[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re:apache allowing POSTs to offsite IP
- From: "James P. Roberts" <punster punsterproductions com>
- To: <seawolf-list redhat com>
- Subject: Re:apache allowing POSTs to offsite IP
- Date: Sun, 18 May 2003 12:58:47 -0400
> > On Fri, 16 May 2003, Kevin Weslowski wrote:
> >
> > > Hi all,
> > >
> > > in my apache access logs, a someone has been POSTing (and succeeding)
> > > through my server, to another IP, but to their port 25...there has been
> > > reports from the ISP of the IP being attacked that WE have been spamming
> > > them, which isn't true since we don't even have sendmail running or port
> > > 25 open;
> > >
> > > snip:
> > >
> > > 66.164.26.66 - - [16/May/2003:16:23:28 -0600] "POST
> > > http://142.165.49.56:25/ HTTP/1.1" 200 375
> > > 66.164.26.66 - - [16/May/2003:16:23:28 -0600] "QUIT" 403 -
> > > 66.164.26.66 - - [16/May/2003:16:27:21 -0600] "POST
> > > http://142.165.49.6:25/ HTTP/1.1" 200 1008
> > > 66.164.26.66 - - [16/May/2003:16:27:39 -0600] "POST
> > > http://142.165.49.6:25/ HTTP/1.1" 200 1024
> > > 66.164.26.66 - - [16/May/2003:16:27:58 -0600] "POST
> > > http://142.165.49.6:25/ HTTP/1.1" 200 1000
> > > 66.164.17.103 - - [16/May/2003:16:29:34 -0600] "POST
> > > http://142.165.49.6:25/ HTTP/1.1" 200 1016
> > > 66.164.17.103 - - [16/May/2003:16:30:07 -0600] "POST
> > > http://142.165.49.6:25/ HTTP/1.1" 200 1016
> > >
> > > first, has any one seen these types of "proxy" POSTs? what do they mean?
> > >
> > > we've tried denying access to 66.164.* but he's still able to send the
> > > POSTs...probably because they're not directed at my server...so I how do
> > > I stop this "proxy" use of my (apache 1.3.27) server?
> > >
> > > any help would be much appreciated...thanks.
> > >
> > > Kevin
> > > >
>From the Apache website, version 1.3 docs:
( http://httpd.apache.org/docs/mod/directives.html )
ProxyRequests directive
Syntax: ProxyRequests on|off
Default: ProxyRequests Off
Context: server config, virtual host
Override: Not applicable
Status: Base
Module: mod_proxy
Compatibility: ProxyRequests is only available in Apache 1.1 and later.
This allows or prevents Apache from functioning as a proxy server. Setting
ProxyRequests to 'off' does not disable use of the ProxyPass directive.
Warning: Do not enable proxying until you have secured your server. Open proxy
servers are dangerous both to your network and to the Internet at large.
Not to be mean or anything, but have you actually read any of the online
Apache documentation? Took about 30 seconds via Google to find this. I would
suggest a thorough review of your entire Apache configuration.
Regards,
Jim
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]