[users@httpd] Is my server an open proxy?

[Jason Martens <jm...@cityofevanston.org>]

I've been seeing some entries like this in my access.log:
0.0.0.0 - - [06/Nov/2005:15:36:27 -0600] "GET http://www.example.com/
HTTP/1.1" 200 23660 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1)"

It looks like someone is using my server to access other sites.  Is that
what I'm seeing? How can I test if my server is vulnerable to this?  I
have "ProxyRequests Off" set.  Is there anything else that I need to
check?

Thanks,
Jason Martens

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Is my server an open proxy?

[Joshua Slive <js...@gmail.com>]

On 11/28/05, Jason Martens <jm...@cityofevanston.org> wrote:
> I've been seeing some entries like this in my access.log:
> 0.0.0.0 - - [06/Nov/2005:15:36:27 -0600] "GET http://www.example.com/
> HTTP/1.1" 200 23660 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
> 5.1)"
>
> It looks like someone is using my server to access other sites.  Is that
> what I'm seeing? How can I test if my server is vulnerable to this?  I
> have "ProxyRequests Off" set.  Is there anything else that I need to
> check?

See:
http://httpd.apache.org/docs/1.3/misc/FAQ.html#proxyscan

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org