Joshua, it seems you've also covered this ground  before:
> From "Joshua Slive" <jos... slive.ca>
> Subject Re: [usershttpd] Deny CONNECT &
GET http requests
> Date Tue, 19 Jun 2007 23:40:36 GMT
>
> On 6/19/07, Bob <boba1poweruser.com> wrote:
>
>> You are wrong
>
> Really? Interesting.
>
> Well, no actually, I'm not. But it's nice how confident
you are about
> your knowledge on this issue.
>
>>, my original post showed the CONNECT requests
having a 200
>> status code which means apache did service them
successfully
>
> As I've told you repeatedly, php was almost certainly
treating the
> CONNECT request just like a GET request. So the CONNECT
was not
> succeeding in the sense of connecting to a third-party
server. It was
> simply serving your index.php page.
>
>> My book says a 500 code is a common error when a
client calls a flawed
>> CGI script.
>
> And this is not the "correct" status code.
The correct status code is
> 403 (forbidden). But as I already said, the status code
is not that
> important since the robots don't care. (And, in fact,
the original 200
> status code wasn't really a problem either unless your
index.php
> script uses up lots of resources. So you could have
just left things
> as they were.)
>
>> I have read the php manual concerning selecting
individual
>> methods. I could not find any mention of how to
tell php to limit it self to
>> only using desired methods. A link to the php
manual where it explains how
>> to restrict php to only allow the use of selected
methods would go a long
>> way to support your view point. Providing a how to
fix it post like I did is
>> far better then a reply spouting apache dogma.
Results are what count here.
>
> I'm not here to win a debate with you. I'm just here to
try to help
> you understand how your server is working. For php
configuration
> questions you are better off on a php list. But I have
already given
> you explicit instructions: "I believe you
> can set http.allowed_methods in your php config to the
list of methods
> php should handle. (GET and POST would be a good basic
list.)" This is
> documented here:
> http://www.php.n
et/manual/en/ini.php
>
> As I've also already told you, your current config
should be fine. But
> don't go recommending it to others as the proper
solution when there
> are many cleaner and safer solutions available (and
listed in the
> FAQ).
>
> Joshua.
-------- Original Message --------
Subject: Re: [usershttpd] Wacko Incoming URLs in Log File
From: Joshua Slive <joshuaslive.ca>
To: usershttpd.apache.org
Date: Saturday, November 03, 2007 11:53:13 AM
> On Nov 3, 2007 12:40 PM, Roger Haase <haaserdgmail.com> wrote:
>> About once a week or more often, I get some unusual
entries in my apache log
>> file similar to these:
>>
>>
>> 159.148.97.91 - - [31/Oct/2007:23:44:31 -0700]
"CONNECT 195.175.37.70:8080
>> HTTP/1.0" 302 102 "-" "-"
>> 159.148.97.91 - - [31/Oct/2007:23:44:32 -0700]
"CONNECT 159.148.96.222:80
>> HTTP/1.0" 302 102 "-" "-"
>> 159.148.97.91 - - [31/Oct/2007:23:44:32 -0700]
"GET
>> http://www.hi.lv:80/
counter1.php HTTP/1.0" 404 284 "-"
"-"
>> 159.148.97.91 - - [31/Oct/2007:23:44:33 -0700]
"GET
>> http://www.hi.lv:80/
counter1.php HTTP/1.0" 404 284 "-"
"-"
>> I am in Arizona and the traffic seems to originate
in Amsterdam. The
>> www.hi.lv host apears to be in Latvia. My IP
address is no where near
>> 195.175.37.70 or 159.148.96.222. On the other
occasions, the urls are from
>> other equally strange locations and never seem to
repeat. On most
>> occasions, there is only one entry at a time.
>>
>> Is this misdirected internet junk that I should
report to my ISP as their
>> problem or is this a hacker attempt?
>
> See:
> http://wiki.a
pache.org/httpd/ProxyAbuse
>
> Joshua.
>
>
------------------------------------------------------------
---------
> The official User-To-User support forum of the Apache
HTTP Server Project.
> See <URL:http://htt
pd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
> " from the digest:
users-digest-unsubscribehttpd.apache.org
> For additional commands, e-mail: users-helphttpd.apache.org
>
>
------------------------------------------------------------
---------
The official User-To-User support forum of the Apache HTTP
Server Project.
See <URL:http://htt
pd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribehttpd.apache.org
" from the digest: users-digest-unsubscribehttpd.apache.org
For additional commands, e-mail: users-helphttpd.apache.org
|
