thx to Eric Covener (the sole replier on my mail), he pointed me in the right direction :
Without any 'proxy' modules loaded, I needed to configure a 'honeypot' virtualhost to catch any request that doesn't contain one of my hostnames (like "www.mydomain.be"), and deny access to them all.
By placing this extra virtualhost as the first in the config, it becomes the "default" one.
These are the config lines I added :
<VirtualHost *:80>
ServerName default.only
<Location "/">
order allow,deny
Deny from all
</Location>
</VirtualHost>
works like a charm.
Testing is done with a TELNET to my web server's internal IP address, port 80, and entering the following:
GET http://www.yahoo.com/ HTTP/1.1
Host: www.yahoo.com
(followed by double newlines)
cheers
Rob
Citeren Rob De Langhe <rob.de.langhe@xxxxxxxxxxxx>:
hi,
despite me disabling the "proxy*" modules from my Apache, I see still occasionally some succesfull hack attempts via my server (code 200) :
125.46.73.7 - - [30/Jun/2011:11:54:09 +0200] "GET http://www.baidu.com/ HTTP/1.1" 200 240 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
The loaded modules in my Apache are :
# /usr/apache2/bin/httpd -M | sort
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_dbm_module (shared)
authn_default_module (shared)
authn_file_module (shared)
authz_dbm_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
core_module (static)
dbd_module (shared)
dir_module (shared)
dumpio_module (shared)
env_module (shared)
expires_module (shared)
headers_module (shared)
http_module (static)
include_module (shared)
log_config_module (shared)
logio_module (shared)
mime_module (shared)
mpm_prefork_module (static)
negotiation_module (shared)
php5_module (shared)
setenvif_module (shared)
so_module (static)
ssl_module (shared)
vhost_alias_module (shared)
Can anyone please shed some light on this mystery ?
thx a lot in advance
Rob
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.