Hi! My webserver seems to have been "hijacked" or somebody is using it as a proxy to access other sites. The logs has been generating thousands of line like:
210.12.158.114 - - [01/May/2004:01:28:31 +0800] "GET http://e2.edit.cnb.yahoo.com/config/login?.redir_from=PROFILES?&.tries=1&.src=jpg&.last=&promo=&.intl=us&.bypass=&.partner=&.chkP=Y&.done=http://jpager.yahoo.com/jpager/pager2.shtml&login=_emmett_&passwd=april29 HTTP/1.0" 404 300 210.12.158.114 - - [01/May/2004:01:28:31 +0800] "GET http://e2.edit.cnb.yahoo.com/config/login?.redir_from=PROFILES?&.tries=1&.src=jpg&.last=&promo=&.intl=us&.bypass=&.partner=&.chkP=Y&.done=http://jpager.yahoo.com/jpager/pager2.shtml&login=_eminent&passwd=april29 HTTP/1.0" 404 301 So far, Google only turned out an answer to edit /etc/httpd/conf.d/30_mod_proxy.conf and enable: <Proxy *> Order deny,allow Deny from all </Proxy> My config is ok but those stuff are still getting through. Any ideas or suggestions? Thanks! -- God bless you William ==================================================== === http://www.purity.ph =========== linux user #179111 ===== Most people want to serve God -- but only in an advisory capacity. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
