Fedora Servers :: Apache Mod_proxy Abuse?

Mar 29, 2009

I'm running Fedora 10 with Apache 2.2.11 and I noticed something a little strange going on. This morning, logwatch alerted me to the following concerning apache:

Code:

Sure enough, the apache access log file shows the following:

Code:

mod_proxy is disabled in the apache config file anyway (default mod_proxy commented out):

Code:

When I tried to access my web server to check, it was down, and I got the following when checking its status:

Code:

So I checked the apache error logs and found the following:


Code:

There's nothing wrong with line 188 of the config file:

Code:

It seems fairly apparent that there has been an attempt to use my web server as a proxy to gain access to other servers, so I have a couple of questions:

1) I presume that the attack failed, since mod_proxy was disabled?

2) Why did my web server crash? (It has never done this before). It seems very suspicious that it tried to restart, but failed to load proxy_module modules/mod_proxy.so on the same night that someone had attempted to use mod_proxy. I have since successfully started apache without making any configuration changes.

3) Do I need to worry that any part of my system has been compromised?

View 4 Replies


ADVERTISEMENT

Ubuntu Servers :: Apache Mod_Proxy - Reverse Proxying And Mod_proxy_connect?

Aug 22, 2010

I am trying to create solution with Reverse Proxy, mod_proxy and mod_proxy_connect. I haven't really used this before so I am just curious if I am doing it right. I have attached what I am trying to do plus a copy of the config:Here is my current requirement

We are going to have 3 servers, right now our top level domain is[URL] We have an E-Commerce Server in Production Right now that already has an SSL Cert on it so right now the production server for E-Commerce is [URL] However, as we are growing, we don't want to use subdomains, so instead, we want to use the reverse proxying feature on apache. We are running mostly windows servers and IIS for the E-Commerce, CMS and the Wordpress Server. Assume the following -

Apache Proxy Server 10.100.10.60
E-Commerce Server 10.100.10.3 (www.ooolalashop.com)
Content Management Server 10.100.10.3 (cms.ooolalashop.com)
Word Press Blog Server 10.100.10.3 (blog.ooolalashop.com)

1) We need the following mapped

[URL] - maps to ecommerce server - since ssl cert is going to stay on the server, on the proxy we just create a static host that points to the e-commerce server

[URL]

All of these should be pretty easy to reverse proxy

2) We need to be able to proxy the SSL connection or have it pass through to the server on the back end with the domain [URL] right now we are getting some errors Here is the error I get with SSL [Sun Aug 22 01:51:30 2010] [warn] proxy: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

Here is a copy of the config

<VirtualHost *:80>
ServerAdmin support@cometcomputing.com
ServerNamewww.ooolalashop.com
DocumentRoot/var/www/ooo

[code]....

View 1 Replies View Related

Server :: Apache Mod_proxy And Virtualhost ?

Nov 3, 2010

I have figured out how to use virtualhost, proxypass and proxypassreverse. So far, so good.

The problem I'm experiencing is this:

I have a reverse proxy server running apache (123.123.123.123)

Behind this proxy server I have a http server running apache (124.124.124.124).

This http server has multiple sites (virtualhost), it's only reachable via the proxy server.

If i run a nslookup on www.somedomain.com I get 123.123.123.123 (Not really but you understand what I mean)

I put my proxy to have the IP 123.123.123.123, so far so good. The requests come in to the proxy server.

I want my http server to be named 124.124.124.124.

In the http server I wish to set up my virtualhosts like this:

How do I get my proxy to grab the data from the http server?

If I do like this I will only make another request to my proxy server.

If I do like this, only the first page in the httpd.conf in my http server will work.

Do I need to setup a different DNS server for the proxy server? I would hate that. Perhaps use hosts-file in proxy. Or maybe I can use sub-domains?

View 1 Replies View Related

General :: Install Mod_proxy Module Into Apache?

