Mike Elissen

Prevent leaking your Origin Hostname/IP!

Blog Post created by Mike Elissen Champion on Aug 25, 2017

One of the common security tricks with Akamai is prevent leaking your Origin Hostname. If you have a certain setting set in the Origin Server behavior, you might involuntarily leak your Origin Hostname. For potential attackers doing reconnaissance, they are easily able to use the Akamai Pragma Headers to see what cache key you are using.

 

If you have set Cache Key Hostname to Origin Hostname, this will show up in the headers. This will then allow potential attackers to launch an attack to this hostname or the IP-address attached to this.

 

 

In order to prevent this you can use the following steps:

  • Create a new version of your delivery configuration
  • Go to the Origin Server behavior
  • Locate the Cache Key Hostname setting and change this to Incoming Host Header
  • Save, Push to Staging, Test and Push to Production 

 

 

Preventing leaking your Origin Hostname could help from inadvertently giving out this information. For a more robust security product, I recommend reaching out to your account team in regards to our security offerings.

Outcomes