0

I want to issue a redirect to a new randomly generated subdomain name for every request I get. Below you can find my vhost configuration. I want to do a redirect towards a subdomain containing some random alphanumeric string in . It's ok if it is something as basic as the datetime+ip of a client or something like that, I just need to do some fingerprinting, it doesn't have to be more complex. Is there a way I can generate that via some script and plug it into the vhost for every request, an existing file with available options of random strings or some kind of regex?

<VirtualHost *:443>
    ServerName mysite.com
            Redirect 302 / https://<randomstring>.mysite.com/
            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log vhost_combined
            SSLEngine on
            SSLCertificateFile      /etc/apache2/ssl/site.cert
            SSLCertificateKeyFile /etc/apache2/ssl/site.key
</VirtualHost>

My OS is ubuntu 20.04

Manish Bavireddy
  • 45
  • 2
Mnemosyne
  • 131
  • 1
  • 7

1 Answers1

1

The Redirect directive expects a fixed URL. So that won't work.

The easiest will probably to use mod_rewrite to redirect all requests to script and then let your script, for example a redirect.php PHP script, which has access to a proper RANDOM function, generate the random redirect.

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /redirect.php [L]

Using mod_rewrite to directly generate a random redirect ins't possible AFAIK, no random function is provided.

A possible work-around: activate mod_unique_id and you get access to pretty good random environment variable.

Then:

RewriteEngine On
RewriteRule . http://%{UNIQUE_ID}.example.com [R]
diya
  • 1,771
  • 3
  • 14
  • thank you very much for your suggestions. I tried to implement the unique_id option however the formatting you provided above does not seem to work for the rewrite rule. The unique ID is generated but not parsed in the domain. The location sent back to the client ends up being "https://.example.com" instead of "https:// UNIQUE_ID .example.com". I am using your formatting here. Is there some parsing requirement I am missing? – Mnemosyne Dec 20 '22 at 14:51
  • It might be necessary to enclose the arguments in the RewriteRule with `"` double quotes. i.e. `RewriteRule ".*" "http://%{UNIQUE_ID}.example.com" [R]` or something. – diya Dec 20 '22 at 15:01
  • Hi. I already tried enclosing it in the double quotes. It still does not appear in the location response. – Mnemosyne Dec 20 '22 at 15:09