[nSLUG] Curious httpd log entries...

Ben Armstrong synrg at sanctuary.nslug.ns.ca
Fri Aug 12 09:08:38 ADT 2005


On Fri, 2005-08-12 at 08:51 -0300, Ben Armstrong wrote:
> I'm not sure how you get a request destined for another site in your
> access.log.  Proxied through your web server? (That would be very bad
> indeed, and would indicate a security problem you need to fix.)
> Spoofed?  (Not so bad: just block these guys and worry no more.)

Er, hm.  Yes, I think Dop might be right with his "looking for open
proxies" guess -- not succeeding, mind you, as each request 404s.  And
that explains the mystery for me.  Anyone can *try* to proxy a request
through your web server, but they won't succeed unless you really do
have a security problem, which you don't.  So, no cause for alarm, here.

Ben


!DSPAM:42fc9314147171620315297!




More information about the nSLUG mailing list