On Wed, Nov 6, 2024 at 8:16 AM Rathore, Rajendra
<rarathore@xxxxxxx.invalid> wrote:
>
> Hi Team,
>
> We are using below host header validation rule in Apache Http configuration, that was working fine with 2.4.59 Apache server, when we migrate to 2.4.62 below rule is not working. It will ignore the host name validation in the header(modify the hostname using burp tool). Can you please suggest what wrong we are doing?
>
>
>
> RewriteEngine On
> RewriteCond %{HTTP_HOST} !test.test.test.com:2280$ [NC]
> RewriteRule ^(.*)$ [R=301,L]
Turn on some high level of trace debug logging as documented here:
https://httpd.apache.org/docs/2.4/mod/mod_rewrite.html#logging and
check what the actual values tested are and which rules / conds
evaluate to true / false respectively.
Additionally, why don't you just set a ServerName in that vhost and
provide an additional "catch all" vhost with ServerAlias * that
handles anything that doesn't match the previous vhost's Servername
and unconditionally redirects to the "correct" URL?
Rainer
--
This email is confidential. If you are not the intended recipient, please
delete it and notify us immediately by telephoning or e-mailing the sender.
You should not copy it or use it for any purpose nor disclose its contents
to any other person.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|