attack".
Someone is launching hundred request to inexistant subdomains of real hosted domain.
Here an example of request :
Code: Select all
server.domain.net - - [04/May/2020:13:56:22 +0200] "GET /license?api_key=<snip>&username=Me_website&uuid=793b341d-ca63-411a-beca-c4cadfbfc512&database=mysql&revolution_version=Revolution-2.7.3-pl&supports=Revolution-2.7.3-pl&http_host=inexistantsubdomain.existantdomain.net&php_version=7.2.24-0ubuntu0.18.04.4&language=fr&key=35a947f2465a1d5cac32d01952dfac66&package=agenda HTTP/1.1" 200 429 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)"Is someone know how to doing this ?