Just commenting on you're logged request, not your config... What was it that made you think you had an open proxy? Was it only requests like the one below? Where they all answered with status 403?
Richard Mixon <rnmi...@custco.biz> wrote: > After that we started getting flooded with requests such as the following: > 64.120.77.151 - - [13/Feb/2014:00:03:05 -0700] > "GEThttp://ads.yahoo.com/st?ad_type=iframe&ad_size=160x600§ion=4660128&pub_url=${PUB_URL}HTTP/1.0"; > 403 283 > "http://creditsxchange.com/index.php/hotdeal/5536-the-times-of-india"; > "Mozilla/5.0 (Windows NT 7.1) AppleWebKit/534.30 (KHTML, like Gecko) > Chrome/12.0.742.112 Safari/534.30" You should expect requests like that on any httpserver open to the internet on port 80, just as you should expect scripted exploit probes. Since your server answered 403 (forbidden) the request logged above is not a problem and does not indicate an open proxy. Regards /jonas -- Monypholite gemgas. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
