Server-Side Request Forgery Attacks (SSRF)

What is SSRF?

Server-Side Request Forgery (SSRF) attacks occur when an attacker can make a server send a request to other resources, either within the server's internal network or external domains. This can lead to unauthorized actions or access to data within the server's private network.

SSRF Attack Example

Here is a simple example of an SSRF attack:


             // Original URL
             http://example.com/loadImage?imageUrl=http://public-domain-image.com/public-image.jpg
     
             // Modified URL
             http://example.com/loadImage?imageUrl=http://localhost/admin

In this example, the attacker modifies the "imageUrl" parameter in the URL to reference a page within the server's private network.

Prevention

Preventing SSRF attacks involves proper input validation, sanitization, and limiting the server's ability to initiate requests. This includes:

Input validation: Validate user input by only accepting expected values.
Use allow lists: Only allow known good input to pass through.
Sanitize input: Remove or replace special characters from user input.
Limit server requests: Limit the server's ability to initiate requests to other resources.