misconfiguration

Beware Apache2 mod_proxy

While tinkering with the settings for my site, I discovered an Apache module called mod_proxy.

I was interested in it because I am running two webservers – one for www.samhobbs.co.uk and one for webmail, and I wanted to redirect traffic from one part of the site to the webmail server using ProxyPass.

Unfortunately, I was over-enthusiastic in my explorations and made an error: I enabled my server to be used as an open proxy, and attracted thousands and thousands of dodgy requests from around the world.

What this meant is that anyone could connect to my server and use it to visit web pages whilst concealing their true identity: the pages visited would only see my IP, not theirs.

Subscribe to RSS - misconfiguration