On Thu, Oct 28, 2010 at 4:33 PM, Dan <random.danno@xxxxxxxxx> wrote: > On Thu, Oct 28, 2010 at 3:25 PM, Eric Covener <covener@xxxxxxxxx> wrote: >> On Thu, Oct 28, 2010 at 4:21 PM, Dan <random.danno@xxxxxxxxx> wrote: >>> Hello all, >>> >>> I have an apache ssl proxy configured with mod_security that detected >>> (I'm only running in detection mode) many HTTP connected requests >>> against port 443. The requests look like this: >>> >>> CONNECT www.mydomain.com:443 HTTP/1.1 >>> >>> All requests completed with a 200, but I can't recreate this by >>> connecting to the server on port 443. I get "Connection closed by >>> foreign host." >> >> This would be happening over port 80 on your webserver, to perform an >> SSL handshake with www.mydomain.com. >> >> -- >> Eric Covener >> covener@xxxxxxxxx >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx >> " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx >> >> > > Thanks for the reply Eric. I was able to recreate the request and the > response code, but what would the purpose of this be? Are there > proxies or utilities out there that use this method to access web > sites using SSL? This is how even normal browsers do SSL through a HTTP proxy. -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|