You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Jacob S." <st...@6texans.net> on 2003/05/15 17:20:09 UTC

[users@httpd] Is my server an open proxy?

In my access logs for this month, as displayed by awstats, it's showing
6 hits to various sites such as yahoo.com, intel.com and gnu.com. I'm
obviously not hosting any of those sites and I don't have any kind of
links to them from my site. Each hit is reported as being 397 bytes
(yes, bytes, not kb).

I've been told these hits mean someone's using my Apache as a proxy, but
I don't have mod_proxy installed. Is there another exploit I need to
watch out for, or is the fact that each hit is only 397 bytes indicating
that it's a failed attempt to use my server as a proxy? I've read the
Apache documentation about proxys, but I want to make sure there's not
something I'm missing.

TIA,
Jacob

----- 
GnuPG Key: 1024D/16377135

In a world without fences, who needs Gates?
http://www.linux.org/

Re: [users@httpd] Is my server an open proxy?

Posted by "Jacob S." <st...@6texans.net>.

On Thu, 15 May 2003 11:24:27 -0400 Joshua Slive <jo...@slive.ca> wrote:

> On Thu, 15 May 2003, Jacob S. wrote:
> > I've been told these hits mean someone's using my Apache as a proxy,
> > but I don't have mod_proxy installed. Is there another exploit I
> > need to watch out for, or is the fact that each hit is only 397
> > bytes indicating that it's a failed attempt to use my server as a
> > proxy? I've read the Apache documentation about proxys, but I want
> > to make sure there's not something I'm missing.
> 
> See:
> http://httpd.apache.org/docs/misc/FAQ.html#proxyscan
> 
> Joshua.

Ah, thanks. I didn't see that page when I was searching for proxy stuff
in the Apache docs and found the page for mod_proxy.

I checked and sure enough, my default domain's index page is 397 bytes.

Thanks again,
Jacob

----- 
GnuPG Key: 1024D/16377135

In a world without fences, who needs Gates?
http://www.linux.org/

Re: [users@httpd] Erradic Behaviour with Apache 2.0.45 on Win2k w/ SSL & Virtual Hosts

Posted by Paul Simon <wr...@yahoo.com>.

> 
> All that said it seems to work, mostly. this is the
> problem. If a user goes
> to "www.site1.com" this site comes up nicely. if
> that same user then went to
> "www.site2.com" it pulls up the information for
> site1 ! 
> 
> 
> For clarification, here is parts of my config:
> 
> DocumentRoot "d:/Inetpub/wwwroot"

Why don't you just take the DocumentRoot directive out
of your main config since you have it in the
respective VirtualHosts? It may be confusing the
situation. 

 
> <VirtualHost *>
>     ServerAdmin webmaster@totalmoneymakeover.com
>     DocumentRoot
> "d:/Inetpub/wwwroot/totalmoneymakeover"
>     ServerName totalmoneymakeover.com
>     ServerAlias *.totalmoneymakeover.com
>     ErrorLog logs/totalmoneymakeover.com-error_log
>     CustomLog logs/totalmoneymakeover.com-access_log
> common
> 	Include conf/redirect.conf
> </VirtualHost>

I don't know if this fixes your problem but why don't
you put the DocumentRoot for totalmoneymakeover.com
outside of the Directory which daveramsey.com uses?
For example, Make the DocumentRoot for
totalmoneymakeover.com:

d:/Inetpub/totalmoneymakeover or
d:/Inetpub/totalmoneymakeover/wwwroot or
d:/totalmoneymakeover/Inetpub/wwwroot 

> 
> 
> <VirtualHost 192.168.0.9:443>
> 	DocumentRoot "d:/Inetpub/wwwroot"
> 	ServerName webdev.daveramsey.com:443
> 	ServerAdmin webaster@daveramsey.com
> 	ErrorLog logs/error.log
> 	TransferLog logs/access.log
> 	Include conf/redirect.conf
> 
> ...
> 
> </VirtualHost>


=====
=====
'Ideals are like stars. We may never reach them, but we use them to chart our course.' -- Unknown
=====
"Do not go where the path may lead, go instead where there is no path and leave a trail" -- Ralph Waldo Emerson.
=====

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Erradic Behaviour with Apache 2.0.45 on Win2k w/ SSL & Virtual Hosts

Posted by Leon Oosterwijk <le...@daveramsey.com>.

I've encountered a strange problem with Apache with virtuals hosts on
windows.

We recently put a second website on our web server. I switched from ip-based
to virtual hosting in order to accomplish this.

All that said it seems to work, mostly. this is the problem. If a user goes
to "www.site1.com" this site comes up nicely. if that same user then went to
"www.site2.com" it pulls up the information for site1 ! If i close my
browser and then go to site2 it comes up like it should. the problem occurs
when someone tries to visit first site1 and then site2 in the same browser
window. I ran some checks and it is defintately not caching or some browser
mixup. apache just serves the wrong index.html!

Because we are also running SSL I had to make some changes to the config to
make it just accept SSL on a certain ip and not the _default_ it used to be.
The problem persists even if I turn OFF the SSL.


For clarification, here is parts of my config:

DocumentRoot "d:/Inetpub/wwwroot"
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory "d:/Inetpub/wwwroot">
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

NameVirtualHost *

<VirtualHost *>
    ServerAdmin webmaster@daveramsey.com
    DocumentRoot "d:/Inetpub/wwwroot"
    ServerName daveramsey.com
    ServerAlias *.daveramsey.com
	Include conf/redirect.conf
</VirtualHost>

<VirtualHost *>
    ServerAdmin webmaster@totalmoneymakeover.com
    DocumentRoot "d:/Inetpub/wwwroot/totalmoneymakeover"
    ServerName totalmoneymakeover.com
    ServerAlias *.totalmoneymakeover.com
    ErrorLog logs/totalmoneymakeover.com-error_log
    CustomLog logs/totalmoneymakeover.com-access_log common
	Include conf/redirect.conf
</VirtualHost>


<VirtualHost 192.168.0.9:443>
	DocumentRoot "d:/Inetpub/wwwroot"
	ServerName webdev.daveramsey.com:443
	ServerAdmin webaster@daveramsey.com
	ErrorLog logs/error.log
	TransferLog logs/access.log
	Include conf/redirect.conf

...

</VirtualHost>




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Is my server an open proxy?

Posted by Joshua Slive <jo...@slive.ca>.

On Thu, 15 May 2003, Jacob S. wrote:
> I've been told these hits mean someone's using my Apache as a proxy, but
> I don't have mod_proxy installed. Is there another exploit I need to
> watch out for, or is the fact that each hit is only 397 bytes indicating
> that it's a failed attempt to use my server as a proxy? I've read the
> Apache documentation about proxys, but I want to make sure there's not
> something I'm missing.

See:
http://httpd.apache.org/docs/misc/FAQ.html#proxyscan

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org