[Zope] apache open proxy configuration problem

Fri, 14 Oct 2005 14:19:08 -0700

I've been running zope through apache for years and years now, and I have a new machine set up with apache 2.0.48 and zope (Zope 2.8.0-final, python 2.3.5, linux2)
Using Identical Vhost configuration settings from an old machine all has been well, up until about 5 days ago, when I noticed the machine getting slammed, and wierd logs started showing up like: 


xxx.xxx.xxx.xxx - - [14/Oct/2005:14:09:06 -0700] "GET 
http://partners.mygeek.com:80/search.jsp?partnerid=98885&pagesize=12 
HTTP/1.1" 403 406


(IP removed to protect the guilty)


In my quick research to try to determine the problem, I found people 
advising to turn "ProxyRequests Off", which I did, but did not have any 
effect.



Luckily this is just a development server, not a live production server, 
so its not super critical, but I'm nervous now that my production server 
might be in the same state...


Here is a sample vhost.conf entry:

NameVirtualHost 192.168.1.32
<VirtualHost 192.168.1.32>
ServerName www.greengraphics.net
ServerPath /var/www/greengraphics/www
DocumentRoot /var/www/greengraphics/www
ServerAdmin webmaster
RewriteEngine On
TransferLog logs/Vhost-greengraphics-access.log
ProxyRequests Off
       <Proxy *>
               Order deny,allow
               Allow from all
       </Proxy>

ProxyPass / 
http://192.168.1.32:8080/VirtualHostBase/http/www.greengraphics.net:80/greengraphics/VirtualHostRoot/
ProxyPassReverse / 
http://192.168.1.32:8080/VirtualHostBase/http/www.greengraphics.net:80/greengraphics/VirtualHostRoot/

</VirtualHost>



mod_proxy.conf looks like:




<IfDefine HAVE_PROXY>
 <IfModule !mod_proxy.c>
   LoadModule proxy_module             modules/mod_proxy.so
   #LoadModule proxy_connect_module    modules/mod_proxy_connect.so
   #LoadModule proxy_ftp_module        modules/mod_proxy_ftp.so
   LoadModule proxy_http_module        modules/mod_proxy_http.so
 </IfModule>
</IfDefine>

<IfModule mod_proxy.c>

#
# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:
#

ProxyRequests Off

<Proxy *>
   Order deny,allow
   Deny from all
#    Allow from .your-domain.com
</Proxy>

#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.

# ("Full" adds the server version; "Block" removes all outgoing Via: 
headers)

# Set to one of: Off | On | Full | Block
#

ProxyVia On

# End of proxy directives.

</IfModule>


any suggestions?  places to look to verify security?

Thanks!

-ed
_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **

(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope-dev )






















					Reply via email to