Hi, The RemoteAddr/RemoteHost filter valves may be useful for you in this scenario as well, especially as they can be configured at the Engine level to cover all your Hosts. See the Valve configuration documentation page for details.
Yoav Shapira <http://www.yoavshapira.com/> >-----Original Message----- >From: David Smith [mailto:[EMAIL PROTECTED] >Sent: Monday, October 11, 2004 1:44 PM >To: Tomcat Users List >Subject: Re: Undefined hosts being directed to localhost > >Or as I've seen, kiddies on the internet are looking for an open proxy >to hide their tracks or get past firewall rules. I just make sure my >server is properly configured not to proxy and ignore it. > >What they really get from a properly configured server is either (a) a >404 if the requested resource doesn't exist on the local server, or (b) >the local server's version of that resource if it exists. In the case >of requesting the home page of www.yahoo.com, they actually get my >site's homepage instead. > >--David > >Hassan Schroeder wrote: > >> Robert Hunt wrote: >> >>> Okay, I should have remembered about the defaultHost attr of the >>> <Engine/> node. (duh Rob!) >>> >>> However, I'd like to redirect/stop spurious requests that have >>> nothing to do with my hosts; I've gotten a couple requests with >>> "www.yahoo.com" as the requested host. Anyone already got a (or >>> cleverly configured an existing) <Valve/> class to do so? >> >> >> ? If a request for "www.yahoo.com" is really being sent to your IP >> address, either someone's using a bad nameserver or it's some kind >> of attempted exploit. >> >> Is your concern related to the latter? >> > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you.
