[arch-general] My Apache Sever Compromised?
Nowaker
enwukaer at gmail.com
Tue Apr 1 09:30:37 EDT 2014
>> 199.83.93.35 - - [29/Mar/2014:22:04:54 -0400]
>> "GET http://ro2.biz/pixel.png HTTP/1.0" 200 151
> But the most interesting part is that your apache is replying with "200", that is OK!
Nice catch! It's certainly a proxy.
> See? The request asks for all the URL, http:// and host name included,
> just as if you were a proxy. The normal GET request for a web server
> asks only for the file part ("/pixel.png" in this case).
It's because of HTTP/1.0 protocol. Should the client use HTTP/1.1, it
would look more usual.
--
Kind regards,
Damian Nowak
StratusHost
www.AtlasHost.eu
More information about the arch-general
mailing list