What is a reverse proxy exploit?

Question

On this question I found this particular part of code in an Apache configuration file:

# rewrite rule to prevent proxy exploit
RewriteCond  %{REQUEST_URI}  !^$
RewriteCond  %{REQUEST_URI}  !^/
RewriteRule  .*              -    [R=400,L]

What is a proxy exploit?

How does it work and how does exactly these lines prevent the attack?

score 1 · Answer 1 · answered Nov 22 '16 at 22:42

A reverse proxy exploit is this ability to take advantage of a vulnerability in a service acting as an intermediary redirector for client request to one or more backend servers/services.

Apache HTTPd can act as such gateway using its multi-protocol proxy/gateway features eg. mod_proxy & related modules.

Code presented use Apache mod_rewrite directives (RewriteCond here) is supposely aimed at mitigating an Apache Vulnerability related to how rewrite module process values received within incoming request URI.

1 ) First rewrite condition

RewriteCond  %{REQUEST_URI}  !^$

REQUEST_URI variable is the path component of the requested URI (without query string)
! : "not" (eg. not matching)
^ : "beginning of REQUEST_URI
$ : "end of of REQUEST_URI value"

2 ) Second rewrite condition

RewriteCond  %{REQUEST_URI}  !^/

REQUEST_URI variable is the path component of the requested URI (without query string)
! : "not"
^ : "beginning of REQUEST_URI value"
/ : "/" (literally), eg."slash separator"

3 ) Rewrite rule

   RewriteRule  .*              -    [R=400,L]

. : "any single character"
* : "Zero or more of previous character"
- : "No modification to incoming URL
R=400 : Redirect with HTTP status code 400 ("Bad Request")
L : "Last" rule, stop processing

What is a reverse proxy exploit?

1 Answers1