6. Mitigation -
■ Reject any request that doesn’t match target domain
■ Validating Host header to ensure that the request is originating from that
target host or not.
■ Creating an dummy virtual host that catches all requests with unrecognized
Host headers.
■ By creating a whitelist of trusted domains.
■ Disable support for X-Forwarded-Host