httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From robert <>
Subject [users@httpd] preventing acting as open relay
Date Fri, 22 May 2015 14:48:19 GMT
Hi there,

I try to harden a virtual host against acting as proxy relay.
However running the command:

curl --proxy

does return the yahoos site, so I assume, that I failed.

Can anybody please point me to any mistake in the following configuration.

The site itself is generated using the zope/plone framework.


# slovensko
# -------------------
<VirtualHost *:80>
     DocumentRoot /var/www

     CustomLog     /var/log/apache2/slovensko-access.log combined
     ErrorLog      /var/log/apache2/slovensko-error.log
     LogLevel warn

     ServerSignature On

     Header set X-Frame-Options "SAMEORIGIN"
     Header set Strict-Transport-Security "max-age=15768000; 
     Header set X-XSS-Protection "1; mode=block"
     Header set X-Content-Type-Options "nosniff"
     Header set Content-Security-Policy-Report-Only "default-src 'self'; 
img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 

     ProxyVia On

     # prevent your web server from being used as global HTTP proxy
     <LocationMatch "^[^/]">
       Deny from all

     <Proxy *>
         Order deny,allow
         Allow from all

     RewriteEngine On
     RewriteRule "^proxy:[a-z]*://[^/]*:25(/|$)" "-" [F,NC,L]

     # Normalize URLs by removing trailing /'s
     RewriteRule /(.*)/$$1

     RewriteRule ^/(.*)$1



To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message