β back to writing
Β§ related
Β· 2 min read
OWASP TOP 10: Server-Side Request Forgery (SSRF)
Often underestimated, SSRF is a dangerous vulnerability that can turn your trusted internal services into attack surfaces.
π What is SSRF?
SSRF occurs when an attacker can make a server-side application send HTTP requests to an unintended location β often to internal-only services that should never be exposed to users.
π§ͺ Example
A web app allows users to fetch data from a URL:
/fetch?url=https://example.com/data.json
If the app doesnβt validate the input properly, an attacker could request:
/fetch?url=http://localhost:8080/admin
β Best Practices to Prevent SSRF
- Disable Unneeded Protocols: Avoid supporting non-HTTP protocols like file://, ftp://, or gopher://. Limit outbound requests to only necessary destinations.
- Validate & Sanitize URLs: Implement strict allowlists for URLs or domains that can be accessed. Avoid user-controlled input being passed directly to fetch logic.
- Restrict Network Access: Use firewall rules or VPC configurations to prevent the application from accessing internal-only services or metadata endpoints (like AWSβ 169.254.169.254).
- Monitor Outbound Traffic: Keep an eye on unusual or unauthorized outbound connections. SSRF often involves requests to odd ports or internal addresses.
- Proxy All External Requests: Use a proxy with strict rules for outgoing requests. This adds a control point and makes it easier to enforce allowlists.
π SSRF isnβt just a security bug β itβs a gateway to your internal infrastructure.
Letβs stay a step ahead by validating input, isolating services, and restricting what servers can access.