DEV Community

Golam_Mostafa
Golam_Mostafa

Posted on

1

SSRF Attacks: The Silent Threat Hiding in Your Server

What is SSRF (Server-Side Request Forgery)?

Server-Side Request Forgery (SSRF) is a web vulnerability where attackers trick a server into making unauthorized requests to internal or external systems.

How Does It Work?

An attacker sends a malicious URL in a request that the server processes as legitimate. The server then makes the request on the attacker’s behalf.

Example:

A shopping app checks stock by making a backend API request:

POST /product/stock  
stockApi=http://stock.server.com/check?productId=6&storeId=1  
Enter fullscreen mode Exit fullscreen mode

An attacker modifies the URL to point to the server's admin page:

POST /product/stock  
stockApi=http://localhost/admin  
Enter fullscreen mode Exit fullscreen mode

The server fetches and returns restricted admin data, bypassing access controls.

Why Does This Happen?

  1. Access Control Gaps: Checks are skipped for local requests.
  2. Recovery Features: Admin access is granted to local users without authentication.
  3. Hidden Interfaces: Admin tools on separate ports trust local machine requests.

Protect Against SSRF

  • Validate and sanitize input URLs.
  • Use URL whitelists.
  • Restrict internal service access.

SSRF can be critical, but good design and input validation can prevent it.


Acknowledgment: This document references information from PortSwigger Web Security and ChatGPT.


Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more