subject:"mod_proxy a risk\?"

mod_proxy a risk?

2006-06-16 Thread Christoph Kukulies

I wonder whether mod_proxy can be a security risk in Apache2.0.54,
when being enabled in conjunction with tomcat (5.5).

A machine which is open to the world (on port 80 only) is blacklisted
at cbl.abuseat.org and I wonder how come.

--
Chris Christoph P. U. Kukulies kuku_at_kukulies.org

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: mod_proxy a risk?

2006-06-16 Thread Filip Hanik - Dev Lists


you should turn off your proxyrequests

ProxyRequests Off

first line in the documentation
http://httpd.apache.org/docs/2.0/mod/mod_proxy.html

you can still use ProxyPass without using proxyrequests

Christoph Kukulies wrote:

I wonder whether mod_proxy can be a security risk in Apache2.0.54,
when being enabled in conjunction with tomcat (5.5).

A machine which is open to the world (on port 80 only) is blacklisted
at cbl.abuseat.org and I wonder how come.

--
Chris Christoph P. U. Kukulies kuku_at_kukulies.org

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


  



--


Filip Hanik

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

mod_proxy a risk?

Re: mod_proxy a risk?

2 matches

Site Navigation

Mail list logo

Footer information