ProxyPass warning

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

ProxyPass warning

Brian Murphy-Dye-3
Over the past few days, my Apache server has been flooded with  
requests for sites other than my own, such as 'http://spam.gmx.pl/ 
px.php'. Since I had enabled proxy requests without restricting  
access, Apache happily fetched pages from the other sites and  
returned them. In Mac OS/X Server, checking 'Control Access To Proxy'  
and entering 'localhost' into the allowed domain results in the  
following code in httpd.conf.

<IfModule mod_proxy.c>
         ProxyRequests On
         CacheRoot "/var/run/proxy"
         CacheSize 1024
         CacheGcInterval 24
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a_domain.com another_domain.edu joes.garage_sale.com
         <Directory "proxy:*">
                 Deny from all
                 Allow from localhost
                 Order Deny,Allow
         </Directory>
</IfModule>

This doesn't prevent the requests (still being hit with more than one  
request/second), but does stop your machine from delivering the  
requested remote page (returns a 403 error status code). There may be  
other ways to prevent usage of your bandwidth, but the deny all/allow  
localhost seems to be effective.

Brian.
_______________________________________________
Seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

smime.p7s (3K) Download Attachment