Hi all, I have set up an apache server to be used privately by my family, and I have secured it by using SSL certificates (high grade ciphers, the client certificate is required), mod-evasive is enabled, etc. The question is: with this setup, how is possible that I get this entries in the log files? [IP ADD] - - [07/Feb/2013:03:28:21 +0100] "GET /" 400 458 "-" "-" [IP ADD] - - [09/Feb/2013:13:46:29 +0100] "-" 408 2919 "-" "-" [IP ADD] - - [11/Feb/2013:17:07:21 +0100] "-" 408 3684 "-" "-" I do not understand why the request in entries 2 and 3 has not been logged by the apache, but it is even worse that a client without the certificate has been able to do a "GET /". If that IP did not have the certificate this request should have been just ignored, right? Does anyone know what can be happening here? Regards! -- Felix Rubio Dalmau
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|