CONNECT appearing in apache logs

CONNECT appearing in apache logs

am 07.11.2002 11:06:39 von JawjB

A few days ago a user reported the following errors in his apache
logs.

> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "CONNECT
> XXX.XXX.11.166:25 HTTP/1.0" 200 7811 "-" "-"

Well I checked my logs and found that I started getting these about a
week ago.

I have to do so many jobs that unfortunately I am not an expert in any
of the tasks so would appreciate any comment on the actions I have
taken below.

I added into the following container

the following as recommended in one of the posts

Order deny,allow
Deny from all


I since have got a similar message
> XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "LINK /shop/page.htm
HTTP/1.1" 200 7811 "-" "Mozilla etc"

Do I need to put LIMITEXCEPT on every directory as I presume from the
above that a CONNECT will also be accepted the next time it is tried.

We deny telnet access to everyone apart from 2 internal IP numbers using
hosts.allow but this only appears to restrict port 80. Would turning it off
completely as a service put a sure stop to this.
Post a follow-up to this message

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: CONNECT appearing in apache logs

am 07.11.2002 11:33:23 von JawjB

In a message dated 07/11/02 10:07:02 GMT Standard Time, JawjB@aol.com writes:

<< We deny telnet access to everyone apart from 2 internal IP numbers using
hosts.allow but this only appears to restrict port 80. Would turning it off
completely as a service put a sure stop to this.

Should have said 'restrict port 23' not 80.


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: CONNECT appearing in apache logs

am 07.11.2002 11:44:17 von Sander Holthaus - Orange XL

As far as I know, LINK has not been implemented in Apache (was on the
todo-list for Apache 2.1) yet. But I could be mistaken here. This is from
the RFC:

The LINK method establishes one or more Link relationships between
the existing resource identified by the Request-URI and other
existing resources. The difference between LINK and other methods
allowing links to be established between resources is that the LINK
method does not allow any message-body to be sent in the request and
does not directly result in the creation of new resources.

If the request passes through a cache and the Request-URI identifies
a currently cached entity, that entity MUST be removed from the
cache. Responses to this method are not cachable.

Caches that implement LINK should invalidate cached responses as
defined in section 13.10 for PUT.

Kind regards,
Sander Holthaus

----- Original Message -----
From:
To:
Sent: Thursday, November 07, 2002 11:06 AM
Subject: [users@httpd] CONNECT appearing in apache logs


> A few days ago a user reported the following errors in his apache
> logs.
>
> > XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "CONNECT
> > XXX.XXX.11.166:25 HTTP/1.0" 200 7811 "-" "-"
>
> Well I checked my logs and found that I started getting these about a
> week ago.
>
> I have to do so many jobs that unfortunately I am not an expert in any
> of the tasks so would appreciate any comment on the actions I have
> taken below.
>
> I added into the following container
>
> the following as recommended in one of the posts
>
> Order deny,allow
> Deny from all
>
>
> I since have got a similar message
> > XXX.XXX.230.51 - - [02/Nov/2002:00:03:05 -0700] "LINK /shop/page.htm
> HTTP/1.1" 200 7811 "-" "Mozilla etc"
>
> Do I need to put LIMITEXCEPT on every directory as I presume from the
> above that a CONNECT will also be accepted the next time it is tried.
>
> We deny telnet access to everyone apart from 2 internal IP numbers using
> hosts.allow but this only appears to restrict port 80. Would turning it
off
> completely as a service put a sure stop to this.
> Post a follow-up to this message
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org