[Seaside] ProxyPass warning
Brian Murphy-Dye
brian.murphydye at mac.com
Sat May 20 21:23:18 UTC 2006
Over the past few days, my Apache server has been flooded with
requests for sites other than my own, such as 'http://spam.gmx.pl/
px.php'. Since I had enabled proxy requests without restricting
access, Apache happily fetched pages from the other sites and
returned them. In Mac OS/X Server, checking 'Control Access To Proxy'
and entering 'localhost' into the allowed domain results in the
following code in httpd.conf.
<IfModule mod_proxy.c>
ProxyRequests On
CacheRoot "/var/run/proxy"
CacheSize 1024
CacheGcInterval 24
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a_domain.com another_domain.edu joes.garage_sale.com
<Directory "proxy:*">
Deny from all
Allow from localhost
Order Deny,Allow
</Directory>
</IfModule>
This doesn't prevent the requests (still being hit with more than one
request/second), but does stop your machine from delivering the
requested remote page (returns a 403 error status code). There may be
other ways to prevent usage of your bandwidth, but the deny all/allow
localhost seems to be effective.
Brian.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2375 bytes
Desc: not available
Url : http://lists.squeakfoundation.org/pipermail/seaside/attachments/20060520/6b4dfe14/smime.bin
More information about the Seaside
mailing list