Strange connections to Apache      2004.02.27 @ 8:37:45 PM
After reading a post in Gentoo forums I realized there's been some strange requests logged by Apache server.

Pherhaps they are scripts from spammers looking for open proxies. My assumption is that they look for available (and misconfigured) mod_proxy modules. There is nothing wrong with this, but what puzzles me is that the server is logging a 200 (success) and shows a high byte count returned to the client.

I almost freaked out, but then I realized that the server always returns my local index page to the client, no matter what the CONNECT request is. I verified this by issuing a CONNECT manually, no matter what I request, I always get a 200 and the contents of my webpage, as I would with the regular GET method.

It isn't terribly bad as I know for sure mod_proxy is not working. However, it would be kind of nice if I saw a "403 Method not Allowed" instead of the scary "200". At least it will prevent my server form being wrongfully listed in some spammer's list.

This seems to be a bug that only takes place on systems with php installed. For now I have <limit>ed the CONNECT method. It does not address the issue, but at least they show them a "404 Forbidden" instead of a "200" message. If you see this, simply add the following lines to your httpd.conf file and restart apache:

<Location />
<Limit CONNECT>
Order deny,allow
Deny from all
</Limit>
</Location>


All knowledge and software published in this website is released under the GNU General Public License (GPL)