Server Side Request Forgery Security Simplified.
Access insecure URLs from your server, protected from SSRF attacks.
Simple.
One line
const res = await ssrfproxy({url: "http://mailcious.com"})
Features
Solid security features to keep your users safe.
DNS filtering
Block access to malicious websites and content.
Logs
View logs of all requests.
Pricing
Simple pricing. No surprises.
Frequently asked questions
Have a different question and can’t find the answer you’re looking for? Reach out to our support team by sending us an email and we’ll get back to you as soon as we can.
- What is Server Side Request Forgery (SSRF)?
- When fetching a user-supplied URL, a malicious actor can craft a url to unexpected destination, inside your private network. It is a OWASP top 10 security risk.
- What happens if I go over my daily limit?
- Requests will continue to be processed, if you continually go over your limit we will contact you to upgrade your plan.
- What sort of requests should I send though SSRF proxy?
- Any URL you do not fully trust is vunerable to SSRF attacks.
- What makes SSRF Proxy secure?
- By proxying your requests outside of your environment malicious actors cannot access your internal network.
- What tools is SSRF built on?
- We rely on Stripe's Smokescreen and NextDNS to give a secure foundation
- I don't want to use SSRF Proxy, can I host it myself?
- If you run Stripe's Smokescreen on a different hosting provider to your main one then you have recreted a large chunk of SSRF Proxy's functionality.
© 2024 SSRF Ltd. All rights reserved.