[Zope] Apache ProxyPass + Zope == bad?

Jens Vagelpohl jens@zope.com
Fri, 8 Mar 2002 17:21:42 +0100


not sure if this is the best way, but here's what i did:

- ProxyRequest off (in httpd.conf)

this had the effect of turning requests for 
http://bad.site.com/path/to/stuff into requests for /path/to/stuff. at 
that point /path/to/stuff would be served out (if it exists) or an error 
message like 404. then i went even further and made sure that anything not 
covered by my rewrite rules for zope returned a 403 (forbidden).

the proxy requests tapered off in a single day. there's probably a more 
elegant solution for it, though.

looking at the logs i noticed user agents which apparently look for this 
kind of open proxy functionality, with names like "proxy finder".

jens



On Friday, March 8, 2002, at 05:01 , Chris McDonough wrote:

> Ouch. ;-)  How did you fix it with mod_rewrite, out of curiosity?
>
> ----- Original Message -----
> From: "Zachery Bir" <zbir@urbanape.com>
> To: <zope@zope.org>
> Sent: Friday, March 08, 2002 10:09 AM
> Subject: [Zope] Apache ProxyPass + Zope == bad?
>
>
>> Just a word. Don't know if it's been brought up before, but
>> mod_proxy, using the details on zope.org ( even though outdated )
>> like this:
>>
>> NameVirtualHost 192.192.123.234
>>
>> <VirtualHost 192.192.123.234>
>> ServerName www.fightclub.org
>> ServerAdmin tyler@fightclub.org
>>
>> ProxyPass / http://zserver.xyz.com:9180/fightclub/
>> ProxyPassReverse / http://zserver.xyz.com:9180/fightclub/
>> ProxyPass /misc_ http://zserver.xyz.com:9180/misc_
>> ProxyPass /p_ http://zserver.xyz.com:9180/p_
>>
>> </VirtualHost>
>>
>> Will open up your server to be a Proxy server on the net.
>>
>> I've found that this isn't the case with mod_rewrite and
>> VirtualHostMonster.
>>
>> Searching for "ProxyPass" on zope.org brings up a lot of documents,
>> some that are fairly new.
>>
>> Is this a known thing? First we found out was by looking at the log
>> files of one of our servers and found tons of 'GET
>> http://some.other.domain.com/path/to/porn HTTP/1.0' lines...
>>
>> Now that we cleared it up with mod_rewrite, I'm wondering what the
>> porn surfers are thinking when the hit this site all the time now :)
>>
>> Zac
>>
>>