Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this: NameVirtualHost 192.192.123.234 <VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_ </VirtualHost> Will open up your server to be a Proxy server on the net. I've found that this isn't the case with mod_rewrite and VirtualHostMonster. Searching for "ProxyPass" on zope.org brings up a lot of documents, some that are fairly new. Is this a known thing? First we found out was by looking at the log files of one of our servers and found tons of 'GET http://some.other.domain.com/path/to/porn HTTP/1.0' lines... Now that we cleared it up with mod_rewrite, I'm wondering what the porn surfers are thinking when the hit this site all the time now :) Zac
Ouch. ;-) How did you fix it with mod_rewrite, out of curiosity? ----- Original Message ----- From: "Zachery Bir" <zbir@urbanape.com> To: <zope@zope.org> Sent: Friday, March 08, 2002 10:09 AM Subject: [Zope] Apache ProxyPass + Zope == bad?
Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this:
NameVirtualHost 192.192.123.234
<VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org
ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_
</VirtualHost>
Will open up your server to be a Proxy server on the net.
I've found that this isn't the case with mod_rewrite and VirtualHostMonster.
Searching for "ProxyPass" on zope.org brings up a lot of documents, some that are fairly new.
Is this a known thing? First we found out was by looking at the log files of one of our servers and found tons of 'GET http://some.other.domain.com/path/to/porn HTTP/1.0' lines...
Now that we cleared it up with mod_rewrite, I'm wondering what the porn surfers are thinking when the hit this site all the time now :)
Zac
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Reformated message, for readability ... Chris, do you have a new mail client? ;-) Chris McDonough wrote:
Ouch. ;-) How did you fix it with mod_rewrite, out of curiosity?
Zachery Bir" <zbir@urbanape.com> wrote:
Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this:
NameVirtualHost 192.192.123.234
<VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org
ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_
</VirtualHost>
Will open up your server to be a Proxy server on the net.
I've found that this isn't the case with mod_rewrite and VirtualHostMonster. [SNIP]
The above is not quite correct. Look at http://httpd.apache.org/docs/mod/mod_proxy.html#proxyrequests You have to explicitly enable that stuff (via "ProxyRequests on"), but ProxyPass will work anyway - maybe some braindead distributions/*nix products enable that by default. cheers, oliver
Reformated message, for readability ... Chris, do you have a new mail client? ;-)
Ooo, no. Did it look bad? I hate badly formatted mails; if you can tell me what it was doing I'll try to fix it. Thanks, - C
Chris McDonough wrote:
Reformated message, for readability ... Chris, do you have a new mail client? ;-)
Ooo, no. Did it look bad? I hate badly formatted mails; if you can tell me what it was doing I'll try to fix it.
Thanks,
Shortly after replying I read the mini-flamewar Re:Dear Listowner... about outlook and immediatly wished I never wrote that, but since you asked ;-). I really don't want to sound anal, but the standard outlook formatting: [message] ----- Original Message ----- [stupid long attribution stuff]
[quoted message]
makes it seeming necessary (for me) to cut, paste and delete to reorder and shrink the quoted stuff to retain readability of my message - everything just IMO certainly, and I wouldn't have mentioned it if this hadn't actually began only in January or so. Ok, Nazis, Hitler, Stalin ;-> cheers, oliver
I really don't want to sound anal, but the standard outlook formatting:
[message] ----- Original Message ----- [stupid long attribution stuff]
[quoted message]
makes it seeming necessary (for me) to cut, paste and delete to reorder and shrink the quoted stuff to retain readability of my message
Oh ok... I usually try to clip as much out of the message reply as possible, getting rid of the cruft. I got lazy this time. ;-) I agree wholeheartedly, please accept apologies. - C
not sure if this is the best way, but here's what i did: - ProxyRequest off (in httpd.conf) this had the effect of turning requests for http://bad.site.com/path/to/stuff into requests for /path/to/stuff. at that point /path/to/stuff would be served out (if it exists) or an error message like 404. then i went even further and made sure that anything not covered by my rewrite rules for zope returned a 403 (forbidden). the proxy requests tapered off in a single day. there's probably a more elegant solution for it, though. looking at the logs i noticed user agents which apparently look for this kind of open proxy functionality, with names like "proxy finder". jens On Friday, March 8, 2002, at 05:01 , Chris McDonough wrote:
Ouch. ;-) How did you fix it with mod_rewrite, out of curiosity?
----- Original Message ----- From: "Zachery Bir" <zbir@urbanape.com> To: <zope@zope.org> Sent: Friday, March 08, 2002 10:09 AM Subject: [Zope] Apache ProxyPass + Zope == bad?
Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this:
NameVirtualHost 192.192.123.234
<VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org
ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_
</VirtualHost>
Will open up your server to be a Proxy server on the net.
I've found that this isn't the case with mod_rewrite and VirtualHostMonster.
Searching for "ProxyPass" on zope.org brings up a lot of documents, some that are fairly new.
Is this a known thing? First we found out was by looking at the log files of one of our servers and found tons of 'GET http://some.other.domain.com/path/to/porn HTTP/1.0' lines...
Now that we cleared it up with mod_rewrite, I'm wondering what the porn surfers are thinking when the hit this site all the time now :)
Zac
On Friday, March 8, 2002, at 11:01 , Chris McDonough wrote:
Ouch. ;-) How did you fix it with mod_rewrite, out of curiosity?