Feb 11, 2010

Just followed the link [URL] for installing apache with --enable-so only. How can I install mod_proxy into the same?

View 2 Replies View Related

Server :: Disabling Apache Mod_proxy Features

Mar 31, 2011

I'm using CentOS 5 and just found out that there are people using my Apache Web Server as proxy (version 2.2.3 the OS's default).

I've checked out that my mod_proxy is already disabled but the unauthorized incoming request is still very large.

So I tried to compile an Apache from raw (2.2.17) just enabling mod_rewrite and then found out that the 'proxy' request is still there.

Tried httpd -l and here are the modules inside the Apache :

Code:
# /opt/apachew/bin/httpd -l
Compiled in modules:
core.c
mod_authn_file.c

[Code]....

There should be no mod_proxy but why should it still accepting proxy request? I checked the access_log file and still found [URL] and so on.

My question is : - How to block all the proxy request and only accepting the normal web server request? I also have tried to enable proxy in the previous Apache and then setting up "ProxyRequest Off" and Proxy * only from localhost but the request is still there.

I tried by myself using the webserver as proxy in browser and all the URLs I opened including the false URL will be redirected to my index.php and this should show me that 'you-can't-use-this-as-proxy-anymore' right?

Insane people still believe they could use my server and they keep trying and trying.

I couldn't block the IP addresses because some of them are using the mobile data (GPRS/UMTS) and that is our market for the website.

View 5 Replies View Related

Ubuntu Servers :: Can't Access Mysql Mod_proxy?

Feb 5, 2010

I set up mod_proxy in order to get rid of :8080 now I cant access phpmyadmin through the browser. what is the quickest way to turn off mod_proxy and access phpmyadmin? I would like to optimize the tables and back up the sql file. I just need to turn it on for a bit, and then enable mod_proxy again.Right now, if I got to localhost/phpmyadmin, it redirects to the main application.

I have used a2enmod, and added
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod proxy_ajp

[Code]...

View 2 Replies View Related

Ubuntu Servers :: Configure Apache2 To Proxy That Folder To Jetty Using Mod_proxy?

Mar 20, 2010

I have a php app set up in the default virtualhost, and want to add a Grails app. The grails app runs on [URL] and I want to configure apache2 to proxy that folder to Jetty using mod_proxy.

Module is enabled

Code:

$ sudo a2enmod proxy
Module proxy already enabled

[code]....

Quote:

[Sun Mar 21 00:14:56 2010] [warn] proxy: No protocol handler was valid for the URL /mailscan. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. My apache2.conf contains no LoadModule lines, and a2enmod says it's already enabled. Does Ubuntu Desktop (Karmic) use the DSO versions of modules, or did I miss something else? I'm aware I should also use mod_proxy_html to make sure only the "portless" version of the address is outputted, but I can fix that later!

View 1 Replies View Related

Security :: Securing System For Email Abuse

Jun 25, 2010

I have a mail server that accepts to relay from system in the trusted network. One of the systems in the trusted network is a webserver. On the webserver there are several scripts that send email.Let's focus on the PHP scripts. These use the mail() function for that.I am looking for means to reduce the potential abuse of the mail server when one of the PHP scripts is hacked.For the situation that the code is modified by a hacker or a new script is installed I would like to take this approach:

1) scan the system for scripts using the mail() function
2) generate a checksum list from these scripts
3) intercept email (being sent to sendmail) from these scripts
4) check if they match the checksum list

In theory (I will still have to implement it) this would take care of the situation in which new/modified scripts try to send email.

However, there is also the option of an exploit of some script. Are there any ideas on means to prevent email abuse for this situation (other that: make sure scripts cannot be exploited )?

View 2 Replies View Related

Fedora Servers :: Run Apache On LAN?

Feb 23, 2009

I installed fedora10 on my system with live cd.I started httpd service.I also set static IP address, subnetmask and default gateway as my proxy server.It is only accessible through http://localhost at the same machine.but I need to access it through http://ipaddress/ on my other LAN machines which has window operating system.

