You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Garrett Morris <mo...@bellsouth.net> on 2006/11/25 18:05:10 UTC

[users@httpd] unwanted redirects from clients

  I tried the faq but it seems to be unavailable at the moment. My 
problem is as follows, I am setting up a webdav2 server with with 
apache 2.2.3, and currently have another with ver 2.2 for port 80 
requests and subscription info. I am receiving client requets for yahoo 
and other sites like the following...

65.29.159.78 - - [22/Nov/2006:11:03:41 -0600] "GET / HTTP/1.0" 200 3919
65.189.222.45 - - [22/Nov/2006:17:14:26 -0600] "GET / HTTP/1.0" 200 3919
66.232.103.168 - - [23/Nov/2006:20:16:43 -0600] "GET 
https://mail.yahoo.com/ HTTP/1.0" 200 3919
66.232.103.168 - - [23/Nov/2006:21:23:56 -0600] "CONNECT 
mail.yahoo.com:443 HTTP/1.1" 405 235
208.219.207.2 - - [23/Nov/2006:21:34:04 -0600] "GET / HTTP/1.1" 200 3919

I would like to stop this as I fear it is a spambot using my address 
for something illegal. The docs don't mention how to use mod_rewrite or 
mod_security to stop this. A google search turned up nothing of 
interest (not asking the right question?). I am obviously a novice. Any 
help or point in the right direction would be greatly appreciated.

Imac 17 1ghz 1GB apache2.2/2.2.3 openssl096/dav2...

One more thing... (columbo says)
	I am having trouble with dav quota and disk space remaining with dav2. 
I tried to apply the patches. The patches apply with no errors, make 
with no errors, but install has errors with undefined symbols and other 
errors. Is there a unix source with these patches and some 
prerequisites + instructions out there? I have read other articles 
where people have successfully applied these patches with 2.0.54. Is it 
already incorporated into mod_dav for 2.2.3? Any help is most welcome.

Thanks to all for this forum.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] unwanted redirects from clients

Posted by Joshua Slive <jo...@slive.ca>.

On 11/25/06, Garrett Morris <mo...@bellsouth.net> wrote:
>   I tried the faq but it seems to be unavailable at the moment. My
> problem is as follows, I am setting up a webdav2 server with with
> apache 2.2.3, and currently have another with ver 2.2 for port 80
> requests and subscription info. I am receiving client requets for yahoo
> and other sites like the following...
>
> 65.29.159.78 - - [22/Nov/2006:11:03:41 -0600] "GET / HTTP/1.0" 200 3919
> 65.189.222.45 - - [22/Nov/2006:17:14:26 -0600] "GET / HTTP/1.0" 200 3919
> 66.232.103.168 - - [23/Nov/2006:20:16:43 -0600] "GET
> https://mail.yahoo.com/ HTTP/1.0" 200 3919
> 66.232.103.168 - - [23/Nov/2006:21:23:56 -0600] "CONNECT
> mail.yahoo.com:443 HTTP/1.1" 405 235
> 208.219.207.2 - - [23/Nov/2006:21:34:04 -0600] "GET / HTTP/1.1" 200 3919

See:
http://httpd.apache.org/docs/1.3/misc/FAQ.html#proxyscan

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] unwanted redirects from clients

Posted by Sander Temme <sc...@apache.org>.

On Nov 25, 2006, at 9:05 AM, Garrett Morris wrote:

>  I tried the faq but it seems to be unavailable at the moment. My  
> problem is

There is a FAQ?

> 66.232.103.168 - - [23/Nov/2006:20:16:43 -0600] "GET https:// 
> mail.yahoo.com/ HTTP/1.0" 200 3919
> 66.232.103.168 - - [23/Nov/2006:21:23:56 -0600] "CONNECT  
> mail.yahoo.com:443 HTTP/1.1" 405 235

I suppose ProxyRequests is off on this host? In that case, don't  
worry about requests like this. As you can see from the size, the GET  
attack was served your index page, and the CONNECT attempt got a 405  
Method Not allowed.

S.

-- 
sctemme@apache.org            http://www.temme.net/sander/
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

Re: [users@httpd] unwanted redirects from clients

Posted by Richard de Vries <ri...@yahoo.com>.

You mentioned mod_security. That to me seems the best
candidate to block these types of requests. Mod
Security has an extensive ruleset and I am certain it
will have a way to accomplish this. Unfortunately, I
am pretty much a novice as it comes to mod_security
myself so I am unable to give you the syntax for such
a rule from the top of my head.

What I suggest is that you drop your inquiry on the
mod_security mailinglist.

   R

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org