Behavior of requests to the Localhost Address in Explicit and Transparent environments.
Last Updated March 04, 2018
The localhost address is often used by clients to access a specific service via the browser. These services come in the form of applications installed on the client machines and run on a specific port.
Some malware use the localhost address to access a specific resource or to open a new listening port that can later be used for gaining unauthorized access into the system.
Depending on the deployment of the ProxySG, some measures can be implemented to prevent this from happening.
In this deployment, clients are forced to go through the proxy via the browser settings. This includes localhost address requests. These requests should be bypassed in the browser settings as exceptions, otherwise, it will result in a network error.
When a localhost destination address is seen in the Access Logs or a Policy trace, it is strongly encouraged to verify that the applications that are making those requests are safe to use.
If clients use a local IP address instead, the proxy will see that request and process it in respect to the client local IP. Under this scenario, the content is then served to the same client.
Note: It is important to check the application performing the request in question because it's possible the request will not fail unless blocked properly by policy.
As no browser settings are required for transparent deployments, the client performs the request internally instead of going through the proxy. For this reason, there is no control over the requests as they never reach the proxy due to how localhost requests function per design.
This applies to the follwoing addresses:
the local IP addresses that the client has.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.