I've been running zope through apache for years and years now, and I have a new machine set up with apache 2.0.48 and zope (Zope 2.8.0-final, python 2.3.5, linux2)

Using Identical Vhost configuration settings from an old machine all has been well, up until about 5 days ago, when I noticed the machine getting slammed, and wierd logs started showing up like:

xxx.xxx.xxx.xxx - - [14/Oct/2005:14:09:06 -0700] "GET http://partners.mygeek.com:80/search.jsp?partnerid=98885&pagesize=12 HTTP/1.1" 403 406

(IP removed to protect the guilty)

In my quick research to try to determine the problem, I found people advising to turn "ProxyRequests Off", which I did, but did not have any effect.

Luckily this is just a development server, not a live production server, so its not super critical, but I'm nervous now that my production server might be in the same state...

Here is a sample vhost.conf entry:

ServerName www.greengraphics.net
ServerPath /var/www/greengraphics/www
DocumentRoot /var/www/greengraphics/www
ServerAdmin webmaster
RewriteEngine On
TransferLog logs/Vhost-greengraphics-access.log
ProxyRequests Off
       <Proxy *>
               Order deny,allow
               Allow from all
ProxyPass / ProxyPassReverse /

mod_proxy.conf looks like:

 <IfModule !mod_proxy.c>
   LoadModule proxy_module             modules/mod_proxy.so
   #LoadModule proxy_connect_module    modules/mod_proxy_connect.so
   #LoadModule proxy_ftp_module        modules/mod_proxy_ftp.so
   LoadModule proxy_http_module        modules/mod_proxy_http.so

<IfModule mod_proxy.c>

# Proxy Server directives. Uncomment the following lines to
# enable the proxy server:

ProxyRequests Off

<Proxy *>
   Order deny,allow
   Deny from all
#    Allow from .your-domain.com

# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block

ProxyVia On

# End of proxy directives.


any suggestions?  places to look to verify security?


Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to