From owner-freebsd-questions@FreeBSD.ORG Tue Jun 12 21:58:26 2007 Return-Path: X-Original-To: freebsd-questions@FreeBSD.ORG Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3CE7D16A4C6 for ; Tue, 12 Jun 2007 21:58:26 +0000 (UTC) (envelope-from bob@a1poweruser.com) Received: from mta11.adelphia.net (mta11.adelphia.net [68.168.78.205]) by mx1.freebsd.org (Postfix) with ESMTP id 0262A13C45E for ; Tue, 12 Jun 2007 21:58:25 +0000 (UTC) (envelope-from bob@a1poweruser.com) Received: from laptop ([76.190.225.105]) by mta11.adelphia.net (InterMail vM.6.01.05.02 201-2131-123-102-20050715) with SMTP id <20070612215825.YBBC3934.mta11.adelphia.net@laptop>; Tue, 12 Jun 2007 17:58:25 -0400 From: "Bob" To: "Chuck Swiger" Date: Tue, 12 Jun 2007 17:58:25 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 In-Reply-To: <2D981D7A-0303-4A4F-B17C-CEF19FEADADE@mac.com> Cc: "freebsd-questions@FreeBSD. ORG" Subject: RE: Apache access log shows these attack requests X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: bob@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jun 2007 21:58:26 -0000 On Jun 12, 2007, at 1:54 PM, Bob wrote: > Running FBSD 6.2 + apache 13. In the apache access log I see these log > records. To me it looks like my apache server is servicing connect > requests and get > requests to other URL's. Is there some configuration option I can > turn on to stop my server from > servicing these bogus requests? If you have the Apache mod_proxy enabled, either configure it securely or disable it entirely. Also, double-check your use of PHP-based stuff-- the security of PHP is sufficiently bad that it's pretty common for sites to get hacked if they aren't careful about securing it and updating to the latest versions as new security holes in PHP-based stuff are exploited. You might want to run portaudit... -- -Chuck -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Chuck Swiger Sent: Tuesday, June 12, 2007 5:21 PM To: bob@a1poweruser.com Cc: freebsd-questions@FreeBSD. ORG Subject: Re: Apache access log shows these attack requests I all ready have Apache mod_proxy commented out in httpd.conf and there is no php stuff installed in system.