Home > Blockchain >  req.url that does not belong to my domain
req.url that does not belong to my domain

Time:02-01

I got requests from china,

The problem is that the req.url does not belong to my domain

Usually it is / or /login, etc

Was I hacked? I'd like to know a rationale for this

const logger = function (req, res, next) {
    let { url, ip, method, statusCode } = req

    console.log(`${moment().format("L - hh:mm:ss")} `.red   `${method} `.green   `From: `   `${ip?.replace("::ffff:", "")?.replace("::1", "localhost")} (${geoip.lookup(ip)?.country || "No IP"})`.cyan   ` : `   `${req.user?.id || null} `.yellow   `At: `   `${url} `.cyan)
    next()
}
app.use(logger)

enter image description here

CodePudding user response:

No, somebody merely sent proxy requests to you. They are directed to your server but request a full URL instead of a path. Protocol-wise they'd look like GET http://google.com/ HTTP/1.1 instead of just GET / HTTP/1.1 as you are used to. If your server were (mis)configured to honor such requests as proxy, it'd send another request itself to http://google.com/ and forward the response, but that doesn't happen in your case anyway so you can just ignore it.

See also this answer.

Page link:https//www.codepudding.com/Blockchain/283937.html

Prev:Is there any benefit to changing the values of the session properties only where necessary?
Next:Streaming zip to browser doesn't work, but works in Postman
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding