Menu Close

山寨WAF记录下一次阿里云DCDN奇怪的请求头

Accept”/
Cache-Control”no-cache”
Ali-Cdn-AppView-Name”cdn-tengine”
Ali-Swift-Origin-Host”www.*********.com”
Ali-Swift-Stat-Host”www.*********.com”
X-Client-Scheme”https”
Ali-CDN-Real-IP”10.135.197.11″
x-alicdn-da-via”202.168.163.90,39.100.171.233″
X-Forwarded-For”10.135.197.11″
EagleEye-TraceId”caa8a31c17223766354*********”
Ali-Swift-LOG-Host”www.*********.com”
Ali-CDN-Real-Port”54151″
Ali-Swift-Force-Ttl-Code”400=0″
VIA”cn3481.l1, l2na63-1.l2″
Host”www.*********.com”
User-Agent”Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.106 Safari/537.36″

注意红色那行 前端节点记录了1个真实IP地址为10开头的东西~~~
如果没有WAF,还真每这么容易发现这样的事