Re: Preventing an open proxy with both a single SSL virtual host and a non-SSL virtual host

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just commenting on you're logged request, not your config... 

What was it that made you think you had an open proxy?
Was it only requests like the one below? 
Where they all answered with status 403?

Richard Mixon <rnmixon@xxxxxxxxxx> wrote:

> After that we started getting flooded with requests such as the following:

> 64.120.77.151 - - [13/Feb/2014:00:03:05 -0700] "GEThttp://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600&section=4660128&pub_url=${PUB_URL}HTTP/1.0"; 403 283 "http://creditsxchange.com/index.php/hotdeal/5536-the-times-of-india"; "Mozilla/5.0 (Windows NT 7.1) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.112 Safari/534.30"

You should expect requests like that on any httpserver open to the internet on port 80, just as you should expect scripted exploit probes. 

Since your server answered 403 (forbidden) the request logged above is not a problem and does not indicate an open proxy. 

Regards 
/jonas 
-- 
 Monypholite gemgas. 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux