-----BEGIN PGP SIGNED MESSAGE----- Joshua Slive [mailto:[EMAIL PROTECTED] wrote:
> I don't think that is feasible. There are MANY ways to do > access control in apache. > > Sending a message along the lines of "Your server is > configured to proxy requests to arbitrary servers." whenever ProxyRequests is On > would be a possibility. That would indeed help, but how many redhat/debian/... read the logs when it works ? Requiring a "IKnowIAmOperatingAOpenProxy" flag that needs to be set explicitly would be a better idea then :) Seriously, we could add a default deny for outgoing port 25 (smtp) and 6660-6670 (irc) proxied connections. This won't really hurt anyone as I don't see any reasons why anybody would want that. A special "AllowProxyPorts 25 6660-6670" directive could then turn those ports open too. We could even try to limit it to defaultly allowing only the proxying of port 80 and 443 and denying the rest for instance. Greets, Jeroen -----BEGIN PGP SIGNATURE----- Version: Unfix PGP for Outlook Alpha 13 Int. Comment: Jeroen Massar / [EMAIL PROTECTED] / http://unfix.org/~jeroen/ iQA/AwUBP1ePfCmqKFIzPnwjEQKGWACffesaa690wCAFBWKxF4ae7IjeICIAn1e5 9dvAvWU3n9iGcLFTeiYxuphu =Aj1Q -----END PGP SIGNATURE-----
