有一个坑爹的网站 例如 https://search.censys.io/ 会通过nginx的‘特性’来批量扫描 https://ip 以通过ssl证书获取ip与源站的对应关系
时刻在全网扫描激活的IP地址,然后利用nginx一个“漏洞”来检查IP对应的域名,并做了对应关系。如果服务器是nginx的web服务
可以直接通过https://ip地址来访问,默认调用了你的域名证书,导致被记录到IP
nginx会向浏览器发送默认的SSL证书,通过查看证书详情可以找到对应的域名。
如果两厢匹配,那么你的站就被这个坑爹的censys.io给记录了,通过censys.io搜索域名或IP就能找到关联信息。
下付修复教程:
第一步:
创建一个虚假网站
第二步:
将该网站设置为默认网站
第三步:
设置虚假SSL证书这里提供一份虚假证书
证书内容填入宝塔SSL设置-其他证书-证书(PEM格式):
点击此处:证书内容
key秘钥填入宝塔 SSL设置-其它证书-秘钥处:
点击次数:key秘钥
修复前后对比:
修复前访问HTTPS://IP 点小锁 会显示你的域名
修复后访问HTTPS://IP 点小锁 不会显示你的域名
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
评论(2)
Hello there, just became alert to your blog through Google, and found that it's
truly informative. I am gonna watch out for brussels.
I’ll appreciate if you continue this in future. A lot of people
will be benefited from your writing. Cheers! Najlepsze escape roomy
hey there and thank you for your info – I have definitely picked up something new from right here.
I did however expertise a few technical issues using this website, since I experienced to reload the site many times previous to I could get it to load properly.
I had been wondering if your web host is OK?
Not that I am complaining, but slow loading instances times will sometimes affect your placement in google and
could damage your high quality score if ads and marketing with Adwords.
Anyway I am adding this RSS to my e-mail and could look out
for much more of your respective exciting content. Make sure you update this again soon..
Escape rooms hub