sorry gentlemen,
I didn't get the replies in my mailbox for some reason. Will keep an eye on the mailinglist for your replies. Thanx for them.
So a little more context has been requested :
- I run a self-compiled, latest version of Apache 2
- the only self-compiled module on it is PHP
Someone suggested that there would be a kind of 'application' accepting the requests, but there isn't any such.
The error doesn't contain any line for the timeframe where these requests occured.
The modules active on this server are (sorted) :
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authn_anon_module (shared)
authn_dbd_module (shared)
authn_dbm_module (shared)
authn_default_module (shared)
authn_file_module (shared)
authz_dbm_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
core_module (static)
dbd_module (shared)
deflate_module (shared)
dir_module (shared)
dumpio_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
http_module (static)
ident_module (shared)
imagemap_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
logio_module (shared)
mime_module (shared)
mpm_prefork_module (static)
negotiation_module (shared)
php5_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
so_module (static)
speling_module (shared)
ssl_module (shared)
status_module (shared)
substitute_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
Citeren Rob De Langhe <rob.de.langhe@xxxxxxxxxxxx>:
haven't got a single reply (yet), so tempting to re-issue my query since I still get such strange logs on my web server, like the following :
59.59.104.62 - - [13/Mar/2011:18:38:24 +0100] "GET http://5566.net/ HTTP/1.1" 200 240 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"
My web server says that with a HTTP-code "200" it has succesfully fullfilled the requested URL "http://5566.net/" ?!
Citeren Rob De Langhe <rob.de.langhe@xxxxxxxxxxxx>:
hi,
while going occasionally through the access logs of a 2.2.17 Apache server, I noticed some URLs of remote locations where my server would have made a GET for ?!
an example:
194.0.122.134 - - [10/Mar/2011:02:26:55 +0100] "GET http://www.ebay.com/ HTTP/1.1" 200 240 "-" "Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)"
So the status code = 200 indicates that the server allowed that URL "http://www.ebay.com" for the client 194.0.122.134 ...
I suspected that proxy functionality (enabled by default for long, but luckily in this 2.2.17 version it is not enabled by default in the configs), so I checked the loaded modules :
# /usr/apache2/bin/apachectl -t -D DUMP_MODULES | grep -i prox
#
so none.
Which other module or config setting could have as effect that my server accepts such requests ?
rgds
Rob
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
|