View 8 Replies View Related

Fedora Servers :: CentOS 5.2 - Apache And New PHP

Feb 7, 2009

I've installed a server (CentOS5.2) - and I need a new(er) PHP, so, I get me one. This is what I did:
- unzipped the bundle in the root's home
- of course, I entered the folder
- entered "./configure"
- entered "make" - the compile didn't come back with errors
- entered "make test" - there was a _possible_ fail...
- entered "make install"

I noticed there's nothing in the /libs, where I'd expect a module (lib5php5.so) to exist. there is one, but it belongs to the older PHP. It's located in ets/httpd/modules (a link BTW - but I think that's normal). At the console I type:
"which php" and get a path to PHP /usr/local/bin/php
"php --version" and get 5.2.8 and some extra info
in the server I entered "<?php phpinfo(); .>" in a PHP page, as I call that page, I get ... 5.1.6 as version.

Of course, I suspect Apache to have the OLD PHP in its config, (the old lib5php.so) and that I may have to overwrite the old one with the newly compiled one, if I had it. I ran a locate on the system, but no other lib5php.so files exist. Where did I loose track?

View 2 Replies View Related

Fedora Servers :: Apache Does Not Start?

Feb 15, 2010

FedoraVersion 12 ConstantineNoyau Linux 2.6.31.12-174.2.3.fc.x86_64Gnome 2.28.2Memory 871.4 MoAMD Athlon LE-600Free disk 71.5GoSelinux is deactivated.Httpd doesnot start and, when I start "onfiguration des services", and click D�marrer, it runs for ever, but never starts Apache...

View 8 Replies View Related

Fedora Servers :: Apache Does Not Output Php

Jul 20, 2010

I have now blown Windows XP away completely and done a clean install into 80Gb hard disk (x86). I know that httpd is running and I've added the snippets to httpd.conf that output server status and server info to the web browser, so I can see that all the required PHP stuff is loaded. So something like http://localhost/server-info works fine but something like http://localhost/helloworld.htm produces the wrong output:

contents of helloworld.htm:

<?php>
print("hello world");
print(phpinfo());
<?>

[Code]....

View 4 Replies View Related

Fedora Servers :: 14 Apache Error 403?

Dec 24, 2010

I moved from F12 to F14, I've installed using yum Apache, MySql, php, phpMyAdmin. That all works fine, I've made index.php with phpinfo() function and if it is in /var/www/html/ it opens in web browser. I extracted daloradius-0.9-8 in /var/www/hmtl/daloradius folder changed ownership to apache:apache set alias to myradius. When I point web browser to localhost/myradius I get error 403, forbidden. I moved index.php with phpinfo() to daloradius (overwriting old index.php) and same stuff happens. Error 403. What am I doing wrong?

View 4 Replies View Related

Fedora Servers :: Apache Binding Only To Ipv6?

Feb 14, 2009

I just installed FC 10 and have apache running with the default config. the problem is that it is only listening on ipv6 for ports 80 and 443

Code:

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 2059/exim
tcp 0 0 0.0.0.0:465 0.0.0.0:* LISTEN 2059/exim

[code]....

here is the only part in the httpd.conf file that seems to have anything to do with this:

Code:

Listen 80

which from my understanding should make it listen on all interfaces, ipv4 and ipv6

View 8 Replies View Related

Fedora Servers :: Non Default Apache Install?

Feb 28, 2009

having an absolute mare on this one and doin me in.! I'm trying to install apache on fedora 9 to a non default directory /usr/local/apache as i need to set it up with resin see[URL]... I've removed the default install with yum remove httpd and then tried installing using apache's ./configure make make install commands. This all appears to work ok but when trying to start the server i get command not found error.any suggestions **ps why are the apache files all over the place in fedora..

