1602
commented
10 years ago Could you please clarify what you mean? What do you want to prevent? What is wrong with your output? What is desired effect?
Open longle255 opened 10 years ago
1602
commented
10 years ago Could you please clarify what you mean? What do you want to prevent? What is wrong with your output? What is desired effect?
longle255
commented
10 years ago This is my route
module.exports.routes = function(map) {
map.get('/', 'web/home#index');
}What I'm expecting here is the action index of controller web/home will serve the rout /
Base on that route the server will not serve the request GET http://www.soso.com/ and a result of 404 will be returned.
However the log shows that the request GET http://www.soso.com/ is accepted and being served by action index of controller web/home that lead to an unexpected result.
So my question here is how to prevent that type of request.
anatoliychakkaev
commented
10 years ago Unable to reproduce.
On Thu, Jan 9, 2014 at 1:38 PM, Long Hoang Le notifications@github.comwrote:
This is my route
module.exports.routes = function(map) { map.get('/', 'web/home#index'); }
What I'm expecting here is the action index of controller web/home will serve the rout /
Base on that route the server will not serve the request GET http://www.soso.com/ and a result of 404 will be returned.
However the log shows that the request GET http://www.soso.com/ is accepted and being served by action index of controller web/home that lead to an unexpected result.
So my question here is how to prevent that type of request.
— Reply to this email directly or view it on GitHubhttps://github.com/1602/compound/issues/597#issuecomment-31931271 .
longle255
commented
10 years ago I can't either. That issue happened on production environment. After doing some searching on the internet I found this https://www.gpf-comics.com/dnsbl/index.php?ip=125.18.240.104 which points out
Additional Comments: Attack begins with what appears to be a simple proxy attempt to an external site, but subsequent requests repeatedly concatenate the previous request URLs until this quickly becomes an overflow attack. 40+ attempts, no legitimate requests. Indian IP listed at StopForumSpam.com, BotScout.com, Project Honey Pot (comment spammer).
125.18.240.104 - - [18/Dec/2013:07:45:28 +0000] "GET http://www.soso.com/ HTTP/1.1" 301 - "http://www.soso.com/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)"
125.18.240.104 - - [18/Dec/2013:07:45:29 +0000] "GET http://www.soso.comhttp/www.soso.com/ HTTP/1.1" 301 - "http://www.soso.com/" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)"
I'm running a compound server which has just got a request like this
[tiniweb-0 (out) 2014-01-09T18:22:36] GET http://www.soso.com/ controller: web/home action: indexNormally the controller: web/home action: index is set for the route '/',
Anyone know how is it possible to create a request like that? and how to prevent that type of request?
Thanks for you input