On 10/5/05, Edhi Nugroho <edhinug@xxxxxxxxxxxxxx> wrote: > Hi, > I found this in apache's access_log : > > 219.134.31.58 - - [05/Oct/2005:19:02:35 +0700] "CONNECT > smtp.mail.yahoo.com.cn:25 HTTP/1.0" 302 5719 "-" "-" > 219.133.247.2 - - [05/Oct/2005:19:04:15 +0700] "CONNECT ms94.url.com.tw:25 > HTTP/1.0" 302 5719 "-" "-" > 219.134.73.202 - - [05/Oct/2005:19:07:58 +0700] "CONNECT cm1.hinet.net:25 > HTTP/1.0" 302 5719 "-" "-" > 219.133.175.13 - - [05/Oct/2005:19:09:03 +0700] "CONNECT > smtp.mail.yahoo.com:25 HTTP/1.0" 302 5719 "-" "-" > > What that's mean? Did my server hit by worm / virus? How can I reject this > command? Should I put LIMIT in my apache conf. I use apache 2.0 in Mandriva > LE 2005. It is someone trying to use your server to send spam. Judging by the status code (302), it is not working. But you should double-check that ProxyRequests is off. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|