You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ja...@aol.com on 2002/11/07 11:06:39 UTC
[users@httpd] CONNECT appearing in apache logs
A few days ago a user reported the following errors in his apache
logs.
> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "CONNECT
> XXX.XXX.11.166:25 HTTP/1.0" 200 7811 "-" "-"
Well I checked my logs and found that I started getting these about a
week ago.
I have to do so many jobs that unfortunately I am not an expert in any
of the tasks so would appreciate any comment on the actions I have
taken below.
I added into the following container
<DIRECTORY />
the following as recommended in one of the posts
<LimitExcept GET HEAD POST>
Order deny,allow
Deny from all
</LimitExcept>
I since have got a similar message
> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "LINK /shop/page.htm
HTTP/1.1" 200 7811 "-" "Mozilla etc"
Do I need to put LIMITEXCEPT on every directory as I presume from the
above that a CONNECT will also be accepted the next time it is tried.
We deny telnet access to everyone apart from 2 internal IP numbers using
hosts.allow but this only appears to restrict port 80. Would turning it off
completely as a service put a sure stop to this.
Post a follow-up to this message
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] CONNECT appearing in apache logs
Posted by Sander Holthaus - Orange XL <in...@orangexl.com>.
As far as I know, LINK has not been implemented in Apache (was on the
todo-list for Apache 2.1) yet. But I could be mistaken here. This is from
the RFC:
The LINK method establishes one or more Link relationships between
the existing resource identified by the Request-URI and other
existing resources. The difference between LINK and other methods
allowing links to be established between resources is that the LINK
method does not allow any message-body to be sent in the request and
does not directly result in the creation of new resources.
If the request passes through a cache and the Request-URI identifies
a currently cached entity, that entity MUST be removed from the
cache. Responses to this method are not cachable.
Caches that implement LINK should invalidate cached responses as
defined in section 13.10 for PUT.
Kind regards,
Sander Holthaus
----- Original Message -----
From: <Ja...@aol.com>
To: <us...@httpd.apache.org>
Sent: Thursday, November 07, 2002 11:06 AM
Subject: [users@httpd] CONNECT appearing in apache logs
> A few days ago a user reported the following errors in his apache
> logs.
>
> > XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "CONNECT
> > XXX.XXX.11.166:25 HTTP/1.0" 200 7811 "-" "-"
>
> Well I checked my logs and found that I started getting these about a
> week ago.
>
> I have to do so many jobs that unfortunately I am not an expert in any
> of the tasks so would appreciate any comment on the actions I have
> taken below.
>
> I added into the following container
> <DIRECTORY />
> the following as recommended in one of the posts
> <LimitExcept GET HEAD POST>
> Order deny,allow
> Deny from all
> </LimitExcept>
>
> I since have got a similar message
> > XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "LINK /shop/page.htm
> HTTP/1.1" 200 7811 "-" "Mozilla etc"
>
> Do I need to put LIMITEXCEPT on every directory as I presume from the
> above that a CONNECT will also be accepted the next time it is tried.
>
> We deny telnet access to everyone apart from 2 internal IP numbers using
> hosts.allow but this only appears to restrict port 80. Would turning it
off
> completely as a service put a sure stop to this.
> Post a follow-up to this message
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org