httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jonas Eckerman <jonas_li...@truls.org>
Subject Re: [users@httpd] Preventing an open proxy with both a single SSL virtual host and a non-SSL virtual host
Date Tue, 18 Feb 2014 08:19:31 GMT
Just commenting on you're logged request, not your config... 

What was it that made you think you had an open proxy?
Was it only requests like the one below? 
Where they all answered with status 403?

Richard Mixon <rnmixon@custco.biz> wrote:

> After that we started getting flooded with requests such as the following:

> 64.120.77.151 - - [13/Feb/2014:00:03:05 -0700] "GEThttp://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600&section=4660128&pub_url=${PUB_URL}HTTP/1.0"
403 283 "http://creditsxchange.com/index.php/hotdeal/5536-the-times-of-india" "Mozilla/5.0
(Windows NT 7.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.112 Safari/534.30"

You should expect requests like that on any httpserver open to the internet on port 80,
just as you should expect scripted exploit probes. 

Since your server answered 403 (forbidden) the request logged above is not a problem and does
not indicate an open proxy. 

Regards 
/jonas 
-- 
 Monypholite gemgas. 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message