headers.host gets hit by lots of domains that are not mine - node.js

I am getting many strange requests that have req.headers.host values that are not my domain.
var mc_domain = "mysubdomain.mydomain.com:8888";
var server = require('http').createServer(function (req, res) {
if (req.headers.host !== my_domain) {
console.log("not the host you are looking for " + req.headers.host);
res.end();
return;
}
});
server.listen("8888");
console output
not the host you are looking for abc.advertising.com
not the host you are looking for parkingaddress1.com
not the host you are looking for gotoinfo.info
...
What is going on, and what can I do to stop/reduce this? Is it just "welcome to the (wild) internet (west)", Or "You need a firewall", or some other foolishness.

Eihter someone's DNS is resolving the other domain name to your IP address or domain is not setup properly. You can use a tool like dig to check the DNS settings at the DNS servers responsible for those domains (you can get them using whois).
You can look at this as problem, or as an opportunity. If I were you, I'd create a landing page for those users and try to sell my product/service.

Related

How to prevent direct access to IP Express node.js

I can't find a resource for this anywhere online, all I see is references for nginx.
I need help with this quickly as my server is live with users accessing it and somehow google indexed my ip address and users are accessing my site through my ip.
I plan to migrate servers tonight and am aware of why my ip was indexed, but in the meantime need a method to prevent direct access via my ip.
This obviously isn't working, and don't have much room to test, unless I stop the server and kick all of my users off for an extended period of time:
app.get('myiphere', function(req, res){
res.redirect('domain.com');
});
You can implement an application-level middleware which checks that a request host-name isn't anything else but your domain. That way an access to your with an IP address wouldn't cause a processing (on application level).
const SITE_ADDRESS = 'yourwebsite.com';
app.use((req,res,next) => {
if (req.hostname.includes(SITE_ADDRESS))
next();
else
res.status(403).end(`Access with ${req.hostname} is restricted. Use ${SITE_ADDRESS} instead.`);
});
To prevent direct access to your site from IP you can set the loopback IP this way:
app.listen(3000, '127.0.0.1', () => console.log('Server running on port 3000'))
Prevent indexing by creating a robots.txt at your server root directory. See https://stackoverflow.com/a/390379/11191351

How to get local IP address of user connected through request - Nodejs

I have not been able to find any answer to this. I am looking for a way to obtain the local IP address of the user connected to my node server. I found the answer to find a way to get the user's public IP address, and was useful. I also need a way to determine which computer is connected, so the local IP as well through, possibly, something like this:
app.post('getip', function(req,res)
{
var localIP = req.headers['something or other'];
}
Thanks,
This should get you the IP in NodeJS if you're behind a proxy like nginx.
app.post('getip', function(req, res)
{
var localIP = req.headers["x-forwarded-for"];
}

LetsEncrypt working for IP but not Domain (greenlock, express)

I am using the following server script to run both http, https servers and redirect all http requests to https.
When I access the server both locally and remotely from IP addresses, the requests redirect to https and api works with an unsecure warning.
But when I access the same routes via domain, I get "Site cannot be Reached" error.
Although, accessing http://example.com/test-route redirects to https://example.com/test-route, I am still getting Site can't be reached error.
import http from 'http';
import https from 'https';
import redirectHttps from 'redirect-https';
import greenlock from 'greenlock';
import app from '../app';
var le = greenlock.create({
server: 'staging', // using https://acme-v01.api.letsencrypt.org/directory in prod
configDir: 'certs',
approveDomains: (opts, certs, cb) => {
if (certs) {
opts.domains = ['example.com']
} else {
opts.email = 'me#mymail.com',
opts.agreeTos = true;
}
cb(null, {
options: opts,
certs: certs
});
},
});
http.createServer(le.middleware(redirectHttps())).listen(80, function() {
console.log("Server Running On http # port " + 80);
});
https.createServer(le.httpsOptions, le.middleware(app)).listen(443, function() {
console.log("Server Running On https # port " + 443);
});
There's a number of reasons that this could be happening, and a lot has been updated in the library since you posted this question.
I've spent a lot of time recently updating the documentation and examples:
https://git.coolaj86.com/coolaj86/greenlock-express.js
I'd suggest taking a look at the video tutorial:
https://youtu.be/e8vaR4CEZ5s
And check each of the items in the troubleshooting section. For reference:
What if the example didn't work?
Double check the following:
Public Facing IP for http-01 challenges
Are you running this as a public-facing webserver (good)? or localhost (bad)?
Does ifconfig show a public address (good)? or a private one - 10.x, 192.168.x, etc (bad)?
If you're on a non-public server, are you using the dns-01 challenge?
correct ACME version
Let's Encrypt v2 (ACME v2) must use version: 'draft-11'
Let's Encrypt v1 must use version: 'v01'
valid email
You MUST set email to a valid address
MX records must validate (dig MX example.com for 'john#example.com')
valid DNS records
You MUST set approveDomains to real domains
Must have public DNS records (test with dig +trace A example.com; dig +trace www.example.com for [ 'example.com', 'www.example.com' ])
write access
You MUST set configDir to a writeable location (test with touch ~/acme/etc/tmp.tmp)
port binding privileges
You MUST be able to bind to ports 80 and 443
You can do this via sudo or setcap
API limits
You MUST NOT exceed the API usage limits per domain, certificate, IP address, etc
Red Lock, Untrusted
You MUST change the server value in production
Shorten the 'acme-staging-v02' part of the server URL to 'acme-v02'
Please post an issue at the repository if you're still having trouble and I'll do my best to help you sort things out. Make sure to upgrade to the latest version because it has better debug logging.

How can I get the correct ip address of the visitor in node.js? (I tried node-ip and it doesn't work)

I'm using a node ip taken from here: https://github.com/indutny/node-ip
In my webservice I did a simple thing:
var ip = require('ip');
module.exports = function(app) {
app.get('/gps', function (req, res) {
console.log(ip.address());
}
}
I deployed it to my amazon aws account and now whoever enters the page - I constantly see the same ip address in my console log - 172.31.46.96. I tried to check what is this ip (possible option is that it is related to my amazon aws service?), but who.is does not bring the answer.
How should I change my code to see every visitor's ip address instead?
You're most likely getting an IP of an internal load balancer/proxy and you'll need to configure express to handle that.
This is a good place to start.
Use req.connection.remoteAddress to get the ip of your user.

NodeJS - How to get remote IP Address

For my project, I need to fetch the remote IP address of another NodeJS Server.
In fact, in many countries such as Belgium, the IP address of a computer provided by the telecom is not a fixed IP and can change every xx hours.
I need to know how I can get the Internet IP address of a remote NodeJs computer in real-time.
Example: an internet provider change the IP of a nodeJS computer: I want to know in "relative" real-time the new IP.
Thanks to much,
visualight
If the remote server you want to communicate with switches its ip address and doesn't tell you (as in, contacts your server in some way), you are basically out of luck.
If there is a domain pointing to the other machine, you could use this snippet (which I shamelessly copied from the official docs) to force a DNS resolve:
var dns = require('dns');
dns.resolve4('www.google.com', function (err, addresses) {
if (err) throw err;
console.log('addresses: ' + JSON.stringify(addresses));
addresses.forEach(function (a) {
dns.reverse(a, function (err, domains) {
if (err) {
throw err;
}
console.log('reverse for ' + a + ': ' + JSON.stringify(domains));
});
});
});
UPDATE: There is module on npm that allows you to get the public ip address of a machine. Its very simple, as it just does a request against curlmyip.com and returns the result. You could set up some polling interval using setInterval and send it to the other nodes whenever you detect a change.

Resources