Welcome! Log In Create A New Profile

Advanced

Re: Nginx - Hide Proxy Server url + Header

Anton Luka Šijanec
November 03, 2020 09:12AM
Hello!

On Tue, 2020-11-03 at 14:21 +0530, Sathishkumar Pannerselvam wrote:
> I am using "www.ebay.com" as a proxy server. When I am trying to
> access the
> nginx using my public IP from another machine in port 80. I was able
> to see
> the ebay welcome page . But, when i am trying to visit any sub page
> in
> ebay using hyperlink listed in the ebay home page, its not using my
> nginx
> IP instead of it using the ebay hostname.

The problem with your setup is that www.ebay.com probably uses absolute
URLs in hyperlinks. On top of that, images may be loaded from a
different hostname/domain, such as from a CDN, so those may not get
through your proxy at all.

One solution would be to use some sort of substitution (static) module.
Documentation for such a module can be found here:
https://www.nginx.com/resources/wiki/modules/substitutions/

nginx proxy does not change the response body in any way. It only
inserts/modifies headers sent to the upstream server and to the client.
A substitution module will change the body and replace instances of
www.ebay.com with your IP address.

Another issue might be that www.ebay.com prevents such proxy use
because of security issues (you could make a honeypot/phishing attack
using proxies and extensive logging) and redirects all requests to
official sites. You can easily disguise the nginx proxy in a way that
prevents the server from noticing nginx as being a proxy, but
obfuscated javascript proxy detection may be hard to bypass.

It's important to take care of redirect responses, use directives such
as proxy_redirect to prevent absolute URLs in HTTP 3xx Location
responses from www.ebay.com.

Note that a lot of javascript features are disabled via plain HTTP on
port 80 without encryption. Use the listen directive with SSL: "listen
0.0.0.0:443 http2 ssl;" in order to use HTTPS. You can use the
predefined snakeoil snippet to include self-signed certificates, but
that will show a warning in browsers.

Good luck!


--
Anton Luka Šijanec <anton@sijanec.eu> (mail, xmpp & sip)
+38 6 64/176-three four five
ircs://irc.šijanec.eu:6697/#
Slovenija https://šijanec.eu/
https://šijanec.eu/pgp-key.txt?F4C3E3A4DFB7254397A9F993E76135F49802CD14
Sending powered by the Synchronous grid of Continental Europe.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Nginx - Hide Proxy Server url + Header

Sathishkumar Pannerselvam November 03, 2020 03:52AM

Re: Nginx - Hide Proxy Server url + Header

Anton Luka Šijanec November 03, 2020 09:12AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 70
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready