On August 11, 2012 6:33 , Carlo Traversa <traversa.carlo@xxxxxxxxx> wrote:
As in the subject If I check the access.log and error.log I see a huge number of CONNECT, GET, POST requests that make no sense to me (please see *.log files in logs.zip).
Please make it easy for people to help you. We are all volunteers. Asking us to download an attachment, unzip it, and then sort through hundreds of lines of logs makes it harder for us to help, resulting in many of us just ignoring your message.
Instead of attaching zip'ed log files, just paste a few representative log lines into the body of the email message.
No one of those requests are related to any of my hosted sistes. They aren't dangerous for apache server (or I hope so) because the reverse proxying is disabled (is it right?) but they are band consuming. Is there any way to avoid to receive those requests working on apache configuration? Or maybe there is something wrong in my configuration files?
I have not looked at the log files you attached, but it sounds like you are describing "proxy abuse" requests. These are very common. With proxy abuse requests, you will see requests in your log files that are for sites you are not running. The solution is to first make sure that your proxy is properly configured to not pass the attacker's requests, and then, if you want, to set up a default virtual host to capture and deny such requests.
A lot more information is available at https://wiki.apache.org/httpd/ProxyAbuse
If you look at the page above and determine that what you are seeing in your logs is not what the page above is talking about, please send the mailing list just a couple representative log lines so we can see what you're describing.
-- Mark Montague mark@xxxxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|