httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Evans <>
Subject Re: [users@httpd] Preventing an open proxy with both a single SSL virtual host and a non-SSL virtual host
Date Tue, 18 Feb 2014 15:35:41 GMT
On Tue, Feb 18, 2014 at 3:00 PM, Richard Mixon <> wrote:
> Jonas/Yehuda,
> The example I chose was a bad one, just rushing to get the mail out I guess. The vast
majority of the requests have a return of 200, with a few 503.

Yes, your configuration is not right - you are configuring a reverse
proxy, but then you enable forward proxy. This is *not right*, you
have configured an open forward proxy.

Make 100% sure that you have "ProxyRequests off" when you are
configuring a reverse proxy; this forces all forward proxy behaviour

In your "catch all" vhost, you will see any request made to your
server for a hostname not configured on your server - free traffic!
The common thing to do is to redirect people from your catch all host
to an interesting vhost


ProxyRequests off # We are not a forward proxy

<VirtualHost *:80>
   # the catch all vhost
   Redirect permanent /



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message