httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Federico del Vall <>
Subject [users@httpd] ProxyRequests Off - not working and httpd being abused as forward proxy
Date Thu, 29 Jul 2010 13:04:22 GMT
I am working on a reverse proxy, which is based on a prior project holding
the same configuration running over apache 2.0.40, RedHat 9.
This old project has been working smoothly for years since, no security
concerns whatsoever.
The new project is based on Centos 5.5, apache 2.2.3. To my surprise,
hackers, or should I say opportunistic users, are using the facility much as
an open proxy.
I am aware of the need of "ProxyRequests Off" sentence as a condition for
closing the forward proxy service while keeping the reverse mode functional.
We are currently blocking by iptables httpd responses to the irregular
traffic, but that in turn leaves our server without local access to Internet
as for updates.
The configuration in use is shown.
True domain and IP are masked for our privacy.
Partial log follows.
Any advice shall be truly appreciated.

Friedrick - - [28/May/2010:00:49:27 -0300] "GET HTTP/1.1"
200 8932 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows
 95)" - - [28/May/2010:01:45:10 -0300] "GET" 200 8932 "-" "Mozilla/4.0 (compatible;
MSIE 4.01;
 Windows 95)"


        ProxyRequests Off
        ProxyPass /           
        ProxyPassReverse /    
        RewriteEngine   On
        RewriteCond     %{SERVER_PORT} ^80$
        RewriteRule     ^/login(.*)$$1 [L,R]
        RewriteRule     ^/tarjeta(.*)$$1 [L,R]
        RewriteLog      "/var/log/httpd/rewrite_z_log"
        CustomLog logs/http-z access combined
        ErrorLog  logs/http-z.errors

View raw message