httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ja...@aol.com
Subject [users@httpd] CONNECT appearing in apache logs
Date Thu, 07 Nov 2002 05:06:39 GMT
A few days ago a user reported the following errors in his apache
logs.

> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "CONNECT
> XXX.XXX.11.166:25 HTTP/1.0" 200 7811 "-" "-"

Well I checked my logs and found that I started getting these about a
week ago.

I have to do so many jobs that unfortunately I am not an expert in any
of the tasks so would appreciate any comment on the actions I have
taken below.

I added into the following container
<DIRECTORY />
the following as recommended in one of the posts
    <LimitExcept GET HEAD POST>
    Order deny,allow
    Deny from all
    </LimitExcept>

I since have got a similar message
> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "LINK  /shop/page.htm 
HTTP/1.1" 200 7811 "-" "Mozilla etc"

Do I need to put LIMITEXCEPT on every directory as I presume from the
above that a CONNECT will also be accepted the next time it is tried.

We deny telnet access to everyone apart from 2 internal IP numbers using 
hosts.allow but this only appears to restrict port 80. Would turning it off 
completely as a service put a sure stop to this.
Post a follow-up to this message

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message