HTTP Host Header Injection
在 .htaccess 中
<IfModule mod_headers.c>
Header unset X-Forwarded-Host
</IfModule>
RewriteEngine on
RewriteCond %{HTTP_HOST} !^www.aaa.com [NC]
#RewriteCond %{HTTP_HOST} !^(www.aaa.com|abcdef.com)$ [NC]
RewriteCond %{REQUEST_URI} !^/error [NC]
RewriteRule ^.(.*) - [L,F]
