httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <jos...@slive.ca>
Subject Re: [users@httpd] DDOS
Date Wed, 08 Nov 2006 16:14:51 GMT
On 11/8/06, Leonardo Neves <leonardo.neves@gmail.com> wrote:
> Hi,
>
> My apache server this receiving flooding from solicitations HTTP of
> diverse places, as shown in log below (access_log). How to block this?
> My environment is mandriva 2007.0, kernel 2.6.17-5mdv
> packages:
>
> 207.44.158.30 - - [01/Nov/2006:21:07:04 -0300] "GET
> http://www.yceml.net/0717/10371789-3.gif HTTP/1.1" 206 300
> "http://auction
> 24.ws/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT)"
> 66.79.189.8 - - [01/Nov/2006:21:06:54 -0300] "POST
> http://219.133.51.184/login HTTP/1.1" 200 260
> "http://qqshow.qq.com/inc/i_l
> .shtml" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"

It looks like you are running an open proxy server.
http://httpd.apache.org/docs/1.3/misc/FAQ.html#proxyscan

You should remove mod_proxy if you don't need it, or at the very least set
ProxyRequests Off

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message