Forum Discussion
internal IP address of the remote server is disclosed
Hi maybe same one has idea why after sending request with HTTP/1.0 and an empty ‘Host’ header, in replay i can see internal VIP IP? after sending http1.1 request everything ok. Example bellow:
curl -I --http1.0 -H 'Host:' https://www.webpage.com
HTTP/1.1 301 Moved Permanently
Content-Length: 154
Content-Type: text/html; charset=UTF-8
Location: http://10.0.0.1
Date: Fri, 13 Apr 2018 10:38:43 GMT
Connection: close
i tested resolution for that using iRule that replace empty header with host name but i have other VIP that replaying correctly even after sending empty host header and couldn't find config differences between them.
If someone have any ideas let me know, don't think it can be problem in web server while IP in replay is VIP on LTM.
thanks
- aandreyy_293459Nimbostratus
hi
looks like found problem myself, there are iRule that changes 10.0.0.1:85 to url, but on VIP that it is not working i get in http reply https://10.0.0.1 (you can see above), not https://10.0.0.1:85 (as in working). So this is other issue (believe with stream profile or stream iRule)
thanks
- antonio503Nimbostratus
I was having a similar issue like the one described by aandreyy_293459. In my case we were doing external PCI scans and it was showing the internal IP of the pool servers. I ended up creating an iRule with the following to address this issue for us. After applying this iRule it now replaced the location information with the public name and not the internal IP addresses of the servers.
when HTTP_RESPONSE {
if { ( [HTTP::header Location] contains "x.x.x.x" ) || ( [HTTP::header Location] contains "y.y.y.y" ) }{
HTTP::header Location {https://www.mysite.org}
}
}
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com