httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob De Langhe <rob.de.lan...@twistfare.be>
Subject [users@httpd] suspicious proxy(?) URLs in logs
Date Thu, 10 Mar 2011 13:16:01 GMT
hi,

while going occasionally through the access logs of a 2.2.17 Apache server, I noticed some
URLs of remote locations where my server would have made a GET for ?!

an example:

194.0.122.134 - - [10/Mar/2011:02:26:55 +0100] "GET http://www.ebay.com/ HTTP/1.1" 200 240
"-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"

So the status code = 200 indicates that the server allowed that URL "http://www.ebay.com"[1]
 for the client 194.0.122.134 ...

I suspected that proxy functionality (enabled by default for long, but luckily in this 2.2.17
version it is not enabled by default in the configs), so I checked the loaded modules :

# /usr/apache2/bin/apachectl -t -D DUMP_MODULES | grep -i prox
#

so none.

Which other module or config setting could have as effect that my server accepts such requests
?

rgds
Rob



Links:
------
[1] http://www.ebay.com


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Mime
View raw message