How to fix internal IP address or internal network name disclosure vulnerability?

If you need to fix  "web server internal IP address/internal network name disclosure vulnerability"  for Nginx please check these steps and configuration examples. Also, I added how to check if you fixed the vulnerability or not.

Step 1: How to check If your server is affected?

#openssl s_client -connect <IP_ADDRESS>:<PORT> -quiet

When you run the command which added below it will wait for input to send an HTTP request to the server. Type this one and press enter.

GET /images HTTP/1.0

Then you will get some outputs like these. First thing that you need to check is Location. Because if your server is affected then you will see server IP  or Hostname.

HTTP/1.1 301 Moved Permanently
Server: nginx/1.12.2
Date: Mon, 09 Apr 2018 12:53:09 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive

Step 2: How to  Fix Web Server Internal IP Address/Internal Network Name Disclosure Vulnerability

Please check this  Link for more detail information about the Nginx configuration. The first attribute which we need to set is server_name. But only the server name is not enough for this type of vulnerability. Also, you need to enable  server_name redirection for the Nginx server. The default option is off. So if you don't change this one there is no mean to set  server_name. Please check the  Link .

server_name_in_redirect on

"Enables or disables the use of the primary server name, specified by the server_name directive, in absolute redirects issued by Nginx. When the use of the primary server name is disabled, the name from the “Host” request-header field is used. If this field is not present, the IP address of the server is used."

I'm a IT Infrastructure and Operations Architect with extensive experience and administration skills and works for Turk Telekom. I provide hardware and software support for the IT Infrastructure and Operations tasks.

205 Total Posts
Follow Me