On Thu, Jul 29, 2010 at 9:04 AM, Federico del Vall <fdelvall@xxxxxxxxx> wrote: > Hi. > I am working on a reverse proxy, which is based on a prior project holding > the same configuration running over apache 2.0.40, RedHat 9. > This old project has been working smoothly for years since, no security > concerns whatsoever. > The new project is based on Centos 5.5, apache 2.2.3. To my surprise, > hackers, or should I say opportunistic users, are using the facility much as > an open proxy. > I am aware of the need of "ProxyRequests Off" sentence as a condition for > closing the forward proxy service while keeping the reverse mode functional. > We are currently blocking by iptables httpd responses to the irregular > traffic, but that in turn leaves our server without local access to Internet > as for updates. > The configuration in use is shown. > True domain and IP are masked for our privacy. > Partial log follows. > Any advice shall be truly appreciated. > Friedrick > 80.254.162.185 - - [28/May/2010:00:49:27 -0300] "GET http://ya.ru/ HTTP/1.1" > 200 8932 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows Even with ProxyRequests off, this will be served as / from you default virtualhost. You might make a default vhost (first listed vhost in a set of NameVirtualHosts) to capture all the "unknown" hosts and return an error. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|