As Richard pointed out. I didn't really fix it with mod_rewrite, I just turned off the capability of ProxyRequests... But I use this stanza, mostly: <IfModule mod_rewrite.c> RewriteEngine On RewriteLog "path/to/a/logfile" RewriteLogLevel 1 RewriteRule ^/(.*) http://zope.domain.com:8080/VirtualHostBase/http/zope.domain.com:80/VirtualH... $1 [P] </IfModule> So, like Richard says, I'm still using the Proxying... *sigh* But he's also right, you can do a lot of neat-o things with mod_rewrite, but I haven't really delved that far into it. Zac
At 10:09 08/03/2002 -0500, Zachery Bir wrote:
Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this:
NameVirtualHost 192.192.123.234
<VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org
ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_
</VirtualHost>
Will open up your server to be a Proxy server on the net.
No it doesn't. You must turn ProxyRequests on for your server to become a a general-purpose-all-of-the-internet proxy server. For ProxyPass to work you do not have to turn ProxyRequest on. Indeed in most cases when front-ending Zope with Apache you do not want to do that. And that instructions didn't say to do that. As a generalisation, using mod_proxy is probably less resource demanding that using mod_rewrite and an entirely sensible choice in many cases.
I've found that this isn't the case with mod_rewrite and VirtualHostMonster.
Searching for "ProxyPass" on zope.org brings up a lot of documents, some that are fairly new.
Is this a known thing? First we found out was by looking at the log files of one of our servers and found tons of 'GET http://some.other.domain.com/path/to/porn HTTP/1.0' lines...
Now that we cleared it up with mod_rewrite, I'm wondering what the porn surfers are thinking when the hit this site all the time now :)
Zac
At 17:01 08/03/2002 +0000, Richard Barrett wrote:
At 10:09 08/03/2002 -0500, Zachery Bir wrote:
Just a word. Don't know if it's been brought up before, but mod_proxy, using the details on zope.org ( even though outdated ) like this:
NameVirtualHost 192.192.123.234
<VirtualHost 192.192.123.234> ServerName www.fightclub.org ServerAdmin tyler@fightclub.org
ProxyPass / http://zserver.xyz.com:9180/fightclub/ ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/ ProxyPass /misc_ http://zserver.xyz.com:9180/misc_ ProxyPass /p_ http://zserver.xyz.com:9180/p_
</VirtualHost>
Will open up your server to be a Proxy server on the net.
No it doesn't.
You must turn ProxyRequests on for your server to become a a general-purpose-all-of-the-internet proxy server.
For ProxyPass to work you do not have to turn ProxyRequest on. Indeed in most cases when front-ending Zope with Apache you do not want to do that. And that instructions didn't say to do that.
As a generalisation, using mod_proxy is probably less resource demanding that using mod_rewrite and an entirely sensible choice in many cases.
I've found that this isn't the case with mod_rewrite and VirtualHostMonster.
Just in case anyone gets the wrong impression, using ProxyPass with the VirtualHostMonster works just as well as mod_rewrite. Afer all the [P] flag on the RewriteRule is only saying 'hand this substituted URL' off to the proxy module, which also has to be loaded into Apache. The advantage of using a RewriteRule instead of a ProxyPass is that a more complex match and substitution can be made on the requested URL. Often this isn't necessary so mod_proxy does a fine job; but I use either depending on circumstances.
Searching for "ProxyPass" on zope.org brings up a lot of documents, some that are fairly new.
Is this a known thing? First we found out was by looking at the log files of one of our servers and found tons of 'GET http://some.other.domain.com/path/to/porn HTTP/1.0' lines...
Now that we cleared it up with mod_rewrite, I'm wondering what the porn surfers are thinking when the hit this site all the time now :)
Zac
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
On Friday, March 8, 2002, at 12:19 , Richard Barrett wrote:
Just in case anyone gets the wrong impression, using ProxyPass with the VirtualHostMonster works just as well as mod_rewrite. Afer all the [P] flag on the RewriteRule is only saying 'hand this substituted URL' off to the proxy module, which also has to be loaded into Apache.
The advantage of using a RewriteRule instead of a ProxyPass is that a more complex match and substitution can be made on the requested URL. Often this isn't necessary so mod_proxy does a fine job; but I use either depending on circumstances.
Yes, and thanks for changing the subject line. I meant to just be asking a question, so I hope I didn't sound too alarmist. Zac
On Friday, March 8, 2002, at 12:01 , Richard Barrett wrote:
No it doesn't.
You must turn ProxyRequests on for your server to become a a general-purpose-all-of-the-internet proxy server.
For ProxyPass to work you do not have to turn ProxyRequest on. Indeed in most cases when front-ending Zope with Apache you do not want to do that. And that instructions didn't say to do that.
As a generalisation, using mod_proxy is probably less resource demanding that using mod_rewrite and an entirely sensible choice in many cases.
D'oh! Of course, you're right. Whoever set it up in our instance included the ProxyRequests On ( presumably they just uncommented the whole default section and modified for Zope - I've checked some other default httpd.conf files, and the ProxyRequests On is present and commented out ) Sorry 'bout the disinformation. Zac
participants (5)
-
Chris McDonough -
Jens Vagelpohl -
Oliver Bleutgen -
Richard Barrett -
Zachery Bir