tgalyean
commented
5 years ago For what its worth Google is probably using the X-Forwarded-For header to detect proxied requests. When you go through a proxy, the IP address of each proxy is appended to the header. By the time it reaches the destination web server it will look something like this (or possibly in reverse):
192.168.1.23, 192.168.1.1, 1.1.1.1
You might be able to get around this by using proxy_set_header to explicitly state what the X-Forwarded-For header should be.
https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/ https://en.wikipedia.org/wiki/X-Forwarded-For
DB2121
gfctam
SandeepSrinivasan
I have noticed that google somehow detects proxifed requests, i have installed evilginx, generated url, for google visited it 1 time in browser to see if it works, then after i woke up about 10 hours later, i got the message
"Deceptive site ahead
Firefox blocked this page because it may trick you into doing something dangerous like installing software or revealing personal information like passwords or credit cards."
And site with vps ip appeared in blacklists. Is there any way i can proxify requests from evilginx to google with a dummy domain, so that google will see the request made from that domain and not the actual where evilginx is set up ?