[arch-general] My Apache Sever Compromised?
Jameson
imntreal at gmail.com
Wed Apr 9 13:32:37 EDT 2014
On Tue, Apr 1, 2014 at 9:30 AM, Nowaker <enwukaer at gmail.com> wrote:
>
>>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
>
>
>> But the most interesting part is that your apache is replying with "200",
>> that is OK!
>
>
> Nice catch! It's certainly a proxy.
Thanks for everyone's help with this. I did in fact have ProxyRequests
set to On thinking it was needed for reverse proxies as well, and have
turned it off. Now, when I open up port 80, it looks like they're
still trying, but I'm replying with 404. Is that what it should be
doing? I probably also need to make sure I have some throttling setup
in case this is too much for my Internet connection.
More information about the arch-general
mailing list