1. 首頁
  2. 問答
  3. Apache被入侵了嗎?沒有協議處理程序是有效的網址yandex.ru

Apache被入侵了嗎?沒有協議處理程序是有效的網址yandex.ru

2017-02-17 94 views
-1

我最近收到來自亞馬遜(AWS)的濫用報告,說我的服務器試圖登錄論壇等。當我看到我的錯誤日誌,我的線,線:Apache被入侵了嗎?沒有協議處理程序是有效的網址yandex.ru

[proxy:warn] [pid 2916:tid 1668] [client 82.117.234.134:6152] AH01144: No protocol handler was valid for the URL yandex.ru:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 
[proxy:warn] [pid 2916:tid 1668] [client 120.132.54.62:58004] AH01144: No protocol handler was valid for the URL www.baidu.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 
[proxy:warn] [pid 2916:tid 1672] [client 188.173.26.212:52049] AH01144: No protocol handler was valid for the URL l9bjkkhaycw6f8f4.soundcloud.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 
[proxy:warn] [pid 2916:tid 1668] [client 104.199.176.143:56048] AH01144: No protocol handler was valid for the URL www.amazon.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 
[proxy:warn] [pid 2916:tid 1744] [client 119.97.174.200:3700] AH01144: No protocol handler was valid for the URL zhifu.99.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule. 
[proxy:warn] [pid 2916:tid 1712] [client 113.189.16.238:60122] AH01144: No protocol handler was valid for the URL s.youtube.com:443. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.

我的httpd-vhosts.conf配置有:

<VirtualHost *:80> 
    ServerName demo.mysite.com 
    DocumentRoot "D:/sites/mysite/www/" 
    <Directory "D:/sites/mysite/www/"> 
     AllowOverride All 
     Require all granted 
    </Directory> 
    ProxyPreserveHost On 
    ProxyPass "/data" "http://localhost:8080/data/" 
    ProxyPassReverse "/data" "http://localhost:8080/data/" 
    Header set Access-Control-Allow-Origin "*" 
    ErrorLog "logs/demo.mysite.com-error.log" 
    CustomLog "logs/demo.mysite.com-access.log" common 
</VirtualHost>

啓動服務器哪怕只是一分鐘的創建關於300 +上述日誌的行。這導致我幾個問題:

  1. 我的服務器可能是錯誤配置或感染的東西?
  2. 我應該在哪裏找出它是如何得到的?

UPDATE /編輯: 事實證明,我有ProxyRequests On因爲一個教程說,我必須有它的反向代理工作。它現在被關閉(ProxyRequests Off),一切都很好。感謝Configuring mod_proxy for Apache to reject wrong domain requests

來源

2017-02-17 jrose

回答

0

請確保您不會混淆正向和反向代理。 ProxyRequests On適用於正向代理。如果您之後沒有正確配置它,那麼您的服務器就是全球的開放代理。這是什麼導致所有日誌都是使用您的(現在)代理服務器訪問互聯網的每個人。

對於反向代理,請確保您有ProxyRequests Off,然後按照其他配置添加ProxyPassProxyPassReverse

感謝Configuring mod_proxy for Apache to reject wrong domain requests,指出有可能在意外情況下將您的Apache服務器變成開放式代理服務器。

來源

2017-02-17 04:00:27 jrose

相關問題

 相關問題