On Thu, Oct 28, 2010 at 4:33 PM, Dan <[email protected]> wrote: > On Thu, Oct 28, 2010 at 3:25 PM, Eric Covener <[email protected]> wrote: >> On Thu, Oct 28, 2010 at 4:21 PM, Dan <[email protected]> wrote: >>> Hello all, >>> >>> I have an apache ssl proxy configured with mod_security that detected >>> (I'm only running in detection mode) many HTTP connected requests >>> against port 443. The requests look like this: >>> >>> CONNECT www.mydomain.com:443 HTTP/1.1 >>> >>> All requests completed with a 200, but I can't recreate this by >>> connecting to the server on port 443. I get "Connection closed by >>> foreign host." >> >> This would be happening over port 80 on your webserver, to perform an >> SSL handshake with www.mydomain.com. >> >> -- >> Eric Covener >> [email protected] >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [email protected] >> " from the digest: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > Thanks for the reply Eric. I was able to recreate the request and the > response code, but what would the purpose of this be? Are there > proxies or utilities out there that use this method to access web > sites using SSL?
This is how even normal browsers do SSL through a HTTP proxy. -- Eric Covener [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
