Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The following page has been changed by slive: http://wiki.apache.org/httpd/Logs/Proxy_Abuse The comment on the change is: Can't drop requests ------------------------------------------------------------------------------ This is usually the result of malicious clients trying to exploit open proxy servers to access a website without revealing their true location. They could be doing this to manipulate pay-per-click add systems, to add comment or link-spam to someone else's site, or just to do something nasty without being detected. - It is important to prevent your server from being used in this way to abuse other sites. + It is important to prevent your server from being used as an open proxy to abuse other sites. === How can I prevent these requests from accessing the foreign server through my server? === @@ -80, +80 @@ See also the [wiki:Recipes/CanonicalHostNames Canonical Hostname recipe]. + === Can't I just drop these requests entirely? === + + Apache is an HTTP server and responds to HTTP requests with HTTP responses. It does not simply drop requests on the floor, since this would make it difficult to debug problems with client-server interactions. + + If you really want to send no response at all, the third-party module {{{mod_security}}} is able to drop requests. But the savings in resource usage will be minuscule. + + Unfortunately, even if your server is properly configured, you may see this type of exploit attempt recur. Since the offending client is usually itself a compromised computer (or a botnet), there is little that can be done to stop them beyond assuring that your site does not act as an open proxy. +
