On Thu, Oct 28, 2010 at 4:33 PM, Dan <random.da...@gmail.com> wrote: > On Thu, Oct 28, 2010 at 3:25 PM, Eric Covener <cove...@gmail.com> wrote: >> On Thu, Oct 28, 2010 at 4:21 PM, Dan <random.da...@gmail.com> wrote: >>> Hello all, >>> >>> I have an apache ssl proxy configured with mod_security that detected >>> (I'm only running in detection mode) many HTTP connected requests >>> against port 443. The requests look like this: >>> >>> CONNECT www.mydomain.com:443 HTTP/1.1 >>> >>> All requests completed with a 200, but I can't recreate this by >>> connecting to the server on port 443. I get "Connection closed by >>> foreign host." >> >> This would be happening over port 80 on your webserver, to perform an >> SSL handshake with www.mydomain.com. >> >> -- >> Eric Covener >> cove...@gmail.com >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> " from the digest: users-digest-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >> > > Thanks for the reply Eric. I was able to recreate the request and the > response code, but what would the purpose of this be? Are there > proxies or utilities out there that use this method to access web > sites using SSL?
This is how even normal browsers do SSL through a HTTP proxy. -- Eric Covener cove...@gmail.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
