Date: Tue, 12 Jun 2007 17:58:25 -0400 From: "Bob" <bob@a1poweruser.com> To: "Chuck Swiger" <cswiger@mac.com> Cc: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@FreeBSD.ORG> Subject: RE: Apache access log shows these attack requests Message-ID: <NBECLJEKGLBKHHFFANMBAEIFCDAA.bob@a1poweruser.com> In-Reply-To: <2D981D7A-0303-4A4F-B17C-CEF19FEADADE@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jun 12, 2007, at 1:54 PM, Bob wrote: > Running FBSD 6.2 + apache 13. In the apache access log I see these log > records. To me it looks like my apache server is servicing connect > requests and get > requests to other URL's. Is there some configuration option I can > turn on to stop my server from > servicing these bogus requests? If you have the Apache mod_proxy enabled, either configure it securely or disable it entirely. Also, double-check your use of PHP-based stuff-- the security of PHP is sufficiently bad that it's pretty common for sites to get hacked if they aren't careful about securing it and updating to the latest versions as new security holes in PHP-based stuff are exploited. You might want to run portaudit... -- -Chuck -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Chuck Swiger Sent: Tuesday, June 12, 2007 5:21 PM To: bob@a1poweruser.com Cc: freebsd-questions@FreeBSD. ORG Subject: Re: Apache access log shows these attack requests I all ready have Apache mod_proxy commented out in httpd.conf and there is no php stuff installed in system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NBECLJEKGLBKHHFFANMBAEIFCDAA.bob>