CONNECT xx.xx.xx.xx:25 HTTP/1.0The server returned a 302, with a Location: of http://127.0.0.1, which I verified by telnetting to port 80 and trying it myself. This particular server is Apache 2.0.58, with the following modules loaded:
mod_log_config.so mod_mime.so mod_negotiation.so mod_status.so mod_include.so mod_dir.so mod_cgi.so mod_alias.so mod_rewrite.so mod_access.so mod_auth.so mod_headers.so mod_setenvif.so mod_geoip.so mod_watch.so libphp5.soI tried the same query via telnet to my other server, which is running 1.3.34 with these modules:
mod_env.so mod_log_config.so mod_mime.so mod_negotiation.so mod_status.so mod_include.so mod_dir.so mod_cgi.so mod_asis.so mod_imap.so mod_actions.so mod_alias.so mod_rewrite.so mod_access.so mod_auth.so mod_headers.so mod_setenvif.so mod_watch.so mod_gzip.so libphp5.so mod_geoip.soWhen I tried the same request, it returned a 200 and the contents of the server's default index page.
I should add that both servers are configured essentially the same, except for the necessary differences between 2.0 and 1.3. I don't see any config options that would specify what to do with CONNECT requests, nor should there be any rewrite rules that would redirect traffic to localhost.
I'm not particularly concerned about this - I assume they were trying to use a proxy server to relay spam, and since I'm not running a proxy, it didn't work - but it piques my interest. What caused the 2.0 server to respond differently than 1.3? Is it a module, or built-in behavior? Thanks for any input you can provide.
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|