View 14 Replies View Related

Fedora Servers :: SSL Apache Non-Standard Port

Mar 21, 2009

I have been struggling with this for the past two days and I can't seem to figure it out.SIMPLE GOAL: use subdomains with my wildcard Rapid SSL cert on Apahce2. This is not a chained certificate.Currently my default SSL virtual host, listening on 443 works fine. So, https://www.myDomain.com is recognized correctly by all browsers. But, the below virtual host listening on port 1025 is not coming across to the browser securely. The page renders, but the browsers do not see it as encrypted SSL.

View 1 Replies View Related

Fedora Servers :: Setup The ERuby On Apache?

Jun 17, 2009

I'm trying to setup eRuby on my Apache server, and I'm having problems. Currently, I have this in a separate config file in "/etc/httpd/conf.d/eruby.conf":

Code:

AddType application/x-httpd-eruby .rhtml
Action application/x-httpd-eruby /cgi-bin/eruby
DirectoryIndex index.rhtml

I have a file named "index.rhtml" in a folder called "test" that's in the root of my server. When I try to get to the file I get this, though:

Code:

You don't have permission to access /cgi-bin/eruby/test/index.rhtml on this server.

View 3 Replies View Related

Fedora Servers :: Changing Cgi-bin Folder In Apache

Jun 17, 2009

I've run into some problems trying to change the default cgi folder from /var/www/cgi-bin to /var/www/cgi-local (in order to migrate scripts from a much older server to a new one). I have edited httpd.conf to modify the following:

Code:
ScriptAlias /cgi-bin/ "/var/www/cgi-local/"
#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/cgi-local">
[Code]...

I have also tried several variations. I left ScriptAlias at the default "/var/www/cgi-bin" and I have tried it with AllowOverride None and without the +ExecCGI after Options. I am getting a 404 error when a form has an action directed at a cgi script that is in cgi-local.

View 4 Replies View Related

Fedora Servers :: Apache Randomly 'timing Out'?

Aug 16, 2009

Running a LAMP server, CentOS as the OS.The sites always been slow, but now that ive optimized it with mysql cache, gzip compression and some other things, its really fast.Except when pages loading seem to randomly 'time out'. The browser sits on 'waiting for x.com'. Closing the browser and/or the tab and opening a new one fixes it, but then it'll happen again eventually. Clicking further links while its 'waiting for x.com' does nothing, basically the site becomes unusable until you close the tab and reopen it.

This happens on all 3 virtual servers we're running within apache. Mainly noticable on the PHPbb forums, probably because they are visited the most.It's not a slow mysql query, i turned on slow query logging over 2 seconds, and the only two hits i got on that i know are unrelated.Ive turned off some optimizations thinking they might be it, but no dice.

View 2 Replies View Related

Fedora Servers :: Host All The Manpages On A Apache?

Sep 24, 2009

I am using FC9. Can anyone tell me how to host all the manpages on a Apache Server so that a user can access it using the webbrowser like firefox. After googling I came across something called man2html but it really did not work.

View 11 Replies View Related

Fedora Servers :: Apache And Character Encoding Using UTF-8?

Oct 14, 2009

I am having a problem with my web server. On index.html, it should say "Welcome to my website! More coming soon!" but instead, in Firefox, if I go through my server by going to eggbertx.linium.net or localhost, it shows this:

[Code]...

I know it isn't the file, because the file looks normal if I open it by going to /var/www/html/index.html I looked at /etc/httpd/conf/httpd.conf and it says that it is using UTF-8, which I'm pretty sure is normal. I don't remember it doing this before I installed kdewebdev and ran Quanta Plus, although I have no idea how it could have caused this. Has this happened to anyone else?

View 3 Replies View Related

Fedora Servers :: Apache: Connection Times Out Even On LAN?

Dec 19, 2009

I'm using Fedora 12 with Apache 2.2.14, and I was having this error on 2.2.13 as well.

