yth rekan admins di access.log apache saya belakangan ini suka muncul log macam ini
----snip---- 24.209.232.27 - - [17/Jul/2003:22:33:39 +0700] "GET http://edit.member.yahoo.com/config/ncclogin?.src=bl&login=_420_&passwd=CHOCOLATE&n=1 HTTP/1.0" 200 25 24.55.238.103 - - [17/Jul/2003:22:34:01 +0700] "HEAD http://www.bustybrits.com/members/members.htm HTTP/1.0" 403 0 81.152.46.190 - - [17/Jul/2003:22:35:09 +0700] "GET http://edit.europe.yahoo.com/config/ncclogin?.src=bl&login=lesbian11&passwd=lesbian&n=1 HTTP/1.0" 500 532 205.138.96.46 - - [17/Jul/2003:22:38:00 +0700] "CONNECT mx1.hotmail.com:25 HTTP/1.0" 403 287 213.179.228.249 - - [17/Jul/2003:22:38:46 +0700] "GET http://www.mcexit.com/redir.php?user=kepusha1980 HTTP/1.1" 200 222 24.209.232.27 - - [17/Jul/2003:22:38:51 +0700] "GET http://edit1.vip.lng.yahoo.com/config/ncclogin?.src=bl&login=__23__&passwd=CHOCOLATE&n=1 HTTP/1.0" 403 908 210.237.243.48 - - [17/Jul/2003:22:40:25 +0700] "GET http://www.hentaiserver.com/jangarw06/shitai1-3290.jpg HTTP/1.0" 504 1116 218.226.30.48 - - [17/Jul/2003:22:40:39 +0700] "GET http://members.tripod.lycos.co.kr/npxbet/MAME070_02_005.jpg HTTP/1.0" 504 1126 ---snip--- kenapa ya? saya juga pasang squid sebagai httpd accelerator selain proxy, apakah log ini disebabkan karena squidnya yang openproxy? padahal sepertinya setting ACL squid yang saya buat sudah benar (cmiiw ;-) bagaimana caranya untuk memblok request macam ini? berikut beberapa direktif dari squid.conf yang relevan: ----snip------ acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 563 acl Safe_ports port 1025-65535 # unregistered ports acl purge method PURGE acl connect method CONNECT acl post method POST acl head method HEAD acl get method GET acl localnet1 src 192.168.1.32/255.255.255.224 acl localnet2 src 192.168.1.64/255.255.255.224 http_access allow manager localhost # Only allow purge requests from localhost http_access allow purge localhost http_access allow post localnet1 http_access allow post localnet2 http_access allow connect localnet1 http_access allow connect localnet2 http_access allow get localnet1 http_access allow get localnet2 http_access allow head localnet1 http_access allow head localnet2 # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny connect !SSL_ports http_access allow localhost http_access allow localnet1 http_access allow localnet2 http_access deny !Safe_ports http_access deny post all http_access deny connect all http_access deny get all http_access deny head all http_access deny all httpd_accel_port 80 httpd_accel_host virtual httpd_accel_host 127.0.0.1 httpd_accel_host mydomain.com httpd_accel_host myotherdomain.net httpd_accel_host localhost httpd_accel_with_proxy on httpd_accel_uses_host_header on ---snip---- btw, squid diset sbg transparent proxy menggunakan iptables tia tunggul --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
