I have a web server protected by webserver protection on a UTM running 9.506-2. The software vendor is claiming that in some cases while using the website, when users make a connection to our webserver from the Internet, our webserver protection is somehow rewriting the URL, so that instead of the users browser trying to access https://external.domain.com, it uses https://internal_IP_of_real_web_server.
I claim this is simply not possible. Not only does the webserver protection not arbitrarily re-write a URL. But even if it did, it would NEVER put the internal IP address of the web server into the URL. It simply isn't routable on the Internet. Not to mention that by doing so, it is now publishing our internal IP to external users (as users see an error message stating they cannot reach https://internal_IP_of_real_web_server)
I've asked the vendor to check with their developer to determine where the users are getting that URL from (likely from the application), and why it is using an IP address and not a hostname.
I just wanted to check with people here to see if it's even possible to configure the webserver protection in such a way that an intended URL is re-written to use the Internal IP of a real webserver. I can't see how. But I want to make sure I'm not going crazy.
Let me know if you need more details. Any thoughts would be greatly welcome.
This thread was automatically locked due to age.