Apache access log shows these attack requests
jekillen
jekillen at prodigy.net
Thu Jun 14 01:04:09 UTC 2007
Hello;
I have not understood what the request for "-" "-" meant. Thank you,
this as shed a lot of light on it. I
have seen that fairly frequently in my Apache logs. But on one of my
machines that serves as
secondary name server I also had Apache running to serve a place holder
site. It was attacked
but voluminous request for that, so much so that it was causing Apache
to kill processes for
lack of memory. The machine does not have a lot of RAM at its disposal,
so it was not too surprising.
I do not run Apache on this machine, now, because of that.
I would like to know how do you disallow 'no referrer' and 'no
browser'? Is this a server configuration
issue? I have not seen mention of this in texts on Apache, nor the
manual. And queries of the
Apache mailing list yielded indistinct results. I am not running a
proxy on the public server.
I have shell and ftp access blocked from out side. I am using php as
application server.
I am running several machines with FreeBSD 6.0 and 6.2 as web servers.
Only one serves my public addresses.
I am using Apache 1.3.x.
Thanks in advance for guidance.
Jeff K
> 220.137.74.222 - - [12/Jun/2007:02:07:08 +1000] "CONNECT
> msa-mx10.hinet.net:25 HTTP/1.0" 403 272 "-" "-"
>
> 403 = Permission denied. In this case, because
> I disallow 'no referrer' plus 'no browser' ("-" "-") connects from
> non-local addresses
> blocking
> heaps of rogue robots, but CONNECT requests don't work anyway in apache
> 1.3 in default configuration .. older logs show 405 responses to these.
>
More information about the freebsd-questions
mailing list