Just to put a cap on this thread, I've expanded the faq entry on this
subject and transfered it to the docs wiki:
http://wiki.apache.org/httpd/Logs/Proxy_Abuse
Feel free to correct any errors or omissions.
-
The official User-To
Thanks Joshua you answered all my questions even the one about testing. All I
got was the last message and it only referenced the php/CONNECT not the whole
discussion.
I will try these things immediately. The Seattle company which is trying the
CONNECT/POST test is really annoying.
Regar
On 6/20/07, Tony Anecito <[EMAIL PROTECTED]> wrote:
Hi Guys,
I am very interested in what you are talking about. Especially the
CONNECT/POST discussion. I have what I believe is a spammer doing the
CONNECT/POST and getting a status 200 from apache. Is this truely a php
issue? Should I drop using
Hi Guys,
I am very interested in what you are talking about. Especially the
CONNECT/POST discussion. I have what I believe is a spammer doing the
CONNECT/POST and getting a status 200 from apache. Is this truely a php issue?
Should I drop using php? Do you both agree and the apache group t
On 6/19/07, Bob <[EMAIL PROTECTED]> wrote:
You are wrong
Really? Interesting.
Well, no actually, I'm not. But it's nice how confident you are about
your knowledge on this issue.
, my original post showed the CONNECT requests having a 200
status code which means apache did service them succe
dled by PHP.
Joshua.
-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joshua Slive
Sent: Tuesday, June 19, 2007 9:15 AM
To: users@httpd.apache.org; [EMAIL PROTECTED]
Subject: Re: [EMAIL PROTECTED] Deny CONNECT & GET
On 6/19/07, Bob <[EMAIL PROTECTED]> wrote:
The replies to my post came back saying that apache defaults to denying
CONNECT requests which I was not able to verify.
That the CONNECT request is some how being spoofed through php which I was
not able to verify.
My reading of php5 says it accepts al
The replies to my post came back saying that apache defaults to denying
CONNECT requests which I was not able to verify.
That the CONNECT request is some how being spoofed through php which I was
not able to verify.
My reading of php5 says it accepts all valid methods that apache hands it.
To me t
On 6/17/07, Bob <[EMAIL PROTECTED]> wrote:
Thank you for the info. I read through link you provided on the "GET http"
request. But I don't feel it answered my question. My interpretation of the
404 response means the "GET http" request was processed and packets where
sent to the URL contained i
ugh.
>Joshua.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Joshua Slive
Sent: Saturday, June 16, 2007 10:04 PM
To: users@httpd.apache.org; [EMAIL PROTECTED]
Subject: Re: [EMAIL PROTECTED] Deny CONNECT & GET http requests
Thank you for the info. I read t
On 6/16/07, Bob <[EMAIL PROTECTED]> wrote:
I get 100k plus of these per month. This is really stressing my server.
88.233.57.141 - - "GET http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi
HTTP/1.1" 404 300 "http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi";
125.225.140.225 - "CONNECT 209.191
Bob did speak thusly:
I get 100k plus of these per month. This is really stressing my server.
88.233.57.141 - - "GET http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi
HTTP/1.1" 404 300 "http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi";
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
88.23
I get 100k plus of these per month. This is really stressing my server.
88.233.57.141 - - "GET http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi
HTTP/1.1" 404 300 "http://yasann2.hp.infoseek.co.jp/cgi-bin/jenv.cgi";
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
88.233.57.141 - - "GET http:/
13 matches
Mail list logo
