Prevent fraudulent use of your proxy web server
We offer some HTTP services from our company HSZ (High security zone) trough an Apache proxy server situated in the DMZ (Demilitarized Zone). The Apache forwards external requests through the company's firewall to the internal Apache web server. This path is marked with "A = OK" in the following figure.
Last week, we suddenly recovered some very strange URL's in the logfile of the proxy Apache Server like the following:
220.127.116.11 "GET http://www.sexranking.de/sexranking.js
This URL's cannot be located on our internal Apache webserver - what's happen ?
If you configure your Apache proxy server with ProxyRequests On, then the access path marked with "B = not allowed" will be possible. However setting ProxyRequests to ' Off ' does not disable use of the ProxyPass directive, which is necessary for the access path "A = OK". Due to this, we changed our Apache configuration file in the following way:
# Prevent fraudulent use of proxy server
# VirtualHost configured to access internal service
How to check both access path's ?
Open Netscape Navigator an enter the IP-Address 18.104.22.168 and Port Number 8612 in the Proxy Configuration (Edit -> Preferences -> Advanced -> Proxies -> Manual Proxy Config).
Now, try to connect from Netscape to e.g. https://www.akadia.com, this should no more possible which means that access path "B = not allowed" is forbidden - that's what we want.