[Zope] apache open proxy configuration problem
Ed Colmar
ed at greengraphics.net
Thu Dec 22 13:57:25 EST 2005
Hey Tino
Well, my access log fills up with lines like:
61.54.11.222 - - [21/Dec/2005:14:36:56 -0800] "GET
http://media.fastclick.net/w/get.media?sid=19765&m=3&tp=7&d=s&c=1
HTTP/1.1" 404 927
59.32.21.156 - - [21/Dec/2005:14:37:10 -0800] "GET
http://www.searchvill.com/index.php?uid=1077&REQ=Poker%20Betting
HTTP/1.0" 404 935
222.208.183.2 - - [21/Dec/2005:14:40:05 -0800] "GET
http://adsence.sogou.com/index.html?pid=info-xa163&ww=120&dc=3&dir=0&num=6&color=1&charset=gb
HTTP/1.0" 404 936
222.208.183.2 - - [21/Dec/2005:14:40:06 -0800] "GET
http://log.cpc.sohu.com:90/?pv.png HTTP/1.0" 200 589
213.226.83.21 - - [21/Dec/2005:14:40:27 -0800] "GET
http://www.ccet-server.com/cgi-bin/ip.cgi HTTP/1.0" 404 933
212.30.78.125 - - [21/Dec/2005:14:41:20 -0800] "GET
http://test.anonproxies.com/azenv.php?80 HTTP/1.0" 404 935
203.88.51.59 - - [21/Dec/2005:14:42:07 -0800] "GET
http://www.abcseek.info/cgi-bin/ip1.cgi HTTP/1.0" 404 933
213.156.221.126 - - [21/Dec/2005:14:42:29 -0800] "POST
http://66.96.85.136:80/checkp/env/env.php HTTP/1.0" 404 932
218.71.245.157 - - [21/Dec/2005:14:42:51 -0800] "GET
http://umsky.com/prx.php HTTP/1.0" 404 933
83.133.146.243 - - [21/Dec/2005:14:43:41 -0800] "GET
http://clickingagent.com/proxycheck.php?ip=66.92.14.218&port=80&loc=
HTTP/1.1" 404 940
-e-
Tino Wildenhain wrote:
>Ed Colmar schrieb:
>
>
>>Hey All..
>>
>>I'm following up on this thread after lots of different configuration
>>attempts, reinstalling apache2 from source, more configuration attempts,
>>banging my head against the wall, and endless troubleshooting..
>>Unfortuantely I am still failing to configure this correctly.
>>
>>Thankfully the people using my apache as a open proxy are so relentless
>>I only need to start apache for a few seconds to determine if the proxy
>>is still open or not...
>>
>>So... I've made quite a bit of progress, but I am still at a loss to
>>understand what is going on here.... Possibly this is a question for
>>the apache forum, but I figured some of my fellow zope users might be
>>able to help, since all I'm using apache for is to rewrite for zope, and
>>log access.
>>
>>I have cleaned up my virtual host directive to only use a single Rewrite
>>Rule (which works):
>>RewriteRule ^/(.*)
>>http://192.168.1.32:8080/VirtualHostBase/http/www.myserver.net:80/myfolder/$1
>>[L,P]
>>
>>Still the proxy was open and under attack.
>>
>>
>>
>
>I'm wondering where you get the impression you have an open proxy?
>Given your configuration, no access can go outside your zope.
>
>Sure people will try it all the time - but your apache still
>delivers just your zope content.
>
>Just try it out yourself!
>
>
>
>
More information about the Zope
mailing list