httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] ProxyRequests Off - not working and httpd being abused as forward proxy
Date Thu, 29 Jul 2010 13:13:06 GMT
On Thu, Jul 29, 2010 at 9:04 AM, Federico del Vall <fdelvall@gmail.com> wrote:
> Hi.
> I am working on a reverse proxy, which is based on a prior project holding
> the same configuration running over apache 2.0.40, RedHat 9.
> This old project has been working smoothly for years since, no security
> concerns whatsoever.
> The new project is based on Centos 5.5, apache 2.2.3. To my surprise,
> hackers, or should I say opportunistic users, are using the facility much as
> an open proxy.
> I am aware of the need of "ProxyRequests Off" sentence as a condition for
> closing the forward proxy service while keeping the reverse mode functional.
> We are currently blocking by iptables httpd responses to the irregular
> traffic, but that in turn leaves our server without local access to Internet
> as for updates.
> The configuration in use is shown.
> True domain and IP are masked for our privacy.
> Partial log follows.
> Any advice shall be truly appreciated.
> Friedrick
> 80.254.162.185 - - [28/May/2010:00:49:27 -0300] "GET http://ya.ru/ HTTP/1.1"
> 200 8932 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows

Even with ProxyRequests off, this will be served as / from you default
virtualhost.

You might make a default vhost (first listed vhost in a set of
NameVirtualHosts) to capture all the "unknown" hosts and return an
error.

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message