I wonder whether mod_proxy can be a security risk in Apache2.0.54,
when being enabled in conjunction with tomcat (5.5).
A machine which is open to the world (on port 80 only) is blacklisted
at cbl.abuseat.org and I wonder how come.
--
Chris Christoph P. U. Kukulies kuku_at_kukulies.org
you should turn off your proxyrequests
ProxyRequests Off
first line in the documentation
http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
you can still use ProxyPass without using proxyrequests
Christoph Kukulies wrote:
I wonder whether mod_proxy can be a security risk in Apache2.0.54,
