how to get rid of Connection attempts using mod_proxy

[Tim]

On Tue, 2006-06-27 at 15:19 +0530, Ankush Grover wrote:
> I am running Apache on FC3. For last few days I am regulary seeing
> some Connection attempts using mod_proxy through the below listed
> addresses in the logs.
> 
> output of logwatch
> 124.8.0.88 -> smtp.pchome.com.tw:25 : 2 Time(s)
>    124.8.21.214 -> smtp.pchome.com.tw:25 : 2 Time(s)
>    124.8.3.72 -> smtp.pchome.com.tw:25 : 8 Time(s)
>    220.132.20.167 -> smtp.pchome.com.tw:25 : 2 Time(s)
> 
> I can block these addresses through IPtables what I am interested in
> knowing is that should I disable mod_proxy module in apache. Well I
> don't know much about mod_proxy I am using squid as proxy server for
> my domain. Disabling mod_proxy will have any impact on the performance
> of the squid.

If you're not using Apache to proxy (and you should know if you are, as
you have to specially configure it to do so), then you can just not load
in the module.  

You can set up Apache to cache (a different function than proxying) some
of its output.  That can be handy if your server dynamically generates
pages for each request, but the generated page is going to be the same
most of the time.  But that's a different configuration, yet again.

Go through your configuration file, and try disabling modules you're not
using (read the manual, as you go along).  You should make your server a
bit less vulnerable, and perhaps faster to start up.

I just went through doing that the other day, disabling a few modules
that I don't use.  I'm sure that Apache starts up quicker on that box,
now.  The box is a bit slow, so every little bit helps.

Only the other day I saw my first attempt at a port 25 connection in the
logs.  Prior to that it was mostly just straight connection attempts
(about one every half hour), with an occasional attempt to do something
else.

-- 
(Currently running FC4, occasionally trying FC5.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.