Even when I connect to my server over LAN, Firefox times out occasionally while connecting. I can't figure out what is causing this. The error_log isn't showing anything. I even cleaned the error_log file, so that if something happened, it'd be a little easier to spot. But I'm still getting time outs, and nothing in the error_log.

Here is my httpd.conf [URL]

It's the default Fedora configuration, I've only changed the ServerName if I remember correctly. it's not the Timeout setting, because on LAN it should never time out.

View 4 Replies View Related

Fedora Servers :: Run Tomcat Behind Apache Httpd?

Dec 19, 2009

I just did a clean install of FC12 x86_64 and want to configure tomcat to run behind apache httpd. What is the easiest way to accomplish this? I'm a newbie at server configuration so detailed instructions would be nice

View 4 Replies View Related

Fedora Servers :: Build Of Apache 1.3.41 Fails On F12?

Jan 9, 2010

I'm trying to move an existing webserver from an old machine to a machine with Fedora 12 installed on it. ThSince the version available in the repository is version 2.X I downloaded the source from apache.org and tried to compile it. I ran configure using the default options and it an without any warnings or errors. However when I run make it fails with the following error:

gcc -c -I../os/unix -I../include -DLINUX=22 -DHAVE_SET_DUMPABLE -DUSE_HSREGEX -DNO_DL_NEEDED `../apaci` htpasswd.c
htpasswd.c:101: error: conflicting types for getline
/usr/include/stdio.h:653: note: previous declaration of getline was here
make[2]: *** [htpasswd.o] Error 1
make[2]: Leaving directory `/root/apache_1.3.41/src/support'
make[1]: *** [build-support] Error 1
make[1]: Leaving directory `/root/apache_1.3.41'
make: *** [build] Error 2

what the problem and more importantly the solution to this problem is?

View 9 Replies View Related

Fedora Servers :: Apache - PHP - Sendmail - TrustedUser ?

Jan 13, 2010

I'm running a fresh F12 server configuration install from DVD, and I'm having some issues with getting sendmail to actually function when called from a php script..

I'm using a mail() function in php run by apache. The httpd error log reports.

Httpd Error_Log

Code:

Code:

View 5 Replies View Related

Fedora Servers :: Apache Won't Pickup Website

Feb 7, 2010

Apache wont picup my website when i dropped my Site folder in the /var/www/html directory even after starting the Apache service.

View 2 Replies View Related

Fedora Servers :: Apache To Block Old Websites?

Apr 8, 2010

I have got a small queston: I have got several websites and some time ago I decided to delete some of them. As a result there is no virtual hosts on my web server, but if I will go to my_old_website dot ru I will be redirected to one of my current web sites (or if I will paste an ip address in browser), I want to know, how to block this?My virtual host's looks like this now:

Code:
<VirtualHost *:80>
ServerAdmin my_mail

[code]...

View 4 Replies View Related

Fedora Servers :: Apache Will Not Pick Up More Than One Site

Apr 13, 2010

On Fedora 12, I guess this is a security setting. How do I get Apache to pick up more than one website in my document root directory. It only picks up one and denies me permission to view the others on my document root directory. This problem doesn't exist in XAMMP. How do I go about it please.

View 5 Replies View Related

Fedora Servers :: Securing Apache From Php-shell

May 8, 2010

About apache security. How to protect web-server from programms like phpshell [url]?

View 8 Replies View Related

Fedora Servers :: Apache Php Upload Not Work

Dec 24, 2010

I've write a php code to upload files. by move_uploaded_file. I've given 777 to the folder. But file upload unsuccess, error log show no premission. I test the code in Centos it wotks. I change the dest folder in Fedora to /tmp it works, but it only work on /tmp. neither /tmp/abc nor /temp. I guess it's a setting problem on apache or php. I also copy http.conf and php.ini from Centos, but mod_file_cache and mod_mem_cache not find in Fedora.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved