Apache被泄露了吗?没有协议处理程序对URL yandex.ru有效

时间:2017-02-17 04:00:27

标签: apache security reverse-proxy mod-proxy

我最近收到了亚马逊(AWS)的滥用报告,称我的服务器正在尝试登录论坛等。当我查看我的错误日志时,我的行和行:

[proxy:warn] [pid 2916:tid 1668] [client 82.117.234.134:6152] AH01144: No protocol handler was valid for the URL yandex.ru:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[proxy:warn] [pid 2916:tid 1668] [client 120.132.54.62:58004] AH01144: No protocol handler was valid for the URL www.baidu.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[proxy:warn] [pid 2916:tid 1672] [client 188.173.26.212:52049] AH01144: No protocol handler was valid for the URL l9bjkkhaycw6f8f4.soundcloud.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[proxy:warn] [pid 2916:tid 1668] [client 104.199.176.143:56048] AH01144: No protocol handler was valid for the URL www.amazon.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[proxy:warn] [pid 2916:tid 1744] [client 119.97.174.200:3700] AH01144: No protocol handler was valid for the URL zhifu.99.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[proxy:warn] [pid 2916:tid 1712] [client 113.189.16.238:60122] AH01144: No protocol handler was valid for the URL s.youtube.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

我的httpd-vhosts.conf配置为:

<VirtualHost *:80>
    ServerName demo.mysite.com
    DocumentRoot "D:/sites/mysite/www/" 
    <Directory "D:/sites/mysite/www/">
        AllowOverride All
        Require all granted
    </Directory>
    ProxyPreserveHost On
    ProxyPass "/data" "http://localhost:8080/data/"
    ProxyPassReverse "/data" "http://localhost:8080/data/"
    Header set Access-Control-Allow-Origin "*"
    ErrorLog "logs/demo.mysite.com-error.log"
    CustomLog "logs/demo.mysite.com-access.log" common
</VirtualHost>

启动服务器即使只需一分钟,也会创建大约300多行上述日志。这引出了几个问题:

  1. 我的服务器可能配置错误还是感染了某些东西?
  2. 我应该在哪里查看它是如何形成的?

    3. UPDATE /编辑: 事实证明我有ProxyRequests On,因为一个教程说我必须让反向代理工作。它现在关闭了(ProxyRequests Off),一切都很好。感谢Configuring mod_proxy for Apache to reject wrong domain requests

1 个答案:

答案 0 :(得分:0)

确保您不要混淆正向和反向代理。 ProxyRequests On用于转发代理。如果您之后没有正确配置它,那么您的服务器就是全世界的开放代理。导致所有日志的原因是每个人都使用您的(现在)代理服务器访问互联网。

对于反向代理,请确保您拥有ProxyRequests Off,然后按照其他配置添加ProxyPassProxyPassReverse

感谢Configuring mod_proxy for Apache to reject wrong domain requests指出可以在事故中将您的Apache服务器变为开放代理。

相关问题
最新问题