diff --git a/Controllers/HomeController.cs b/Controllers/HomeController.cs
index 36c8c39..e287aac 100644
--- a/Controllers/HomeController.cs
+++ b/Controllers/HomeController.cs
@@ -358,16 +358,34 @@ public IActionResult SSRF()
     }
 
     [HttpPost]
-    public async Task<IActionResult> SSRF(string targetUrl)
+public async Task<IActionResult> SSRF(string targetUrl)
+{
+    // Define a whitelist of allowed domains
+    var allowedHosts = new[] { "example.com", "api.example.com" };
+
+    try
     {
-        using var http = new HttpClient();
+        // Parse the target URL
+        var uri = new Uri(targetUrl);
+
+        // Check if the host is in the whitelist
+        if (!allowedHosts.Contains(uri.Host))
+        {
+            return BadRequest("The specified URL is not allowed.");
+        }
 
-        // Vulnerable as the targetUrl is not whitelisted
+        using var http = new HttpClient();
         var response = await http.GetStringAsync(targetUrl);
         ViewData["Response"] = response;
 
         return View();
     }
+    catch (Exception ex)
+    {
+        // Handle invalid URLs or other exceptions
+        return BadRequest($"Error: {ex.Message}");
+    }
+}
 
     [HttpGet]
     // Vulnerable as the X-Forwarded-Host is not taken into account for the Cache Key
diff --git a/Views/Home/CommandInjection.cshtml b/Views/Home/CommandInjection.cshtml
index 9d0bc8e..f0f5939 100644
--- a/Views/Home/CommandInjection.cshtml
+++ b/Views/Home/CommandInjection.cshtml
@@ -96,7 +96,7 @@
     <!-- Diff Modal -->
     <div id="diffModal" class="diff-modal">
     <div class="diff-content">
-        <h3>✅ Secure Version (.NET DNS API only)</h3>
+        <h3>✅ Secure Version </h3>
 
         <div class="diff-line removed">- args = $"/c nslookup &#123;domain&#125;";</div>
         <div class="diff-line removed">- args = $"-c &quot;nslookup &#123;domain&#125;&quot;";</div>