On Tue, 15 Mar 2005 15:54:53 +0100, Alberto Barbati <abarbati@xxxxxxxxxx> wrote: > Hi Everybody, > > [Fedora Core 3, httpd 2.0.52] > > as many of us, I periodically see in my logs an attempt to check the > proxy capabilities of my server, namely the request "CONNECT > 1.3.3.7:1337 HTTP/1.0". > > I would expect the request to fail with a result of 4xx (405 to be > exact). With my surprise, I found that the request succeded with a > result of 301 (redirect permanently) instead. As the redirected URL > contained the string "/mailman/info" I quickly understood that the > problem was in the configuration of one of my virtual hosts (the one > that handles mailman lists): > > -------------- > <VirtualHost X.X.X.X:80> > ServerName lists > ServerAlias lists.* > UseCanonicalName Off > > RewriteEngine On > RewriteRule ^/(mailman/?)?$ /mailman/listinfo [R=permanent,L] > > [rest omitted for brevity] > > </VirtualHost> > -------------- > > The one above is the only occurrence of "RewriteEngine On" in my whole > configuration. > > It seems that the CONNECT request has been processed by mod_rewrite > according to a directive that should be restricted to my named-based > virtual host. This looks very fishy to me. I assume that is the virtual host listed first in your config file? Then it is perfectly expected that it should be serving all requests that don't otherwise belong to another virtual host. See: http://httpd.apache.org/docs/misc/FAQ.html#proxyscan Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|