Copyright © 2008-2017, dave - Code samples on Dave's Brain is licensed under the Creative Commons Attribution 2.5 License. However other material, including English text has all rights reserved.
Browse - Computer Tips - What does it mean when logwatch says: Connection attempts using mod_proxy: 126.96.36.199 - www.google.com:443: 5 Time(s)
Date: 2009may29 OS: Linux Q. What does it mean when logwatch says: Connection attempts using mod_proxy: 188.8.131.52 -> www.google.com:443: 5 Time(s) A. Its not good. It means a remote program is trying to go thru your Apache server to another site (google in this case). To prevent this do the following: 1. Disable mod_proxy 2. Disable CONNECT 1. To disable mod_proxy comment out these lines in /etc/httpd/conf/httpd.conf#LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so #LoadModule proxy_http_module modules/mod_proxy_http.so #LoadModule proxy_connect_module modules/mod_proxy_connect.soAlso comment out everything in /etc/httpd/conf.d/proxy_ajp.conf if present. 2. It seems there is a bug somewhere so that even when mod_proxy disabled a CONNECT attempt will return a 200 (success) status code and the contents of your index.php file. To stop this make a file called /etc/httpd/conf.d/disable_connect.conf and fill it with:<Location /> <Limit CONNECT> Order deny,allow Deny from all </Limit> </Location>Restart Apache.
Add a commentSign in to add a comment